Exception Handling Controllerss: An application of pushdown systems to discrete event control
ABSTRACT Recent work by the author has extended the Supervisory Control Theory to include the class of control languages defined by pushdown machines. A pushdown machine is a finite state machine extended by an infinite stack memory. In this paper, we define a specific type of deterministic pushdown machine that is particularly useful as a discrete event controller. Checking controllability of pushdown machines requires computing the complement of the controller machine. We show that Exception Handling Controllers have the property that algorithms for taking their complements and determining their prefix closures are nearly identical to the algorithms available for finite state machines. Further, they exhibit an important property that makes checking for controllability extremely simple. Hence, they maintain the simplicity of the finite state machine, while providing the extra power associated with a pushdown stack memory. We provide an example of a useful control specification that cannot be implemented using a finite state machine, but can be implemented using an Exception Handling Controller.

Conference Paper: Study on monitor and control of POL transport by road in IOT
[Show abstract] [Hide abstract]
ABSTRACT: A structure of monitor and control of POL (petrol, oil and lubricate) transport by road based on EPC (Electronic Product Code) is established in the paper, which is linked with composition and principle of "internet of things". Before the model of monitor and control POL transport by road is born, the hardware in IOT(Internet of things) is development and software according with the hardware is designed, model of monitor POL transport by road is put forward. Throgh the model, guard against theft and temperature alarm will be designed, mutiple grade authority for management of the picture and video about the tank truck is set, and the local position is ascertained. through the application of the IOT, the visibility and monitor on real time will be realized. At last, from the difference of the traditional transport pattern and the one studied in the paper, benefits of the new model are described obviously.Computer Science and Network Technology (ICCSNT), 2012 2nd International Conference on; 01/2012
Page 1
Exception Handling Controllers: An Application of Pushdown Systems to
Discrete Event Control
Christopher Griffin
Oak Ridge National Laboratory
P.O. Box 2008 MS 6418
Oak Ridge, TN 37831
Email: cgriffin229@yahoo.com
Abstract—Recent work by the author has extended the
Supervisory Control Theory to include the class of control lan
guages defined by pushdown machines. A pushdown machine is
a finite state machine extended by an infinite stack memory. In
this paper, we define a specific type of deterministic pushdown
machine that is particularly useful as a discrete event controller.
Checking controllability of pushdown machines requires
computing the complement of the controller machine. We show
that Exception Handling Controllers have the property that
algorithms for taking their complements and determining their
prefix closures are nearly identical to the algorithms available
for finite state machines. Further, they exhibit an important
property that makes checking for controllability extremely
simple. Hence, they maintain the simplicity of the finite state
machine, while providing the extra power associated with a
pushdown stack memory. We provide an example of a useful
control specification that cannot be implemented using a finite
state machine, but can be implemented using an Exception
Handling Controller1.
I. INTRODUCTION AND BACKGROUND
The supervisory control theory (SCT) for discrete event
dynamic systems (DEDS) was introduced by Ramadge and
Wonham [1]. The initial work on regular languages was ex
tended in many subsequent publications. Examples of these
extensions can be found in [2]–[14]. In SCT a plant model is
given by a finite state machine G = ?Q,Σ,δ,q0,Qf?. Here,
Q is a finite set of states; Σ is the finite event alphabet with
Σ = Σc∪Σu; q0is the start state; Qfare the final states and
δ ⊆ Q×Σ×Q is the transition relation. The events in Σcmay
be disabled by a supervisor and hence are called controllable.
A second machine, MKmay be run in parallel with the plant
G, thus controlling the stream of symbols generated by G.
A complete description of SCT may be found in [1] or [15].
[12] extends the SCT to the case when the con
troller machine MK is given by a deterministic push
down machine (DPDM). Informally, a pushdown machine
(PDM) is a finite state machine augmented with an infinite
stack memory. Formally, A pushdown machine is a tuple
?Q,Σ,Γ,δ,q0,Z0,Qf?, where Γ is a stack alphabet, Z0is the
initial symbol on the stack and δ ⊆ Q×Σ∪{?}×Γ×Q×Γ∗
is the transition relation in the PDM.
