Translation of IEC 61131-3 Function Block Diagrams to PVS for Formal Verification with Real-Time Nuclear Application

Newell, Josh; Pang, Linna; Tremaine, David; Wassyng, Alan; Lawford, Mark

doi:10.1007/s10817-017-9415-7

Cited by 9 publications

(7 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…a) PLC Program Level At the level of software design, prior researches such as [173]- [176] have delved into the structured representation of general program actions. Those studies mentioned transformed programs into automata [166] and Petri nets [167], as these forms were well supported by already existing formal verification frameworks [173].…”

Section: ) Behavior Modelingmentioning

confidence: 99%

“…The entire program was depicted as an interconnected set of automata, wherein transitions captured alterations in variable values across different execution cycles, and synchronization pairs indicated coordinated transitions involving function calls. In a similar approach, Newell et al [176] translated FBD programs into models using the Prototype Verification System (PVS), as certain nuclear power plants specifically supported this representation. Kottler et al [115] dedicated their efforts to assessing the reliability of PLC programs written in LD and ST languages, aiming to identify specific vulnerabilities related to security.…”

Section: ) Behavior Modelingmentioning

confidence: 99%

See 1 more Smart Citation

Security of Programmable Logic Controllers and Related Systems: Today and Tomorrow

Alsabbagh,

Langendörfer

2023

IEEE Open J. Ind. Electron. Soc.

View full text Add to dashboard Cite

Programmable Logic Controllers (PLCs) are indispensable in Critical Infrastructures (CIs) and Industrial Control Systems (ICSs). The increasing demand for enhanced cost-effectiveness and production efficiency has driven automation manufacturers to integrate PLC based applications and systems with external networks, such as Internet. Unfortunately, this connectivity has exposed systems to potential malicious attacks from motivated adversaries. Addressing this pressing issue necessitates a comprehensive summary of ongoing research related to PLCs and their related systems. This summary should classify these systems based on disclosed vulnerabilities, potential threats, and proposed security solutions, catering to both scientists and industrial engineers. While several recent surveys have reviewed and discussed PLC security and related topics, they often fell short of covering all essential aspects comprehensively. Furthermore, prior surveys tended to focus on analyzing vulnerabilities at the system level, overlooking the vulnerabilities specific to PLCs themselves. Consequently, their findings failed to effectively secure current operational systems or propose improved solutions for future PLC designs. In this paper, we bridge this research gap by providing a detailed review of all aspects concerning the security of PLCs and related systems. This includes vulnerabilities, potential attacks, security solutions including digital forensics. We aim to offer a precise analysis, addressing the shortcomings of previous studies. Finally, we conclude the paper by presenting our recommendations tailored for PLC manufacturers, researchers and engineers. We hope that these recommendations will contribute to the development of more secure PLCs in the future.

show abstract

Section: ) Behavior Modelingmentioning

confidence: 99%

Section: ) Behavior Modelingmentioning

confidence: 99%

Security of Programmable Logic Controllers and Related Systems: Today and Tomorrow

Alsabbagh,

Langendörfer

2023

IEEE Open J. Ind. Electron. Soc.

View full text Add to dashboard Cite

show abstract

“…Domain experts usually have less expertise in formal verification, therefore it is challenging to generate accurate specification [94], [141]. Even through the specification is accurate, sometimes only a certain format is available [119].…”

Section: B Research Efforts 1) Stagementioning

confidence: 99%

“…In 2018, the Darlington Nuclear Power Generating Station requested a rigorous verification of the FBD control logic automating the power generation [119] The quality assurance program requires the specification to be written in tabular expressions. Newell [119] presented a method to rigorously translate FBD language to tabular expressions and prove with a mathematical model in PVS theorem proving tool.…”

Section: B Research Efforts 1) Stagementioning

confidence: 99%

SoK: Attacks on Industrial Control Logic and Formal Verification-Based Defenses

Sun¹,

Mera²,

Lu³

et al. 2020

Preprint

View full text Add to dashboard Cite

Control logic programs play a critical role in industrial control systems. A vulnerable control logic could lead to devastating consequences in the physical processes, as shown in Stuxnet and similar attacks. Over the years, academic and industrial researchers have investigated various fault injection and modification attacks on control logic as well as formal verification-based defenses. Although formal verification techniques have in general improved the quality of control logic programs, we find a significant gap between the academic research and the industry practices in defending against attacks on control logic. Besides, the future research directions remain unclear as to protect control logic from the ever-expanding attack surface partly caused by the increasing needs for interconnectivity.This work fills the gap by systematizing the knowledge of control logic modification attacks and the formal verificationbased defenses. Our study covers the full chain of developing and deploying control logic programs, from engineering stations to target PLC. The primary goals of the systematization are (1) to explore the evolving technology and security landscape surrounding control logic programs, (2) to investigate newly emerged attack surfaces on PLC systems and the formal verificationbased defenses, and (3) to identify the open challenges and needs that existing formal verification based-defenses failed to address. Based on the knowledge systematization, we provide a set of recommendations for both academic researchers and industry practitioners to better focus their work on countering critical and emerging threats.

show abstract

“…PLCverif has been subsequently extended to provide support for all five programming languages of the IEC 61131-3 standard [101], [102]. A transformation of IEC 61131-3 programs into PVS specifications to allow theorem proving is presented in [103]. This was done to mandated requirement of applying formal verification to such safety systems.…”

Section: Formal Verificationmentioning

confidence: 99%

A Survey of Static Formal Methods for Building Dependable Industrial Automation Systems

Sinha

Patil

Gomes

et al. 2019

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

Industrial automation systems (IAS) need to be highly dependable; they should not merely function as expected but also do so in a reliable, safe, and secure manner. Formal methods are mathematical techniques that can greatly aid in developing dependable systems and can be used across all phases of the system development life cycle (SDLC), including requirements engineering, system design and implementation, verification and validation (testing), maintenance, and even documentation. This state-of-the-art survey reports existing formal approaches for creating more dependable IAS, focusing on static formal methods that are used before a system is completely implemented. We categorize surveyed works based on the phases of the SDLC, allowing us to identify research gaps and promising future directions for each phase.

show abstract

Translation of IEC 61131-3 Function Block Diagrams to PVS for Formal Verification with Real-Time Nuclear Application

Cited by 9 publications

References 11 publications

Security of Programmable Logic Controllers and Related Systems: Today and Tomorrow

Security of Programmable Logic Controllers and Related Systems: Today and Tomorrow

SoK: Attacks on Industrial Control Logic and Formal Verification-Based Defenses

A Survey of Static Formal Methods for Building Dependable Industrial Automation Systems

Contact Info

Product

Resources

About