48 research outputs found
Structuring Multilevel Discrete-Event Systems With Dependence Structure Matrices
Despite the correct-by-construction property, one of the major drawbacks of supervisory control synthesis is state-space explosion. Several approaches have been proposed to overcome this computational difficulty, such as modular, hierarchical, decentralized, and multilevel supervisory control synthesis. Unfortunately, the modeler needs to provide additional information about the system's structure or controller's structure as input for most of these nonmonolithic synthesis procedures. Multilevel synthesis assumes that the system is provided in a tree-structured format, which may resemble a system decomposition. In this paper, we present a systematic approach to transform a set of plant models and a set of requirement models provided as extended finite automata into a tree-structured multilevel discrete-event system to which multilevel supervisory control synthesis can be applied. By analyzing the dependencies between the plants and the requirements using dependence structure matrix techniques, a multilevel clustering can be calculated. With the modeling framework of extended finite automata, plant models and requirements depend on each other when they share events or variables. We report on experimental results of applying the algorithm's implementation on several models available in the literature to assess the applicability of the proposed method. The benefit of multilevel synthesis based on the calculated clustering is significant for most large-scale systems
Timed I/O Automata: It is never too late to complete your timed specification theory
A specification theory combines notions of specifications and implementations
with a satisfaction relation, a refinement relation and a set of operators
supporting stepwise design. We develop a complete specification framework for
real-time systems using Timed I/O Automata as the specification formalism, with
the semantics expressed in terms of Timed I/O Transition Systems. We provide
constructs for refinement, consistency checking, logical and structural
composition, and quotient of specifications -- all indispensable ingredients of
a compositional design methodology. The theory is backed by rigorous proofs and
is being implemented in the open-source tool ECDAR.Comment: Version submitted for revie
Lessons learned in the application of formal methods to the design of a storm surge barrier control system
The Maeslantkering is a key flood defense infrastructural system in the Netherlands. This movable barrier protects the city and harbor of Rotterdam, without impacting ship traffic under normal circumstances. Its control system, which operates completely autonomously, must be guaranteed to work correctly even under extreme weather conditions, although it closes only sporadically. During its development in the 1990's, the formal methods Z and Spin were used to increase reliability. As the availability of industrial expert knowledge on these formal methods declines, maintaining the specifications defined back then has become cumbersome. In the quest for an alternative mathematically rigorous approach, this paper reports on an experience in applying supervisory control synthesis. This formal method was recently applied successfully to other types of infrastructural systems like waterway locks, bridges, and tunnels, with the purpose to ensure safe behavior by coordinating hardware components. Here, we show that it can also be used to coordinate several (controller) software systems. Additionally, we compare the lessons learned from the originally used formal methods and link Z to supervisory control synthesis
Model Properties for Efficient Synthesis of Nonblocking Modular Supervisors
Supervisory control theory provides means to synthesize supervisors for
systems with discrete-event behavior from models of the uncontrolled plant and
of the control requirements. The applicability of supervisory control theory
often fails due to a lack of scalability of the algorithms. We propose a format
for the requirements and a method to ensure that the crucial properties of
controllability and nonblockingness directly hold, thus avoiding the most
computationally expensive parts of synthesis. The method consists of creating a
control problem dependency graph and verifying whether it is acyclic. Vertices
of the graph are modular plant components, and edges are derived from the
requirements. In case of a cyclic graph, potential blocking issues can be
localized, so that the original control problem can be reduced to only
synthesizing supervisors for smaller partial control problems. The strength of
the method is illustrated on two case studies: a production line and a roadway
tunnel.Comment: Submitted to Journal of Control Engineering Practice, revision