Available via license: CC0
Content may be subject to copyright.
Supervisory Control of Multi-Agent
Discrete-Event Systems
with Partial Observation
Yingying Liu, Jan Komenda, and Zhiwu Li ∗†
March 22, 2021
Abstract
In this paper we investigate multi-agent discrete-event systems with
partial observation. The agents can be divided into several groups in each
of which the agents have identical (isomorphic) state transition structures,
and thus can be relabeled into the same template. Based on the template
ascalable supervisor whose state size and computational cost are indepen-
dent of the number of agents is designed for the case of partial observation.
The scalable supervisor under partial observation does not need to be re-
computed regardless of how many agents are added to or removed from
the system. We generalize our earlier results to partial observation by
proposing sufficient conditions for safety and maximal permissiveness of
the scalable least restrictive supervisor on the template level. An example
is provided to illustrate the proposed scalable supervisory synthesis.
1 Introduction
In manufacturing, logistical or similar technological systems one often encoun-
ters the need of not specifying the number of subsystems a priori, since their
number can vary even without an upper bound. Very often, such components
are just instantiations of a finite number of template subsystems, where each
group of components is isomorphic to a template. Such systems, often called
multi-agent discrete-event systems (DES), are used in situations where several
entities (e.g. robots, machines) perform the same type of jobs, while their num-
ber can vary in time. In multi-agent DES the agents (modeled as subsystems)
can be divided into several groups, and within each group the agents have similar
or identical state transition structures.
∗The work of Jan Komenda is supported by RVO 67985840 and GAˇ
CR grant 19-06175J.
†Yingying Liu is with Shanghai Jiao Tong University, Shanghai, 200240, China, Zhiwu Li is
with School of Electro-Mechanical Engineering, Xidian University, Xi’an, 710071, China, and
Jan Komenda is with Institute of Mathematics, Academy of Sciences of the Czech Republic,
Prague, Czech Republic.
arXiv:2103.10877v1 [eess.SY] 19 Mar 2021
The first work about multi-agent DES is found in [11], where multi-agent
DES with a single group of isomorphic agents (i.e. single template) are consid-
ered. A more general multi-agent DES framework has been presented in [12],
where a broadcasting-based parallel composition rule is used to describe both
cooperative and competitive interactions of agents. In [5] the authors have stud-
ied modular discrete-event systems that are formed as synchronous products of
components that allow several isomorphic agents. The authors exploit the sym-
metry using state tree structures for achieving a larger computational benefit.
In [13] all local requirements are also instantiated from a given requirement
template. A control protocol synthesis is investigated, which assumes that each
private alphabet is only observable to the corresponding agent, but the global
alphabet is accessible by all agents.
In [10] the case of several templates is studied under the assumption that
there are no shared events inside the groups (among isomorphic agents), but also
no shared events among different groups (represented by templates). Moreover,
the method in [10] only deals with the complete observations case. Our goal is
to synthesize supervisors for templates that guarantee a specification regardless
of the number of agents corresponding to templates (i.e. number of agents in
different groups).
This work extends the results of [10] in several direction. Firstly, we gener-
alize the computation of scalable supervisors to the case of partial observation,
where observability of the specification language is needed to synthesize the su-
pervisors. Secondly, we compare permissiveness of a monolithic supervisor with
a scalable, template based, supervisor under partial observation. We investigate
under which conditions a scalable least restrictive supervisor based on supremal
relatively observable sublanguage on the template level is not more restrictive
than the monolithic supervisor. Finally, we relax the assumption about ab-
sence of shared events and allow shared events among different groups, i.e. the
templates are allowed to have shared events.
The paper is organized as follows. The next section contains preliminaries
about supervisory control and recalls basic notions and results used throughout
this paper. Section 3 is devoted to investigation of sufficient conditions for
existence of scalable safety supervisor based on the supervisor for the relabeled
system. In Section 4 we propose sufficient conditions for the scalable least
restrictive supervisor to be as permissive as the monolithic supervisor. Section
5 reaches conclusions.
2 Preliminaries
Let the DES plant to be controlled be modeled by a generator G= (Z, Σ, δ, z0),
where Σ is a finite event set, Zis the finite state set, z0∈Zthe initial state,
and δ:Z×Σ→Zthe (partial) transition function. Extend δin the usual
way such that δ:Z×Σ∗→Z. The closed behavior of Gis the language
L(G) := {s∈Σ∗|δ(z0, s)!}, where the notation δ(z0, s)! means that δ(z0, s) is
defined. A string s1∈Σ∗is a prefix of another string s∈Σ∗, written s1≤s,
if there exists s2∈Σ∗such that s1s2=s. The length of string sis denoted by
|s|. We say that L(G) is prefix-closed if every for string s∈L(G) every prefix
s1≤sis also in L(G).
For partial observation, let the event set Σ be partitioned into Σo, the ob-
servable event subset, and Σuo, the unobservable subset (i.e. Σ = Σo˙
∪Σuo). A
(natural) projection P: Σ∗→Σ∗
ois defined according to
P(ε) = ε, ε is the empty string;
P(σ) = (ε, if σ /∈Σo,
σ, if σ∈Σo;
P(sσ) = P(s)P(σ), s ∈Σ∗, σ ∈Σ.
In the usual way, Pis extended to P:P wr(Σ∗)→P wr (Σ∗
o), where P wr(·)
denotes powerset. The inverse image of P, denoted by P−1:P wr (Σ∗
o)→
P wr(Σ∗), is defined as P−1(s) = {w∈Σ∗|P(w) = s}. The definitions
can naturally be extended to languages. The projection of a generator Gis a
generator P(G) whose behavior satisfies L(P(G)) = P(L(G)) and L(P(G)) =
P(L(G)). More details about partially observed DES can be found in [4].
Fixing a reference sublanguage C⊆L(G), we introduce relative observabil-
ity of language K. Let K⊆C⊆L.Kis C-observable with respect to Land
Σoif
(∀s, s0∈Σ∗)(∀σ∈Σ)(sσ ∈K&s0∈C&s0σ∈L(G)
&P(s) = P(s0)) ⇒s0σ∈K.
The following Lemma, transitivity of relative observability, is needed in the
proof of Theorem 2).
Lemma 1 Suppose K⊆N⊆L=L(G)⊆Σ∗and reference languages C⊆
C0. If Kis relatively observable with respect to Cand Nand Nis relatively
observable with respect to C0and L, then Kis relatively observable with respect
to Cand L.
Proof Let sb ∈K,s0∈C,P(s) = P(s0),b∈Σ, and s0b∈L. We need to show
that s0b∈K. Since K⊆N, i.e. K⊆Nas well, we have sb ∈N. Similarly,
C⊆C0implies C⊆C0. Thus, we have s0∈C0. Since P(s) = P(s0)and
s0b∈Lit follows from Nbeing relatively observable with respect to C0and L
that s0b∈N. Finally, we obtain from relative observability of Kwith respect to
Cand Nthat s0b∈K, which shows that is relatively observable with respect to
Cand L.
