On detectability of labeled Petri nets and finite automata

We study detectability properties for labeled Petri nets and finite automata. We first study weak approximate detectability (WAD) that implies that there exists an infinite observed output sequence of the system such that each prefix of the output sequence with length greater than a given value allows an observer to determine if the current state belongs to a given set. We also consider two new concepts called instant strong detectability (ISD) and eventual strong detectability (ESD). The former property implies that for each possible infinite observed output sequence each prefix of the output sequence allows reconstructing the current state. The latter implies that for each possible infinite observed output sequence, there exists a value such that each prefix of the output sequence with length greater than that value allows reconstructing the current state. Results: WAD: undecidable for labeled Petri nets, PSPACE-complete for finite automata ISD: decidable and EXPSPACE-hard for labeled Petri nets, belongs to P for finite automata ESD: decidable under promptness assumption and EXPSPACE-hard for labeled Petri nets, belongs to P for finite automata SD: belongs to P for finite automata, strengthens Shu and Lin's 2011 results based on two assumptions of deadlock-freeness and promptness ISD<SD<ESD<WD<WAD for both labeled Petri nets and finite automataComment: 44 pages, 21 figure

VERIFICATION AND APPLICATION OF DETECTABILITY BASED ON PETRI NETS

In many real-world systems, due to limitations of sensors or constraints of the environment, the system dynamics is usually not perfectly known. However, the state information of the system is usually crucial for the purpose of decision making. The state of the system needs to be determined in many applications. Due to its importance, the state estimation problem has received considerable attention in the discrete event system (DES) community. Recently, the state estimation problem has been studied systematically in the framework of detectability. The detectability properties characterize the possibility to determine the current and the subsequent states of a system after the observation of a finite number of events generated by the system. To model and analyze practical systems, powerful DES models are needed to describe the different observation behaviors of the system. Secondly, due to the state explosion problem, analysis methods that rely on exhaustively enumerating all possible states are not applicable for practical systems. It is necessary to develop more efficient and achievable verification methods for detectability. Furthermore, in this thesis, efficient detectability verification methods using Petri nets are investigated, then detectability is extended to a more general definition (C-detectability) that only requires that a given set of crucial states can be distinguished from other states. Formal definitions and efficient verification methods for C-detectability properties are proposed. Finally, C-detectability is applied to the railway signal system to verify the feasibility of this property: 1. Four types of detectability are extended from finite automata to labeled Petri nets. In particular, strong detectability, weak detectability, periodically strong detectability, and periodically weak detectability are formally defined in labeled Petri nets. 2. Based on the notion of basis reachability graph (BRG), a practically efficient approach (the BRG-observer method) to verify the four detectability properties in bounded labeled Petri nets is proposed. Using basis markings, there is no need to enumerate all the markings that are consistent with an observation. It has been shown by other researchers that the size of the BRG is usually much smaller than the size of the reachability graph (RG). Thus, the method improves the analysis efficiency and avoids the state space explosion problem. 3. Three novel approaches for the verification of the strong detectability and periodically strong detectability are proposed, which use three different structures whose construction has a polynomial complexity. Moreover, rather than computing all cycles of the structure at hand, which is NP-hard, it is shown that strong detectability can be verified looking at the strongly connected components whose computation also has a polynomial complexity. As a result, they have lower computational complexity than other methods in the literature. 4. Detectability could be too restrictive in real applications. Thus, detectability is extended to C-detectability that only requires that a given set of crucial states can be distinguished from other states. Four types of C-detectability are defined in the framework of labeled Petri nets. Moreover, efficient approaches are proposed to verify such properties in the case of bounded labeled Petri net systems based on the BRG. 5. Finally, a general modeling framework of railway systems is presented for the states estimation using labeled Petri nets. Then, C-detectability is applied to railway signal systems to verify its feasibility in the real-world system. Taking the RBC handover procedure in the Chinese train control system level 3 (CTCS-3) as an example, the RBC handover procedure is modeled using labeled Petri nets. Then based on the proposed approaches, it is shown that that the RBC handover procedure satisfies strongly C-detectability

