On Fault Diagnosis of random Free-choice Petri Nets

This paper presents an on-line diagnosis algorithm for Petri nets where a priori probabilistic knowledge about the plant operation is available. We follow the method developed by Benveniste, Fabre, and Haar to assign probabilities to configurations in a net unfolding thus avoiding the need for randomizing all concurrent interleavings of transitions. We consider different settings of the diagnosis problem, including estimating the likelihood that a fault may have happened prior to the most recent observed event, the likelihood that a fault will have happened prior to the next observed event. A novel problem formulation treated in this paper considers deterministic diagnosis of faults that occurred prior to the most recent observed event, and simultaneous calculation of the likelihood that a fault will occur prior to the next observed event

A survey on efficient diagnosability tests for automata and bounded Petri nets

This paper presents a survey and evaluation of the efficiency of polynomial diagnosability algorithms for systems modeled by Petri nets and automata. A modified verification algorithm that reduces the state space by exploiting symmetry and abstracting unobservable transitions is also proposed. We show the importance of minimal explanations on the performance of diagnosability verifiers. Different verifiers are compared in terms of state space and elapsed time. It is shown that the minimal explanation notion involved in the modified basis reachability graph, a graph presented by Cabasino et al. [3] for diagnosability analysis of Petri nets, has great impact also on automata-based diagnosability methods. The evaluation often shows improved computation times of a factor 1000 or more when the concept of minimal explanation is included in the computation

Diagnosability of discrete event systems using labeled Petri nets

In this paper, we focus on labeled Petri nets with silent transitions that may either correspond to fault events or to regular unobservable events. We address the problem of deriving a procedure to determine if a given net system is diagnosable, i.e., the occurrence of a fault event may be detected for sure after a finite observation. The proposed procedure is based on our previous results on the diagnosis of discrete-event systems modeled with labeled Petri nets, whose key notions are those of basis markings and minimal explanations, and is inspired by the diagnosability approach for finite state automata proposed by Sampath in 1995. In particular, we first give necessary and sufficient conditions for diagnosability. Then, we present a method to test diagnosability that is based on the analysis of two graphs that depend on the structure of the net, including the faults model, and the initial marking

INCREMENTAL FAULT DIAGNOSABILITY AND SECURITY/PRIVACY VERIFICATION

Dynamical systems can be classified into two groups. One group is continuoustime systems that describe the physical system behavior, and therefore are typically modeled by differential equations. The other group is discrete event systems (DES)s that represent the sequential and logical behavior of a system. DESs are therefore modeled by discrete state/event models.DESs are widely used for formal verification and enforcement of desired behaviors in embedded systems. Such systems are naturally prone to faults, and the knowledge about each single fault is crucial from safety and economical point of view. Fault diagnosability verification, which is the ability to deduce about the occurrence of all failures, is one of the problems that is investigated in this thesis. Another verification problem that is addressed in this thesis is security/privacy. The two notions currentstate opacity and current-state anonymity that lie within this category, have attracted great attention in recent years, due to the progress of communication networks and mobile devices.Usually, DESs are modular and consist of interacting subsystems. The interaction is achieved by means of synchronous composition of these components. This synchronization results in large monolithic models of the total DES. Also, the complex computations, related to each specific verification problem, add even more computational complexity, resulting in the well-known state-space explosion problem.To circumvent the state-space explosion problem, one efficient approach is to exploit the modular structure of systems and apply incremental abstraction. In this thesis, a unified abstraction method that preserves temporal logic properties and possible silent loops is presented. The abstraction method is incrementally applied on the local subsystems, and it is proved that this abstraction preserves the main characteristics of the system that needs to be verified.The existence of shared unobservable events means that ordinary incremental abstraction does not work for security/privacy verification of modular DESs. To solve this problem, a combined incremental abstraction and observer generation is proposed and analyzed. Evaluations show the great impact of the proposed incremental abstraction on diagnosability and security/privacy verification, as well as verification of generic safety and liveness properties. Thus, this incremental strategy makes formal verification of large complex systems feasible

On the cost of diagnosis with disambiguation

International audienceDiagnosis consists in deciding from a partial observation of a system whether a fault has occurred. A system is diagnosable if there exists a mechanism (a diagnoser) that accurately detects faults a finite number of steps after their occurrence. In a regular setting, a diagnoser builds an estimation of possible states of the system after an observation to decide if a fault has occurred. This paper addresses diagnosability (deciding whether a system is diagnosable) and its cost for safe Petri nets. We define an energy-like cost model for Petri nets: transitions can consume or restore energy of the system. We then give a partial order representation for state estimation, and extend the cost model and the capacities of diagnosers. Diagnosers are allowed to use additional energy to refine their estimations. Diagnosability is then seen as an energy game: checking whether disambiguation mechanisms are sufficient to allow diagnosability is in 2-EXPTIME, and one can also decide whether diagnosability under budget constraint holds in 2-EXPTIME

