Skip to main content
SpringerLink
Log in

Automated formal analysis of temporal properties of Ladder programs

  • General
  • Special Issue: FMICS 2021
  • Published:
International Journal on Software Tools for Technology Transfer Aims and scope Submit manuscript

Abstract

Programmable Logic Controllers are industrial digital computers used as automation controllers in manufacturing processes. The Ladder language is a programming language used to develop software for such controllers. In this work, we consider the description of the expected behaviour of a Ladder program under the form of a timing chart, describing a scenario of execution. Our aim is to prove that the given Ladder program conforms to the expected temporal behaviour given by such a timing chart. Our approach amounts to translating the Ladder code, together with the timing chart, into a program for the Why3 environment for deductive program verification. The verification proceeds with the generation of verification conditions: mathematical formulas to be checked valid using automated theorem provers. The ultimate goal is twofold. On the one hand, by obtaining a complete proof, one verifies the conformity of the Ladder code with respect to the timing chart with a high degree of confidence. On the other hand, in the case the proof is not fully completed, one obtains a counterexample, illustrating a possible execution scenario of the Ladder code which does not conform to the timing chart.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24
Fig. 25

Similar content being viewed by others

Notes

  1. There are no true do-while loops in WhyML, we just mean by do-while style loop a piece of code of the form “ ” with two occurrences of the loop body.

References

  1. Barrett, C., Conway, C.L., Deters, M., Hadarean, L., Tim King, J. D., Reynolds, A., Cesare, T.: CVC4. In: CAV: computer aided verification. Lecture notes in computer science, vol. 6806, pp. 171–177. Springer. https://doi.org/10.1007/978-3-642-22110-1_14 (2011)

  2. Baudin, L.: Deductive verification with the help of abstract interpretation. Technical report, Univ Paris-Sud. https://hal.inria.fr/hal-01634318 (2017)

  3. Baudin, P., Cuoq, P., Filliâtre, J.-C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ACSL: ANSI/ISO C specification language, version 1.16. https://frama-c.com/html/acsl.html (2020)

  4. Becker, B., Belo Lourenço, C., Marché, C.: Explaining counterexamples with giant-step assertion checking. In: F-IDE – 6th workshop on formal integrated development environments. Electronic proceedings in theoretical computer science. https://hal.inria.fr/hal-03217393, https://doi.org/10.4204/EPTCS.338.10 (2021)

  5. Belo Lourenço, C., Cousineau, D., Faissole, F., Marché, C., Mentré, D., Inoue, H.: Automated verification of temporal properties of ladder programs. In: FMICS: formal methods for industrial critical systems. Lecture notes in computer science, vol. 12863, pp. 21–38. https://hal.inria.fr/hal-03281580, https://doi.org/10.1007/978-3-030-85248-1_2 (2021)

  6. Biallas, S., Kowalewski, S., Stattelmann, S., Schlich, B.: Efficient handling of states in abstract interpretation of industrial programmable logic controller code. In: 12th international workshop on discrete event systems, pp. 400–405. IFAC (2014)

  7. Bobot, F, Filliâtre, J.-C., Marché, C., Paskevich, A.: Why3: Shepherd your herd of provers. In: Boogie–first international workshop on intermediate verification languages, pp. 53–64. http://hal.inria.fr/hal-00790310 (2011)

  8. Bobot, F., Filliâtre, J.-C., Marché, C., Paskevich, A.: Let’s verify this with Why3. Int. J. Softw. Tools Technol. Transf (STTT) 17(6), 709–727 (2015). https://doi.org/10.1007/s10009-014-0314-5

    Article  Google Scholar 

  9. Bolton, W.: Programmable Logic Controllers (6th edn). Newnes. (2015) https://doi.org/10.1016/C2014-0-03884-1

  10. Conchon, S., Coquereau, A., Iguernlala, M., Mebsout, A.: Alt-Ergo 2.2. In: SMT–international workshop on satisfiability modulo theories. (2018) https://hal.inria.fr/hal-01960203

  11. Cousineau, D., Mentré, D., Inoue, H.: Automated deductive verification for ladder programming. In: F-IDE–fifth workshop on formal integrated development environments. Electronic Proceedings in Theoretical Computer Science, vol. 310, pp. 7–12. (2019) https://doi.org/10.4204/EPTCS.310.2

  12. Dailler, S., Hauzar, D., Marché, C., Moy, Y.: Instrumenting a weakest precondition calculus for counterexample generation. J. Log. Algebr. Methods Programm. 99, 97–113 (2018). https://doi.org/10.1016/j.jlamp.2018.05.003

    Article  MathSciNet  MATH  Google Scholar 

  13. Darvas, D., Majzik, I., Blanco Viñuela, E.: Formal verification of safety PLC based control software. In: IFM–Integrated formal methods. Lecture Notes in Computer Science, vol. 9681, pp. 508–522. Springer. (2016) https://doi.org/10.1007/978-3-319-33693-0_32

  14. de Moura, L, Bjørner, N.: Z3, an efficient SMT solver. In: TACAS : Tools and algorithms for the construction and analysis of systems. Lecture Notes in Computer Science, vol. 4963, pp. 337–340. Springer. (2008) https://doi.org/10.1007/978-3-540-78800-3_24

  15. De Oliveira, S., Prévosto, V., Bardin, S.: Au temps en emporte le C. In: JFLA: Vingt-sixièmes Journées Francophones des langages applicatifs. (2015) https://hal.inria.fr/hal-01099128

