Ji-liang LUO,Hui SHAO,Wei-min WU,Hong-ye SU

DOI: https://doi.org/10.7641/CTA.2017.60929

2018-01-01

Abstract:More and more control elements are incorporated into a single system by the information technology such as internet of things.Consequently,the scale of a control system increases quickly,and the control specification becomes more and more complicated.Any logic mistake that violates a given control specification may lead to a serious industrial failure and even security issue.Besides,there is a"state space explosion"for discrete event systems.These make a challenge for designing and debugging programs running in programmable logic controllers(PLCs)or field programmable gate arrays (FPGAs).The supervisory control theory of discrete event systems is to implement a given complicated logic specification by formal methods. The specification such as interlock,sequence,mutual exclusion,and language is expressed by a Petri net or automata.It is in turn translated into codes that can be executed by a PLC or FPGA.This paper surveys these formal methods for synthesis of logical controller,which are to shorten the costed time for control programs,to ease the reuse of them,and to increase the safety and reliability of them.

Rui Wang,Xiaoyu Song,Jianzhong Zhu,Ming Gu

DOI: https://doi.org/10.1016/j.compind.2010.05.015

IF: 10

2011-01-01

Computers in Industry

Abstract:Programmable logic controllers (PLCs) are complex cyber-physical systems which are widely used in industry. This paper presents a robust approach to design and implement PLC-based embedded systems. Timed automata are used to model the controller and its environment. We validate the design model with resort to model checking techniques. We propose an algorithm to generate PLC code from timed automata and implement this algorithm with a prototype tool. This method can condense the developing process and guarantee the correctness of PLC programs. A case study demonstrates the effectiveness of the method.

Rui Wang,Ming Gu,Xiaoyu Song,Hai Wan

DOI: https://doi.org/10.1109/iceccs.2009.41

2009-01-01

Abstract:Programable logic controllers (PLCs) are complex cyber-physical systems which are widely used in industry. This paper presents a robust approach to design and implement PLC-based embedded systems. Timed automata are used to model the controller and its environment. We validate the design model with resort to model checking techniques. We propose an algorithm to generate PLC code from timed automata and implement this algorithm with a prototype tool. This method can condense the developing process and guarantee the correctness of PLC programs. A case study demonstrates the effectiveness of our method.

Mo Xia,Mian Sun,Guiming Luo,Xibin Zhao

DOI: https://doi.org/10.1109/icci-cc.2013.6622270

2013-01-01

Abstract:Programmable Logic Controller (PLC) have been widely used in industries, and safety and reliability of them has been urgently concerned. However, it's hard to verify all the cases to discover the logical flaws of complex systems by traditional testing. Formal verification methods introduce mathematical rigor in their analysis thereby guaranteeing exhaustive state space coverage. But there is not an effective and efficient tool for PLC verification, and the general-purpose formal tools need lots of relevant knowledge. This paper proposes an automatic verification tool for PLC systems. It includes graphical modeling, syntax check, code generation, code optimization and representation of the counter-examples which violate some system properties.

Hehua Zhang,Yu Jiang,William N. N. Hung,Xiaoyu Song,Ming Gu,Jiaguang Sun

DOI: https://doi.org/10.1109/tc.2013.124

2014-01-01

Abstract:Programmable Logic Controllers (PLC) are widely used in industry. The reliability of the PLC is vital to many critical applications. This paper presents a novel approach to the symbolic analysis of PLC systems. The approach includes, (1) calculating the uncertainty characterization of the PLC system, (2) abstracting the PLC system as a Hidden Markov Model, (3) solving the Hidden Markov Model with domain knowledge, (4) combining the solved Hidden Markov Model and the uncertainty characterization to form a regular Markov model, and (5) utilizing probabilistic model checking to analyze properties of the Markov model. This framework provides automated analysis of both uncertainty calculations and performance measurements, without the need for expensive simulations. A case study of an industrial, automated PLC system demonstrates the effectiveness of our work.

Rui Wang,Ming Gu,Xiaoyu Song,Hehua Zhang

DOI: https://doi.org/10.1109/sies.2008.4577704

2008-01-01

Abstract:Functional and nonfunctional validation is an important task in complex embedded system developments. This paper proposes a method of applying model checking techniques to validate programable logic controllers (PLCs). Abstraction is used to ameliorate the state explosion problem. The experiment results of an industry application demonstrate the effectiveness of our approach.