1A portion of this work was created as a Eugene P. Wigner Fellow
and staff member at the Oak Ridge National Laboratory, managed by UT
Battelle, LLC, for the U.S. Department of Energy under Contract DEAC05
00OR22725.
It is sometimes convenient to think of δ as a mapping
from Q × Σ ∪ {?} × Γ to finite subsets of Q × Γ∗. In this
case we will write δ(q,a,Z) to denote the finite subset of
Q × Γ∗that results. Both notations will be used throughout
this paper and we will choose which notation to use based
on convenience and clarity of expression.
A PDM consists of an input tape, a finite state system, and
a stack. Symbols are recognized from the input tape oneby
one. Based on the top stack symbol, the input symbol and the
current state of the machine, a (possibly nondeterministic)
transition will be made that changes the state of the finite
state system, and replaces the top stack symbol with a
(possibly empty) string of stack symbols. (See Figure 1.)
Fig. 1.The operation of a pushdown machine.
Let
M
beaPDM. By
δ(q,a,Z)=
{(p1,γ1),...,(pn,γn)} we mean that given an input
symbol a when M is in state q with top stack symbol Z,
then M may transition to a new state piand replace Z with
the string γifor 1 ≤ i ≤ n.
Under some conditions, the PDM can edit its top stack
symbol independent of input events. This occurs when an
?transition is fired. In this case, both the state and top
stack symbol of the PDM may be altered, but no new
symbols from the input string are accepted. By δ(q,?,Z) =
{(p1,γ1),...,(pn,γn)} we mean that when M is in state q
with top stack symbol Z, there may be an ?transition which,
independent of any input symbol, causes M to transition to
a new state piand replace Z with γifor some 1 ≤ i ≤ n.
A PDM M is deterministic (DPDM) if the following hold:
1) If (q1,a,Z,q2,γ) ∈ δ and (q1,a,Z,q?
q2= q?
2) If (q1,?,Z,q2,γ) ∈ δ, then for all a ∈ Σ, δ(q1,a,Z) =
∅.
Unlike finite state automata, the state of a PDA is captured
by both the state of the machine and the value stored in the
2,γ?) ∈ δ, then
2and γ = γ?.
2008 American Control Conference
Westin Seattle Hotel, Seattle, Washington, USA
June 1113, 2008
WeC14.5
9781424420797/08/$25.00 ©2008 AACC.1722
Authorized licensed use limited to: Oak Ridge National Laboratory. Downloaded on October 27, 2008 at 12:20 from IEEE Xplore. Restrictions apply.
Page 2
stack. To formally describe the state of a PDA, we must
specify these values. Traditionally the remaining input string
to be read is also included in this description [16].
An instantaneous description (ID) for a PDA M is a triple
(q,w,γ), where q ∈ Q is the state of M, w ∈ Σ∗is the
remainder of the string to be read and γ ∈ Γ∗is the state of
the stack.
Let M be a PDA. By (q,aw,Zγ) ? (p,w,βγ), we mean
that δ(q,a,Z) contains (p,β). Let ?∗be the transitive closure
of ?. Then by (q,wv,γ) ?∗(p,v,β), we mean that there are
a series of transitions in δ that causes M to read the prefix w
and transition from state q to state p and transform the stack
string from γ to β. The remaining string v is still available
for reading.
By LM(M) we mean the set of strings (language) that
takes a PDM from its start state/stack configuration and ends
in a final state (and arbitrary stack configuration). If L =
LM(M), then we say that L is context free–or a context
free language (CFL)–when M is a PDM. The language L
is deterministic context free–or a deterministic context free
language (DCFL)–when M is a DPDM. The term LM(G)
may be defined analogously when G is a finite state machine.
See [15] for details. If a language is generated by a FSM,
then we say it is a regular language [16].
