Codiagnosability of discrete event systems revisited: A new necessary and sufficient condition and its applications☆
Introduction
In the design of a failure diagnosis system for DES, the first step is to check whether the language generated by an automaton is diagnosable, , whether the system is able to diagnose the failure occurrence within a finite number of event occurrences. This verification can be done by using diagnoser (Debouk et al., 2000, Sampath et al., 1995) or verifier automata (Jiang et al., 2001, Moreira et al., 2016, Moreira et al., 2011, Qiu and Kumar, 2006, Yoo and Lafortune, 2002) for centralized and decentralized architectures. Diagnosability is closely associated with other important properties in DES as observability (Yin & Lafortune, 2015) and opacity (Lafortune, Lin, & Hadjicostis, 2018), being still an active field of research (Cassez, 2012, Ran et al., 2018, Takai and Kumar, 2017, Thorsley, 2017, Yin and Lafortune, 2015, Yin and Lafortune, 2017).
Diagnosers are automata whose states are sets formed with the states of the automaton that models the plant together with labels that indicate if the trace that has occurred so far possesses or not the fault event. Verifiers are automata built by performing a parallel composition between normal and failure behavior of the system. It is well known that diagnosers have, in the worst case, exponential complexity in the plant state-space, but has the advantage of being used for both online diagnosis and offline diagnosability verification. Verifiers, on the other hand, have, in the worst case, polynomial computational complexity in the number of the states of the automaton that generates the language (Moreira et al., 2011, Qiu and Kumar, 2006, Yoo and Lafortune, 2002), but can only be used for offline verification. Diagnosability verification using diagnosers requires the search for cycles which has factorial computation complexity (Johnson, 1975) (therefore, higher than exponential), as opposed to verifiers, which require the search for strongly connected components, which is linear in the number of automaton transitions (Cormen et al., 2009, Tarjan, 1972).
It has been argued for some time now, based on classroom, textbook and practical examples that the size of verifiers and diagnosers is comparable. In a recent paper, Clavijo and Basilio (2017) have shown, based on a rigorous statistical analysis, that the size of the states of diagnosers and verifiers is, respectively, and , on the average, where (resp. ) is the number of events (resp. states) of the plant automaton. Although this result is very encouraging, as far as the state sizes of diagnosers are concerned it is still necessary to tackle the complexity associated with the search for cycles. This issue has been addressed in Viana, Basilio, and Moreira (2015), who proposed a test for verification of language diagnosability of centralized DES which is based on the search for strongly connected components in a diagnoser-like automaton. Here, we extend the results by Viana et al. (2015) to decentralized diagnosability (codiagnosability) of DES, and present a necessary and sufficient condition for language codiagnosability, and, propose a new test for its verification that is based on a diagnoser-like automaton, which like the test proposed in Viana et al. (2015), requires the search for strongly connected components.
Another aspect regarding diagnosis is that liveness and nonexistence of unobservable cycles in the plant automaton are assumed for both diagnosability and codiagnosability verification using the diagnoser automata proposed in Sampath et al. (1995) and Debouk et al. (2000). This is so because the proposed diagnosability verification tests are based on diagnosers, which have only observable events in their event sets. This limitation prevents the existence of cycles of states connected only with unobservable events — this assumption has been recently removed in Carvalho, Basilio, and Moreira (2012) with the so-called hidden cycles, but the search for cycles in the plant automaton that correspond to indeterminate hidden cycles in the diagnoser is still required. The diagnoser-like automaton we propose here has both observable and unobservable events, and so, it can also deal with cycles of unobservable events only. As a consequence, we may remove the language nonliveness assumption, and, in the case of a non-live language, changing it to a live one with the same diagnoser, by adding self-loops labeled with unobservable events to the final states. As far as the authors know, this is the first time these two assumptions are removed in diagnosability verification using diagnosers.
