N -diagnosability for active on-line diagnosis in discrete event systems

Automatica 83 (2017) 220–225

Contents lists available at ScienceDirect

Automatica journal homepage: www.elsevier.com/locate/automatica

Brief paper

N-diagnosability for active on-line diagnosis in discrete event systems✩ Feng Lin a,1 , Le Yi Wang a , Wen Chen b , Leitao Han c , Bin Shen c a b c

Department of Electrical and Computer Engineering, Wayne State University, Detroit, MI 48202, USA Division of Engineering Technology, Wayne State University, Detroit, MI 48202, USA Zhejiang Provincial Center for Quality Inspection and Testing of Solar Energy Products, Haining, 314416, China

article

info

Article history: Received 2 March 2016 Received in revised form 2 January 2017 Accepted 28 April 2017

Keywords: Discrete event systems Diagnosis Diagnosability Fault detection Fault localization

a b s t r a c t In this paper, we investigate active on-line diagnosis in discrete event systems. Active diagnosis can be used for fault detection, fault localization, fault-tolerant control, among others. Discrete event systems are general models for complex manmade systems. For the active on-line diagnosis, we do not construct the entire diagnostic automaton off-line. Instead, we look N steps ahead to determine active diagnosability and calculate diagnostic strategies. Thus, we define active N-diagnosability and investigate the relation between active diagnosability and active N-diagnosability. We also develop an algorithm to check active N-diagnosability. If a system is actively N-diagnosable, the algorithm will also give the control that diagnoses the system. We show that there are significant computational advantages for using the on-line approach. © 2017 Elsevier Ltd. All rights reserved.

1. Introduction Fault detection, fault localization, and fault-tolerant control are very important in modern engineering systems, as the sizes and complexities of systems increase dramatically (Blanke, Kinnaert, Lunze, & Staroswiecki, 2006; Korbicz, Koscielny, Kowalczuk, & Cholewa, 2003). For example, a networked battery system may consist of thousands of battery cells. When a cell fails, which is very likely, if the fault is not detected and located quickly, then it will cause other cells to fail as well. To detect and locate faults in a complex system, a systematic approach must be taken. Intuitions will not work. Ad-hoc methods will produce inconsistent results. Many complex and networked systems can be modeled as discrete event systems (DES’s) for fault detection and localization. There are several advantages in using discrete event system models. (1) DES models are general. They can represent different types of systems, from networked battery systems to power systems, from computer systems to manufacturing systems. (2) They can be used to solve a large class of diagnosis problems. By properly ✩ The authors of this paper are supported in part by National Science Foundation of USA under Grant 1507096. The material in this paper was not presented at any conference. This paper was recommended for publication in revised form by Associate Editor Christoforos Hadjicostis under the direction of Editor Christos G. Cassandras. E-mail addresses: [email protected] (F. Lin), [email protected] (L.Y. Wang), [email protected] (W. Chen), [email protected] (L. Han), [email protected] (B. Shen). 1 Fax: +1 313 5771101. http://dx.doi.org/10.1016/j.automatica.2017.06.004 0005-1098/© 2017 Elsevier Ltd. All rights reserved.

defining faulty events and/or faulty states, the DES approach can be used for both fault detection and fault localization. (3) DES models are modular. We can build DES models for components first and then use parallel composition. Because of the advantages of using DES models, diagnosis and diagnosability have been investigated by DES researchers since the 1990s. The results can be divided into two groups: (1) event-based diagnosis and diagnosability, and (2) state-based diagnosis and diagnosability. Event-based diagnosis and diagnosability are first proposed in Sampath, Sengupta, Lafortune, Sinnamohideen, and Teneketzis (1995), and then extended in Qiu and Kumar (2006), Sampath, Sengupta, Lafortune, Sinnamohideen, and Teneketzis (1996) and others. In this approach, a fault is modeled as an event. Here faults are general notions that may represent a failure, a partial failure, or an abnormality. Faulty events are not observable. Some other events may be observable or unobservable. The goal of diagnosis is to detect the occurrence of a faulty event after observing a finite number of observable events. If this can always be done for all trajectories of a system, then the system is called diagnosable. Methods to check if a system is diagnosable have been proposed. If a system is diagnosable, then a diagnoser can be constructed to diagnose the faults. While many faults can be identified by passively observing the occurrences of observable events, better results may be achieved by actively enforcing some events in the system. Hence, active diagnosis has also been investigated, for example, in Sampath, Lafortune, and Teneketzis (1998). On-line diagnosis is studied in Basile, Chiacchio, and De Tommasi (2009).

