Lecture Notes in Control and Information Sciences Editors: M. Thoma · M. Morari
282
Springer Berlin Heidelberg NewYo...
10 downloads
523 Views
11MB Size
Report
This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!
Report copyright / DMCA form
Lecture Notes in Control and Information Sciences Editors: M. Thoma · M. Morari
282
Springer Berlin Heidelberg NewYork Hong Kong London Milan Paris Tokyo
Jochen Schr¨oder
Modelling, State Observation and Diagnosis of Quantised Systems With 125 Figures
13
Series Advisory Board A. Bensoussan · P. Fleming · M.J. Grimble · P. Kokotovic · A.B. Kurzhanski · H. Kwakernaak · J.N. Tsitsiklis
Author Jochen Schr¨oder BMW Group 80788 M¨unchen Germany
Cataloging-in-Publication Data applied for Die Deutsche Bibliothek – CIP-Einheitsaufnahme Modelling, state observation and diagnosis of quantised systems / Jochen Schr¨oder. - Berlin ; Heidelberg ; New York ; Hong Kong ; London ; Milan ; Paris ; Tokyo : Springer, 2003 (Lecture notes in control and information sciences ; 282) (Engineering online library) ISBN 3-540-44075-5
ISBN 3-540-44075-5
Springer-Verlag Berlin Heidelberg New York
This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilm or in other ways, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer-Verlag. Violations are liable for prosecution act under German Copyright Law. Springer-Verlag Berlin Heidelberg New York a member of BertelsmannSpringer Science + Business Media GmbH http://www.springer.de © Springer-Verlag Berlin Heidelberg 2003 Printed in Germany The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. Typesetting: Digital data supplied by author. Data-conversion by PTP-Berlin, Stefan Sossna e.K. Cover-Design: design & production GmbH, Heidelberg Printed on acid-free paper SPIN 10889927 62/3020Rw - 5 4 3 2 1 0
Preface
Ongoing advances in science and engineering enable mankind to design and operate increasingly sophisticated systems. Both their design and operation require the understanding of the system and its interaction with the environment. This necessitates the formalisation of the knowledge about the system by models. A major issue is what kind of model is best suited for a given task. This book is about the supervision of continuous dynamical systems. Such systems are typically described by differential equations. However, this does not automatically mean that differential equations are proper models for solving supervision tasks. Instead, this book and recent approaches in literature show that supervision tasks do in general not require the use of such precise models as differential equations. This is of interest because uncertainties, typically occurring in supervision, make the use of precise models very difficult. Alternative approaches therefore use less precise models such as discrete– event descriptions to solve supervision tasks on a higher level of abstraction. Discrete–event descriptions in form of automata are one of the key elements of this book. To reach this higher level of abstraction, uncertainties by quantisation are introduced on purpose, taking into account a loss of precision. This is one of the main difference to other approaches. When using numerical models like transfer functions or differential equations, uncertainties make the analysis more difficult. Not so here, where the system is described on a qualitative level on which uncertainties are naturally incorporated. The book presents a new way to describe systems for supervision. Preparing this book I learned that the key to solve supervision problems is simplicity. The main difficulty is to find the right compromise between including and neglecting details. The experience shows that neglecting dynamics and causality by restricting models to a set of rules and purely qualitative assessments of the system is often one step too far because the dynamical properties of a system have to represented in sufficient detail. On the other hand numerical models are usually far to complicated if uncertainties are taken into account. The book suggests a compromise: the quantised systems approach. Quantisation of signals leads the way towards simplicity, from continuous– variable to discrete signals and systems. Accordingly, the theory on quantised
VI
Preface
system has to combine continuous and discrete systems theories. Thus, the book serves also as a bridge between these two theories taking a step towards closing the gap between them. Furthermore, as the quantised system is a special class of hybrid systems, the book is an interesting element also for this line of current research. Besides a profund study on quantised systems and a collection of new results in this field, the book includes many new results in automata theory, a field of discrete–event systems theory. The complete solutions to the state observation and fault diagnostic problems for stochastic automata and automata networks are firstly presented here in form of a monograph. The results are accompanied by new studies on the observability and diagnosability of such systems. However, the book is not only dedicated to a modern theory but due to my engineering background also has a focus on practical applications. The application of the methods to a chemical plant is described in detail. Further applications are outlined at the end of the book. Many examples throughout the text illustrate the theoretical concepts. A two–tank system is used as running example more than 20 times to help the reader understanding the results and to give an idea of what the theory is for. I wrote the present book in 2001 at the Technical University Hamburg– Harburg. It contains results of almost five years research on quantised systems kindly supported by the Deutsche Forschungsgemeinschaft. My deepest thanks go to my mentor Prof. Dr.–Ing. Jan Lunze. Without his guidance and support this book would definitely not exist. His exceptionally straight way of thinking inspired me in many discussions that we had at the Institute of Control Engineering. My thanks also go to Prof. Dr.–Ing. habil. Wolfgang Schwarz and Prof. Luca Console for their comments on the manuscript. Furthermore, I want to thank my colleagues and the staff of the institute. Among them, my special thanks go to Dr.–Ing. Gerwald Lichtenberg, Dr.–Ing. Bernhard Nixdorf and Dr.–Ing. Frank Schiller. I recall with great delight all the interesting, and sometimes controversial, discussions we had on diagnosis, qualitative modelling and the question whether periodical or event–based sampling is preferable. I also want to thank my students, in particular Dipl.– Ing. Lars Karweck and M. Sc. Ahmet Kayihan Kiryaman for their help. My special thanks go to M. Sc. Petek Eginlioglu for making the QuaMo–Toolbox to an efficient and reliable tool for my work. Finally I want to thank my family and in particular my wife for their unending support. Munich, June 2002
Jochen Schr¨ oder
Contents
1.