Checking and Enforcing Security through Opacity in Healthcare Applications

The Internet of Things (IoT) is a paradigm that can tremendously revolutionize health care thus benefiting both hospitals, doctors and patients. In this context, protecting the IoT in health care against interference, including service attacks and malwares, is challenging. Opacity is a confidentiality property capturing a system's ability to keep a subset of its behavior hidden from passive observers. In this work, we seek to introduce an IoT-based heart attack detection system, that could be life-saving for patients without risking their need for privacy through the verification and enforcement of opacity. Our main contributions are the use of a tool to verify opacity in three of its forms, so as to detect privacy leaks in our system. Furthermore, we develop an efficient, Symbolic Observation Graph (SOG)-based algorithm for enforcing opacity

Discrete events: Perspectives from system theory

Systems Theory;differentiaal/ integraal-vergelijkingen

Formal Modelling for Multi-Robot Systems Under Uncertainty

Purpose of Review: To effectively synthesise and analyse multi-robot behaviour, we require formal task-level models which accurately capture multi-robot execution. In this paper, we review modelling formalisms for multi-robot systems under uncertainty, and discuss how they can be used for planning, reinforcement learning, model checking, and simulation. Recent Findings: Recent work has investigated models which more accurately capture multi-robot execution by considering different forms of uncertainty, such as temporal uncertainty and partial observability, and modelling the effects of robot interactions on action execution. Other strands of work have presented approaches for reducing the size of multi-robot models to admit more efficient solution methods. This can be achieved by decoupling the robots under independence assumptions, or reasoning over higher level macro actions. Summary: Existing multi-robot models demonstrate a trade off between accurately capturing robot dependencies and uncertainty, and being small enough to tractably solve real world problems. Therefore, future research should exploit realistic assumptions over multi-robot behaviour to develop smaller models which retain accurate representations of uncertainty and robot interactions; and exploit the structure of multi-robot problems, such as factored state spaces, to develop scalable solution methods.Comment: 23 pages, 0 figures, 2 tables. Current Robotics Reports (2023). This version of the article has been accepted for publication, after peer review (when applicable) but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: https://dx.doi.org/10.1007/s43154-023-00104-

Complete Specification of DDM Mechanisms

The specification of DDM (Distributed Decision-Making) algorithms is addressed. The modeling technique presented is based on well-known extensions to Petri-Nets (PNs). Transition-enabling functions with a domain corresponding to the marking of a net are used to express the semantics of decision-making. Furthermore, the algorithm structural characteristics of global state representation and topology are incorporated. Finally, the dynamic nature of evolution of system state, interaction with processes external to the computation, and the interprocess communication aspects of the mechanism are also modeled. The elements of analysis associated with this model are described, but not detailed in the scope of this paper

Twin‐engined diagnosis of discrete‐event systems

Diagnosis of discrete-event systems (DESs) is computationally complex. This is why a variety of knowledge compilation techniques have been proposed, the most notable of them rely on a diagnoser. However, the construction of a diagnoser requires the generation of the whole system space, thereby making the approach impractical even for DESs of moderate size. To avoid total knowledge compilation while preserving efficiency, a twin-engined diagnosis technique is proposed in this paper, which is inspired by the two operational modes of the human mind. If the symptom of the DES is part of the knowledge or experience of the diagnosis engine, then Engine 1 allows for efficient diagnosis. If, instead, the symptom is unknown, then Engine 2 comes into play, which is far less efficient than Engine 1. Still, the experience acquired by Engine 2 is then integrated into the symptom dictionary of the DES. This way, if the same diagnosis problem arises anew, then it will be solved by Engine 1 in linear time. The symptom dic- tionary can also be extended by specialized knowledge coming from scenarios, which are the most critical/probable behavioral patterns of the DES, which need to be diagnosed quickly