Let L = LM(G). We denote the prefix closure of L by L
and say that a language is prefix closed if L = L. Details
of these terms may be found in [1], [12], [15]. Let MK be
a controller machine and let G be a plant model if K =
LM(MK) and L = LM(G), we say that K is controllable
with respect to G if KΣ∗
controllability is central to the study of the SCT.
Two key properties of both the regular and determinis
tic context free languages are (i) closure with respect to
complementation (with respect to Σ∗) and (ii) closure under
prefixclosure. Further if MKis a DPDM and G is an FSM,
then LM(MK)∩LM(G) is effectively generated by another
DPDM.
In [12] we proved that the statement K is controllable
with respect to L is decidable when K is generated by a
DPDM MK and L is generated by an FSM and K ⊆ L.
To show this, we proved that the following statements were
equivalent:
1) KΣ∗
2)
/Σ∗
We then showed that if (2) above holds if and only if when
N is a DPDM accepting?K?c∩ L, then there is no string
1) s is a prefix of a string in?K?c∩L taking N to some
2) u will force N to transition from this nonfinal state
to a final state.
This property can be verified algorithmically. We called it
being closed under Σureverse paths [12]. The key property
of the Exception Handling Control structure we will define
is that this property–being closed under Σureverse paths is
u∩ L = K [4]. The concept of
u∩ L = K.
??K?c∩ L
?
u=?K?c∩ L.
su with s ∈ Σ∗and u ∈ Σ∗
usuch that
nonefinal state
very easy to check. This makes Exception Handling Con
trollers attractive as DPDM discrete event control systems.
The remainder of this paper is organized as follows: In
Section II we define the Exception Handling Controller
(EHC) structure. In Section III we prove the formal proper
ties of EHC and show that checking controllability is simpler
than for arbitrary DPDM. We show that they are highly
similar to FSM controllers. In Section IV we provide an
EHC example that is strictly more powerful than any FSM
controller. By this, we mean that we present a control system
whose logic and resulting behavior can only be produced
when a pushdown machine is used as the controller. We
present conclusions in Section VII.
II. EXCEPTION HANDLING CONTROLLERS
An Exception Handling Controller (EHC) is a DPDM with
the following state types:
1) Execution States (required),
2) Response States (required),
3) Stack Modification States (optional),
4) A single Start State (required) and
5) A single Stop State (optional).
If no stop state is given, the controller must execute
indefinitely.
For each controllable event c ∈ Σcthere is a corresponding
stack symbol C ∈ Γ. Additionally, there may be a finite,
but arbitrarily large, number of auxiliary stack symbols
Z0,...,Zn. Then Γ =?
1) If q0 is a start state, then there is a single transition
of the form (q0,?,qE,Z0,γZ0) ∈ δ for some executor
state qE.
2) If qE is an executor state, then for some (possi
bly empty) set of controllable events E
δ(qE,c,C) = (q?
some other executor state (or the Stop State) q?
for each c ∈ E.
3) If qE is an executor state, then for some u ∈ Σu
δ(qE,u,Z) is defined for some Z ∈ Γ and further,
δ(qE,u,Z) = (qR,Z) where qR is a response state.
Further, for any Zi, if (qE,?,Zi,q?
then there are no other transitions from qE with top
stack symbol Ziand qEis an executor state.
4) If qR is a response state then there is at least one
transition of the form (qR,?,Z,q?,γ) ∈ δ where q?
is a stack modification state or an execution state.
5) If qM is a stack modification state, then there is at
least one transition of there form (qM,?,Z,q?,γ) ∈
δ for some Z ∈ Γ where q?is either different stack
modification state or an execution state.
6) If qS is a stop state, then there are a set of looping
?transitions at qSthat empties the stack.
In an EHC, every executor state is final and Z0is the initial
stack symbol.
Figure 2 shows the general structure of an EHC.
