Compositional Verification of Nuclear Safety I&C Systems with OCRA

Antti Pakonen

doi:10.1109/ETFA61755.2024.10711009

Compositional Verification of Nuclear Safety I&C Systems with OCRA

BA5611 Human factors and system safety

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

55 Downloads (Pure)

Abstract

Model checking is a powerful formal verification method. However, due to the complexity of instrumentation and control (I&C) system logics-even in critical applications like nuclear power plant safety systems-the challenge of state space explosion means that the analyses cannot always be performed in reasonable time. In compositional verification, this challenge is overcome by reasoning over the system subcomponents sepa-rately, and then resolving proof claims for the composite system as a whole. In this paper, I present my experiments with OCRA, a tool for the verification of contract requirement. Together with the model checker nuXmv, OCRA can be used for compositional model checking. My industrial case study relates to three legacy I&C systems of the Finnish Olkiluoto nuclear power plant, about to be renewed using (mostly) software-based logic. I concretize the challenges in verifying complex nuclear I&C logics, prove the capabilities of OCRA, and discuss the practical limitations.

Original language	English
Title of host publication	2024 IEEE 29th International Conference on Emerging Technologies and Factory Automation (ETFA)
Publisher	Wiley-IEEE Press
Pages	1-8
Number of pages	8
ISBN (Electronic)	9798350361230
ISBN (Print)	979-8-3503-6124-7
DOIs	https://doi.org/10.1109/ETFA61755.2024.10711009
Publication status	Published - 13 Sept 2024
MoE publication type	A4 Article in a conference publication
Event	29th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2024 - Padova, Italy, Padova, Italy Duration: 10 Sept 2024 → 13 Sept 2024

Conference

Conference	29th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2024
Country/Territory	Italy
City	Padova
Period	10/09/24 → 13/09/24

Funding

This work has been funded by the Finnish National Nuclear Safety and Waste Management Research Programme 2023–2028 (SAFER2028). The case study was provided and co-funded by TVO.

Keywords

Industries
Process control
Model checking
Cognition
Safety
Logic
Contracts
Power generation
Manufacturing automation
Formal verification
software safety
formal verification
model checking
control engineering

Access to Document

10.1109/ETFA61755.2024.10711009

Pakonen_ETFA2024Accepted author manuscript, 344 KB

https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10711009

Cite this

@inproceedings{18e9a40d9740418e95efb6a6e81cf6f5,

title = "Compositional Verification of Nuclear Safety I&C Systems with OCRA",

abstract = "Model checking is a powerful formal verification method. However, due to the complexity of instrumentation and control (I&C) system logics-even in critical applications like nuclear power plant safety systems-the challenge of state space explosion means that the analyses cannot always be performed in reasonable time. In compositional verification, this challenge is overcome by reasoning over the system subcomponents sepa-rately, and then resolving proof claims for the composite system as a whole. In this paper, I present my experiments with OCRA, a tool for the verification of contract requirement. Together with the model checker nuXmv, OCRA can be used for compositional model checking. My industrial case study relates to three legacy I&C systems of the Finnish Olkiluoto nuclear power plant, about to be renewed using (mostly) software-based logic. I concretize the challenges in verifying complex nuclear I&C logics, prove the capabilities of OCRA, and discuss the practical limitations.",

keywords = "Industries, Process control, Model checking, Cognition, Safety, Logic, Contracts, Power generation, Manufacturing automation, Formal verification, software safety, formal verification, model checking, control engineering",

author = "Antti Pakonen",

year = "2024",

month = sep,

day = "13",

doi = "10.1109/ETFA61755.2024.10711009",

language = "English",

isbn = "979-8-3503-6124-7",

pages = "1--8",

booktitle = "2024 IEEE 29th International Conference on Emerging Technologies and Factory Automation (ETFA)",

publisher = "Wiley-IEEE Press",

address = "United States",

note = "29th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2024 ; Conference date: 10-09-2024 Through 13-09-2024",

}

Pakonen, A 2024, Compositional Verification of Nuclear Safety I&C Systems with OCRA. in 2024 IEEE 29th International Conference on Emerging Technologies and Factory Automation (ETFA)., 10711009, Wiley-IEEE Press, pp. 1-8, 29th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2024, Padova, Italy, 10/09/24. https://doi.org/10.1109/ETFA61755.2024.10711009

TY - GEN

T1 - Compositional Verification of Nuclear Safety I&C Systems with OCRA

AU - Pakonen, Antti

PY - 2024/9/13

Y1 - 2024/9/13

N2 - Model checking is a powerful formal verification method. However, due to the complexity of instrumentation and control (I&C) system logics-even in critical applications like nuclear power plant safety systems-the challenge of state space explosion means that the analyses cannot always be performed in reasonable time. In compositional verification, this challenge is overcome by reasoning over the system subcomponents sepa-rately, and then resolving proof claims for the composite system as a whole. In this paper, I present my experiments with OCRA, a tool for the verification of contract requirement. Together with the model checker nuXmv, OCRA can be used for compositional model checking. My industrial case study relates to three legacy I&C systems of the Finnish Olkiluoto nuclear power plant, about to be renewed using (mostly) software-based logic. I concretize the challenges in verifying complex nuclear I&C logics, prove the capabilities of OCRA, and discuss the practical limitations.

AB - Model checking is a powerful formal verification method. However, due to the complexity of instrumentation and control (I&C) system logics-even in critical applications like nuclear power plant safety systems-the challenge of state space explosion means that the analyses cannot always be performed in reasonable time. In compositional verification, this challenge is overcome by reasoning over the system subcomponents sepa-rately, and then resolving proof claims for the composite system as a whole. In this paper, I present my experiments with OCRA, a tool for the verification of contract requirement. Together with the model checker nuXmv, OCRA can be used for compositional model checking. My industrial case study relates to three legacy I&C systems of the Finnish Olkiluoto nuclear power plant, about to be renewed using (mostly) software-based logic. I concretize the challenges in verifying complex nuclear I&C logics, prove the capabilities of OCRA, and discuss the practical limitations.

KW - Industries

KW - Process control

KW - Model checking

KW - Cognition

KW - Safety

KW - Logic

KW - Contracts

KW - Power generation

KW - Manufacturing automation

KW - Formal verification

KW - software safety

KW - formal verification

KW - model checking

KW - control engineering

UR - http://www.scopus.com/inward/record.url?scp=85207840541&partnerID=8YFLogxK

U2 - 10.1109/ETFA61755.2024.10711009

DO - 10.1109/ETFA61755.2024.10711009

M3 - Conference article in proceedings

SN - 979-8-3503-6124-7

SP - 1

EP - 8

BT - 2024 IEEE 29th International Conference on Emerging Technologies and Factory Automation (ETFA)

PB - Wiley-IEEE Press

T2 - 29th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2024

Y2 - 10 September 2024 through 13 September 2024

ER -

Compositional Verification of Nuclear Safety I&C Systems with OCRA

Abstract

Conference

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this