Fault detection for discrete event systems using Petri nets with unobservable transitions

In this paper we present a fault detection approach for discrete event systems using Petri nets. We assume that some of the transitions of the net are unobservable, including all those transitions that model faulty behaviors. Our diagnosis approach is based on the notions of basis marking and justification, that allow us to characterize the set of markings that are consistent with the actual observation, and the set of unobservable transitions whose firing enable it. This approach applies to all net systems whose unobservable subnet is acyclic. If the net system is also bounded the proposed approach may be significantly simplified by moving the most burdensome part of the procedure off-line, thanks to the construction of a graph, called the basis reachability graph

Verification of Joint Current-State Opacity Using Petri Nets

A discrete event system (DES) is said to be opaque if a predefined secret can never be exposed to an intruder who can observe its evolution. In this paper we consider a problem of joint current-state opacity for a system modeled by a Petri net and monitored by multiple local intruders, each of which can partially observe the behavior of the system. The intruders can synchronously communicate to a coordinator the state estimate they have computed, but not their observations. We demonstrate that the verification of this property can be efficiently addressed by using a compact representation of the reachability graph, called basis reachability graph (BRG), as it avoids the need for exhaustive enumeration of the reachability space. A joint BRG-observer is constructed to analyze joint current- state opacity under such a coordinated decentralized architecture

Structural Sequence Detectability in Free Choice Interpreted Petri Nets

This paper is concerned with the structural sequence detectability problem in Free Choice Interpreted Petri nets, i.e. with the possibility of recovering the firing transition sequence in Free Choice Interpreted Petri nets using the output information when the initial marking is unknown. Based on the Free Choice Interpreted Petri net structure, three relationships are proposed which are devoted to capture the confusion over the transitions. These relationships depend on interpreted Petri nets structures such as T-invariants, P-Invariants, attribution and distribution places. Thus, the approach herein presented exploits the interpreted Petri nets structural information in order to determine the structural sequence detectability of an interpreted Petri net.Consejo Nacional de Ciencia y Tecnologí

PetriBaR: A MATLAB Toolbox for Petri Nets Implementing Basis Reachability Approaches

This paper presents a MATLAB toolbox, called PetriBaR, for the analysis and control of Petri nets. PetriBaR is a package of functions devoted to basic Petri net analysis (including the computation of T-invariants, siphons, reachability graph, etc.), monitor design, reachability analysis, state estimation, fault diagnosis, and opacity verification. In particular, the functions for reachability analysis, state estimation, fault diagnosis, and opacity verification exploit the construction of the Basis Reachability Graph to avoid the exhaustive enumeration of the reachable set, thus leading to significant advantages in terms of computational complexity. All functions of PetriBaR are introduced in detail clarifying the syntax to be used to run them. Finally, they are illustrated via a series of numerical examples. PetriBaR is available online for public access

Discrete and hybrid methods for the diagnosis of distributed systems

Many important activities of modern society rely on the proper functioning of complex systems such as electricity networks, telecommunication networks, manufacturing plants and aircrafts. The supervision of such systems must include strong diagnosis capability to be able to effectively detect the occurrence of faults and ensure appropriate corrective measures can be taken in order to recover from the faults or prevent total failure. This thesis addresses issues in the diagnosis of large complex systems. Such systems are usually distributed in nature, i.e. they consist of many interconnected components each having their own local behaviour. These components interact together to produce an emergent global behaviour that is complex. As those systems increase in complexity and size, their diagnosis becomes increasingly challenging. In the first part of this thesis, a method is proposed for diagnosis on distributed systems that avoids a monolithic global computation. The method, based on converting the graph of the system into a junction tree, takes into account the topology of the system in choosing how to merge local diagnoses on the components while still obtaining a globally consistent result. The method is shown to work well for systems with tree or near-tree structures. This method is further extended to handle systems with high clustering by selectively ignoring some connections that would still allow an accurate diagnosis to be obtained. A hybrid system approach is explored in the second part of the thesis, where continuous dynamics information on the system is also retained to help better isolate or identify faults. A hybrid system framework is presented that models both continuous dynamics and discrete evolution in dynamical systems, based on detecting changes in the fundamental governing dynamics of the system rather than on residual estimation. This makes it possible to handle systems that might not be well characterised and where parameter drift is present. The discrete aspect of the hybrid system model is used to derive diagnosability conditions using indicator functions for the detection and isolation of multiple, arbitrary sequential or simultaneous events in hybrid dynamical networks. Issues with diagnosis in the presence of uncertainty in measurements due sensor or actuator noise are addressed. Faults may generate symptoms that are in the same order of magnitude as the latter. The use of statistical techniques,within a hybrid system framework, is proposed to detect these elusive fault symptoms and translate this information into probabilities for the actual operational mode and possibility of transition between modes which makes it possible to apply probabilistic analysis on the system to handle the underlying uncertainty present