Hanno Wupper

Timed automaton models for simple programmable logic controllers

We give timed automaton models for a class of Programmable Logic Controller (PLC) applications, that are programmed in a simple fragment of the language Instruction Lists as defined in the standard IEC 1131-3. Two different approaches for modelling timers are suggested, that lead to two different timed automaton models. The purpose of this work is to provide a basis for verification and testing of real-time properties of PLC applications. Our work can be seen in broader context: it is a contribution to methodical development of provably correct programs. Even if the present PLC hardware will be substituted by e.g. Personal Computers, with a similar operation mode, the development and verification method will remain useful.

Design of a PLC Control Program for a Batch Plant - VHS Case Study 1

This article reports on the systematic design and validation of a PLC control program for the batch plant that has been selected as a case study for the EC project on Verification of Hybrid Systems (VHS). We show how a correct design of the control program can be obtained in an incremental manner using a real-time logical formalism. This is done by systematically strengthening the premise of an implication whose conclusion represents the required behaviour of the plant. The premise specifies the assumptions under which this behaviour is realised. The formal proof of correctness was obtained using formal verification tools. We used both theorem-proving (PVS) and model checking (Spin) as verification strategies. With PVS we could show the correctness of the final implication directly by a semantic embedding of the real-time logic in PVS, but only for a limited operational scenario (a single batch load). With Spin we could show the correctness for all relevant operational scenarios, but only indirectly, viz. on the basis of an abstract verification model (written in Promela). This model was obtained as a straightforward translation of the premise of the final version of the formal design and the PLC code derived from it. We conclude that the judicious use of standard formal methods and tools suffices for the systematic development of correct control programmes for this kind of application.

Non-monotonic modelling from initial requirements: a proposal and comparison with monotonic modelling methods

Researchers make a significant effort to develop new modelling languages and tools. However, they spend less effort developing methods for constructing models using these languages and tools. We are developing a method for building an embedded system model for formal verification. Our method provides guidelines to build a model and to construct a correctness argument. We start from a high-level formula stating that a plant (a device that performs a task) and its control should satisfy requirements. As our knowledge about the system grows, we refine this formula and the model gradually, in a stepwise non-monotonic process, until we have a description that can be formally verified. In this paper we explain our method on a simple example and compare it briefly with two other methods: requirements progression and the goal-oriented KAOS approach. The requirements progression is an extension of a problem frames approach. The KAOS method is also based on problem frames, but introduces new concepts for describing a system.

Towards a taxonomy for computer science

This paper tries to capture the essence of information technology and computer science. The principal goal of an information technologist is the same as that of any technologist: to create machines with certain properties. To achieve this an abstract schema of the machine’s structure is invented or developed from an abstract specification of the problem. It is the information technologist’s principal task to prove that the schema satisfies the specification. Computer scientists support or even enable this by developing the required mathematical and physical means. This paper proposes a consistent set of notions, together with a consistent terminology, which may clarify the relation of information technology and computer science to other scientific disciplines and which also may give rise to new ideas about computer science education.