Probabilistic Analysis of Predictability in Discrete Event Systems

International audiencePredictability is a key property allowing one to expect in advance the occurrence of a fault in a system based on its observed events. Existing works give a binary answer to the question of knowing whether a system is predictable or not. In this paper, we consider discrete event systems where probabilities of the transitions are available. We show how to take advantage of this information to perform a Markov chain based analysis and extract a variety of probability values that give a finer appreciation of the degree of predictability. This analysis is particularly important in case of non predictable systems. We consider a "light" analysis that focuses only on predictability as well as a "deep" analysis that handles in a uniform framework both predictability and diagnosability

New Results for Joint Diagnosability of Self-observed Distributed Discrete Event Systems

International audienceDiagnosability is an important property that determines at design stage how accurate any diagnosis algorithm can be on a partially observable system. Most existing approaches assumed that each observable event in the system is globally observed. Considering the cases where there is no global information, a recent work has proposed a new framework to check diagnosability in a system where each component can only observe its own observable events to keep the internal structure private in terms of observations. However, the authors implicitly assume that the local paths in each component can be exhaustively enumerated, which is not true in a general case where there are embedded cycles. In this paper, we get some new results about diagnosability in such a system, i.e., what we call joint diagnosability in a self-observed distributed system. First we prove its undecidability with unobservable communication events by reducing the Post's Correspondence Problem (PCP) to an observation problem, inspired from an existing work. Then we propose an algorithm to check a sufficient but not necessary condition of joint diagnosability. Finally we briefly discuss about the decidable case where communication events are all observable

A general algorithm for pattern diagnosability of distributed discrete event systems

International audienceDiagnosability is an important system property that determines at design stage how accurate any diagnostic reasoning can be on a partially observed system. A fault in a system is diagnosable iff its occurrence can always be deduced from enough observations. The centralized diagnosability approaches lead to state explosion since they assume the existence of a monolithic model of the system. This is why very recently the distributed approaches for diagnosability began to be investigated, relying on local objects. On the other hand, diagnosis objectives are generalized from fault event to fault pattern that can represent multiple faults, repeating fault, sequences of significant events, etc. For pattern case, most existing approaches are centralized. In this paper, we propose a new distributed framework for pattern diagnosability. We first show how to recognize patterns by incrementally constructing local pattern recognizers. Then we propose a structure called regional pattern verifier constructed from the subsystem where the pattern is completely recognized before showing how to abstract the necessary and sufficient diagnosability information to further save the search space. Then the global consistency checking is based on another local structure called abstracted local twin checker to analyze pattern diagnosability. The correctness of our distributed algorithm is theoretically proved and its efficiency experimentally demonstrated by the results of the implementation

Model-based Decentralized Embedded Diagnosis inside Vehicles: Application to Smart Distance Keeping Function

International audienceAbstract—In this paper, the deployment of a fault diagnosis strategy in the Smart Distance Keeping (SDK) system with a decentralized architecture is presented. The SDK system is an advanced version of the Adaptive Cruise Control (ACC) system, implemented in a Renault-Volvo Trucks vehicle. The main goal of this work is to analyze measurements, issued from the SDK elements, in order to detect, to localize and to identify some faults that may be produced. Our main contribution is the proposition of a decentralized approach permitting to carry out an on-line diagnosis without computing the global model and to deploy it on several control units. This paper explains the model-based decentralized solution and its application to the embedded diagnosis of the SDK system inside truck with five control units connected via a CAN-bus using ”Hardware In the Loop” (HIL) technique. We also discuss the constraints that must be fulfilled