Remark 1: We will implicitly assume that the ?transitions
associated with the stack modification states produce a
i{Zi} ∪?
c∈Σc{C}. The transition
structure of an EHC has the following properties
⊆ Σc,
E,C?) for
Eand
E,?) or δ(qE,c,C) = (q?
E,γ) ∈ δ is defined,
1723
Authorized licensed use limited to: Oak Ridge National Laboratory. Downloaded on October 27, 2008 at 12:20 from IEEE Xplore. Restrictions apply.
Page 3
Fig. 2. Exception Handling Controller–General Structure
consistent path to return to an execution state. That is, we
assume that there is no chance of deadlocking in one of
these states because of improperly formed stack operations.
This fact is easily checkable by verifying that the push and
pop operators defined in the ?transitions provide a path
entering and leaving these states and by ensuring that if the
top stack symbol is unknown, all possible top stack symbols
are considered in the transitions.
A. Types of Stack Modification Operations
Stack modification occurs in the stack modification states
and is in response to uncontrollable events. (It is possible
to use the stack markers Z0,...,Znto force replanning as
well using an ?transition from the execution state however,
we will not discuss this in detail.) There are three types of
modification that can occur in response to an uncontrollable
event:
1) Erasure: In an erasure operation, part of the existing
stack is irretrievably erased. The “planned” control
lable events corresponding to this portion of the stack
may not be executed.
2) Write: In this case, new stack symbols are written
directly above the existing stack symbols. Any plans
currently in operation are suspended and a new plan
begins execution.
3) Shuffle Write: Using finite state storage, a portion
(whose length is proportional to the amount of finite
state storage available) is removed from the stack. A
new stack is appended below this plan and then the
previously executing plan is rewritten to the stack.
We give an example of conditions where each of these
operations is rational:
1) Erasure The controller is directing the toplevel ac
tivities of an air campaign. The uncontrollable event
indicates that a target is no longer of importance.
Existing plans to attack it are erased.
2) Write The controller is directing highlevel behavior
of a robotic rover. A message is received from an
operator indicating that a soil sample must be taken at
present coordinates immediately. All plans currently in
operation are suspended and a new plan is executed.
3) Shuffle The controller is directing the behavior of a
manufacturing system. Requests must be kept in rela
tive order, but all requests must be processed (hence
infinite storage memory may be required to avoid state
explosion). New orders are placed as far down on the
stack as possible to simulate a FIFO queue.
Note in the Shuffle example, a true FIFO queue cannot
be simulated with a single pushdown stack and a finite
number of states. Two pushdown stacks are required. A
machine with two pushdown stacks is equivalent to a Turing
machine and hence by the undecidability results given in
[12], arbitrary control systems of this type cannot be verified
for controllability.
III. PROPERTIES OF EXCEPTION HANDLING
CONTROLLERS
Proposition 2: If M is an exception handling controller
accepting LM(M), then LM(M) is prefix closed.
Proof: Let w ∈ LM(M). By definition, the only
accepting states of M are execution states. Therefore, there
is a series of ? transitions taking w from some state that
is not an execution state to a state that is an execution
state. Suppose that w = sa, where a ∈ Σ. Suppose that
(q0,s,Z0) ?∗(q,?,γ). If q is an execution state, then s
is accepted. Suppose that q is not an execution state. If it
is a response state, then there is a series of ?transitions
leading back to an accepting state, and hence s is accepted.
If, q is a stop state, then there is no string extending s and
hence w does not exist. By assumption, we know that if
q is a stack modification state, then there is a series of
?transitions leading back to an accepting execution state.
Hence s is accepted. Trivially, ? ∈ LM(M) by the definition
of exception handling controller. This completes the proof.
Proposition 3: If M is an exception handling controller,
then a machine Mcaccepting LM(M)cis derived from M
by:
1) Adding a single state (DUMP).
2) If qE is an execution state and a ∈ Σ is not
defined for a stack symbol A ∈ Γ, then define
(qE,a,A,DUMP,A) ∈ δ, the transition function.
