可编程逻辑控制器(PLC)是工业控制领域中广泛使用的自动控制装置。由于PLC程序缺乏具有普适性的测试工具,开发人员往往只能采用人工方式排查代码错误,导致测试效率低下。工业用户亟需一种标准化PLC代码检测方法,自动完成PLC程序语法检测与分析。该文以IEC61131-3标准为基础,建立基于Backus-Naur范式(BNF)的指令表语法模型。基于该模型构造抽象语法树,进而设计出一种具有线性复杂度的PLC指令表代码语法检测算法。利用2段控制工程中的PLC指令表代码对所提出的算法与商用软件CODESYS Static Analysis进行对比测试,验证了所提算法的可用性。
Programmable logic controllers (PLC) are automatic controllers widely used for industrial control. Because PLC program testing is lack of general testing tools, developers can only manually check code syntax errors, which is inefficient. Thus, industrial users need a standardized PLC code testing method to automatically complete the PLC program syntax detection and analysis. This paper presents an instruction list syntax model based on the Backus-Naur form (BNF) and the IEC61131-3 standard for industrial users. A PLC code syntax fault detection algorithm with linear complexity is then built with an abstract syntax tree to automatically check the PLC code syntax. Compared wich the CODESYS Static Analysis, analysis of two industrial PLC programs demonstrates the usability of this PLC code static analysis method.
[1] 赵千川, 王达, 薛文轩. PLC程序测试与验证的研究进展[J]. 清华大学学报(自然科学版), 2011, 51(11):1617-1623. ZHAO Q C, WANG D, XUE W X. Testing and validation of programmable logic controller programs[J]. Journal of Tsinghua University (Science and Technology), 2011, 51(11):1617-1623. (in Chinese)
[2] 徐啸天. 一种PLC程序静态缺陷检测工具的设计与实现[D]. 南京:南京大学, 2017. XU X T. Design and implementation of a static bug detection tool for PLC program[D]. Nanjing:Nanjing University, 2017. (in Chinese)
[3] 王达. 一类工业控制软件测试与验证的几个关键问题研究[D]. 北京:清华大学, 2011.WANG D. Research on key issues of test and validation in some industrial control software[D]. Beijing:Tsinghua University, 2011. (in Chinese)
[4] HUNG M Y, CHEN P S, HWANG Y S, et al. Support of probabilistic pointer analysis in the SSA form[J]. IEEE Transactions on Parallel and Distributed Systems, 2012, 23(12):2366-2379.
[5] BOUGOUFFA S, DONG Q H, DIEHM S, et al. Technical debt indication in PLC code for automated production systems:Introducing a domain specific static code analysis tool[C]//Proceedings of the 3rd IFAC Conference on Embedded Systems, Computational Intelligence and Telematics in Control, CESCIT 2018. Faro, Portugal, 2018:70-75.
[6] International Electrotechnical Commission. Programmable controllers-part 3:Programming languages:IEC 61131-3[S]. Genève, Switzerland:International Electrotechnical Commission, 2003.
[7] PRÄHOFER H, ANGERER F, RAMLER R, et al. Static code analysis of IEC 61131-3 programs:Comprehensive tool support and experiences from large-scale industrial application[J]. IEEE Transactions on Industrial Informatics, 2017, 13(1):37-47.
[8] HOFER F, RUSSO B. IEC 61131-3 software testing:A portable solution for native applications[J]. IEEE Transactions on Industrial Informatics, 2020, 16(6):3942-3951.
[9] JAMRO M. POU-oriented unit testing of IEC 61131-3 control software[J]. IEEE Transactions on Industrial Informatics, 2015, 11(5):1119-1129.
[10] 王炜新, 周凯, 毛飞龙. 基于AOV和广义表的梯形图转指令表的转换算法[J]. 清华大学学报(自然科学版), 2019, 59(12):1039-1044. WANG W X, ZHOU K, MAO F L. Transformation algorithm from a ladder diagram to an instruction list based on AOV and Lists[J]. Journal of Tsinghua University (Science and Technology), 2019, 59(12):1039-1044. (in Chinese)
[11] 彭瑜, 何衍庆. IEC 61131-3编程语言及应用基础[M]. 北京:机械工业出版社, 2009. PENG Y, HE Y Q. Fundamentals of IEC 61131-3 programming language and application[M]. Beijing:China Machine Press, 2009. (in Chinese)
[12] GRIMMER A, ANGERER F, PRÄHOFER H, et al. Supporting program analysis for non-mainstream languages:Experiences and lessons learned[C]//Proceedings of 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering. Suita, Japan, 2016:460-469.
[13] 高传平, 谈利群, 宫云战. 基于抽象语法树的代码静态自动测试方法研究[J]. 北京化工大学学报, 2007, 34(S1):25-29. GAO C P, TAN L Q, GONG Y Z. Research on the syntax tree-based method for static and automated code testing[J]. Journal of Beijing University of Chemical Technology, 2007, 34(S1):25-29. (in Chinese)
[14] BIALLAS S, FRIEDRICH N, SIMON H, et al. Automatic error cause localization of faulty PLC programs[C]//Proceedings of the 5th IFAC International Workshop on Dependable Control of Discrete Systems:DCDS 2015. Cancun, Mexico, 2015:79-84.
[15] DUSCHL K C, GRAMß D, OBERMEIER M, et al. Towards a taxonomy of errors in PLC programming[J]. Cognition, Technology & Work, 2015, 17(3):417-430.
