Safe Embedded Systems
219
Safe Embedded Systems
Specification of fault-tolerant systems, verification and validation of safety-critical systems
Prof. Dr. Julien Provost
Design to Test
Dynamic Software Update of Programmable Controllers
Validation by testing is a mandatory
procedure for safety-critical controllers.
However, the validation of a logic con-
troller is often only considered in the later
phases of its development. Thus, if spe-
cific non-functional requirements related
to testing are not initially considered in the
specification models, this could lead to
the impossibility of validating the behavior
of a controller by means of testing.
Design-to-test approaches aim at
improving the testability of controllers
and reducing the additional human
Current industrial automation plants
are controlled by programmable logic
controllers (PLC), soft-PLCs or indus-
trial PCs. Although the programming
interface remains unchanged, using a
software-based PLC or an industrial PC
enables the implementation of features
that were impossible to realize on a hard-
ware-based PLC. One of these features is
the dynamic software updating (DSU).
Since the lifetime of a production facility
can be very long, it is inevitable that its
software must be updated at some point.
This may include the implementation of
new features, an increase in performance,
or simple bug fixes. Depending on how
severe this change is, the update of the
facility may not be feasible due to down-
times caused by the shutdown, update
and restart phases of the plant. By using
DSU, modifications of the model can still
be prepared offline and follow the same
modeling procedure, but the downtime
can be drastically decreased and in the
best case completely eliminated, thus
increasing the productivity of the plant.
In 2016, SES investigated the feasibility
workload required to reliably test critical
logic controllers. In 2016, SES further
developed and implemented a design-to-
test approach for discrete event systems.
The current focus of this project is the
generalization of this approach to be able
to consider larger models which cannot be
tested exhaustively.
Projects
n
TUM – Design-to-test approach for
black-box testing of programmable
controllers
of dynamic software updating in the field
of production automation. Proofs of con-
cepts have been developed for MATLAB
Stateflow and IEC 61499 models, and
successfully applied to small case studies.
Projects
n
TUM – Dynamic software update of
programmable controllers
n
The focus of the Assistant Professorship of Safe Embedded Systems
(SES) in 2016 was to further develop methods and approaches in the
fields of specification and validation of safety-critical distributed appli-
cations.
www.ses.mw.tum.de julien.provost@tum.dePhone +49.89.289.16424
Contact
The concept of reprogramming a controller at runtime
(old version in blue, new version in orange)