A CEGAR Tool for the Reachability Analysis of PLC-Controlled Plants Using Hybrid Automata

In this paper we address the safety analysis of chemical plants controlled by programmable logic controllers (PLCs). We consider sequential function charts (SFCs) for the programming of the PLCs, extended with the specification of the dynamic plant behavior. The resulting hybrid SFC models can be transformed to hybrid automata, opening the way to the application of advanced techniques for their reachability analysis. However, the hybrid automata models are often too large to be analyzed. To keep the size of the models moderate, we propose a counterexample-guided abstraction refinement (CEGAR) approach, which starts with the purely discrete SFC model of the controller and extends it with those parts of the dynamic behavior, which are relevant for proving or disproving safety. Our algorithm can deal with urgent locations and transitions, and non-convex invariants. We integrated the CEGAR approach in the analysis tool spaceex and present an example.

[1]  Luciano Baresi,et al.  PLC PROGRAMMING LANGUAGES : A FORMAL APPROACH , 2003 .

[2]  Sumit Kumar Jha,et al.  Refining Abstractions of Hybrid Systems Using Counterexample Fragments , 2005, HSCC.

[3]  Antoine Girard,et al.  Approximation Metrics for Discrete and Continuous Systems , 2006, IEEE Transactions on Automatic Control.

[4]  Tiziano Villa,et al.  Ariadne: a framework for reachability analysis of hybrid automata , 2006 .

[5]  Goran Frehse PHAVer: Algorithmic Verification of Hybrid Systems Past HyTech , 2005, HSCC.

[6]  Ben Lukoschus,et al.  Compositional verification of industrial control systems : methods and case studies , 2006 .

[7]  R. Kretschmann,et al.  INTERNATIONAL ELECTROTECHNICAL COMMISSION TECHNICAL COMMITTEE No. 65B: INDUSTRIAL-PROCESS MEASUREMENT AND CONTROL WORKING GROUP 7/TASK FORCE 3: PROGRAMMING LANGUAGES FOR PROGRAMMABLE CONTROLLERS (IEC 61131-3, -8) MINUTES OF MEETING , 2007 .

[8]  Edmund M. Clarke,et al.  Counterexample-Guided Abstraction Refinement , 2000, CAV.

[9]  Marc Segelken Abstraction and Counterexample-Guided Construction of omega -Automata for Model Checking of Step-Discrete Linear Hybrid Models , 2007, CAV.

[10]  Olaf Stursberg,et al.  Verification of Hybrid Systems Based on Counterexample-Guided Abstraction Refinement , 2003, TACAS.

[11]  Joël Ouaknine,et al.  Abstraction and Counterexample-Guided Refinement in Model Checking of Hybrid Systems , 2003, Int. J. Found. Comput. Sci..

[12]  Mahesh Viswanathan,et al.  Hybrid automata-based CEGAR for rectangular hybrid systems , 2015, Formal Methods Syst. Des..

[13]  Nanette Bauer Formale Analyse von sequential function Charts , 2004 .

[14]  Sumit Kumar Jha,et al.  Reachability for Linear Hybrid Automata Using Iterative Relaxation Abstraction , 2007, HSCC.

[15]  Erika Ábrahám,et al.  A CEGAR approach for the reachability analysis of PLC-controlled chemical plants , 2014, Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014).

[16]  Rajeev Alur,et al.  Counterexample-guided predicate abstraction of hybrid systems , 2003, Theor. Comput. Sci..

[17]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[18]  P. Varaiya,et al.  Ellipsoidal Toolbox (ET) , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[19]  Erika Ábrahám,et al.  Hybrid Sequential Function Charts , 2012, MBMV.

[20]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[21]  Lothar Litz,et al.  Formal methods in PLC programming , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[22]  Ian M. Mitchell,et al.  Level Set Methods for Computation in Hybrid Systems , 2000, HSCC.

[23]  Eugene Asarin,et al.  The d/dt Tool for Verification of Hybrid Systems , 2002, CAV.

[24]  Sergiy Bogomolov,et al.  Abstraction-Based Guided Search for Hybrid Systems , 2013, SPIN.

[25]  Zoe Doulgeri,et al.  Validation of a SFC Software Specification by Using Hybrid Automata , 1998 .

[26]  Kim G. Larsen,et al.  Automatic Abstraction Refinement for Timed Automata , 2007, FORMATS.

[27]  Sebastian Engell,et al.  A Unifying Semantics for Sequential Function Charts , 2004, SoftSpez Final Report.

[28]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[29]  Manfred Morari,et al.  Multi-Parametric Toolbox 3.0 , 2013, 2013 European Control Conference (ECC).

[30]  Olaf Stursberg,et al.  Verification of Embedded Supervisory Controllers Considering Hybrid Plant Dynamics , 2005, Int. J. Softw. Eng. Knowl. Eng..

[31]  Goran Frehse,et al.  Non-convex Invariants and Urgency Conditions on Linear Hybrid Automata , 2014, FORMATS.

[32]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[33]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[34]  Xin Chen,et al.  Flow*: An Analyzer for Non-linear Hybrid Systems , 2013, CAV.