Transcript Diagnosing a Team of Agents: Scaling-Up

Diagnosis of Discrete Event
Systems
Meir Kalech
Partly based on slides of Gautam Biswass
Outline


Last lecture:
1.
Optimal CSP
2.
Conflict-directed A*
Today’s lecture:
1.
Automata (brief tutorial)
1.
Deterministic automata
2.
Non-deterministic automata
2.
Discrete event system
3.
Observer automata
4.
Diagnostics approach
5.
Diagnoser automata
6.
Diagnosability
Brief notes on
Automata 0
11
1
0,1
1
0111
111
1
0
0
1
The machine accepts a string if the
process ends in a double circle
Borrowed from CMU / COMPSCI 102
Anatomy of a Deterministic Finite
1
Automaton
0
states
1
q1
0
q0
0,1
accept states (F)
0
q12
The machine accepts a string if the
start state
(q0) ends in
q3a double circle
states
process
Anatomy of a Deterministic Finite
Automaton
q1
0
1
0,1
1
q0
q2
0
0
The alphabet of a finite automaton is the set
where the symbols come from: 1{0,1}
q3
The language of a finite automaton is the set
of strings that it accepts
q0
0,1
L(M) = All
 strings of 0s and 1s
The Language of Machine M
0
0
q0
1
1
q1
L(M) = { w | w has an even number of 1s}
Notation
An alphabet Σ is a finite set (e.g., Σ = {0,1})
A string over Σ is a finite-length sequence of
elements of Σ
For x a string, |x| is the length of x
A language over Σ is a set of strings over Σ
A finite automaton is a 5-tuple M = (Q, Σ, , q0, F)
Q is the set of states
Σ is the alphabet
 : Q  Σ → Q is the transition function
q0  Q is the start state
F  Q is the set of accept states
L(M) = the language of machine M
= set of all strings machine M accepts
M = (Q, Σ, , q0, F) where Q = {q0, q1, q2, q3}
Σ = {0,1}
 : Q  Σ → Q transition function
q0  Q is start state
F = {q1, q2}  Q accept states
q1
0
1
0,1
1
q0
M
0
q3
q2
0
1
*

0
1
q0
q0
q1
q1
q2
q2
q2
q3
q2
q3
q0
q2
*
Build an automaton that accepts all and only
those strings that contain 001
1
q
0,1
0
0
1
q0
0
q00
1
q001
Outline


Last lecture:
1.
Optimal CSP
2.
Conflict-directed A*
Today’s lecture:
1.
Automata (brief tutorial)
1.
Deterministic automata
2.
Non-deterministic automata
2.
Discrete event system
3.
Observer automata
4.
Diagnostics approach
5.
Diagnoser automata
6.
Diagnosability
Nondeterministic Finite Accepter (NFA)
Alphabet = {a}
a
q0
q1 a
a
q3
q2
Nondeterministic Finite Accepter (NFA)
Alphabet = {a}
Two choices
a
q0
q1 a
a
q3
q2
Nondeterministic Finite Accepter (NFA)
Alphabet = {a}
Two choices
a
q0
q1 a
q2
No transition
a
q3
No transition
First Choice
a a
a
q0
q1 a
a
q3
q2
First Choice
a a
a
q0
q1 a
a
q3
q2
First Choice
a a
a
q0
q1 a
a
q3
q2
First Choice
a a
a
q0
q1 a
a
q3
q2
“accept”
Second Choice
a a
a
q0
q1 a
a
q3
q2
Second Choice
a a
a
q0
q1 a
a
q3
q2
Second Choice
a a
a
q0
q1 a
a
q3
q2
No transition:
the automaton hangs
Second Choice
a a
a
q0
q1 a
q2
a
q3
“reject”
Equivalent automata
L(G)  {s  E : f ( x0 , s) is defined}
*
Lm (G)  {s  L(G) : f ( x0 , s)  X m }
Automata G1 and G2 are equivalent if
L(G1 )  L(G2 )
and
Lm (G1 )  Lm (G2 )
Examples of Equivalent Automata
Outline


Last lecture:
1.
Optimal CSP
2.
Conflict-directed A*
Today’s lecture:
1.
Automata (brief tutorial)
2.
Discrete event system
3.
Observer automata
4.
Diagnostics approach
5.
Diagnoser automata
6.
Diagnosability
What is a Discrete-Event System?

