Verification of Information Flow Properties under Rational Observation

Information flow properties express the capability for an agent to infer information about secret behaviours of a partially observable system. In a language-theoretic setting, where the system behaviour is described by a language, we define the class of rational information flow properties (RIFP), where observers are modeled by finite transducers, acting on languages in a given family $\mathcal{L}$. This leads to a general decidability criterion for the verification problem of RIFPs on $\mathcal{L}$, implying PSPACE-completeness for this problem on regular languages. We show that most trace-based information flow properties studied up to now are RIFPs, including those related to selective declassification and conditional anonymity. As a consequence, we retrieve several existing decidability results that were obtained by ad-hoc proofs.Comment: 19 pages, 7 figures, version extended from AVOCS'201

Fourier-Motzkin methods for fault diagnosis in discrete event systems

The problem of fault diagnosis under partial observation is a complex problem; and the challenge to solve this problem is to find a compromise between the space complexity and time complexity. The classic method to solve the problem is by constructing an automaton called a diagnoser. This method suffers from the state explosion problem which limits its application to large systems. In this thesis, the problem of fault diagnosis in partially observed discrete event systems is addressed. We assume that the system is modelled by Petri nets having no cycle of unobservable transitions. The class of labelled Petri nets is also considered with both bounded and unbounded cases. We propose a novel approach for fault diagnosis using the Integer Fourier-Motzkin Elimination method. The main idea is to reduce the problem of constructing the diagnoser to a problem of projecting between two spaces. In other words, we first obtain a set of inequalities derived from the state equation of Petri nets. Then, the elimination method is used to drop the variables corresponding to the unobservable transitions and we design two sets of inequalities in variables representing the observable transitions. One set ensures that the fault has occurred, whereas the other ensures that fault has not occurred. Given these two sets, we have proved that the occurrences of faults can be decided as any other diagnoser can do. The obtained result are extended to diagnose violations of constraints such as service level agreement and Quality of Service, which is of particular interested in telecommunication companies. We implement our approach and demonstrate gains in performance with respect to existing approaches on a benchmark example

Discrete and hybrid methods for the diagnosis of distributed systems

Many important activities of modern society rely on the proper functioning of complex systems such as electricity networks, telecommunication networks, manufacturing plants and aircrafts. The supervision of such systems must include strong diagnosis capability to be able to effectively detect the occurrence of faults and ensure appropriate corrective measures can be taken in order to recover from the faults or prevent total failure. This thesis addresses issues in the diagnosis of large complex systems. Such systems are usually distributed in nature, i.e. they consist of many interconnected components each having their own local behaviour. These components interact together to produce an emergent global behaviour that is complex. As those systems increase in complexity and size, their diagnosis becomes increasingly challenging. In the first part of this thesis, a method is proposed for diagnosis on distributed systems that avoids a monolithic global computation. The method, based on converting the graph of the system into a junction tree, takes into account the topology of the system in choosing how to merge local diagnoses on the components while still obtaining a globally consistent result. The method is shown to work well for systems with tree or near-tree structures. This method is further extended to handle systems with high clustering by selectively ignoring some connections that would still allow an accurate diagnosis to be obtained. A hybrid system approach is explored in the second part of the thesis, where continuous dynamics information on the system is also retained to help better isolate or identify faults. A hybrid system framework is presented that models both continuous dynamics and discrete evolution in dynamical systems, based on detecting changes in the fundamental governing dynamics of the system rather than on residual estimation. This makes it possible to handle systems that might not be well characterised and where parameter drift is present. The discrete aspect of the hybrid system model is used to derive diagnosability conditions using indicator functions for the detection and isolation of multiple, arbitrary sequential or simultaneous events in hybrid dynamical networks. Issues with diagnosis in the presence of uncertainty in measurements due sensor or actuator noise are addressed. Faults may generate symptoms that are in the same order of magnitude as the latter. The use of statistical techniques,within a hybrid system framework, is proposed to detect these elusive fault symptoms and translate this information into probabilities for the actual operational mode and possibility of transition between modes which makes it possible to apply probabilistic analysis on the system to handle the underlying uncertainty present

Discrete Event Systems: Models and Applications; Proceedings of an IIASA Conference, Sopron, Hungary, August 3-7, 1987

