weimin wu,hongye su,jian chu,haifeng zhai

DOI: https://doi.org/10.3182/20020721-6-es-1901.00526

2002-01-01

IFAC Proceedings Volumes

Abstract:Abstract This paper proposes a new control synthesis method for a class of discrete event systems modeled by controlled ordinary Petri nets with linear marking constraint. Monitor is constructed to track the system state resulted from the uncontrollable firing sequences. The maximally permissive feedback control policy then can be obtained based on the making of the monitor. No non-convex constraint transformation is introduced in the design procedure. The method is capable of synthesizing a class of net that cannot be treated using previous methods due to some necessary restrictions.

Yong Huang,Lingdi Ping,Shanping Li,Xuezeng Pan

DOI: https://doi.org/10.4304/jsw.4.1.90-97

2009-01-01

Journal of Software

Abstract:Real-time information flow security properties such as timed noninterference provide assurances that some time dependent information flows may not become possible. However, with transitive noninterference formulation, it is difficult to deal with intransitive flow policies like channel control and secure downgrading of information with time constraints. In this paper, we introduce the notion of trust domain into Timed Secure Process Algebra (tSPA), extending intransitive noninterference to real-time systems. Based on weak timed bisimulation equivalence, some security properties for intransitive flow are reformulated in a realtime setting, in particular one property which is persistent, meaning that if a system is secure then all of its reachable states are secure too. Furthermore, we prove that such persistent intransitive timed property is compositional, which is thus possible to alleviate the state space explosion problem caused by the interleaving of all the possible executions of parallel processes. Finally, we provide one case study showing that it is possible to model and analyze the real-time system through our approach.

Jiliang Luo,Weimin Wu,Hongye Su,Jian Chu

2006-01-01

Abstract:This paper addresses supervisor synthesis for discrete event systems modeled by controlled Petri nets. The considered control problem is to enforce a conjunction of generalized mutual exclusion constraint-, on a controlled Petri net where the influence uncontrollable subnets are joint-free nets. The properties of jointfree nets are proposed. The necessary and sufficient condition of the existence of the maximally permissive (optimal) supervisor is then obtained utilizing these properties. Furthermore, an algorithm is proposed to design the optimal supervisor with a complexity of polynomial times. The theoretic results are illustrated by an example of synthesizing the optimal supervisor for a manufacturing system.

姜励,平玲娣,陈小平,潘雪增,李善平

DOI: https://doi.org/10.3785/j.issn.1008-973x.2008.12.010

2008-01-01

Abstract:The concept of trust domain was introduced into probabilistic secure process algebra(PSPA),and the intransitive noninterference information flow security model was extended to probabilistic systems to implement many important security policies such as secure downgrading of probabilistic information and channel control.Intransitive probabilistic information flow security properties were analyzed based on the probabilistic weak bisimulation equivalence.Intransitive bisimulation strong probabilistic noninterference(I_BSPNI) and intransitive probabilistic bisimulation-based nondeducibility on composition(I_PBNDC) were presented.To expose the potential secure problem that I_PBNDC cannot discover in dynamic context,the persistent I_PBNDC property was proposed,which required that every reachable state of the system must satisfy I_PBNDC.The properties like bisimulation-based nondeducibility on composition are difficult to prove.To overcome this shortcoming,strong I_PBNDC property was defined in terms of unwinding conditions demanding properties of individual actions.Finally,the relations between these properties were given and proved.

Mahathi Anand,Abolfazl Lavaei,Majid Zamani

DOI: https://doi.org/10.1016/j.nahs.2023.101427

2024-02-01

Abstract:This paper is concerned with a compositional scheme for the construction of control barrier certificates for interconnected discrete-time stochastic systems. The main objective is to synthesize switching controllers against ω -regular properties that can be described by accepting languages of deterministic Streett automata (DSA) along with providing probabilistic guarantees for the satisfaction of such specifications. The proposed framework leverages the interconnection topology and a notion of so-called control sub-barrier certificates of subsystems, which are used to compositionally construct control barrier certificates of interconnected systems by imposing some dissipativity-type compositionality conditions. We propose a systematic approach to decompose high-level ω -regular specifications into simpler tasks by utilizing the automata corresponding to the specifications. In addition, we formulate an alternating direction method of multipliers (ADMM) optimization problem in order to obtain suitable control sub-barrier certificates of subsystems while satisfying compositionality conditions. For systems with polynomial dynamics, we provide a sum-of-squares (SOS) optimization problem for the computation of control sub-barrier certificates and local controllers of subsystems. Finally, we demonstrate the effectiveness of our proposed approaches by applying them to a physical case study.