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 Motivation and Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Problem Statement and Way of Solution . . . . . . . . . . . . . . . . . . 6 1.3 Structure of the Book and Guidelines for Reading . . . . . . . . . . 8 1.4 Running Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.
Basics of Stochastic Automata Theory . . . . . . . . . . . . . . . . . . . . 2.1 Stochastic Automata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.2 Stochastic Processes and Markov Chains . . . . . . . . . . . . . . . . . . 2.3 Behaviour of Stochastic Automata . . . . . . . . . . . . . . . . . . . . . . . . 2.4 Stochastic Automata for Fault Diagnosis . . . . . . . . . . . . . . . . . . 2.5 Properties of Stochastic Automata . . . . . . . . . . . . . . . . . . . . . . . . 2.5.1 Classification of Stochastic Automata . . . . . . . . . . . . . . . 2.5.2 Classification of Automaton States* . . . . . . . . . . . . . . . . 2.5.3 Stationary Behaviour of Stochastic Automata* . . . . . . . 2.6 Stochastic Operators** . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.7 Bibliographical Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
13 13 16 19 23 24 24 26 27 33 34
3.
Modelling of Quantised Systems by Stochastic Automata . 3.1 Summary of the Modelling Approach . . . . . . . . . . . . . . . . . . . . . 3.1.1 Quantised Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1.2 Nondeterminism of the Quantised System Behaviour . . 3.1.3 Modelling Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1.4 Abstraction of Quantised Systems to Stochastic Automata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1.5 Complexity of Qualitative Models . . . . . . . . . . . . . . . . . . 3.2 An Extended Introduction to Quantised Systems . . . . . . . . . . . 3.2.1 Definition of Quantised Systems . . . . . . . . . . . . . . . . . . . . 3.2.2 Interpretation of Quantised Systems as Stochastic Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.2.3 Representation Problems . . . . . . . . . . . . . . . . . . . . . . . . . . 3.2.4 Quantised Systems for Fault Diagnosis . . . . . . . . . . . . . .
37 37 37 40 41 42 45 46 46 49 50 51
VIII
Contents
3.3 Further Aspects of Quantised Systems* . . . . . . . . . . . . . . . . . . . 3.3.1 Other Abstractions of Numerical Signals* . . . . . . . . . . . 3.3.2 Temporally Quantised Continuous–Time Systems* . . . . 3.3.3 Extension to Discrete Signal Spaces** . . . . . . . . . . . . . . . 3.3.4 Remark on Causal Relations** . . . . . . . . . . . . . . . . . . . . . 3.4 Solution to the Representation Problems . . . . . . . . . . . . . . . . . . 3.4.1 Solution to the Set Representation Problem . . . . . . . . . . 3.4.2 Solution to the Stochastic Representation Problem of Autonomous Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.5 Qualitative Model of the Quantised System . . . . . . . . . . . . . . . . 3.5.1 Motivation and Modelling Aims . . . . . . . . . . . . . . . . . . . . 3.5.2 Definition of the Qualitative Model . . . . . . . . . . . . . . . . . 3.5.3 Properties of the Qualitative Model . . . . . . . . . . . . . . . . . 3.6 General Solution to the Stochastic Representation Problem** 3.6.1 The Frobenius–Perron Operator** . . . . . . . . . . . . . . . . . . 3.6.2 Representation of Autonomous Quantised Systems** . . 3.6.3 The Foias Operator** . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.6.4 Representation of Quantised Systems** . . . . . . . . . . . . . 3.6.5 Convergence of the Approximation** . . . . . . . . . . . . . . . 3.7 Bibliographical Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.
