**1. Introduction**

The chapter presents a novel approach to formal verification of logic controller programs [2], focusing especially on reconfigurable logic controllers (RLCs). Control Interpreted Petri Nets [8] are used as formal specification of logic controller behavior. The approach proposes to use an abstract rule-based logical model presented at RTL-level. A Control Interpreted Petri Net is written as a logical model, and then processed further. Proposed logical model (Figure 1) is suitable both for formal verification [14] (model checking in the NuSMV tool [19]) and for logical synthesis (using hardware description language VHDL).

Model checking [7, 10] of prepared logical model allows to validate the primary specification of logic controller. It is possible to verify some user-defined properties, which are supposed to be satisfied in designed system.

Logical model derived from a Control Interpreted Petri Nets presented at RTL-level (*Register Transfer Level*) in such a way, that it is easily synthesizable as reconfigurable logic controller or PLC (*Programmable Logic Controller*) without additional changes.

Design methodology at RTL-level allows to convert an algorithm into hardware realization and to use the conception of variables and sequential operation performing. Project

> © 2012 Grobelna, licensee InTech. This is an open access chapter distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/3.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. © 2012 Grobelna, licensee InTech. This is a paper distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/3.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

description in VHDL language is a specification accepted by synthesis tools at RTL-level [23]. Therefore, logical model is transformed into synthesizable code in VHDL language.

Control Interpreted Petri Nets – Model Checking and Synthesis 179

CIPN = (PN, X, Y, ρ, λ, γ) (1)

Formally, a Control Interpreted Petri Net can be defined as a six-tuple:




**3. Novel approach to formal verification of logic controller specification** 

**3.1. Rule-based logical model of a Control Interpreted Petri Net** 

functionality, changes of logic controller output and input signal values.

system behaviour and operates on internal system states.

**Figure 3.** Moore digital automaton with inputs and outputs register

Control Interpreted Petri Net is first written as an abstract rule-based logical model. Then, basing on that model two other models are built – a verifiable model for the NuSMV model checker (described in details in section 3.2, together with requirements list definition expressed in temporal logic) and a synthesizable model in VHDL (for reconfigurable logic controllers, discussed in section 4). Thanks to proposed methodology, synthesized model is formally verified before the implementation and the two models are fully consistent with

Proposed rule-based logical model used for synthesis and verification purposes is an intermediate format describing desired behaviour of designed logic controller [13, 14]. Model includes variables definition and their initial values, rules describing net

Proposed logical model reflects the behaviour of Moore digital automaton with inputs register (optionally) and outputs register (Figure 3). Combinational circuit (*CC*) controls

where:

each other.


output states *Y(M),*

*2X* states for the set of all possible subsets of *X,*

assigns the subset of output states *Y.*

Presented approach to formal verification of reconfigurable logic controllers was tested on several examples of industrial specifications by means of Control Interpreted Petri Nets. Specifications were firstly written as logical models, then transformed into appropriate formats, and finally formally verified (with some properties added) and synthesized.

As a support for testing, a tool has been developed, which allows automatic transformation of logical model into model description in the NuSMV format and into synthesizable code in hardware description language VHDL.

Rules for definition of rule-based logical model and model description in the NuSMV tool are described in section 3, while rules for synthesizable model definition in VHDL are given in section 4.
