Model checking of I&C software in the Loviisa NPP automation renewal project

Antti Pakonen, Janne Valkonen, Sami Matinaho, Markus Hartikainen

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientific

Abstract

Model checking is a formal method for verifying hardware and software designs. A software tool called a model checker is used to exhaustively verify that a system model fulfils stated properties. The exhaustiveness means that design errors can be found in systems that have already undergone V&V based on more traditional methods like testing and simulation. In this paper, we discuss the application of model checking in the verification of instrumentation and control (I&C) application software. As a practical example, we look at the third party verification service VTT has provided for Fortum in the Loviisa nuclear power plant automation renewal project. We also introduce the tools developed by VTT and Fortum for the model checking of I&C software based on function block diagrams. The experience of VTT (and others) has shown that the method is very powerful in the evaluation of function block based control software, particularly in safety-critical applications. Indeed, in Finland, model checking is already a well-established part of nuclear industry practices, as VTT has been evaluating the I&C systems of the Olkiluoto 3 plant for STUK, as well as supporting Fortum in the licensing of renewed systems for Loviisa. Fortum has also cooperated with VTT on the development of model checking tools. A graphical toolset based on the open source modelling and simulation platform Simantics has already been put to use in VTT projects. A long term objective is the commercialisation of the tools as part of the Apros product family, as well as integration into different engineering and modelling tools.
Original languageEnglish
Title of host publicationAutomaatio XXI Proceedings
PublisherFinnish Society of Automation
ISBN (Print)13 978-952-5183-46-7
Publication statusPublished - 2015
MoE publication typeB3 Non-refereed article in conference proceedings
EventAutomaatio XXI - Helsinki, Finland
Duration: 17 Mar 201518 Mar 2015

Publication series

SeriesSuomen automaatioseura. Julkaisusarja
Volume44

Seminar

SeminarAutomaatio XXI
CountryFinland
CityHelsinki
Period17/03/1518/03/15

Keywords

  • model checking
  • verification and validation
  • digital I&C
  • nuclear power

Fingerprint Dive into the research topics of 'Model checking of I&C software in the Loviisa NPP automation renewal project'. Together they form a unique fingerprint.

Cite this