Model checking as a protective method against spurious actuation of industrial control systems

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    5 Citations (Scopus)
    26 Downloads (Pure)

    Abstract

    A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100% coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37% of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.

    Original languageEnglish
    Title of host publicationSafety and Reliability
    Subtitle of host publicationTheory and Applications
    EditorsMarko Cepin, Radim Briš
    PublisherCRC Press
    Pages3189-3196
    Number of pages8
    ISBN (Electronic)978-1-351-80973-3
    ISBN (Print)978-1-138-62937-0
    DOIs
    Publication statusPublished - 1 Jan 2017
    MoE publication typeNot Eligible
    Event27th European Safety and Reliability Conference, ESREL 2017 - Portoroz, Slovenia
    Duration: 18 Jun 201722 Jun 2017

    Conference

    Conference27th European Safety and Reliability Conference, ESREL 2017
    Abbreviated titleESREL 2017
    CountrySlovenia
    CityPortoroz
    Period18/06/1722/06/17

    Fingerprint

    Model checking
    Control systems
    Logic design
    Nuclear industry
    Failure modes
    Formal verification

    Cite this

    Pakonen, A., & Björkman, K. (2017). Model checking as a protective method against spurious actuation of industrial control systems. In M. Cepin, & R. Briš (Eds.), Safety and Reliability: Theory and Applications (pp. 3189-3196). CRC Press. https://doi.org/10.1201/9781315210469
    Pakonen, Antti ; Björkman, Kim. / Model checking as a protective method against spurious actuation of industrial control systems. Safety and Reliability: Theory and Applications. editor / Marko Cepin ; Radim Briš. CRC Press, 2017. pp. 3189-3196
    @inproceedings{03454d71b7d148f2ad98e27c6c167f65,
    title = "Model checking as a protective method against spurious actuation of industrial control systems",
    abstract = "A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100{\%} coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37{\%} of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.",
    author = "Antti Pakonen and Kim Bj{\"o}rkman",
    note = "Project code: 113347",
    year = "2017",
    month = "1",
    day = "1",
    doi = "10.1201/9781315210469",
    language = "English",
    isbn = "978-1-138-62937-0",
    pages = "3189--3196",
    editor = "Marko Cepin and Radim Briš",
    booktitle = "Safety and Reliability",
    publisher = "CRC Press",
    address = "United States",

    }

    Pakonen, A & Björkman, K 2017, Model checking as a protective method against spurious actuation of industrial control systems. in M Cepin & R Briš (eds), Safety and Reliability: Theory and Applications. CRC Press, pp. 3189-3196, 27th European Safety and Reliability Conference, ESREL 2017, Portoroz, Slovenia, 18/06/17. https://doi.org/10.1201/9781315210469

    Model checking as a protective method against spurious actuation of industrial control systems. / Pakonen, Antti; Björkman, Kim.

    Safety and Reliability: Theory and Applications. ed. / Marko Cepin; Radim Briš. CRC Press, 2017. p. 3189-3196.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    TY - GEN

    T1 - Model checking as a protective method against spurious actuation of industrial control systems

    AU - Pakonen, Antti

    AU - Björkman, Kim

    N1 - Project code: 113347

    PY - 2017/1/1

    Y1 - 2017/1/1

    N2 - A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100% coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37% of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.

    AB - A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100% coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37% of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.

    UR - http://www.scopus.com/inward/record.url?scp=85047805069&partnerID=8YFLogxK

    U2 - 10.1201/9781315210469

    DO - 10.1201/9781315210469

    M3 - Conference article in proceedings

    SN - 978-1-138-62937-0

    SP - 3189

    EP - 3196

    BT - Safety and Reliability

    A2 - Cepin, Marko

    A2 - Briš, Radim

    PB - CRC Press

    ER -

    Pakonen A, Björkman K. Model checking as a protective method against spurious actuation of industrial control systems. In Cepin M, Briš R, editors, Safety and Reliability: Theory and Applications. CRC Press. 2017. p. 3189-3196 https://doi.org/10.1201/9781315210469