Model checking of I&C software in the Loviisa NPP automation renewal project

Antti Pakonen, Janne Valkonen, Sami Matinaho, Markus Hartikainen

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientific

    Abstract

    Model checking is a formal method for verifying hardware and software designs. A software tool called a model checker is used to exhaustively verify that a system model fulfils stated properties. The exhaustiveness means that design errors can be found in systems that have already undergone V&V based on more traditional methods like testing and simulation. In this paper, we discuss the application of model checking in the verification of instrumentation and control (I&C) application software. As a practical example, we look at the third party verification service VTT has provided for Fortum in the Loviisa nuclear power plant automation renewal project. We also introduce the tools developed by VTT and Fortum for the model checking of I&C software based on function block diagrams. The experience of VTT (and others) has shown that the method is very powerful in the evaluation of function block based control software, particularly in safety-critical applications. Indeed, in Finland, model checking is already a well-established part of nuclear industry practices, as VTT has been evaluating the I&C systems of the Olkiluoto 3 plant for STUK, as well as supporting Fortum in the licensing of renewed systems for Loviisa. Fortum has also cooperated with VTT on the development of model checking tools. A graphical toolset based on the open source modelling and simulation platform Simantics has already been put to use in VTT projects. A long term objective is the commercialisation of the tools as part of the Apros product family, as well as integration into different engineering and modelling tools.
    Original languageEnglish
    Title of host publicationAutomaatio XXI Proceedings
    PublisherFinnish Society of Automation
    ISBN (Print)13 978-952-5183-46-7
    Publication statusPublished - 2015
    MoE publication typeB3 Non-refereed article in conference proceedings
    EventAutomaatio XXI - Helsinki, Finland
    Duration: 17 Mar 201518 Mar 2015

    Publication series

    SeriesSuomen automaatioseura. Julkaisusarja
    Volume44

    Seminar

    SeminarAutomaatio XXI
    Country/TerritoryFinland
    CityHelsinki
    Period17/03/1518/03/15

    Keywords

    • model checking
    • verification and validation
    • digital I&C
    • nuclear power

    Fingerprint

    Dive into the research topics of 'Model checking of I&C software in the Loviisa NPP automation renewal project'. Together they form a unique fingerprint.

    Cite this