Verification of fault tolerant safety I&C systems using model checking
A Pakonen, I Buzhinsky - 2019 IEEE International Conference …, 2019 - ieeexplore.ieee.org
2019 IEEE International Conference on Industrial Technology (ICIT), 2019•ieeexplore.ieee.org
Model checking has been successfully used for detailed formal verification of
instrumentation and control (I&C) systems, as long as the focus has been on the application
logic, alone. In safety-critical applications, fault tolerance is also an important aspect, but
introducing I&C hardware failure modes to the formal models comes at a significant
computational cost. Previous attempts have led to state space explosion, and prohibitively
long processing times. In this paper, we present a method for adding hardware component …
instrumentation and control (I&C) systems, as long as the focus has been on the application
logic, alone. In safety-critical applications, fault tolerance is also an important aspect, but
introducing I&C hardware failure modes to the formal models comes at a significant
computational cost. Previous attempts have led to state space explosion, and prohibitively
long processing times. In this paper, we present a method for adding hardware component …
Model checking has been successfully used for detailed formal verification of instrumentation and control (I&C) systems, as long as the focus has been on the application logic, alone. In safety-critical applications, fault tolerance is also an important aspect, but introducing I&C hardware failure modes to the formal models comes at a significant computational cost. Previous attempts have led to state space explosion, and prohibitively long processing times. In this paper, we present a method for adding hardware component failures and communication delays into I&C application logic models for the NuSMV symbolic model checker. Based on a case study built around a semi-fictitious, four-redundant nuclear power plant protection system, we demonstrate how even detailed system designs can be verified, if the focus is kept on single failure tolerance.
ieeexplore.ieee.org
Showing the best result for this search. See all results