F. Lin et al. / Automatica 83 (2017) 220–225

State-based diagnosis and diagnosability are investigated in Lin (1994) and Lin, Lin, and Lin (1997). In the state-based approach, the state set of a discrete event system is divided into several subsets. One subset represents normal states; and the other subsets represent several faults. Different partitions of states can then be specified depending on the requirements of diagnosis. Based on a given partition, both off-line diagnosability and on-line diagnosability are defined. Algorithms to check diagnosability are also presented in Lin (1994). An application to mixed-signal circuit testing is discussed in Lin et al. (1997). Results related to diagnosability, including observability (Lin & Wonham, 1988), detectability (Shu & Lin, 2013a,b; Shu, Lin, & Ying, 2007), opacity (Lin, 2011; Paoli & Lin, 2012) are also investigated in discrete event systems. Recently, we have investigated active diagnosis and diagnosability (Chen, Lin, Wang, Wang, & Xu, 2014). We model a discrete event system using an automaton with outputs. The observation is a mapping from the state set to the output set. Diagnosis requirements are generally specified by a partition on the state set. Assuming that the observation mapping does not provide enough information to determine which partition the system is in, a diagnoser will enforce some controllable events in the system to ‘‘drive’’ the system to some states to determine which partition the system is in. If this can always be done, then the system is said to be actively diagnosable. Active diagnosability depends on the observation mapping, the diagnosis partition, and the controllable events. An algorithm is developed in Chen et al. (2014) to check active diagnosability. If a system is actively diagnosable, the algorithm also provides a control that diagnoses the system. Unfortunately, the complexity of the algorithm is double exponential (Chen et al., 2014). To decide control on-line and to reduce the computational complexity, we propose an on-line approach for active diagnosis in this paper. We construct an N-step lookahead tree of a system and check if a control exists in the tree that diagnoses the system. If a control exists, then the system is actively N-diagnosable. In the process, the nodes at level N need special attention. We show that if a system is actively N-diagnosable, then it is actively diagnosable. We also find a condition under which the other implication is true. We then develop an algorithm to check active N-diagnosability. The algorithm will also produce a control to actively diagnose the system if the system is actively N-diagnosable. The computational complexity of the algorithm depends on the depth N.

221

The states in the same cell are viewed as equivalent as far as faults under consideration are concerned. By active diagnosis, we mean that a diagnoser can actively drive the system to be diagnosed to certain states by enforcing some controllable events.2 The set of controllable events is denoted by Σc ⊆ Σ . Therefore, a control is a string of controllable events u ∈ Σc∗ . u represents a diagnostic strategy. While the occurrences of controllable events is controlled by a diagnoser, the other events in Σ − Σc can occur in G at any time as long as they are allowed by the state transition function δ . Hence, under a control u ∈ Σc∗ , the set of all strings that can occur in G is L(G, Q0 ) ∩ P −1 (u). In this equation, L(G, Q0 ) denotes the language generated by G from the set of possible initial/current states Q0 ⊆ Q , that is, L(G, Q0 ) = {s ∈ Σ ∗ : (∃qo ∈ Q0 )δ (qo , s)!}, where (qo , s)! means (qo , s) is defined. P −1 (.) is the inverse projection of the natural projection P : Σ ∗ → Σc∗ (Lin & Wonham, 1988), that is, P −1 (u) = {s ∈ Σ ∗ : P(s) = u}. We call the set of possible states that the system G may be in currently the (current) state estimate. The current state estimate is denoted by Qi (Qi ⊆ Q ) and the current output (observation) is denoted by yi .3 We update the state estimate if (1) a controllable event σi+1 is enforced by the diagnoser, (2) a new output yi+1 is observed, or (3) both (1) and (2) occur. Hence, we use (σi+1 , yi+1 ) to denote a new control execution, a new output observation, or both as follows. If a new output yi+1 is observed without new control execution, then σi+1 = ϵ (the empty string), that is, (σi+1 , yi+1 ) = (ϵ, yi+1 ). If a new control σi+1 is enforced/executed but no change in the output, then yi+1 = yi , that is, (σi+1 , yi+1 ) = (σi+1 , yi ). If a new control is executed and a new output is observed, then σi+1 ̸= ϵ and yi+1 ̸= yi . Using this notation, we describe an observed/controlled trajectory as a sequence

w = (σ1 , y1 )(σ2 , y2 ) · · · (σi , yi ) · · · . To find state estimates after all possible observed/ controlled trajectories of the system, we define a new diagnostic automaton as follows.

