Information Technology Reference
In-Depth Information
requires manual work and genuine design decisions made by developers because it may
not be possible to express all the relevant aspects in models and all the relevant knowl-
edge about decision making in model transformations. To facilitate the manual design
work, we foresee that simulation techniques could provide a feasible solution and that
model-based techniques could facilitate the creation of the required simulation models.
Similarities between interlocks of basic control system and safety functions of safety
systems are remarkable. The main difference is that actual safety functions need to be
developed according to safety standards, such as IEC 61508 [7], which may require a
sophisticated development process, use of techniques recommended by the standards
and a detailed documentation about the system and the development activities used.
In their recommendations, standards are always conservative which may be one rea-
son why the use of model-based techniques in safety system development has been
unusual in the past. However, according to the present (second) edition of IEC 61508,
automatic software generation could aid the completeness and correctness of architec-
ture design as well as freedom from intrinsic design faults. Hence, the use of model-
based techniques in development of also safety-critical applications may be increasing
in near future. The question of how to develop safety-critical systems with model-based
techniques is thus both important and current but not addressed by many researchers,
so far.
However, Biehl et al. [1] have attempted to integrate safety analysis to model-based
software development in automotive industry in order to automate performing of safety-
analysis on refined models with minimal effort. In [21] the authors have extracted the
key safety-related concepts of RTCA DO-178B standard into a UML profile in order
to use them to facilitate the communication between different stakeholders in software
development.
3
Simulation of Interlocking Designs
The focus of this paper is in interlocking (or constraint control) functions of basic con-
trol systems, which are an important and challenging part of control system develop-
ment. Interlocks are control functions, the purpose of which is to either guarantee the
safety of the process or to keep the system in its designed operating state and protect the
devices and actuators from being misused by the control system. Quite often, safety is
achieved with a separate safety system so that the purpose of the interlocks is the latter
one.
Interlockings are typically designed during the basic design phase of the control
systems [20]. The amount of program code, related to interlockings is often smaller
than that of code related to basic control functionality. However, their development is
still time-consuming and prone to errors because interlocks cannot be reused similarly
as, for example, controllers can be. This is due to the fact that the actual interlocking
needs, logics and delays are always specific to the application. Solutions to re-occurring
needs in controlled processes can be librarized but even they need careful examinations
and potential modifications before re-use.
For industrial systems, interlocks are often specified with vendor neutral logic di-
agrams - or vendor specific logic and function block diagrams if the control system
Search WWH ::
Custom Search