Abstract
Programmable Logic Controllers (PLCs) are widely used in the industry for various industrial automation tasks. Besides non-safety applications, the usage of PLCs became accepted in safety-critical installations, where the cost of failure is high. In these cases the used hardware is special (so-called fail-safe or safety PLCs), but also the software needs special considerations. Formal verification is a method that can help to develop high-quality software for critical tasks. However, such method should be adapted to the special needs of the safety PLCs, that are often particular compared to the normal PLC development domain. In this paper we propose two complementary solutions for the formal verification of safety-critical PLC programs based on model checking and equivalence checking using formal specification. Furthermore, a case study is presented, demonstrating our approach.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
As Siemens is widely-used at our organization, we are using it as an example PLC provider. The languages used in Siemens PLCs are compliant with the IEC 61131 standard, but small syntactic and semantics differences exist. The Siemens variants have different names: instead of IL, ST, LD, FBD, SFC, they are called STL, SCL, LAD, FBD, SFC/GRAPH, respectively. To avoid the confusion, we will use the standard language names for the Siemens variants too, but when a detail is vendor-specific, we will use the Siemens syntax or implementation.
- 2.
- 3.
- 4.
As previously discussed, we use the Siemens notations in this paper. Throughout this paper registers are used as a generic term referring to the status bits, accumulators and the nesting stack.
- 5.
Here we omit the registers not necessary for simple IL programs, such as the BR (binary result), OV (overflow), OS (stored overflow) bits and the address registers.
- 6.
For all measurements we have used PLCverif 2.0.2 and nuXmv 1.0.1 on Windows 7 x64, executed on a PC with Intel® Core™ i7-3770 3.4 GHz CPU and 8 GB RAM.
- 7.
References
Beckert, B., Ulbrich, M., Vogel-Heuser, B., Weigl, A.: Regression verification for programmable logic controller software. In: Butler, M., Conchon, M., Zaïdi, F. (eds.) ICFEM 2015. LNCS, vol. 9407, pp. 234–251. Springer, Heidelberg (2015)
Biallas, S., Brauer, J., Kowalewski, S.: Arcade.PLC: a verification platform for programmable logic controllers. In: Proceedings of 27th IEEE/ACM International Conference on Automated Software Engineering, pp. 338–341. ACM (2012)
Canet, G., Couffin, S., Lesage, J.J., Petit, A., Schnoebelen, P.: Towards the automatic verification of PLC programs written in instruction list. In: Proceedings of IEEE International Conference on Systems, Man, and Cybernetics, vol. 4, pp. 2449–2454. IEEE (2000)
Darvas, D., Blanco Viñuela, E., Majzik, I.: A formal specification method for PLC-based applications. In: Proceedings of 15th International Conference on Accelerator & Large Experimental Physics Control Systems, pp. 907–910. JaCoW, Geneva (2015, in press)
Darvas, D., Fernández Adiego, B., Blanco Viñuela, E.: PLCverif: a tool to verify PLC programs based on model checking techniques. In: Proceedings of 15th International Conference on Accelerator & Large Experimental Physics Control Systems, pp. 911–914. JaCoW, Geneva (2015, in press)
Darvas, D., Fernández Adiego, B., Vörös, A., Bartha, T., Blanco Viñuela, E., González Suárez, V.M.: Formal verification of complex properties on PLC programs. In: Ábrahám, E., Palamidessi, C. (eds.) FORTE 2014. LNCS, vol. 8461, pp. 284–299. Springer, Heidelberg (2014)
Fernández Adiego, B., Darvas, D., Blanco Viñuela, E., Tournier, J.C., Bliudze, S., Blech, J.O., González Suárez, V.M.: Applying model checking to industrial-sized PLC programs. IEEE. Trans. Ind. Informat. 11(6), 1400–1410 (2015)
Gourcuff, V., de Smet, O., Faure, J.M.: Improving large-sized PLC programs verification using abstractions. In: Proceedings of the 17th IFAC World Congress, pp. 5101–5106. IFAC (2008)
Greenway, A.: A user’s perspective of programmable logic controllers (PLCs) in safety-related applications. In: Redmill, F., Anderson, T. (eds.) Technology and Assessment of Safety-Critical Systems, pp. 1–20. Springer, London (1994)
Jee, E., et al.: FBDVerifier: interactive and visual analysis of counterexample in formal verification of function block diagram. J. Res. Pract. Inf. Technol. 42(3), 171–188 (2010)
Lange, T., Neuhäußer, M.R., Noll, T.: Speeding up the safety verification of programmable logic controller code. In: Bertacco, V., Legay, A. (eds.) HVC 2013. LNCS, vol. 8244, pp. 44–60. Springer, Heidelberg (2013)
Nellen, J., Ábrahám, E., Wolters, B.: A CEGAR tool for the reachability analysis of PLC-controlled plants using hybrid automata. In: Bouabana-Tebibel, T., Rubin, S.H. (eds.) Formalisms for Reuse and Systems Integration. AISC, vol. 346, pp. 55–78. Springer, Heidelberg (2015)
Ovatman, T., Aral, A., Polat, D., Ünver, A.O.: An overview of model checking practices on verification of PLC software. Software & Systems Modeling, 1–24 (2014). doi:10.1007/s10270-014-0448-7. Advance online publication
Pavlović, O., Ehrich, H.D.: Model checking PLC software written in function block diagram. In: Proceedings of International Conference on Software Testing, Verification and Validation, pp. 439–448. IEEE (2010)
Sarmento, C.A., Silva, J.R., Miyagi, P.E., Santos Filho, D.J.: Modeling of programs and its verification for programmable logic controllers. In: Proceedings of the 17th IFAC World Congress, pp. 10546–10551. IFAC (2008)
Siemens: Statement List (STL) for S7–300/S7-400, C79000–G7076-C565-01 (1998)
Siemens: SIMATIC Industrial Software SIMATIC safety – Configuring and Programming, A5E02714440-AD (2014)
Soliman, D., Frey, G.: Verification and validation of safety applications based on PLCopen safety function blocks. Control Eng. Pract. 19(9), 929–946 (2011)
Sülflow, A., Drechsler, R.: Verification of PLC programs using formal proof techniques. In: Formal Methods for Automation and Safety in Railway and Automotive Systems, pp. 43–50. L’Harmattan, Budapest (2008)
Yoo, J., Cha, S., Jee, E.: A verification framework for FBD based software in nuclear power plants. In: Proceedings of the 15th Asia-Pacific Software Engineering Conference, pp. 385–392. IEEE (2008)
Acknowledgement
The authors would like to thank the people involved in the presented re-engineering project for their support and cooperation. Special thanks to Roberto Speroni for the cooperation and the continuous feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Darvas, D., Majzik, I., Blanco Viñuela, E. (2016). Formal Verification of Safety PLC Based Control Software. In: Ábrahám, E., Huisman, M. (eds) Integrated Formal Methods. IFM 2016. Lecture Notes in Computer Science(), vol 9681. Springer, Cham. https://doi.org/10.1007/978-3-319-33693-0_32
Download citation
DOI: https://doi.org/10.1007/978-3-319-33693-0_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-33692-3
Online ISBN: 978-3-319-33693-0
eBook Packages: Computer ScienceComputer Science (R0)