Rigorous Design of PLC Networks using Formal Methods Radu Mateescu CONVECS team Inria Grenoble – Rhône-Alpes Université Grenoble Alpes / LIG http://convecs.inria.fr
CONVECS (Construction of Verified Concurrent Systems) Inria – CNRS – UGA common project-team within LIG Radu Mateescu (Inria Senior Researcher) Hubert Garavel (Inria Senior Researcher) Frédéric Lang (Inria Researcher) Gwen Salaün (Professor, UGA) Wendelin Serwe (Inria Researcher) Gianluca Barbon (PhD) Lina Marsso (PhD) Ajay Muroor-Nadumane (PhD) Umar Ozeer (PhD) Lian Apostol (expert engineer) 2 Kobe-Grenoble Workshop - February 26-27, 2018
Scientific Field Asynchronous Formal modelling of concurrent systems concurrent systems • Behavioural specification languages msg msg • Property specification languages ack Compiler construction, code generation Functional verification • Model checking • Equivalence checking Interleaving semantics Quantitative analysis a || b • Timed, probabilistic, stochastic Real-life case-studies and applications Verification platform a b CADP (> 50 tools + 17 libraries) http://cadp.inria.fr b a 3 Kobe-Grenoble Workshop - February 26-27, 2018
The Bluesky for I-Automation Project BlueSky Minalogic, FUI 13 rd call (2012-2016) Partners: Crouzet Automatismes (now InnoVista Sensors ), VM2M, Motwin, Inria, LCIS Objectives: Simple solution for distributed automation applications Hardware, software, communication infrastructures, and services New generation of em4 PLCs connected to the IoT Formal validation services for a rigorous development of distributed applications embedded on PLC networks 4 Kobe-Grenoble Workshop - February 26-27, 2018
Organization of the Project 5 Kobe-Grenoble Workshop - February 26-27, 2018
Design Flow based on Formal Methods designer of PLC applications em4soft abstract service test executable properties description (GRL) scenarios em4 (TL) (GRL) (SPTL) test system stimuli responses test generation and model checking and execution equivalence checking verdict + diagnostic verdicts S S Y Y N N C C H H R R O O N N O O U U S A A S Y S Y N N C C H H R R O O N N O O U U S 6 Kobe-Grenoble Workshop - February 26-27, 2018
GRL: A Formal Description Language for GALS Systems GRL ( GALS Representation Language ) GALS system: Globally Asynchronous and Locally Synchronous Principles of GRL: > Blocks : synchronous components > Environments : external constraints > Mediums : asynchronous communication > Formal semantics (process calculus) Tool support: translators em4soft GRL LNT and CADP tools 7 Kobe-Grenoble Workshop - February 26-27, 2018
Asynchronous Validation Flow designer of abstract PLC applications description GRL2LNT (GRL) CADP behavioural specification (LNT) properties translation (TL) em4soft LNT2LOTOS formulas + (MCL) CAESAR EVALUATOR state space (BCG) verdict + diagnostic 8 Kobe-Grenoble Workshop - February 26-27, 2018
Example: Car Park Management block In_Controller (in Open_Cmd : bool; out Green_Light : bool ; … out Door_Open : bool) {receive Open_Distant_Cmd : bool; block Out_Controller (in Open_Cmd : bool; receive Decrease_Counter : bool} is out Door_Open : bool) {receive Open_Distant_Cmd : bool; allocate Block_Or as B01, …, Block_And as B16 send Decrease_Counter : bool} is translator perm pre_c9 : bool := true, pre_c10 : bool := true allocate Block_Or as B01, Block_Timer_BW [true, false] as B02, temp c1, c2, c3, …, c11 : bool, c6, c8 : int16 Block_Timer_AC [0, 5, Cycle] as B05 c2 := Open_Distant_Cmd; B01 (Open_Cmd, c2, ?c3); temp c1 : bool … Yellow_Light := Door_Open; B15 (c7, c10, ?Red_Light); B01 (Open_Cmd, Open_Distant_Cmd, ?c1); B16 (c11, c10, ?Green_Light); pre_c10 := c10 B02 (c1, ?Decrease_Counter); end block B05 (Decrease_Counter, _, ?Door_Open, ?_ ,?_, ?_, ?_) em4soft end block GRL CADP + SEQ2SIM GRL2LNT + CADP 9 Kobe-Grenoble Workshop - February 26-27, 2018
Synchronous Validation Flow SPTL ( Synchronous Programming Testing Language ) TESTIUM testing test scenarios stimuli test stimuli (SPTL) generator (constraint environment resolution) system constraints responses system under test (SPTL) (black box) 10 Kobe-Grenoble Workshop - February 26-27, 2018
Example: Irrigation System 11 Kobe-Grenoble Workshop - February 26-27, 2018
Execution of a Testing Scenario test TESTIUM stimuli system responses scenario Normal t2≤5 t1≤5 var time t1 4 1 2 3 t1 >5 True True time t2 Step by step mode SPTL begin Automatic mode {Humid = 35;Temp=28;t1.start} | [Humid = 35;Temp=(pre(Temp)+5)(t1>5)]| {Humid=36;Temp=60;t2.start} | [Humid=36;Temp>60;Temp<65(t2>5)] end 12 Kobe-Grenoble Workshop - February 26-27, 2018
Bluesky Project: Summary Results New generation of PLCs from InnoVista Sensors Languages et tools for validating distributed PLC applications > GRL and GRL2LNT tool: PhD of Fatma JEBALI (http://hal.inria.fr/tel-01511656/en) > SPTL and TESTIUM tool: PhD of Mouna TKA (http://www.theses.fr/2016GREAM020) Ongoing Work Enhancing the validation flow to automate the testing of PLC networks PhD of Lina MARSSO : Formal Methods for Testing Networks of Controllers co-supervised Inria – LCIS (ARC6 2016-2019) with the collaboration of Innovista Sensors 13 Kobe-Grenoble Workshop - February 26-27, 2018
Testing Flow for GALS Systems 14 Kobe-Grenoble Workshop - February 26-27, 2018
Thank you! More information: http://convecs.inria.fr
Recommend
More recommend