Formal methods are mathematically based techniques for the rigorous development of software-intensive systems. The railway signaling domain is a field in which formal methods have traditionally been applied, with several success stories. This article reports on a mapping study that surveys the landscape of research on applications of formal methods to the development of railway systems. Following the guidelines of systematic reviews, we identify 328 relevant primary studies, and extract information about their demographics, the characteristics of formal methods used and railway-specific aspects. Our main results are as follows: (i) we identify a total of 328 primary studies relevant to our scope published between 1989 and 2020, of which 44% published during the last 5 years and 24% involved industry; (ii) the majority of studies are evaluated through Examples (41%) and Experience Reports (38%), while full-fledged Case Studies are limited (1.5%); (iii) Model checking is the most commonly adopted technique (47%), followed by simulation (27%) and theorem proving (19.5%); (iv) the dominant languages are UML (18%) and B (15%), while frequently used tools are ProB (9%), NuSMV (8%), and UPPAAL (7%); however, a diverse landscape of languages and tools is employed; (v) the majority of systems are interlocking products (40%), followed by models of high-level control logic (27%); and (vi) most of the studies focus on the Architecture (66%) and Detailed Design (45%) development phases. Based on these findings, we highlight current research gaps and expected actions. In particular, the need to focus on more empirically sound research methods, such as Case Studies and Controlled Experiments, and to lower the degree of abstraction, by applying formal methods and tools to development phases that are closer to software development. Our study contributes with an empirically based perspective on the future of research and practice in formal methods applications for railways. It can be used by formal methods researchers to better focus their scientific inquiries, and by railway practitioners for an improved understanding of the interplay between formal methods and their specific application domain.

形式化方法是基于数学的技术，用于软件密集型系统的严格开发。铁路信号领域是传统上应用形式化方法的领域，并有多个成功案例。本文报告了一项映射研究，该研究调查了形式化方法在铁路系统发展中应用的研究概况。遵循系统评价的指导方针，我们确定了 328 项相关的主要研究，并提取了有关其人口统计学、所用正式方法的特征和铁路特定方面的信息。我们的主要结果如下：(i) 我们确定了 1989 年至 2020 年间发表的与我们的范围相关的总共 328 项主要研究，其中 44% 在过去 5 年发表，24% 涉及行业；(ii) 大多数研究是通过示例 (41%) 和经验报告 (38%) 进行评估的，而完整的案例研究是有限的 (1.5%)；(iii) 模型检查是最常采用的技术 (47%)，其次是模拟 (27%) 和定理证明 (19.5%)；(iv) 主要语言是 UML (18%) 和 B (15%)，而常用工具是 ProB (9%)、NuSMV (8%) 和 UPPAAL (7%)；但是，使用了多种语言和工具；(v) 大多数系统是联锁产品（40%），其次是高级控制逻辑模型（27%）；(vi) 大多数研究集中在架构 (66%) 和详细设计 (45%) 开发阶段。基于这些发现，我们强调了当前的研究差距和预期的行动。特别是，需要关注更可靠的实证研究方法，例如案例研究和对照实验，并通过将形式化方法和工具应用于更接近软件开发的开发阶段来降低抽象度。我们的研究以实证为基础的观点为铁路形式化方法应用的研究和实践的未来做出了贡献。形式方法研究人员可以使用它来更好地集中他们的科学探究，铁路从业者可以使用它来更好地理解形式方法与其特定应用领域之间的相互作用。我们的研究以实证为基础的观点为铁路形式化方法应用的研究和实践的未来做出了贡献。形式方法研究人员可以使用它来更好地集中他们的科学探究，铁路从业者可以使用它来更好地理解形式方法与其特定应用领域之间的相互作用。我们的研究以实证为基础的观点为铁路形式化方法应用的研究和实践的未来做出了贡献。形式方法研究人员可以使用它来更好地集中他们的科学探究，铁路从业者可以使用它来更好地理解形式方法与其特定应用领域之间的相互作用。