Content uploaded by Tomáš Masopust
Author content
All content in this area was uploaded by Tomáš Masopust on Dec 21, 2013
Content may be subject to copyright.
Multilevel Coordination Control of Modular DES
Jan Komenda, Tom´
aˇ
s Masopust, and Jan H. van Schuppen
Abstract— A top-down approach to multilevel coordination
control is presented along with the corresponding notions
of conditional decomposability and conditional controllability.
The multilevel structure makes the approach computationally
more efficient in comparison with the approach of one central
coordinator since fewer events need to be communicated among
subsystems. Necessary and sufficient conditions are stated for a
specification to be achieved by the proposed top-down approach.
I. INTRODUCTION
Coordination control of discrete-event systems (DES) has
been developed to reduce the combinatorial explosion of
the state complexity inherent to supervisory control of large
systems. Since purely modular approaches fail in general
to guarantee the nonblocking safe behavior, coordination
control has been proposed in [7] as a trade-off between
purely decentralized (modular) and centralized supervisory
control syntheses. The procedure of coordination control
consists of the computation of a coordinator for safety and
for nonblockingness. Such a coordinator can be seen as
an upper layer in the hierarchy, where the low level is
the original plant. Coordination control of modular DES
combines both horizontal and vertical modularities.
Hierarchical control of DES with complete observations
has been studied in the DES literature. Most papers on
hierarchical DES address the situation in which one system
is abstracted and controlled by another system. In this
paper we address the situation where several subsystems
at one level are controlled by one subsystem at the next
higher level. The important concepts, namely the observer
property [9] and output control consistency (OCC) or its
weaker variant local control consistency (LCC) [8], are used
as sufficient conditions on the abstraction (projection) so
that the high-level synthesis of an optimal and nonblocking
supervisor for the smaller abstracted plant and specifications
is implementable at the low-level (original plant).
Coordination control can be seen as a hierarchical control
of a modular plant, where the low level of the hierarchy is the
original modular plant and the high level is the coordinator,
defined in [5] as the modular plant projected on the coordi-
nator alphabet. However, if there is a large number of local
components and a large degree of interactions among local
J. Komenda and T. Masopust are with Institute of Mathematics, Academy
of Sciences of the Czech Republic, ˇ
Ziˇ
zkova 22, 616 62 Brno, Czech Rep.
komenda@math.cas.cz, masopust@math.cas.cz Part of
the research was done when the second author was with the University of
Bayreuth, Bayreuth, Germany.
Jan H. van Schuppen is with Van Schuppen Control Research, Gouden
Leeuw 143, 1103 KB, Amsterdam, The Netherlands.
jan.h.van.schuppen@gmail.com
plants, the procedure to compute the coordinator alphabet
proposed in [5] yields a too large alphabet. In an extreme
case, where all events are shared by some components,
the coordinator alphabet becomes the global alphabet. It
is because we proposed one central coordinator having in
its alphabet all shared events. Clearly, in many practical
situations, one central coordinator is not sufficient to decrease
the complexity of supervisory control and more sophisticated
coordination control architectures should be developed.
In this paper another coordination control architecture is
proposed, where one central coordinator is replaced by sev-
eral coordinators at the second lowest level, which coordinate
groups of local subsystems with only limited interactions.
The key step in designing this hierarchy is to divide the
local plant into several groups such that within each group
a very small number of events is shared.
In the proposed top-down approach, control design starts
at the top level by computing a coordinator on the high
level. Then a coordinator for safety is computed for each
group on the lower levels in the top-down manner. The
computation then proceeds to the bottom level by computing
the coordinator for safety for the low level groups. Finally,
at the bottom level, local supervisors must be computed
for all groups and all individual subsystems combined with
the group coordinators must be computed. No supervisors
for safety are needed on the upper levels of the hierarchy,
because the specification has been decomposed in the top-
down manner with coordinators so that safety is guaranteed.
The paper is organized as follows. Section II recalls the
preliminary results from supervisory control with one central
coordinator. Section III formulates the top-down approach
to multilevel coordination control. Conditional controllability
and conditional decomposability conditions for the top-down
architecture are formulated in Section IV. In Section V the
main result is presented: necessary and sufficient conditions
for a specification to be achieved by the top-down approach.
Conclusions are given in Section VI.
