Failure Diagnosis of Discrete Event Systems: A Temporal Logic Approach

Similar documents
Failure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications

Diagnosis of Repeated/Intermittent Failures in Discrete Event Systems

SUPERVISORY CONTROL AND FAILURE DIAGNOSIS OF DISCRETE EVENT SYSTEMS: A TEMPORAL LOGIC APPROACH

4.2 First-Order Logic

Communication security: Formal models and proofs

T Reactive Systems: Temporal Logic LTL

Timo Latvala. March 7, 2004

The State Explosion Problem

Lecture Notes On THEORY OF COMPUTATION MODULE - 2 UNIT - 2

Decoder Error Probability of MRD Codes

Outline. Model Predictive Control: Current Status and Future Challenges. Separation of the control problem. Separation of the control problem

Decoder Error Probability of MRD Codes

Failure Diagnosis of Discrete-Time Stochastic Systems subject to Temporal Logic Correctness Requirements

Intelligent Positioning Plate Predictive Control and Concept of Diagnosis System Design

Timo Latvala. February 4, 2004

Temporal & Modal Logic. Acronyms. Contents. Temporal Logic Overview Classification PLTL Syntax Semantics Identities. Concurrency Model Checking

Decentralized Failure Diagnosis of Discrete Event Systems

Survivable Virtual Topology Mapping To Provide Content Connectivity Against Double-Link Failures

Guest lecturer: Prof. Mark Reynolds, The University of Western Australia

denition of distributed computations with synchronous than originally stated. Key words: Distributed computation { Message passing Communication

Conditions for Approaching the Origin without Intersecting the x-axis in the Liénard Plane

Finite-State Model Checking

Degrees of Lookahead in Regular Infinite Games

Automata-based Verification - III

Overview. overview / 357

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège

Lecture 16: Computation Tree Logic (CTL)

DECENTRALIZED DIAGNOSIS OF EVENT-DRIVEN SYSTEMS FOR SAFELY REACTING TO FAILURES. Wenbin Qiu and Ratnesh Kumar

Automata on Infinite words and LTL Model Checking

Model Checking of Safety Properties

Stéphane Lafortune. August 2006

Computation Tree Logic (CTL) & Basic Model Checking Algorithms

UNCERTAINTY FOCUSED STRENGTH ANALYSIS MODEL

Introdction Finite elds play an increasingly important role in modern digital commnication systems. Typical areas of applications are cryptographic sc

From Liveness to Promptness

(Diskursrepräsentationstheorie)

Temporal Logic. M φ. Outline. Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness. Ralf Huuck. Kripke Structure

CS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics

Modal and Temporal Logics

Linear Temporal Logic (LTL)

Automata-based Verification - III

Cuckoo hashing: Further analysis

Lecture 2 Automata Theory

Diagnosis of Dense-Time Systems using Digital-Clocks

Applying Fuzzy Set Approach into Achieving Quality Improvement for Qualitative Quality Response

A Polynomial Algorithm for Testing Diagnosability of Discrete Event Systems

Property Checking of Safety- Critical Systems Mathematical Foundations and Concrete Algorithms

Introduction to Model Checking. Debdeep Mukhopadhyay IIT Madras

Timed Automata. Chapter Clocks and clock constraints Clock variables and clock constraints

Discontinuous Fluctuation Distribution for Time-Dependent Problems

Relational Interfaces and Refinement Calculus for Compositional System Reasoning

A brief history of model checking. Ken McMillan Cadence Berkeley Labs

An Introduction to Temporal Logics

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Department of Industrial Engineering Statistical Quality Control presented by Dr. Eng. Abed Schokry

Chapter 4: Computation tree logic

Chapter 3: Linear temporal logic

Abstractions and Decision Procedures for Effective Software Model Checking

Model for reactive systems/software

Optimal Control of a Heterogeneous Two Server System with Consideration for Power and Performance

ONR MURI AIRFOILS: Animal Inspired Robust Flight with Outer and Inner Loop Strategies. Calin Belta

Designing of Virtual Experiments for the Physics Class

Lecture 2 Automata Theory

FREE PROFINITE SEMIGROUPS OVER SOME CLASSES OF SEMIGROUPS LOCALLY IN DG

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.

