Professional Documents
Culture Documents
Trusted Toolset Application Validator Software Package
Trusted Toolset Application Validator Software Package
Trusted Toolset Application Validator Software Package
Features:
• Windows applications.
PREFACE
In no event will Rockwell Automation be responsible or liable for indirect or consequential damages
resulting from the use or application of this equipment. The examples given in this manual are
included solely for illustrative purposes. Because of the many variables and requirements related to
any particular installation, Rockwell Automation does not assume responsibility or reliability for
actual use based on the examples and diagrams.
No patent liability is assumed by Rockwell Automation, with respect to use of information, circuits,
equipment, or software described in this manual.
DISCLAIMER
It is not intended that the information in this publication covers every possible detail about the
construction, operation, or maintenance of a control system installation. You should also refer to
your own local (or supplied) system safety manual, installation and operator/maintenance manuals.
This document is based on information available at the time of its publication. The document
contents are subject to change from time to time. The latest versions of the manuals are available at
the Rockwell Automation Literature Library under "Product Information" information "Critical
Process Control & Safety Systems".
TRUSTED RELEASE
For the latest information about this product review the Product Notifications and Technical Notes
issued by technical support. Product Notifications and product support are available at the Rockwell
Automation Support Centre at
http://rockwellautomation.custhelp.com
At the Search Knowledgebase tab select the option "By Product" then scroll down and select the
Trusted product.
Some of the Answer ID’s in the Knowledge Base require a TechConnect Support Contract. For more
information about TechConnect Support Contract Access Level and Features please click on the
following link:
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/50871
This will get you to the login page where you must enter your login details.
IMPORTANT A login is required to access the link. If you do not have an account then you can create one
using the "Sign Up" link at the top right of the web page.
DOCUMENTATION FEEDBACK
Your comments help us to write better user documentation. If you discover an error, or have a
suggestion on how to make this publication better, send your comment to our technical support
group at http://rockwellautomation.custhelp.com
SCOPE
This manual specifies the maintenance requirements and describes the procedures to assist
troubleshooting and maintenance of a Trusted system.
This manual is for plant maintenance personnel who are experienced in the operation and
maintenance of electronic equipment and are trained to work with safety systems.
SYMBOLS
In this manual we will use these notices to tell you about safety considerations.
This symbol identifies items which must be thought about and put in place when
designing and assembling a Trusted controller for use in a Safety Instrumented
Function (SIF). It appears extensively in the Trusted Safety Manual.
IMPORTANT Identifies information that is critical for successful application and understanding of
the product.
TIP Tips give helpful information about using or setting up the equipment.
Do not connect or disconnect equipment while the circuit is live or unless the area is
known to be free of ignitable concentrations or equivalent
Ne pas connecter ou déconnecter l’équipement alors qu’il est sous tension, sauf si
l’environnement est exempt de concentrations inflammables ou équivalente
MAINTENANCE
Maintenance must be carried out only by qualified personnel. Failure to follow these
instructions may result in personal injury.
CAUTION:
The module PCBs contains static sensitive components. Static handling precautions
must be observed. DO NOT touch exposed connector pins or attempt to dismantle a
module.
ISSUE RECORD
7 Oct 05 Format
Table of Contents
This Validator processes the cross reference file that is output as a result of using the
IEC 61131 TOOLSET 'Cross Reference' tool. The Validator processes this file then presents
the user with a graphical display of variable usage. This enables the user to easily identify
variables that are shared between programs within an application.
Programs that share one or more variables are dependent on each other, i.e. changes to one
program can affect the behaviour of its dependent. These dependencies must be checked
during the development of such an application if the target integrity for the application is to
be SIL 3 (AK6). The cross reference checker aids this task by identifying program
dependencies and thus enables the applications developer to perform adequate re-test of
affect programs.
The Validator can be run as a stand-alone application, or by selecting Cross Ref. Validator
from the IEC 61131 TOOLSET Tools menu. Before running the Validator, the cross reference
file must be generated. It is recommended that the file is given the same name as the
project with an '.xrf' extension, and is located in the application directory as the Validator
looks for this file by default when it is run from the IEC 61131 TOOLSET Tools menu. For
example, if the project name is 'projxyz' then enter the filename
'c:\isawin\apl\projxyz\prjxyz.xrf' when generating the cross reference file. Note that the
complete path name must be entered.