II. PRELIMINARIES
A string s∈A∗is a prefix of w∈A∗, denoted by s≤w, if
there exists t∈A∗such that w=st. The prefix closure L=
{w∈A∗|there exists v∈A∗such that wv ∈L}of a language
L⊆A∗is the set of all prefixes of all its elements. A language
Lis prefix-closed if L=L.
Agenerator is a structure G= (Q,A,f,q0,Qm), where Q
is a finite set of states,Ais a finite alphabet,f:Q×A→Q
is a partial transition function,q0∈Qis the initial state,
and Qm⊆Qis the set of marked states. As usual, fcan
be extended to the domain Q×A∗. The language generated
52nd IEEE Conference on Decision and Control
December 10-13, 2013. Florence, Italy
978-1-4673-5716-6/13/$31.00 ©2013 IEEE 6323
by Gis defined as L(G) = {s∈A∗|f(q0,s)∈Q}and the
language marked by Gis defined as Lm(G) = {s∈A∗|
f(q0,s)∈Qm}. By definition, L(G)is prefix-closed.
Acontrolled generator over an alphabet Ais a triple
(G,Ac,Γ), where Gis a generator over A,Ac⊆Ais a set of
controllable events,Au=A\Acis the set of uncontrollable
events, and Γ={γ⊆E|Au⊆γ}is the set of control
patterns. A supervisor for a controlled generator (G,Ac,Γ)is
a map S:L(G)→Γ. The closed-loop system associated with
controlled generator (G,Ac,Γ)and supervisor Sis defined
as the minimal language L(S/G)such that ε∈L(S/G)and,
for any s∈L(S/G)with sa ∈L(G)and a∈S(s),sa belongs
to L(S/G). The marked language of the closed-loop system
is defined as Lm(S/G) = L(S/G)∩Lm(G). If the closed-loop
system is nonblocking, that is Lm(S/G) = L(S/G), supervisor
Sis called nonblocking.
Let Lm,L⊆A∗be languages, where Lis prefix-closed. A
language K⊆A∗is controllable with respect to Land Auif
KAu∩L⊆K. Moreover, Kis Lm-closed if K=K∩Lm.
Aprojection P :A∗→B∗, for B⊆A, is a homomorphism
defined as P(a) = ε, for a∈A\B, and P(a) = a, for a∈
B. The inverse image of P, denoted by P−1:B∗→2A∗, is
defined as P−1(w) = {s∈A∗|P(s) = w}. These definitions
can be extended to languages. For alphabets Ai,Aj,A⊆A,
we use Pi+j
to denote the projection from (Ai∪Aj)∗to A∗
.
If Ai∪Aj=A, we simply write P
. Moreover, Ai,u=Ai∩
Audenotes the sets of locally uncontrollable events. For a
generator Gand a projection P,P(G)denotes the minimal
generator such that Lm(P(G)) = P(Lm(G)) and L(P(G)) =
P(L(G)). The reader is referred to [1], [10] for a construction.
Let Gbe a generator over an alphabet A. Given a specifi-
cation K⊆Lm(G), the aim of supervisory control is to find
a nonblocking supervisor Ssuch that Lm(S/G) = K. Such a
supervisor exists if and only if Kis controllable with respect
to L(G)and Auand Lm(G)-closed, see [1], [10].
The synchronous product of languages Li⊆A∗
i,i=
1,...,n, is defined as kn
i=1Li=∩n
i=1P−1
i(Li)⊆A∗, where A=
∪n
i=1Aiand P
i:A∗→A∗
iare projections to local alphabets.
In terms of generators Gi, it is known that L(kn
i=1Gi) =
kn
i=1L(Gi)and Lm(kn
i=1Gi) = kn
i=1Lm(Gi)(see [1] for more
details). Languages Kand Lare synchronously nonconflicting
if KkL=KkL.
A projection Q:A∗→B∗is an L-observer for a language
L⊆A∗if, for every t∈Q(L)and s∈L,Q(s)≤timplies that
there is u∈A∗such that su ∈Land Q(su) = t[9].
Now we recall the basic notion of coordination control.