5.
53 53 55 56 58 59 59 62 66 66 67 72 82 82 84 87 88 90 91
Further Aspects of Modelling Quantised Systems* . . . . . . . . 4.1 Motivation* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.2 Computation of the Behavioural Relation* . . . . . . . . . . . . . . . . . 4.2.1 Computation Principle* . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.2.2 Point–Mapping* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.2.3 Hyperbox–Mapping* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.2.4 Parameter Uncertainties and Noise** . . . . . . . . . . . . . . . 4.2.5 Remarks** . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.3 Relations between Quantisation and Properties of the Model* 4.3.1 State Space Partitions Adapted to the Stationary Behaviour* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.3.2 State Space Partitions Adapted to the Dynamical Behaviour* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4 Bibliographical Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
95 95 96 96 97 98 102 104 105
Automata Theory for Process Supervision . . . . . . . . . . . . . . . . 5.1 State Observation Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.1.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.1.2 Existence of Solutions to the Observation Problems . . . 5.2 Solution to the State Observation Problems . . . . . . . . . . . . . . . . 5.2.1 General Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2.2 Recursive Form of the Solution . . . . . . . . . . . . . . . . . . . . .
123 123 123 124 125 125 128
105 114 121
Contents
6.
IX
5.3 Application of the State Observer . . . . . . . . . . . . . . . . . . . . . . . . 5.3.1 Properties of the State Observer . . . . . . . . . . . . . . . . . . . 5.3.2 Observation Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3.3 Stochastic Operator of the Observer** . . . . . . . . . . . . . . 5.4 Observability* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.4.1 Stochastic Unobservability* . . . . . . . . . . . . . . . . . . . . . . . . 5.4.2 Stochastic Observability* . . . . . . . . . . . . . . . . . . . . . . . . . . 5.4.3 Distinguishing Inputs* . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.4.4 Other Observability Definitions* . . . . . . . . . . . . . . . . . . . 5.5 Fault Diagnostic Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5.2 Stochastic Processes Augmented by Faults . . . . . . . . . . . 5.6 Solution to the Fault Diagnostic Problem . . . . . . . . . . . . . . . . . . 5.6.1 Formal Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.6.2 Diagnostic Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7 Diagnosability* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7.1 Stochastic Diagnosability and Undiagnosability* . . . . . . 5.7.2 Fault Detectability and Identifiability* . . . . . . . . . . . . . . 5.7.3 Comparison to Other Diagnosability Definitions* . . . . . 5.8 Extensions** . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.8.1 Diagnosis Using Fault Sequences** . . . . . . . . . . . . . . . . . 5.8.2 Isolation of I/O Signal Corruptions** . . . . . . . . . . . . . . . 5.8.3 Measurement Uncertainties** . . . . . . . . . . . . . . . . . . . . . . 5.8.4 Unknown–Input Observer** . . . . . . . . . . . . . . . . . . . . . . . 5.9 Bibliographical Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
130 130 133 133 136 136 140 143 145 146 146 147 147 147 148 150 150 154 155 156 156 159 163 165 166
State Observation and Diagnosis of Quantised Systems . . . 6.1 State Observation of Quantised Systems . . . . . . . . . . . . . . . . . . . 6.1.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.1.2 Solution to the State Observation Problem . . . . . . . . . . 6.1.3 State Observation Algorithm for Quantised Systems . . 6.1.4 Remarks on the Observability of Quantised Systems* . 6.1.5 State Observation of the Running Example . . . . . . . . . . 6.2 Diagnosis of Quantised Systems . . . . . . . . . . . . . . . . . . . . . . . . . . 6.2.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.2.2 Solution to the Quantised Fault Diagnostic Problem . . 6.2.3 Fault Diagnostic Algorithm for Quantised Systems . . . . 6.2.4 Fault Diagnosis of the Running Example . . . . . . . . . . . . 6.3 Sensor and Actuator Fault Diagnosis** . . . . . . . . . . . . . . . . . . . . 6.4 Bibliographical Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
169 169 169 170 173 173 176 181 181 184 188 189 192 196
X
7.