Yueshan Zheng,Guiming Luo,Junbo Sun,Junjie Zhang,Zhenfeng Wang

DOI: https://doi.org/10.4236/jsea.2010.311124

2010-01-01

Abstract:High reliability is the key to performance of electrical control equipment. PLC combines computer technology, automatic control technology and communication technology and becomes widely used for automation of industrial processes. Some requirements of complex PLC systems cannot be satisfied by the traditional verification methods. In this paper, an efficient method for the PLC systems modeling and verification is proposed. To ensure the high-speed property of PLC, we proposed a technique of “Time interval model” and “notice-waiting”. It could reduce the state space and make it possible to verify some complex PLC systems. Also, the conversion from the built PLC model to the Promela language is obtained and a tool PLC-Checker for modeling and checking PLC systems are designed. Using PLC-Checker to check a classical PLC example, a counter-example is found. Although the probability of this logic error occurs very small, it could result in system crash fatally.

Hehua Zhang,Yu Jiang,William N. N. Hung,Guowu Yang,Ming Gu,Jiaguang Sun

DOI: https://doi.org/10.1016/j.mcm.2011.11.050

2013-01-01

Quality Engineering

Abstract:Programmable Logic Controllers (PLC) are widely used in industry. Reliable PLC systems are vital to many critical applications. The reliability analysis of PLC is special because the hardware component and embedded software are combined and operated in a specific manner. This paper presents a probabilistic modeling for PLC systems, which considers both the hardware and software components. Three analysis strategies are proposed for probabilistic evaluation of reliability characterization. The first method is an input-based analysis which considers the impact of errors from primary inputs. The second one is an action-based analysis. It extends the first method by considering the impact of software-based processing deviations on primary inputs. The third method is an action-traverse analysis. It computes the reliability characterization in a single topological traverse through the primary inputs during the software execution. Experimental results demonstrate the effectiveness of our approaches when compared to fault tree analysis.

Xia Mao,Yueling Zhang,Jianqi Shi,Yanhong Huang,Qin Li

DOI: https://doi.org/10.1016/j.scico.2021.102763

IF: 1.039

2021-01-01

Science of Computer Programming

Abstract:Programmable Logic Controllers (PLC) are widely used in Industrial Control Systems (ICS) with strict safety assurance requirements. Unfortunately, traditional techniques for debugging prefer to use post-development approaches, such as simulation and black-box testing, rather than enhancing safety before programing. In this paper, we propose a refinement-based approach to model and verify PLC systems, aiming to assure safety properties by construction. It uses the Event-B formalism and focuses on the levels of requirement analysis, specification refinement, and system development. This approach takes a three-layer framework stepwise to specify the behaviors and properties of PLC programs, thereby reducing the modeling complexity. The basic firmware layer models the general mechanisms of PLC firmware, such as periodical instruction execution and centralized I/O scanning, which are application-independent models with fundamental safety properties at an abstract level. The middle layer establishes configuration models. These models correspond to the PLC settings and interactive environments of a specific system, such as I/O addresses and peripheral devices. The business layer models business logic with more specific system-level safety requirements. With our approach, the safety properties of PLC systems can be verified throughout the modeling and refinement process. In addition, rules are proposed to convert the most concrete Event-B model into PLC code satisfying the IEC 61131-3 standard. We demonstrate this approach with a real-world running example of a pump control system for gas transmission.

Hehua Zhang,Yu Jiang,William N. N. Hung,Xiaoyu Song,Ming Gu

DOI: https://doi.org/10.1007/978-3-642-24559-6_10

2011-01-01

Abstract:Programmable Logic Controllers are widely used in industry. Reliable PLCs are vital to many critical applications. This paper presents a novel symbolic approach for analysis of PLC systems. The main components of the approach consists of: (1) calculating the uncertainty characterization of the PLC systems, (2) abstracting the PLC system as a Hidden Markov Model, (3) solving the Hidden Markov Model using domain knowledge, (4) integrating the solved Hidden Markov Model and the uncertainty characterization to form an integrated (regular) Markov Model, and (5) harnessing probabilistic model checking to analyze properties on the resultant Markov Model. The framework provides expected performance measures of the PLC systems by automated analytical means without expensive simulations. Case studies on an industrial automated system are performed to demonstrate the effectiveness of our approach.

