Discrete Event Systems Research Articles

Sensor deception attacks against security in supervisory control systems

This paper investigates the problem of synthesizing sensor deception attacks against security in the context of supervisory control of discrete-event systems (DES). We consider a DES plant controlled by a supervisor, whose security requirement is to maintain the initial-secret of the system undetected, i.e., it does not want to reveal the fact that it was initiated from a secret state. On the other hand, there exists an active attacker that can tamper with the observations received by the supervisor by, e.g., hacking into the communication channel between the sensors and the supervisor. The objective of the attacker is to deceive the supervisor such that the initial-secret is revealed due to incorrect control actions. We investigate the problem from the attacker’s point of view and focus on synthesizing attack strategies that threaten the security of the system. We consider two levels of success of the attacker: one requires that the attacker can detect the initial-secret of the system “almost surely” and the other only requires that the attacker has the possibility to detect the initial-secret of the system. For both cases, we present algorithms for synthesizing successful attack strategies. Our approach is based on the All Attack Structure (AAS) which records state estimates for both the supervisor and the attacker. Structural properties of the security requirements are also leveraged to reduce the synthesis complexity. A running academic example is provided to illustrate the proposed synthesis procedures.

Supervisory Controller Design to Enforce Boundedness, Reversibility and Liveness in Systems Modeled by Timed Petri Nets

Supervisory controller design to enforce boundedness, reversibility, and liveness in discrete-event systems modeled by timed Petri nets where both transitions and places are timed is considered. A controller design approach which uses the approach of stretching is proposed. The approach produces a supervisory controller which guarantees boundedness and reversibility simultaneously. The designed controller also guarantees T -liveness for the largest possible subset T of the set of transitions. Therefore, boundedness, reversibility, and liveness are enforced simultaneously whenever possible. Furthermore, the designed controller is maximally permissive in the sense that no transitions are disabled unnecessarily and the reachability set of the controlled system is the largest possible set in which boundedness and reversibility can be enforced simultaneously. Controller design for an automated manufacturing system example is also presented to demonstrate the proposed approach.

Decoupling visualisation for better DEVS-based simulation applications

ABSTRACT Simulation visualisation is an effective way of understanding and communicating complex systems and processes. Among other advantages, it increases model transparency and intelligibility for all categories of users including non-experts, and it can be used by modellers as a tool to debug models in development. However, simulation visualisation is often tightly coupled to specific simulators, and, therefore, there is no way to reuse visualisation tools efficiently. Here, we present a specification that can be used to decouple visualisation engines from simulators. The specification also considers storage optimisation to support web-based simulation applications. We also present an implementation that supports the web-based representation and animation of outputs issued from simulators based on the discrete event system specification (DEVS) and Petri Nets.

A protocol for Decentralized Synchronous Diagnosis with Coordination

Recently, a new architecture for decentralized diagnosis of Discrete Event Systems, called Decentralized Synchronous Diagnosis, has been proposed in the literature. In this scheme, local diagnosers are computed based on the fault-free behavior of the system components, which, in comparison with the classical diagnosis approach, reduces the size of local diagnosers for implementation. Although this method has been successfully implemented, its main drawback is the emergence of an exceeding fault-free language of the system for diagnosis, which reduces the diagnosis efficiency. To circumvent this problem, in this paper, a protocol for Decentralized Synchronous Diagnosis with Coordination (DSDC), which refines the diagnosis status using cluster automata of the local component models, is proposed. The protocol is based on the implementation of local state estimators of the fault-free component models of the system which communicate cluster automata to a coordinator. The indication of the fault occurrence is carried out by the coordinator according to the observed behavior of the system. To do so, communication rules between local state estimators and the coordinator are proposed. The protocol prevents the emergence of an exceeding fault-free language for diagnosis, which guarantees the same diagnosis performance as the traditional monolithic approach. In addition, the implementation of the DSDC in a didactic manufacturing system is presented to illustrate the results.