It is proved in [2] that relative observability is closed under arbitrary set
unions. Given a generator Gwith Σ = Σo˙
∪Σuo. Let E⊆Σ∗be a specification
language for G. The family of all sublanguages of Ethat are E-observable with
Σ∗
T∗Σ∗
o
T∗
o
R
PR
P
R
Figure 1: Schematic of natural projection Pand relabeling map R
respect to Land Σois O(E, L) := {K⊆E|Kis E-observable wrt Land Σo}.
Then O(E, L) has a unique supremal element [2], i.e.
sup O(E, L) = ∪{K|K∈ O(E, L)}.
To describe the structure of a multi-agent plant G, we briefly review a
concept, called relabeling map. We refer the reader to [10] and reference therein
for a more complete treatment for the relabeling map. Let Tbe a set of new
events, i.e. Σ ∩T=∅, and R: Σ →T. Define a relabeling map R: Σ →
Tsuch that is surjective but need not be injective. We require that events
σ1, σ2∈Σ with the same R-image, i.e. R(σ1) = R(σ2) = τ∈T, have similar
physical meaning and are just two instantiations of τin different but isomorphic
subsystems. We extend Rby morphism to R: Σ∗→T∗according to
(i) R(ε) = ε,εis the empty string;
(ii) R(sσ) = R(s)R(σ), σ∈Σ, s∈Σ∗.
Note that R(s)6=εfor all s∈Σ∗\ {ε}. Further extend Rfor languages, i.e.
R:P wr(Σ∗)→P w r(T∗), and define R(L) = {R(s)∈T∗|s∈L}, L ⊆Σ∗.
The inverse-image function R−1of Ris given by R−1:P wr(T∗)→P w r(Σ∗):
R−1(H) = {s∈Σ∗|R(s)∈H},H⊆T∗. Note that RR−1(H) = H,H⊆
T∗; while R−1R(L)⊇L,L⊆Σ∗. We say that L⊆Σ∗is (G, R)-normal if
R−1R(L)∩L(G)⊆L.
We now discuss computation of Rand R−1by generators. Let
G= (Q, Σ, δ, q0) be a generator. First, relabel each transition of Gto obtain
GT= (Q, T, δT, q0), where δT:Q×T→Qis defined by δT(q1, τ ) = q2iff (∃σ∈
Σ)R(σ) = τ&δ(q1, σ) = q2.Hence L(GT) = R(L(G)). However, GTas
given above may be nondeterministic [14]. Thus apply subset construction [14]
to convert GTinto a deterministic generator H= (Z, T , ζ, z0), with L(H) =
L(GT).
We require that Rpreserves observability status of events in Σ. Thus, To:=
{R(σ)|σ∈Σo},Tuo := {R(σ)|σ∈Σuo}, and T=To˙
∪Tuo. Let P: Σ∗→Σ∗
o
and PR:T∗→T∗
obe natural projections, their relationships with Rare shown
in Fig. 1.
Large complex DES are built out of the small ones using concurrent compo-
sition known as synchronous product. Given languages Li⊆Σ∗
i, i = 1, . . . , n,
their synchronous product (parallel composition) is defined by L1k. . . kLn=
Tn
i=1 P−1
i(Li)⊆Σ∗, where Pi: Σ∗→Σ∗
iare projections to local alphabets.
There are corresponding definitions in terms of generators, i.e. L(G1kG2) =
L(G1)kL(G2)[4].
Σ∗
T∗Σ∗
i
T∗
i
R
Pi|R
Pi
R
Figure 2: Schematic of local projection Pi(i= 1, . . . , l), Pi|R, and relabeling
map R
3 Scalable Supervisor under Partial Observation
Let R: Σ∗→T∗be a relabeling map, and the plant Gcan be divided into l(>
1) groups of component agents. In each group Gi(i∈ {1, . . . , l}) being a similar
set of generators under the given relabeling map R, i.e. Gi={Gi1,...,Gi ni}
(ni≥1) and there is a template generator Hisuch that
(∀j∈ {1, . . . , ni})R(Gij) = Hi.(1)
Let Gijbe defined on Σij = Σij,o ˙
∪Σij,uo, templates Hion Ti=Ti,o ˙
∪Ti,uo,
and group languages Gion Σi=Sj=1,...,niΣij . Then R(Σij ) = Ti,R(Σij,o ) =
R(Σi,o) = Ti,o , and R(Σij,uo) = R(Σi,uo) = Ti,uo for all j∈ {1, ..., ni}. We
emphasize that the number niof generators (agents) in group iis not fixed but
may vary in time. We denote the alphabet of Giby Σi, i.e. Σi=∪ni
j=1Σij . We
require that Rpreserves local status of events in Σ; namely R(σ) is an event in
Tiif and only if σ∈Σi. Thus Ti:= {R(σ)|σ∈Σi}and T=Si=l
i=1 Ti. Similarly,
Pi|R:T∗→T∗
i, for i= 1,2, are projections to local relabeled event sets. The
relationships of R, projections Pi, and Pi|Rare shown in Fig. 2.
Now we make the following assumptions.
(A1) The specification language Eis prefix closed and only generated languages
are considered.
(A2) The specification language Eis (G, R)-normal, i.e. R−1R(E)∩L(G)⊆E.
Due to (A1) all component agents are then automatically nonblocking. Note
that blocking issue can be handled in a similar way as in hierarchical control
and has been solved for relabeling in [6] by adapting an observer property (OP)
in so called relabeled OP (ROP), but in this paper we focus on another ex-
tension of the framework in [10], namely to partial observations and maximal
permissiveness.
Given plant Gand specification E, the monolithic supervisor under partial
observation is computed based on supremal relatively observable sublanguages.
The whole plant Gis computed as synchronous product of all component agents:
G=||i=1,...,lGi,where Gi=||j=1,...,niGij.(2)
Recall that G=||i=1,...,lGi=Ti=1,...,l P−1
i(Gi) for Pi: Σ∗→Σ∗
i. Then
supremal relatively observable sublanguage is computed:
L(SUPo) = sup O(E∩L(G), L(G)).(3)
The supervisor SUPomust be recomputed or reconfigured in order to adapt
to the change of the number of agents (increases when more agents are added
into the system to enhance productivity or decreases when some agents mal-
function and are removed from the system). Therefore, in this paper we aim
to synthesize scalable supervisors under partial observation whose state size is
independent of the number of agents.
3.1 Scalable supervisory control with partial observation
In this subsection we design a scalable supervisor SSUPothat is independent
of the number niof agents for all i∈ {1, . . . , l}and satisfies {} ⊂ L(SSUPo)∩
L(G)⊆L(SUPo), while the opposite inclusion (maximal permissiveness) is
studied next.
Consider the plant Gas described in (2). Let Σ = Σo˙
∪Σuo) be the event
set of G, and R: Σ →Ta relabeling map. The procedure of designing a
scalable supervisor under partial observation is in steps (P1)-(P4), which first
synthesizes a supervisor for ‘relabeled system’ under Rand then inverse-relabel
the supervisor.
