Formal Approach to Control Design of Complex and Dynamical Systems

Available online at www.sciencedirect.com

ScienceDirect

This space is reserved for the Procedia header, do not use it Procedia Computer Science 108C (2017) 2512–2516 This space is reserved for the Procedia header, do not use it This space is reserved for the Procedia header, do not use it

International Conference on Computational Science, ICCS 2017, 12-14 June 2017, Zurich, Switzerland

Formal Approach to Control Design of Complex and Formal Approach to Control Design of Complex and Formal ApproachDynamical to ControlSystems Design of Complex and Dynamical Systems 1,2 1 Hela Kadri , Samir Ben Ahmed ,Systems and Simon Collart-Dutilleul2 Dynamical 1,2 1 2 Hela Kadri ,1 Samir Ben Ahmed , and Simon Collart-Dutilleul 1,2 University of Tunis El 1Manar, Tunis, Tunisia Hela Kadri ,1 Samir Ben Ahmed , and Simon Collart-Dutilleul2 [email protected], University of Tunis [email protected], El Manar, Tunis, Tunisia 2 2 2

IFSTTAR/ESTAS, [email protected], Lille nord de France, Lille, France [email protected], 1 University of Tunis El Manar, Tunis, Tunisia [email protected] IFSTTAR/ESTAS, Universit Lille nord de France, Lille, France [email protected], [email protected], [email protected] IFSTTAR/ESTAS, Universit Lille nord de France, Lille, France [email protected]

Abstract In this paper, we tackle the design of complex discrete event systems whose structures change Abstract as they are developed in the different modes. Based onsystems the Supervisory Control Theory In this paper, we tackle designoperating of complex discrete event whose structures change Abstract (SCT), we propose a formal hierarchical approach for controlling the design ofControl these systems as they are developed in different operating modes. Based on the Supervisory Theory In this paper, we tackle the design of complex discrete event systems whose structures change by usingwe a multi-model approach; it involves representing complexthe systems athese set ofsystems simple (SCT), a formal hierarchical approach controlling designbyofControl as they are propose developed in different operating modes. for Based on the Supervisory Theory models, each of which describing theitsystem in arepresenting given operating mode. The resulting framework by using a multi-model approach; involves complex systems by a set of simple (SCT), we propose a formal hierarchical approach for controlling the design of these systems allows resolving problems of reconfigurations and managing of common components to multiple models, each of which describing the system in a given operating mode. The resulting framework by using a multi-model approach; it involves representing complex systems by a set of simple operating modes;problems and it isofdesigned by using the managing Colored Petri Nets (CP-Nets) formalism. allows reconfigurations of common components multiple models,resolving each of which describing the system inand a given operating mode. The resulting to framework operating modes; and it is designed by using the Colored Petri Nets (CP-Nets) formalism. Keywords: Petri nets, Discrete-event systems, Operating modes,ofControl design, Reconfiguration, Suallows resolving problems of reconfigurations and managing common components to multiple

© 2017 The Authors. Published by Elsevier B.V. pervisory control theory operating modes; andDiscrete-event it isofdesigned by committee using theofColored Petri Nets (CP-Nets) formalism. Peer-review under the scientific the International Conference onReconfiguration, Computational Science Keywords: Petriresponsibility nets, systems, Operating modes, Control design, Supervisory control theory Keywords: Petri nets, Discrete-event systems, Operating modes, Control design, Reconfiguration, Supervisory control theory

