Un método computacional para la detección y caracterización de conflictos en redes de Petri

En este artículo se presenta un método que permite detectar la presencia deconflictos en modelos construidos con base en el formalismo matemático de lasRedes de Petri. Se muestra cómo mediante la aplicación de un algoritmo que tomacomo datos de entrada la representación matricial de una red, es posible detectar laexistencia de conflictos y caracterizar su tipo, identificando, además, el conjunto deelementos que los presentan. La utilización del método propuesto se ilustra usandouna Red de Petri Ordinaria

Abordagem sistemática para o controlo seguro de sistemas aeroespaciais

A verificação formal do comportamento de sistemas tempo-real é uma tarefa complexa, por várias razões. Há múltiplos trabalhos desenvolvidos na área de verificação formal, por model-checking de sistemas tempo-real, sendo que diversos softwares foram desenvolvidos para o efeito. Um dos problemas mais complexos para serem resolvidos na análise de controladores tempo-real é a conversão das linguagens de programação dos controladores nas linguagens formais, por exemplo autómatos finitos temporizados para depois poderem ser verificados formalmente através dos model-checkers existentes. Se a metodologia de elaboração dos programas for bem desenvolvida e conhecida, essa tarefa pode ser muito facilitada. Por outro lado, grande parte dos sistemas tempo-real (principalmente os sistemas embebidos que pretendemos estudar) é programado em linguagem C. Neste artigo pretende-se estabelecer uma metodologia de criação de programas em código C, a partir do formalismo de especificação SFC, tendo em conta a verificação formal de propriedades comportamentais desejadas para o sistema, utilizando a técnica Model- Checking e o model-checker UPPAAL. Estes estudos preliminares são efectuados no contexto de colaboração entre Investigadores dos centros de investigação CT2M, ALGORITMI e CCTC da Universidade do Minho (Portugal) e do Departamento de Engenharia Mecânica do Instituto Tecnológico de Aeronáutica (Brasil).Formal verification of real-time systems behavior of is a complex task, for several reasons. There are multiple works developed in the domain of formal verification of real-time system behavior by model-checking, and various software tools were developed for this purpose. One of the most complexes problems to be solved in the analysis of real-time controllers is the conversion of programming languages controllers in formal languages, for example finite timed automata to be used as inputs of the existing model-checkers. If the methodology of the programming is well developed and known, this task can be greatly facilitated. Moreover, most real-time systems (especially embedded systems that we intend to study) are programmed in C language This article seeks to establish the methodology of creating programs in C code, from SFC specification formalism, taking into account the formal verification of behavior al properties desired for the system, using the Model-Checking technique and the modelchecker UPPAAL. A case study is presented to illustrate the methodology presented. These preliminary studies are presented on the context of a research collaboration project being developed by researchers of CT2M, ALGORITMI and CCTC research centers of University of Minho (Portugal) and the Mechanical Engineering Department of Technological Institute of Aeronautics (Brazil)

On the Enforcement of a Class of Nonlinear Constraints on Petri Nets

International audienceThis paper focuses on the enforcement of nonlinear constraints in Petri nets. First, a supervisory structure is proposed for a nonlinear constraint. The proposed structure consists of added places and transitions. It controls the transitions in the net to be controlled only but does not change its states since there is no arc between the added transitions and the places in the original net. Second, an integer linear programming model is proposed to transform a nonlinear constraint to a minimal number of conjunc-tive linear constraints that have the same control performance as the nonlinear one. By using a place invariant based method, the obtained linear constraints can be easily enforced by a set of control places. The control places consist to a supervisor that can enforce the given nonlinear constraint. On condition that the admissible markings space of a nonlinear constraint is non-convex, another integer linear programming model is developed to obtain a minimal number of constraints whose disjunctions are equivalent to the nonlinear constraint. Finally, a number of examples are provided to demonstrate the proposed approach

Un método computacional para la detección y caracterización de conflictos en redes de Petri

En este artículo se presenta un método que permite detectar la presencia deconflictos en modelos construidos con base en el formalismo matemático de lasRedes de Petri. Se muestra cómo mediante la aplicación de un algoritmo que tomacomo datos de entrada la representación matricial de una red, es posible detectar laexistencia de conflictos y caracterizar su tipo, identificando, además, el conjunto deelementos que los presentan. La utilización del método propuesto se ilustra usandouna Red de Petri Ordinaria

Synthèse de contrôleurs Réseaux de Petri pour le routage dynamique des trains dans un noeud ferroviaire

International audienceCet article présente une méthode de prévention des collisions et des blocages pour le routage automatique des trains dans les noeuds ferroviaires. La méthode de contrôle proposée doit permettre d'optimiser le nombre de trains traversant simultanément le noeud ferroviaire. Le routage des trains est fait de manière dynamique, les trains ne suivent pas un itinéraire mais s'adaptent aux aléas du réseaux. Cette approche permet d'avoir une flexibilité et une densité de trains accrue dans les noeuds ferroviaire. Mais elle doit garantir la sécurité du système et notamment l'absence de collisions entre trains dans le noeud. Pour cela, nous proposons la construction par synthèse d'un Réseau de Petri initial permettant à chaque train d'utiliser et de libérer les ressources au fur et à mesure de sa progression dans le noeud ferroviaire. Mais ce modèle initial peut entrainer un contrôle bloquant. Ainsi nous proposons une méthode de résolution des blocages potentiels permettant de garantir la vivacité du modèle final

Petri Net Supervisors for DES with Uncontrollable and Unobservable Transitions

A supervisor synthesis technique for Petri net plants with uncontrollable and unobservable transitions that enforces the conjunction of a set of linear inequalities on the reachable markings of the plant is presented. The approach is based on the concept of Petri net place invariants. Each step of the procedure is illustrated through a running example involving the supervision of a robotic assembly cell. The controller is described by an auxiliary Petri net connected to the plant's transitions, providing a unified Petri net model of the closed loop system. The synthesis technique is based on the concept of admissible constraints. An inadmissible constraint can not be directly enforced on a plant due to the uncontrollability or unobservability of certain plant transitions. Procedures are given for identifying all admissible linear constraints for a plant with uncontrollable and unobservable transitions, as well as methods for transforming inadmissible constraints into admissib..