(P1) First compute the relabeled plant. Let ki∈ {1,2, . . . , ni}be the number of
agents in group iallowed to work in parallel, and compute the template Mi:=
R(||j=1,...,kiGij). Then compute the relabeled plant Mas the synchronous
product of the template generators Mi, i.e.
M:= ||i=1,...,lMi.(4)
The event set of Mis T=To˙
∪Tuo, where To=R(Σo), and Tuo =R(Σuo ).
Note that kishould be much smaller than ni(the number of agents in group i) for
computational efficiency, it is trade-off between expressiveness and complexity
. When ki= 1, we have Mi=Higiven by (1). Note that once kiare fixed, the
state sizes of Miand Mare fixed as well, and thus independent of the number ni
of agents in group i. Recall that ki>1 is desirable for allowing agents to work in
parallel as R(Gi1kGi2) can be strictly larger than R(Gi1)kR(Gi2) = HikHi=
Hi, which distinguishes relabeling (surjective mask) from natural projection.
(P2) Compute relabeled specification F:= R(E), where E⊆Σ∗is the specifica-
tion imposed on G.
(P3) Synthesize a relabeled supervisor under partial observation RSUPo(a non-
blocking generator) such that
L(RSUPo) = sup O(F, L(M)) ⊆T∗.
(P4) Inverse-relabel RSUPoto derive scalable supervisor SSUPo, i.e.
SSUPo:= R−1(RSUPo) (5)
Notice that the computations involved in the above procedure are indepen-
dent of the number ni(i∈ {1, ..., l}) of agents. In (P1), once kiare fixed, the
state sizes of Miand Mare fixed and independent of the number niof agents in
group i(although dependent on ki). In (P3), the number of states of RSUPois
independent of the number of agents as the state size of Mis so. Finally in (P4),
inverse-relabeling does not change the number of states. Therefore SSUPohas
the same number of states as RSUPo. It then follows that the state size of
SSUPois independent of the number of agents in plant G.
Arguably, with large numbers of agents kiin the templates Miand for a
large number lof modules (groups) it may be computationally challenging to
compute the global template M. In such a situation we propose to combine
the results of this paper with coordination control approach, see e.g. [8], which
consists in conditionally decomposing the template specification F, construct
the corresponding coordinator and compute local supervisors for local tem-
plates Micombined with the coordinator. More formally, instead of computing
sup CO(F, L(M)) we can first find a coordinator alphabet Σkcontaining at least
shared events Σs=∪i,i0=1,...,l, i6=i0Σi∩Σi0such that F=ki=1,...,lPi+k(F) is con-
ditionally decomposable with respect to “augmented” local alphabets Σi∪Σk,
where Pi+k: Σ∗→(Σi∪Σk)∗are the corresponding natural projection. Then
the underlying coordinator is Mk=ki=1,...,lPk(Mi), where Pk: Σ∗→Σ∗
kis
natural projection. Instead of computing supervisor for the whole template, i.e.
sup CO(F, L(M)), we can compute supervisors sup O(Pi+k(F), L(MikMk)). In
general we only have ki=1,...,l sup CO(Pi+k(F), L(MikMk)) ⊆sup CO(F, L(M)),
but under some conditions (e.g. mutual observability between coordinated tem-
plates or conditions used in hierarchical control with partial observation) the
equality holds.
Now we compare the designed scalable supervisor for multi-agent systems
with the monolithic one. We emphasize that unlike modular or hierarchical
control, where modular or abstracted safety supervisor is always included in
the monolithic one, the situation here is more complicated, because scalable
supervisor is computed with respect to the template and not with respect to
the relabeling of the plant R(L(G)), which would correspond to hierarchical
control with relabeling being an abstraction. This is because the relabeling
map does not distribute with the synchronous product. In multi-agent systems
we naturally use templates for control synthesis. Note that the inclusion
L(M) = kl
i=1L(Mi) = kl
i=1R(||j=1,...,kiGij)⊆R(L(G))
holds under the assumption that there are no shared events inside the group, and
allow to share events among templates. The above inclusion is typically strict
as the relabeling behaves differently than natural projection with respect to
the synchronous product. Hence, due to anti-monotonicity of supremal control
operators in the plant argument, the scalable supervisor computed with respect
to Mas a plant can be larger than the supervisor (computed using R(G).
Therefore the inclusion studied in the result below that establishes safety is also
non trivial.
Theorem 2 Suppose that (A1) and (A2) hold. If L(M)is relatively observable
with respect to R(E∩L(G)) and R(L(G)), then L(SSUPo)∩L(G)⊆L(SUPo).
Proof Since L(SUPo) = sup RO(E∩L(G), L(G)), it suffices to prove that
(i) L(SSUPo)∩L(G)⊆E∩L(G)and (ii) L(SSUPo)∩L(G)is relatively
observable with respect to E∩L(G)and L(G). For (i) we have
L(SSUPo)∩L(G) = R−1(L(RSUPo)) ∩L(G)
(by (P4))=R−1sup RO(R(E), L(M)) ∩L(G)⊆R−1R(E)∩L(G) = E∩L(G)
by assumption (A2).
For (ii), let sb ∈L(SSUPo)∩L(G),s0∈E∩L(G)⊆E∩L(G), and
s0b∈L(G). We need to show that s0b∈L(SSUPo)∩L(G). We have
sb ∈L(SSUPo)∩L(G) = R−1sup RO(R(E), L(M)) ∩L(G)thus R(sb)∈
sup RO(R(E), L(M)) ∩L(G). We also have R(s0)∈R(E), and R(s0b)∈
R(L(G)). Since R(E∩L(G)) ⊆R(E)and sup RO(R(E), L(M)) is relatively
observable with respect to R(E)and R(L(G)), we get that sup RO(R(E), L(M))
is relatively observable with respect to R(E∩L(G)) and L(M)[2]. By Lemma 1,
combining it with relative observability of L(M)with respect to R(E∩L(G))
and R(L(G)), it implies that sup RO(R(E), L(M)) is relatively observable with
respect to R(E∩L(G)) and R(L(G)). We have R(s0b)∈sup RO(R(E), L(M)).
Therefore, s0b∈R−1R(s0b)⊆R−1sup RO(R(E), L(M)) ∩L(G) = L(SSUPo)∩
L(G) = L(SSUPo)∩L(G), which proves (ii).
Note that in this paper we only discuss the observability problem, since the
controllability of the scalable supervisor has been well studied in [9]. Theorem 2
provides a sufficient condition under which the scalable supervisor is always
included in the monolithic one. This condition is L(M) is relatively observable
with respect to R(E∩L(G)) and R(L(G)). As shown above, this condition
is essential in proving relative observability of L(SSUPo)∩L(G) with respect
to E∩L(G) and L(G). However, the computation of Gis required in this
condition, which needs to be avoided. We will make an additional assumption
and give the following result.