automation & control systems,mathematics, applied

Renyuan Zhang,Jiale Wu,Junhua Gou,Yabo Zhu,Kai Cai

2024-07-30

Abstract:Recently an automaton property of quantitative nonblockingness was proposed in supervisory control of untimed discrete-event systems (DES), which quantifies the standard nonblocking property by capturing the practical requirement that all tasks be completed within a bounded number of steps. However, in practice tasks may be further required to be completed in specific time. To meet this new requirement, in this paper we introduce the concept of bounded-time nonblockingness, which extends the concept of quantitative nonblockingness from untimed DES to timed DES. This property requires that each task must be completed within a bounded time counted by the number of ticks, rather than bounded number of transition steps in quantitative nonblockingness. Accordingly, we formulate a new bounded-time nonblocking supervisory control problem (BTNSCP) of timed DES, and characterize its solvability in terms of a new concept of bounded-time language completability. Then we present an approach to compute the maximally permissive solution to the new BTNSCP.

Systems and Control

Yifan Xie,Xiang Yin,Shaoyuan Li,Majid Zamani

DOI: https://doi.org/10.1109/cdc45484.2021.9683745

2021-01-01

Abstract:In this paper, we investigate the problem of synthesizing optimal control policies for stochastic control systems to achieve high-level temporal logic specifications under security constraints. Specifically, we consider a stochastic control system modeled by a finite labeled Markov Decision Process (MDP). We consider a passive intruder (an eavesdropper) that can observe the external output behavior of the system. We assume the system has a secret, modeled as visiting of some secret states, that does not want to be revealed to the intruder. The security constraint is that the intruder can never determine for sure that the system is/was at a secret state for any specific instant of time. The overall objective is to maximize the probability of achieving the temporal logic task while ensuring the information-flow security of the system. An effective algorithm is proposed to solve this problem. Specifically, we show that the security constraints can be handled as a safety requirement over the information-state-space and the optimal control problem can be solved by leveraging existing results from probabilistic model checking. The proposed approach is also illustrated by a case study for robot task planning.

Chris Chilton,Marta Kwiatkowska,Xu Wang

DOI: https://doi.org/10.48550/arXiv.1304.7590

2013-04-29

Abstract:In this paper we present an assume-guarantee specification theory (aka interface theory from [14]) for modular synthesis and verification of real-time systems with critical timing constraints. It is a further step of our earlier work [10] which achieved an elegant algebraic specification theory for real-time systems endowed with the capability to freeze time. In this paper we relinquish such (unrealisable) capability and target more realistic systems without the ability to stop time. Our theory, in a combined process-algebraic and reactive-synthesis style, provides the operations of parallel composition for system integration, logical conjunction/disjunction for viewpoint fusion and independent development, and quotient for incremental synthesis. We show that a substitutive refinement preorder, which is a coarsening of the pre-congruence in [10], constitutes the weakest pre-congruence preserving freedom of incompatibility errors. The coarsening requires a shift in the focus of our theory to a more game-theoretical treatment, where the coarsening constitutes a reactive synthesis game named normalisation and is efficiently implementable by a novel local bot-backpropagation algorithm. Previously, timed concurrent games have been studied in [1,14,13], where one of the key concern is the removal of time-blocking strategies by applying blame assignment [13]. Our timed games also have the issue of time-blocking strategies, which may arise through the composition of specifications. However, due to our distinctively different formulation of timed games, we have discovered another elegant solution to the problem without blame assignment. Our solution utilises a second reactive synthesis game called realisation, which is dual to normalisation and implementable by the dual local top-backpropagation algorithm.

Logic in Computer Science,Software Engineering

Benoît Barbot,Damien Busatto-Gaston,Catalin Dima,Youssouf Oualhadj

2024-04-29

Abstract:We consider the synthesis problem on timed automata with Büchi objectives, where delay choices made by a controller are subjected to small perturbations. Usually, the controller needs to avoid punctual guards, such as testing the equality of a clock to a constant. In this work, we generalize to a robustness setting that allows for punctual transitions in the automaton to be taken by controller with no perturbation. In order to characterize cycles that resist perturbations in our setting, we introduce a new structural requirement on the reachability relation along an accepting cycle of the automaton. This property is formulated on the region abstraction, and generalizes the existing characterization of winning cycles in the absence of punctual guards. We show that the problem remains within PSPACE despite the presence of punctual guards.

