VHS Deliverable MG.1.1:
Management Report on Year 1

This page summarizes the activities of the VHS project in the first year and provides links to downloadable files of the deliverables.

Click here to jump directly to the download section.

The work in the project in the first year is reported in a general management report (this page, also as postscript file). The effort of information dissemination is described in (MG.2.1).

  This report documents the progress made in the project for the period 15/5/98-15/5/99. It covers adminisration, project meetings, mutual visits, and a survey of the progress in all work-packages.


The project started on 15/5/99. There were some delays in the money transfer to the partners and some other small problems due to the size of the project and its inter-disciplinary and innovative nature. By now, we feel that the project has entered a smooth mode of operation.
There are three administrative changes which were initiated and need to be completed:
  1. The partner Nylstar has been merged with Rhodia.
  2. BRICS wishes to sub-contract part of its share to the University of Uppsala (W. Yi).
  3. ETH-Zurich (M. Morari) asks to join the project (and be financed by the Swiss governement). The partners agree.

Meetings and Visits.

Five project meetings were conducted during the first year as summarized in the appendix. In addition to project meetings and joint conference, many mutual visits among partners took place, some of which are listed in the appendix.

Progress on Work-Packages


The project consists mainly of development of theory, methodology and tools to improve the design of industrial plants, based on several case-studies. In this activity there are interleaved top-down (what we know and can do) and bottom-up (what do the case-studies require) modes of operation. The experience with the case-studies and the discussions with the industrial partners indeed sharpened our intuition concerning what a realistic approach to hybrid system verification might look like.
The main preliminary conclusion from the case-studies is that most of them admit a similar abstract model, consisting of a discrete event system augmented with quantitative timing information. These can be explicit models such as timed automata or timed Petri nets, or implicit ones as in scheduling problems. Here a process is a collection of activities which need to be performed in some order, respecting some duration constraints, and on a limited number of shared resources. This is the level of description of CS4 and CS5 and, after some abstraction, also of CS1 when everything works properly.
This description can be refined along two major axes: one way is to look closer at the physical process, e.g. the differential equation of the chemical process or the flow of material. While this is a more accurate description of the process, the verification methods for this level are still in their infancy (work on them is being done in packages PA and TL). Moreover, many processes are built exactly in a manner where variations in the evolution of each physical process do not matter much, and their abstraction as activities whose duration is bounded inside an interval is sufficient for most purposes.
Another direction of refinement is to consider the concrete realization of the logic behind the abstract actions of initiating and terminating a process. These are mostly discrete event systems with binary sensors and actuators, e.g. limit switches or shut off valves, which together with their control programs, are systems similar to those that one can find in train control systems. They can be modeled and verified using ``traditional'' computer science techniques. The only exception where one needs to combine this logic with the physical modeling is when there are failures (e.g. a valve get stuck), not during normal operations. While in the future, we might see more agressive design methods, the current practice in the chemical industry is rather conservative and compartmental.
The progress in all work-packages is summarized below.

IP: deliverable IP.1 covers the most interesting aspects of plant control informatics from the project point of view. It covers some aspects of introducing formal methods to manufacturing in general and studies the state-of-the-art in DCS and PLC programming practices, as well as suggestions for further contributions of the consoirtium.

MF: The work on this work-package has already started but no deliverables are due after the first year. In addition to the abovementioned investigations concerning the appropriate level of modeling for plants, work has been done on the modeling of hydraulic networks, on the relation between various formalisms (condition/event systems, Timed automata and Petri Nets, Sequential function charts, etc.) used for specification, programming and verification. A detailed report on MF contributions will be provided in the second year.

PA: This package depends, of course, on the previous one but, nevertheless, some ``universal'' models such as differential equations, automata and timed automata are surely to be part of the used models, hence some work has been already performed for this work-package. It includes, among other things, improved algorithms and data-structures for timed automata, decidability results on hybrid systems, and results on controller synthesis. A detailed report will be provided at the end of the second year.

TL: Like the previous package, the development of some of the computational infrastructure could already take place at the first year. Work on this package included improvements in performance and user-interface of exisiting verification tools, development of hybrid simulators and other tools for automatic and semi-automatic analysis of hybrid systems, new data-strucutres for geometrical and probabilistic information. A detailed report will be provided after the second year.

CS1: This case-study, together with CS2, was intended as a testbed for the applicability of verification technology to plant control. It is a real plant with control procedures implemented in PLC. The case-study has been investigated by most of the partners and the experiemce was indeed rewarding. Deliverable  CS.1.1 documents the plant descriptions and various attempts to solve the problems it poses at various levels including the level of an abstract scheduling problem and the level of a detailed control program. We feel that the results are encouraging.

CS2: Case study 2 served as an introductry example for the implementation of a complex (from the chemical dynamics point of view) control procedure in a real DCS. The deciphering of the old control code, written in a vendor-specific language, demonstrated the difficulty in maintaining and re-using process control software in general. Although most of the project effort was dedicated to the more documented CS1, some modeling and verification results concerning two control sub-routines of CS2 were obtained. They are reported in deliverable CS.2.1. We intend to extend the work on this case-study toward the second year.

CS3: The work on this case-study will start as planned next year. Experiments in using and programming the Siemens S7 platform have already started.

CS4: This is essentially a scheduling case-study which progresses according to its schedule. A model of the plant was extracted and it appears in deliverable  CS.4.1.

CS5: This is another scheduling case-study with some very particular timing constraints. A formal model of this task has been written and initial attempts to find feasible and optimal schedules are reported in deliverable CS.5.1. The progress in this case-study is more than planned.

CS6: The work on this case-study is planned for next year. The instrumentation diagrams of the process have already been extracted and a sub-system to be analyzed has been isolated.


The project seems to fullfill a large part of its promises. In particular, the mutual exposure of the process control and the verification communities, initiated and maintained by the project, is proving very fruitful, and we hope this collaboration will gain momentum outside the project and become a more global phenomenon once the first year results are published.

Appendix: Tables


Date  Place  No. of Participants  remarks 
5/98  Grenoble  18  kick-off
9/98  Dortmund  23 
1/99  Grenoble  20 
4/99  Ghent  19 
6/99  Kiel  20  review 



Person  Source  Target  Start  End 
P. Niebert  Verimag  Dortmund  22/02/99  23/02/99 
O. Maler  Verimag  Weizmann  21/12/98  06/01/99 
Y. Lakhnech  Kiel  Verimag  21/10/98  31/10/98 
Y. Lakhnech  Kiel  Dortmund  19/11/98  27/11/98 
A. Fehnker  KUN  Brics  08/03/99  12/03/99 
A. Mader  KUN  Dortmund  19/10/99  23/10/99 
A. Mader  KUN  Dortmund  23/11/99  27/11/99 
S. Kowalewski  Dortmund  KUN  06/04/99  15/06/99 

Download Section

The purpose of this section is to help you to quickly download (and print) large sections of the deliverables. If you prefer to surf the site, go back to the top of the page  or to the VHS main page  follow the links there.

page created at Tue Jun 1 14:19:19 MET DST 1999 by Peter Niebert
last modification: Tue Jun 13 11:50:41 CEST 2000