Abstract

The IEC 61499 standard enables the model-based design of complex industrial automation systems, in which a model of the controlled physical processes called a plant, is codeveloped with the controller. However, the existing design flow does not address functional safety issues, which include limiting risk to acceptable levels. Standards like IEC 61508 provide safety guidelines for measuring and managing risk to acceptable ranges using quantitative or probabilistic methods for hardware, and qualitative or systematic analysis techniques for software. Such analyses are inadequate in situations where safety depends on both hardware and software. This paper proposes a unifying model-based approach for the quantitative and qualitative analysis of IEC 61499 designs. The approach combines Markov analysis and model checking to estimate quantified risk and is more expressive than traditional analyses like reliability block diagrams. At design level, unified safety requirements are captured using safety blocks, which is an extension of the IEC 61499 basic blocks. The PRISM model checker is used to analyze the system, based on a sound conversion of IEC 61499 designs into PRISM models. A tool-chain enabling the proposed approach shows encouraging benchmarking results confirming the feasibility of unified analysis.