Definition 1 (Conditional decomposability): A language
Kover ∪n
i=1Aiis conditionally decomposable with respect
to (Ai)n
i=1and Ak, where ∪i6=j
1≤i,j≤n(Ai∩Aj)⊆Ak⊆ ∪n
j=1Aj,
if
K=P
1+k(K)kP
2+k(K)k... kP
n+k(K)
for projections P
i+kfrom ∪n
j=1Ajto Ai∪Ak,i=1,...,n.
Alphabet Akis referred to as a coordinator alphabet and
satisfies the conditional independence property, namely Ak
includes all shared events: ∪i6=j
1≤i,j≤n(Ai∩Aj)⊆Ak. It holds
that if Kis a parallel composition of nlanguages (over the
required alphabets), then it is conditionally decomposable.
Lemma 2 (Lemma 2 in [4]): A language Kover ∪n
i=1Aiis
conditionally decomposable with respect to alphabets (Ai)n
i=1
and Akif and only if there exist languages Mi+k⊆A∗
i+k,
i=1,...,n, such that K=kn
i=1Mi+k.
Now we recall the main result of coordination control with
one central coordinator. The problem of coordination control
is as follows.
Problem 3: Given generators G1and G2over alphabets
A1and A2, respectively, and a coordinator Gkover Ak,
where A1∩A2⊆Ak⊆A1∪A2. Let K⊆Lm(G1kG2kGk)
be a specification that is conditionally decomposable with
respect to A1,A2,Ak. The problem of coordination control
is to synthesize nonblocking supervisors S1,S2,Skfor the
respective generators so that the closed-loop system with the
coordinator satisfies
Lm(S1/[G1k(Sk/Gk)]) kLm(S2/[G2k(Sk/Gk)]) = K.
The idea of coordination control is to first construct a
supervisor Sksuch that the closed-loop system L(Sk/Gk)
satisfies the ”coordinator part” of the specification given by
P
k(K)and then local supervisors Si,i=1,2, for Gik(Sk/Gk)
such that the closed-loop system L(Si/[Gik(Sk/Gk)]) satisfy
the corresponding parts of the specification given by P
i+k(K).
Conditional controllability along with conditional decom-
posability form an equivalent condition for a language to be
achieved by the closed-loop system within our coordination
control architecture, cf. Theorem 5 below.
Definition 4: A language K⊆L(G1kG2kGk)is condition-
ally controllable for generators G1,G2,Gkand uncontrol-
lable alphabets A1,u,A2,u,Ak,uif
1) P
k(K)is controllable with respect to L(Gk)and Ak,u,
2) P
i+k(K)is controllable with respect to L(Gi)kP
k(K)
and Ai+k,u,
where Ai+k,u= (Ai∪Ak)∩Au, for i=1,2.
Recall that every conditionally controllable and condition-
ally decomposable language is controllable, cf. [3, Proposi-
tion 4]. The main existential result is the following.
Theorem 5 (Theorem 6 in [5]): Consider the setting of
Problem 3. There exist nonblocking supervisors S1,S2,Sk
such that L(S1/[G1k(Sk/Gk)]) kL(S2/[G2k(Sk/Gk)]) = Kif
and only if Kis conditionally controllable with respect to
generators G1,G2,Gkand alphabets A1,u,A2,u,Ak,u.
III. MULTI LEV EL CO ORD INATION CONTRO L
In this section we study a computationally efficient ap-
proach to supervisory control of a large modular DES
given by a synchronous product of generators. The single-
coordinator approach of [5] is replaced by several coordi-
nators on different levels. The first step is to divide local
subsystems into groups of subsystems on the lowest level.
Each group then has its own coordinator. Here we assume
that the organization of subsystems into groups is given by
the system designer. A criterion for this organization can be
the number of shared events within groups of subsystems,
which makes this organization sometimes obvious from
6324
the geographical distribution of subsystems. The motivation
for this division into several groups is that it is typically
needed to include many events in the coordinator alphabet to
make the specification language conditionally decomposable,
especially in the case of a large number of subsystems.
Instead of adding all events that have to be communicated
into a central coordinator alphabet it is more efficient if
each coordinator event is communicated only within some
group(s) of subsystems, which amounts to having different
coordinators for different groups while dividing the coordi-
nator alphabet into different subsets communicated among
subsystems within given group(s).
