FBDVerifier: Interactive and Visual Analysis of Counterexample in Formal Verification of Function Block Diagram

Model checking is often applied to verify safety-critical software implemented in programmable logic controller (PLC) language such as a function block diagram (FBD). Counter-examples generated by a model checker are often too lengthy and complex to analyze. This paper describes the FBDVerifier which allows domain experts to perform automated model checking and intuitive visual analysis of counter-examples without having to know technical details on temporal logic or the model checker. Once the FBD program is automatically translated into a semantically equivalent Verilog model and model checking is performed using SMV, users can enter various expressions to investigate why verification of certain properties failed. When applied to FBD programs implementing a shutdown system for a nuclear power plant, domain engineers were able to perform effective FBD verification and detect logical errors in the FBD design.

[1]  Valeriy Vyatkin IEC 61499 Function Blocks for Embedded and Distributed Control Systems Design , 2007 .

[2]  Natl Res Cou Digital Instrumentation and Control Systems in Nuclear Power Plants: Safety and Reliability Issues , 1997 .

[3]  Reid G. Simmons,et al.  Towards automatic verification of autonomous systems , 2000, Proceedings. 2000 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS 2000) (Cat. No.00CH37113).

[4]  H. S. Osborne,et al.  The international electrotechnical commission , 1953, Electrical Engineering.

[5]  Daniel Kroening,et al.  Word level predicate abstraction and refinement for verifying RTL Verilog , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[6]  Carlo Ghezzi,et al.  A Unified High-level Petri Net Model for Time Critical Systems , 1991 .

[7]  Georg Frey,et al.  Formalization of existing PLC Programs: A Survey , 2003 .

[8]  Luciano Baresi,et al.  PLCTOOLS: design, formal validation, and code generation for programmable controllers , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[9]  Gerard J. Holzmann,et al.  The SPIN Model Checker , 2003 .

[10]  Angelika Mader,et al.  A Classification of PLC Models and Applications , 2000 .

[11]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[12]  V. Vyatkin,et al.  Modelling of IEC 61499 function blocks a clue to their verification , 2000 .

[13]  R. W. Lewis,et al.  Programming Industrial Control Systems Using IEC 1131-3 , 1995 .

[14]  Heather Goldsby,et al.  A visualization framework for the modeling and formal analysis of high assurance systems , 2006, MoDELS'06.

[15]  Carlo Ghezzi,et al.  A Unified High-Level Petri Net Formalism for Time-Critical Systems , 1991, IEEE Trans. Software Eng..