f formal modeling and verification of l m d li d v ifi ti
play

F Formal Modeling and Verification of l M d li d V ifi ti f - PowerPoint PPT Presentation

Dec 28, 2023 •550 likes •882 views

Submitted to IEEE Software 2009 - Special issue on Software Development for Embedded Systems F Formal Modeling and Verification of l M d li d V ifi ti f Safety-Critical Software implemented in PLC JUNBEOM YOO JUNBEOM YOO KONKUK

  1. Submitted to IEEE Software 2009 - Special issue on “Software Development for Embedded Systems” F Formal Modeling and Verification of l M d li d V ifi ti f Safety-Critical Software implemented in PLC JUNBEOM YOO JUNBEOM YOO KONKUK University, Korea jbyoo@konkuk.ac.kr http://dslab.konkuk.ac.kr

  2. Other Authors Other Authors Sungdeok Cha Sungdeok Cha Enukyoung Jee Enukyoung Jee - Professor in Korea University - PhD Candidate in KAIST 2

  3. Contents Contents • I Introduction d i – Safety-Critical Software in Nuclear Power Plants – Software Development Process (Existing vs. Proposed) p ( g p ) • Software Development Process for NPPs – Development Process – Verification Process – Safety Analysis Process y y • Conclusion and Future Work 3

  4. Introduction 1. Safety-Critical Software in Nuclear Power Plants 2. Software Development Process (Existing vs. Proposed)

  5. Safety Critical Software in Nuclear Power Plants Safety-Critical Software in Nuclear Power Plants • RPS RPS (Reactor Protection System) • ESF-CCS (Engineering Safety Features Component Control System) RPS DCS (Distributed Computing System) ESF CCS ESF-CCS PLC (Programmable Logic Controller) 5

  6. Existing Software Development Process Existing Software Development Process • F For Most NPPs in Korea (e.g. Wolsung NPP) M t NPP i K 6

  7. Proposed Software Development Process Proposed Software Development Process • F For KNICS RPS for APR-1400 [1] (http://www.knics.re.kr) KNICS RPS f APR 1400 [1] – APR-1400 : Next generation nuclear reactor being developed in Korea 7

  8. Software Development Process for NPPs 1 1. Development Process Development Process 2. Verification Process 3. Safety-Analysis Process

  9. Development Process 1. Formal Requirements Specification 2. Automatic Design Synthesis

  10. 1 Formal Requirements Specification 1. Formal Requirements Specification • N SCR [3] NuSCR [3] – Formal requirements specification language – Customized SCR [2] for nuclear applications • Listened to opinions offered by domain experts – 4 constructs • SDT (Structured Decision Table) • FSM (Finite State Machine) • TTS (Timed Transition System) • • FOD (Function Overview Diagram) FOD (Function Overview Diagram) SDT TTS / FSM 10

  11. 1 Formal Requirements Specification 1. Formal Requirements Specification • N SRS NuSRS (ver 2.0) – CASE tool supporting • NuSCR specification • S lf Ch Self-Checking (on-going) ki • SMV program translation (NuSCR � SMV) • SMV verification (CTL Model Checking) – Case Study C St d • KNICS-RPS-SRS101, Rev,00, 2003. (by NuSRS 1.0) • KNICS-RPS-SVR131-01, Rev.00, 2005. (by NuSRS 2.0) NuSRS (ver. 2.0) 11

  12. 2 Automatic Design Synthesis 2. Automatic Design Synthesis • N SCRt FBD S NuSCRtoFBD Synthesis Procedure [8] th i P d [8] – Synthesizes FBD programs from NuSCR specification automatically • More than twice FBD blocks than manually coded and optimized ones – Unused in the project, because unable to develop CASE tools in advance U d i h j b bl d l CASE l i d – However, can be used as a baseline for FBD programming in design phase • NuSCRtoFBD (ver 1.0) – CASE tool supporting • Automatic FBD synthesis from NuSCR – Reads NuSCR specification in XML format – Stores FBD programs in standard XML format (on going) Stores FBD programs in standard XML format (on-going) • Algorithm is being optimized 12