MASALAH NILAI EIGEN ATAS ALJABAR MAX-PLUS PADA SISTEM PRODUKSI BULU MATA

A discrete event system is a system whose behavior is determined by events and their events change at discrete times. The eyelash production system at PT Bio Takara Purwokerto is a discrete event system problem and can be expresses in a max-plus linear problem. By using the power algorithm, it is determined eigen values ​​and eigen vectors over max-plus algebra which will be used as production time periodization. The results obtained that the periodic time for the eyelash production system at PT Bio Takara Purwokerto is 78.488 minutes. Based on this periodic time, we can then obtain the time each processing unit starts working to produce eyelashes.

An Information Security Engineering Framework for Modeling Packet Filtering Firewall Using Neutrosophic Petri Nets

Due to the Internet’s explosive growth, network security is now a major concern; as a result, tracking network traffic is essential for a variety of uses, including improving system efficiency, fixing bugs in the network, and keeping sensitive data secure. Firewalls are a crucial component of enterprise-wide security architectures because they protect individual networks from intrusion. The efficiency of a firewall can be negatively impacted by issues with its design, configuration, monitoring, and administration. Recent firewall security methods do not have the rigor to manage the vagueness that comes with filtering packets from the exterior. Knowledge representation and reasoning are two areas where fuzzy Petri nets (FPNs) receive extensive usage as a modeling tool. Despite their widespread success, FPNs’ limitations in the security engineering field stem from the fact that it is difficult to represent different kinds of uncertainty. This article details the construction of a novel packet-filtering firewall model that addresses the limitations of current FPN-based filtering methods. The primary contribution is to employ Simplified Neutrosophic Petri nets (SNPNs) as a tool for modeling discrete event systems in the area of firewall packet filtering that are characterized by imprecise knowledge. Because of SNPNs’ symbolic ability, the packet filtration model can be quickly and easily established, examined, enhanced, and maintained. Based on the idea that the ambiguity of a packet’s movement can be described by if–then fuzzy production rules realized by the truth-membership function, the indeterminacy-membership function, and the falsity-membership functional, we adopt the neutrosophic logic for modelling PN transition objects. In addition, we simulate the dynamic behavior of the tracking system in light of the ambiguity inherent in packet filtering by presenting a two-level filtering method to improve the ranking of the filtering rules list. Results from experiments on a local area network back up the efficacy of the proposed method and illustrate how it can increase the firewall’s susceptibility to threats posed by network traffic.

Bi-Objective Modeling and Optimization for Stochastic Two-Stage Open Shop Scheduling Problems in the Sharing Economy

Nowadays, many manufacturing and service industries prefer to share resources such as facilities and workers to cooperatively perform tasks, which can efficiently improve resource utilization and customer satisfaction. Generally, the decision-makers need to pay more for resource usage, leading to an urgent demand to decrease operational costs. This article proposes a stochastic bi-objective two-stage open shop scheduling problem that models a vehicle maintenance process where tasks are appointed to be completed by multiple third-party companies with professional equipment. We formulate this optimization problem by minimizing the total tardiness and processing cost subject to various resource constraints. A hybrid multiobjective migrating birds optimization combined with a genetic operation and a discrete event system is designed by considering problem characteristics to solve the problem. In this method, the migrating birds optimization with some particular strategies aims at searching candidate solutions from the entire solution domain. Simultaneously, the discrete event system, by using stochastic simulation and discrete event-based simulation approaches, focuses on evaluating the performance of searched solutions. Simulation experiments are performed, and state-of-the-art algorithms are used as competitive approaches. The results confirm that this approach has an excellent performance in handling our considered problem.

Smart Platform for Monitoring and Control of Discrete Event System in Industry 4.0 Concept

We are now living in a time when the fourth industrial revolution is bringing new technologies with intensive digitalization of all levels of production. This paper presents a complex solution for the monitoring, diagnosis, and control of the production process, in our case, discrete event systems. The proposed solution—a mechatronic platform—further develops and extends our recent results where the overall concept was outlined and some partial tasks were studied. The present paper provides the complete structure of the proposed platform together with implementation details for all functionalities. The developed platform uses the latest technologies, such as OPC UA; industrial communication and visualization protocols and tools; and augmented reality, which enables comfortable interaction with real processes. The laboratory-scaled case study shows the qualities of the proposed solution.

Intention-prioritized fuzzy fusion control for BCI-based autonomous vehicles

A brain-controlled vehicle (BCV) is a vehicle that uses the Brain–Computer interface (BCI) to analyze the driver’s electroencephalogram (EEG) to obtain human control commands, which can help disabled people extend movement range and improve their self-independence. However, the performance of BCV is poor and the accuracy of BCI recognition varies considerably with different subjects, which severely restrict its promotion and application. To develop a better solution, with the concept of shared control, an intention preferenced fusion brain control strategy based on fuzzy logic is proposed. Firstly, based on Fuzzy Discrete Event System Supervision (FDES) theory, instructions of the driver are supervised and evaluated. At the same time, based on fuzzy logic an automatic controller which gives an automatic decision according to the cur-rent state of the vehicle is designed. Then according to the automatic decision and the correctness of the driver’s instructions, a fuzzy reasoning is made, making the final decision more in line with human intentions. In order to verify the effectiveness of the proposed method, based on our previously-designed SSMVEP platform, we conduct virtual experiments, semi-object tests and full physical tests separately for verification. Compared with others shared control schemes, it not only achieves continuous control, but the final control-making is more in line with human intentions, which can encourage users to become more involved, enhancing their self-esteem and brain functions.

Polynomial-Time Verification of Decentralized Fault Pattern Diagnosability for Discrete-Event Systems

This paper considers the verification of decentralized fault pattern diagnosability for discrete event systems, where the pattern is modeled as a finite automaton whose accepted language is the objective to be diagnosed. We introduce a notion of codiagnosability to formalize the decentralized fault pattern diagnosability, which requires the pattern to be detected by one of the external local observers within a bounded delay. To this end, a structure, namely a verifier, is proposed to verify the codiagnosability of the system and the fault pattern. By studying an indeterminate cycle of the verifier, sufficient and necessary conditions are provided to test the codiagnosability. It is shown that the proposed method requires polynomial time at most. In addition, we present an approach to extend the proposed verifier structure so that it can be applied to centralized cases.

Sequence-Oriented Diagnosis of Discrete-Event Systems

Model-based diagnosis has always been conceived as set-oriented, meaning that a candidate is a set of faults, or faulty components, that explains a collection of observations. This perspective applies equally to both static and dynamical systems. Diagnosis of discrete-event systems (DESs) is no exception: a candidate is traditionally a set of faults, or faulty events, occurring in a trajectory of the DES that conforms with a given sequence of observations. As such, a candidate does not embed any temporal relationship among faults, nor does it account for multiple occurrences of the same fault. To improve diagnostic explanation and support decision making, a sequence-oriented perspective to diagnosis of DESs is presented, where a candidate is a sequence of faults occurring in a trajectory of the DES, called a fault sequence. Since a fault sequence is possibly unbounded, as the same fault may occur an unlimited number of times in the trajectory, the set of (output) candidates may be unbounded also, which contrasts with set-oriented diagnosis, where the set of candidates is bounded by the powerset of the domain of faults. Still, a possibly unbounded set of fault sequences is shown to be a regular language, which can be defined by a regular expression over the domain of faults, a property that makes sequence-oriented diagnosis feasible in practice. The task of monitoring-based diagnosis is considered, where a new candidate set is generated at the occurrence of each observation. The approach is based on three different techniques: .1/ blind diagnosis, with no compiled knowledge, .2/ greedy diagnosis, with total knowledge compilation, and .3/ lazy diagnosis, with partial knowledge compilation. By knowledge we mean a data structure slightly similar to a classical DES diagnoser, which can be generated (compiled) either entirely offline (greedy diagnosis) or incrementally online (lazy diagnosis). Experimental evidence suggests that, among these techniques, only lazy diagnosis may be viable in non-trivial application domains.

Language-Based Opacity Verification in Partially Observed Petri Nets through Linear Constraints

Information security is an important area of concern in modern computer-integrated systems. It involves implementing preventative measures to protect confidential data from potential vulnerabilities, such as unauthorized access, secret disclosure, modification, or destruction. Considering such threats, we investigate a particular confidentiality property called opacity, which specifies a system’s ability to cover its ‘secret’ data from being interfered with by outside observers, termed as intruders. This paper discusses language-based opacity formulation and verification in the context of discrete event systems represented by partially observed Petri nets. In this context, we identify two opacity properties, called consistency and non-secrecy; then, we exploit the mathematical characterization of a net system, to separately check each property, by specifying two feasibility problems. The proposed method is carried out for two distinct settings of a system. The first setting is centralized, where an intruder is granted complete information about the system structure but a partial observation of its behavior. The second setting is decentralized, where a group of intruders cooperates to reveal the secret language, by using a coordinator. Finally, experimental findings are given, to demonstrate the proficiency of the proposed approach.

Detectability in Discrete Event Systems Using Unbounded Petri Nets

This paper investigated the verification of detectability for discrete event systems based on a class of partially observed unbounded Petri nets. In an unbounded net system, all transitions and partial places are assumed to be unobservable. The system administrator can only observe a few observable places, i.e., the number of tokens at these places can be observed, allowing for the estimation of current and subsequent states. The concepts of quasi-observable transitions, truly unobservable transitions, and partial markings are used to construct a basis coverability graph. According to this graph, four sufficient and necessary conditions of detectability are proposed. Correspondingly, a specific example is proposed to prove that the detectability can be verified in the unbounded net system. Furthermore, based on the conclusion of detectability, the system’s ability to detect critical states was explored by using the basis coverability graph, called C-detectability. Two real-world examples are proposed to show that the detectability of discrete event systems has not only pioneered new research methods, but also demonstrated that the real conditions faced by this method are more general, and it has overcome the limitations of relying only on the ideal conditions of bounded systems for verification.

Adjacent initial states-based differential privacy for probabilistic labeled Petri nets

Privacy protection has received widespread attention from the community of discrete event systems to protect the sensitive information of users or organizations from being leaked. The existing privacy protection methods cannot protect the state information of probabilistic discrete event systems via repeated observations, which represents the information pertaining to system resource configurations. This work introduces differential privacy into the framework of probabilistic labeled Petri nets to solve the problems pertaining to the initial state protection. For two initial states that are adjacent under a specified measure, a state differential privacy verification method is proposed by determining whether the probability distributions of observations generated from adjacent initial states are similar. An external attacker is unlikely to infer the initial state via repeated observations if the system satisfies state differential privacy for certain adjacent initial states. For a probabilistic labeled Petri net, which does not satisfy state differential privacy, a supervisory control method is proposed for enforcement. A maximally permissive controller can be constructed based on the control specification proposed in this paper. Experimental studies show that the method proposed in the paper can effectively protect the privacy of given adjacent initial states.

A symbolic approach to the verification and enforcement of current‐state opacity using labelled Petri nets

AbstractThis work proposes a symbolic method to verify and enforce the current‐state opacity of labelled Petri nets (LPNs). The notion of basis markings of partially observed Petri nets currently dominates the development of opacity verification and enforcement for discrete event systems. However, the related computational efficiency, to a great extent, depends on the number of basis markings in a system, which increases exponentially with respect to the size of its corresponding LPN model. Binary decision diagrams (BDDs) are capable of computing a set of basis markings in a compact shared structure. To mitigate the computational overheads, a BDD‐based method to efficiently model the structure and behaviour of an LPN is proposed. Then, the current‐state opacity of LPNs is verified and enforced in a symbolic manner. Finally, a number of examples are provided to demonstrate the effectiveness and efficiency of the proposed method.

On Detectability of a Class of Hybrid Systems

In this paper we model a hybrid system by using a hybrid machine consisting of an automaton and a set of continuous-variable subsystems. We investigate the problem of determining the (current) discrete state of the hybrid system. Extending the terminologies in discrete event systems, a hybrid system is detectable if its discrete state can be uniquely determined. We derive conditions for a hybrid system to be detectable. If a hybrid system is detectable, we determine its current discrete state using a two-level approach. At the discrete-event level, we construct a discrete-event observer to obtain a discrete state estimate that consists of all possible discrete states that the hybrid system may be in. At the continuous-variable level, a set of continuous-variable observers are constructed, if necessary, to uniquely determine the discrete state. An example of a DC microgrid is used to illustrate the theoretical results.

