TECHNICAL - Embedded code in Process Control
Date: Thu, 26 Feb 1998 13:16:01 -0500
From: Chas Mitchell <cmitchel@nmi2000.com>
To: Y2K Mail List <year2000-discuss@year2000.com>
Subject: Embedded code in Process Control
We recently were discussing the value of the McCabe Visual 2000 toolset
with an engineer charged with the responsibility for ensuring that the
year 2000 rollover would not destroy their business (the industry in
question is not important, just the idea of process control computers
that monitored and controlled liquid flows, etc). The idea of course was that if you run the code through the McCabe Visual 2000 toolset, you can not only isolate your testing to the date paths, but you can definitely determine whether or not you have actually tested all affected paths.
Well, as it turns out, most industries don't purchase source code for
any process control device, but instead purchase a module that has the capability of accepting process factors and controlling the process based on those factors (a rather simplified version of the actual process, but good enough for this discussion). Then, he told us that in many if not most situations, the companies that sell the specific devices actually purchase a higher level (or lower level depending on how you look at it) board that already has some embedded code on it. (Virtually all of the code is in EPROMS). So not only does the user not have the source for the device they purchased, but their supplier may or not have that code, but not likely the code that was already on the board that they purchased.
So, end user applies factors to code created by next level supplier who created code applied to next level supplier code, etc., for who knows how many levels.
So they only thing this engineer can do to verify the process is try
over and over again to test the device using as many different factors as he can dream up, until he exhausts himself, or the system shows an error. If it shows an error, he knows he has a problem, and can begin to search for a solution. BUT, if it DOES NOT break, then he never can be sure whether he tested the equipment for all possible conditions which may occur at any of the code levels on the device! And he can not be sure that the device won't shut down his company!
Because he did not have source code, we couldn't help him with the
McCabe toolset, but he did tell us that someone had developed a piece of hardware that would test and record results on process control equipment, similar to what McCabe does with source code.
This was the first time I had ever met anyone who was happy when he managed to find and error!! |
