Model Checking Industrial Robot Systems

Modern production plants are highly automated complex systems consisting of several robots and other working machines. Errors leading to damage and stop of production are extremely expensive and must be avoided by all means. Hence, the state of practice is to test control programs in advance which implies high effort and comes with high costs. To increase the confidence into the control systems and to reduce the necessary effort, this paper proposes to use model checking to verify certain properties. It presents a compiler that can transform industrial robot programs into PROMELA models. Since the statements of the robot programming language can not be mapped directly into PROMELA statements, we apply compiler optimization techniques to close the semantic gap. In case of a specification violation the trace is mapped to the original context so that the robot programmer can reconstruct the problem. As a case study we applied the tool to verify the absence of collisions and deadlocks. We were able to detect one deadlock in a car-body welding station with 9 robots, correct the program and verify the correctness of the resulting system.