Structure with ‘states’ having duration in
time, ‘events’ happening instantaneously
and asynchronously.

States: machine is idle, is operating,
is broken down, is under repair.

Events: machine starts work, breaks down,
completes work or repair.

State space discrete in time and space.

State transitions ‘labeled’ by events.
DES Example: heating ventilation
and air conditioning
DES Example: heating ventilation
and air conditioning
Diagnosis goal: given a composite DES including
observable and unobservable events (faulty events are
part of the unobservable events), find the faulty events.
Outline


Last lecture:
1.
Optimal CSP
2.
Conflict-directed A*
Today’s lecture:
1.
Automata (brief tutorial)
2.
Discrete event system
3.
Observer automata
4.
Diagnostics approach
5.
Diagnoser automata
6.
Diagnosability
Observer Automata

In DES we partition the events to observable and
unobservable events. E  Eo  Euo

Unobservable events:


absence of sensors

event occurred remotely, not communicated

fault events
Observer Gobs is an equivalent deterministic automata
to the original which contains only observable events.
Observer - Example
a and b are
observable events
Note: Gnd is non-deterministic, Gobs is deterministic
Gnd and Gobs are equivalent.
Observer example 2:
Euo  {ed , u, v}
Outline


Last lecture:
1.
Optimal CSP
2.
Conflict-directed A*
Today’s lecture:
1.
Automata (brief tutorial)
2.
Discrete event system
3.
Observer automata
4.
Diagnostics approach
5.
Diagnoser automata
6.
Diagnosability
Daignostics
Determine whether certain events with
certainty are fault events
 Build new automata like observer, but attach
“labels” to the states of Gdiag
 To build




Attach N label to states that can be reached from x0
by unobservable strings
Attach Y label to states that can be reached from x0
by unobservable strings that contain at least one
occurrence of ed (fault event).
If state z can be reached both with and without
executing ed then create two entries in the initial
state set of Gdiag: zN and zY.
Diagnoser Automata
Diagnosability
G  ( X , E ,  , x0 )
E  Eo  Euo ;
Failure events: E f  E
Goal : Identifyelementsof E f by observingtracesfromEo
P artitionFailures : E f  E f 1  ....... E fm
P artitionsrepresent: (i) inadequatesensors,(ii) maynotbe required
t oisolateeveryfault eventuniquely
Failure  some eventE fi has occurred
G : models normaland failed operationof system
L(G)is live;G does not have cycleof unobservable events
Diagnosability: informal definition

Let s be any trace generated by the system that ends in a
failure event from set Efi and t is a sufficiently long
continuation of s

Diagnosability implies that every trace that belongs to the
language that produces the same record of observable
events as st should contain in it a failure event from Efi

Along every continuation t of s, one can detect the failure
of type Fi with finite delay, specifically in at most ni
transitions of the system after s

Alternately, diagnosability requires that every failure event
leads to observations distinct enough to enable unique
identification of failure type with a finite delay
Diagnosability: example
Euo  { i }
 fi  failureevents
 uo
 f1
Eo  { ,  ,  ,  }
 f1
f2
 f3
 f 1,  f 2
IF : failure partition:  f 1  { f 1 ,  f 2 },  f 2  { f 3}
i.e. it is not required to distinguish between failures f 1 and f 2 .
 The system is diagnosable
Diagnosability: example
Euo  { i }
 fi  failureevents
 uo
 f1
Eo  { ,  ,  ,  }
 f 2 ?   uo ?
f2
 f3
 f 1,  f 3
IF: Failure partition:  f 1  { f 1},  f 2  { f 2},  f 3  { f 3}
 The system is not diagnosable
Outline


