Compositional Verification in Supervisory Control
ABSTRACT This paper proposes a compositional approach to verifying whether a large discrete event system is nonblocking. The new approach avoids computing the synchronous product of a large set of finitestate machines. Instead, the synchronous product is computed gradually, and intermediate results are simplified using conflictpreserving abstractions based on processalgebraic results about fair testing. Heuristics are used to choose between different possible abstractions. By translating the problem representation, the same method can also be applied to verify safety properties, in particular, controllability. Experimental results show that the method is applicable to finitestate machine models of industrial scale and brings considerable improvements in performance over other methods for nonblocking verification.

 "The nonconflict test is the only operation that really takes the entire L D model into account. Even so, this test does not necessarily require the full parallel composition of the models, as it can be simplified by the use of projections of languages [19] or compositional verification [9], for example. "
[Show abstract] [Hide abstract]
ABSTRACT: This paper deals with two relevant aspects of the Supervisory Control Problem (SCP) of Discrete Event Systems (DES): the degree of difficulty faced when modeling specifications to be fulfilled by the system under control, and the computational complexity of the synthesis procedure. The presented approach consists in refining the set of events of a DES model into a new set. Each refinement is properly chosen to identify a particular instance of the original event in the system, which may simplify the modeling of specifications. A map named Distinguisher is then proposed to establish the relationship between strings of the original and refined alphabets. It is initially shown that using a refined set of events to solve a SCP directly leads to the optimal control solution, yet without providing computational advantages in synthesis with respect to the nonrefined method. Then, we propose the use of outerapproximations for the refined DES model as a way to reduce the cost of synthesis, while preserving controllability, least restrictiveness and nonblocking of the control solution. Two examples of manufacturing systems illustrate our results.Automatica 06/2015; 56. DOI:10.1016/j.automatica.2015.03.025 · 3.02 Impact Factor 
 "The projection P : Σ * → Σ * 0 , with Σ 0 ⊆ Σ, is an Lobserver for L ⊆ Σ * if, for all t ∈ P (L) and s ∈ L, P (s) is a prefix of t implies that there exists u ∈ Σ * such that su ∈ L and P (su) = t, see [30], [22]. This property is well known and widely used in supervisory control of hierarchical and distributed discreteevent systems, and, as mentioned in [23], also in compositional verification [12] and modular synthesis [9], [13]. If the projection does not satisfy the property, the codomain of the projection can be extended so that it is satisfied. "
[Show abstract] [Hide abstract]
ABSTRACT: In this paper, we discuss a supervisory control problem of modular discreteevent systems that allows for a distributed computation of supervisors. We provide a characterization and an algorithm to compute the supervisors. If the specification does not satisfy the properties, we make use of a relaxation of coordination control to compute a sublanguage of the specification for which the supervisors can be computed in a distributed way. 
 "The test suite consists of 23 automata obtained as intermediate results during compositional nonblocking verification [9], and variations of such automata. The table shows for each automaton that was checked, the number of states , the number of events , the total number of transitions , and the number of nonrelevant transitions . "
[Show abstract] [Hide abstract]
ABSTRACT: The observer property is an important condition to be satisfied by abstractions of Discrete Event System (DES) models. This technical note presents a new algorithm that tests if an abstraction of a DES obtained through natural projection has the observer property. The procedure, called OPVerifier, can be applied to (potentially nondeterministic) automata, with no restriction on the existence of cycles of “nonrelevant” events. This procedure has quadratic complexity in the number of states. The performance of the algorithm is illustrated by a set of experiments.IEEE Transactions on Automatic Control 08/2014; DOI:10.1109/TAC.2014.2298985 · 2.78 Impact Factor