Commande d'une classe de systèmes hybrides par automates hybrides rectangulaires

Notre travail de recherche concerne l étude de la commande à base de modèles pour une sous-classe de systèmes dynamiques hybrides (SDH). L outil de modélisation choisi est l automate hybride rectangulaire (AHR) pour sa puissance d analyse. Nous proposons ainsi une méthode pour la synthèse de la commande des SDH modélisés par des AHR. Cette méthode repose sur l application d une procédure amont/aval de commande hors-ligne qui détermine d une façon maximale permissive les nouvelles gardes de transition de l automate respectant des spécifications de commande imposées par l utilisateur. Tous les calculs réalisés reposent sur la détermination de la durée de séjour, valeur contrainte par l espace atteignable du sommet correspondant. La garde portant à la fois sur l état continu et sur l événement discret, la commande se fait par ce dernier car il s agit du seul élément contrôlable. Nous nous intéressons alors à la construction du contrôleur temporisé autorisant l occurrence des événements contrôlables du système dans un intervalle d horloge défini au sens de la maximale permissivité.In this thesis, we study the control of a class of hybrid dynamic systems (HDS). The chosen modeling tool is the rectangular hybrid automaton (RHA) for his analysis power. We propose a method for the control synthesis of HDS modeled with RHA. This method consists on the application of a downstream/upstream offline control procedure that determines in a maximal permissive way the new automaton transition guards respecting the desired control specifications. All computations are based on the determination of the duration of stay, a value constrained by the reachable space of the corresponding location. Since the guard refers to both continuous state and discrete event, the control is made by the latter because it is the controllable element. Then we are interested in the construction of the timed controller authorizing the system controllable event occurrence in a clock interval defined in a maximal permissive way.SAVOIE-SCD - Bib.électronique (730659901) / SudocGRENOBLE1/INP-Bib.électronique (384210012) / SudocGRENOBLE2/3-Bib.électronique (384219901) / SudocSudocFranceF

Supervisory Control and Analysis of Partially-observed Discrete Event Systems

Nowadays, a variety of real-world systems fall into discrete event systems (DES). In practical scenarios, due to facts like limited sensor technique, sensor failure, unstable network and even the intrusion of malicious agents, it might occur that some events are unobservable, multiple events are indistinguishable in observations, and observations of some events are nondeterministic. By considering various practical scenarios, increasing attention in the DES community has been paid to partially-observed DES, which in this thesis refer broadly to those DES with partial and/or unreliable observations. In this thesis, we focus on two topics of partially-observed DES, namely, supervisory control and analysis. The first topic includes two research directions in terms of system models. One is the supervisory control of DES with both unobservable and uncontrollable events, focusing on the forbidden state problem; the other is the supervisory control of DES vulnerable to sensor-reading disguising attacks (SD-attacks), which is also interpreted as DES with nondeterministic observations, addressing both the forbidden state problem and the liveness-enforcing problem. Petri nets (PN) are used as a reference formalism in this topic. First, we study the forbidden state problem in the framework of PN with both unobservable and uncontrollable transitions, assuming that unobservable transitions are uncontrollable. For ordinary PN subject to an admissible Generalized Mutual Exclusion Constraint (GMEC), an optimal on-line control policy with polynomial complexity is proposed provided that a particular subnet, called observation subnet, satisfies certain conditions in structure. It is then discussed how to obtain an optimal on-line control policy for PN subject to an arbitrary GMEC. Next, we still consider the forbidden state problem but in PN vulnerable to SD-attacks. Assuming the control specification in terms of a GMEC, we propose three methods to derive on-line control policies. The first two lead to an optimal policy but are computationally inefficient for large-size systems, while the third method computes a policy with timely response even for large-size systems but at the expense of optimality. Finally, we investigate the liveness-enforcing problem still assuming that the system is vulnerable to SD-attacks. In this problem, the plant is modelled as a bounded PN, which allows us to off-line compute a supervisor starting from constructing the reachability graph of the PN. Then, based on repeatedly computing a more restrictive liveness-enforcing supervisor under no attack and constructing a basic supervisor, an off-line method that synthesizes a liveness-enforcing supervisor tolerant to an SD-attack is proposed. In the second topic, we care about the verification of properties related to system security. Two properties are considered, i.e., fault-predictability and event-based opacity. The former is a property in the literature, characterizing the situation that the occurrence of any fault in a system is predictable, while the latter is a newly proposed property in the thesis, which describes the fact that secret events of a system cannot be revealed to an external observer within their critical horizons. In the case of fault-predictability, DES are modeled by labeled PN. A necessary and sufficient condition for fault-predictability is derived by characterizing the structure of the Predictor Graph. Furthermore, two rules are proposed to reduce the size of a PN, which allow us to analyze the fault-predictability of the original net by verifying that of the reduced net. When studying event-based opacity, we use deterministic finite-state automata as the reference formalism. Considering different scenarios, we propose four notions, namely, K-observation event-opacity, infinite-observation event-opacity, event-opacity and combinational event-opacity. Moreover, verifiers are proposed to analyze these properties