1 Introduction 1 Introduction The evolution of computer technology has led to the proliferation of new dynamic systems 1 Introduction which are highly computerhas science, manufacturing comThe evolution of complex. computerThe technology led toautomated the proliferation of new systems dynamicand systems munication systems are some examples. All activities in these manufacturing systems are duesystems to asynchronous which are highly computerhas science, comThe evolution of complex. computerThe technology led toautomated the proliferation of new dynamicand systems occurrences of discrete events. This feature lends itself to the term discrete event system (DES). munication systems are some examples. All activities in these systems are due to asynchronous which are highly complex. The computer science, automated manufacturing systems and comThe evolvingofcomplexity of DES hasfeature raisedlends the need formal methods to ensure safe (DES). operaoccurrences discrete This itselffor tothese the term discrete event munication systems areevents. some examples. All activities in systems are due tosystem asynchronous tion evolving without extensive useof ofDES validation andthe verification. Initiated by Ramadge andsafe Wonham The complexity has raised need for formal methods to ensure operaoccurrences of discrete events. This feature lends itself to the term discrete event system (DES). [1], the supervisory control theory (SCT)and is among the solutions; itby is Ramadge the theoryand of analysing tion without extensive use of validation verification. Initiated Wonham The evolving complexity of DES has raised the need for formal methods to ensure safe operadiscrete-event control systems and (SCT) it guarantees that closed loop behavior meet the [1], supervisory control theory is among thethe solutions; is Ramadge the theorywill of analysing tionthe without extensive use of validation and verification. Initiateditby and Wonham prescribed specifications. discrete-event control systems and it guarantees that the closed loop behavior will meet the [1], the supervisory control theory (SCT) is among the solutions; it is the theory of analysing In DES, multimodal design remains a challenging problem ([2], [3], [4], [5], [6], [7]). The papers prescribed specifications. discrete-event control systems and it guarantees that the closed loop behavior will meet the [2],DES, [3] deal with problems characterisation and problem switching([2], between modes on [7]). operating mode In multimodal designofremains a challenging [3], [4], [5], [6], The papers prescribed specifications. management for problems DES. However, these approaches are not based on modes any formal models: mode they [2], [3] deal with of characterisation and switching between on operating In DES, multimodal design remains a challenging problem ([2], [3], [4], [5], [6], [7]). The papers possess neither a DES. validation mechanism of possible are alternations nor any validation mechanism management for However, these approaches not based on any formal models: they [2], [3] deal with problems of characterisation and switching between modes on operating mode of deadlock research. Ramadge and Wonhams theory [4] is presented for mode management possess neither a validation mechanism of possible alternations nor any validation mechanism management for DES. However, these approaches are not based on any formal models: they of deadlock research. Ramadge and Wonhams theory [4] is presented mode management possess neither a validation mechanism of possible alternations nor anyfor validation mechanism of deadlock research. Ramadge and Wonhams theory [4] is presented for mode management1 1

1877-0509 © 2017 The Authors. Published by Elsevier B.V. Peer-review under responsibility of the scientific committee of the International Conference on Computational Science 10.1016/j.procs.2017.05.134

1



Formal Approach to Control Design of Complexes Systems Kadri, Ben Ahmed and Collart-Dutilleul Hela Kadri et al. / Procedia Computer Science 108C (2017) 2512–2516

by distinguishing process and specifications. With this approach, in [5], the problem to automatically find the restart state, after correction of an error is studied through only the nominal mode of productivity. Methods offering advantageous solutions to safe failure reactivity include those based distinctively on operating modes management. Kamach et al., in [6], have associate an automaton to each operating mode and have defined a switching mechanism inducing trace memorisation. However, there is a heavy reconfiguration for trace memorisation and the problem of dimensionality is not treated. A CP-net is presented, in [7], to model modes within the general framework of dependable systems. Based on these two previous works and to reduce complexity, the presented work adopts a multi-model approach, in which only one operating mode is activated at a time, while other modes must be deactivated; each model defines a separate behaviour of the system under specific control based on SCT. Using Colored Petri Nets (CP-Nets), our objective is to present a hierarchical approach to control and follow-up of the design of a global model of complex and dynamic DES with all its operating modes, including reconfiguration actions, and the management of starting state and of states of common resources. In the following sections, we present the developed work in its different stages and aspects.