Contents
Stochastic Automata Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.1 Motivation for Using Automata Networks . . . . . . . . . . . . . . . . . 7.2 Networks of Stochastic Processes . . . . . . . . . . . . . . . . . . . . . . . . . 7.2.1 Introduction to Networks of Stochastic Processes . . . . . 7.2.2 Complexity Considerations . . . . . . . . . . . . . . . . . . . . . . . . 7.2.3 The Feedback Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.2.4 Stochastic Automata on Attributes . . . . . . . . . . . . . . . . . 7.2.5 Network Representation by Stochastic Automata on Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.3 Behaviour of Automata Networks . . . . . . . . . . . . . . . . . . . . . . . . . 7.4 Composition of Automata Networks . . . . . . . . . . . . . . . . . . . . . . 7.4.1 Main Idea . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.4.2 Self–Loop–Free Composition Operation . . . . . . . . . . . . . 7.4.3 Self–Loop Elimination Operation . . . . . . . . . . . . . . . . . . . 7.4.4 Composition Algorithm and Composition Order . . . . . . 7.4.5 Behaviour Analysis Using the Composed Automaton . . 7.4.6 Automata Composition and Diagnosis in Relational Algebra** . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.4.7 Networks with Stochastic Direct Feedthroughs** . . . . . 7.5 State Observation and Diagnosis of Automata Networks . . . . . 7.6 Bibliographical Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
199 199 200 200 201 202 204
8.
Component–Oriented Modelling of Quantised Systems . . . . 8.1 Networks of Quantised Systems . . . . . . . . . . . . . . . . . . . . . . . . . . 8.1.1 Decomposed Quantised Systems . . . . . . . . . . . . . . . . . . . . 8.1.2 Decentralised Supervision . . . . . . . . . . . . . . . . . . . . . . . . . 8.1.3 Decomposition of Sampled Quantised Systems* . . . . . . 8.2 Qualitative Modelling of Decomposed Quantised Systems . . . . 8.2.1 Network of Causal Quantised Systems . . . . . . . . . . . . . . 8.2.2 Formal Description of Networks of Quantised Systems 8.2.3 Qualitative Modelling of Quantised Subsystems . . . . . . 8.2.4 Complexity of Networks of Qualitative Models . . . . . . . 8.3 Supervision Based on Networks . . . . . . . . . . . . . . . . . . . . . . . . . . 8.3.1 State Observation of Decomposed Quantised Systems . 8.3.2 Diagnosis of Decomposed Quantised Systems . . . . . . . . 8.4 Modelling and Supervision Example . . . . . . . . . . . . . . . . . . . . . .
233 233 233 234 235 236 236 238 240 243 244 244 245 247
9.
Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.1 The Titration and Neutralisation Plant . . . . . . . . . . . . . . . . . . . . 9.2 Modelling of the Titration and Neutralisation Plant . . . . . . . . . 9.3 State Observation Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.3.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.3.2 Qualitative Modelling of the Reactor . . . . . . . . . . . . . . . . 9.3.3 State Observation Results . . . . . . . . . . . . . . . . . . . . . . . . .
253 253 256 262 262 264 270
208 210 215 215 216 219 220 222 225 228 229 232
Contents
9.4 Fault Diagnosis Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.4.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.4.2 Component–Oriented Qualitative Modelling of TINA . 9.4.3 Diagnostic Result . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.5 Further Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
XI
272 272 274 280 286
10. Summary and Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Appendices A. Mathematical Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 A.1 A Brief Introduction to Measure Theory . . . . . . . . . . . . . . . . . . . 307 A.2 Definitions in Discrete Stochastics . . . . . . . . . . . . . . . . . . . . . . . . 310 B. The QuaMo–Toolbox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 C. Proofs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315 D. Parameters of the Titration and Neutralisation Plant . . . . . 337 E. Nomenclature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
1. Introduction
1.1 Motivation and Objectives This book deals with the supervision of quantised systems shown in Figure 1.1. A quantised system consists of a continuous–variable dynamical system and quantisers that serve as interfaces between the dynamical system and the supervisor. The quantisers transform the continuous input and output signals u and y into quantised signals [u] and [y], respectively. The supervisor uses only this symbolic information to determine the supervision result.
Quantised system u
y
Continuous− variable system Quantiser
Quantiser [ y]
[u] Supervisor Supervision result
Fig. 1.1. Supervision of quantised systems.
