When comparing software development methods and development requirements for coordination applications, we realize that a productivity crisis is about to happen, which cannot be managed alone with traditional validation techniques (i.e. reviews, simulation and testing), but urgently requires validation technology innovation. Coordination applications are typically component-based, event-driven, and characterized by a clear separation between the tasks to be coordinated and their coordination. These particular characteristics, not encountered in general software applications, can be effectively exploited for validation purposes, and constitute - together with expressive, clear and verifiable application descriptions, and powerful verification algorithms - the basis of the validation technology innovation proposed by the VALID tool set.

The talk will first focus on current trends and issues in the development of validated coordination applications and the related customer requirements. Subsequently, the VALID tool set will be introduced. This tool set supports the design of software applications by means of a well-defined methodology and guidelines, it can be used stand-alone or in conjunction with other standard development environments and frameworks, and integrates modeling, verification, simulation, as well as the generation of executable code, test cases and documentation. The main benefits to software developers are:

• Improved software quality with provably correct coordination of software components,
• Shorter development times through faster incremental design and reduced integration and testing times (lead customers have reported 8-time speedups for successive design refinements, and 20% reductions in overall development times).

Finally, application examples from medical engineering, robotics, automotive body electronics and GUI applications will be presented.

An FMC is defined herein as a system comprising automatic processing machines, typically serviced by robotic material-handling devices, working under the control of a supervisor. An FMC is, thus, supposed to have two levels of flexibility: At the device level, flexibility for part production or part transfer is achieved via re-configuration and re-programming. At the system level, a supervisory (workcell) controller is synthesized to monitor and control the workcell using commercial controllers (such as, industrial PLCs).

In the academic literature, FMCs have been modeled as Discrete-Event Systems (DESs) utilizing a variety of control theories, most notably by Petri Nets (PNs) and Ramadge-Wonham Automata theory. The literature has also advocated the use of PCs for the direct control of FMC, utilizing formal control theories and, thus, providing an open hardware architecture. In our work, however, we advocate the use of a hybrid PC/PLC supervisory-control system that is based on the strengths of each device: namely, PCs provide users with computational and human/machine-interface flexibility in order to efficiently communicate with PLCs that in turn allow efficient communication with cell devices and their control.

Our talk will present a novel and generic PC/PLC-based software/hardware architecture for the control of FMCs. The proposed implementation methodology is based on the utilization of any one of the available formal DES control theories in conjunction with state-of-the-art industrial programmable-logic controllers (PLCs).

The methodology has been verified to be a viable technique through its actual implementation in our laboratory using a PLC-controlled industrial robotic-workcell testbed. The specific control theory used is a combination of Extended Moore Automata and Ramadge-Wonham Automata, which has been developed by our research group.

The modular control software architecture has been developed for MS-Windows environments (running on one PC that is interfaced to the PLCs) and allows the use of different formal control theories as well as different commercial PLC hardware. The effective graphical user interface provides a transparent programming environment, where users are not expected to have a full knowledge of the formal control theory used.

In this talk we will discuss the automated generation of supervisors or logic controllers for flexible manufacturing systems. In general, the problem rapidly becomes intractable. We will discuss, conditions and typical manufacturing system topologies for which the problem (of generating and running a maximally-permissive supervisors) remains tractable and easy to implement. Schemes under which such controllers can be hierarchically decomposed (into cell, system and plant controllers) while maintaining their non deadlocking properties will also be discussed. Finally, some our current research in shared (human-computer) supervisory control will be discussed.

The modeling problem is characterized by concurrent and asynchronous events. Petri nets are well suited for modeling manufacturing systems because they capture the precedence relations and interactions among these events. In addition, a strong mathematical foundation exists for the analysis of system properties such as deadlock, conflict, and boundedness.

The Petri net model can also be used as a real-time controller for a manufacturing system. The flow of tokens through the net establishes the sequence of events to carry out a specific manufacturing task.

Petri nets are also a very valuable performance analysis tool. When time is added to the firing of the transitions, it becomes possible to calculate such measures as throughput, production rates, average machine utilization, and the probability that a machine will be blocked or starved.

Applications to a machining workstation will be presented along with numerous examples from transfer lines and production networks.

• Direct Implementation of RLL,
• Instrument Society of America Logic Diagrams (ISA standard S5.2-1976),
• Timing/sequence diagrams,
• State diagrams,
• Real-time Petri Net models, and
• Grafcet/Sequential Function Charts (IEC 1131-3).