Failure diagnosis and prognosis in stochastic discrete-event and cyber-physical systems

In this dissertation we study the problem of fault diagnosis in both discrete event systems and cyber physical systems. Discrete event systems (DESs) are event-driven systems with discrete states that evolve in response to abrupt occurrences of discrete changes (called events). The stochastic DESs are used to characterize the quantitative behavior of the system, by modeling the uncertainty on the occurrence of events as random variables with certain distribution. A stochastic DES is similar to the Markov chain models, with the difference being that, in stochastic DESs, the transition is labeled with the event while the event information is omitted in a Markov chain. Many physical systems, such as manufacturing systems, communication protocols, reactive software, telephone networks, traffic systems, robotics and digital hardware, can be modeled as DESs at a certain level of abstraction. Fault diagnosis is to detect the occurrence of a fault so as to enable any fault tolerant actions. It is a crucial and challenging problem that has attracted considerable attentions in the literature of software engineering, automotive systems, power systems and nuclear engineering. In this dissertation, we propose the online detection schemes for stochastic DESs and also introduce the notions of missed detections (MDs) and false alarms (FAs), or equivalently, false-negatives and false-positives, for the schemes. The idea is that given any observation (of partially observed events), the detector recursively computes the conditional probability of the nonoccurrence of a fault and issues a fault decision if the probability of the nonoccurrence of a fault falls below an appropriately chosen threshold, and issues no-decision otherwise. We establish that S-Diagnosability is a necessary and sufficient condition for achieving any desired levels of MD and FA rates, where the notion of S-Diagnosability was proposed by Thorsley, et al. in 2005, requiring that given any tolerable ambiguity level &rho and error bound &tau , there must exist a delay bound n such that for any fault trace, its extensions, longer than n and probability of ambiguity higher than &rho, occur with probability smaller than &tau . Algorithms for determining the detection scheme parameters of detection threshold and detection delay bound for the specified MD and FA rates requirement are also presented, based on the construction of an extended observer, which computes, for each observation sequence, the set of states reached in the system model, along with their probabilities and the number of post-fault transitions executed. This dissertation also studies the fault diagnosis in cyber physical systems, where the dynamics of the physical systems over discrete sample instances are described by stochastic difference equations, and the nonfault behaviors are specified by linear-time temporal logic (LTL) formulas over sequences of requirement variables that are functions of inputs and states (just as the outputs). We first introduce the notion of an input-output stochastic hybrid automaton (I/O-SHA), and then show that it can be used to model the refinement of a given discrete-time stochastic system against its LTL specification so as to identify the system behaviors that satisfy the nonfault specification versus the ones that violate it in form of reachability of a fault location. For this we propose a refinement algorithm that refines the system model in form of discrete-time stochastic equations with respect to its specification model in form of a Buchi acceptor, and the resulting refinement can be modeled as an I/O-SHA. We further show that the fault detection problem then reduces to a state estimation problem for the I/O-SHA. The performance of the detection protocol is evaluated in terms of its FA and MD rates. We additionally propose the notion of S-Diagnosability for I/O-SHA, which can guarantee the existence of detectors that can achieve any desired FA and MD rates. We further consider the fault prognosis problem, where the goal is to predict a fault prior to its occurrence, for stochastic DESs. We introduce m-steps Stochastic-Prognosability, or simply Sm-Prognosability, requiring for any tolerance level &rho and error bound &tau , there exists a reaction bound k &ge m, such that the set of fault traces for which a fault cannot be predicted k steps in advance with tolerance level &rho, occurs with probability smaller than &tau . Similar to the fault diagnosis problem, we formalize the notion of a prognoser that maps observations to decisions by comparing a suitable statistic with a threshold, and show that Sm-Prognosability is a necessary and sufficient condition for the existence of a prognoser with reaction bound at least m (i.e., prediction at least m-steps prior to the occurrence of a fault) that can achieve any specified FA and MD rate requirement. Moreover, we provide a polynomial algorithm for verifying Sm-Prognosability

From Security Enforcement to Supervisory Control in Discrete Event Systems: Qualitative and Quantitative Analyses

Cyber-physical systems are technological systems that involve physical components that are monitored and controlled by multiple computational units that exchange information through a communication network. Examples of cyber-physical systems arise in transportation, power, smart manufacturing, and other classes of systems that have a large degree of automation. Analysis and control of cyber-physical systems is an active area of research. The increasing demands for safety, security and performance improvement of cyber-physical systems put stringent constraints on their design and necessitate the use of formal model-based methods to synthesize control strategies that provably enforce required properties. This dissertation focuses on the higher level control logic in cyber-physical systems using the framework of discrete event systems. It tackles two classes of problems for discrete event systems. The first class of problems is related to system security. This problem is formulated in terms of the information flow property of opacity. In this part of the dissertation, an interface-based approach called insertion/edit function is developed to enforce opacity under the potential inference of malicious intruders that may or may not know the implementation of the insertion/edit function. The focus is the synthesis of insertion/edit functions that solve the opacity enforcement problem in the framework of qualitative and quantitative games on finite graphs. The second problem treated in the dissertation is that of performance optimization in the context of supervisory control under partial observation. This problem is transformed to a two-player quantitative game and an information structure where the game is played is constructed. A novel approach to synthesize supervisors by solving the game is developed. The main contributions of this dissertation are grouped into the following five categories. (i) The transformation of the formulated opacity enforcement and supervisory control problems to games on finite graphs provides a systematic way of performing worst case analysis in design of discrete event systems. (ii) These games have state spaces that are as compact as possible using the notion of information states in each corresponding problem. (iii) A formal model-based approach is employed in the entire dissertation, which results in provably correct solutions. (iv) The approaches developed in this dissertation reveal the interconnection between control theory and formal methods. (v) The results in this dissertation are applicable to many types of cyber-physical systems with security-critical and performance-aware requirements.PHDElectrical and Computer EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/150002/1/jiyiding_1.pd