˜ = (X , Σ ˜ , ξ , x0 ) G = Ac(2Q × Y , (Σc ∪ {ϵ}) × Y , ξ , (Q0 , y0 )),

2. Active diagnosis In this section, we briefly review the results of Chen et al. (2014) and introduce some necessary notations. We model a discrete event system to be diagnosed as an automaton with outputs: G = (Q , Σ , δ, Y , h), where Q is the set of states; Σ is the set of events; Y is the output space; δ : Q × Σ → Q is the state transition function; and h : Q → Y is the output function. The observation is state observation, not event observation as in other papers in the literature (see Section 1). The state observation is to be interpreted as follows. When system G is in state q, y = h(q) is observed. In most papers on diagnosis of discrete event systems, faults are modeled as events. However, we model faults as states. To diagnose a fault is to identify which state or set of states the system G is in. Depending on the requirements on diagnostics, we partition the state space Q into disjoint subsets (cells) as normal states, fault 1 states, fault 2 states, etc. The resulting partition is denoted by T . We use q=T q′ to denote that q and q′ are in the same cell.

˜ = where Ac(.) denotes the accessible part. The event set is Σ (Σc ∪ {ϵ}) × Y . The state set is X = 2Q × Y . The initial/current ˜ →X state is x0 = (Q0 , y0 ). The state transition function ξ : X × Σ is defined as follows. For x = (Qi , yi ) and σ˜ = (σi+1 , yi+1 ), if σi+1 = ϵ ∧ yi+1 = yi , then ξ (x, σ˜ ) is undefined, otherwise ξ (x, σ˜ ) = (SOR(NOR((Qi , yi ), (σi+1 , yi+1 )), yi+1 ), yi+1 ). In the above equation, SOR and NOR are defined as follows. NOR((Qi , yi ), (σi+1 , yi+1 ))

= {q ∈ Q : (∃q′ ∈ Qi )δ (q′ , σi+1 ) = q ∧ h(q) = yi+1 } SOR((Qi+0.5 , yi+1 )) = {q ∈ Q : (∃q′ ∈ Qi+0.5 )(∃s ∈ (Σ − Σc )∗ )δ (q′ , s) = q ∧ (∀t ≤ s)h(δ (q′ , t)) = yi+1 }, 2 The definition of controllable events in this paper is different than supervisory control of discrete event systems, where an event is controllable if it can be disabled. 3 The current state estimate must be consistent with the current observation, that is, Qi ⊆ h−1 (yi ).

222

F. Lin et al. / Automatica 83 (2017) 220–225

where t ≤ s means that t is a prefix of s. To ensure that a control is feasible (non-blocking) (Chen et al., 2014), we assume that if a controllable event σ is enforced by the diagnoser, but σ is not defined at the current state x = (Qi , yi ), then nothing will happen in the system. Therefore, we add self-loops of controllable events if they are not already defined by ξ as follows. For all σ ∈ Σc , if (∀y ∈ Y )ξ (x, (σ , y)) is undefined, then add

ξ ((Qi , yi ), (σ , yi )) = (Qi , yi ). ˜ = (Σc ∪ {ϵ}) × Y is divided into the controllable The event set Σ ˜ c = Σc × Y and the uncontrollable event set Σ ˜ uc = event set Σ {ϵ} × Y . The language generated by G˜ is denoted by ˜ = {w ∈ Σ ˜ ∗ : ξ (x0 , w) is defined}. L(G)

˜ , N) that diagnoses G. (3) If then check if a control exists in Tree(G not, we will increase the depth until some pre-set limit is reached. ˜ , N) is obtained by extending all transitions in Formally, Tree(G ˜ from the initial state x0 until the length of strings reach N. Note G ˜ we construct only the relevant that we do not actually construct G, ˜ Denote the tree as part of G. ˜ , N) = (Z , Σ ˜ , ζ , z 0 ), Tree(G ˜ = (Σc ∪ {ϵ}) × Y , ζ is where Z is the set of nodes in the tree, Σ the transition function of the tree, and z0 = (Q0 , y0 ).5 Nodes can be partitioned according to the levels: Z = Z0 ∪ Z1 ∪ Z2 ∪ ... ∪ ZN , where Zi is the set of nodes in level i. In particular, Z0 = {z0 } has only one node, the root. ˜ , N) is denoted by The language generated by Tree(G

The following result is obtained in Chen et al. (2014).