Reasoning about Time and Reliability

Chapter 5: Linear Temporal Logic

Study of the diffusion operator by the SPH method

PSPACE-completeness of LTL/CTL model checking

Temporal Logic Model Checking

Computer-Aided Program Design

J.A. BURNS AND B.B. KING redced order controllers sensors/actators. The kernels of these integral representations are called fnctional gains. In [4],

Formal Verification of Mobile Network Protocols

Alan Bundy. Automated Reasoning LTL Model Checking

1. Tractable and Intractable Computational Problems So far in the course we have seen many problems that have polynomial-time solutions; that is, on

Effects of Soil Spatial Variability on Bearing Capacity of Shallow Foundations

Subcritical bifurcation to innitely many rotating waves. Arnd Scheel. Freie Universitat Berlin. Arnimallee Berlin, Germany

On the circuit complexity of the standard and the Karatsuba methods of multiplying integers

Automata and Reactive Systems

Lecture 9 Synthesis of Reactive Control Protocols

9. Tensor product and Hom

Sources of Non Stationarity in the Semivariogram

Study on the Mathematic Model of Product Modular System Orienting the Modular Design

Topics in Verification AZADEH FARZAN FALL 2017

Robust Tracking and Regulation Control of Uncertain Piecewise Linear Hybrid Systems

SFM-11:CONNECT Summer School, Bertinoro, June 2011

Op#mal Control of Nonlinear Systems with Temporal Logic Specifica#ons

Introduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either

Efficient reduction of finite state model checking to reachability analysis

Entanglement Renormalization and Wavelets

State-Space Exploration. Stavros Tripakis University of California, Berkeley

Optimization in Predictive Control Algorithm

Prediction of Transmission Distortion for Wireless Video Communication: Analysis

Affine Invariant Total Variation Models

Logic Model Checking

Lecture Notes on Emptiness Checking, LTL Büchi Automata

On the tree cover number of a graph

HADAMARD-PERRON THEOREM

Course Runtime Verification

Visualisations of Gussian and Mean Curvatures by Using Mathematica and webmathematica

Transcription:

Failre Diagnosis of Discrete Event Systems: A Temporal Logic Approach Shengbing Jiang Electrical & Controls Integration Lab General Motors R&D 1

Otline Introdction Notion of Diagnosability in Temporal Logic Setting Algorithm for Diagnosis Example Conclsion 2

DES: Introdction Discrete states: driven by randomly occrring events Events: discrete qalitative changes arrival of part in a manfactring system loss of message packet in a commnication network termination of a program in an operating system exection of operation in database system arrival of sensor packet in embedded control system Examples of discrete event systems: compter and commnication networks robotics and manfactring systems compter programs atomated traffic systems 3

DES: Example States change in response to randomly occrring events piecewise-constant state trajectory floor 1 state floor 0 moving top on +on bot t t t t 1 2 3 4 time typical state trajectory of an elevator State trajectory a seqence of triples: (x 0, σ 1, t 1 )(x 1, σ 2, t 2 )... Untimed trajectory (for ntimed specification): (x 0, σ 1 )(x 1, σ 1 )... Under determinism this is eqivalent to: x 0 and σ 1 σ 2... Collection of all event traces, langage, L = pr(l) Collection of final traces, marked langage, L m L Langage model, (L, L m ), also modeled as atomaton: G := (X,Σ, α, x 0, X m ); (L(G), L m (G)) langage model 4

Failre Diagnosis of DESs Failre: deviation from normal or reqired behavior occrrence of a failre event visiting a failed state reaching a deadlock or livelock Failre Diagnosis: detecting and identifying failres plant model M (e) diagnosability test diagnoser failre / no failre falt specification model e: event generated; M(e): event observed/sensored M(e) = ǫ: no sensor for the event e M(e 1 ) = M(e 2 ) ǫ: e.g. motion sensor, detect the movement of a part, not the moving direction and the part type Diagnoser: observes the seqence of generated events, and determines (possibly with a delay that is bonded) whether or not a failre occrred 5

