Model checking as a protective method against spurious actuation of industrial control systems

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

5 Citations (Scopus)
22 Downloads (Pure)

Abstract

A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100% coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37% of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.

Original languageEnglish
Title of host publicationSafety and Reliability
Subtitle of host publicationTheory and Applications
EditorsMarko Cepin, Radim Briš
PublisherCRC Press
Pages3189-3196
Number of pages8
ISBN (Electronic)978-1-351-80973-3
ISBN (Print)978-1-138-62937-0
DOIs
Publication statusPublished - 1 Jan 2017
MoE publication typeNot Eligible
Event27th European Safety and Reliability Conference, ESREL 2017 - Portoroz, Slovenia
Duration: 18 Jun 201722 Jun 2017

Conference

Conference27th European Safety and Reliability Conference, ESREL 2017
Abbreviated titleESREL 2017
CountrySlovenia
CityPortoroz
Period18/06/1722/06/17

Fingerprint

Model checking
Control systems
Logic design
Nuclear industry
Failure modes
Formal verification

Cite this

Pakonen, A., & Björkman, K. (2017). Model checking as a protective method against spurious actuation of industrial control systems. In M. Cepin, & R. Briš (Eds.), Safety and Reliability: Theory and Applications (pp. 3189-3196). CRC Press. https://doi.org/10.1201/9781315210469
Pakonen, Antti ; Björkman, Kim. / Model checking as a protective method against spurious actuation of industrial control systems. Safety and Reliability: Theory and Applications. editor / Marko Cepin ; Radim Briš. CRC Press, 2017. pp. 3189-3196
@inproceedings{03454d71b7d148f2ad98e27c6c167f65,
title = "Model checking as a protective method against spurious actuation of industrial control systems",
abstract = "A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100{\%} coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37{\%} of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.",
author = "Antti Pakonen and Kim Bj{\"o}rkman",
note = "Project code: 113347",
year = "2017",
month = "1",
day = "1",
doi = "10.1201/9781315210469",
language = "English",
isbn = "978-1-138-62937-0",
pages = "3189--3196",
editor = "Marko Cepin and Radim Briš",
booktitle = "Safety and Reliability",
publisher = "CRC Press",
address = "United States",

}

Pakonen, A & Björkman, K 2017, Model checking as a protective method against spurious actuation of industrial control systems. in M Cepin & R Briš (eds), Safety and Reliability: Theory and Applications. CRC Press, pp. 3189-3196, 27th European Safety and Reliability Conference, ESREL 2017, Portoroz, Slovenia, 18/06/17. https://doi.org/10.1201/9781315210469

Model checking as a protective method against spurious actuation of industrial control systems. / Pakonen, Antti; Björkman, Kim.

Safety and Reliability: Theory and Applications. ed. / Marko Cepin; Radim Briš. CRC Press, 2017. p. 3189-3196.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Model checking as a protective method against spurious actuation of industrial control systems

AU - Pakonen, Antti

AU - Björkman, Kim

N1 - Project code: 113347

PY - 2017/1/1

Y1 - 2017/1/1

N2 - A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100% coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37% of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.

AB - A spurious actuation of an industrial Instrumentation and Control (I&C) system is a failure mode where a system component inadvertently performs a function without a justified reason to do so. Design issues leading to such failures are very difficult to analyze, but pose a high risk for safety. Model checking is a formal verification method, that can enable—through exhaustive analysis against stated properties - 100% coverage against spurious actuation scenarios, as well. In this paper, we introduce a modeling approach for the verification of I&C system application logic design. We then discuss the verification of properties related to spurious actuation, in particular. Finally, we present data collected from customer projects VTT has carried out in the Finnish nuclear industry. About 37% of the design issues we have identified are related to spurious actuation, proving that model checking can effectively be used as a protective method against such scenarios.

UR - http://www.scopus.com/inward/record.url?scp=85047805069&partnerID=8YFLogxK

U2 - 10.1201/9781315210469

DO - 10.1201/9781315210469

M3 - Conference article in proceedings

SN - 978-1-138-62937-0

SP - 3189

EP - 3196

BT - Safety and Reliability

A2 - Cepin, Marko

A2 - Briš, Radim

PB - CRC Press

ER -

Pakonen A, Björkman K. Model checking as a protective method against spurious actuation of industrial control systems. In Cepin M, Briš R, editors, Safety and Reliability: Theory and Applications. CRC Press. 2017. p. 3189-3196 https://doi.org/10.1201/9781315210469