Diagnostic distribué de systèmes respectant la confidentialité

Dans cette thèse, nous nous intéressons à diagnostiquer des systèmes intrinsèquement distribués (comme les systèmes pairs-à-pairs) où chaque pair n'a accès qu'à une sous partie de la description d'un système global. De plus, en raison d'une politique d'accès trop restrictive, il sera pourra qu'aucun pair ne puisse expliquer le comportement du système global. Dans ce contexte, le challenge du diagnostic distribué est le suivant: expliquer le comportement global d'un système distribué par un ensemble de pairs ayant chacun une vision limitée, tout comme l'aurait fait un unique pair diagnostiqueur ayant, lui, une vision globale du système.D'un point de vue théorique, nous montrons que tout nouveau système, logiquement équivalent au système pair-à-pairs initialement observé, garantit que tout diagnostic local d'un pair pourra être prolongé par un diagnostic global (dans ce cas, le nouveau système est dit correct pour le diagnostic distribué).Nous montrons aussi que si ce nouveau système est structuré (c-à-d: il contient un arbre couvrant pour lequel tous les pairs contenant une même variable forme un graphe connecté) alors il garantit que tout diagnostic global pourra être retrouvé à travers un ensemble de diagnostics locaux des pairs (dans ce cas le nouveau système est dit complet pour le diagnostic distribué).Dans un souci de représentation succincte et afin de respecter la politique de confidentialité du vocabulaire de chacun des pairs, nous présentons un nouvel algorithme Token Elimination (TE), qui décompose le système de pairs initial vers un système structuré.Nous montrons expérimentalement que TE produit des décompositions de meilleurs qualité (c-à-d: de plus petites largeurs arborescentes) que les méthodes envisagées dans un contexte distribué. À partir du système structuré construit par TE, nous transformons chaque description locale en une Forme Normale Disjonctive (FND) globalement cohérente.Nous montrons que ce dernier système garantit effectivement un diagnostic distribué correct et complet. En plus, nous exhibons un algorithme capable de vérifier efficacement que tout diagnostic local fait partie d'un diagnostic minimal global, faisant du système structuré de FNDs un système compilé pour le diagnostic distribué.In this thesis, we focus on diagnosing inherently distributed systems such as peer-to-peer, where each peer has access to only a sub-part of the description of an overall system.In addition, due to a too restrictive access control policy, it can be possible that neither peer nor supervisor is able to explain the behaviour of the overall system.The goal of distributed diagnosis is to explain the behaviour of a distributed system by a set of peers (each having a limited local view) as a single diagnosis engine having a global view of the overall system.First, we show that any new system logically equivalent to the initially observed peer-to-peer setting ensures that all diagnosis of a peer may be extended to a global diagnosis (in this case the new system ensures correctness of the distributed diagnosis).Moreover, we prove that if the new system is structured (i.e.it contains a spanning tree for which all peers containing the same variable form a connected graph) then it ensures that any global diagnosis can be found through a set of local diagnoses (in this case the new system ensures the completeness of the distributed diagnoses).For a succinct representation and in order to comply with the privacy policy of the vocabulary of each peer, we present a new algorithm Token Elimination (TE), which decomposes the original peer system to a structured one.We experimentally show that TE produces better quality decompositions (i.e. smaller tree widths) than proposed methods in a distributed context.From the structured system built by TE, we transform each local description into globally consistent DNF.We demonstrate that the latter system is correct and complete for the distributed diagnosis.Finally, we present an algorithm that can effectively check that any local diagnosis is part of a global minimal diagnosis, turning the structured system of DNFs into a compiled system for distributed diagnosis.PARIS11-SCD-Bib. électronique (914719901) / SudocSudocFranceF

Manifestability Verification of Discrete Event Systems

Best Paper Award (https://dx-workshop.org/2019/awards/)International audienceFault diagnosis is a crucial and challenging task in the automatic control of complex systems, whose efficiency depends on the diagnosability property of a system, allowing one to determine with certainty whether a given fault has effectively occurred based on the available observations. However, this is a quite strong property that generally requires a high number of sensors. Consequently, it is not rare that developing a diagnosable systemis too expensive. In this paper, we analyze a new system property called manifestability, that represents the weakest requirement on observations for having a chance to identify on line fault occurrences and can be verified at design stage. Intuitively, this property makes sure that a faulty system has at least one future behavior after fault occurrence observably distinguishable from all normal behaviors. Then, we propose an algorithm with PSPACE complexity to automatically verify it for finite automata. Furthermore, we prove that the problem of manifestability verification itselfis PSPACE-complete. The experimental results show the feasibility of our algorithm from a practical point of view. Then, we extend our approachto real-time systems modeled by timed automata.To do this, we redefine manifestability by taking into account time constraints and we prove that this problem for timed automata is undecidable

A Coloured Petri Nets Based Attack Tolerance Framework

International audienceWeb services provide a general basis of convenient access and operation for cloud applications. However, such services become very vulnerable when being attacked, especially in the situation where service continuity is one of the most important requirements. This issue highlights the necessity to apply reliable and formal methods to attack tolerance in Web services. In this paper, we propose a Coloured Petri Nets based method for attack tolerance by modelling and analysing basic behaviours of attack-network interaction, attack detectors and their tolerance solutions. Furthermore, complex attacks can be analysed and tolerance solutions deployed by identifying these basic attack-network interactions and composing their solutions. The validity of our method is demonstrated through a case study on attack tolerance in cloud-based medical information storage

Smart distance keeping: modeling and perspectives for embedded diagnosis

International audienceThis paper presents a detailed description of an advanced Adaptive Cruise Control (ACC) system implemented on a Renault-Volvo Trucks vehicle. One of the main differences between this new system, which is called the Smart Distance Keeping (SDK), and the classical ACC is the choice of the safe distance. This later is the distance between the vehicle (with the ACC or the SDK system) and the front obstacle (which may be a vehicle). It is supposed fix in the case of the ACC, while variable in the case of the SDK. The variation of this distance (in the case of SDK) depends essentially on the relative velocity between the vehicle and the front obstacle. The choice of this distance influences the velocity regulation. The main contribution of this work is on the SDK system architecture, the design of its environment model, and the proposition of a detection and isolation strategy for some of the possible faults that may be produced on the system

Diagnosability study of technological systems

International audienceThis paper describes an approach to study the diagnosability of technological systems, by characterizing their observable behaviors. Due to the interaction between many components, faults can occur in a technological system and cause hard damages not only to its integrity but also to its environment. Though a diagnosis system is a suitable solution to detect and identify faults, it is first important to ensure the diagnosability of the system: will the diagnosis system always be able to detect and identify any fault, without any ambiguity, when it occurs? In this paper, we present an approach to identify and integrate faults in a model of a technological system. Then we use these models for the diagnosability study of faults by characterizing their observable behaviors