Search

EP-4741967-A2 - VIRTUAL DEPLOYMENT OF DISTRIBUTED CONTROL SYSTEMS FOR CONTROL LOGIC TESTING

EP4741967A2EP 4741967 A2EP4741967 A2EP 4741967A2EP-4741967-A2

Abstract

A computer-implemented method (100) for creating a virtual deployment (10*) of a distributed control system, DCS (10), for a given industrial process (1), comprising the steps of: • providing (110) a topology (2) of the assets executing the industrial process (1), as well as control logic (3) for controlling these assets; • providing (120) at least one I/O simulator (4) that is configured to supply, to the DCS (10), sensor and/or actor data that is realistic in the context of the given industrial process (1); • determining (130), based at least in part on said topology (2) of the assets and on the control logic (3), a topology (11a) of devices (11) that form part of the DCS (10); • establishing (140), based at least in part on this topology (11a) of devices (11), at least one declarative and/or imperative description (12) of the DCS (10) that characterizes multiple devices (11) of the DCS (10), their placement, and their connections, wherein this declarative and/or imperative description (12) of the DCS (10) is idempotent in that, irrespective of a starting state of an environment, deploying the DCS (10) will always move this environment to the same end state; • creating (150), based at least in part on the declarative and/or imperative description (12), virtual instances (11*) of the devices (11) of the DCS (10) and their connections in a chosen environment, wherein at least one device (11) of the DCS (10) is connected to at least one I/O simulator (4), so that the sought virtual deployment (10*) of the DCS (10) results.

Inventors

  • KOZIOLEK, HEIKO
  • Amelung, Rhaban
  • ESKANDANI, NAFISE

Assignees

  • ABB Schweiz AG

Dates

Publication Date
20260513
Application Date
20220921

Claims (15)

  1. A computer-implemented method (100) for creating a virtual deployment (10*) of a distributed control system, DCS (10), for a given industrial process (1), comprising the steps of: • providing (110) a topology (2) of the assets executing the industrial process (1), as well as control logic (3) for controlling these assets; • providing (120) at least one I/O simulator (4) that is configured to supply, to the DCS (10), sensor and/or actor data that is realistic in the context of the given industrial process (1); • determining (130), based at least in part on said topology (2) of the assets and on the control logic (3), a topology (11a) of devices (11) that form part of the DCS (10); • establishing (140), based at least in part on this topology (11a) of devices (11), at least one declarative and/or imperative description (12) of the DCS (10) that characterizes multiple devices (11) of the DCS (10), their placement, and their connections, wherein this declarative and/or imperative description (12) of the DCS (10) is idempotent in that, irrespective of a starting state of an environment, deploying the DCS (10) will always move this environment to the same end state; • creating (150), based at least in part on the declarative and/or imperative description (12), virtual instances (11*) of the devices (11) of the DCS (10) and their connections in a chosen environment, wherein at least one device (11) of the DCS (10) is connected to at least one I/O simulator (4), so that the sought virtual deployment (10*) of the DCS (10) results.
  2. The method (100) of claim 1, further comprising: • determining (151), from the declarative and/or imperative description (12), a representation of an intended state (10a*) of the DCS (10); • comparing (152) the state (10a) of the DCS (10) obtained by creating virtual instances (11) of the devices of the DCS (10) and their connections to said intended state (10a*); and • in response to determining that the state (10a) of the DCS (10) differs from the intended state (10a*) of the DCS (10), creating, modifying and/or deleting (153) virtual instances (11*) of devices (11) of the DCS (10) and their connections with the goal of bringing the state (10a) of the DCS (10) towards its intended state (10a).
  3. The method (100) of any one of claims 1 to 2, wherein the declarative and/or imperative description (12) comprises infrastructure-as-code instructions that, when executed by a cloud platform, and/or a virtualization platform, and/or a configuration management tool, causes the cloud platform, and/or the virtualization platform, and/or the configuration management tool, to create a virtual instance (11*) of at least one device (11) of the DCS (10) with properties defined in the declarative and/or imperative description (12).
  4. The method (100) of any one of claims 1 to 3, wherein the declarative and/or imperative description (12) characterizes • a number, and/or a clock speed, and/or a duty cycle limit, of processor cores, and/or • a memory size, and/or • a mass storage size, and/or • a type of network interface, and/or • a maximum network bandwidth, of at least one compute instance that serves as a virtual instance (11*) of at least one device (11) of the DCS (10), and/or an identifier of an instance type from a library of instance types available on a particular cloud platform.
  5. The method (100) of any one of claims 1 to 4, wherein the declarative and/or imperative description (12) characterizes an architecture, a bandwidth, and/or a latency, of at least one network to which multiple virtual instances (11*) of devices (11) of the DCS (10) are connected.
  6. The method (100) of any one of claims 1 to 5, further comprising: • test-executing (160) the control logic (3) on the virtual deployment (10*) of the DCS (10), • monitoring (170) the behavior (3a) of the control logic (3) during execution; • comparing (180) this behavior (3a) to a given expected behavior (3b) of the control logic (3); and • evaluating (190), from the result (180a) of this comparison (180), according to a predetermined criterion (5), whether the test of the control logic (3) has passed or failed.
  7. The method (100) of claim 6, wherein the test-executing (160) comprises supplying (161), by the at least one I/O simulator (4), to the control logic (3), sensor and/or actor data that, in case a particular to-be-detected software error is present in the control logic (3), causes the behavior of the control logic to depart from the expected behavior.
  8. The method (100) of claim 7, wherein the to-be-detected software error comprises one or more of: • concurrent or other multiple use of one and the same variable; • wrong setting and resetting of variables; • wrong reactions of the control logic to changes in variables; • wrong limit or set-point values; • missing or wrongly implemented interlocking logic; • wrongly defined control sequences or sequences of actions; and • an overflow and/or clipping of variables.
  9. The method (100) of any one of claims 6 to 8, further comprising: in response to determining that the test of the control logic has passed, • setting up (200) a physical DCS (10) that corresponds to the virtual deployment (10*) of the DCS (10); and • connecting (210) the devices (11) of the physical DCS (10) to the assets executing the industrial process (1), rather than to the I/O simulator (4).
  10. The method (100) of any one of claims 6 to 9, further comprising: in response to determining that the test of the control logic has failed, • modifying (220) the declarative and/or imperative description (12) of the DCS (10), and updating (230) the virtual deployment (10*) of the DCS (10) based on this modified declarative and/or imperative description (12); and/or • modifying (240) the control logic (3), with the goal of improving the performance of the control logic (3), and • resuming the test-executing (160) with the updated virtual deployment (10*) of the DCS (10), and/or with the modified control logic (3).
  11. The method (100) of any one of claims 6 to 10, further comprising: • assigning (250), by a predetermined criterion (6), to a virtual deployment (10*) of the DCS (10) and/or to the execution of the control logic (3) on this virtual deployment (10*), a figure of merit (7); and • optimizing (260) the declarative and/or imperative description (12) of the DCS (10) with the goal of improving this figure of merit (7), under the constraint that the test of the control logic on the respective virtual deployment (10*) of the DCS (10) passes.
  12. The method of any one of claims 6 to 11, further comprising: • simulating (162) a failure in at least one virtual instance (11*) of a device (11) of the DCS (10), an/or in at least one connection of one such instance (11*); and • monitoring (163) the influence of this simulated failure on the behavior of the control logic (3).
  13. A computer program, comprising machine-readable instructions that, when executed by one or more computers and/or compute instances, cause the one or more computers and/or compute instances to perform the method (100) of any one of claims 1 to 12.
  14. A non-transitory machine-readable data carrier with the computer program of claim 13.
  15. One or more computers and/or compute instances with the computer program of claim 13, and/or with the non-transitory machine-readable data carrier of claim 14.

