HyPLC: hybrid programmable logic controller program translation for verification

Programmable Logic Controllers (PLCs) provide a prominent choice of implementation platform for safety-critical industrial control systems. Formal verification provides ways of establishing correctness guarantees, which can be quite important for such safety-critical applications. But since PLC code does not include an analytic model of the system plant, their verification is limited to discrete properties. In this paper, we, thus, start the other way around with hybrid programs that include continuous plant models in addition to discrete control algorithms. Correctness properties of hybrid programs can be formally verified in the theorem prover KeYmaera X that implements differential dynamic logic, dL, for hybrid programs. After verifying the hybrid program, we now present an approach for translating hybrid programs into PLC code. The new HyPLC tool implements this translation of discrete control code of verified hybrid program models to PLC controller code and, vice versa, the translation of existing PLC code into the discrete control actions for a hybrid program given an additional input of the continuous dynamics of the system to be verified. This approach allows for the generation of real controller code while preserving, by compilation, the correctness of a valid and verified hybrid program. PLCs are common cyber-physical interfaces for safety-critical industrial control applications, and HyPLC serves as a pragmatic tool for bridging formal verification of complex cyber-physical systems at the algorithmic level of hybrid programs with the execution layer of concrete PLC implementations.

[1]  André Platzer,et al.  A Complete Uniform Substitution Calculus for Differential Dynamic Logic , 2016, Journal of Automated Reasoning.

[2]  Dániel Darvas,et al.  A Formal Specification Method for PLC-based Applications , 2015 .

[3]  Dániel Darvas,et al.  PLC Program Translation for Verification Purposes , 2017 .

[4]  Saman A. Zonouz,et al.  A Trusted Safety Verifier for Process Controller Code , 2014, NDSS.

[5]  Georg Frey,et al.  Formal verification of PLC programs generated from signal interpreted Petri nets , 2001, 2001 IEEE International Conference on Systems, Man and Cybernetics. e-Systems and e-Man for Cybernetics in Cyberspace (Cat.No.01CH37236).

[6]  Michael Tiegelkamp,et al.  IEC 61131-3: Programming Industrial Automation Systems: Concepts and Programming Languages, Requirements for Programming Systems, Decision-Making Aids , 2001 .

[7]  Ralf Pinger,et al.  Automation of Formal Verification of PLC Programs Written in IL , 2007, VERIFY.

[8]  Dániel Darvas,et al.  Conformance checking for programmable logic controller programs and specifications , 2016, 2016 11th IEEE Symposium on Industrial Embedded Systems (SIES).

[9]  Josef Tapken,et al.  MOBY/PLC - Graphical Development of PLC-Automata , 1998, FTRTFT.

[10]  Bruce H. Krogh,et al.  Formal verification of PLC programs , 1998, Proceedings of the 1998 American Control Conference. ACC (IEEE Cat. No.98CH36207).

[11]  Hanno Wupper,et al.  Timed automaton models for simple programmable logic controllers , 1999, Proceedings of 11th Euromicro Conference on Real-Time Systems. Euromicro RTS'99.

[12]  Sridhar Adepu,et al.  A Dataset to Support Research in the Design of Secure Water Treatment Systems , 2016, CRITIS.

[13]  Nils Ole Tippenhauer,et al.  SWaT: a water treatment testbed for research and training on ICS security , 2016, 2016 International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater).

[14]  André Platzer,et al.  ModelPlex: verified runtime validation of verified cyber-physical system models , 2014, Formal Methods in System Design.

[15]  Krzysztof Sacha,et al.  Automatic Code Generation for PLC Controllers , 2005, SAFECOMP.

[16]  Pierre Wolper,et al.  Simple on-the-fly automatic verification of linear temporal logic , 1995, PSTV.

[17]  André Platzer,et al.  Differential Dynamic Logic for Hybrid Systems , 2008, Journal of Automated Reasoning.

[18]  I. Moon Modeling programmable logic controllers for logic verification , 1994, IEEE Control Systems.

[19]  H. Flordala,et al.  Automatic model generation and PLC-code implementation for interlocking policies in industrial robot cells , 2015 .

[20]  Devinder Thapa,et al.  Transformation from Petri Nets Model to Programmable Logic Controller using One-to-One Mapping Technique , 2005, International Conference on Computational Intelligence for Modelling, Control and Automation and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC'06).

[21]  S. A. Manesis,et al.  Intelligent control of wastewater treatment plants , 1998, Artif. Intell. Eng..

[22]  Rupak Majumdar,et al.  Compositional equivalence checking for models and code of control systems , 2013, 52nd IEEE Conference on Decision and Control.

[23]  Brent Kesler,et al.  The Vulnerability of Nuclear Facilities to Cyber Attack; Strategic Insights: Spring 2010 , 2011 .

[24]  F. Pedrayes,et al.  Voltage Sags in Industrial Systems , 2005 .

[25]  André Platzer,et al.  Logical Analysis of Hybrid Systems - Proving Theorems for Complex Dynamics , 2010 .

[26]  A. Platzer,et al.  ModelPlex: verified runtime validation of verified cyber-physical system models , 2016, Formal Methods Syst. Des..

[27]  André Platzer,et al.  VeriPhy: verified controller executables from verified cyber-physical system models , 2018, PLDI.

[28]  Nathan Fulton,et al.  KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems , 2015, CADE.

[29]  Borja Fernández Adiego,et al.  PLCverif: A TOOL TO VERIFY PLC PROGRAMS BASED ON MODEL CHECKING TECHNIQUES , 2015 .