3) For each execution state qEdeclare qEnonfinal and
4) Declare DUMP final.
5) For all
a
∈
(DUMP,a,A,DUMP,A) ∈ δ.
Proof: Let L = LM(M). We will show Lc⊆ LM(Mc).
Choose w ∈ Lc. There is a shortest prefix of w such that
w ∈ L. Let w = st, where s is this prefix. We have already
shown that L is prefix closed and further that any accepted
string must lead to an execution state. Since the structure of
Mcis identical to that of M except when M is undefined
at execution states, it follows that (q0,s,Z0) ?∗(qE,?,γ)
where qE is an execution state. Let t = av, a ∈ Σ and let
γ = Aγ?. Trivially, if a transition at a were defined at qEwith
Σ,
A
∈
Γ
define
1724
Authorized licensed use limited to: Oak Ridge National Laboratory. Downloaded on October 27, 2008 at 12:20 from IEEE Xplore. Restrictions apply.
Page 4
stack symbol A, then s would not be the shortest prefix of
w accepted by M. Hence, when reading w with Mc, there
will be a transition to DUMP on a. The definition of the
transitions at the dump state ensures that w will be accepted
by Mc. Hence Lc⊆ LM(Mc).
We will now show that LM(Mc) ⊆ Lc. Choose w ∈
LM(Mc). By definition, w is accepted at DUMP and there
is a longest prefix w = st such that s ∈ L; without
loss of generality, let t = a, a ∈ Σ. If sa ∈ L, then
there is a transition in M at some state qE defined for a
and an appropriate stack symbol. Clearly, this contradicts
our definition for Mc, which is still deterministic. Thus, it
follows that w ?∈ L. Thus we have shown that L(Mc) = Lc.
Definition 4: A quasiexception handling controller is a
deterministic pushdown machine with all the properties of an
exception handling controller except not all execution states
need be final.
Proposition 5: If M is an EHC accepting S = LM(M)
and G is a finite state machine (with no nondeterministic)
transitions accepting L = LM(G). Then S ∩ L is accepted
by a quasiexception handling controller.
Proof: The proof is a straightforward consequence of
intersecting a deterministic pushdown machine and a finite
state machine. (See Chapter 2, Section 2.7.6.)
Remark 6: The prefix closure of a quasiexception han
dling controller is obtained by marking every execution state.
Hence, this fact combined with Propositions 3 and 5 will
be important for efficiently computing the controllability
predicate.
Furthermore, taking complements in quasiexception han
dling controllers is precisely like taking complements in
exception handling controllers except we reverse the marking
on the execution states; i.e., some execution states may be
nonfinal. These become final in the complement.
Proposition 7: Let G be a plant model, M an exception
handling controller and MKthe result of intersecting M and
G. Let K = LM(MK) and L = LM(G). Let N be a machine
accepting L∩K
if and only if there is no uncontrollable transition leading
from a nonfinal state of N to a final state of N.
Proof:
(⇒): Necessity is a trivial consequence of
Proposition 4.2 of [12].
(⇐): Sufficiency is established by showing that whenever
MK is uncontrollable there is an uncontrollable transition
connecting a nonfinal state of N to a final state of N
by an uncontrollable transition. By Proposition 3 when
computing the complement of an EHC, it follows that no
?transitions will lead from the nonfinal states to the final
states. Intersecting such a complement with a finite state
machine will not change this fact. Thus, it follows at once
that if there is any Σureverse path in N, it must be a single
uncontrollable transition.
c. Then K is controllable with respect to L
IV. EXAMPLE
We consider a contrived automated fabrication scenario.
A machine has been constructed that can take requests
from users who require widgets. The users and machine are
separated, so user requests may come into the machine while
it is building a widget. Manufacturing of a widget requires
two basic steps:
1) Cut (the basic shape),
2) Bend (make a bend in the shape),
The machine controlling the cutting/bending must record
each time a request is generated so that the appropriate
number of widgets is produced. With no a priori information
on the number of widgets that could be requested, the system
cannot keep track of the correct number of widgets to make
with a finite number of states. The stack of an EHC can be
used to keep track of this information. When the machine
has been inactive for a period of time, it returns to a sleep
mode. The plant model for this machine is shown in Figure
3.