Let G=G1kG2k... kGnand assume that local generators
are divided into mgroups. We change the indexing so that the
first group is formed by generators G1,...,Gi1, the second
group by Gi1+1,...,Gi2, and so forth, i.e. the m-th group
is formed by Gim−1+1,...,Gim, where 1 ≤i1≤i2≤ ··· ≤
im=n. Recall that the synchronous product is associative
and commutative, hence we can organize the subsystems
in an arbitrary way. Denote the indexes of generators of
the j-th group by Ij, i.e. Ij={ij−1+1,ij−1+2,...,ij}, for
j=1,...,mwhere i0=0. Similarly, we assume that the
groups of subsystems I1,...,Imare organized into larger
groups J1,...,Jwith ≤m, and so on. For simplicity,
however, we consider in this paper the case =1, that
is, we have only two levels of organization, where on the
second level one obtains the complete system G1k.. . kGn.
In other words, we consider J1={I1,...,Im}meaning that
kI∈J1
i∈IGi=G1k... kGn. However, in the general multilevel
case not considered in this paper, the groups Ijcan be further
gathered up into larger groups J1,...,Jwith ≤mon the
higher level and so forth.
An important aspect is to propose a criterion for such a
hierarchical structure of subsystems. We do not propose it
in a formal way, but only provide a hint on how to build
such a hierarchical structure. The idea is to bundle subsets
of subsystems with strong interactions at the lowest level of
the multilevel structure. In the ideal situation the automata
formed by products of generators from different low level
groups have no shared events. This intuition can be made
mathematical by associating the subset with a square matrix
with the number of shared events between the subsystems
in a row and a column and try to find a permutation and
a block matrix structure such that the maximum of shared
events is situated in the diagonal blocks, while off-diagonal
blocks contain very small numbers (ideally zero matrices).
Finally, denote by Ash,jthe set of shared events of gener-
ators Gij−1+1,...,Gijof group Ij, i.e.
Ash,j=[k6=
k,∈Ij(Ak∩A).
Unlike in central coordination, at the low level there are m
low-level coordinators Gk1,...,Gkm, one for each group of
subsystems. The situation is depicted in Fig. 1. The notation
AIr=[i∈IrAi
is used in the paper. Here P
Irdenotes the projection P
Ir:A∗→
A∗
Ir. On the highest level there is one central coordinator
denoted by Gkover the alphabet Akthat coordinates the
mgroups of subsystems. We hope that the notation for
projection P
Ir+k:A∗→(AIr∪Ak)∗is now self-explanatory.
Again, the high-level coordinator should contain all shared
events, in this case all events shared by the groups of
subsystems denoted by
Ash =[k6=l
k,∈{1,...,m}(AIk∩AI).
Hence, Ash ⊆Ak, which is later referred to as the conditional
independence assumption.
Note that, in general, Ash contains fewer events than all
shared events among all subsystems. In the special case,
where events are only shared by subsystems within each
groups, we have Ash =/0. This confirms the intuition that it is
the best to leave the maximum interaction among subsystems
to be handled at the lowest level. Note that although no
high-level coordination for nonblocking is needed at all
(because subsystems on disjoint alphabets can be supervised
in a modular way without the blocking problem), a high-
level coordination for safety is still needed whenever the
specification language is not decomposable with respect to
high-level alphabets AI1,...,AIm.
IV. CONTROL SYNTHESIS - TOP -DOWN APPROACH
Once the organization of subsystems into groups is fixed,
we study the multilevel coordination control synthesis. A
notion of two-level conditional decomposability is now in-
troduced. In what follows only prefix-closed specification
languages are considered. The alphabet Ak⊆A(correspond-
ing to the high-level coordinator) is assumed to satisfy
the conditional independence property Ash ⊆Akas well as
alphabets Akr⊆AIr,r=1,...,m, are assumed to satisfy the
conditional independence property Ash,r⊆Ak,rat the local
group.
Definition 6 (Two-level conditional decomposability):
A language K⊆A∗is called two-level conditionally de-
composable with respect to alphabets A1,...,An, high-level
coordinator alphabet Ak, and low-level coordinator alphabets
Ak1,.. . Akmif
K=km
r=1P
Ir+k(K)and P
Ir+k(K) =kj∈IrPj+kr+k(K)
for r=1,...,m.
