Verification of fault tolerant safety I&C systems using model checking

Antti Pakonen, Igor Buzhinsky

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

7 Downloads (Pure)

Abstract

Model checking has been successfully used for detailed formal verification of instrumentation and control (IC) systems, as long as the focus has been on the application logic, alone. In safety-critical applications, fault tolerance is also an important aspect, but introducing IC hardware failure modes to the formal models comes at a significant computational cost. Previous attempts have led to state space explosion, and prohibitively long processing times. In this paper, we present a method for adding hardware component failures and communication delays into IC application logic models for the NuSMV symbolic model checker. Based on a case study built around a semi-fictitious, four-redundant nuclear power plant protection system, we demonstrate how even detailed system designs can be verified, if the focus is kept on single failure tolerance.
Original languageEnglish
Title of host publication2019 IEEE International Conference on Industrial Technology (ICIT)
PublisherIEEE Institute of Electrical and Electronic Engineers
Pages969-974
Number of pages6
ISBN (Electronic)978-1-5386-6376-9, 978-1-5386-6375-2
ISBN (Print)978-1-5386-6377-6
DOIs
Publication statusPublished - 1 Feb 2019
MoE publication typeA4 Article in a conference publication
Event2019 IEEE International Conference on Industrial Technology, ICIT 2019 - Melbourne, Australia
Duration: 13 Feb 201915 Feb 2019

Publication series

SeriesIEEE International Conference on Industrial Technology
ISSN2641-0184

Conference

Conference2019 IEEE International Conference on Industrial Technology, ICIT 2019
CountryAustralia
CityMelbourne
Period13/02/1915/02/19

Fingerprint

Model checking
Hardware
Fault tolerance
Failure modes
Nuclear power plants
Explosions
Systems analysis
Control systems
Communication
Processing
Costs

Keywords

  • Fault tolerance
  • Formal verification
  • Model checking

Cite this

Pakonen, A., & Buzhinsky, I. (2019). Verification of fault tolerant safety I&C systems using model checking. In 2019 IEEE International Conference on Industrial Technology (ICIT) (pp. 969-974). IEEE Institute of Electrical and Electronic Engineers . IEEE International Conference on Industrial Technology https://doi.org/10.1109/ICIT.2019.8755014
Pakonen, Antti ; Buzhinsky, Igor. / Verification of fault tolerant safety I&C systems using model checking. 2019 IEEE International Conference on Industrial Technology (ICIT). IEEE Institute of Electrical and Electronic Engineers , 2019. pp. 969-974 (IEEE International Conference on Industrial Technology).
@inproceedings{f77dcc6e0b7741b39f70971a475cef7d,
title = "Verification of fault tolerant safety I&C systems using model checking",
abstract = "Model checking has been successfully used for detailed formal verification of instrumentation and control (IC) systems, as long as the focus has been on the application logic, alone. In safety-critical applications, fault tolerance is also an important aspect, but introducing IC hardware failure modes to the formal models comes at a significant computational cost. Previous attempts have led to state space explosion, and prohibitively long processing times. In this paper, we present a method for adding hardware component failures and communication delays into IC application logic models for the NuSMV symbolic model checker. Based on a case study built around a semi-fictitious, four-redundant nuclear power plant protection system, we demonstrate how even detailed system designs can be verified, if the focus is kept on single failure tolerance.",
keywords = "Fault tolerance, Formal verification, Model checking",
author = "Antti Pakonen and Igor Buzhinsky",
year = "2019",
month = "2",
day = "1",
doi = "10.1109/ICIT.2019.8755014",
language = "English",
isbn = "978-1-5386-6377-6",
series = "IEEE International Conference on Industrial Technology",
publisher = "IEEE Institute of Electrical and Electronic Engineers",
pages = "969--974",
booktitle = "2019 IEEE International Conference on Industrial Technology (ICIT)",
address = "United States",

}

Pakonen, A & Buzhinsky, I 2019, Verification of fault tolerant safety I&C systems using model checking. in 2019 IEEE International Conference on Industrial Technology (ICIT). IEEE Institute of Electrical and Electronic Engineers , IEEE International Conference on Industrial Technology, pp. 969-974, 2019 IEEE International Conference on Industrial Technology, ICIT 2019, Melbourne, Australia, 13/02/19. https://doi.org/10.1109/ICIT.2019.8755014

Verification of fault tolerant safety I&C systems using model checking. / Pakonen, Antti; Buzhinsky, Igor.

2019 IEEE International Conference on Industrial Technology (ICIT). IEEE Institute of Electrical and Electronic Engineers , 2019. p. 969-974 (IEEE International Conference on Industrial Technology).

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Verification of fault tolerant safety I&C systems using model checking

AU - Pakonen, Antti

AU - Buzhinsky, Igor

PY - 2019/2/1

Y1 - 2019/2/1

N2 - Model checking has been successfully used for detailed formal verification of instrumentation and control (IC) systems, as long as the focus has been on the application logic, alone. In safety-critical applications, fault tolerance is also an important aspect, but introducing IC hardware failure modes to the formal models comes at a significant computational cost. Previous attempts have led to state space explosion, and prohibitively long processing times. In this paper, we present a method for adding hardware component failures and communication delays into IC application logic models for the NuSMV symbolic model checker. Based on a case study built around a semi-fictitious, four-redundant nuclear power plant protection system, we demonstrate how even detailed system designs can be verified, if the focus is kept on single failure tolerance.

AB - Model checking has been successfully used for detailed formal verification of instrumentation and control (IC) systems, as long as the focus has been on the application logic, alone. In safety-critical applications, fault tolerance is also an important aspect, but introducing IC hardware failure modes to the formal models comes at a significant computational cost. Previous attempts have led to state space explosion, and prohibitively long processing times. In this paper, we present a method for adding hardware component failures and communication delays into IC application logic models for the NuSMV symbolic model checker. Based on a case study built around a semi-fictitious, four-redundant nuclear power plant protection system, we demonstrate how even detailed system designs can be verified, if the focus is kept on single failure tolerance.

KW - Fault tolerance

KW - Formal verification

KW - Model checking

UR - http://www.scopus.com/inward/record.url?scp=85069054364&partnerID=8YFLogxK

U2 - 10.1109/ICIT.2019.8755014

DO - 10.1109/ICIT.2019.8755014

M3 - Conference article in proceedings

AN - SCOPUS:85069054364

SN - 978-1-5386-6377-6

T3 - IEEE International Conference on Industrial Technology

SP - 969

EP - 974

BT - 2019 IEEE International Conference on Industrial Technology (ICIT)

PB - IEEE Institute of Electrical and Electronic Engineers

ER -

Pakonen A, Buzhinsky I. Verification of fault tolerant safety I&C systems using model checking. In 2019 IEEE International Conference on Industrial Technology (ICIT). IEEE Institute of Electrical and Electronic Engineers . 2019. p. 969-974. (IEEE International Conference on Industrial Technology). https://doi.org/10.1109/ICIT.2019.8755014

Access to Document