Formal Specification and Verification of Industrial Control Logic Components

Journal article, 2010

Component-based programming frameworks for industrial control logic development promise to shorten development and modification times, and to reduce programming errors. To get these benefits, it is, however, important that the components are specified and verified to work properly. This work introduces Reusable Automation Components (RACs), which contain not only the implementation details but also a formal specification defining the correct use and behaviour of the component. This formal specification uses temporal logic to describe time-related properties and has a special structure developed to meet industrial control needs. The RAC can be formally verified, to determine whether the implementation fulfils the specification or not. A RAC prototype development tool has been developed to demonstrate this capability. The main difference between the RAC and other frameworks for formal verification of control logic is the specification modeling. In RAC, not only the implementation but also the specification is based on the structure and languages of conventional control logic, aiming at being easy to comprehend for control logic engineers. Several industrial examples are discussed in this paper, showing the benefits and potential of the framework. Note to Practitioners-Today robots and machines in automated production are usually controlled by a special industrial computer called Programmable Logic Controller (PLC). Although PLC programs are widely used in manufacturing industry, current programs tend to be difficult and time-consuming to modify when needed. They are also often tested to work first on the real equipment, which may be expensive since the regular production is stopped for code testing and error resolving. In this work, we introduce Reusable Automation Components (RACs), to facilitate PLC program development. Reusing components may speed up the development and also reduce the number of errors, if the components are already verified to work properly before the reuse. To achieve this, the RACs can be richly specified, defining the correct use and behaviour of the components. The specification can then be used to verify, formally, whether the RAC works correctly or not, according to the specification. Formal verification uses math-based models and algorithms to automatically explore all possible behaviours of the component. The RAC can be automatically translated to a tool that performs the formal verification and shows counterexamples if the specification is not fulfilled. The specification and verification of RACs are intended to be useful for control logic engineers. Hence, the specification of the RAC is based on the structure and languages of conventional PLC programs. This paper discusses a number of industrial examples which show the applicability of the RACs. The RAC framework can be further improved, especially by developing guidelines and aid for writing the specifications.