Recall that Pj+kr+kstands for the projection from A∗to
A∗
j+kr+k= (Aj∪Akr∪Ak)∗. For the set of second equations,
the specification of the group over AIr∪Akis not in general
decomposable into individual alphabets of group Irenriched
with corresponding low-level coordinator events Akrbecause
the high-level coordinator events Akmight be from alphabets
corresponding to different groups. Therefore, we have to
include the global coordinator events as well to have a
meaningful equation comparing languages over the same
alphabets on both sides.
The list of coordinator alphabets Ak,Ak1,.. . Akmis omitted
from the expression if it is clear from the context. Note that
the existence of coordinator alphabets Ak1,.. .Akmsuch that
K=kj1∈I1Pj1+k1+k(K)k.. . kkjm∈ImPjm+km+k
6325
Gk
over Ak
Gk1
over Ak1
Gk2
over Ak2
. . . . . . Gkm
over Akm
G1k. . . Gi1
k
Group I1
Gi1+1 k. . . Gi2
k
Group I2
Gim−1+1 k.. . Gim
k
Group Im
Fig. 1. Multilevel architecture
implies that K=kn
i=1P
i+h(K)with Ah=Ak1∪ · · · ∪ Akm∪Ak.
This is because for this choice of Ahwe have in fact that
P−1
i+hP
i+h(K)⊆P−1
i+kj+kP
i+kj+k(K), for j∈ {1,...,m}. This
means that two-level conditional decomposability implies
(standard) conditional decomposability, but with respect to
larger alphabets. Here the idea of two-level decomposability
is easily seen: instead of communicating all coordinator
events via a central coordinator, it is more advantageous
to communicate different parts of Ak, namely Ak1,...,Akm,
within the respective groups of subsystems Iivia the corre-
sponding ”group” coordinators Gki, for i=1,...,m.
On the other hand the following property holds true.
Proposition 7: If a language K⊆A∗is conditionally
decomposable with respect to alphabets (Ai)n
i=1and Ah,
then it is two-level conditionally decomposable with respect
to alphabets (Ai)n
i=1and coordinator alphabets Ak1=··· =
Akm=Ak=Ah, for any m>1.
However, the opposite does not hold true.
Example 8: Let K⊆ {a1,a2,a3,a4}∗be a language given
as a parallel composition of languages K12 ⊆ {a1,a2}∗and
K34 ⊆ {a3,a4}∗depicted in Fig. 2. By Lemma 2, Kis con-
ditionally decomposable with respect to alphabets {a1,a2}
and {a3,a4}. Moreover, K12 =P
1+2(K)and K34 =P
3+4(K).
Hence, K=P
1+2(K)kP
3+4(K), which means that in Defini-
tion 6 we can choose Ak=/0. Then we take Ak1={a1}and
Ak2={a4}to guarantee that K12 =P
1+k1(K12)kP
2+k1(K12)
and K34 =P
3+k2(K34)kP
4+k2(K34). Finally, to make Kcondi-
tionally decomposable with respect to ({ai})4
i=1and Ak0,Ak0
must contain at least one of a1and a2, and one of a3and
a4, hence |Ak0| ≥ 2, whereas |Ak1|=|Ak2|=1.
Communications among local generators are reduced, be-
cause unlike the original concept of conditional decompos-
ability, where all events Akare communicated among all
local agents via the coordinator, the events that need to
a2
a1
a2
a4
a3
a4
Fig. 2. Generators of languages K12 and K34, respectively
be communicated are now divided into groups of events
associated to a group of subsystems and their coordinators
and the events are communicated among local subsystems
belonging to a given group via the corresponding coordinator.
Moreover, in view of the previous result, it is often the case
that low-level coordinators Ak1,...,Akmare able to operate
on smaller alphabets than the full Ak. In general, Akcan be
distributed into Aki⊆Ak,i=1,...,m, with ∪m
i=1Aki=Ak.
Example 9: In this example we consider four generators
G1, ..., G4over the alphabets A1, ..., A4, respectively,
and their synchronous product G=G1k... kG4. On the low
(system) level we divide the four generators into two groups
I1={1,2}and I2={3,4}. There are low-level coordinators
Gk1and Gk2coordinating subsystems G1kG2and G3kG4,
respectively. It is assumed that the specification Kis two-
level conditionally decomposable with respect to the high-
level coordinator alphabet Ak, and low-level coordinator
alphabets Ak1, ..., Akm, that is, K=P
1+2+k(K)kP
3+4+k(K),
P
1+2+k(K) = P
1+k1+k(K)kP
2+k1+k(K), and P
3+4+k(K) =
P
3+k2+k(K)kP
4+k2+k(K).
