A Verification Framework for FBD Based Software in Nuclear Power Plants

Formal verification of function block diagram (FBD) based software is an essential task when replacing traditional relay-based analog system with PLC-based software in nuclear reactor protection system (RPS). FBD programs are developed manually and revised frequently in process of development. There are a set of properties to be verified formally, which all FBD releases should satisfy. Whenever FBDs are modified, there is also a need to verify behavioral equivalence of subsequently modified FBDs. This paper proposes a software verification framework for FBD software in nuclear power plants. It uses SMV model checker for verifying whether an FBD meets its required properties, and VIS verification system for checking behavioral equivalence between modified FBDs. A case study, conducted using a nuclear power plant shutdown system being developed in Korea, demonstrated that the proposed verification framework is effective and useful.

[1]  Junbeom Yoo,et al.  Synthesis of FBD-based PLC design from NuSCR formal specification , 2005, Reliab. Eng. Syst. Saf..

[2]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[3]  Angelika Mader,et al.  A Classification of PLC Models and Applications , 2000 .

[4]  Doron A. Peled,et al.  Software Reliability Methods , 2001, Texts in Computer Science.

[5]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[6]  高木 昇,et al.  IEC(International Electrotechnical Commisston:国際電気標準会議) , 1965 .

[7]  Kee-Choon Kwon,et al.  Testing of Timer Function Blocks in FBD , 2006, 2006 13th Asia Pacific Software Engineering Conference (APSEC'06).

[8]  Szu-Tsung Cheng,et al.  Compiling Verilog into Automata , 1994 .

[9]  Lothar Litz,et al.  Formal methods in PLC programming , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[10]  Jang-Soo Lee,et al.  A formal software requirements specification method for digital nuclear plant protection systems , 2005, J. Syst. Softw..

[11]  Tiziano Villa,et al.  VIS: A System for Verification and Synthesis , 1996, CAV.

[12]  Bernd J. Krämer,et al.  A Highly Dependable Computing Architecture for Safety-Critical Control Applications , 2004, Real-Time Systems.

[13]  Ching-Tsun ChouyFujitsu Synchronous Verilog : A Proposal , 2007 .

[14]  Kathryn L. Heninger Specifying Software Requirements for Complex Systems: New Techniques and Their Application , 2001, IEEE Transactions on Software Engineering.

[15]  Ieee Standards Board IEEE Standard hardware Description language : based on the Verilog hardware description language , 1996 .

[16]  P. R. Stephan,et al.  SIS : A System for Sequential Circuit Synthesis , 1992 .

[17]  David Lorge Parnas,et al.  Documentation of requirements for computer systems , 1993, [1993] Proceedings of the IEEE International Symposium on Requirements Engineering.

[18]  Luciano Baresi,et al.  PLCTOOLS: design, formal validation, and code generation for programmable controllers , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[19]  Jang-Soo Lee,et al.  PLC-Based Safety Critical Software Development for Nuclear Power Plants , 2004, SAFECOMP.

[20]  Peter Neumann,et al.  Safeware: System Safety and Computers , 1995, SOEN.

[21]  Constance L. Heitmeyer,et al.  Tools for formal specification, verification, and validation of requirements , 1997, Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance.

[22]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[23]  Junbeom Yoo,et al.  NuEditor - A Tool Suite for Specification and Verification of NuSCR , 2004, SERA.

[24]  Stephan Merz,et al.  Model Checking , 2000 .

[25]  V. Vyatkin,et al.  Modelling of IEC 61499 function blocks a clue to their verification , 2000 .