(SEF) We assume that the event sets of systems inside each group are pair-
wise disjoint, i.e. for all i∈ {1, . . . , l}and j, j0∈ {1, . . . , kl}, Σij ∩Σij 0=∅.
Note that unlike [10] we allow shared events between templates.
Proposition 3 Let (SEF) hold. If for each group i∈ {1, . . . , l}and Gi1,Gi2∈
Gi,L(Hi)is relatively observable with respect to R(Pi(E)∩L(Gi1kGi2)) and
R(L(Gi1kGi2)), then L(M)is relatively observable with respect to R(E∩L(G)
and R(L(G)).
The proof of Proposition 3 is referred to Section 5. Proposition 3 indicates that
relative observability of L(M) with respect to R(E∩L(G)) and R(L(G)) can be
verified by checking relative observability of L(Hi) for each group with respect to
only two (arbitrarily chosen) component agents. Therefore, the computational
effort of checking the sufficient condition in Theorem 2 is low. We recall that
algorithms for checking relative observability and computing supremal relatively
observable sublanguages are proposed in [3] and [1]. An illustrative example is
given below.
Example 4 Consider a small factory consisting of n1input machines
G11,...,G1n1and n2output machines G21,...,G2n2, linked by a buffer in the
middle. The generators of the agents are shown in Fig. 3. Based on their
different roles, the machines are divided into 2 groups: G1={G11,...,G1n1}
and G2={G21,...,G2n2}. Let the relabeling map Rbe given by
R(1i0) = 10, R(1i1) = 11, R(1i2) = 12, R(1i3) = 13,
R(2j0) = 20, R(2j1) = 21, R(2j2) = 22, R(2j3) = 23
with template generators H1and H2respectively, where
Σ = Σo˙
∪Σuo ={1i0,1i1,1i3,2j0,2j1,2j3}˙
∪{1i2,2j2},i∈[1, n1], and j∈
[1, n2].
Since the event sets of agents in the same group are pairwise disjoint (Σ1∩
Σ2={1i0,1i1,1i2,1i3}∩{2i0,2i1,2i2,2i3}=∅), Assumptions (A1) and (SEF)
hold for this example. The specification is to avoid underflow and overflow
of buffer with two capacities, which is enforced by a generator Eand shown
in Fig. 4 (lower part). It can be verified that E=R−1R(E), we thus have
Assumption (A2) holds. Now we design templates for each group. Let k1=
2, k2= 1. The templates are L(M1) := L(R(G11kG12)) (for the input group)
and L(M2) := L(R(G21)) (for the output group). Note that in this example we
have L(M1) = R(L(G11kG12))) is different from L(H1) = R(L(G11)), while
L(M2) = L(H2).
Now we need to check the sufficient condition of Theorem 2; namely, L(M)
is relatively observable with respect to R(E∩L(G)) and R(L(G)). If this con-
dition holds, then we can employ procedure (P1)-(P4) proposed in Section 3.1
to compute the scalable supervisor. By Proposition 3, we need to check if for
i= 1,2,L(Hi)is relatively observable with respect to R(Pi(E)∩L(Gi1kGi2))
and R(L(Gi1kGi2)). We compute supCO(R(Pi(E)∩L(Gi1kGi2)),L(Hi)and
get that L(Hi)is relatively observable with respect to R(Pi(E)∩L(Gi1kGi2))
and R(L(Gi1kGi2)). We also get that R(Pi(E))∩R(L(Gi1kGi2)) = R(Pi(E)) ∩
R(L(Gi1kGi2)). Hence by Proposition 3, we have that L(M)is relatively ob-
servable with respect to R(E∩L(G)) and R(L(G)). Therefore the sufficient
condition of Theorem 2 is satisfied.
In procedure (P1)-(P4), we design a scalable supervisor SSUPo, displayed in
Fig. 5. It can be verified that the scalable supervisor is included in the supremal
monolithic one, i.e. L(SSUPo)∩L(G)⊆L(SUPo).
4 Maximal permissiveness of the scalable super-
visor
In the last section, we provid the conditions that the obtained relatively ob-
servable sublanguage is a sublanguage of the supremal relatively observable
sublanguage, i.e. L(SSUPo)∩L(G)⊆L(SUPo). In this suction, we will pro-
pose conditions for the opposite inclusion, i.e. the maximal permissiveness of
the scalable supervisor. To give our main result, the following conditions are
needed.
ij1
ij0
Hi(i= 1,2)
ij2
ij3
i1
i0
i2
i3
G11
BUFFER
111
110
G1n1
1n11
1n10
G1j(j= [1, n1])
G2j(j= [1, n2])
ij1
ij0
ij2
ij3
G21
G2n2
211
2n21
210
2n20
Figure 3: Small factory: system configuration and component agents. Events
1j1 (j∈[1, . . . , n1]) and 1j2 (j∈[1, . . . , n2]) mean that machine Gijstarts to
work by taking in a workpiece; events 1j0 and 2j0 mean that Gijfinishes work
and outputs a workpiece; events 1j2 and 2j2 mean that Gijis broken down;
events 1j3 and 2j3 mean that Gijis repaired. Convention: the initial state of a
generator is labeled by a circle with an entering arrow. The same notation will
be used in subsequent figures.
110,...,1n10
211,...,2n21
110,...,1n10
211,...,2n21
E(= R−1R(E))
*
∗= 1i1,1i2, , 1i3,2j0,2j1,2j3i∈[1, n1]; j∈[1, n2]
*
*
Figure 4: Small factory: templates and specification generator
0
1
2
5
8
13
18
9
28
24
17
15
22
27
21
3
23
19
26
10
14
16
25
29
7
12
20
4
6
11
a
b
e
h
d
e
h
c
b
d
b
e
h
d
f
a
c
h
e
d
b
h
e
e
h
h
e
a
d
b
g
h
e
b
c
h
e
f
h
f
e
c
g
a
d
a
b
d
h
e
d
g
b
d
g
b
a
g
c
b
c
d
b
g
c
a
d
b
c
g
a
b
d
a
c
g
g
a
c
g
c
a
a= 110,...,1n10
b= 111,...,1n11
c= 112,...,1n12
d= 113,...,1n13
e= 210,...,2n20
f= 211,...,2n21
g= 212,...,2n22
h= 213,...,2n23
Figure 5: Small factory: SSUPo
∀s∈LP(s) = P(s0)∃s0∈L
Rs PR(Rs) = PR(t0)∀t0∈RL
P P
R
PRPR
Figure 6: Illustration of ROC condition
Definition 5 ( Relabeling observational consistency) A relabeling map R
is said to be Relabeling observation consistent (ROC) with respect to plant lan-
guage L=L(G)⊆Σ∗and natural projection Pif for all strings s∈Land
t0∈R(L)such that PR(R(s)) = PR(t0), there exists a string s0∈Lsuch that
R(s0) = t0and P(s) = P(s0).
As we can see from figure 6, ROC condition of a language requires that for every
string sin the language and every string t0in the relabeling of this language
that looks the same as the relabeling of s, there exists another string s0in the
language that looks the same as sand its relabeling equals t0. We will see in
section 5 that ROC always holds if there are no shared events between different
agents in the same group.
