Verification of the observer property in discrete event systems

The observer property is an important condition to be satisfied by abstractions of Discrete Event System (DES) models. This technical note presents a new algorithm that tests if an abstraction of a DES obtained through natural projection has the observer property. The procedure, called OP-Verifier, can be applied to (potentially nondeterministic) automata, with no restriction on the existence of cycles of 'non-relevant' events. This procedure has quadratic complexity in the number of states. The performance of the algorithm is illustrated by a set of experiments

Generalised verification of the observer property in discrete event systems

The observer property is an important condition to be satisfied by abstractions of Discrete Event Systems (DES) models. This paper presents a generalised version of a previous algorithm which tests if an abstraction of a DES obtained through natural projection has the observer property. The procedure called OP-verifier II overcomes the limitations of the previously proposed verifier while keeping its computational complexity. Results are illustrated by a case study of a transfer line system

Generalised verification of the observer property in discrete event systems

The observer property is an important condition to be satisfied by abstractions of Discrete Event Systems (DES) models. This paper presents a generalised version of a previous algorithm which tests if an abstraction of a DES obtained through natural projection has the observer property. The procedure called OP-verifier II overcomes the limitations of the previously proposed verifier while keeping its computational complexity. Results are illustrated by a case study of a transfer line system

On detectability of labeled Petri nets and finite automata

Detectability is a basic property of dynamic systems: when it holds an observer can use the current and past values of the observed output signal produced by a system to reconstruct its current state. In this paper, we consider properties of this type in the framework of discrete-event systems modeled by labeled Petri nets and finite automata. We first study weak approximate detectability. This property implies that there exists an infinite observed output sequence of the system such that each prefix of the output sequence with length greater than a given value allows an observer to determine if the current state belongs to a given set. We prove that the problem of verifying this property is undecidable for labeled Petri nets, and PSPACE-complete for finite automata. We also consider one new concept called eventual strong detectability. The new property implies that for each possible infinite observed output sequence, there exists a value such that each prefix of the output sequence with length greater than that value allows reconstructing the current state. We prove that for labeled Petri nets, the problem of verifying eventual strong detectability is decidable and EXPSPACE-hard, where the decidability result holds under a mild promptness assumption. For finite automata, we give a polynomial-time verification algorithm for the property. In addition, we prove that strong detectability is strictly stronger than eventual strong detectability for labeled Petri nets and even for deterministic finite automata

Conflicts and projections

This paper studies abstraction methods suitable to verify very large models of discrete-event systems to be nonconflicting. It compares the observer property to methods known from process algebra, namely to conflict equivalence and observation equivalence. The observer property is shown to be the property that corresponds to conflict equivalence in the case where natural projection is used for abstraction. In this case, the observer property turns out to be the least restrictive condition that can be imposed on natural projection to enable compositional reasoning about conflicts. The observer property is also shown to be closely related to observation equivalence. Several examples and propositions are presented to relate different aspects of these methods of abstraction

On Conditional Decomposability

The requirement of a language to be conditionally decomposable is imposed on a specification language in the coordination supervisory control framework of discrete-event systems. In this paper, we present a polynomial-time algorithm for the verification whether a language is conditionally decomposable with respect to given alphabets. Moreover, we also present a polynomial-time algorithm to extend the common alphabet so that the language becomes conditionally decomposable. A relationship of conditional decomposability to nonblockingness of modular discrete-event systems is also discussed in this paper in the general settings. It is shown that conditional decomposability is a weaker condition than nonblockingness.Comment: A few minor correction

Verification of Information Flow Properties under Rational Observation

Information flow properties express the capability for an agent to infer information about secret behaviours of a partially observable system. In a language-theoretic setting, where the system behaviour is described by a language, we define the class of rational information flow properties (RIFP), where observers are modeled by finite transducers, acting on languages in a given family $\mathcal{L}$. This leads to a general decidability criterion for the verification problem of RIFPs on $\mathcal{L}$, implying PSPACE-completeness for this problem on regular languages. We show that most trace-based information flow properties studied up to now are RIFPs, including those related to selective declassification and conditional anonymity. As a consequence, we retrieve several existing decidability results that were obtained by ad-hoc proofs.Comment: 19 pages, 7 figures, version extended from AVOCS'201

Transforming opacity verification to nonblocking verification in modular systems

We consider the verification of current-state and K-step opacity for systems modeled as interacting non-deterministic finite-state automata. We describe a new methodology for compositional opacity verification that employs abstraction, in the form of a notion called opaque observation equivalence, and that leverages existing compositional nonblocking verification algorithms. The compositional approach is based on a transformation of the system, where the transformed system is nonblocking if and only if the original one is current-state opaque. Furthermore, we prove that $K$-step opacity can also be inferred if the transformed system is nonblocking. We provide experimental results where current-state opacity is verified efficiently for a large scaled-up system