˜ , N) = {w ∈ Σ ˜ ∗ : ζ (z0 , w) is defined}. L(G

Theorem 1. Let the initial/current state estimate and initial/current observation be x0 = (Q0 , y0 ). Let the observed/controlled trajectory of the system be w = (σ1 , y1 )(σ2 , y2 )...(σi , yi ). Denote ξ (xo , w ) = xi = (Qi , yi ). Then the state estimate after w is Qi .

˜ , N) as follows: We define the set of marked nodes/states in Tree(G

˜ provides the state estimate after the control and Automaton G observation are described by any w = (σ1 , y1 )(σ2 , y2 )...(σi , yi ). Let us denote the state estimate after w by ψ (w ), that is, for ξ (xo , w ) = (Qi , yi ), ψ (w ) = Qi . If (∀q, q′ ∈ ψ (w ))q=T q′ , then we say that w is diagnosable, that is, we can determine the system’s fault status as described by T after w . To check if w is ˜ as follows. diagnosable, we define the set of marked states in G Xm = {x ∈ X : x = (Qi , yi ) ∧ (∀q, q′ ∈ Qi )q=T q′ }. The following Proposition checks diagnosability of w (Chen et al., 2014). Proposition 1. For an observed/controlled trajectory w , w is diagnosable if and only if w leads from the initial/current state x0 to a marked state in Xm , that is, ξ (x0 , w ) ∈ Xm . For an observed/controlled trajectory w = (σ1 , y1 ) (σ2 , y2 ) ... (σi , yi ), we denote the corresponding control as u = θ (w ) = σ1 σ2 ...σi . Hence, θ is a mapping

˜ ∗ → Σc∗ . θ :Σ The inverse mapping of θ is denoted by θ −1 .

Zm = {z ∈ Z : z = (Qi , yi ) ∧ (∀q, q′ ∈ Qi )q=T q′ }. We then unmark the nodes/states at the boundary ZN to ensure that the states beyond the lookahead tree will not invalidate the result, that is, Zd = Zm − ZN . In other words, we use a ‘‘conservative’’ approach to the problem in the sense that the active N-diagnosability defined below is sufficient, but may not be necessary for active diagnosability. Definition 2. A system G is actively N-diagnosable from the ˜ , N) initial/current state x0 if there exists a control u ∈ Σc∗ in Tree(G that diagnoses G with respect to Zd , that is,

˜ , N))ζ (x0 , w) ∈ Zd . (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G The following theorem states the relation between active diagnosability and active N-diagnosability. Theorem 2. If a system G is actively N-diagnosable from the initial/current state x0 , then it is actively diagnosable from the initial/current state x0 . Proof. By the definition of Zd ,

˜ , N))ζ (x0 , w) ∈ Zd (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G ⇒ (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G˜ , N))ζ (x0 , w) ∈ Zm ⇒ (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G˜ , N))ξ (x0 , w) ∈ Xm .

Definition 1. 4 A system G is actively diagnosable from the initial/current state x0 if there exists a control u ∈ Σc∗ that diagnoses G, that is,

For control u satisfying

˜ ξ (x0 , w) ∈ Xm . (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G))

we show

3. On-line diagnosis

˜ , N))ξ (x0 , w) ∈ Xm , (∀w ∈ θ −1 (u) ∩ L(G ˜ ξ (x0 , w) ∈ Xm (∀w ∈ θ −1 (u) ∩ L(G)) by contradiction. If the above condition is not satisfied, then

In Chen et al. (2014), an off-line algorithm is developed to check active diagnosability and to find a control that diagnoses the system if the system is diagnosable. The computational complexity |Q | of the algorithm is high because it is double exponential: O(22 |Y | ). To reduce computational complexity, in this paper, we develop an on-line approach for active diagnosis that can be intuitively explained as follows. (1) We construct a lookahead tree from the ˜ , N). (2) We initial/current state x0 with depth N, denoted by Tree(G

˜ − L(G˜ , N)))ξ (x0 , w) ̸∈ Xm . (∃w ∈ θ −1 (u) ∩ (L(G)

4 Since we add self-loops of controllable events at each state if they are not already defined, all control is feasible as required in Chen et al. (2014).