A New Approach for Verification of Delay Co-observability of Discrete-Event Systems

In decentralized networked supervisory control of discrete-event systems (DESs), the local supervisors observe event occurrences subject to observation delays to make correct control decisions. Delay coobservability describes whether these local supervisors can make sufficient observations. In this paper, we provide an efficient way to verify delay coobservability. For each controllable event, we partition the specification language into a finite number of sets such that strings in different sets have different lengths. For each of the sets, we construct a verifier to check if delay coobservability holds for the controllable event. The computational complexity of the proposed approach is polynomial with respect to the number of states, the number of events, and the upper bounds on observation delays and only exponential with respect to the number of local supervisors. It has lower complexity order than the existing approaches. In addition, we investigate the relationship between the decentralized supervisory control of networked DESs and the decentralized fault diagnosis of networked DESs and show that delay <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$K$</tex-math></inline-formula> -codiagnosability is transformable to delay coobservability. Thus, techniques for the verification of delay coobservability can be leveraged to verify delay <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$K$</tex-math></inline-formula> -codiagnosability.

Supervisory Control of Fuzzy Discrete Event Systems Under Partial Observation

Supervisory control of fuzzy discrete event systems under partial observation is investigated in the paper. Without loss of generality, we consider fuzzy discrete event systems with constraints where a fuzzy discrete event system is modeled by a fuzzy automaton. Sequences of events that can be generated by the system are regarded as constraints and are modeled by a crisp automaton. A supervisor is designed to control the fuzzy discrete event system so that the supervised system is prevented from entering a pre-specified set of illegal/unsafe fuzzy states. A necessary and sufficient condition for the existence of a supervisor is obtained. When the condition is satisfied, an online supervisor can be designed. Fuzzy state estimation problem is first solved, as the supervisor is fuzzy-state-estimate-based. A method is developed to estimate fuzzy state iteratively after observation of each new event. We show that the supervisor so developed ensures the safety of the system and is least restrictive among all possible safe supervisors. Potential of the theoretical results for real-world applications is illustrated through an example of HIV/AIDS treatment decision-making.

Supervised Learning of Multievent Transition Matrices in Fuzzy Discrete-Event Systems.

In this article, supervised learning of fuzzy discrete-event systems (FDES) is investigated. A learning algorithm that performs supervised learning for multievent transition matrices of a sequence of fuzzy discrete events is derived. FDES can be used to describe a large class of practical systems that consist of fuzzy discrete states, fuzzy discrete events, and transitions among fuzzy discrete states via fuzzy discrete events. Because fuzzy discrete states, fuzzy discrete events, and fuzzy transitions are well defined in FDES, the FDES model is highly explainable, which is important in many applications, especially in biomedical applications. Based on this explainable model, the proposed learning algorithm can be used to learn events and event sequences in the model. Hence, it allows system developers to build an explainable model for a complex system based on the data available. Simulations using MATLAB are conducted to verify the effectiveness of the proposed algorithm.

Modeling and analysis of switching max-plus linear systems with discrete-event feedback

AbstractSwitching max-plus linear system (SMPLS) models are an apt formalism for performance analysis of discrete-event systems. SMPLS analysis is more scalable than analysis through other formalisms such as timed automata, because SMPLS abstract pieces of determinate concurrent system behavior into atomic modes with fixed timing. We consider discrete-event systems that are decomposed into a plant and a Supervisory Controller (SC) that controls the plant. The SC needs to react to events, concerning e.g. the successful completion or failure of an action, to determine the future behavior of the system, for example, to initiate a retrial of the action. To specify and analyze such system behavior and the impact of feedback on timing properties, we introduce an extension to SMPLS with discrete-event feedback. In this extension, we model the plant behavior with system modes and capture the timing of discrete-event feedback emission from plant to SC in the mode matrices. Furthermore, we use I/O automata to capture how the SC responds to discrete-event feedback with corresponding mode sequences of the SMPLS. We define the semantics of SMPLS with events using new state-space equations that are akin to classical SMPLS with dynamic state-vector sizes. To analyze the extended models, we formulate a transformation from SMPLS with events to classical SMPLS with equivalent semantics and properties such that performance properties can be analyzed using existing techniques. Our approach enables the specification of discrete-event feedback from the plant to the SC and its performance analysis. We demonstrate our approach by specifying and analyzing the makespan of a flexible manufacturing system.