Although the diagnosis of a failure is an important issue regarding safety of industrial automation systems, it is also important to know how much time the diagnosis system takes to detect the failure occurrence (T-diagnosability), or, in the context of untimed DES, how many events must occur after the occurrence of the failure event in order for the diagnosis system to be sure of its occurrence (K-diagnosability). Notice that the diagnoser proposed by Sampath et al. (1995) provides information on the failure occurrence based solely on observable events, and so, when diagnosers are used offline to predict the time spent to diagnose the failure, it is not possible to take into account the time interval between occurrences of observable events that have unobservable events in-between. For this reason, K-diagnosability was defined by Sampath et al. (1995) and Zaytoon and Lafortune (2013) as the number of observables events that must occur after the failure occurrence in order for the diagnoser to be sure about the failure occurrence. Since the diagnoser-like automaton we propose here has both observable and unobservable events, we will also be able to take into account unobservable event occurrences.
In summary, the main advantages of the approach proposed here are as follows: (i) it is based on the search for strongly connected components, as opposed to cycles in all previous tests using diagnosers; (ii) it does not require the usual assumptions on language liveness and non-existence of cycles of states connected with unobservable events; (iii) we can address T-codiagnosability by adding weights associated with transitions of the automaton forming therefore the so-called weighted automaton; (iv) the approach proposed here reduces to the step counting by replacing all transition weights with unity weight, and therefore, K-codiagnosability analysis becomes a particular case of T-codiagnosability. It is also important to remark that, at present, there is no verifier-based method for T-codiagnosability analysis, and so, it is worthwhile to use diagnoser automaton for that matter.
The remainder of this paper is structured as follows. In Section 2, we present a brief review of diagnosability. In Section 3, we propose a diagnoser-like automaton, and based on this automaton, we generalize the necessary and sufficient condition for diagnosability to codiagnosability, and present a diagnosability verification algorithm which relies solely on the search for strongly connected components. In Section 4, we apply the diagnoser-like automaton to compute T- and K-codiagnosability. We also present in Section 4 a comparison with previously published related works. Finally, in Section 5, we draw some conclusions. All proofs of the results presented in the paper are in the Appendix.
Section snippets
Background
Let denote a deterministic automaton, where is the finite state space, is the set of events, is the transition function, assumed to be partially defined in the event set, is the active event function, i.e., , is the initial state, and is the set of marked states. We will assume that the event set is partitioned as , where (resp. ) denotes the set of observable (resp. unobservable) events. The transition function,
New results on codiagnosability verification
In this section, we extend existing results on codiagnosability tests based on diagnoser automata. The motivation for proposing a new test is as follows: (a) since it is also necessary to perform a search for cycles in , diagnosers and do not carry enough information to determine if cycles of uncertain states (observed or hidden) are also indeterminate cycles; (b) the search for cycles, as pointed out in Johnson (1975), is higher than exponential in the number of states; (c) since
Applications to T- and K-codiagnosability analysis
In a decentralized architecture, codiagnosability ensures that at least one local site detects and diagnoses the failure occurrence within a bounded number of event occurrences. However, just being sure that the failure has occurred is not enough; for example, components may burn or parts may misalign before the failure occurrence is detected. So, it is important to also incorporate the time elapsed or the number of events that occurred since the failure occurrence as a performance index the
Conclusions
We have presented here a new necessary and sufficient condition for language codiagnosability, and leveraged this condition to propose a new test for verification of language codiagnosability that takes into account the time intervals due to unobservable event occurrences, does not require the usual assumptions on language liveness and nonexistence of cycles of states connected with unobservable events. In addition, the test for codiagnosability verification is based on the search for strongly
Gustavo S. Viana was born on July, 9, 1990 in Rio de Janeiro, Brazil. He received the Electrical Engineer, the M.Sc. and the D.Sc. degrees in Control from the Federal University of Rio de Janeiro, Rio de Janeiro, Brazil, in 2012, 2014 and 2018, respectively. Since 2018, he has been an Associate Professor at the Department of Electrical Engineering at the Federal University of Rio de Janeiro. His main interests are fault diagnosis of discrete-event systems, cyber–physical system security and
References (32)
- et al.
A theory of timed automata
Theoretical Computer Science
(1994) - et al.
Robust diagnosis of discrete event systems against intermittent loss of observations
Automatica
(2012) - et al.
On the history of diagnosability and opacity in discrete event systems
Annual Reviews in Control
(2018) - et al.
Codiagnosability and coobservability under dynamic observations: transformation and verification
Automatica
(2015) - et al.
Overview of fault diagnosis methods for discrete event systems
Annual Reviews in Control
(2013) - et al.
Diagnosability analysis of labeled time petri net systems
IEEE Transactions on Automatic Control
(2017) - et al.