5 Each node z ∈ Z is a state in G, ˜ while the same state in X may appear more than once in Z .

˜ − L(G˜ , N), the length of w is greater than N, that is, Since w ∈ L(G) |w| > N. Let w′ be the prefix of w with length N. Then ζ (x0 , w′ ) ∈ ZN ⇒ ζ (x0 , w′ ) ̸∈ Zd . ˜ , N)) This contradicts the assumption that (∀w ∈ θ −1 (u) ∩ L(G ζ (x0 , w) ∈ Zd . ■

F. Lin et al. / Automatica 83 (2017) 220–225

Theorem 2 shows that active N-diagnosability is a conservative estimation of active diagnosability. Intuitively, the further we look, the better the estimation is. In fact, we have the following proposition. Proposition 2. If a system G is actively N-diagnosable from the initial/current state x0 , then the system is actively (N+1)-diagnosable from the initial/current state x0 . Proof. Assume that G is actively N-diagnosable, that is,

˜ , N))ζ (x0 , w) ∈ Zm − ZN . (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G For control u satisfying

˜ , N))ζ (x0 , w) ∈ Zm − ZN , (∀w ∈ θ −1 (u) ∩ L(G we show

˜ , N + 1))ζ (x0 , w) ∈ Zm − ZN +1 . (∀w ∈ θ −1 (u) ∩ L(G For all w such that |w| ≤ N,

ζ (x0 , w) ∈ Zm − ZN ⇒ ζ (x0 , w) ∈ Zm ⇒ ζ (x0 , w) ∈ Zm − ZN +1 . For all w such that |w| = N + 1,

w ̸∈ θ

−1

˜ , N + 1) (u) ∩ L(G

223

By the definition of Zd and Zm ∩ ZN = ∅

˜ , N))ξ (x0 , w) ∈ Xm (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G ⇒ (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G˜ , N))ζ (x0 , w) ∈ Zm ⇒ (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G˜ , N))ζ (x0 , w) ∈ Zd . Therefore, G is actively N-diagnosable from the initial/current state x0 ■ To check active N-diagnosability, we check if a control exists in ˜ , N) that diagnoses G as follows. Tree(G (1) From the root z0 of the tree, add all transitions that are defined from the root via some uncontrollable events. Denote the resulting sub-tree as

˜ uc , ζ , z0 ), UR(z0 ) = Ac(Z , Σ where Ac(.) denotes the accessible part. The set of nodes in UR(z0 ) is denoted by Z (UR(z0 )). If all nodes in UR(z0 ) are diagnosable, that is, (∀z ∈ Z (UR(z0 )))z ∈ Zd , then the system is actively diagnosable with trivial control u = ϵ . (2) If not, that is, (∃z ∈ Z (UR(z0 )))z ̸ ∈ Zd , then pick a controllable event σ ∈ Σc and add all transitions with σ to the sub-tree UR(z0 ). Denote the set of nodes entered by transitions with σ as Node(UR(z0 ), σ )

= {z ′ ∈ Z : (∃z ∈ Z (UR(z0 )))(∃y ∈ Y )ζ (z , (σ , y)) = z ′ }.

is true. Otherwise, by letting w ′ be the prefix of w with length N, we have

(3) For each node z ′ ∈ Node(UR(z0 ), σ ), add all transitions that are defined from z ′ via some uncontrollable events. Denote the resulting sub-tree as

ζ (x0 , w′ ) ∈ ZN ⇒ ζ (x0 , w′ ) ̸∈ Zm − ZN .

˜ uc , ζ , z ′ ). UR(z ′ ) = Ac(Z , Σ

˜ , N)) This contradicts the assumption that (∀w ∈ θ −1 (u) ∩ L(G ζ (x0 , w) ∈ Zm − ZN . ■

If all nodes in UR(z ′ ) are diagnosable for all z ′ ∈ Node(UR(z0 ), σ ), that is, (∀z ′ ∈ Node(UR(z0 ), σ ))(∀z ∈ Z (UR(z ′ )))z ∈ Zd , then the system is actively diagnosable with control u = σ . If not, then repeat the process until all controls are checked. The following algorithm summarizes the procedure for checking active N-diagnosability and finding control.