Last lecture:
1.
Optimal CSP
2.
Conflict-directed A*
Today’s lecture:
1.
Automata (brief tutorial)
2.
Discrete event system
3.
Observer automata
4.
Diagnostics approach
5.
Diagnoser automata
6.
Diagnosability
Diagnosability by Diagnoser
To determine diagnosability of a system we use
a diagnoser:
1.
The diagnoser traces all possible trajectories of the
system.
2.
The diagnoser records the possible failures in each
state.
3.
If a state contains an ambiguity failure:
“Fi occurs or Fi not occurs”
then
the system is not diagnosable.
Diagnoser: example
Failure partition:  f 1  { f 1},  f 2  { f 2 , f 2'}
Euo  { i }
 fi  failureevents
Euo  { i }
 f1
f2
f2
 f1
f2
 f 2'
Diagnoser: example
Diagnoser: example
Failure partition:  f 1  { f 1},  f 2  { f 2 , f 2'}
Euo  { i }
 fi  failureevents
Euo  { i }
 f1
f2
f2
 f1
f2
 f 2'
Diagnoser: example
Diagnoser: example
Failure partition:  f 1  { f 1},  f 2  { f 2 , f 2'}
Euo  { i }
 fi  failureevents
Euo  { i }
 f1
f2
f2
 f1
f2
 f 2'
Diagnoser: example
Diagnoser: example
Failure partition:  f 1  { f 1},  f 2  { f 2 , f 2'}
Euo  { i }
 fi  failureevents
Euo  { i }
 f1
f2
f2
 f1
f2
 f 2'
Diagnoser: example
Diagnoser: example
Failure partition:  f 1  { f 1},  f 2  { f 2 , f 2'}
Euo  { i }
 fi  failureevents
Euo  { i }
 f1
f2
f2
 f1
f2
 f 2'
Diagnoser: example
Diagnoser: example
Failure partition:  f 1  { f 1},  f 2  { f 2 , f 2'}
Euo  { i }
 fi  failureevents
F1 is indicated
anyway
E  { }
F2 only for the bottom path
Therefore there isf 1 ambiguity ‘A’
uo
f2
f2
 f1
f2
 f 2'
i
Outline


Last lecture:
1.
Optimal CSP
2.
Conflict-directed A*
Today’s lecture:
1.
Automata (brief tutorial)
2.
Discrete event system
3.
Observer automata
4.
Diagnostics approach
5.
Diagnoser automata
6.
Diagnosability
Diagnosability: necessary and
sufficient conditions
Theorem:
A language L is diagnosable if and only if its
diagnoser Gdiag satisfies the following two
conditions:
1.
No state in Gdiag is ambiguous.
2.
There are no Fi-indeterminate cycles in Gdiag,
for all failure types Fi.
Certain and uncertain failures
State id
label
Meaning – if a state contains only failure Fi label then
this failure will occur in certain.
Meaning – if a state contains failure Fi and another
failure or N label, then this failure will occur with
uncertain.
Fi-indeterminate cycle in Gdiag
Meaning – an Fi-indeterminate cycle in Gdiag indicates the
presence of two cycled traces s1 and s2 with the same
observable projection, where s1 contains Fi and s2 does not.
Example: Fi-indeterminate cycle
Example: Fi-uncertain cycle
but not Fi-indeterminate cycle
BUT: it is not Fiindeterminate cycle
since the cycles are
not corresponding
This is an Fi-uncertain cycle
Diagnosability: necessary and
sufficient conditions
Theorem:
A language L is diagnosable if and only if its
diagnoser Gdiag satisfies the following two
conditions:
1.
No state in Gdiag is ambiguous.
2.
There are no Fi-indeterminate cycles in Gdiag,
for all failure types Fi.