Since its inception, the PLC has developed exceptionally rapidly. Integrating computer and automation technologies, it can easily perform functions such as logic, sequencing, timing, counting, digital arithmetic, and data processing. Furthermore, it can establish connections with various production machinery's digital and analog signals through input/output interfaces, thereby achieving automatic control of the production process. With the increasingly widespread application of PLC control systems in industrial production processes, the safety and reliability of these systems have become increasingly important, making the testing of PLC-based industrial control systems a pressing issue.
1. Characteristics of PLC-based industrial control systems
Programmable Logic Controllers (PLCs), as the preferred product for discrete control, occupy a very important position in the field of automation. PLC-based industrial control systems evolved from the original relay control principles, utilizing stored instructions to perform logical operations, sequential control, timing, counting, and calculations. They control various machines or production processes by issuing control signals and receiving input signals through input/output (I/O). Compared with other industrial control systems, PLC-based industrial control systems have significant advantages: compared to relay/contactor control systems, PLC systems have substantial advantages in flexibility and scalability, reliability and maintainability, control speed and stability, adjustable and accurate delays, design and construction, and system price, and have widely replaced relay/contactor control in industrial automation. Compared to computer control systems, PLC systems are superior to industrial microcomputers in terms of functional module structure, sequential scanning operation, and adaptability to harsh industrial environments. However, computers are still superior to PLCs in information processing. In some industrial control systems, the two are often combined: the PLC acts as the lower-level machine for field control, and the computer acts as the upper-level machine for information processing. Compared with the Distributed Control System (DCS): the PLC has certain advantages in switching quantity control and sequential control; while the DCS has certain advantages in continuous quantity analog control and loop regulation. The DCS has a three-level structure of control (engineer station), operation (operator station), and field instrument (field measurement and control station), and is configured with relatively fixed functions, while the PLC mostly requires programming, but is more flexible and can realize large-scale control system networks.
2. Testing Methods for PLC-Based Industrial Control Systems
To ensure effective quality control of PLC systems, software testing is an effective means of quality control during the project implementation phase. Due to the unique characteristics of PLC software (non-CPU instruction code) and its deeply embedded nature, setting up a software testing environment is difficult, posing challenges to the injection of test cases, especially abnormal test cases. Currently, there are three main testing methods: PLC software testing in a fully digital simulation testing environment, PLC software testing in a hardware-in-the-loop environment, and formal verification.
Hardware-in-the-loop (HiL) testing technology comprises a real-time processor, I/O interfaces, and a user interface, enabling precise simulation of parts of a test system that do not physically exist. The real-time processor provides hardware I/O communication, data logging, stimulus generation, and model execution. The I/O interface facilitates interaction between the electronic control unit (ECU) under test and the virtual environment of the model simulation, supporting sensors and PLC controllers. The user interface communicates with the real-time processor, providing test commands, visualization, configuration management, analysis, and reporting tasks. HiL technology uses hardware fault insertion to generate signal faults between the ECU and the system under test, achieving the purpose of testing and verifying device performance under fault conditions.
Hardware-in-the-loop (HIL) technology is combined with a PLC to transform various control signals from the PLC, such as motor signals and switching signals, into mathematical models. These models, along with the I/O interface, simulate a controlled object model. Hardware stimuli such as voltage, current, electromagnetic interference, and surge pulses, as well as software faults such as out-of-bounds values, illegal instructions, stub program segments, and target program segments, are loaded as test sequences into the controlled object model. The actual output includes metrics such as mean time before failure (MTBF), number of failures, failure rate, and reliability. The PLC controller is verified by comparing the actual output with the expected output. The structure of the PLC hardware-in-the-loop test system is shown in the figure.
3. Summary
Hardware-in-the-loop (HIL) PLC software testing enables non-intrusive and highly realistic testing of the software under test. By constructing a HIL simulation test environment, various testing requirements of interest to users can be met, such as functionality, performance, and interfaces, especially enabling realistic performance testing. However, because these simulation environments are often developed for specific targets under test and are highly specialized, they are difficult to port to other similar software testing environments, thus reducing the efficiency of test resource utilization to some extent.
