Skip to main content
SpringerLink
Log in
Book cover

Haifa Verification Conference

HVC 2013: Hardware and Software: Verification and Testing pp 44–60Cite as

Speeding Up the Safety Verification of Programmable Logic Controller Code

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 8244))

Abstract

Programmable logic controllers (PLC) are widely used in industries ranging from assembly lines, power plants, chemical processes to mining and rail automation. Such systems usually exhibit high safety requirements, and downtimes due to software errors entail intolerably high economic costs. Hence, their control programs are particularly suited for applying formal methods; in particular, bounded model checking (BMC) techniques based on satisfiability modulo theories promise to be highly beneficial in this domain.

In this paper, we investigate adaptations and extensions of property dependent static analyses which operate on a novel form of intermediate code and which are tailored specifically to model checking PLC programs. In our experiments, our program transformations drastically reduce the size of formulae for BMC and speed up the verification times by orders of magnitude.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Frey, G., Litz, L.: Formal methods in PLC programming. In: Systems, Man, and Cybernetics, vol. 4, pp. 2431–2436. IEEE Computer Society (2000)

    Google Scholar 

  2. Younis, M.B., Frey, G.: Formalization of existing PLC programs: A survey. In: CESA, pp. 234–239 (2003)

    Google Scholar 

  3. Fokkink, W., Hollingshead, P.: Verification of interlockings: From control tables to ladder logic diagrams. In: FMICS, pp. 171–185 (1998)

    Google Scholar 

  4. Groote, J.F., Warners, J.P.: The propositional formula checker HeerHugo. Journal of Automated Reasoning 24(1-2), 101–125 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  5. Kanso, K., Moller, F., Setzer, A.: Automated verification of signalling principles in railway interlocking systems. ENTCS 250(2), 19–31 (2009)

    Google Scholar 

  6. Canet, G., Couffin, S., Lesage, J.J., Petit, A., Schnoebelen, P.: Towards the automatic verification of PLC programs written in Instruction List. In: 2000 IEEE Int. Conf. on Systems, Man, and Cybernetics, pp. 2449–2454. IEEE (2000)

    Google Scholar 

  7. Meulen, M.: Verification of PLC source code using propositional logic. Master’s thesis, Technical university of Eindhoven (2010)

    Google Scholar 

  8. Pavlovic, O., Pinger, R., Kollmann, M.: Automation of formal verification of PLC programs written in IL. In: Verification Workshop. CEUR Workshop Proceedings, vol. 259 (2007)

    Google Scholar 

  9. Loeis, K., Younis, M.B., Frey, G.: Application of symbolic and bounded model checking to the verification of logic control systems. In: ETFA, pp. 247–250 (2005)

    Google Scholar 

  10. Pavlovic, O., Ehrich, H.D.: Model checking PLC software written in function block diagram. In: ICST, pp. 439–448 (2010)

    Google Scholar 

  11. Sülflow, A., Drechsler, R.: Verification of PLC programs using formal proof techniques. In: FORMS/FORMAT, pp. 43–50 (2008)

    Google Scholar 

  12. Blech, J.O., Biha, S.O.: Verification of PLC properties based on formal semantics in Coq. In: SEFM. Volume 7041 of LNCS., Springer (2011) 58–73

    Chapter  Google Scholar 

  13. Beyer, D., Cimatti, A., Griggio, A., Keremoglu, M.E., Sebastiani, R.: Software model checking via large-block encoding. In: FMCAD 2009, pp. 25–32. IEEE (2009)

    Google Scholar 

  14. John, K., Tiegelkamp, M.: IEC 61131-3: Programming Industrial Automation Systems. Springer (2010)

    Google Scholar 

  15. Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer (1999)

    Google Scholar 

  16. Muchnick, S.S.: Advanced Compiler Design and Implementation. Morgan Kaufmann (1997)

    Google Scholar 

  17. Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic model checking without BDDs. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 193–207. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  18. de Moura, L.M., Bjørner, N.: Z3: An efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  19. Bradley, A.R., Manna, Z.: Checking safety by inductive generalization of counterexamples to induction. In: FMCAD, pp. 173–180. IEEE (2007)

    Google Scholar 

  20. Bradley, A.R.: SAT-based model checking without unrolling. In: Jhala, R., Schmidt, D. (eds.) VMCAI 2011. LNCS, vol. 6538, pp. 70–87. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  21. Cimatti, A., Griggio, A.: Software model checking via IC3. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 277–293. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  22. McMillan, K.L.: Interpolation and SAT-based model checking. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 1–13. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. RWTH Aachen University, Germany

    Tim Lange & Thomas Noll

  2. Siemens AG, Germany

    Martin R. Neuhäußer

Authors
  1. Tim Lange
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin R. Neuhäußer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thomas Noll
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering and Computer Science, CSE #4645 - ACAL Lab, University of Michigan, 2260 Hayward Avenue, 48109-2121, Ann Arbor, MI, USA

    Valeria Bertacco

  2. Inventors for the Digital World, inria, Bat C, Burean C213, Campus Universitaire de Beaulieu, 35042, Rennes Cedex, France

    Axel Legay

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Lange, T., Neuhäußer, M.R., Noll, T. (2013). Speeding Up the Safety Verification of Programmable Logic Controller Code. In: Bertacco, V., Legay, A. (eds) Hardware and Software: Verification and Testing. HVC 2013. Lecture Notes in Computer Science, vol 8244. Springer, Cham. https://doi.org/10.1007/978-3-319-03077-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-03077-7_4

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-03076-0

  • Online ISBN: 978-3-319-03077-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation