Formal Specification and Verification for Automated Production Systems

Complex industrial control software often drives safety- and mission-critical systems, like automated production plants or control units embedded into devices in automotive systems. Such controllers have in common that they are reactive systems, i.e., that they periodically read sensor stimuli and cyclically execute the same program to produce actuator signals. The correctness of software for automated production is rarely verified using formal techniques. Although, due to the Industrial Revolution 4.0 (IR4.0), the impact and importance of software have become an important role in industrial automation. What is used instead in industrial practice today is testing and simulation, where individual test cases are used to validate an automated production system. Three reasons why formal methods are not popular are: (a) It is difficult to adequately formulate the desired temporal properties. (b) There is a lack of specification languages for reactive systems that are both sufficiently expressive and comprehensible for practitioners. (c) Due to the lack of an environment model the obtained results are imprecise. Nonetheless, formal methods for automated production systems are well studied academically---mainly on the verification of safety properties via model checking. In this doctoral thesis we present the concept of (1) generalized test tables (GTTs), a new specification language for functional properties, and their extension (2) relational test tables (RTTs) for relational properties. The concept includes the syntactical notion, designed for the intuition of engineers, and the semantics, which are based on game theory. We use RTTs for a novel confidential property on reactive systems, the provably forgetting of information. Moreover, for regression verification, an important relational property, we are able to achieve performance improvements by (3) creating a decomposing rule which splits large proofs into small sub-task. We implemented the verification procedures and evaluated them against realistic case studies, e.g., the Pick-and-Place-Unit from the Technical University of Munich. The presented contribution follows the idea of lowering the obstacle of verifying the dependability of reactive systems in general, and automated production systems in particular for the engineer either by introducing a new specification language (GTTs), by exploiting existing programs for the specification (RTTs, regression verification), or by improving the verification performance

Collision-free path coordination and cycle time optimization of industrial robot cells

In industry, short ramp-up times, product quality, product customization and high production rates are among the main drivers of technological progress. This is especially true for automotive manufacturers whose market is very competitive, constantly pushing for new solutions. In this industry, many of the processes are carried out by robots: for example, operations such as stud/spot welding, sealing, painting and inspection. Besides higher production rates, the improvement of these processes is important from a sustainability perspective, since an optimized equipment utilization may be achieved, in terms of resources used, including such things as robots, energy, and physical prototyping. The achievements of such goals may, nowadays, be reached also thanks to virtual methods, which make modeling, simulation and optimization of industrial processes possible. The work in this thesis may be positioned in this area and focuses on virtual product and production development for throughput improvement of robotics processes in the automotive industry. Specifically, the thesis presents methods, algorithms and tools to avoid collisions and minimize cycle time in multi-robot stations. It starts with an overview of the problem, providing insights into the relationship between the volumes shared by the robots\u27 workspaces and more abstract modeling spaces. It then describes a computational method for minimizing cycle time when robot paths are geometrically fixed and only velocity tuning is allowed to avoid collisions. Additional requirements are considered for running these solutions in industrial setups, specifically the time delays introduced when stopping robots to exchange information with a programmable logic controller (PLC). A post-processing step is suggested, with algorithms taking into account these practical constraints. When no communication at all with the PLC is highly desirable, a method of providing such programs is described to give completely separated robot workspaces. Finally, when this is not possible (in very cluttered environments and with densely distributed tasks, for example), robot routes are modified by changing the order of operations to avoid collisions between robots.In summary, by requiring fewer iterations between different planning stages, using automatic tools to optimize the process and by reducing physical prototyping, the research presented in this thesis (and the corresponding implementation in software platforms) will improve virtual product and production realization for robotic applications

The design and use of a digital radio telemetry system for measuring internal combustion engine piston parameters.

During the course of this project, a digital radio telemetry system has been designed and shown to be capable of measuring parameters from the piston of an internal combustion engine, under load. The impetus for the work stems from the need to sample the appropriate data required for oil degradation analysis and the unavailability of system to perform such sampling. The prototype system was designed for installation within a small Norton Villiers C-30 industrial engine. This choice of engine presented significant design challenges due to the small size of the engine (components and construction) and the crankcase environment. These challenges were manifest in the choice of carrier frequency, antenna size and location, modulation scheme, data encoding scheme, signal attenuation, error checking and correction, choice of components, manufacturing techniques and physical mounting to reciprocating parts. In order to overcome these challenges detailed analysis of the radio frequency spectrum was undertaken in order to minimise attenuation from mechanisms such as, absorption, reflection, motion, spatial arrangement and noise. Another aspect of the project concerned the development of a flexible modus operandi in order to facilitate a number of sampling regimes. In order to achieve such flexibility a two-way communication protocol was implemented enabling the sampling system to be programmed into a particular mode of operation, while in use. Additionally the system was designed to accommodate the range of signals output from most transducer devices. The sampling capabilities of the prototype system were extended by enabling the system to support multiple transducers providing a mixture of output signals; for example both analogue and digital signals have been sampled. Additionally, a facility to sample data in response to triggering stimuli has been tested; specifically a sampling trigger may be derived from the motion of the piston via an accelerometer. Ancillary components, such as interface hardware and software, have been developed which are suitable for the recording of data accessed by the system. This work has demonstrated that multi-transducer, mixed signal monitoring of piston parameters, (such as temperature, acceleration etc.) using a two-way, programmable, digital radio frequency telemetry system is not only possible but provides a means for more advanced instrumentation