Remark 1. Naturally, in view of Theorem 2, two questions to ask are: (1) If G is actively diagnosable, can we find an N such that G is actively N-diagnosable? (2) If so, what is the bound on such an N? The answer to the first question is ‘‘yes’’. The answer to the second question is that N is bounded by the number of states in the observer of G (see Chen et al., 2014). The reason for this is as follows. It is shown in Theorem 2 and Algorithm 1 of Chen et al. (2014) that a control diagnoses the faults if and only if it is a string from the initial state to a marked state in the observer. If the string contains loops, the string obtained by removing all loops is still a control that diagnoses the faults. Therefore, there is a control whose length is bounded by the number of states in the observer. Since the number of states in the observer is very large (double exponential), a more practical way to find sufficient N is given by the following theorem. Theorem 3. Assume that Zm ̸ = ∅ and Zm ∩ ZN = ∅. Then a system G is actively N-diagnosable from the initial/current state x0 if and only if it is actively diagnosable from the initial/current state x0 . Proof. (ONLY IF) This part of the proof follows from Theorem 2. (IF) Assume that G is actively diagnosable from the initial/current state x0 , that is,

˜ ξ (x0 , w) ∈ Xm . (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G)) ˜ the length Select a control u such that for all w ∈ θ −1 (u) ∩ L(G), of the longest w is the shortest among all controls satisfying the above condition. Because Zm ̸ = ∅ and Zm ∩ ZN = ∅, the length of the longest w must be less than N. Hence, ˜ , N))ξ (x0 , w) ∈ Xm . (∃u ∈ Σc∗ )(∀w ∈ θ −1 (u) ∩ L(G

Algorithm 1 Input: G = (Q , Σ , δ, Y , h), Σc , Q0 , y0 , T , N; Output: u (control for active diagnosis); ˜ , N) = (Z , Σ ˜ , ζ , z0 ) as follows: 1: Construct Tree(G Z0 = {z0 } = {(Q0 , y0 )}; for n = 1, 2, . . . , N do begin Zn = ∅; ˜ do begin for all z ∈ Zn−1 and σ˜ ∈ Σ if ξ (z , σ˜ ) is defined, then Zn = Zn ∪ {ξ (z , σ˜ )}; ζ (z , σ˜ ) = ξ (z , σ˜ ); end; end; Z = Z0 ∪ Z1 ∪ Z2 ∪ ... ∪ ZN ; 2: Compute the marked states: Zm = {z ∈ Z : z = (Qi , yi ) ∧ (∀q, q′ ∈ Qi )q =T q′ }; Zd = Zm − ZN ; 3: Initialization: u = ∅; u′ = ϵ ; TBE = ∅; ˜ uc , ζ , z0 ); UR(z0 ) = Ac(Z , Σ if (∀z ∈ Z(UR(z0 )))z ∈ Zd then u = u′ ; go to Step 5; else for all σ ′ ∈ Σc do TBE = TBE ∪ {(Z(UR(z0 )), u′ , σ ′ )};

224 4:

5:

F. Lin et al. / Automatica 83 (2017) 220–225

Computation: while TBE ̸ = ∅ do begin pick (NUR, u′ , σ ) ∈ TBE; TBE = TBE − {(NUR, u′ , σ )}; Node = {z ′ ∈ Z : (∃z ∈ NUR)(∃y ∈ Y ) ζ (z , (σ , y)) = z ′ }; ′ NUR = ∅; for all z ′ ∈ Node do begin ˜ uc , ζ , z ′ ); UR(z ′ ) = Ac(Z , Σ ′ ′ NUR = NUR ∪ Z(UR(z ′ )); end; if (∀z ∈ NUR)z ∈ Zd then u = u′ σ ; go to Step 5; else for all σ ′ ∈ Σc do if NUR′ − ZN ̸ = ∅, then TBE = TBE ∪ {(NUR′ , u′ , σ ′ )}; end; (while loop) Stop.