Definition 6 (Local relabeling observer consistency) A relabeling map R
is said to be Locally relabeling observation consistent (LROC) with respect to
plant language L=L(G)⊆Σ∗and natural projection Pif for all strings
s, s0∈Lwith P(s) = P(s0)and unobservable events b, b0∈Σuo such that
R(b) = R(b0)we have
(sb ∈L∧s0b0∈L)⇒s0b∈L.
The following result formulates sufficient conditions for maximal permissive-
ness of the scalable supervisor.
Theorem 7 Let L=L(G)be ROC and LROC with respect to relabeling map
Rand natural projection Pand let specification E⊆Σ∗be prefix-closed and
(G, R)-normal and let L(M)⊆RL(G). Then L(SUPo)⊆L(SSUPo)∩L(G)
Proof We need to show that
sup RO(E∩L(G), L(G)) ⊆R−1sup RO(R(E), L(M)) ∩L(G).
Since by definition sup RO(E∩L(G), L(G)) ⊆E∩L(G), it suffices to show
that R(sup RO(E∩L(G), L(G))) ⊆sup RO(R(E), L(M)). Note that due to
the assumption L(M)⊆RL(G)every language N⊆T∗that is relatively
observable wrt R(E)and RL(G)is also relatively observable wrt R(E)and
L(M)). Therefore, sup RO(R(E), RL(G)) ⊆sup RO(R(E), L(M)), a standard
antimonotonicity property of supremal sublanguages of supervisory control in
the plant argument. Thus, we only need to show R(sup RO(E∩L(G), L(G))) ⊆
sup RO(R(E), RL(G)). The latter inclusion then amounts to show that
(i) R(sup RO(E∩L(G), L(G))) ⊆R(E), which is obvious, and
(ii) R(sup RO(E∩L(G), L(G))) is relatively observable wrt R(E)and RL(G).
To show (ii), let t, t0∈T∗be such that PR(t) = PR(t0), and let a∈Tbe such
that ta ∈Rsup RO(E∩L(G), L(G)),t0∈R(E), and t0a∈RL(G). We have to
show that t0a∈R(sup RO(E∩L(G), L(G))).
From ta ∈R(sup RO(E∩L(G), L(G))) we have that there exists
sb ∈sup RO(E∩L(G), L(G)) such that R(sb) = ta. Since t0a∈RL(G)and
PR(R(sb)) = PR(t0a), ROC (applied to sb playing the role of sand t0aplaying
the role of t0) implies that there is a v0∈L(G)such that R(v0) = t0aand P(v0) =
P(sb). Then v0=s0b0for some s0∈L(G)and b0∈Σsuch that R(b0) = aand
P(b0) = P(b). This means that if b0∈Σothen b0=b. Note that R(s0) = t0∈
R(E), i.e. by normality assumption (A2) we have s0∈R−1R(E)∩L(G) = E.
Hence, in case b=b0∈Σow have that sb ∈sup RO(E∩L(G), L(G)),s0∈
E∩L(G),s0b∈L(G)), and P(s0) = P(s). Thus, from relative observability of
sb ∈sup RO(E∩L(G), L(G)) with respect to E∩L(G)and L(G)we obtain s0b∈
sup RO(E∩L(G), L(G)), whence t0a=R(s0b)∈R(sup RO(E∩L(G), L(G))).
Now, if both b, b0∈Σuo are unobservable, then we have s, s0∈L(G)∧P(s0) =
P(s)∧sb ∈L(G)∧s0b0∈L(G)∧R(b) = R(b0). From LROC we get s0b∈L(G)
as well. Thus, we can continue in the same way as with b, b0both observable.
Note that the condition L(M)⊆RL(G) in Theorem 7 always holds under
the assumption (SEF), which is shown by the following lemmas.
Lemma 8 Let (SEF) hold. For any string s∈Σ∗
i, natural projections Pi:
Σ∗→Σ∗
i,PR,i :T∗→T∗
i, and the relabeling map R: Σ∗→T∗, we have
RP −1
i(s) = P−1
R,i R(s).
Proof By induction, intuitively RP −1
i() = P−1
R,i R() = . Suppose that RP −1
i(s) =
P−1
R,i R(s)holds. Then for any σ∈Σi, we need to show RP −1
i(sσ) = P−1
R,i R(sσ).
Since RP −1
i(sσ) = R(P−1
i(s)P−1
i(σ)) = RP −1
i(s)RP −1
i(σ)and P−1
R,i R(sσ) =
P−1
R,i (R(s)R(σ)) = P−1
R,i R(s)P−1
R,i R(σ). By recalling RP −1
i(s) = P−1
R,i R(s), we
only need to show RP −1
i(σ) = P−1
R,i R(σ). Since Pi: Σ∗→Σ∗
iand σ∈Σi, we
have that RP −1
i(σ) = R((Σ \Σi)∗σ(Σ \Σi)∗) = (T\Ti)∗R(σ)(T\Ti)∗. Sim-
ilarly, PR,i :T∗→T∗
i, so we get P−1
R,i R(σ) = (T\Ti)∗R(σ)(T\Ti)∗. Thus,
RP −1
i(s) = P−1
R,i R(s).
Lemma 9 L(M)⊆RL(G)always holds under the assumption (SEF).
Proof For any string t∈L(M)⊆T∗we need to show t∈RL(G). By
t∈L(M) = kl
i=1L(Mi) = Tl
i=1 P−1
R,i (L(Mi)), we have PR,i (t)∈L(Mi) =
R(kki
j=1L(Gij )). Then there exist strings si∈Σ∗
isuch that si∈ kki
j=1L(Gij )and
PR,i(t) = R(si). Then we get that kl
i=1si∈ kl
i=1kki
j=1L(Gij ). Since kl
i=1si=
Tl
i=1 P−1
i(si), we obtain Tl
i=1 P−1
i(si)∈ kl
i=1kki
j=1L(Gij ). We apply Ron
both sides, so we get that R(Tl
i=1 P−1
i(si)) ∈R(kl
i=1kki
j=1L(Gij )). It follows
by lemma 8 that
R(
l
\
i=1
P−1
i(si)) =
l
\
i=1
R(P−1
i(si)) =
l
\
i=1
P−1
R,i R(si)∈R(kl
i=1kki
j=1L(Gij )).
We know that Tl
i=1 P−1
R,i R(si) = kl
i=1R(si) = kl
i=1PR,i (t)⊇tby R(si) = PR,i(t).
We recall that R(kl
i=1kki
j=1L(Gij )) ⊆R(kl
i=1kni
j=1L(Gij )) = R(L(G)) always
holds under assumption (SEF). We thus get that s∈R(L(G)). Therefore,
L(M)⊆RL(G)is proved under the assumption (SEF).
