Verification of PLC Properties Based on Formal Semantics in Coq

  • Jan Olaf Blech
  • Sidi Ould Biha
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7041)

Abstract

Programmable Logic Controllers (PLC) are widely used in embedded systems for the industrial automation domain. We propose a formal semantics of two languages defined in the IEC 61131-3 standard for PLC programming. The first one is the Instruction List (IL) language, an assembly like language. The second one is the Sequential Function Charts (SFC) language, a graphical high-level language that allows to describe the main control-flow of the system. A PLC system description may comprise SFC and IL code. We formalized the semantics in the proof assistant Coq. Furthermore, we present an associated tool for automatically generating SFC representations from a graphical description – the text based IL code can be handled in Coq directly – and its usage for verification purposes. We demonstrate our approach to prove safety properties of a PLC in a real industrial demonstrator.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Barner, S., Geisinger, M., Buckl, C., Knoll, A.: EasyLab: Model-based development of software for mechatronic systems. In: Mechatronic and Embedded Systems and Applications, IEEE/ASME (October 2008)Google Scholar
  2. 2.
    Bauer, N., Engell, S., Huuck, R., Lohmann, S., Lukoschus, B., Remelhe, M., Stursberg, O.: Verification of PLC programs given as sequential function charts. In: Ehrig, H., Damm, W., Desel, J., Große-Rhode, M., Reif, W., Schnieder, E., Westkämper, E. (eds.) INT 2004. LNCS, vol. 3147, pp. 517–540. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Blech, J.O.: A Tool for the Certification of PLCs based on a Coq Semantics for Sequential Function Charts (2011), http://arxiv.org/abs/1102.3529
  4. 4.
    Blech, J.O., Hattendorf, A., Huang, J.: An Invariant Preserving Transformation for PLC Models. In: IEEE International Workshop on Model-Based Engineering for Real-Time Embedded Systems Design (2011)Google Scholar
  5. 5.
    Blech, J.O., Périn, M.: Generating Invariant-based Certificates for Embedded Systems. ACM Transactions on Embedded Computing Systems (TECS) (accepted)Google Scholar
  6. 6.
    Bornot, S., Huuck, R., Lakhnech, Y., Lukoschus, B.: An Abstract Model for Sequential Function Charts. In: Discrete Event Systems: Analysis and Control, Workshop on Discrete Event Systems (2000)Google Scholar
  7. 7.
    Bornot, S., Huuck, R., Lakhnech, Y., Lukoschus, B.: Verification of Sequential Function Charts using SMV. In: Parallel and Distributed Processing Techniques and Applications (PDPTA 2000). CSREA Press (June 2000)Google Scholar
  8. 8.
    Canet, G., Couffin, S., Lesage, J.J., Petit, A., Schnoebelen, P.: Towards the automatic verification of PLC programs written in Instruction List. In: IEEE International Conference on Systems, Man, and Cybernetics (2000)Google Scholar
  9. 9.
    The Coq Development Team. The Coq System, http://coq.inria.fr
  10. 10.
    Gonthier, G., Mahboubi, A.: A small scale reflection extension for the Coq system. INRIA Technical report, http://hal.inria.fr/inria-00258384
  11. 11.
    Huuck, R.: Semantics and Analysis of Instruction List Programs. Electr. Notes Theor. Comput. Sci. (2005)Google Scholar
  12. 12.
    Leroy, X.: A formally verified compiler back-end. Journal of Automated Reasoning 43(4), 363–446 (2009)CrossRefMATHGoogle Scholar
  13. 13.
    Mader, A., Wupper, H.: Timed Automaton Models for Simple Programmable Logic Controllers. In: Euromicro Conference on Real-Time Systems (1999)Google Scholar
  14. 14.
    Ould Biha, S.: A formal semantics of PLC programs in Coq. In: 35th IEEE Computer Software and Applications Conference, COMPSAC 2011, Munich (2011)Google Scholar
  15. 15.
    Programmable controllers - Part 3: Programming languages, IEC 61131-3: 1993, International Electrotechnical Commission (1993)Google Scholar
  16. 16.
    Sülflow, A., Drechsler, R.: Verification of plc programs using formal proof techniques. In: Formal Methods for Automation and Safety in Railway and Automotive Systems (FORMS/FORMAT 2008), Budapest, pp. 43–50 (2008)Google Scholar
  17. 17.
    Volker, N., Kramer, B.J.: Automated verification of function block-based industrial control systems. Science of Computer Programming 42, 101–113 (2002)CrossRefMATHGoogle Scholar
  18. 18.
    Wan, H., Chen, G., Song, X., Gu, M.: Formalization and Verification of PLC Timers in Coq. In: 33rd IEEE Computer Software and Applications Conference, COMPSAC (2009)Google Scholar
  19. 19.
    Yoo, J., Cha, S., Jee, E.: A verification framework for fbd based software in nuclear power plants. In: 15th Asia Pacific Software Engineering Conference (APSEC), Beijing, China, December 3-5 (2008)Google Scholar
  20. 20.
    Yoo, J., Cha, S., Jee, E.: Verification of plc programs written in fbd with vis. Nuclear Engineering and Technology 41(1), 79–90 (2009)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Jan Olaf Blech
    • 1
  • Sidi Ould Biha
    • 2
  1. 1.fortiss GmbHMunichGermany
  2. 2.INRIA and Tsinghua UniversityBeijingChina

Personalised recommendations