Verification of automated changeover swithcing unit by model checking

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

2 Citations (Scopus)

Abstract

Along with new NPP designs and modernization projects of ageing NPPs there is an ongoing transition from analogue to digital technology in I&C systems. Programmable digital logic controllers enable more complicated control tasks and, thus, exhaustive verification of such systems by traditional methods is a difficult task. This difficulty is emphasized in cases where digitally implemented systems are combined with old analogue systems. Model checking is a computer-aided method developed for formal verification of correct functioning of a system design by examining all possible behaviors of a model of the system. This paper examines the use of model checking for the verification of a changeover switching unit for a busbar and also summarizes past experiences of utilizing model checking in verification of I&C logic designs. The switching unit is composed of an analogue control logic and a digital malfunction protection relay. The system was analyzed using the NuSMV model checking tool tailored for analysis of systems with a large number of inputs. The case study of this paper expands a series of studies on the applicability of model checking for the verification of NPP automation systems by introducing the problem of state space explosion caused by timing properties. Previous case studies have clearly demonstrated the benefits of model checking in the verification and licensing of digital automation. The analysis of the switching unit demonstrated that model checking is also useful in the verification of I&C systems combining analogue and digital technology, regardless some limitations of the NuSMV tool.
Original languageEnglish
Title of host publicationProceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010
Place of PublicationLaGrange, Park, Illinois
PublisherAmerican Nuclear Society ANS
Pages1719-1728
Volume3
ISBN (Electronic)978-0-8944-8084-3
ISBN (Print)978-1-6178-2266-7
Publication statusPublished - 2010
MoE publication typeA4 Article in a conference publication
Event7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC-HMIT 2010 - Las Vegas, Nevada, United States
Duration: 7 Nov 201011 Nov 2010

Conference

Conference7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC-HMIT 2010
Abbreviated titleNPIC-HMIT 2010
CountryUnited States
CityLas Vegas, Nevada
Period7/11/1011/11/10

Fingerprint

Model checking
Automation
Busbars
Logic design
Relay protection
Modernization
Explosions
Aging of materials
Systems analysis
Controllers

Keywords

  • safety logic
  • model checking
  • verification
  • changeover switching unit

Cite this

Björkman, K., Valkonen, J., & Ranta, J. (2010). Verification of automated changeover swithcing unit by model checking. In Proceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010 (Vol. 3, pp. 1719-1728). LaGrange, Park, Illinois: American Nuclear Society ANS.
Björkman, Kim ; Valkonen, Janne ; Ranta, Jukka. / Verification of automated changeover swithcing unit by model checking. Proceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010. Vol. 3 LaGrange, Park, Illinois : American Nuclear Society ANS, 2010. pp. 1719-1728
@inproceedings{ab50412a55504ba8a62f4a90ff75cc86,
title = "Verification of automated changeover swithcing unit by model checking",
abstract = "Along with new NPP designs and modernization projects of ageing NPPs there is an ongoing transition from analogue to digital technology in I&C systems. Programmable digital logic controllers enable more complicated control tasks and, thus, exhaustive verification of such systems by traditional methods is a difficult task. This difficulty is emphasized in cases where digitally implemented systems are combined with old analogue systems. Model checking is a computer-aided method developed for formal verification of correct functioning of a system design by examining all possible behaviors of a model of the system. This paper examines the use of model checking for the verification of a changeover switching unit for a busbar and also summarizes past experiences of utilizing model checking in verification of I&C logic designs. The switching unit is composed of an analogue control logic and a digital malfunction protection relay. The system was analyzed using the NuSMV model checking tool tailored for analysis of systems with a large number of inputs. The case study of this paper expands a series of studies on the applicability of model checking for the verification of NPP automation systems by introducing the problem of state space explosion caused by timing properties. Previous case studies have clearly demonstrated the benefits of model checking in the verification and licensing of digital automation. The analysis of the switching unit demonstrated that model checking is also useful in the verification of I&C systems combining analogue and digital technology, regardless some limitations of the NuSMV tool.",
keywords = "safety logic, model checking, verification, changeover switching unit",
author = "Kim Bj{\"o}rkman and Janne Valkonen and Jukka Ranta",
note = "Project code: 41251",
year = "2010",
language = "English",
isbn = "978-1-6178-2266-7",
volume = "3",
pages = "1719--1728",
booktitle = "Proceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010",
publisher = "American Nuclear Society ANS",
address = "United States",

