Powered by
Conference Publishing Consulting

1st International Workshop on Modern Software Engineering Methods for Industrial Automation (MoSEMInA 2014), May 31, 2014, Hyderabad, India

MoSEMInA 2014 – Proceedings

Contents - Abstracts - Authors

1st International Workshop on Modern Software Engineering Methods for Industrial Automation (MoSEMInA 2014)

Title Page

Message from the Chairs
Modern industrial automation applications are based on complex and large scale software system. While there have been tremendous progresses in the mainstream software engineering methods, these practices are not the norm in industrial automation applications, mainly due to the limited technological offerings. We observed some ongoing efforts in the direction of applying software engineering principles in industrial control applications development; however, adoption has not reached to the same level of maturity as done in general purpose IT software systems development. The adoption brings a different set of challenges in the context of industrial control application because these systems are developed using varied domain specific languages (e.g. IEC61131-3 based programs) and proprietary platforms and there is lack of right set of training for a systematic adoption of software engineering practice. Through the proposed workshop, we aimed to exchange new ideas / ongoing work in the direction of software engineering for industrial control applications.

Software Engineering Issues Regarding Securing ICS: An Industrial Case Study
Abdullah Khalili, Ashkan Sami, Mahboobeh Ghiasi, Sara Moshtari, Zahra Salehi, and Mahdi Azimi
(Shiraz University, Iran)
Industrial Control Systems (ICS) are the vital part of modern critical infrastructures. Recent attacks to ICS indicate that these systems have various types of vulnerabilities. A large number of vulnerabilities are due to secure coding problem in industrial applications. Several international and national organizations like: NIST, DHS, and US-CERT have provided extensive documentation on securing ICS; however proper details on securing software application for industrial setting is not presented. The notable point that makes securing a difficult task is the contradictions between security priorities in ICS and IT systems. In addition, none of the guidelines highlights the implications on modification of general IT security solutions to industrial settings. Moreover based on the best of our knowledge, steps to develop a successful real-world secure industrial application have not been reported. In this paper, the first attempts to employ secure coding best practices into a real world industrial application (Supervisory Control and Data Acquisition) called OpenSCADA is presented. Experiments indicate that resolving the vulnerabilities of OpenSCADA in addition to improve its availability, does not jeopardize other dimensions of security.

Automated Testing of Industrial Automation Software: Practical Receipts and Lessons Learned
Rudolf Ramler ORCID logo, Werner Putschögl, and Dietmar Winkler
(Software Competence Center Hagenberg, Austria; Vienna University of Technology, Austria)
The share of software in industrial automation systems is steadily increasing. Thus, software quality issues become a critical concern for many automation projects, which require effective software quality assurance measures. In this paper we describe an architecture for automated testing of software applications part of industrial automation systems. We focus on testing programmable logic controller (PLC) software for machineries, which can be achieved by using test automation frameworks derived from software development. The paper provides a collection of practical receipts describing how different approaches from software engineering best-practices can be applied in the context of industrial automation systems. A combination of these receipts has been used for automating software tests in an industrial automation project. In this project, more than 200 tests have been developed to assure the quality of critical PLC components. The tests are an integral part of the project’s automated build and continuous integration system. Every software change triggers an automated build and test process to ensure that no defects or unintended side effects have been introduced. The feedback from the project confirmed the applicability and usefulness of the outlined testing approach in context of industry automation. The paper concludes with providing recommendations and sharing additional lessons we have learned from automated testing of PLC software.

Practical Aspects of Building a Constrained Random Test Framework for Safety-Critical Embedded Systems
Dongjiang You, Isaac Amundson, Scott A. Hareland, and Sanjai Rayadurgam
(University of Minnesota, USA; Medtronic, USA)
In the safety-critical embedded system industry, one of the key challenges is to demonstrate the robustness and dependability of the product prior to market release, which is typically done using various verification and validation (V&V) strategies. Directed verification testing is a common strategy that performs black-box testing at the system level; however, it only samples a small set of specific system behaviors and requires heavily manual effort. In this paper, we describe our experience and lessons learned of applying the concept of constrained random testing on safety-critical embedded systems as a complimentary testing methodology. Constrained random testing enables us to cover many more system behaviors through random input variations, random fault injections, and automatic output comparisons. Additionally, it can reduce manual effort and increase confidence on the dependability of both firmware and hardware.

