Compositional verification of industrial control systems : methods and case studies

The main obstacles in the formal verification of industrial control systems are the lack of precise semantics for its programming languages, and the complexity problems which arise during the verification process. This work addresses both issues by defining an operational semantics for Sequential Function Charts, a widely-used language for Programmable Logic Controllers (PLCs), and by presenting modular and compositional methods to reduce the complexity arising from parallel structures in the system. These methods are illustrated by the verification of two PLC-controlled chemical batch plants.

[1]  John Ioannidis,et al.  Using the Fluhrer, Mantin, and Shamir Attack to Break WEP , 2002, NDSS.

[2]  Nanette Bauer Formale Analyse von sequential function Charts , 2004 .

[3]  Nancy A. Lynch,et al.  Hybrid I/O automata , 1995, Inf. Comput..

[4]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[5]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[6]  Ralf Huuck,et al.  Verifying Untimed and Timed Aspects of the Experimental Batch Plant , 2001, Eur. J. Control.

[7]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[8]  René David,et al.  Petri nets and grafcet - tools for modelling discrete event systems , 1992 .

[9]  Ralf Huuck,et al.  An Abstract Model for Sequential Function Charts , 2000 .

[10]  Willem P. de Roever,et al.  A Proof System for Partial Correctness of Dynamic Networks of Processes (Extended Abstract) , 1983, Logic of Programs.

[11]  G.E. Moore,et al.  Cramming More Components Onto Integrated Circuits , 1998, Proceedings of the IEEE.

[12]  K. Mani Chandy,et al.  Proofs of Networks of Processes , 1981, IEEE Transactions on Software Engineering.

[13]  Job Zwiers,et al.  Compositionality, Concurrency and Partial Correctness , 1989, Lecture Notes in Computer Science.

[14]  Guy Webster,et al.  Mars Exploration Rover Mission , 2005 .

[15]  Ralf Huuck,et al.  Software verification for programmable logic controllers , 2006 .

[16]  Stephan Merz,et al.  Model Checking , 2000 .

[17]  Ralf Huuck,et al.  Verification of Sequential Function Charts Using SMV , 2000, PDPTA.

[18]  Stefan Kowalewski,et al.  Condition/Event Systems: a Powerful Paradigm for Timed and Untimed Discrete Models of Technical Systems , 1995, EUROSIM.

[19]  Olaf Stursberg,et al.  MODULAR ANALYSIS OF DISCRETE CONTROLLERS FOR DISTRIBUTED HYBRID SYSTEMS , 2002 .

[20]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[21]  Edsger W. Dijkstra,et al.  The end of computing science? , 2001, CACM.

[22]  P. Le Guernic,et al.  Hybrid dynamical systems theory and the Signal language , 1990 .

[23]  Joseph Sifakis,et al.  Specification and verification of concurrent systems in CESAR , 1982, Symposium on Programming.

[24]  Ralf Huuck,et al.  A STOPWATCH SEMANTICS FOR HYBRID CONTROLLERS , 2002 .

[25]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[26]  Nicolas Halbwachs,et al.  Synchronous Programming of Reactive Systems , 1992, CAV.

[27]  Gérard Berry,et al.  The Esterel Synchronous Programming Language: Design, Semantics, Implementation , 1992, Sci. Comput. Program..

[28]  Thomas A. Henzinger,et al.  Hybrid Automata: An Algorithmic Approach to the Specification and Verification of Hybrid Systems , 1992, Hybrid Systems.

[29]  Kenneth L. McMillan,et al.  The SMV System , 1993 .

[30]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[31]  Ben Lukoschus,et al.  Composition and Verification of Condition/Event Systems , 1999 .

[32]  Leslie Lamport,et al.  Latex : A Document Preparation System , 1985 .

[33]  Nicolas Halbwachs,et al.  LUSTRE: A declarative language for programming synchronous systems* , 1987 .

[34]  Stefan Kowalewski,et al.  A Case study : Multi product batch plant for the demonstration of control and scheduling problems , 2000 .

[35]  Sergio Yovine,et al.  Kronos: a tool for verifying real-time systems , 1992 .

[36]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[37]  Cliff B. Jones,et al.  Tentative steps toward a development method for interfering programs , 1983, TOPL.

[38]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[39]  Nancy G. Leveson,et al.  An investigation of the Therac-25 accidents , 1993, Computer.