This Validator performs the same task as Validator #1 to produce a graphical display of
variable usage and program dependencies that the applications developer can use to aid
program verification and re-test. The Validator differs from Validator #1 in that it derives the
dependency information from the downloadable TIC code and application symbols database
files generated by the IEC 61131 TOOLSET when an application is successfully compiled. By
deriving the information from a different source, the applications developer is able to
perform an additional consistency check on the IEC 61131 TOOLSET and Validators
themselves by comparing the results of each.
This Validator is used to compare the compiled TIC code produced by the IEC 61131
TOOLSET compiler for two different application databases. Its intended use is to identify
differences between versions of the same application.
The output from the Validator enables the applications programmer to identify programs
that have changed as a result of amending an application, and to also identify any
unexpected changes to programs that may have been introduced by the IEC 61131 TOOLSET
itself.
To use this Validator it is recommended that the IEC 61131 TOOLSET Projects manager is
used to copy the project to be amended to a new project before any changes are applied to
it. The required changes can be then be applied to the existing project. Both the modified
and copied projects can then be compiled to produce the database files required by the
Validator.
Run the validator by either selecting the TIC Difference Checker option from the
IEC 61131 TOOLSET Tools menu, or as a stand-alone application. Select the copied and
modified application directories for comparison, if all the required database files are
available then programs from each application are compared.
This Validator is used to compare the compiled TIC code produced by the
IEC 61131 TOOLSET compiler with the application loaded into the Trusted Main Processor.
The intended use of this validator is to confirm that the application being executed in a
Trusted system matches the toolset copy of the TIC code.
The output from the Validator enables the applications programmer to identify programs
that have changed either as a result of amending an application, or due to any unexpected
changes to programs that may have been introduced by the Toolset itself.
The program dependency tree produced by Validators #1 and #2 shows program and
variable dependencies by displaying them in a tree hierarchy. The top level nodes in the tree
give the programs from the application. These expand to list the variables used by a
program, and these in turn expand to list the programs that use a variable. The icons are
used for the tree nodes are assigned unique colours and shapes, and have the following
meanings as detailed below.
This node represents a program that has no shared variables, and expands to display only
variables that are not shared.
This node represents a program that has one or more shared variables, and expands to
display both shared and non-shared variable node types.
The node represents a variable that is not shared and expands to display only one program
name.
The node represents a variable that is shared, and expands to display the names of the
programs that share it.
The following Errors and Warnings by the Application Validators as they are detected.
This message is displayed if a variable or program name read from the application symbols
file, or the cross reference, is too long. The maximum identifier length supported by
IEC 61131 TOOLSET version 3.23 is 16.
This message is displayed by Validator #1 if it detects a syntax or format error while reading
through the cross reference file. Check that the correct file has been selected, or try
regenerating it.
This message is displayed when a Validator cannot locate the specified Application
Directory.
This message is displayed if a Validator cannot locate the application symbols file for an
application. Check that the application has been compiled successfully.
This message is displayed if a Validator cannot locate the download data base file for the
application. Check that the application has been compiled successfully, and that the
compiler options have been set to generate code for a Motorola target (ISA68M).
This message is displayed if a printer fault occurs while a Validator is attempting to output a
report to the printer.
The applications download database file is not in the correct format. Ensure that the
compiler options are set to generate code for a Motorola target (ISA68M) and re-compile
the application.
This message is displayed when a file Input/Output (I/O) error occurs when accessing the
application history file.
'Error reading Uchar'
'Error accessing download database file'
'Error reading uint16'
'Error reading uint32'
'Error reading in ReadChars'
'Error reading in ReadCharsFrom'
'Error Loading CODEPROG'
These messages are displayed when an error occurs while reading from the download
database file. Try recompiling the application to regenerate the database file.
'Error reading from formatted file!'
'Error accessing file <file>'
These messages are displayed when a file I/O error occurs while reading from a formatted
text file, i.e. the cross reference file, or the application symbols, files which are text.
This message is output when the download database file and application symbols file are
found to contain different numbers of programs. Try recompiling the application.
This warning is displayed if an attempt is made to exit the program, or print a dependency
report, before all the dependency information has been viewed. The dependency
information is considered viewed when all the top level program nodes in the view tree
have been expanded. These can be expanded individually, or all at once by clicking on the
Expand All button. Note that the dependency information is still considered viewed if the
nodes are collapsed again.
This message is output when the download database file and application symbols file are
found to be in-compatible because they contain different project names. Try recompiling
the application.
'Project symbols CRC mis-match in application directory <name> database files in-compatible'
This message is output when the download database file and application symbols file are
found to be in-compatible because the application symbols CRCs do not match. Try
recompiling the application.
This message is displayed if a file I/O error occurs while a Validator is attempting to output a
report to a text file.