Multilevel coordination control architecture is defined
later, but we sketch it now in this example to facilitate
the formal presentation of Problem 10 below. For each low
level group of coordinators combined with the high level
coordinator (note that parts of the specification alphabets
Ak∪Aki,i=1,2, must be considered jointly), there must be
supervisors Sk1for GkkGk1and Sk2for GkkGk2that impose
the corresponding part of the specification.
For local subsystems combined with the supervised co-
ordinators there are local supervisors Si, for i=1,2,3,4.
Namely, S1supervises the new plant G1k(Sk1/GkkGk1)with
the resulting closed-loop system L(S1/(G1k(Sk1/GkkGk1))).
Similarly, S2supervises G2k(Sk1/GkkGk1),S3supervises
G3k(Sk2/GkkGk2), and S4supervises G4k(Sk2/GkkGk2).
On the high level, there is only a high-level coordinator
Gkthat plays an auxiliary role in decomposing Kon the
high level. There is no need for any supervisor on the
high level: neither for Gknor for the combined high-level
plant. Otherwise stated, all follow from two-level condi-
tional decomposability combined with two-level conditional
controllability presented below. Hence, the overall two-level
6326
coordinated system is the composition
S1/[G1k(Sk1/GkkGk1)] kS2/[G2k(Sk1/GkkGk1)] k
S3/[G3k(Sk2/GkkGk2)] kS4/[G4k(Sk2/GkkGk2)].
The two-level coordination control problem of modular
DES is formulated below.
Problem 10 (Two-level coordination control problem):
Consider generators G1,...,Gnover alphabets A1,...,An,
respectively, and their synchronous product G=G1k. ..kGn
along with the two-level hierarchical structure of subsystems
organized into groups Ij={ij−1+1,ij−1+2,...,ij},j=
1,...,m≤n, on the low level. The synchronous products
of generators from these groups then represent the mhigh-
level systems ki∈IjGi,j=1,...,m. It is assumed that the
specification Kis prefix-closed and two-level conditionally
decomposable with respect to local alphabets A1,...,An,
high-level coordinator alphabet Ak, and low-level coordinator
alphabets Ak1,.. . Akm. The two-level structure of coordinators
is associated to the above organization of subsystems into
groups in a natural way. Namely, on the low level coordinator
Gkjis associated to the group of subsystems {Gi|i∈Ij},
j=1,...,m. On the high level, a unique (central) coordinator
is denoted by Gk. The aim of the two-level coordination
control synthesis is to determine supervisors Si,i∈Ij, within
any group of low-level systems {Gi|i∈Ij},j=1,...,m,
and supervisors for low-level coordinators combined with
the high-level coordinator Skj,j=1,...,m, such that the
specification is met by the closed-loop system. The overall
two-level coordinated and supervised closed-loop system is
given by
km
j=1ki∈IjL(Si/[Gik(Skj/GkkGkj)]).
In the statement of the problem, we have mentioned
the notion of a coordinator. Given a specification K, the
coordinator Gkjof the j-th group of subsystems {Gi|i∈Ij}
is computed as follows.
1) Set Akj=Ash,j=Sk6=
k,∈Ij(Ak∩A)to be the set of all
shared events of systems from the group Ij.
2) Extend Akjso that P
Ir+k(K)is conditional decompos-
able with respect to (Ai)i∈Ijand Akj, for instance using
a method described in [4].
3) Let coordinator Gkj=ki∈IjP
kj(Gi).
The high-level coordinator Gkis computed in a similar
way as Gkj, but instead of the low-level groups, all local
subsystems are used, i.e. Gk=kn
i=1P
k(Gi).
Since the only known condition ensuring that the projected
generator is smaller than the original one is the observer
property [9] we might need to further extend alphabet Akj
so that projection P
kjis an L(Gi)-observer, for any i∈Ij.
Note that the blocking issue is not considered in this paper,
because the specification is assumed to be prefix-closed.
However, we have recently solved the blocking issue by
proposing coordinators for nonblockingness. These coordi-
nators are computed in a different way than the coordinators
for safety considered in this paper and defined above, cf. [6].