0
1
REQUEST_WIDGET SLEEP
BEND CUT REQUEST_WIDGET
Fig. 3.Simple plant model for widget making machine.
We will define three stack symbols for the EHC:
1) Z0: The initial stack symbol–indicates that no widgets
need to be made currently.
2) C: The cut symbol–indicates a cut event should be
generated.
3) B: The bend symbol–indicates a bend event should be
generated.
A proposed EHC controller is shown in Figure 4 The
E
BEND/B/eps
CUT/C/eps
R
REQUEST_WIDGET/B/B
REQUEST_WIDGET/C/C
REQUEST_WIDGET/Z0/Z0
R2
SLEEP/B/B
SLEEP/C/C
SLEEP/Z0/Z0
P1
eps/C/B, C
P3
eps/B/C, B
P4
eps/B/C, B
eps/B/C, B
eps/C/B, C
eps/Z0/B, Z0
eps/Z0/Z0
eps/B/eps
eps/C/eps
0
eps/Z0/Z0
Fig. 4.Simple controller model for widget making machine.
possible stack strings of this controller will be either:
1) (CB)+Z0: In this case, some number of widgets is to
be made.
2) B(CB)∗Z0: In this case a bend must be completed to
finish making a widget and other widgets may need to
be made.
3) Z0: No widgets are to be made.
1725
Authorized licensed use limited to: Oak Ridge National Laboratory. Downloaded on October 27, 2008 at 12:20 from IEEE Xplore. Restrictions apply.
Page 5
The system begins in State E. When widget requests come
in, the system transitions to State R and the stack is modified
to place the appropriate commands on to it. Stack modifica
tion occurs in states P1, P3 and P4, depending upon the
current stack configuration. The system returns to E and
widget production continues. If a sleep event occurs, the
system clears its stack to Z0 and returns to the execution
state to await more widget commands. We assume, in normal
functioning, that the sleep command will only occur when
the system has stack Z0 for otherwise it would be in the
middle of widget processing.
Checking controllability of this system can be accom
plished by analyzing the machine shown in Figure 5. The
0_E
1_R
REQUEST_WIDGET/Z0/Z0
0_R2
eps/Z0/Z0
eps/B/eps
eps/C/eps
1_E
SLEEP/B/B
SLEEP/C/C
SLEEP/Z0/Z0
BEND/B/eps
CUT/C/eps
REQUEST_WIDGET/B/B
REQUEST_WIDGET/C/C
REQUEST_WIDGET/Z0/Z0
1_DUMP
CUT/B/B
CUT/Z0/Z0
BEND/C/C
BEND/Z0/Z0
1_P1
eps/C/B, C
1_P3
eps/B/C, B
1_P4
eps/B/C, B
eps/B/C, B
eps/C/B, C
eps/Z0/B, Z0
0_0
eps/Z0/Z0
Fig. 5.
K is controller language. Note it has no uncontrollable transitions leaving
entering the nondump states.
A machine accepting`K´c∩L when L is the plant language and
dump states are the final states of this system. Note there
are no uncontrollable transitions entering the dump states.
Hence, it follows from Proposition 7 that the supervisory
language generated by the EHC must be controllable with
respect to the plant language.
A. Discussion of Example
The control system we developed in the previous sec
tion has a capability at cannot be modeled using a finite
state system: The machine controlling the cutting/bending
must record each time a request is generated so that the
appropriate number of widgets is produced. This control
requirement implies that the number of requested widgets
must be recorded in realtime by the machine controlling
widget construction. The plant model specifies that a widget
may be requested at anytime. That is, the total number of
widgets requested in the system may change as time moves
forward and is not prespecified by the structure of the
plant. The controller must be able to store an arbitrary and
unspecified number of widget requests. This immediately
presuppose the existence of nonfinite memory, which is
not possible with a finite state machine plant and controller
combination. It is possible, as we have shown, using an EHC
controller and finite state plant.