  16. Drath, R., Luder, A., Peschke, J., Hundt, L.: AutomationML–the glue for seamless automation engineering. In: ETFA–IEEE international conference on emerging technologies and factory automation, pp. 616–623. (2008). https://doi.org/10.1109/ETFA.2008.4638461

  17. Fehnker, A., Huuck, R., Schlich, B., Tapp, M.: Automatic bug detection in microcontroller software by static program analysis. In: SOFSEM – theory and practice of computer science. Lecture Notes in Computer Science, vol. 5404, pp. 267–278. Springer (2009) https://doi.org/10.1007/978-3-540-95891-8_26

  18. Filliâtre, J.-C., Marché, C.: The Why/Krakatoa/Caduceus platform for deductive program verification. In: CAV – 19th international conference on computer aided verification. Lecture Notes in Computer Science, vol. 4590, pp. 173–177. Springer. (2007) https://hal.inria.fr/inria-00270820v1, https://doi.org/10.1007/978-3-540-73368-3_21

  19. Filliâtre, J.-C., Paskevich, A.: Why3–where programs meet provers. In: ESOP–22nd European symposium on programming. Lecture Notes in Computer Science, vol. 7792, pp. 125–128. Springer (2013) http://hal.inria.fr/hal-00789533

  20. Filliâtre, J.-C., Paskevich, A.: Abstraction and genericity in Why3. In: ISoLA – 9th international symposium on leveraging applications of formal methods, verification and validation. Lecture Notes in Computer Science, vol. 12476, pp. 122–142. Springer. See also (2020) http://why3.lri.fr/isola-2020/. https://hal.inria.fr/hal-02696246

  21. Jeannet, Bertrand, Miné, Antoine: Apron: A library of numerical abstract domains for static analysis. In CAV – Computer Aided Verification, pages 661–667. Springer (2009)

  22. Kosmatov, N., Marché, C., Moy, Y., Signoles, J.: Static versus dynamic verification in Why3, Frama-C and SPARK 2014. In: ISoLA–7th international symposium on leveraging applications of formal methods, verification and validation. Lecture Notes in Computer Science, vol. 9952, pp. 461–478. Springer (2016) https://hal.inria.fr/hal-01344110, https://doi.org/10.1007/978-3-319-47166-2_32

  23. John, W., McCormick, Peter, C.: Building High Integrity Applications with SPARK. Cambridge University Press, Chapin (2015)

  24. Mitsubishi Electric Corporation. MELSEC iQ-F FX5 CPU module function block reference (for GX Works3). (2016) https://dl.mitsubishielectric.com/dl/fa/document/manual/plcf/jy997d62701/jy997d62701j.pdf. Online, accessed 14 June 2022

  25. Mitsubishi Electric Corporation. MELSEC iQ-R Safety Function Block Reference (for GX Works3). (2016) https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/bcn-p5999-0815/bcnp59990815c.pdf. Online, accessed 14 June 2022

  26. Mitsubishi Electric Corporation. Mitsubishi l — MELSEC iQ-R series basic course (for GX Works3). (2016) https://dl.mitsubishielectric.com/dl/fa/document/manual/school_text/sh081898eng/sh081898enga.pdf. Online, accessed 30 Mar 2021

  27. Nguyen, T., Aoki, T., Tomita, T., Endo, J.: Integrating static program analysis tools for verifying cautions of microcontroller. In: APSEC–Asia-Pacific software engineering conference, pp. 86–93. (2019) https://doi.org/10.1109/APSEC48747.2019.00021

  28. Ovatman, T., Aral, A., Polat, D., Unver, A.: An overview of model checking practices on verification of PLC software. Softw. Syst. Model. 15, 1–24 (2014). https://doi.org/10.1007/s10270-014-0448-7

  29. Ramanathan, R.: The IEC 61131-3 programming languages features for industrial control systems. In: WAC: World automation congress, pp. 598–603. (2014) https://doi.org/10.1109/WAC.2014.6936062

  30. Roques, A.: PlantUML standard library. https://plantuml.com/stdlib (2009). Online, accessed 24 Mar 2021

  31. Stouls, N., Groslambert, J.: Vèrification de propriètès LTL sur des programmes C par gènèration d’annotations. Research report. (2011) https://hal.inria.fr/inria-00568947

Download references

Acknowledgements

We thank the anonymous reviewers for their constructive comments on earlier versions of this paper, and also thank the editors Alberto Lluch Lafuente and Anastasia Mavridou for their feedback and suggestions. All of them helped us to produce a greatly improved final version of this article.

Author information

Authors and Affiliations

  1. CNRS, Inria, LMF, Université Paris-Saclay, 91190, Gif-sur-Yvette, France

    Cláudio Belo Lourenço & Claude Marché

  2. Mitsubishi Electric R &D Centre Europe, Rennes, France

    Denis Cousineau, Florian Faissole & David Mentré

  3. Mitsubishi Electric Corporation, Amagasaki, Japan

    Hiroaki Inoue

Authors
  1. Cláudio Belo Lourenço
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Denis Cousineau
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Florian Faissole
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Claude Marché
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. David Mentré
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hiroaki Inoue
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Claude Marché.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work has been partially supported by the bilateral contract ProofInUse-MERCE between Inria team Toccata and Mitsubishi Electric R &D Centre Europe, Rennes.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Belo Lourenço, C., Cousineau, D., Faissole, F. et al. Automated formal analysis of temporal properties of Ladder programs. Int J Softw Tools Technol Transfer 24, 977–997 (2022). https://doi.org/10.1007/s10009-022-00680-0

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10009-022-00680-0

Keywords

Search

Navigation