HyPLC: Hybrid Programmable Logic Controller Program Translation for Verification

Programmable Logic Controllers (PLCs) provide a prominent choice of implementation platform for safety-critical industrial control systems. Formal verification provides ways of establishing correctness guarantees, which can be quite important for such safety-critical applications. But since PLC code does not include an analytic model of the system plant, their verification is limited to discrete properties. In this paper, we, thus, start the other way around with hybrid programs that include continuous plant models in addition to discrete control algorithms. Even deep correctness properties of hybrid programs can be formally verified in the theorem prover KeYmaera X that implements differential dynamic logic, dL, for hybrid programs. After verifying the hybrid program, we now present an approach for translating hybrid programs into PLC code. The new tool, HyPLC, implements this translation of discrete control code of verified hybrid program models to PLC controller code and, vice versa, the translation of existing PLC code into the discrete control actions for a hybrid program given an additional input of the continuous dynamics of the system to be verified. This approach allows for the generation of real controller code while preserving, by compilation, the correctness of a valid and verified hybrid program. PLCs are common cyber-physical interfaces for safety-critical industrial control applications, and HyPLC serves as a pragmatic tool for bridging formal verification of complex cyber-physical systems at the algorithmic level of hybrid programs with the execution layer of concrete PLC implementations.Comment: 13 pages, 9 figures. ICCPS 201

Reduction of systemic risk by means of Pigouvian taxation

We analyze the possibility of reduction of systemic risk in financial markets through Pigouvian taxation of financial institutions, which is used to support the rescue fund. We introduce the concept of the cascade risk with a clear operational definition as a subclass and a network related measure of the systemic risk. Using financial networks constructed from real Italian money market data and using realistic parameters, we show that the cascade risk can be substantially reduced by a small rate of taxation and by means of a simple strategy of the money transfer from the rescue fund to interbanking market subjects. Furthermore, we show that while negative effects on the return on investment (ROI) are direct and certain, an overall positive effect on risk adjusted return on investments (ROIRA) is visible. Please note that the taxation is introduced as a monetary/regulatory, not as a _scal measure, as the term could suggest. The rescue fund is implemented in a form of a common reserve fund

Integration of Static and Dynamic Analysis Techniques for Checking Noninterference

In this article, we present an overview of recent combinations of deductive program verification and automatic test generation on the one hand and static analysis on the other hand, with the goal of checking noninterference. Noninterference is the non-functional property that certain confidential information cannot leak to certain public output, i.e., the confidentiality of that information is always preserved. We define the noninterference properties that are checked along with the individual approaches that we use in different combinations. In one use case, our framework for checking noninterference employs deductive verification to automatically generate tests for noninterference violations with an improved test coverage. In another use case, the framework provides two combinations of deductive verification with static analysis based on system dependence graphs to prove noninterference, thereby reducing the effort for deductive verification

Floating Patches of HCN at the Surface of Their Aqueous Solutions - Can They Make "HCN World" Plausible?

The liquid/vapor interface of the aqueous solutions of HCN of different concentrations has been investigated using molecular dynamics simulation and intrinsic surface analysis. Although HCN is fully miscible with water, strong interfacial adsorption of HCN is observed at the surface of its aqueous solutions, and, at the liquid surface, the HCN molecules tend to be located even at the outer edge of the surface layer. It turns out that in dilute systems the HCN concentration can be about an order of magnitude larger in the surface layer than in the bulk liquid phase. Furthermore, HCN molecules show a strong lateral self-association behavior at the liquid surface, forming thus floating HCN patches at the surface of their aqueous solutions. Moreover, HCN molecules are staying, on average, an order of magnitude longer at the liquid surface than water molecules, and this behavior is more pronounced at smaller HCN concentrations. Because of this enhanced dynamical stability, the floating HCN patches can provide excellent spots for polymerization of HCN, which can be the key step in the prebiotic synthesis of partially water-soluble adenine. All of these findings make the hypothesis of "HCN world" more plausible

From Labyrinth to Piano Key Weirs – A historical review

Free crest spillways are hydraulically efficient and safe in operation. Since their discharge capacity is directly proportional to the crest length several types have been developed with the purpose to increase the length of the latter. Among these types traditional labyrinth weir spillways have been studied and used for a long time. Their hydraulic performance and the effect of the involved geometrical parameters are well known. Nevertheless, their design still has to be based on experimentally derived and generalized performance curves. The recently introduced Piano Key weirs present clear advantages regarding hydraulic performance and construction costs compared to classical labyrinth weirs. Especially its small footprint makes the PK weir an efficient and cost effective solution for the increase of the flood releasing capacity at existing concrete gravity dams. Until today only preliminary design procedures are available which cannot yet be generalized. The still ongoing research on this complex hydraulic structure is a challenge for many scientists all over the world. Despite of this, several prototypes have been installed successfully over the last years on existing dams which enhance efficiently the flood release capacity