Let us investigate the computational complexity of the algorithm. ˜ , N) is in the order of (1) The number of states in the tree Tree(G N ˜ ˜ |N . (3) Checking each |Σ | . (2) The maximal number of TBE is N |Σ ˜ |N . Therefore, TBE is linear to the number of states in the tree, |Σ ˜ |2N ). the computational complexity of the algorithm is O(N |Σ The correctness of the algorithm is stated in the following theorem. Theorem 4. At the end of Algorithm 1, if u = ∅, then system G is not actively N-diagnosable from the initial/current state x0 . If u ̸ = ∅, then system G is actively N-diagnosable from the initial/current state x0 , and a control is given by u. Proof. If u ̸ = ∅, then either (1) u = u′ is assigned in Step 3, or (2) u = u′ σ is assigned in Step 4. In the first case, (∀z ∈ Z (UR(z0 )))z ∈ Zd is true, that is, all nodes in UR(z0 ) are diagnosable. Therefore, system G is actively N-diagnosable from the initial/current state x0 with the control given by u = ϵ . In the second case, (∀z ∈ NUR)z ∈ Zd is true, that is, all nodes after u = u′ σ are diagnosable. Therefore, system G is actively N-diagnosable from the initial/current state x0 with the control given by u. On the other hand, if u = ∅ is assigned initially in Step 3 and never changed after the algorithm searches all possible controls, ˜ , N). then no control exists that diagnoses system G within Tree(G Therefore, system G is not actively N-diagnosable from the initial/current state x0 . ■ Let us compare the computational complexity of the off-line |Q | approach, which is O(22 |Y | ), with the computational complex˜ |2N ). Obviously, the ity of the on-line approach, which is O(N |Σ computational complexity of the off-line approach depends on the number of states and the number of outputs, while the computational complexity of the on-line approach depends on the number of lookahead steps. If N is small, which is often the case, then the computational complexity of the on-line approach is manageable, while the computational complexity of the off-line approach is often unmanageable. Let us consider the following cases: Case 1: |Q | = 4, |Y | = 2, |Σ | = 4, and |Σc | = 2. Case 2: |Q | = 6, |Y | = 3, |Σ | = 5, and |Σc | = 2. Case 3: |Q | = 8, |Y | = 3, |Σ | = 8, and |Σc | = 3.

Fig. 1. Comparison of the off-line and on-line approaches.

|Q |

2N

˜ | for N = 2, 3, 4 as shown in We calculate 22 |Y | and N |Σ Fig. 1. Clearly, the on-line approach is much better. 4. Conclusions In this paper, we develop a general framework for active on-line diagnosis using discrete event systems. It can be applied to a wide range of practical problems in fault detection and fault localization. The main contributions of the paper are as follows. (1) We propose an on-line approach to active diagnosis using N-step lookahead windows and showed how to treat states on the boundary of the window. (2) We define active N-diagnosability and investigate the relation between the on-line and off-line approaches. (3) We propose an algorithm to check active N-diagnosability and compute a control that diagnoses the system if it exists. The computational complexity of on-line algorithm is much less than that of off-line algorithm. The method we developed will provide a systematic way for diagnosis of complex engineering systems. In the future works, we plan to use the on-line approach to diagnose faults/failures in solar energy generation. We will use the platform available at Zhejiang Provincial Center for Quality Inspection and Testing of Solar Energy Products in Haining, China for this purpose. References Basile, F., Chiacchio, P., & De Tommasi, G. (2009). An efficient approach for online diagnosis of discrete event systems. IEEE Transactions on Automatic Control, 54(4), 748–759. Blanke, M., Kinnaert, M., Lunze, J., & Staroswiecki, M. (2006). Diagnosis and faulttolerant control. (2nd ed.). New York: Springer-Verlag. Chen, Z., Lin, F., Wang, C., Wang, L. Y., & Xu, M. (2014). Active diagnosability of discrete event systems and its application to battery fault diagnosis. IEEE Transactions on Control Systems Technology, 22(5), 1892–1898. Korbicz, J., Koscielny, J. M., Kowalczuk, Z., & Cholewa, W. (Eds.). (2003). Fault diagnosis. New York: Springer-Verlag. Lin, F. (1994). Diagnosability of discrete event systems and its applications. Discrete Event Dynamic Systems, 4(2), 197–212. Lin, F. (2011). Opacity of discrete event systems and its applications. Automatica, 47, 496–503. Lin, F., Lin, Z. H., & Lin, T. W. (1997). A uniform approach to mixed-signal circuit test. International Journal of Circuit Theory and Applications, 25(2), 81–93. Lin, F., & Wonham, W. M. (1988). On observability of discrete event systems. Information Sciences, 44(3), 173–198. Paoli, A. & Lin, F. (2012) Decentralized opacity of discrete event systems. In Proceedings of the 2012 American control conference (pp. 6083–6088). Qiu, W., & Kumar, R. (2006). Decentralized failure diagnosis of discrete event systems. IEEE Transactions on Systems, Man and Cybernetics, Part A (Systems and Humans), 36(2), 384–395. Sampath, M., Lafortune, S., & Teneketzis, D. (1998). Active diagnosis of discreteevent systems. IEEE Transactions on Automatic Control, 43(7), 908–929. Sampath, M., Sengupta, R., Lafortune, S., Sinnamohideen, K., & Teneketzis, D. (1995). Diagnosability of discrete-event systems. IEEE Transactions on Automatic Control, 40(9), 1555–1575. Sampath, M., Sengupta, R., Lafortune, S., Sinnamohideen, K., & Teneketzis, D. (1996). Failure diagnosis using discrete-event models. IEEE Transactions on Control Systems Technology, 4(2), 105–124. Shu, S., & Lin, F. (2013a). Delayed detectability of discrete event systems. IEEE Transactions on Automatic Control, 58(4), 862–875. Shu, S., & Lin, F. (2013b). I-detectability of discrete event systems. IEEE Transactions on Automation Science and Engineering, 10(1), 187–196. Shu, S., Lin, F., & Ying, H. (2007). Detectability of discrete event systems. IEEE Transactions on Automatic Control, 52(12), 2356–2359.

