Functional verification of distributed automation systems

Abstract

The demand of customer-specific products leads to a fundamental change to manufacturing facilities. To adapt the facilities to new product types, frequently occurring functionality changes in industrial automation systems are expected. Functionality changes are primarily implemented by software changes. These software changes within the operation phase can be implemented, for instance, by over-the-air software updates or ad hoc integration of new components. The effects of these changes are often difficult to estimate, especially in distributed automation systems. This mainly poses a challenge on production line operators, who are required to validate their automation systems after functionality changes have been executed. The goal of this contribution is to assist production line operators in the validation process of their automation systems after software changes. Formal verification methods can support the operators, due to its fully automated execution. However, the creation process of the behavior models needed for the formal verification is complex and error-prone. This is why formal verification is usually not used. Hence, a model-based technique is presented to automate this creation process. By means of this, the subsystem affected by the software change is automatically identified and subsequently a suitable input to a model-based verification tool is generated. The concept is based on the generation of a system model by composing the Petri net models of components within the automation system. In order to identify affected components, an impact analysis is performed, starting from the component in which a modification occurred. Followingly, a tailored subsystem is composed using the component models necessary for verification. This subsystem is applied to verify the system requirements for the affected components. To evaluate the applicability of the concept in the field of industrial automation, a distributed automation system was implemented. A service-oriented, OPC-UA-based, control network is thereby used to implement a technical process. Furthermore, a configuration interface enables change of the components at runtime. This emulates over-the-air updates and ad hoc networking. The concept is implemented with the demonstrator “TestIAS.” This test device detects software changes within the automation system and verifies them automatically according to the model-based approach presented. An empirical evaluation was performed with ten different reconfiguration scenarios showing functional changes. In addition, based on the time measurements of the time saving due to the impact analysis, the efficiency enhancement is substantiated.