2

Hierarchical Control Design

The proposed approach aims at controlling the design of a complex system with all its running modes with the actions of reconfiguration and the management of resource states common to multiple operating modes in a hierarchical way. The first step is the component design. It allows realizing the component models in separate CP-Net sheets. Each model is verified relative to specifications apart from others. The second step consists of studying independently and separately each operating mode with applying conventionally the SCT: the intramodal design. Each mode is characterized by a set of requirements, modeled independently of the requirements of the other modes, to be fulfilled when the system is working in this mode. Formally, it is represented by a set of CP-Nets. Each one corresponds to an operating mode and it resulted from parallel composition [10] of CP-Net models of components used in this mode. The third step allows modelling the whole system with the actions of reconfiguration. Firstly, each mode has a set of components, generating events involving a commutation. So, the models of mode are extended by considering switching transitions: this allows taking into account intermodal specification. Secondly, a merge function is applied to merge the models, avoiding duplication of common components. Thirdly, a switching mechanism is integrated.

3

Components Design

Complex Systems have many components that collaborate to create a global functioning. The function of each component is the same regardless of the system mode. Each component includes possible actions of reconfiguration such as failures and recoveries and it contains communication ports. Definition 1. Let C be the set of components, C = {C1 , C2 , ..., C|C| }, where |C| ≥ 1. A component Ci , i ∈ {1..|C|} is modeled by a CP-Net < P Ci , T Ci , K Ci , DCi , W−Ci , W+Ci , ΦCi , M0Ci > Ci Ci Ci where P Ci = PCi ∪ P with PCi ∩ P = ∅. PCi and P are, respectively, internal places Ci Ci Ci with TCi ∩ T = ∅. and communication (shared) places of the component Ci . T = TCi ∪ T 2

2513

2514

Formal Approach to Control Design of Complexes Systems Kadri, Ben Ahmed and Collart-Dutilleul Hela Kadri et al. / Procedia Computer Science 108C (2017) 2512–2516 Ci are, respectively, internal transitions and switching transitions of the compoTCi and T Ci

Ci

Ci

Ci

Ci

Ci

nent Ci . W−Ci = W−  ∪ W−  with W−  ∩ W−  = ∅. W−  and W−  are, respectively, internal arcs and switching arcs (connected to switching transitions) of the component Ci

Ci

Ci

Ci 

Ci . W+Ci = W+  ∪ W+  with T Ci ∩ W+  = ∅. W+ arcs and switching arcs of the component Ci .

4

Ci 

and W+

are, respectively, internal

Intramodal Design

The objective of this framework, a subpart of the general proposed framework, is to ensure the internal behavior enforcing the intramodal specification. Each operating mode should be reliable and well-built according to the requirements. Let us denote the set of all operating modes OM = {m1 , m2 , ..., m|OM | }, where |OM | > 1 and where m1 is assumed to be, by convention, the initially activated mode. An operating mode mi , i ∈ {1..|OM |} is defined by a CP-Net < P mi , T mi , K mi , Dmi , W−mi , W+mi , Φmi , M0mi >. Every mode require a set of components and not all components are used in every mode. So, if a component is used in more than one mode, it is called a common component, otherwise it is a proper component. Let’s formally define the conditions to be fulfilled by any component Ci to be common. Definition 2. Let OM be the set of operating modes. ∀(mi , mj ) ∈ OM × OM (mi = mj ), if (P Ci = (P mi ∩P mj ) = ∅) or (T Ci = (T mi ∩T mj ) = ∅) then Ci is a common component m m for the two modes mi and mj such as ∀(p, t) ∈ P Ci × T Ci , W−mi = W− j and W+mi = W+ j ; m ∀t ∈ T Ci , Φmi (t) = Φmj (t); and ∀p ∈ P Ci , M0mi = M0 j . The intramodal design consists of modelling the internal behavior of each operating mode mi as a result from parallel composition [10] of CP-Net models of components used in this mode. The communication between component is assured by fusion of communication places known by having the same names in different component models. Definition 3. Let mi an operating mode. We define C mi as the set of components used in the mi mi mi ∪ C mi such as C mi is the set of proper components of ∪ C⇔ ∪ C← mode mi where C mi = C  → mi mi mi is the set of comC ; C⇔ is the set of components common to C mi and to another modes; C← mi ponents that lead the system to enter into the mode mi ; C→ is the set of components that lead the mi mi mi mi mi ∪C mi is system to exit mode mi ; C = C→ ∪C← is the set of switch components. C = C← → the set of switch components deprived of their switching transitions such as for each component C C i ∈ C mi , C i is modeled by a CP-Net < P Ci , T Ci , K Ci , D Ci , W i , W i , ΦCi , M Ci >. C − + 0  