The extension of coordinators for nonblockingness from one-
level coordination control to two-level coordination control
c
u1
a
u
c
u2
a
u
v1
c
u
b1
v2
c
u
b2
Fig. 3. Generators G1,...,G4
is fairly simple once the framework is established.
The central notion in the coordination control approach
is played by the concept of conditional controllability intro-
duced in [7] and later studied in [2], [5], [3]. In this paper,
we extend this notion as follows.
Definition 11: Consider the setting and notation of Prob-
lem 10 and let Gkbe a coordinator. A language K⊆
L(kn
i=1GikGk)is two-level conditionally controllable with
respect to generators G1,...,Gn, local alphabets A1,...,An,
high-level coordinator alphabet Ak, low-level coordinator
alphabets Ak1,.. . Akm, and uncontrollable alphabet Auif
1) P
kj+k(K)is controllable with respect to L(GkjkGk)and
Akj+k,u,
2) for j=1,...,mand i∈Ij,P
i+k+kj(K)is controllable
with respect to L(Gi)kP
kj+k(K)and Ai+kj+k,u.
V. EXIS TENCE OF SUPERVISORS
In this section, the main existential result of top-down mul-
tilevel coordination control approach is presented. We start at
the top level by decomposing the specification according to
the distribution of alphabets. Then a similar decomposition
is computed at the lower level. The actual computation of
coordinators and supervisors is made at the lowest level. No
further computation is needed on the higher levels, because
the overall specification is satisfied by construction.
Theorem 12: Consider the setting of Problem 10 (in
particular Kis two-level conditionally decomposable with
respect to local alphabets A1,...,An, high-level coordinator
alphabet Ak, and low-level coordinator alphabets Ak1,. ..Akm).
There exist supervisors for low-level systems Si,i∈Ij, within
any group of low-level systems {Gi|i∈Ij},j=1,...,m,
and supervisors Skj,j=1,...,m, for low-level coordinators
combined with the high-level coordinator, such that
km
j=1ki∈IjL(Si/Gik(Skj/GkkGkj)) = K(1)
if and only if Kis two-level conditionally controllable with
respect to generators and alphabets listed in Definition 11.
If Kfails to be two-level conditional controllable, a sub-
language of Kthat is conditional controllable is computed.
Fortunately, similarly to one-level conditional controllability,
two-level conditional controllability is preserved by language
unions, whence the supremal two-level conditional control-
lable sublanguage always exists.
Example 13: Example 9 can be continued with a concrete
modular system. Let A1={a,c,u,u1},A2={a,c,u,u2},
A3={b1,c,u,v1}, and A4={b2,c,u,v2}where G1,...,G4
are defined in Fig. 3, and Au={u,u1,u2}. The specification
Kis defined in Fig. 4. Following the procedure for the
top-down computation scheme we need to check if Kis
6327
v1
v2
c
v2
v1
a
a
v1
av1
v2
v2v1
u
b1
b2
b2b1
u1u2
u2
u1
Fig. 4. Generator for the specification K
two-level conditionally decomposable. It appears that we
have to extend the alphabets of shared events to make this
condition hold. First of all, by choosing Ak={a,c,u}, i.e. by
extending the high level shared alphabet Ash = (A1∪A2)∩
(A3∪A4)by event awe get K=P
1+2+k(K)kP
3+4+k(K). The
corresponding high-level coordinator is then given by Lk=
P
k(L) = {ε,c,a,au}. The low-level conditions of two-level
conditionally decomposability require to find low-level co-
ordination alphabets Ak1and Ak2. There is no need to extend
Ash,1=A1∩A2, because P
1+2+k(K) = P
1+k(K)kP
2+k(K)is
actually decomposable with respect to alphabets A1=A1∪Ak
and A2=A2∪Ak. Hence, Ak1=A1∩A2={a,c}. On the
other hand, P
3+4+k(K)is not decomposable with respect
to A3+kand A4+k. For Ak2=Ash,2∪ {v1}={c,u,v1}we
have P
3+4+k(K) = P
3+k+k2(K)kP
4+k+k2(K), i.e. P
3+4+k(K)is
conditionally decomposable with respect to alphabets A3,A4,
and Ak+k2=Ak∪Ak2.