Description

FIELD OF THE INVENTION The invention relates to the testing of control logic for distributed control systems that are used to execute industrial processes on industrial plants. BACKGROUND Control logic for automation systems is error-prone and needs to be thoroughly tested before starting the actual production to avoid harm to humans and equipment. Testing the logic late in the commissioning phase when the servers and controllers are already installed can delay the time-to-production in case errors are found late and need to be fixed. Thus, in the design phase, a control system can be tested in a simulation environment that stimulates the control logic input according to an IO simulator (e.g., simulating temperature, flow, level, pressure, etc.). However, maintaining a separate hardware and software installation for such a simulation environment is laborious and costly and consequently simulations are often only cost-effective for extremely large installations. Setting up simulation systems is still a mostly manual process and requires purchasing hardware, installing operating systems, installing security measures, configuring networks and deploying software. This can lead to human errors, is tedious and expensive. When commissioning the actual target system, a similar laborious and error-prone procedure needs to be followed again, piling up on the additional costs and production delays. EP 2 778 816 B1 discloses a method for testing a distributed control system. On a remote data processing server, multiple virtual machine are started. Such virtual machines may include soft emulators to emulate elements of the DCS, so that the device software for such a device may be tested. US 2016/033 952 A1 discloses a system for testing a distributed control system of an industrial plant that includes at least two industrial control devices and at least one data communication device. The system includes at least one engineering computer that includes an engineering data storage unit for storing engineering data of at least one part of the distributed control system, and at least one human machine interface for manipulating the engineering data. The system also includes an emulating virtual machine on which a soft emulator is installed for emulating one of the at least two industrial control devices and the at least one data communication device. WO 2017/115 162 A1 discloses techniques for generating and executing test cases for testing distributed control systems of industrial plants. A set of active control functions in a part of an industrial plant is determined based on a process topology corresponding to the part of the industrial plant and a control topology corresponding to the part of the industrial plant. Thereafter, test cases are generated for at least one active control function. The generated test cases are executed on at least one of a process simulation model corresponding to the industrial plant and a control emulator emulating an industrial control device of the DCS. OBJECTIVE OF THE INVENTION It is therefore an objective of the invention to facilitate and speed up the testing of control logic for a to-be-deployed distributed control system, and also to improve the quality of the obtained results. This objective is achieved by the method according to the independent claim. Further advantageous embodiments are detailed in the respective dependent claims. DISCLOSURE OF THE INVENTION The invention is defined by the appended claims. Embodiments and examples not covered by the claims are presented to illustrate, and facilitate the understanding of, the claimed invention. The invention provides a computer-implemented method for creating a virtual deployment of a distributed control system, DCS, for a given industrial process. That is, the task is to set up a mock-up of a distributed control system with a functionality that could execute the industrial process when run on a DCS physically deployed in the plant. The purpose for such a virtual deployment is two-fold: First, it can be used to test whether exactly this deployment, when set up in physical form, would be suitable to execute the industrial process. Second, it can be used as a platform for testing the control logic. The method starts with the providing a topology of the assets executing the industrial process. This topology describes which assets are needed to execute the industrial process, in which order these assets have to work together to achieve this, and where the assets are located. Also, control logic for controlling the assets is provided. This control logic may comprise part of, or all of, the control logic that is necessary to execute the industrial process as a whole. Also, an I/O simulator is provided. This I/O simulator is configured to supply, to the DCS, sensor and/or actor data that is realistic in the context of the given industrial process. Basically, in a virtual deployment that is not yet connected to the real process, the I/O sim