5

Intermodal Design

The intermodal framework focuses on the intermodal behavior of modes, and takes into account the behavior that could lead to switching between modes. Building this framework requires successive steps. The first step extends the modes mi by adding switching transitions to the set of switch components. The second one is the merge function, it allows removing redundancy of the CP-Net models of common components. In the third step, a switching mechanism is integrated. It triggers between the operating modes when a commutation event occurs such as component failure or recovery. 3



Formal Approach to Control Design of Complexes Systems Ben Ahmed and Collart-Dutilleul Hela Kadri et al. / Procedia Computer ScienceKadri, 108C (2017) 2512–2516

2515

Algorithm 1. Merge function Algorithm 2. Final CP-Net Input Input the set OM of operating modes G =< P, T, K, D, W − , W + , φ, M0 > e the mapping target om the set of CP-Nets mi , (i = 1...|OM |) the set of CP-Nets mei , (i = 1...|OM |) Output a CP-Net G =< P, T, K, D, W− , W+ , Φ, M0 > Output a CP-Net G =< P, T, K, D, W − , W + , φ, M0 > Initially Initially P = ∅; T = ∅; K = ∅; Φ (t) = 0; P = P ∪ {Activated mode}; For every mode mei , i = 1..|OM | do /*include a new mode*/ T = T ∪ T ; K = K ∪ {mode}; e e e P = P ∪ P mi ; T = T ∪ T mi ; K = K ∪ K mi ; M0 (Activated mode) = m1 ; me me e e i i For every mode mei , i = 1..|OM | do ∀(p, t) ∈ (P mi \ P C⇔ ) × (T mi \ T C⇔ ), e ∈ T, /*defining arcs to place /*defining internal mi arcs not belonging to com- ∀t Activated mode*/ mon components*/ W− (Activated mode, t) = Xm ; me W− (p, t) = W− i (p, t); if target om(t) = mi then e m W+ (p, t) = W+ i (p, t); /*mi : actual mode*/ me me C⇔i C⇔i e W ×T , /*defining internal mi ∀(p, t) ∈ P + (Activatedmode, t) = Xm ; + (Activated mode, t) = target om(t); else W arcs of common components*/ e mi endif if W− (p, t) = 0 then W− (p, t) = W− (p, t); /*adding new predicates*/ me if W+ (p, t) = 0 then W+ (p, t) = W+ i (p, t); me e i e ∀t ∈ (T mi \ T C⇔ ), ∀t ∈ T mi , Φ(t) = Φi (t); Φ(t) = Φi (t) ∧ (Xm = mi ); /*defining initial marking*/ me e i e m ∀t ∈ T C⇔ , Φ (t) = Φ (t) ∨ (Xm = mi ); ∀p ∈ P mi , M0 (p) = M0 i (p); enddo; For every mode mj , j = 1(i − 1) do /*already included modes defining inexistent For every transition t ∈ T do Φ(t) = Φ(t) ∨ (Φ (t)); arcs*/ e e e e ∀(p, t) ∈ P mi × T mj , p ∈ / P mj and t ∈ / T mi , enddo; end. W− (p, t) = W+ (p, t) = 0; enddo; enddo; end. Extension of models. The operating modes mi in the intramodal framework are built by the composition of the components used in each mode with respect to requirements when the system is running in one of these modes. Nevertheless, assuming that the internal behavior is totally represented, it is not the case for the external behavior. Indeed, the possible commutations between modes are not taken into consideration in the intramodal framework. The extension then takes into account all the components that are necessary to represent the internal and external behavior of modes. Definition 4. Let mei an extended operating mode. We define C mi as the set of components mi mi mi mi used in the mode mei where C mi = C ∪ C⇔ ∪ C← ∪ C→ . Merge Function.It reduces the complexity of the final model by keeping only a single CP-Net model of common components, of a given mode CP-Net, which is re-used for the CP-Net of another mode. The evolution of marking of common components is implicitly handled by the reachability marking graph of Petri Nets. Integration of the switching mechanism. The switching mechanism is modeled by the Ci Ci transitions. Firing T disables the transitions of the source CP-Net of a mode and enable T 4