Computer Science and Game Theory

Ruochen Tai,Liyong Lin,Yuting Zhu,Rong Su

DOI: https://doi.org/10.48550/arXiv.2103.07132

2021-03-12

Abstract:In this paper, we investigate the covert sensor attack synthesis problem in the framework of supervisory control of networked discrete-event systems (DES), where the observation channel and the control channel are assumed to be non-FIFO and have bounded network delays. We focus on the class of sensor attacks satisfying the following properties: 1) the attacker might not have the same observation capability as the networked supervisor; 2) the attacker aims to remain covert, i.e., hide its presence against the networked monitor; 3) the attacker could insert, delete, or replace compromised observable events; 4) it performs bounded sensor attacks, i.e., the length of each string output of the sensor attacker is upper bounded by a given constant. The solution methodology proposed in this work is to solve the covert sensor attack synthesis problem for networked DES by modeling it as the well studied Ramadge-Wonham supervisor synthesis problem, and the constructions work for both the damage-reachable attacks and the damage-nonblocking attacks. In particular, we show the supremal covert sensor attack exists in the networked setup and can be effectively computed by using the normality property based synthesis approach.

Systems and Control

Léo Henry,Thierry Jéron,Nicolas Markey

DOI: https://doi.org/10.1007/s10703-022-00403-w

2023-01-10

Formal Methods in System Design

Abstract:Partial observability and controllability are two well-known issues in test-case synthesis for reactive systems. We address the problem of partial control in the synthesis of test cases from timed-automata specifications. We extend a previous approach to this problem from the untimed to the timed setting. This extension requires a deep reworking of the models, game interpretation and test-synthesis algorithms. We exhibit strategies of a game that try to minimize both cooperations of the system and distance to the satisfaction of a test purpose or to the next cooperation, and prove they are winning under some fairness assumptions. This entails that when turning those strategies into test cases, we get properties such as soundness and exhaustiveness of the test synthesis method. We finally propose a symbolic algorithm to compute those strategies.

computer science, theory & methods

Pushpak Jagtap,Sadegh Soudjani,Majid Zamani

DOI: https://doi.org/10.1109/TAC.2020.3013916

2020-08-05

Abstract:This paper focuses on synthesizing control policies for discrete-time stochastic control systems together with a lower bound on the probability that the systems satisfy the complex temporal properties. The desired properties of the system are expressed as linear temporal logic (LTL) specifications over finite traces. In particular, our approach decomposes the given specification into simpler reachability tasks based on its automata representation. We then propose the use of so-called \emph{control barrier certificate} to solve those simpler reachability tasks along with computing the corresponding controllers and probability bounds. Finally, we combine those controllers to obtain a hybrid control policy solving the considered problem. Under some assumptions, we also provide two systematic approaches for uncountable and finite input sets to search for control barrier certificates. We demonstrate the effectiveness of the proposed approach on a room temperature control and lane-keeping of a vehicle modeled as a four-dimensional single-track kinematic model. We compare our results with the discretization-based methods in the literature.

Systems and Control,Optimization and Control

Roderick Bloem,Peter Gjøl Jensen,Bettina Könighofer,Kim Guldstrand Larsen,Florian Lorber,Alexander Palmisano

DOI: https://doi.org/10.48550/arXiv.2006.16688

2020-06-30

Logic in Computer Science

Abstract:Erroneous behaviour in safety critical real-time systems may inflict serious consequences. In this paper, we show how to synthesize timed shields from timed safety properties given as timed automata. A timed shield enforces the safety of a running system while interfering with the system as little as possible. We present timed post-shields and timed pre-shields. A timed pre-shield is placed before the system and provides a set of safe outputs. This set restricts the choices of the system. A timed post-shield is implemented after the system. It monitors the system and corrects the system's output only if necessary. We further extend the timed post-shield construction to provide a guarantee on the recovery phase, i.e., the time between a specification violation and the point at which full control can be handed back to the system. In our experimental results, we use timed post-shields to ensure the safety in a reinforcement learning setting for controlling a platoon of cars, during the learning and execution phase, and study the effect.

Ziteng Yang,Xiang Yin,Shaoyuan Li

DOI: https://doi.org/10.1016/j.ifacol.2020.12.2318

2020-01-01

Abstract:In this paper, we investigate the supervisory control problem for timed discrete-event systems (TDES) under partial observation. In the timed setting, the system consists of both standard logical events and time event, where the former can be disabled directly by the supervisor if it is controllable while the latter can only be preempted by forcing the occurrences of forcible events. We consider a general control mechanism where the supervisor can choose which events to force dynamically online at each instant. The design objective is to synthesize a maximally-permissive supervisor to restrict the behavior of the system such that the closed-loop language is within a safe specification language. Effective procedure is presented to synthesize such a supervisor. To our knowledge, how to synthesize a maximally-permissive partial-observation supervisor has not been solved for timed DES. We provide a solution to this problem under a general control mechanism.