V. EXTENDED EXAMPLE
We can extend the example provided in the previous
section. Suppose that after each action (bend or cut) an eye
evaluates the product and determines whether it is acceptable
to continue or not. If it is not acceptable, an error is generated
and the widget making machine must be cleared and reset.
The new plant is shown in Figure 6. In this model State 3 is
0
1
REQUEST_WIDGET SLEEP
REQUEST_WIDGET
2
BEND CUT OK
REQUEST_WIDGET
3
ERR
CLEAR
REQUEST_WIDGET
Fig. 6.A plant model with error detection.
an error state in the plant. The EHC defined in the previous
section can be extended to include new response states to
deal with the uncontrollable events OK and ERR. Response
states R3 and R4 properly modify the stack to execute an
appropriate clear command on the plant. The new controller
is shown in Figure 7. Checking controllability is similar to
E
BEND/B/eps
CLEAR/X/eps
CUT/C/eps
R
REQUEST_WIDGET/B/B
REQUEST_WIDGET/C/C
REQUEST_WIDGET/Z0/Z0
R2
SLEEP/B/B
SLEEP/C/C
SLEEP/Z0/Z0
R3
OK/B/B
OK/C/C
OK/Z0/Z0
R4
ERR/B/B
ERR/C/C
ERR/X/X
ERR/Z0/Z0
P1
eps/C/B, C
P2
eps/C/X, C
P3
eps/B/C, B
P4
eps/B/C, B
P5
P6
eps/B/C, B
eps/C/X, C
eps/B/C, B
eps/X/C, B
eps/C/B, C
eps/Z0/B, Z0
eps/Z0/Z0
eps/B/eps
eps/C/eps
eps/B/B
eps/C/C
eps/Z0/Z0
eps/X/X
eps/B/B
eps/C/B, C
eps/Z0/B, Z0
0
eps/Z0/Z0
Fig. 7.
process.
A new controller taking into account errors in the production
the example in the preceeding section, however it is clear
from the example that the system will be controllable.
VI. LIMITATIONS OF THE APPROACH
This example could be extended further by modeling a
plant with multiple modes of execution, leading to multiple
1726
Authorized licensed use limited to: Oak Ridge National Laboratory. Downloaded on October 27, 2008 at 12:20 from IEEE Xplore. Restrictions apply.
Page 6
types of executor states within the controller. In this case
the example could have two types of widgets required for
production and use more controllable events. Such an ex
ample would illustrate the limitations of exception handling
control. Consider a control system that produces two types
of widgets. As new widget requests are made they are stored
on the stack. If the example is extended in a straightforward
way, however, the order of the requests is reversed. Hence,
widget requests are satisfied in the opposite order of their
occurrence. We can use additional stack modification states
to store a component of the current stack (and thus preserve
order), but again we will run into a finite memory problem.
Since some of the stack information must be transferred
to the finite memory component of the controller (i.e., the
states) only a finite order can be maintained. Hence for some
fixed N widget requests we can maintain an appropriate
order, but the N + 1stwidget may not be in the correct
order in which it was requested. A control system that is
capable of storing an arbitrary request order for multiple
widget types would require a queue storage system. Using
the results in [12], we can see that there is no algorithm
for checking controllability in such a system. It should be
noted that metaproofs using induction can be used to prove
controllability for some systems like this, but not all [17].
VII. CONCLUSION
In this chapter we have defined the concept of Excep
tion Handling Controller. Exception handling controllers
are deterministic pushdown machines that are designed to
store an executable plan on the pushdown stack. They have
computational properties that make them similar to, but more
powerful than, finite state machines. We provided a very
simple yet illustrative example of the use of EHC machines
in a manufacturing scenario. One major benefit to the use of
a pushdown stack memory store in discrete event control is
the ability to store a plan. This could allow hierarchical or
hybrid controllers to inspect the contents of the pushdown
stack. This is a novel approach to hierarchical discrete event
control and one that may be worthy of further study.