  13. NuSCRtoFBD (ver. 1.0) - Synthesized from KNICS RPS BP SRS (KNICS-RPS-SVR131-01, Rev.00, 2005) 13

  14. Verification Process 1 1. Model Checking Requirements Model Checking Requirements 2. Model Checking Design 3. Equivalence Checking Designs NuSCR Executable Formal FBD FBD Development Development Automatic Automatic Machine Code Machine Code Compiled into Specification Synthesis Process Programs for PLCs * NuSCRtoFBD * NuSRS 2.0 Automatic * Automatic * NuSRS 2.0 FBD Verifier 1.0 Translation Translation Equivalence Verification Model Checking Model Checking Checking Process Cadence SMV Cadence SMV VIS 2.0 * VIS Analyzer 1.0 * FBD Verifier 1.0

  15. 1 Model Checking Requirements 1. Model Checking Requirements • F Formal verification for requirements specification l ifi ti f i t ifi ti NuSRS 2.0 – Target : NuSCR formal specification – Tool : Cadence SMV [5] – Technique : CTL model checking • NuSRS (ver. 2.0) – Automatic translation from NuSCR into SMV programs [10] p g [ ] – Seamless execution of SMV – Case Study Case Study • KNICS-RPS-SVR131-01, Rev.00, 2005 • Found 157 errors (25 critical) Cadence SMV 15

  16. FBD Verification using FBD Verification using - SMV model checking & VIS Equivalence checking

  17. 2 Model Checking Design 2. Model Checking Design • F Formal verification for design specification l ifi ti f d i ifi ti – Target : FBD program – Tool : Cadence SMV [5] – Technique : LTL model checking • FBD Verifier (ver. 1.0 / 2.0) – Automatic translation from FBD programs into Verilog programs [11] – Seamless execution of SMV Seamless execution of SMV – Case Study • KNICS-RPS-SDS231 Rev 01 2006 KNICS RPS SDS231, Rev.01, 2006 • Found 60 errors (13 critical) 17

  18. 18

  19. 3 Equivalence Checking Designs 3. Equivalence Checking Designs • F Formal verification for design specifications l ifi ti f d i ifi ti – Target : Two FBD programs – Tool : VIS Verification System [4] – Technique : Equivalence checking, Simulation • VIS Analyzer (ver. 1.0) – Seamless execution of VIS (VIS has no GUI) – Visualization of VIS’s process and verification results [12] Visualization of VIS s process and verification results [12] – Unused in the project, because unable to develop CASE tools in advance – – Case Study Case Study • KNICS-RPS-SDS101, Rev.00, 2005 • No official result Compared FBD Original FBD Trip Logic Error Type (Num. of Errors) (Num. of Errors) Fixed Set-Point Rising Trip Syntactic 0 0 without Operating Bypass Logical 0 1 Manual Reset Variable Set-Point Trip Syntactic 0 3 19 without Operating Bypass Logical 6 2

  20. 20

  21. Execute VIS equivalence checking Execute VIS simulation 21

  22. VIS Analyzer (ver. 1.0) - Visualized and reorganized result - counterexample 22

  23. Safety Analysis Process 1. Fault Tree Analysis for Requirements 2. Fault Tree Analysis for Design

  24. 1. Fault Tree Analysis for Requirements 2. Fault Tree Analysis for Design • Fault Tree Analysis F lt T A l i – performed manually – Totally depends on analyst’s experience and ability • We provided FTA templates for NuSCR [13] and FBD [15] FTA templates for FBDs 24

  25. Conclusion and Future Work

  26. Conclusion Conclusion • We proposed software development processes using formal methods W d ft d l t i f l th d – Target: KNICS RPS for APR-1400 – Development process Development process • NuSCR formal requirements specification • Automatic FBD design synthesis – Verification process p • Model checking NuSCR requirements • Model checking FBD design • Equivalence checking FBD designs – Safety analysis process Safety analysis process • FTA templates for NuSCR requirements • FTA templates for FBD programs – Case Study • KNICS-RPS-SVR131-01, Rev.00, 2005 • KNICS-RPS-SDS231, Rev.01, 2006 26

