This paper addresses the formal verification of diagnosis systems. We tackle the problem of diagnosability: given a partially observable dynamic system, and a diagnosis system observing its evolution over time, we discuss how to verify (at design time) if the diagnosis system will be able to infer (at runtime) the required information on the hidden part of the dynamic state. We tackle the problem by looking for pairs of scenarios that are observationally indistinguishable, but lead to situations that are required to be distinguished. We reduce the problem to a model checking problem. The finite state machine modeling the dynamic system is replicated to construct such pairs of scenarios; the diagnosability conditions are formally expressed in temporal logic; the check for diagnosability is carried out by solving a model checking problem. We focus on the practical applicability of the method. We show how the formalism is adequate to represent diagnosability problems arising from a significant, real-world application. Symbolic model checking techniques are used to formally verify and incrementally refine the diagnosability conditions. 1

Failure diagnosis problem of discrete event systems with linear-time temporal logic specications is studied in this paper. Diagnosability of discrete event systems in the temporal logic setting is dened. The problem of testing diagnosability is reduced to the problem of model checking. An algorithm for the test of diagnosability and the synthesis of a diagnoser is obtained. Finally, a simple example is given for illustration. The contributions of the paper are summarized as follows: (i) For the rst time an algorithm, of complexity polynomial in the number of states of the system and the number of specications, for the diagnoser synthesis is derived in the temporal logic setting; (ii) Usage of temporal logic makes the specication specifying process easier and userfriendly since natural language specications can be easily translated to temporal logic specications (when compared to formal language/automata-based specications), yet there are computational savings in the design of diagnoser (compared to that of formal language/automata-based specications); (iii) LTL-based failure diagnosis method can capture the failures representing violation of liveness properties which can not be captured by prior formal language/automaton-based failure diagnosis methods, which can only capture failures representing violation of safety properties (such as occurrence of a faulty event, or reaching a faulty state, etc.); (iv) By reducing the problem of testing diagnosability to that of model checking (and using the model checking to test the diagnosability) , a polynomial algorithm for testing diagnosability is obtained naturally; whence by using symbolic model checking we may test the diagnosability of large systems more eciently; (v) We relaxed the requirement...

In this paper we study the diagnosis of distributed asynchronous systems with concurrency. Diagnosis is performed by a peer-to-peer distributed architecture of supervisors. Our approach relies on Petri net unfoldings and event structures, as means to manipulate trajectories of systems with concurrency. This article is an extended version of the paper with same title, which appeared as a plenary address in the Proceedings of CONCUR’2003.

This paper deals with diagnosing dynamical systems represented by a discrete-event model and more precisely represented in an automata formalism. It shows how model-checking techniques which have been designed for efficiently testing complex real-time systems can be exploited for diagnostic task. This work originates from an application in the monitoring of agricultural plots which has been implemented by using these model-checking techniques.

. In this paper we propose the use of process algebras as powerful frameworks for model-based diagnosis. In fact, they provide machinery and tools for building component-oriented models, for characterizing and computing diagnoses, and for analyzing properties such as the diagnosability of the system under investigation. 1 Introduction The definition of frameworks for characterizing diagnosis attracted a lot of attention in the model-based reasoning community (see e.g., chapt. 2 of [7] or [2, 5]). These frameworks have been used to provide a semantics for diagnostic problem solving and to analyze its properties (e.g., its computational complexity). Moreover, they have been used to analyze properties of the system to be diagnosed, e.g., studying the suitability of different types of models [21] or sensor placement for diagnosability [20] or, more generally, diagnosability [18]. Although logic is the formalism most frequently used in AI frameworks for diagnosis [15, 14, 4], the comparis...

In this paper, we are interested in the diagnosis of discrete event systems modeled by finite transition systems. We propose a model of supervision patterns general enough to capture past occurrences of particular trajectories of the system. Modeling the diagnosis objective by a supervision pattern allows us to generalize the properties to be diagnosed and to render them independent of the description of the system. We first formally define the diagnosis problem in this context. We then derive techniques for the construction of a diagnoser and for the verification of the diagnosticability based on standard operations on transition systems. We show that these techniques are general enough to express and solve in a unified way a broad class of diagnosis problems found in the literature, e.g. diagnosing permanent faults, multiple faults, fault sequences and some problems of intermittent faults.

We introduce the notion of repeated failure diagnosability for diagnosing the occurrence of a repeated number of failures in discrete event systems. This generalizes the earlier notion of diagnosability that was used to diagnose the occurrence of a failure, but from which the information regarding the multiplicity of the occurrence of the failure could not be obtained. It is possible that in some systems the same type of failure repeats a multiple number of times. It is desirable to have a diagnoser which not only diagnoses that such a failure has occurred but also determines the number of times the failure has occurred. To aide such analysis we introduce the notions of K-diagnosability (K failures diagnosability), [1,K]-diagnosability (1 through K failures diagnosability), and [1,1]-diagnosability (1 through 1 failures diagnosability). Here the first (resp., last) notion is the weakest (resp., strongest) of all three, and the earlier notion of diagnosability is the same as that of K-diagnosability or that of [1,K]-diagnosability with K = 1. We give polynomial algorithms for checking these various notions of repeated failure diagnosability, and also present a procedure of polynomial complexity for the on-line diagnosis of repeated failures.

Modern machining and assembly facilities require a great deal of operational exibility owing to the rapidly changing manufacturing environments they exist in. Currently the task of controller design for such systems is often error prone, as intuitive methods rather than formal techniques are used to design controllers and to verify the design itself. The theory of supervisory control meets this ever increasing need for designing the controllers formally, guaranteeing that the behavior of the controlled system meets the desired control specications, while providing the maximality of the permissible controlled behavior itself. In order to demonstrate the usefulness of the supervisory control theory (SCT) in manufacturing systems an educational test-bed that simulates an automated car assembly line has been built using LEGO blocks. Finite automata are used for modeling the operations of the assembly line, and for the specications that accomplish the task of successfully comp...

In this paper we propose the use of process algebras as powerful frameworks for model-based diagnosis. In fact, they provide machinery and tools for building component-oriented models, for characterizing and computing diagnoses, and for analyzing properties such as the diagnosability of the system under investigation. Introduction The definition of frameworks for characterizing diagnosis attracted a lot of attention in the model-based reasoning community (see e.g., chapt. 2 of (Hamscher, Console, & de Kleer 1992) or (Brusoni et al. 1998; Bylander et al. 1991; de Kleer, Mackworth, & Reiter 1992; Lucas 1998)). These frameworks have been used to provide a semantics for diagnostic problem solving and to analyze its properties, e.g., its computational complexity. Moreover, they have been used to analyze properties of the system to be diagnosed, e.g., studying the suitability of different types of model (Struss 1992) or sensor placement for diagnosability (Scarl 1994) or, more general...

This paper studies on-line fault detection and isolation of modular dynamic systems modeled as sets of place-bordered Petri nets. The common places among the set of Petri nets modeling a system capture coupling of various system components. The transitions are labeled by events, some of which are unobservable, i.e., not directly recorded by the sensors attached to the system. The events whose occurrence must be diagnosed have unobservable transition labels. These events model faults or other significant changes in the system state. The existing theory of diagnosis of discrete-event systems is extended in the context of the above model. The modular structure of the system is exploited by a distributed algorithm for fault diagnosis. A Petri net diagnoser is associated to every Petri net and the diagnosers communicate in real-time during