Work in discrete event systems has just begun. There is a great deal of activity now, and much enthusiasm. There is considerable diversity reflecting differences in the intellectual formation of workers in the field and in the applications that guide their effort. This diversity is manifested in a proliferation of DEM formalisms. Some of the formalisms are essentially different. Some of the "new" formalisms are reinventions of existing formalisms presented in new terms. These "duplications" reveal both the new domains of intended application as well as the difficulty in keeping up with work that is published in journals on computer science, communications, signal processing, automatic control, and mathematical systems theory - to name the main disciplines with active research programs in discrete event systems. The first eight papers deal with models at the logical level, the next four are at the temporal level and the last six are at the stochastic level. Of these eighteen papers, three focus on manufacturing, four on communication networks, one on digital signal processing, the remaining ten papers address methodological issues ranging from simulation to computational complexity of some synthesis problems. The authors have made good efforts to make their contributions self-contained and to provide a representative bibliography. The volume should therefore be both accessible and useful to those who are just getting interested in discrete event systems

System Concepts and Formal Modelling Methods for Business Processes

The major quality breakthrough of the 1980s was the realisation by management that business and manufacturing processes are the key to customer service and organisational performance. This thesis is concerned with the overall problem of modelling of business processes. Of special interest is the study of business processes through an interdisciplinary approach that cuts across the boundaries of management and information technology. The overall effort is placed on being able to move from a purely conceptual level of describing a business process to a more formal one, enabling decision making, and driving the analysis away from experience, intuition, and informal debate. The extended review and presentation of the various modelling methodologies given here, serve as a guide to their basic concepts and capabilities. A particular case study - the management of the human resources in a consulting company - has been used in this thesis to enable the evaluation of the modelling techniques. Hence, models have been produced, as well as simulation results to indicate the limitations, the advantages and the information gained. Through this application, the understanding of requirements for modelling analysis and decision making of business processes was acquired. Particularly, two very important techniques were investigated. System Dynamics and Petri nets provide the answers when process models are geared to deliver not only qualitative but also quantitative results. However, Petri nets provide the mathematical notation and the plethora of analysis tools needed for the validation, verification, and performance analysis of the model. Additionally, two different simulation software packages were used, based on these methodologies; Ithink®, which is based on System Dynamics, and Alpha/Sim®, based on Petri nets theory. The model produced in the case study depicts perfectly the capabilities of the two techniques. Petri nets is not the total business modelling solution, it can be complemented by other methods, such as System Dynamics and discrete-time modelling as shown in Chapter 6. The feasibility of all these modelling techniques lies entirely on the analyst, who should use them alternately to satisfy the requirements of the problem

Supervisory control of fuzzy discrete event systems with applications to mobile robotics

Fuzzy Discrete Event Systems (FDES) were proposed in the literature for modeling and control of a class of event driven and asynchronous dynamical systems that are affected by deterministic uncertainties and vagueness on their representations. In contrast to classical crisp Discrete Event Systems (DES), which have been explored to a sufficient extent in the past, an in-depth study of FDES is yet to be performed, and their feasible real-time application areas need to be further identified. This research work intends to address the supervisory control problem of FDES broadly, while formulating new knowledge in the area. Moreover, it examines the possible applications of these developments in the behavior-based mobile robotics domain. An FDES-based supervisory control framework to facilitate the behavior-based control of a mobile robot is developed at first. The proposed approach is modular in nature and supports behavior integration without making state explosion. Then, this architecture is implemented in simulation as well as in real-time on a mobile robot moving in unstructured environments, and the feasibility of the approach is validated. A general decentralized supervisory control theory of FDES is then established for better information association and ambiguity management in large-scale and distributed systems, while providing less complexity of control computation. Furthermore, using the proposed architecture, simulation and real-time experiments of a tightly-coupled multi-robot object manipulation task are performed. The results are compared with centralized FDES-based and decentralized DES-based approaches. -- A decentralized modular supervisory control theory of FDES is then established for complex systems having a number of modules that are concurrently operating and also containing multiple interactions. -- Finally, a hierarchical supervisory control theory of FDES is established to resolve the control complexity of a large-scale compound system by modularizing the system vertically and assigning multi-level supervisor hierarchies. As a proof-of-concept example to the established theory, a mobile robot navigation problem is discussed. This research work will contribute to the literature by developing novel knowledge and related theories in the areas of decentralized, modular and hierarchical supervisory control of FDES. It also investigates the applicability of these contributions in the mobile robotics arena