Once we have conditionally decomposed the global spec-
ification in a top-down manner for coordinator alphabets Ak,
Ak1and Ak2, we can start the computation at the bottom
level. It can be checked that the specification Kis two-
level conditionally controllable with respect to the same
coordinator alphabets (no further extension is needed). We
start with the language P
1+2+k(K) = P
1+k(K)kP
2+k(K). Since
P
i+k(K) = P
i(K) = Li,i=1,2, there is no need to compute
supervisors and coordinators for the group I1. For the group
I2, the low-level coordinator is given by Lk2=P
k2(L3kL4) =
{ε,u,v1,v1c}.P
3+k+k2(K)has to be imposed for the part of
the global plant L3kLk2kLk. Fortunately, P
3+k+k2(K)is con-
trollable with respect to the language L3kLk2kLkand, hence,
supC(P
3+k+k2(K),L3kLk2kLk,A3+k+k2,u) = P
3+k+k2(K).
Indeed, it suffices to disable controllable event aafter
v1has occurred. Languages P
3+k+k2(K)and L3kLk2kLkare
depicted in Fig. 5. Similarly, P
4+k+k2(K)is controllable with
respect to L4kLk2kLkand no computation of the supremal
controllable sublanguage is needed, see Fig. 6. Here, it also
suffices to disable aafter v1has occurred.
It can be checked that the overall closed-loop language
is P
1+k(K)kP
2+k(K)kP
3+k+k2(K)kP
4+k+k2(K) = K, in accor-
dance with the two-level conditional decomposability and
two-level conditional controllability of K.
VI. CONCLUDING REMARKS
In a future publication, it is our plan to apply multilevel
coordination control to modular control of DES with commu-
v1
a
cv1
u
b1
v1
a
c
a
v1
u
b1
Fig. 5. P
3+k+k2(K)and L3kLk2kLk
v1v2
v2
c
v1
a
v1
a
a
v1
v2
v1
v2
u
b2
v1v2
v2
c
v1
a
v1
a
a
v1
v2
v1
v2
u
b2
a
a
v2
Fig. 6. P
4+k+k2(K)and L4kLk2kLk
nicating supervisors. This way we obtain interesting commu-
nication protocols among local supervisors via coordinators
for different groups of subsystems.
VII. ACKNOWLEDGMENTS
The authors gratefully acknowledge comments and sug-
gestions of the anonymous referees. The research was sup-
ported by GA ˇ
CR grants P103/11/0517 and P202/11/P028, by
Mˇ
SMT grant LH13012 (MUSIC), and by RVO: 67985840.
REFERENCES
[1] C. G. Cassandras and S. Lafortune, Introduction to discrete event
systems, 2nd ed. Springer, 2008.
[2] J. Komenda, T. Masopust, and J. H. van Schuppen, “Synthesis of
controllable and normal sublanguages for discrete-event systems using
a coordinator,” Systems Control Lett., vol. 60, no. 7, pp. 492–502,
2011.
[3] ——, “On algorithms and extensions of coordination control of
discrete-event systems,” in WODES, Guadalajara, Mexico, 2012, pp.
245–250.
[4] ——, “On conditional decomposability,” Systems Control Lett.,
vol. 61, no. 12, pp. 1260–1268, 2012.
[5] ——, “Supervisory control synthesis of discrete-event systems using a
coordination scheme,” Automatica, vol. 48, no. 2, pp. 247–254, 2012.
[6] ——, “Coordination control of discrete-event systems revisited,”
http://arxiv.org/abs/1307.4332, 2013.
[7] J. Komenda and J. H. van Schuppen, “Coordination control of discrete
event systems,” in WODES, Gothenburg, Sweden, 2008, pp. 9–15.
[8] K. Schmidt and C. Breindl, “On maximal permissiveness of hierar-
chical and modular supervisory control approaches for discrete event
systems,” in WODES, Gothenburg, Sweden, 2008, pp. 462–467.
[9] K. Wong and W. Wonham, “Hierarchical control of discrete-event
systems,” Discrete Event Dyn. Syst., vol. 6, no. 3, pp. 241–273, 1996.
[10] W. M. Wonham, “Supervisory control of discrete-event systems,”
2012, lecture notes, University of Toronto, [Online]. Available at
http://www.control.utoronto.ca/DES/.
6328