F. Lin et al. / Automatica 83 (2017) 220–225 Feng Lin received his B.Eng. degree in electrical engineering from Shanghai Jiao-Tong University, Shanghai, China, in 1982, and his M.A.Sc. and Ph.D. degrees in electrical engineering from the University of Toronto, Toronto, Canada, in 1984 and 1988, respectively. From 1987 to 1988, he was a postdoctoral fellow at Harvard University, Cambridge, MA. Since 1988, he has been with the Department of Electrical and Computer Engineering, Wayne State University, Detroit, Michigan, where he is currently a professor. His research interests include discrete-event systems, hybrid systems, robust control, and their applications in alternative energy, biomedical systems, and automotive control. He is the author of a book entitled ‘‘Robust Control Design: An Optimal Control Approach’’. He was a consultant for GM, Ford, Hitachi and other auto companies. He co-authored a paper that received a George Axelby outstanding paper award from IEEE Control Systems Society. He was an associate editor of IEEE Transactions on Automatic Control. He is a fellow of IEEE.

Le Yi Wang received the Ph.D. degree in electrical engineering from McGill University, Montreal, Canada, in 1990. Since 1990, he has been with Wayne State University, Detroit, Michigan, where he is currently a Professor in the Department of Electrical and Computer Engineering. His research interests are in the areas of complexity and information, system identification, robust control, H-infinity optimization, time-varying systems, adaptive systems, hybrid and nonlinear systems, information processing and learning, as well as medical, automotive, communications, power systems, and computer applications of control methodologies. He was a keynote speaker in several international conferences. He serves on the IFAC Technical Committee on Modeling, Identification and Signal Processing. He was an Associate Editor of the IEEE Transactions on Automatic Control and several other journals. He was a Visiting Faculty at University of Michigan in 1996 and Visiting Faculty Fellow at University of Western Sydney in 2009 and 2013. He is a member of the Core International Expert Group at Academy of Mathematics and Systems Science, Chinese Academy of Sciences, and an International Expert Adviser at Beijing Jiao Tong University. He is a Fellow of IEEE.

225 Wen Chen received his Ph.D. degree from Simon Fraser University, Burnaby, BC, Canada, in 2004. From 2005 to 2007, he was a Postdoctoral Researcher at University of Louisiana, Lafayette, LA, USA. After that period, he worked in industrial companies as a Control Systems Engineer. He joined Wayne State University, Detroit, MI, USA, in 2009. His teaching and research interests are in the areas of control systems, alternative energy storage, and fault diagnosis of industrial systems.

Leitao Han received his B.Eng. degree in Physics from Yantai Normal University, Yantai, China, in 2006, and his M. Eng. Degree in Engineering from Yunnan Normal University, Yunnan, China, in 2009. Since 2009, he has been with Zhejiang Provincial Center for Quality Inspection and Testing of Solar Energy Products, Haining, China, where he is currently the chief engineer in the research and development department. He is also an adjunct professor in Dezhou University, Dezhou, China. His main research interests include state estimation, fault-tolerant control and solar energy utilization technology.

Bin Shen graduated from Shanghai University, Shanghai, China, in 1996, major in electrical and electronic technology. From 1996 to 2010, he was the director of the Center for Product Quality Supervision and Inspection, Haining, China. Since 2010, he has been with Zhejiang Provincial Center for Quality Inspection and Testing of Solar Energy Products, Haining, China, where he is currently the director. He is a committee member of the China Renewable Energy Society. His main research interests include state estimation, fault tolerant control and solar energy utilization technology.