Prior Reslts: Formal langage / atomaton falt specification Falt spec.: only safety properties Or Contribtion: A temporal logic approach for failre diagnosis of DESs Temporal logic has a syntax similar to natral langage and has a formal semantics Falt spec.: both safety and liveness properties 6

Linear-time Temporal Logic (LTL): Introdction Describing properties of seqence of proposition set traces Notations AP: set of atomic propositions Σ AP = 2 AP : power set of AP Σ AP : set of all finite proposition set traces Σ ω AP : set of all infinite proposition set traces Temporal operators & their interpretations X : next, U : ntil, F : ftre or eventally, Ff=TreUf G : globally or always, Gf=~F~f B : before, fbg=~(~fug) Xf f fug Ff f f f.................. f g f Gf f f f...... f f fbg f...... g Syntax of LTL formlae P1 p AP p is a LTL formla. P2 f 1 and f 2 are LTL formlae so are f 1, f 1 f 2, and f 1 f 2. P3 f 1 and f 2 are LTL formlae so are Xf 1, f 1 Uf 2, Ff 1, Gf 1, and f 1 Bf 2. 7

Semantics: proposition-trace π = (L 0, L 1, ) Σ ω AP π i = (L i, ), i 0 1. p AP, π = p p L 0. 2. π = f 1 π = f 1. 3. π = f 1 f 2 π = f 1 or π = f 2. 4. π = f 1 f 2 π = f 1 and π = f 2. 5. π = Xf 1 π 1 = f 1. 6. π = f 1 Uf 2 k 0, π k = f 2 and j {0,1,, k 1}, π j = f 1. 7. π = Ff 1 k 0, π k = f 1. 8. π = Gf 1 k 0, π k = f 1. 9. π = f 1 Bf 2 k 0 with π k = f 2, j {0,1,, k 1}, π j = f 1. Examples of LTL formlae G R 1 : an invariance (a type of safety) property. G((message sent) F(message received)) : a recrrence (a type of liveness) property. FGp : a stability (a type of liveness) property. 8

Notion of Diagnosability in Temporal Logic Setting System Model: P = (X,Σ, R, X 0, AP, L) X, a finite set of states; Σ, a finite set of event labels; R : X Σ {ǫ} X, a transition relation, x X, σ Σ {ǫ}, x X, (x, σ, x ) R (P is nondeterministic & nonterminating); X 0 X, a set of initial states; AP, a finite set of atomic proposition symbols; L : X 2 AP, a labelling fnction. M : Σ {ǫ} {ǫ}, an observation mask. Falt specification: LTL formla f. π = (x 0, x 1, ), π AP = (L(x 0 ), L(x 1 ), ): π = f if π AP = f 9

Falty state-trace An infinite state-trace π is falty if π = f. Remark captres both safety and liveness failres Indicator A finite state-trace π is an indicator if all its infinite extensions in P are falty. Remark: can only detect indicators throgh observation of finite length event-traces Pre-diagnosability P is pre-diagnosable w.r.t. f if every falty state-trace in P possesses an indicator as its prefix. Remark Needed for detecting all failres throgh observation of finite length event-traces Example b d x a c 0 x 1 p 1 p 1 x 2 p 2 f = GFp 2 : not pre-diagnosable; no indicator for x 0 x ω 1 f = GFp 1 : pre-diagnosable 10

Diagnosability: single specification P is diagnosable w.r.t. M and f if P is pre-diagnosable and Example Exists a detection delay bond n sch that For all indicator trace π 0 For all extension-sffix π 1 of π 0, π 1 n For all π indistingishable from π 0 π 1 It holds that π is an indicator trace p 2 x b 2 c 1 1 p 1 p 1 a a x 0 x 1 p 1, p 2 b x a 2 3 x 4 c 2 p 1 M(b 1 ) = M(b 2 ) = b; M(c 1 ) = M(c 2 ) = c f = GFp 2 : diagnosable (no falty trace looks like a nonfalty trace) f = Gp 1 : pre-diagnosable bt not diagnosable Diagnosability: mltiple specifications P is diagnosable w.r.t. M and {f i, i = 1,2,, m} if P is diagnosable w.r.t. M and each f i, i = 1,2,, m. Remark: Sffices to stdy the case of only one falt specification 11