4.1 observability between the template level and the orig-
inal system level
For scalability reasons the controller synthesis should be done only at the tem-
plate level, in this subsection we will study the preservation of the property that
is essential for computing supervisors under partial observation, i.e. observabil-
ity between the template level and the original system level. Before giving
our result, we need the following Lemma known as transitivity of observability,
which will be used to proof our main result (Theorem 11).
Lemma 10 Suppose K⊆N⊆L=L(G)⊆Σ∗. If Kis observable with respect
to Nand Nis observable with respect to L, then Kis observable with respect
to L.
Proof Let s, s0∈K,P(s) = P(s0),b∈Σ,sb ∈K, and s0b∈L. We need to
show that s0b∈K. Since K⊆N, i.e. K⊆Nas well, we have s, s0∈N. It
now follows form the observability of Nwith respect to Lthat s0b∈N. Finally,
it is obtained from the observability of Kwith respect to Nthat s0b∈K, which
shows that Kis observable with respect to L.
Now the result about preserving observability is ready to be stated. We assume
that the specification Eand the plant L(G) are non conflicting, i.e. E∩L(G) =
E∩L(G).
Theorem 11 Let Lbe a generator language over an event set Σwith relabeling
R(L)over an event set Tand let E⊆Σ∗be a (G, R)-normal specification and
L(M)is observable with respect to R(L(G)) and PR. If R(E)is observable with
respect to L(M)and PR, then E∩L(G)is observable with respect to L(G)and
P.
Proof Let R(E)be observable with respect to L(M)and PR. It will be shown
that E∩L(G)is observable with respect to L(G)and P. Assume that s, s0∈
E∩L(G), for some b∈Σ, such that sb ∈E∩L(G),s0b∈L(G), and P(s) =
P(s0). We have to show that s0b∈E∩L(G). We have then R(s), R(s0)∈
R(E∩L(G)) = R(E∩L(G)) ⊆R(E),R(P(s)) = R(P(s0)). Let us denote
R(b) = a∈T, then R(s)a∈R(E∩L(G)) ⊆R(E)and R(s0)a∈R(L(G)).
Since Rpreserves observability status of events in Σ, we have PR(R(s)) =
PR(R(s0)).
From Lemma 10 it follows that R(E)is observable with respect to R(L(G))
and PR. Using this observability we conclude that R(s0)a∈R(E). It implies
that s0b∈R−1R(s0)a⊆R−1R(E) = R−1R(E). We thus have s0b∈R−1R(E)∩
L(G) = R−1R(E)∩L(G) = E∩L(G)by (G, R)-normality of Eassumption.
Now the observability of Ewith respect to L(G)is proved.
5 Efficient Verification of Sufficient Conditions
in Theorem 2 and Theorem 7
. In this section we use assumption(SEF), i.e. shared events between different
agents in the same group are excluded. We first address the verification of the
sufficient condition used in Theorem 2. As shown in section 3.1, this condition
requires computation of Gwhich is dependent on the number of agents. Thus
Proposition 3 is proposed to avoid computing G. To prove Proposition 3 we
need the following lemmas and propositions.
Lemma 12 For each group i∈ {1, . . . , l}and arbitrary Gi1,Gi2,∈ Gi, if L(Hi)
is relatively observable with respect to R(Pi(E)∩L(Gi1kGi2)) and
R(L(Gi1kGi2)), then L(Hi)is relatively observable with respect to R(Pi(E)∩
L(Gi1kGi2kGi3)) and R(L(Gi1kGi2)).
Proof It follows directly from definition of relative observability.
In some proof below, we employ the same state transition structure of iso-
morphic generators to find a new string t0that has a similar property with t,
but with one less agent. For all agents in the same group we have the following
”go down” property, an illustration is below the remark.
Remark 13 Consider arbitrary `agents Gi1,Gi2,...,Gi`∈ Gi. If we have a
string t∈R(L(k`
j=1Gij)) and t /∈R(L(k`−1
j=1Gij)) for `∈ {1, . . . , ni}, then there
exists a string s∈Σ∗such that s∈L(k`
j=1Gij)and for all ˜swith R(˜s) = t
including sitself we have ˜s /∈L(k`−1
j=1Gij). Let s0=Pi`(s)for Pi` : Σ∗
i→
(Σi\Σi`)∗. We thus have s0∈L(kj=`−1
j=1 Gij)and s0/∈L(kj=`−2
j=1 Gij). The latter
is obtained from that if s0∈L(k`−2
j=1Gij), then we have s∈L(k`−1
j=1Gij)which
is conflict with t /∈R(L(k`−1
j=1Gij)). Then we denote a string t0∈T∗
isuch that
R(s0) = t0. It implies that t0∈R(L(k`−1
j=1Gij)) and t0/∈R(L(k`−2
j=1Gij)). If
there exist strings s00 with R(s00) = t0such that s00 ∈L(k`−2
j=1Gij), which implies
that t0∈R(L(kj=`−2
j=1 Gij)). Then from s0/∈L(k`−2
j=1Gij)we see that s00 6=s0=
Pi`(s). Therefore, for s0=Pi`(s)we have R(s0) = t0∈R(L(k`−1
j=1Gij)) and
t0/∈R(L(k`−2
j=1Gij)).
For the small factory example in Fig. 3. If we take t= 11.10.11.10.11.10 =
R(111.110.121.120.131.130), then we have t∈R(L(Gi1kGi2kGi3)),
t /∈R(L(Gi1kGi2)), and string s= 111.110.121.120.131.130 with R(s) = t. Let
s0=Pi3(s) = 111.110.121.120. Then we have t0=R(s0) = R(111.110.121.120) =
11.10.11.10 for Pi3: Σ∗
i→(Σi\Σi3)∗. It can be verified that t0∈R(L(Gi1kGi2))
and t0/∈R(L(Gi1)). Now we proceed in a similar way with increasing the plant
component.
Lemma 14 For each group i∈ {1, . . . , l}and Gi1,Gi2,Gi3∈ Gi, if L(Hi)
is relatively observable with respect to R(Pi(E)∩L(Gi)) and R(L(Gi1kGi2))
for Pi: Σ∗→Σ∗
i, then R(L(Gi1kGi2)) is relatively observable with respect to
R(Pi(E)∩L(Gi)) and R(L(Gi1kGi2kGi3)).
The following claim is needed.
Proposition 15 For each group i∈ {1, . . . , l}and Gi1,Gi2∈ Gi, if L(Hi)is
relatively observable with respect to R(Pi(E)∩L(Gi)) and R(L(Gi1kGi2)) for
Pi: Σ∗→Σ∗
i, then L(Mi)is relatively observable with respect to R(Pi(E)∩
L(Gi)) and L(Gi).
Proof Extending Lemma 14 inductively, it is derived that if L(Hi)(i∈ {1, . . . , l})
is relatively observable with respect to R(Pi(E)∩L(Gi)) and R(L(Gi1kGi2)),
then L(Mi)is relatively observable with respect to R(Pi(E)∩L(Gi)) and
R(L(||j∈{1,...,ki+1}Gij)). Again by applying the transitivity lemma (Lemma 1)
inductively, we have L(Mi)is relatively observable with respect to R(Pi(E)∩
L(Gi)) and L(Gi).