REFERENCES
[1] P. J. Ramadge and W. M. Wonham, “Supervisory control of a class
of discrete event processes,” SIAM J. Control Optim., vol. 25, no. 1,
pp. 206–230, 1987.
[2] ——, “On the supremal controllable sublanguage of a given language,”
SIAM J. Control Optim., vol. 25, no. 3, pp. 637–659, 1987.
[3] R. D. Brandt, V. K. Garg, R. Kumar, F. Lin, S. I. Marcus, and W. M.
Wonham, “Formulas for calculating supremal controllable and normal
sublanguages,” Systems Control Lett., vol. 15, pp. 111–117, 1990.
[4] R. Kumar, V. K. Garg, and S. I. Marcus, “On controllability and
normality of discrete event dynamic systems,” Systems Control Lett.,
vol. 17, no. 3, pp. 157–168, 1991.
[5] R. Sreenivas, “A note on deciding the controllability of a language k
with respect to a language l,” IEEE Trans. Autom. Control, vol. 38,
no. 4, pp. 658–662, April 1993.
[6] B. A. Brandin and W. M. Wonham, “Supervisory control of timed
discreteevent systems,” IEEE Trans. Autom. Control, vol. 39, no. 2,
pp. 329–342, Feb. 1994.
[7] K. C. Wong and W. M. Wonham, “Hierarchical control of discrete
event systems,” Discrete Event Dynamic Systems, vol. 6, pp. 241–273,
1996.
[8] R. Sengupta and S. Lafortune, “An optimal control theory for discrete
event systems,” SIAM J. Control Optim., vol. 36, no. 2, pp. 488–541,
1998.
[9] H. Marchand, O. Boivineau, and S. LaFortune, “On the synthesis of
optimal schedulers in discrete event control problems with multiple
goals,” SIAM J. Control Optim., vol. 39, no. 2, pp. 512–532, 2000.
[10] A. Ray and S. Phoha, “A language measure for discrete event
automata,” in International Federation of Automatic Control World
Congress, Barcelona, Spain, 2002.
[11] Y. Cao and M. Ying, “Supervisory Control of Fuzzy Discrete Event
Systems,” IEEE Trans. Autom. Control, vol. 35, no. 2, pp. 366–371,
2005.
[12] C. Griffin, “A note on deciding controllability in pushdown systems,”
IEEE Trans. Autom. Control, vol. 51, no. 2, pp. 334–337, February
2006.
[13] A. E. C. da Cunha and J. E. R. Cury, “Hierarchical Supervisory Control
Based on Discrete Event Systems with Flexible Marking,” IEEE Trans.
Autom. Control, vol. 32, no. 12, pp. 2242–2253, 2007.
[14] C. Griffin, “A note on the properties of the supremal controllable
sublanguage in pushdown systems,” IEEE Trans. Autom. Control, In
Press, 2008.
[15] C. G. Cassandras and S. LaFortune, Introduction to Discrete Event
Systems.Boston, MA, USA: Kluwer Academic Publishers, 1999.
[16] J. Hopcroft and J. Ullman, Automata, Languages and Computation,
2nd ed.UpperSaddle, NJ: PrenticeHall Publisher, 1979.
[17] C. Griffin, “Decidability and Optimality in Pushdown Control Sys
tems: A New Approach to Discrete Event Control,” Ph.D. disserta
tion, Department of Industrial Engineering, The Pennsylvania State
University, University Park, PA, December 2007.
1727
Authorized licensed use limited to: Oak Ridge National Laboratory. Downloaded on October 27, 2008 at 12:20 from IEEE Xplore. Restrictions apply.
View other sources
Hide other sources
 Available from Christopher Griffin · Jul 28, 2014
 Available from ornl.gov