Dániel Darvas,István Majzik,Enrique Blanco Viñuela

DOI: https://doi.org/10.1007/978-3-319-33693-0_32

2016-01-01

Abstract:Programmable Logic Controllers (PLCs) are widely used in the industry for various industrial automation tasks. Besides non-safety applications, the usage of PLCs became accepted in safety-critical installations, where the cost of failure is high. In these cases the used hardware is special (so-called fail-safe or safety PLCs), but also the software needs special considerations. Formal verification is a method that can help to develop high-quality software for critical tasks. However, such method should be adapted to the special needs of the safety PLCs, that are often particular compared to the normal PLC development domain. In this paper we propose two complementary solutions for the formal verification of safety-critical PLC programs based on model checking and equivalence checking using formal specification. Furthermore, a case study is presented, demonstrating our approach.

M. Zhou,H. Wan,R. Wang,X. Song,C. Su,M. Gu,J. Sun

DOI: https://doi.org/10.1016/j.compind.2013.07.003

IF: 10

2013-01-01

Computers in Industry

Abstract:Programmable Logic Controllers (PLCs) are widely used in industry. PLC systems are reactive systems which run cyclically. In each cycle, the system state is checked and the program is executed once to determine the system behavior for a single cycle. Development of PLC systems conventionally follows the V-model, but increasing demand for efficiency and reliability requires a new rigorous and rapid design flow. In this paper, we propose a component-based formal modeling and synthesis method for cyclic execution platforms and apply it to PLC. Our method consists of three main phases: modeling, verification and code synthesis. In the modeling phase, the BIP (Behavior–Interaction–Priority) framework which is flexible and expressive is used as the modeling language. Real-time behavior, which is intensely concerned in PLC systems, can be modeled as well. In the verification phase, the system model is translated to timed automata and checked by Uppaal. Verification helps to ensure correctness of the model and further increases reliability of the implementation. In the code synthesis phase, the software part of the system model is extracted and synthesized to cyclic code. Although the PLC software runs cyclically, the software model is not necessarily given in a cyclic manner. We propose an algorithm which can generate high-performance cyclic code from a model which describes the business work-flow. This feature significantly simplifies program development. A set of tools is implemented to support our design flow and they are applied to an industrial case study for a PLC system that controls dozens of physical devices in a huge palace.

张学军,谢剑英,张苗苗

DOI: https://doi.org/10.3321/j.issn:1001-0920.2001.02.017

2001-01-01

Abstract:Aiming at reliability of programmable logic controller forcontinuous plants, an approach is presented to make the hybrid systems′ formal verification. The model is given out by using hybrid rectangular automata and the analysis of its quotient transition system′s reachability is presented. The principles of verification are given. The method is illustrated by an example of chemical process control.

Luis Garcia,Stefan Mitsch,Andre Platzer

DOI: https://doi.org/10.48550/arXiv.1902.05205

2019-02-14

Programming Languages

Abstract:Programmable Logic Controllers (PLCs) provide a prominent choice of implementation platform for safety-critical industrial control systems. Formal verification provides ways of establishing correctness guarantees, which can be quite important for such safety-critical applications. But since PLC code does not include an analytic model of the system plant, their verification is limited to discrete properties. In this paper, we, thus, start the other way around with hybrid programs that include continuous plant models in addition to discrete control algorithms. Even deep correctness properties of hybrid programs can be formally verified in the theorem prover KeYmaera X that implements differential dynamic logic, dL, for hybrid programs. After verifying the hybrid program, we now present an approach for translating hybrid programs into PLC code. The new tool, HyPLC, implements this translation of discrete control code of verified hybrid program models to PLC controller code and, vice versa, the translation of existing PLC code into the discrete control actions for a hybrid program given an additional input of the continuous dynamics of the system to be verified. This approach allows for the generation of real controller code while preserving, by compilation, the correctness of a valid and verified hybrid program. PLCs are common cyber-physical interfaces for safety-critical industrial control applications, and HyPLC serves as a pragmatic tool for bridging formal verification of complex cyber-physical systems at the algorithmic level of hybrid programs with the execution layer of concrete PLC implementations.