Aida Rashidinejad,Michel Reniers,Martin Fabian

DOI: https://doi.org/10.48550/arXiv.2102.09255

2021-02-18

Systems and Control

Abstract:Conventional supervisory control theory assumes full synchronization between the supervisor and the plant. This assumption is violated in a networked-based communication setting due to the presence of delays, and this may result in incorrect behavior of a supervisor obtained from conventional supervisory control theory. This paper presents a technique to synthesize a networked supervisor handling communication delays. For this purpose, first, a networked supervisory control framework is provided, where the supervisor interacts with the plant through control and observation channels, both of which introduce delays. The control channel is FIFO, but the observation channel is assumed to be non-FIFO so that the observation of events may not necessarily be received by the supervisor in the same order as they occurred in the plant. It is assumed that a global clock exists in the networked control system, and so the communication delays are represented in terms of time. Based on the proposed framework, a networked plant automaton is achieved, which models the behavior of the plant under the effects of communication delays and disordered observations. Based on the networked plant, the networked supervisor is synthesized, which is guaranteed to be (timed networked) controllable, nonblocking, time-lock free, (timed networked) maximally permissive, and satisfies control requirements for the plant.

Ben Wooding,Abolfazl Lavaei,Sadegh Soudjani

2023-07-07

Abstract:This work is concerned with an assume-guarantee approach to compositionally control a New England 39-bus Test System (NETS). The proposed scheme is based on the new notion of robust simulation functions with disturbance refinement alongside the composition of multiple subsystems to tackle the difficulties associated with scalability, also known as the curse of dimensionality. In our proposed setting, we approximate concrete subsystems with abstractions that have lower dimensions (a.k.a. reduced-order models) while providing mathematical guarantees on controller synthesis through the quantification of an upper bound on the closeness between output trajectories of original systems and their abstractions. We propose two control methods to provide guarantees for NETS: one using the principle of interconnected synchronous machines and another considering the power flows in the network between neighbouring subsystems.

Systems and Control

Shuaiyi Li,Shaoyuan Li,Xiang Yin

DOI: https://doi.org/10.1016/j.ifacol.2023.10.418

2023-01-01

IFAC-PapersOnLine

Abstract:In this paper, we investigate the formal synthesis of discrete controllers for linear temporal logic tasks under partial information. Existing works on this topic mainly focus on find sure winning or almost sure winning control strategies under some assumptions regarding the system's atomic propositions. In this work, we consider non-blockingness as the metric as the achievement of the task. Specifically, we require that at each instant, the controller maintains the possibility to achieve the LTL task under some environment's behavior. We first present an offline algorithm for the computation of the winning region over the belief state space. Then we present an online control algorithm that effective solves the control synthesis problem. The proposed control algorithm is also illustrated by a case study of robot task planning.

Tian-ge SI,Zhi-yong TAN,Duo LIU,Yi-qi DAI

DOI: https://doi.org/10.3321/j.issn:0372-2112.2008.11.022

2008-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:A noninterference model based on actions for nondeterministic systems was developed to enforce information confidentiality. With redefined noninterference relationship on system actions, information flows depend on actions of both initiators and observers, and can be stopped by allowing actions of initiators and denying the following ones of observers. To show usability of new noninterference relationship and model, an example multilevel security system was designed and a new method was provided to excluding covert channels.

Jiqiang WANG,Zhongzhi HU,Hong YUE,Georgi DIMIROVSKI

2017-01-01

Abstract:Any realistic system is restricted in one form or another.One of the restrictions is the lack of sensors and actuators.This paper addresses the problem of restricted control of nonlinear systems with a finite time approach.Important results are obtained on the design of controllers for stabilizing nonlinear systems in a finite time.Practical issues on control implementation are also discussed.The proposed design method is validated through its application to a Lorenz chaotic system.

Sofie Andersson,Alexandros Nikou,Dimos V. Dimarogonas

DOI: https://doi.org/10.48550/arXiv.1703.02780

2017-03-08

Abstract:This paper presents a framework for automatic synthesis of a control sequence for multi-agent systems governed by continuous linear dynamics under timed constraints. First, the motion of the agents in the workspace is abstracted into individual Transition Systems (TS). Second, each agent is assigned with an individual formula given in Metric Interval Temporal Logic (MITL) and in parallel, the team of agents is assigned with a collaborative team formula. The proposed method is based on a correct-by-construction control synthesis method, and hence guarantees that the resulting closed-loop system will satisfy the specifications. The specifications considers boolean-valued properties under real-time. Extended simulations has been performed in order to demonstrate the efficiency of the proposed controllers.

Systems and Control