Transformation of non-standard nuclear IC logic drawings to formal verification models

摘要

Model checking methods have been proven to be a valuable asset for identifying undesired behaviour of safety-critical Instrumentation and Control (I&C) logics. Their application in the nuclear domain has been very successful and has triggered significant interest from the safety community. Creating formal models from the diagrams found on paper or from digital formats without the needed semantics is one bottleneck that hinders the adoption of model checking due to costs in time and may introduce errors. This paper proposes a methodology for the creation of formal models from I&C diagrams drawn in generic modelling tools (lacking specific I&C semantics). The generic I&C logic diagram is transformed into an intermediate UML model that in turn can be transformed to other target formats like IEC 61131 PLCopen XML I&C software or NuSMV formal model code. This methodology is demonstrated with a typical example of a trip signal generator application logic. This application logic is drawn in MS Visio, it is transformed to an I&C model in UML with the needed properties for model checking, then to IEC 61131 PLCopen XML and to an input file for the NuSMV model checker.