A Security Test-Bed for Industrial Control Systems
Mahdi Azimi, Ashkan Sami, and Abdullah Khalili
(Shiraz University, Iran)
Industrial Control Systems (ICS) such as Supervisory Control And Data Acquisition (SCADA), Distributed Control Systems (DCS) and Distributed Automation Systems (DAS) control and monitor critical infrastructures. In recent years, proliferation of cyber-attacks to ICS revealed that a large number of security vulnerabilities exist in such systems. Excessive security solutions are proposed to remove the vulnerabilities and improve the security of ICS. However, to the best of our knowledge, none of them presented or developed a security test-bed which is vital to evaluate the security of ICS tools and products. In this paper, a test-bed is proposed for evaluating the security of industrial applications by providing different metrics for static testing, dynamic testing and network testing in industrial settings. Using these metrics and results of the three tests, industrial applications can be compared with each other from security point of view. Experimental results on several real world applications indicate that proposed test-bed can be successfully employed to evaluate and compare the security level of industrial applications.

Delta Modeling for Variant-Rich and Evolving Manufacturing Systems
Matthias Kowal, Christoph Legat, David Lorefice, Christian Prehofer, Ina Schaefer, and Birgit Vogel-Heuser
(TU Braunschweig, Germany; TU München, Germany; fortiss, Germany)
Manufacturing systems exist in many different variants and evolve over time in order to meet changing requirements or environment contexts. This leads to an increased design complexity as well as to increased maintenance effort. In order to appropriately handle this inherent complexity, we propose a multi-perspective modeling approach combining UML activity, component-based and state chart diagrams to separately represent different system aspects. We combine the multi-perspective modeling approach with delta modeling to capture the variability and evolution of these manufacturing systems. Delta modeling allows a flexible, yet concise and understandable representation of variability in a modular manner. We examine our approach by applying it to a manufacturing lab demonstrator system with automated code generation from models obtained by delta application.

Domain-Specific Modeling in Industrial Automation: Challenges and Experiences
Michael Moser, Michael Pfeiffer, and Josef Pichler
(Software Competence Center Hagenberg, Austria)
Domain-specific modeling promises to close the gap between an application domain and a solution domain. As such it enables domain experts to directly model an application by means of a domain-specific language and to fully generate a final software product from the models. The advantages of domain-specific modeling have been demonstrated from several industrial case studies in various domains. However, domain-specific modeling is rarely applied in industrial automation. We have designed and developed two DSM solutions in the domains of injection molding machines and robot welding in order to enable domain experts to directly program in both domains without detailed software development expertise. In this paper we present two DSM tools, discuss challenges and experiences during design and development of both tools and draw some general insights about adapting DSM for industrial automation.

A Model-Driven Development Framework for Developing Sense-Compute-Control Applications
Pankesh Patel, Brice Morin, and Sanjay Chaudhary
(Ahmedabad University, India; SINTEF, Norway)
A Sense-Compute-Control(SCC) application involves interactions among a large number of heterogeneous devices that can sense the physical world by obtaining information from sensors, compute the captured information, and control the physical world by triggering actions using actuators. SCC applications are pervasive and found in many application domains, including industrial control, robotics systems or building automation. Developing a SCC application is challenging because it implies a wide range of related issues such as lack of separation of concerns, and lack of high-level of abstractions to address heterogeneity of target devices. Moreover, stakeholders involved in the application development have to address issues that can be attributed to different life-cycles phases such as development, deployment, and evolution.
Existing approaches only cover limited subsets of the above mentioned challenges. This paper proposes an integrated approach for the development of SCC applications. It separates the application development into different concerns. So, stakeholders can deal with them individually at evolution and reuse them across applications. To support actions of stakeholders, the development framework provides a set of modeling languages to specify each development concern and abstracts the heterogeneity related complexity. It integrates code generation, task-mapping, and linking techniques to provide automation at various phases of SCC application development.

Model-Based Design of Cyber-Physical Software Systems for Smart Worlds: A Software Engineering Perspective
Kaliappa Ravindran and Ramesh Sethu
(City University of New York, USA; General Motors, USA)
The paper discusses the design of cyber-physical systems software around intelligent physical worlds (IPW). An IPW is the embodiment of control software functions wrapped around the external world processes, exhibiting self-adaptive behavior over a limited operating region of the system. This is in contrast with the traditional models where the physical world is basically dumb. A self-adaptation of IPW is feasible when certain system properties hold: function separability and piece-wise linearity of system behavioral models. The IPW interacts with an intelligent computational world (ICW) to work over wide range of operating conditions, by patching itself with suitable control parameters and rules & procedures relevant to a changed condition. The modular decomposition of a complex adaptive system into IPW and ICW has many advantages: lowering overall software complexity, simplifying system verification, and supporting easier evolution of system features. The paper illuminates our concept of IPW with software engineering-oriented case study of an industrial application: automotive system.

proc time: 1.46