2516

Formal Approach to Control Design of Complexes Systems Ben Ahmed and Collart-Dutilleul Hela Kadri et al. / Procedia Computer ScienceKadri, 108C (2017) 2512–2516

firing the transitions of the destination CP-Net mode. An application noted target mode is defined whose role is to associate with each transition its destination mode. Definition 5. Let mi be an operating mode and T mi be the related set of transitions. Let target m : T mi → OM be a mapping such that target m(t) indicates the active operating mode after firing t. Moreover, new elements have to be added in order to ensure the switching mechanism: a place Activated mode marked by one token representing the initial mode, arcs connecting Activated mode to non-switching transitions and labelled by Xm , guards ensuring that only the transitions of the active mode can be fired and arcs connecting every switching transition to Activated mode with an input label Xm , and an output label set to its target mode. At the end, the Algorithm.2 updates the global model obtained from the merge function by the mechanism of switching. Then the global model is obtained.

6

Conclusion

This paper presents a formal method allowing the design assistance of complex systems by a multi-model approach. The proposed framework decomposes the specification of systems in numerous operating modes and each one is decomposed, thereafter, in different components. Applying a bottom-up design, the first step of the framework is the design of components. The second step is an intramodal study where each mode is built independently. The third step focuses on the design of a single model merging all modes. As a prospect, we aim to generalize this framework for systems of systems.

References [1] W. M.Wonham and P. J. Ramadge, On the supremal controllable sublanguage of a given language, SIAM J. Control and Optim., vol. 25, no. 3, pp. 637659, 1987. [2] Adepa, Guide dEtude des Modes de Marches et dArrts (GEMMA), 1981. [3] E. Asarin, O. Bournez, T. Dang, O. Maler and A. Pnueli, Effective Synthesis of Switching Controllersfor Linear System. Proceedings of IEEE, vol. 88, pp. 1011-1025, 2000. [4] P. Ramadge and W.Wonham, The control of discrete event systems, Proc. IEEE, vol. 77, no. 1, pp. 8198, 1989. [5] K. Andersson, B. Lennartson, and M. Fabian, Restarting flexible manufacturing systems; Synthesis of restart states, in Proc. 8th Int. Workshop Discrete Event Systems, pp. 201206, 2006. [6] O. Kamach, L. Pitrac, and E. Niel, Multi-model approach to discrete events systems: Application to operating mode management, Math. Comput. Simulation, vol. 70, no. 56, pp. 394407, 2005. [7] H. Kadri, S. Zairi, and B. Zouari, Global Model For The Management Of Operating Modes In Discrete Event Systems 6th IFAC Conference on Management and Control of Production and Logistics, Vol. 6 — Part. 1 pp. 420-426, 2013. [8] K. Jensen and L.M. Kristensen, Coloured Petri Nets Modelling and Validation of Concurrent Systems. Springer-Verlag, Berlin, 2009. [9] W.M.P. van der Aalst, and C. Stahl, Modeling Business Processes – A Petri Net-Oriented Approach. The MIT Press, 2011. [10] C. G. Cassandras and S. Lafortune, Introduction to Discrete Event Systems. 2nd ed. New York: Springer, 2007.

5