Industrial control systems are applied, for instance, in manufacturing and process industries, such as chemical plants, oil production plants, refineries, pulp and paper mills, steel mills and automated factories. Industrial control systems are also widely used within the power industry. Such industrial control systems may need to comprise or be combined with devices that add safety features. Examples of processes that require additional safety features to what a standard industrial control system provides are processes at offshore production platforms, certain process sections in nuclear power plants and hazardous areas in chemical plants. Safety features may be used in conjunction with safety shutdown, fire and/or alarm systems as well as for fire-and-gas detection.
An example of an industrial control system, which includes a safety critical function, is described in DE19857683 “Safety critical function monitoring of control systems for process control applications has separate unit”. The system has a main controller bus coupled to different processors via a number of decentralized data receivers.
The use of general-purpose computer systems raises issues in that a user-written program does not become affected by a fault in the compiler code during execution.
“Compilers: Principles, techniques and tools” by Alfred V. Aho, Ravi Sethi and Jeffrey D. Ullman published 1988 by Addison-Wesley publishing company, includes a discussion on verification of general-purpose compilers. Page 731 paragraph 11.4 “Testing and maintenance” deals with the verification of compilers, prior of using it, according to standard software testing. One approach, suggested in the book, is the “regression” test. A suite of test programs is maintained, and whenever a compiler is modified, the test programs are compiled using both the new and old version of the compiler. Any difference in the target programs produced by the two compilers is reported to the compiler writer. Further the book points out that choosing the programs to include in a test suite is a difficult problem.
Prior art in the area of compilation technology includes methods and systems for compiler optimization. U.S. Pat No. 5,577,253 “Analyzing inductive expressions in a multilanguage optimizing compiler” describes a method executed in a computer system where a plurality of optimizations is performed by a generic compiler back-end using induction variables. This patenting optimization technique does not address the correctness of a compiler at a later time.
U.S. Pat. No. 6,071,316 “Automated validation and verification of computer software” shows a method for verifying that a source code, which has been compiled, executes all different paths in the code. This is not concerned with the compiler correctness.
A remaining problem in the area of safety control of real world entities is to ensure the highest possible reliability of a user-written program.
Another problem relating to industrial control systems is that the complexity of system software distribution (such as via the Internet) has led to an increased risk of errors occurring in the compiler software.
The inventors have found that there is a need to ensure that a compiler for software with the purpose of safety control of real world entities does not change its way to produce code while it is distributed, stored as binary code or loaded into RAM.