Two CEGAR-based approaches for the safety verification of PLC-controlled plants

In this paper we address the safety analysis of chemical plants controlled by programmable logic controllers (PLCs). We consider a specification of the control program of the PLCs, extended with the specification of the dynamic plant behavior. The resulting hybrid models can be transformed to hybrid automata, for which advanced techniques for reachability analysis exist. However, the hybrid automata models are often too large to be analyzed. We propose two counterexample-guided abstraction refinement (CEGAR) approaches to keep the size of the hybrid models moderate.

[1]  Edmund M. Clarke,et al.  Counterexample-Guided Abstraction Refinement , 2000, CAV.

[2]  Sebastian Engell,et al.  A Unifying Semantics for Sequential Function Charts , 2004, SoftSpez Final Report.

[3]  Goran Frehse,et al.  PHAVer: algorithmic verification of hybrid systems past HyTech , 2005, International Journal on Software Tools for Technology Transfer.

[4]  Armin Biere,et al.  Symbolic Model Checking without BDDs , 1999, TACAS.

[5]  Martin Fränzle,et al.  HySAT: An efficient proof engine for bounded model checking of hybrid systems , 2007, Formal Methods Syst. Des..

[6]  Ben Lukoschus,et al.  Compositional verification of industrial control systems : methods and case studies , 2006 .

[7]  Xin Chen,et al.  Flow*: An Analyzer for Non-linear Hybrid Systems , 2013, CAV.

[8]  Wei Chen,et al.  dReach: δ-Reachability Analysis for Hybrid Systems , 2015, TACAS.

[9]  Matthias Althoff,et al.  Online Verification of Automated Road Vehicles Using Reachability Analysis , 2014, IEEE Transactions on Robotics.

[10]  Olaf Stursberg,et al.  Verification of Embedded Supervisory Controllers Considering Hybrid Plant Dynamics , 2005, Int. J. Softw. Eng. Knowl. Eng..

[11]  George J. Pappas,et al.  Bounded Model Checking of Hybrid Dynamical Systems , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[12]  Antoine Girard,et al.  Hybridization methods for the analysis of nonlinear systems , 2007, Acta Informatica.

[13]  Rajeev Alur,et al.  Reachability Analysis of Hybrid Systems via Predicate Abstraction , 2002, HSCC.

[14]  Ian M. Mitchell,et al.  Level Set Methods for Computation in Hybrid Systems , 2000, HSCC.

[15]  Antoine Girard,et al.  Approximation Metrics for Discrete and Continuous Systems , 2006, IEEE Transactions on Automatic Control.

[16]  Bernd Becker,et al.  Optimizing Bounded Model Checking for Linear Hybrid Systems , 2005, VMCAI.

[17]  Marc Segelken Abstraction and Counterexample-Guided Construction of omega -Automata for Model Checking of Step-Discrete Linear Hybrid Models , 2007, CAV.

[18]  Ofer Strichman,et al.  Accelerating Bounded Model Checking of Safety Properties , 2004, Formal Methods Syst. Des..

[19]  Olaf Stursberg,et al.  Verification of Hybrid Systems Based on Counterexample-Guided Abstraction Refinement , 2003, TACAS.

[20]  Joël Ouaknine,et al.  Abstraction and Counterexample-Guided Refinement in Model Checking of Hybrid Systems , 2003, Int. J. Found. Comput. Sci..

[21]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[22]  Andreas Eggers Direct handling of ordinary differential equations in constraint-solving-based analysis of hybrid systems , 2014 .

[23]  Rajeev Alur,et al.  Counterexample-guided predicate abstraction of hybrid systems , 2003, Theor. Comput. Sci..

[24]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[25]  Erika Ábrahám,et al.  Hybrid Sequential Function Charts , 2012, MBMV.

[26]  Tiziano Villa,et al.  Ariadne: a framework for reachability analysis of hybrid automata , 2006 .

[27]  Sergiy Bogomolov,et al.  Assume-Guarantee Abstraction Refinement Meets Hybrid Systems , 2014, Haifa Verification Conference.

[28]  Sergiy Bogomolov,et al.  Abstraction-Based Guided Search for Hybrid Systems , 2013, SPIN.

[29]  Samuel Mimram,et al.  Computing Flowpipe of Nonlinear Hybrid Systems with Numerical Methods , 2013, ArXiv.

[30]  Mahesh Viswanathan,et al.  Hybridization Based CEGAR for Hybrid Automata with Affine Dynamics , 2016, TACAS.

[31]  T. Henzinger The theory of hybrid automata , 1996, LICS 1996.

[32]  Armin Biere,et al.  Bounded Model Checking Using Satisfiability Solving , 2001, Formal Methods Syst. Des..

[33]  Daniel Kroening,et al.  Hardware verification using ANSI-C programs as a reference , 2003, ASP-DAC '03.

[34]  Bernd Becker,et al.  Recent Improvements in the SMT Solver iSAT , 2013, MBMV.

[35]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[36]  Kim G. Larsen,et al.  Automatic Abstraction Refinement for Timed Automata , 2007, FORMATS.

[37]  Stefan Ratschan,et al.  Safety Verification of Hybrid Systems by Constraint Propagation Based Abstraction Refinement , 2005, HSCC.

[38]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[39]  Mahesh Viswanathan,et al.  C2E2: A Verification Tool for Stateflow Models , 2015, TACAS.

[40]  Lothar Litz,et al.  Formal methods in PLC programming , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[41]  Sumit Kumar Jha,et al.  Reachability for Linear Hybrid Automata Using Iterative Relaxation Abstraction , 2007, HSCC.

[42]  Eugene Asarin,et al.  The d/dt Tool for Verification of Hybrid Systems , 2002, CAV.

[43]  Armin Biere,et al.  Bounded model checking , 2003, Adv. Comput..

[44]  Zoe Doulgeri,et al.  Validation of a SFC Software Specification by Using Hybrid Automata , 1998 .

[45]  Goran Frehse,et al.  Non-convex Invariants and Urgency Conditions on Linear Hybrid Automata , 2014, FORMATS.

[46]  Xin Chen,et al.  Counterexample Generation for Hybrid Automata , 2013, FTSCS.

[47]  Fabian Immler,et al.  Tool Presentation: Isabelle/HOL for Reachability Analysis of Continuous Systems , 2015, ARCH@CPSWeek.

[48]  Mahesh Viswanathan,et al.  Hybrid automata-based CEGAR for rectangular hybrid systems , 2013, Formal Methods Syst. Des..

[49]  Thao Dang,et al.  NLTOOLBOX: A Library for Reachability Computation of Nonlinear Dynamical Systems , 2013, ATVA.

[50]  Matthias Althoff,et al.  Reachability analysis of nonlinear systems with uncertain parameters using conservative linearization , 2008, 2008 47th IEEE Conference on Decision and Control.

[51]  Erika Ábrahám,et al.  A CEGAR Tool for the Reachability Analysis of PLC-Controlled Plants Using Hybrid Automata , 2015, Formalisms for Reuse and Systems Integration.

[52]  Sumit Kumar Jha,et al.  Refining Abstractions of Hybrid Systems Using Counterexample Fragments , 2005, HSCC.

[53]  Erika Ábrahám,et al.  A CEGAR approach for the reachability analysis of PLC-controlled chemical plants , 2014, Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014).