Robust codiagnosability of discrete event systems
- et al.
Computation of minimal event bases that ensure diagnosability
Discrete Event Dynamic Systems: Theory and Applications
(2012) - et al.
Introduction to discrete events systems
(2008) The complexity of codiagnosability for discrete event and timed systems
IEEE Transactions on Automatic Control
(2012)
Supremal and maximal sublanguages arising in supervisor synthesis problems with partial observations
Theory of Computing Systems
Empirical studies in the size of diagnosers and verifiers for diagnosability analysis
Discrete Event Dynamic Systems
Introduction to algorithms
Coordinated decentralized protocols for failure diagnosis of discrete event systems
Discrete Event Dynamic Systems: Theory and Applications
A polynomial algorithm for testing diagnosability of discrete-event systems
IEEE Transactions on Automatic Control
Finding all the elementary circuits of a directed graph
SIAM Journal on Computing
Cited by (32)
Codiagnosability for Intersection-Based Decentralized Diagnosis of Discrete Event Systems
2023, IFAC-PapersOnLineEvent-Based Automaton Model for identification of discrete-event systems for fault detection
2023, Control Engineering PracticeDisjunctive fault prediction of decentralized discrete event systems: Verification, predictor design and K-copredictability
2023, AutomaticaCitation Excerpt :In this section, we address the problem of copredictability verification for regular languages and, to this end, we propose two different verification strategies: (i) the first one that deploys the test automaton proposed by Viana and Basilio (2019); (ii) the second strategy that is based on the verifier proposed by Moreira et al. (2011). As in Viana and Basilio (2019), we leverage here the test automaton feature for revealing hidden cycles to propose a copredictability verification algorithm (1). Based on 1 and Remark 1, we present a necessary and sufficient conditions for copredictability verification by using the diagnoser-like test automaton.
Robust decentralized diagnosability of networked discrete event systems against DoS and deception attacks
2022, Nonlinear Analysis: Hybrid SystemsCitation Excerpt :The verification of codiagnosability can be carried out using test diagnosers [18,27]. The procedure proposed by Viana and Basilio [27] has advantages over that proposed by Debouk et al. [18], namely it does not require the assumption on the non-existence of cycles of states connected with unobservable events only, and, additionally, it searches for nontrivial strongly connected components, instead of cycles. [27]
Gustavo S. Viana was born on July, 9, 1990 in Rio de Janeiro, Brazil. He received the Electrical Engineer, the M.Sc. and the D.Sc. degrees in Control from the Federal University of Rio de Janeiro, Rio de Janeiro, Brazil, in 2012, 2014 and 2018, respectively. Since 2018, he has been an Associate Professor at the Department of Electrical Engineering at the Federal University of Rio de Janeiro. His main interests are fault diagnosis of discrete-event systems, cyber–physical system security and industry 4.0.
João C. Basilio was born on March 15, 1962 in Juiz de Fora, Brazil. He received the Electrical Engineering degree in 1986 from the Federal University of Juiz de Fora, Juiz de Fora, Brazil, the M.Sc. degree in Control from the Military Institute of Engineering, Rio de Janeiro, Brazil, in 1989, and the Ph.D. degree in Control from Oxford University, Oxford, U.K., in 1995. He began his career in 1990 as an Assistant Professor at the Department of Electrical Engineering of the Federal University of Rio de Janeiro, Rio de Janeiro, Brazil, where he is currently a Full Professor in Control. He was the Dean of Polytechnic School of UFRJ from 2014 to 2018. From September, 2007, to December, 2008, he spent a sabbatical leave at the University of Michigan, Ann Arbor, and was an Invited Professor of École Centrale of Lille, University of Lille, France, during September, 2016, and November/December, 2018. His current interests are fault diagnosis, opacity, and supervisory control of discrete-event systems, from both, the theoretical and application points of view. Prof. Basilio is the recipient of the Correia Lima Medal.
- ☆
This work has been supported in part by the Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES), Finance Code 001, and the Brazilian Research Council (CNPq) , grant number 309652/2017-0. The material in this paper was partially presented at the 2015 American Control Conference, July 1-3, 2015, Chicago, IL, USA. This paper was recommended for publication in revised form by Associate Editor Rong Su under the direction of Editor Christos G. Cassandras.