Rigorous Development of a Safety-Cr System Based on Coordinated Atomic Actions
نویسندگان
چکیده
This paper describes our experience in using coordinated atomic (CA) actions as a system structuring tool to design and validate a sophisticated control system for a complex industrial application that has high reliability and safety requirements. Our study is based on an extended production cell model, the specification and simulator for which were defined and developed by FZI (Forschungszentrum Informatik, Germany). This “Fault-Tolerant Production Cell” represents a manufacturing process involving redundant mechanical devices (provided in order to allow continued production in the presence of machine faults). The challenge posed by the model specification is to design a control system that maintains specified safety and liveness properties even in the presence of a large number and variety of device and sensor failures. Based on an analysis of possible such failures, we provide in this paper details of: i) a design for a control program that uses CA actions to deal with both safety-related and fault tolerance concerns, and ii) the formal verification of this design based on the use of model-checking. We found that CA action structuring facilitated both the design and verification tasks by enabling the various safety problems (involving possible clashes of moving machinery) to be treated independently. Even complex situations involving the concurrent occurrence of any pairs of the many possible mechanical and sensor failures can be handled simply yet appropriately. The formal verification activity was performed in parallel with the design activity and the interaction between them resulted in a combined exercise in “design for validation”; formal verification was very valuable in identifying some very subtle residual bugs in early versions of our design which would have been difficult to detect otherwise.
منابع مشابه
Coordinated Atomic Actions: Formal Model, Case Study and System Implementation
The Coordinated Atomic Action (or CA action) concept is a unified scheme for coordinating complex concurrent activities and supporting error recovery between multiple interacting components in a distributed object system. It provides a conceptual framework for dealing with different kinds of concurrency and achieving fault tolerance by integrating and extending two complementary concepts — conv...
متن کاملUsing Coordinated Atomic Actions to Design Safety-Critical Systems: a Production Cell Case Study
Coordinated Atomic actions (CA actions) are a unified approach to structuring complex concurrent activities and supporting error recovery between multiple interacting objects in object-oriented systems. This paper explains how we have used the CA action concept to design and implement a safety-critical application. We have used the Production Cell model that was developed in the Forschungszentr...
متن کاملVoltage Coordination of FACTS Devices in Power Systems Using RL-Based Multi-Agent Systems
This paper describes how multi-agent system technology can be used as the underpinning platform for voltage control in power systems. In this study, some FACTS (flexible AC transmission systems) devices are properly designed to coordinate their decisions and actions in order to provide a coordinated secondary voltage control mechanism based on multi-agent theory. Each device here is modeled as ...
متن کاملDeveloping Control Software for Production Cell II: Failure Analysis and System Design Using CA Actions
This paper describes our experience using coordinated atomic (CA) actions as a system structuring tool to design a sophisticated control system for a complex industrial application that has high reliability and safety requirements. Our study is based on an extended production cell model, the specification and simulator for which were defined and developed by FZI (Forschungszentrum Informatik, G...
متن کاملCoordinated Atomic Actions in Modelling Objects Cooperation
Systems are defined by their components and the relationships among their components, hence when modelling systems using an objectoriented (OO) approach, objects alone are insufficient to describe the system behaviour. There is also the need to represent relationships between objects in terms of cooperations for the accomplishment of a particular task. The approach described in this paper makes...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1999