Now we are ready to prove Proposition 3.
Proof Let t, t0∈T∗,a∈T,ta ∈L(M),PR(t) = PR(t0),t0∈R(Pi(E)∩L(G)),
and t0a∈R(L(G)). We will show that t0a∈L(M). From ta ∈L(M)we derive
ta ∈L(M) = L(||i=1,...,lMi) = \
i=1,...,l
P−1
i|RL(Mi),
where Pi|R:T∗→T∗
i.We thus get that Pi|R(ta)∈L(Mi). Since t0∈R(E∩
L(G)), there exists a string s0∈Σ∗such that s0∈E∩L(G)and R(s0) = t0. By
L(G) = L(||i=1,...,lGi) = Ti=1,...,l P−1
i(L(Gi)) with Pi: Σ∗→Σ∗
i, we have
s0∈E∩\
i=1,...,l
P−1
i(L(Gi)) ⊆E∩P−1
i(L(Gi)).
Then we get that Pi(s0)∈Pi(E)∩L(Gi)which implies that R(Pi(s0)) = Pi|R(R(s0)) =
Pi|R(t0)∈R(Pi(E)∩L(Gi)). Recall that t0a∈R(L(G)), then there exists an
event b0∈Σsuch that R(b0) = aand
s0b0∈ kl
i=1L(Gi) =
l
\
i=1
P−1
i(L(Gi)).
We have s0b0∈P−1
i(L(Gi)), i.e. Pi(s0b0)∈L(Gi). Then R(Pi(s0b0)) =
Pi|R(R(s0b0)) = Pi|R(t0a)∈R(L(Gi)). It follows form PR(t) = PR(t0)that
PR(Pi|R(t)) = PR(Pi|R(t0)). By Proposition 15 it directly follows that if L(Hi)
(i∈ {1, . . . , l}) is relatively observable with respect to R(Pi(E)∩L(Gi1kGi2))
and R(L(Gi1kGi2)), then L(Mi)is relatively observable with respect to
R(Pi(E)∩L(Gi)) and R(L(Gi)). Therefore, Pi|R(t0a)∈L(Mi), i.e. t0a∈
P−1
i|RL((Mi)). It is derived that t0a∈ ||l
i=1L(Mi) = L(M).
Next we will show that the conditions in Theorem 7 can be checked with
low computation effort.
Under shared event free (SEF) assumption between different agents in the
same group relabeled observation consistency (ROC) condition in Theorem 7
always holds true. We need the following lemma that is used in the proof of
Proposition . It is technical and states that it is possible to replace a string s0
by a similar string w0with the same projection as a given string s.
Lemma 16 Consider Ggiven in (2). Consider strings s= ˜sσb ∈L(G)and
s0= ˜s0σ0b0∈L(G)with σ, σ0∈Σ∗
uo such that P(˜s) = P(˜s0)and R(b) = R(b0)
Then there exists a string w0∈L(G)such that P(w0) = P(s)and R(w0) =
R(s0).
Proof First of all, from R(b) = R(b0)it follows that b, b0are either both ob-
servable or both unobservable. Since P(s) = P(˜sσb) = P(˜s)P(b)and P(s0) =
P(˜s0σ0b0) = P(˜s0)P(b0), we have that b, b0∈Σuo implies P(s) = P(s0). Then we
can take w0=s0. Similarly, if b, b0∈Σoand b=b0we also get P(s) = P(s0).
Assume that b6=b0and b, b0∈Σo. Then P(s)6=P(s0).
Let ˜s0=α1β1α2β2, . . . , αnβnfor α1, . . . , αn∈Σuo and β1, . . . , βn∈Σo. Now
we consider a set
W={w∈R−1R(α1)β1R−1R(α2)β2, . . . , R−1R(αn)βn}.
By similar structure of agents in groups we have from s0= ˜s0σ0b0∈L(G)that
W R−1R(σ0)b∩L(G)6=∅. Thus, there exists a string w0∈WR −1R(σ0)b∩L(G),
i.e. w0= ˜w0˜σ0b∈L(G)with ˜w0∈W. We then have: P( ˜w0) = P(˜s0) =
β1β2, . . . , βnand R( ˜w0) = R(˜s0) = R(α1)R(β1)R(α2)R(β2), . . . , R(αn)R(βn).
Note that ˜σ0∈Σ∗
uo, because ˜σ0∈R−1R(σ0). Hence, we have P(w0) = P(s)and
due to R(b) = R(b0)we also have R(w0) = R(s0).
Now we are ready to state the result concerning ROC.
Proposition 17 Consider Ggiven in (2). Under (SEF) assumption ROC con-
dition always holds.
Proof The proof goes by structural induction with respect to the observable
string PR(Rs) = PR(t0)∈T∗
o, where s∈L(G) = Land t0∈R(L). The base
step is proven below. If PR(Rs) = PR(t0) = εthen we need to show that there
exists a string s0∈Lsuch that R(s0) = t0and P(s) = P(s0). Since R(Σo) = To
we have from t0=R(s0)that s0∈Σ∗
uo. Similarly, from PR(Rs) = ε, i.e.
Rs ∈T∗
uo we have that s∈Σ∗
uo, i.e. we always have that P(s) = P(s0). Thus, it
suffices to take any string s0∈Lsuch that t0=R(s0)that exists from t0∈R(L).
The induction hypothesis consists in assuming that the ROC condition holds
for all ˜s∈Land ˜
t0∈R(L)such that PR(R(˜s)) = PR(t0) = w∈T∗
o. In
the induction step we will show that ROC condition also holds for s∈Land
t0∈R(L)with PR(Rs) = PR(t0) = wa ∈T∗
o, namely that there exists a string
s0∈Lsuch that R(s0) = t0and P(s) = P(s0).
Note that every t0∈R(L)with PR(t0) = wa is of the form t0=˜
t0τ0afor some
˜
t0∈R(L)with PR(˜
t0) = wand τ0∈T∗
uo. Similarly, by denoting t=Rs, we
have t∈R(L)with PR(t) = wa, i.e. tis of the form t=˜
tτa for some ˜
t∈R(L)
with PR(˜
t) = wand τ∈T∗
uo. Therefore, scan be decomposed as s= ˜sσb, where
R(˜s) = ˜
t,R(σ) = τ, and R(b) = a. We recall that PR(˜
t0) = w=PR(R(˜s)).
Therefore, from the induction hypothesis we know that there exists a string ˜s0∈
Lsuch that R(˜s0) = ˜
t0, and P(˜s) = P(˜s0).
We will first show existence of a string s0∈Lsuch that R(s0) = t0and
P(s) = P(s0). We will search s0of the form s0∈˜s0R−1(τ0)R−1(a)so that
R(s0) = t0holds. At the end of the proof we will replace string s0by w0based on
Lemma 16.