  27. Future Work Future Work 1 1. Integrated Tool-set I t t d T l t 2. Tool Enhancement – Self checking : completeness & consistency (N SRS) Self-checking : completeness & consistency (NuSRS) – Synchronous Verilog issue in model checking FBD programs using SMV (FBD Verifier) – Optimization of FBD synthesis algorithm (NuSCRtoFBD) – Add other functions to VIS Analyzer (VIS Analyzer) y ( y ) 3. Traceability Analysis – From requirements to design – From requirements’ FTA to design’s FTA 4. FBD Testing – Measures Measures (coverage criteria) – Testing tool support 5. Application to Other Domains 5. Application to Other Domains 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SAVE ORCA Formal Modeling, Safety Analysis, and Verification of Organic Computing Applications

SAVE ORCA Formal Modeling, Safety Analysis, and Verification of Organic Computing Applications

SAVE ORCA Formal Modeling, Safety Analysis, and Verification of Organic Computing Applications Hella Seebach , Florian Nafz and Wolfgang Reif Motivation and goals Software & Verification Co Design for highly reliable Organic Computing

402 views • 27 slides
SAVE ORCA Formal Modeling, Safety Analysis, and Verification of Organic Computing Applications

SAVE ORCA Formal Modeling, Safety Analysis, and Verification of Organic Computing Applications

SAVE ORCA Formal Modeling, Safety Analysis, and Verification of Organic Computing Applications Hella Seebach , Florian Nafz and Wolfgang Reif What has happend in the last months? Software Engineering Guideline for Resource-Flow Systems

828 views • 29 slides
Formal verification of a code generator for a modeling language: the Velus project Xavier Leroy

Formal verification of a code generator for a modeling language: the Velus project Xavier Leroy

Formal verification of a code generator for a modeling language: the Velus project Xavier Leroy (joint work with Timothy Bourke, L elio Brun, Pierre- Evariste Dagand, Marc Pouzet, and Lionel Rieg) Inria, Paris MARS/VPT workshop, ETAPS

1.43k views • 55 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
FORMAL MODELING AND VERIFICATION FOR TIMING PREDICTABILITY Mathieu Jan, Mihail Asavoae, Belgacem

FORMAL MODELING AND VERIFICATION FOR TIMING PREDICTABILITY Mathieu Jan, Mihail Asavoae, Belgacem

FORMAL MODELING AND VERIFICATION FOR TIMING PREDICTABILITY Mathieu Jan, Mihail Asavoae, Belgacem Ben Hedia ERTS 2020 Toulouse Outline of the talk Motivations and goals Timing anomalies in Worst-Case Timing Reasoning An example of a timing

286 views • 16 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
Formal Verification, Model Checking Radek Pel anek Introduction Modeling Specification

Formal Verification, Model Checking Radek Pel anek Introduction Modeling Specification

Introduction Modeling Specification Algorithms Conclusions Formal Verification, Model Checking Radek Pel anek Introduction Modeling Specification Algorithms Conclusions Motivation Formal Methods: Motivation examples of what can go

986 views • 74 slides
Weak Singular Hybrid Automata Formal Modeling and Verification for Cyber-Physical Systems Krishna

Weak Singular Hybrid Automata Formal Modeling and Verification for Cyber-Physical Systems Krishna

Weak Singular Hybrid Automata Formal Modeling and Verification for Cyber-Physical Systems Krishna S. Umang Mathur Ashutosh Trivedi Department of Computer Science and Engineering IIT Bombay, Mumbai, India January 18, 2014 Krishna S., Umang

929 views • 58 slides
Formal modeling and verification of the Java Card security architecture Eduardo Gimnez

Formal modeling and verification of the Java Card security architecture Eduardo Gimnez

VERIFICARD Formal modeling and verification of the Java Card security architecture Eduardo Gimnez Olivier Ly Trusted Logic SchlumbergerSema SchlumbergerSema January 8th, 2002 SchlumbergerSema & Trusted

800 views • 38 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms 1 Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of bugs Formal verification Levels of verification HOL Light Formalizing mathematics

353 views • 19 slides
Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA http://www.clifford.at/papers/2018/riscv-formal/ About assertion based formal verification (formal ABV) Assertion based verification (ABV) Uses

781 views • 39 slides
Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal Verification Yosys-STMBMC iCE40 FPGAs Bounded Model Checking (Project IceStorm) Using any SMT-LIB2 solver (using QF_AUFBV logic) Xilinx

706 views • 56 slides
Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim Kobeissi PROSECCO: Pro gramming Sec urely with C rypt o graphy. Team at INRIA Paris specializing in applied cryptography and formal verification.

