Abstract
The trip computers for the two reactor shutdown systems of the Ontario Power Generation (OPG) Darlington Nuclear Power Generating Station (DNGS) are being refurbished due to hardware obsolescence. For one of the systems, the general purpose computer originally used is being replaced by a programmable logic controller (PLC). The trip computer application software has been rewritten using function block diagrams (FBDs), a commonly used PLC programming language defined in the IEC 61131-3 standard. The replacement project’s quality assurance program requires that formal verification be performed to compare the FBDs against a formal software requirements specification (SRS) written using tabular expressions (TEs). The PVS theorem proving tool is used in the formal verification. Custom tools developed for OPG are used to translate TEs and FBDs into PVS code. In this paper, we present a method to rigorously translate the graphical FBD language to a mathematical model in PVS using an abstract syntax to represent the FBD constructs. We use an example from the replacement project to demonstrate the use of the model to translate a FBD module into a PVS specification.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A small portion of the software design is written using structured text (ST), but that is not relevant to the subject of this paper.
- 2.
The use of IEC 61131-3 compliant built-in FBs eased formal specification and subsequent verification of their behavior; one of many PLC qualification activities.
- 3.
A FBD design is consistent if for every input there exists an output that satisfies the internal relationships. Otherwise, a FBD design trivially satisfies any requirement.
- 4.
The prefixes in this section refer to monitored variables (m_...), controlled variables (c_...), enumerations (e_...), and constants (k_...).
- 5.
There are five internal FBs: subtraction (SUB), less than or equal to (LE), greater than or equal to (GE), logical disjunction (OR) and logical conjunction (AND).
- 6.
Concrete examples are available to assist the reader with the translation rules (Sects. 3 and 4) at http://www.swi.com/research/NFM2016.
- 7.
The application expression consists of the block name applied with ordered arguments. An example of a PVS application expression is MOVE(input, output) where MOVE is the block name, and input and output are the arguments.
- 8.
SDS2 uses diverse technologies to cause a reactor trip if SDS1 were to fail.
- 9.
The underscore (..._) is used for generated names that conflict with PVS keywords.
- 10.
The FBD is formalized over a discrete time series of equally distributed samplings, i.e., ticks. The pre operator returns the previous time sample.
- 11.
The approach was qualified using a combination of trial use, inspection and acceptance testing.
- 12.
Function block diagram (FBD), structured text (ST), instruction list (IL), ladder diagram (LD) and sequential function chart (SFC).
References
IEEE 7–4.3.2: Standard for Digital Computers in Safety Systems of Nuclear Power Generating Stations (Revision of IEEE Std 7–4.3.2-2003). The Institute of Electrical and Electronics Engineers (IEEE) (2010)
DO-178C: Software Considerations in Airborne Systems and Equipment Certification. Special Committee 205 of RTCA (2011)
Blech, J.O., Biha, S.O.: On formal reasoning on the semantics of PLC using Coq. CoRR abs/1301.3047 (2013)
IEC: 61131–3 Ed. 3.0 en: 2013: Programmable Controllers – Part 3: Programming Languages. International Electrotechnical Commission (2013)
Jimenez-Fraustro, F., Rutten, E.: A synchronous model of IEC 61131 PLC languages in SIGNAL. In: Euromicro Conference On Real-Time Systems, pp. 135–142 (2001)
Jin, Y., Parnas, D.L.: Defining the meaning of tabular mathematical expressions. Sci. Comput. Program. 75(11), 980–1000 (2010)
Joannou, P., Harauz, J., Viola, M., Cirjanic, R., Chan, D., Whittall, R., Tremaine, D., Moum, G.: Standard for Software Engineering of Safety Critical Software. CANDU Computer Systems Engineering Centre of Excellence Standard CE-1001-STD Rev. 3 (2014)
Németh, E., Bartha, T.: Formal verification of safety functions by reinterpretation of functional block based specifications. In: Cofer, D., Fantechi, A. (eds.) FMICS 2008. LNCS, vol. 5596, pp. 199–214. Springer, Heidelberg (2009)
Owre, S., Rushby, J.M., Shankar, N.: PVS: A prototype verification system. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 748–752. Springer, Heidelberg (1992)
Pang, L.: An Engineering Methodology for the Formal Verification of Function Block Based Systems. Ph.D. thesis. McMaster University, Department of Computing and Software (2015)
Pang, L., Wang, C., Lawford, M., Wassyng, A.: Formal verification of function blocks applied to IEC 61131–3. Sci. Comput. Program. 113, 149–190 (2015)
Parnas, D.L., Madey, J.: Functional documents for computer systems. Sci. Comput. Program. 25(1), 41–61 (1995)
Parnas, D.L., Madey, J., Iglewski, M.: Precise documentation of well-structured programs. IEEE Trans. Software Eng. 20, 948–976 (1994)
Roussel, J.M., Faure, J.: An algebraic approach for PLC programs verification. In: 6th International Workshop on Discrete Event Systems, pp. 303–308 (2002)
Soliman, D., Thramboulidis, K., Frey, G.: Transformation of function block diagrams to Uppaal timed automata for the verification of safety applications. Annu. Rev. Control 36, 338–345 (2012)
Völker, N., Krämer, B.J.: Automated verification of function block-based industrial control systems. Sci. Comput. Program. 42(1), 101–113 (2002)
Wassyng, A., Janicki, R.: Tabular expressions in software engineering. In: International Conference on Software & System Engineering and their Applications, vol. 4, pp. 1–46 (2003)
Wassyng, A., Lawford, M.: Lessons learned from a successful implementation of formal methods in an industrial project. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 133–153. Springer, Heidelberg (2003)
Acknowledgements
We would like to thank OPG for their permitting us to describe the work related to the DNGS TC replacement project. The methodology and tools described herein are the property of OPG. Particularly we thank Ivan Dimitrov, Section Manager, Safety Related Computers, Computers and Control Design, and Mike Viola, SDS Replacement Project Manager, for their valued oversight and assistance. We would also like to thank Lucian Patcas for his thorough review.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Newell, J., Pang, L., Tremaine, D., Wassyng, A., Lawford, M. (2016). Formal Translation of IEC 61131-3 Function Block Diagrams to PVS with Nuclear Application. In: Rayadurgam, S., Tkachuk, O. (eds) NASA Formal Methods. NFM 2016. Lecture Notes in Computer Science(), vol 9690. Springer, Cham. https://doi.org/10.1007/978-3-319-40648-0_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-40648-0_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40647-3
Online ISBN: 978-3-319-40648-0
eBook Packages: Computer ScienceComputer Science (R0)