Analysis of safety critical plc code against IEC 1508 development techniques

Abstract

The aim of this thesis is to assess the applicability of recommended software development techniques defined in IEC 1508 [8] to PLC (Programmable Logic Controller) code developed for offshore oil platforms. The draft standard TEC 1508 contains specific recommendations which have the objective of improving the safety characteristics of safety critical code The recommended techniques could have one of the following characteristics with regard to offshore PLC code: • They are already used in the development of code. • They could be used in the development of the code. • They could not be used due to the application domain. • They could not be used due to the specific programming environment analysed. It was the aim of the thesis to characterise a subset of the IEC 1508 techniques into the above categories. The analysis was requested by the Health and Safety Executive (HSE) Offshore Division. The analysis has been performed using two major case studies, taken from live industrial safety-critical systems operating on a North Sea Oil Platform; they both comprise 300K lines of code in total. Both systems were written in three high level PLC languages. It was decided to translate the code into one language, so the analysis was undertaken in terms of a single language. A translator has been written, and a number of static analysis tools, therefore allowing all the code to be analysed. The key twenty two recommendations from IEC 1508 have been selected, and the case study systems correspondingly analysed, using a modified Goal Question Metric (GQM) approach as a unified framework. The overall analysis method has been found to be successful in supporting the detailed analysis of IEC 1508 recommendations. The thesis presents detailed conclusions on each analysed technique, as well as more general observations on the PLC code.