357 views • 14 slides
Next Steps for WHOIS Accuracy Global Domains Division ICANN 53 | 24 June 2015 Agenda: Next Steps

Next Steps for WHOIS Accuracy Global Domains Division ICANN 53 | 24 June 2015 Agenda: Next Steps

Next Steps for WHOIS Accuracy Global Domains Division ICANN 53 | 24 June 2015 Agenda: Next Steps for WHOIS Accuracy Reporting System 2 3 1 Introduction and Pilot Project and Phase 1 Status Implementation Lessons Learned Approach 4 5 6

602 views • 26 slides
The Java Syntactic Extender Jonathan Bachrach MIT AI Lab Keith Playford Functional Objects,

The Java Syntactic Extender Jonathan Bachrach MIT AI Lab Keith Playford Functional Objects,

The Java Syntactic Extender Jonathan Bachrach MIT AI Lab Keith Playford Functional Objects, Inc. 16Oct01 The Java Syntactic Extender OOPSLA-01 Macro Syntactic extension to core language Defines meaning of one construct in terms of

1.39k views • 61 slides
transmission network resilience Energy Storage in South Australia: Past Experience & Future

transmission network resilience Energy Storage in South Australia: Past Experience & Future

ESCRI-SA Battery storage to improve transmission network resilience Energy Storage in South Australia: Past Experience & Future Opportunities National Wine Centre, 21 May 2018 Presentation outline > South Australian power system context

738 views • 37 slides
Assessing, Analyzing and Advancing: Planning for Fall 2020 Presented to the Board of School

Assessing, Analyzing and Advancing: Planning for Fall 2020 Presented to the Board of School

Assessing, Analyzing and Advancing: Planning for Fall 2020 Presented to the Board of School Directors August 11, 2020 Resolutions to be Approved #2 #1 Section 520.1 Health and Safety Plan PA Public School Code The Health and Safety Plan is

751 views • 31 slides
Factuality Prediction over Unified Datasets Gabriel Stanovsky, Judith Eckle-Kohler, Yevgeniy

Factuality Prediction over Unified Datasets Gabriel Stanovsky, Judith Eckle-Kohler, Yevgeniy

Factuality Prediction over Unified Datasets Gabriel Stanovsky, Judith Eckle-Kohler, Yevgeniy Puzikov, Ido Dagan and Iryna Gurevych Bar-Ilan University, UKP - TU Darmstadt ACL 2017 Factuality Task Definition Authors commitment towards a

285 views • 24 slides
Whats in a word? 1. an absolute, numerical date; failing this issues at hand. amples are

Whats in a word? 1. an absolute, numerical date; failing this issues at hand. amples are

Whats in a word? 1. an absolute, numerical date; failing this issues at hand. amples are taken from languages (and time periods) for which more data is available to elucidate the In the following, the concept of linguistic dating will be

240 views • 7 slides
Comparative Analysis of English, Japanese and Chinese Based on CrossLinguistic Learner

Comparative Analysis of English, Japanese and Chinese Based on CrossLinguistic Learner

The 3 rd International Workshop on Advanced Learning Sciences 01/08/2015 Comparative Analysis of English, Japanese and Chinese Based on CrossLinguistic Learner Corpora Keiko Mochizuki, Sano Hiroshi, Caroline Kano, Laurence NewberyPayton

343 views • 33 slides
Teaching Korean Complex Syntax in Context Using an Online Tool (GLOSS) Dohee Koo, Ph.D. Defense

Teaching Korean Complex Syntax in Context Using an Online Tool (GLOSS) Dohee Koo, Ph.D. Defense

Teaching Korean Complex Syntax in Context Using an Online Tool (GLOSS) Dohee Koo, Ph.D. Defense Language Institute Foreign Language Center This speech/presentation is authorized by the Defense Language Institute Foreign Language Center and the

94 views • 8 slides

More recommend