Rui Wang,Yong Guan,Min Zhou,Jie Zhang,Xiaoyu Song

DOI: https://doi.org/10.1155/2014/127618

IF: 2.1

2014-01-01

Advances in Mechanical Engineering

Abstract:Programmable logic controllers (PLCs) are complex embedded systems that are widely used in industry. This paper presents a component-based modeling and validation method for PLC systems using the behavior-interaction-priority (BIP) framework. We designed a general system architecture and a component library for a type of device control system. The control software and hardware of the environment were all modeled as BIP components. System requirements were formalized as monitors. Simulation was carried out to validate the system model. A realistic example from industry of the gates control system was employed to illustrate our strategies. We found a couple of design errors during the simulation, which helped us to improve the dependability of the original systems. The results of experiment demonstrated the effectiveness of our approach.

litian xiao,mengyuan li,ming gu,jiaguang sun

DOI: https://doi.org/10.1109/icma.2014.6885893

2014-01-01

Abstract:The correctness of PLC (Programmable Logic Controller) program in automatic control is vital to this kind of safety-critical applications. In this paper, we present a useful method of combinational model-checking for correctness of PLC programs. The method is based on the denotational semantics of PLC program and the semantic functions for basic instructions. Because the state space explosion problem limits the use of general model-checking in real PLC programs, the paper firstly defines a set of combinational verification rules based on the denotational semantics. Then the paper proposes a series of general and PLC domain specific strategies for combinational model-checking. The rules and strategies can effectively reduce state space and their correctness is proved. The validity of our method is shown by an example.

Rui Wang,Min Zhou,Liangze Yin,Lianyi Zhang,Jiaguang Sun,Ming Gu,Marius Bozga

DOI: https://doi.org/10.1109/tase.2012.33

2012-01-01

Abstract:Programable logic controllers (PLCs) are complex cyber-physical systems which are widely used in industry. This paper shows the modeling and validation work of a typical PLC control system using the Behavior-Interaction-Priority(BIP) component framework. The gate control system based on PLC is a real industry application. We design general system architecture for this kind of device control system. The control software and hardware of environment are all modeled as BIP components. Their interactions are described by BIP connectors. System requirements are formalized as monitors. Simulation is applied on the system model. We found a couple of design errors in simulation, which help us to improve the dependability of the original systems.

R. Wang,X. Song,M. Gu

DOI: https://doi.org/10.1049/iet-sen:20070009

2007-01-01

IET Software

Abstract:Validation is an important task in complex embedded system designs. A method of modelling and analysing embedded systems with programmable logic controllers is presented. Controllers and physical plants are modelled using timed automata. The system requirements are specified and formalised as computational tree logic properties. It is demonstrated that the designed model satisfies the required properties by resorting to a symbolic model checker, Uppaal, for real-time systems. A realistic example, the steeve controller of a theatre, illustrates the strategies. The safety and time constraint requirements are validated by Uppaal. The experimental results demonstrate the effectiveness of the approach presented here.

Litian Xiao,Rui Wang,Ming Gu,Jiaguang Sun

DOI: https://doi.org/10.1016/j.mcm.2011.11.038

2012-01-01

Mathematical and Computer Modelling

Abstract:PLC is widely used in the field of automatic control. To use formal methods to verify the correctness of PLC programs, semantic characterization of PLC programs are needed. Based on the extended λ-calculus definition, this paper presents a novel semantic modeling of PLC programs. The results lay the solid underpinnings for theorem proving and modeling checking for PLC systems.

Anping He,William N. N. Hung,Guowu Yang,Jinzhao Wu,Lian Li

DOI: https://doi.org/10.1016/j.camwa.2011.02.004

2011-01-01

Abstract:The modern stage suspended boom system is automatically controlled by PLC (programmable logic controller), and represents a typical hybrid behavior. It is an important family of stage control machinery systems. This paper presents a formal approach to modeling the system behaviors of different scenes. The system is formally characterized and specified in a timed model. System properties are proved in the proof system of the extended duration calculus. The case study illustrates the feasibility of the proposed verification framework.