Algorithm for Diagnosis with LTL Specifications Problem of failre Diagnosis Given P, M, f: Test the diagnosability of P w.r.t. M and f; If P is diagnosable, then constrct a diagnoser for P. 12

Algorithm 1: diagnosis for single falt specification 1. Constrct a tablea T f for f that contains all infinite proposition-traces satisfying f, and let {F i,1 i r} denote the generalized Büchi acceptance condition of f. 2. Test the pre-diagnosability of P. Constrct T 1 = T f AP P that generates traces that are accepted by P and are limits of traces satisfying f. Check whether every infinite state-trace generated by T 1 satisfies f, i.e., whether every infinite statetrace generated by T 1 visits each F i infinitely often: T 1 = r i=1 GFF i, a LTL model checking problem. NO P is not pre-diagnosable. 3. Test the diagnosability of P. Constrct T 2 = M 1 M(T 1 ) Σ P that accepts finite traces of P indistingishable from finite traces of T 1, i.e., prefixes of non-falty traces. Check whether every infinite trace in T 2 satisfies f: T 2 = f, a LTL model checking problem. NO P is not diagnosable. 4. Otpt M(T 1 ) as the diagnoser D. Complexity: O(2 f X 4 ); size of D: O(2 f X ). 13

Illstrative Example: Mose in a Maze 0 cat 1 5 mose food 3 4 2 : observable : nobservable Spec 1 Never visit room 1 (an invariance, a type of safety, property). G R 1 : Globally (always) not in Room 1 Spec 2 Visit room 2 for food infinitely often (a recrrence, a type of liveness, property). GFR 2 : Globally (always) in ftre in Room 2 14

System model o x 1 3 x 0 x 1 o o3 2 R 1 x 4 R 2 x 2 o 4 x 5 M() = ǫ, M(o i ) = o i for 0 i 4; AP = {R 1, R 2 }; L(x i ) = for i {1,2}, L(x 1 ) = {R 1 }, L(x 2 ) = {R 2 }. Specifications: f 1 = G R 1, f 2 = GFR 2. 15

Tablea T fi, i = 1,2. F 1 F 1 s 1 t 1 t 2 R 1 R 2 R 2 (a) (b) Checking pre-diagnosability: T f i 1 = T f i AP P, i = 1,2; T f i 1 = GFF 1? i = 1,2. F 1 o F x 1 x0 1 3 x 0 x 1 R 1 o 2 o 3 F 1 o 2 o 3 (a) x 5 x 2 o 4, R 2 2 x 4 x 2 F 1 F F 1, R 1 o 4 (b) x 5 P is pre-diagnosable w.r.t. f 1 and f 2 respectively. 16

Checking diagnosability: T f i 2 = M 1 M(T f i 1 ) ΣP, i = 1,2; T f 1 2 = G R 1? T f 2 2 = GFR 2? q 0 q 1 R 1 q 1 o 1 q 0 o 2 o 3 o 2 o 3 R q 2 2 o 4 q 3 q 2 q 3 q 4 R 2 o 4 o 4 q 4 (a) (b) P is diagnosable w.r.t. f 1 and f 2 respectively. 17

Diagnoser D = {M(T f 1 1 ), M(T f 2 1 )} x 3 o 1 x 0 x 0 o 2 o 3 o 4 o 2 o 3 x 2 x 2 o 4 o 4 (a) (b) o x 1 3 x 0 x 1 o o3 2 R 1 x 4 R 2 x 2 o 4 x 5 Specifications: f 1 = G R 1, f 2 = GFR 2. 18

Conclsion A framework for failre diagnosis in LTL setting Notions of indicator, pre-diagnosability, and diagnosability Algorithms for checking pre-diagnosability & diagnosability in proposed framework Constrction of diagnoser for on-line diagnosis in proposed framework Complexity analysis (polynomial in the plant size, exponential in the formla length) 19

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback