Conference Paper

Model Checking PLC Software Written in Function Block Diagram

Mobility Div., Siemens, Braunschweig, Germany
DOI: 10.1109/ICST.2010.10 Conference: Proceedings Third International Conference on Software Testing, Verification and Validation (ICST), At IEEE
Source: IEEE Xplore


The development of Programmable Logic Controllers (PLCs) in the last years has made it possible to apply them in ever more complex tasks. Many systems based on these controllers are safety-critical, the certification of which entails a great effort. Therefore, there is a big demand for tools for analyzing and verifying PLC applications. Among the PLC-specific languages proposed in the standard IEC 61131-3, FBD(Function Block Diagram) is a graphical one widely used in rail automation. In this paper, a process of verifying FBDs by the NuSMV model checker is described. It consists of three transformation steps: FBD→TextFBD→tFBD→NuSMV. the novel step introduced here is the second one: it reduces the state space dramatically so that realistic application components can be verified. The process has been developed and tested in the area of rail automation, in particular interlocking systems. As a part of the interlocking software, a typical point logic has been used as a test case.

Download full-text


Available from: Hans-Dieter Ehrich,
  • Source
    • "The formal verification of PLC programs has been tackled by a plethora of work in the last two decades [18]. Most work has been done with regard to the formalization of PLC code according to IEC 61131-3 [19], e.g. for ladder diagrams (LD) [20]–[22], instruction lists (IL) [23]–[25], function block diagrams (FBD) [26], and sequential function charts (SFC) [27]–[30]. More recently, also model-based approaches to the verification of PLCs gained interest [31]– [33]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: The design of correctly implemented controls in material handling systems (MHS) is time consuming and cumbersome. The developer has to deal with an ever increasing complexity and heterogeneity of MHS on the one hand, but also with short development cycles and high demands to MHS on the other hand. For baggage handling systems (BHS) at airports, the error-free implementation of routing strategies is especially of importance, as these strategies are critical to safety. This paper proposes a compositional approach to the formal verification of routing in MHS. The approach is based on the theory of assume-guarantee reasoning, where proofs of the overall system are derived from proofs of subsystems. Moreover, the approach has been implemented in a tool that automatically carries out the verification. A real-world example is discussed in this paper, showing the benefits and scalability of the presented approach.
    IEEE Transactions on Automation Science and Engineering 09/2013; 10(4):900-915. DOI:10.1109/TASE.2013.2276763 · 2.43 Impact Factor
  • Source
    • "Programmable Logic Controllers (PLC) are products which are more and more integrated in automated systems, even to perform critical functions; this explains why validation of PLC is gaining an always increasing interest. A possible solution to meet this objective is to apply formal verification techniques ([2]) on the specification of the control logic ([4], [13]) or the PLC code that implements this logic ([1], [5], [6], [9], [12]). These techniques are based on an exhaustive analysis of a state space which represents the specification or the PLC code according to the verification objective. "
    [Show abstract] [Hide abstract]
    ABSTRACT: Validation of the behavior of a Programmable Logic Controller (PLC) by comparison of observed I/O se-quences to sequences built from a formal specification model requires that the consequences of the PLC I/O scan-ning cycle be considered. This paper proposes a method based on an enforcement technique to interpret observed I/O sequences so that the result of this comparison be meaningful.
    18th IEEE Conference on Emerging Technologies and factory Automation (ETFA 2013), Cagliari (Italy); 09/2013
  • Source
    • "A tool, FBD2V, has been implemented to automatically perform this transformation, and a case study is used to show the effectiveness of the proposed approach. As in [7], the transformation approach is presented only for systems composed finally of basic FBs, so safety FBs of PLCopen are not supported. A formal verification approach of a safety procedure of a nuclear power plant written in FBD language is presented in [9]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: Legacy systems that do not conform to the norms and regulations imposed by recent safety standards have to be upgraded to meet safety requirements. In this paper, we describe a methodology to upgrade legacy industrial applications based on the IEC61131 function block model without the need to redesign the whole application. We then describe an approach for automating the verification process of safety applications that is based on the use of the UPPAAL simulation and verification platform for embedded real-time systems. The meta-models of the source and target domains are presented and a transformation process of the PLCopen XML design specification to UPPAAL XML specification is described. A laboratory system is used as a case study to demonstrate the applicability of the proposed process.
    IEEE Conference on Automation Science and Engineering, CASE 2011, Trieste, Italy, Aug. 24-27, 2011; 01/2011
Show more