}

Björkman, K, Valkonen, J & Ranta, J 2010, Verification of automated changeover swithcing unit by model checking. in Proceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010. vol. 3, American Nuclear Society ANS, LaGrange, Park, Illinois, pp. 1719-1728, 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC-HMIT 2010, Las Vegas, Nevada, United States, 7/11/10.

Verification of automated changeover swithcing unit by model checking. / Björkman, Kim; Valkonen, Janne; Ranta, Jukka.

Proceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010. Vol. 3 LaGrange, Park, Illinois : American Nuclear Society ANS, 2010. p. 1719-1728.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Verification of automated changeover swithcing unit by model checking

AU - Björkman, Kim

AU - Valkonen, Janne

AU - Ranta, Jukka

N1 - Project code: 41251

PY - 2010

Y1 - 2010

N2 - Along with new NPP designs and modernization projects of ageing NPPs there is an ongoing transition from analogue to digital technology in I&C systems. Programmable digital logic controllers enable more complicated control tasks and, thus, exhaustive verification of such systems by traditional methods is a difficult task. This difficulty is emphasized in cases where digitally implemented systems are combined with old analogue systems. Model checking is a computer-aided method developed for formal verification of correct functioning of a system design by examining all possible behaviors of a model of the system. This paper examines the use of model checking for the verification of a changeover switching unit for a busbar and also summarizes past experiences of utilizing model checking in verification of I&C logic designs. The switching unit is composed of an analogue control logic and a digital malfunction protection relay. The system was analyzed using the NuSMV model checking tool tailored for analysis of systems with a large number of inputs. The case study of this paper expands a series of studies on the applicability of model checking for the verification of NPP automation systems by introducing the problem of state space explosion caused by timing properties. Previous case studies have clearly demonstrated the benefits of model checking in the verification and licensing of digital automation. The analysis of the switching unit demonstrated that model checking is also useful in the verification of I&C systems combining analogue and digital technology, regardless some limitations of the NuSMV tool.

AB - Along with new NPP designs and modernization projects of ageing NPPs there is an ongoing transition from analogue to digital technology in I&C systems. Programmable digital logic controllers enable more complicated control tasks and, thus, exhaustive verification of such systems by traditional methods is a difficult task. This difficulty is emphasized in cases where digitally implemented systems are combined with old analogue systems. Model checking is a computer-aided method developed for formal verification of correct functioning of a system design by examining all possible behaviors of a model of the system. This paper examines the use of model checking for the verification of a changeover switching unit for a busbar and also summarizes past experiences of utilizing model checking in verification of I&C logic designs. The switching unit is composed of an analogue control logic and a digital malfunction protection relay. The system was analyzed using the NuSMV model checking tool tailored for analysis of systems with a large number of inputs. The case study of this paper expands a series of studies on the applicability of model checking for the verification of NPP automation systems by introducing the problem of state space explosion caused by timing properties. Previous case studies have clearly demonstrated the benefits of model checking in the verification and licensing of digital automation. The analysis of the switching unit demonstrated that model checking is also useful in the verification of I&C systems combining analogue and digital technology, regardless some limitations of the NuSMV tool.

KW - safety logic

KW - model checking

KW - verification

KW - changeover switching unit

M3 - Conference article in proceedings

SN - 978-1-6178-2266-7

VL - 3

SP - 1719

EP - 1728

BT - Proceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010

PB - American Nuclear Society ANS

CY - LaGrange, Park, Illinois

ER -

Björkman K, Valkonen J, Ranta J. Verification of automated changeover swithcing unit by model checking. In Proceedings of 7th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, NPIC & HMIT 2010. Vol. 3. LaGrange, Park, Illinois: American Nuclear Society ANS. 2010. p. 1719-1728