We will show that there exists an event b0∈Σoand a string σ0∈Σ∗
uo such
that for s0= ˜s0σ0b0we have R(s0) = t0and P(s) = P(s0).
From R(˜s) = ˜
tand R(˜s0) = ˜
t0with PR(˜
t) = PR(˜
t0)we obtain that R(PR(˜s)) =
PR(R(˜s)) = PR(R(˜s0)) = R(PR(˜s0)).
Let us consider a candidate string s0= ˜s0σ0b0∈Lwith R(s0) = t0=˜
t0τ0a.
We will show that if P(s0)6=P(s)then there exists a w0∈Σ∗with R(w0) =
R(s0)and P(s) = P(w0). Since R(s) = tand R(s0) = t0, we must have that
R(σb) = τ a and R(σ0b0) = τ0a. Since P(˜s) = P(˜s0), we must have P(b0) =
P(σ0b0)6=P(σb) = P(b).Therefore, P(b)6=P(b0). By Lemma 16 from R(b) =
R(b0)we obtain that by replacing s0with w0, i.e. by taking w0= ˜s0˜σ0bwith
P( ˜w0) = P(˜s0)and R( ˜w0˜σ0) = R(˜s0σ0) = t0we have w0∈Lwith P(w0) = P(s)
and R(w0) = R(s0) = t0. We then choose this w0as the new s0that satisfies the
conditions.
Finally, we will show how to efficiently check LROC condition in Theorem 7.
We notice that due to R(b0) = R(b) we necessarily have that band b0belong
to the same group of isomorphic agents, say b, b0∈Σi=Sj=ni
j=1 Σij . If band b0
belong to the same agent then b=b0, in which case LROC is trivially satisfied.
Let us assume b∈Σij and b0∈Σij0for some j6=j0. Let s, s0∈Lwith P(s) =
P(s0) and b, b0∈Σuo such that R(b) = R(b0) then sb ∈Lmeans Pij(s)b∈Lij
and s0b0∈Lmeans Pij0(s0)b0∈Lij0Verification of LROC condition then consists
in checking s0b∈L, i.e. Pij(s0)b∈Lij . This suggests that LROC condition is
similar to observability. Indeed, observability of P−1
ij Lij and P−1
ij0Lij0means
that for all s, s0∈P−1
ij (Lij ) such that P(s) = P(s0), sa ∈P−1
ij (Lij ) and s0a∈
P−1
ij0(Lij0) observability means that s0a∈P−1
ij (Lij ).
Note that s, s0∈Limply that in particular s, s0∈P−1
ij (Lij ). Pij (s)b∈Lij
mean that sb ∈P−1
ij (Lij ), because Pij (sb) = Pij (s)b∈Lij . Similarly, s0b0∈
L, i.e. Pij 0(s0)b0∈Lij0implies that s0b0∈P−1
ij0(Lij0), because Pij 0(s0b0) =
Pij0(s0)b0∈Lij0. Finally, checking LROC consists in checking if Pij (s0)b∈Lij ,
which is equivalent to s0b∈P−1
ij (Lij ) using the same argument (namely Pij(b) =
b∈Σij ).
It follows from the above analysis that LROC can be checked in the same way
as observability of P−1
ij Lij with respect to P−1
ij0Lij0, where string sis extended
by b, but we allow instead of the same bthe event s0to be extended by a
different event b0with the same relabeling. Moreover, LROC can be viewed
as relabeling counterpart of a similar condition from hierarchical supervisory
control with partial observations, called local observational consistency (LOC),
that was shown checkable in [7].
6 Conclusion
We have studied multi-agent DES with partial observation, where the agents
can be divided into several groups, and within each group the agents have simi-
lar state transition structures and can be relabeled into the same template. We
have designed a scalable supervisor under partial observation whose state size
and computational cost are independent of the number of agents. We have com-
pared permissiveness of the scalable supervisor with the monolithic supervisor,
and have proposed sufficient conditions, which guarantee that our scalable least
restrictive supervisor is not more restrictive than the monolithic one. More-
over, we have proved that all sufficient conditions proposed in this paper can
be verified with low computational effort. In a future work we will integrate
these partial observation results with already existing results on complete ob-
servations and on nonblockingness. Note that this paper is based on relabeling
based abstraction of modular (multi-agent) DES and relabeling is a special case
of mask type abstraction as well as natural projection is another special case
of abstraction. By integrating the results we can obtain results for hierarchical
control under general, mask based, abstraction that can both rename and delete
events.
References
[1] M. Alves, L. Carvalho, and J. Basilio. New algorithms for verification of rela-
tive observability and computation of supremal relatively observable sublan-
guage. IEEE Transactions on Automatic Control, 62(11):5902–5908, 2017.
[2] K. Cai, R. Zhang, and W. M. Wonham. Relative observability of discrete-
event systems and its supremal sublanguages. IEEE Transactions on Auto-
matic Control, 60(3):659–670, 2015.
[3] K. Cai, R. Zhang, and W. M. Wonham. Characterizations and effective
computation of supremal relatively observable sublanguages. Discrete Event
Dynamic Systems, 43:269–287, 2018.
[4] C. Cassandras and S. Lafortune. Introduction to discrete event systems.
Springer, 2008.
[5] T. Jiao, Y. Gan, G. Xiao, and W. M. Wonham. Exploiting symmetry of
state tree structures for discrete-event systems with parallel components.
International Journal of Control, 90(8):1639–1651, 2017.
[6] T. Jiao, Y. Gan, G. Xiao, and W. M. Wonham. Exploiting symmetry of
discrete-event systems by relabeling and reconfiguration. IEEE Transactions
on Systems, Man, and Cybernetics: Systems, 50(6):2056–2067, 2020.
[7] J. Komenda and T. Masopust. Conditions for hierarchical supervisory con-
trol under partial observation. In 15th International Workshop on Discrete
Event Systems (WODES), pages 75–82, 2020.
[8] J. Komenda, T. Masopust, and J. H. van Schuppen. Coordination control of
discrete-event systems revisited. Discrete Event Dynamic Systems, 25:65–94,
2015.
[9] Y. Liu, K. Cai, and Z. Li. On scalable supervisory control of multi-agent
discrete-event systems. In Workshop on Discrete-Event System, pages 25–30,
Italy, 2018.
[10] Yingying Liu, Kai Cai, and Zhiwu Li. On scalable supervisory control of
multi-agent discrete-event systems. Automatica, 108, 2019.
[11] K. Rohloff and S. Lafortune. The verification and control of interacting
similar discrete-event systems. SIAM Journal on Control and Optimization,
45(2):634–667, 2006.
[12] R. Su. Discrete-event modeling of multi-agent systems with broadcasting-
based parallel composition. Automatica, 49(11):3502–3506, 2013.
[13] R. Su and B. Lennartsson. Control protocol synthesis for multi-agent sys-
tems with similar actions instantiated from agent and requirement tem-
plates. Automatica, 79:244–255, 2017.
[14] W. M. Wonham and K. Cai. Supervisory control of discrete-event systems.
Springer, 2019.