Quantisers occur in many technical applications. For example, alarm messages in industrial plants are quantised signals because they are triggered if some system variables exceed certain bounds. Other examples are physical quantities like the concentration of substances in a reactor that cannot be precisely measured. Then, quantisation corresponds to the systematic measurement error. Further examples are actuators that can be switched only among a set of discrete values, or discrete proximity sensors. Furthermore, quantisation can occur in the system dynamics, e.g. if state variables exceed some thresholds like the maximum level in a tank or a saturation bound. J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 1-12, 2003. Springer-Verlag Berlin Heidelberg 2003
2
1. Introduction
In most cases, however, the quantisers in Figure 1.1 will be introduced on purpose. The reason is to abstract from the numerical signal values, because supervision tasks concern a global assessment of the systems behaviour for which an abstract view appears as a natural approach. By means of the quantisers the amount of information of the continuous–variable signals is reduced to a degree just detailed enough to solve a given task. It will be shown that by this the quantisers facilitate the solution to supervision tasks. Another reason for the deliberate introduction of quantisers is that all signals are concisely dealt with as discrete–event signals. That is, for the solution to supervision tasks it is not distinguished between system–inherit quantisation or quantisation on purpose. In particular, this is useful for hybrid systems often occurring in supervision tasks. Because of the quantisers, both the continuous and discrete–event signals occurring in such systems are dealt with on the same symbolical basis. Two kinds of supervision problems are addressed by the book, namely the state observation and the fault diagnostic tasks. State observation means to reconstruct the state of a dynamical system using the measured signals and a model. Similarly, fault diagnosis means to use the measurements to decide by means of a model whether the system behaves normally or faults have occurred. With the state observation and fault diagnostic tasks only two supervision tasks are considered. However, they are key elements for solving advanced process supervision problems such as the reconfiguration of control or supervisory control. Reconfiguration concerns the task to automatically change the control law, which possibly includes structural changes of the system, to (partly) maintain the systems performance despite the presence of faults. Hence, fault diagnosis is a prerequisite of reconfiguration. Similarly, supervisory control concerns the task to keep the system within safe operating conditions. It is, therefore, relying on information about the systems state. The material presented in this book is the basis for the solution to such advanced supervision problems using quantised systems (cf. [15]). The main concern of the book is a theoretical solution to these problems. By combining continuous systems theory and the theory of discrete–event systems, the book closes the gap between these two worlds. In particular, the combination of both theories turns out to have great value for the practical application. This is because the two quantisers shown in Figure 1.1 allow to go from a precise numerical level to a qualitative description which is useful if part of the information about the system is merely qualitative. The book gives a complete introduction to the theory of quantised systems including the modelling by automata and the solution to the state observation and fault diagnostic tasks. However, the treatment of quantised systems
1.1 Motivation and Objectives
3
in this book is not limited to theory only. Many examples are used to illustrate the main ideas, mostly at the running example of a two–tank system (cf. Section 1.4). Several application examples at the end of the book show how the methods can be applied in practice. The Symbolical Versus the Classical Approach In engineering, usually numerical models like difference or differential equations are used, to design controllers, to make simulation studies and so on. This is because the solution to such tasks requires a precise analysis of the system. Supervision tasks, however, have a different nature. If compared to the aforementioned tasks they concern a global assessment of the systems behaviour. For example, diagnosis does, in general, not require that the precise magnitude of a fault is determined nor does the operation of a system within prescribed bounds necessitate the precise reconstruction of all internal variables. Instead, supervision tasks have qualitative aims like the question whether there is a leakage in a tank or whether the temperature in a reactor is high enough. Hence the question arises, whether such comparably detailed dynamical models like differential equations are required to solve these tasks, having in mind the benefits of using a less detailed model. The book will show that this is not necessary.
Proposed way of solution Problem formulation
Model class
Nature of obtained result
Symbolical formu− lation of the task
Stochastic automaton
Symbolical result
Abstraction Problem
Formulation of the supervision task Concretisation Numerical formu− lation of the task
Abstraction Quantised system Quantisation Continuous− variable system
Symbolical Level
Interpretation Supervision result
Solution
Qualitative Level
Evaluation Numerical result
Numerical Level
Classical way of solution
Fig. 1.2. The symbolical and the classical approach to process supervision.
Instead, the book proposes an alternative way of solution, based on a symbolical model – an automaton. Figure 1.2 illustrates this way of solution and
4
1. Introduction
compares it to classical approaches which are based on a numerical model. The figure contains three levels of abstraction, the numerical, the qualitative and the symbolical level. As explained above, supervision tasks are generally formulated on a qualitative level. The idea of the presented approach is formalise the tasks on the qualitative or even on the more abstract symbolical level (cf. Figure 1.2). To solve this symbolical task, a symbolical model of the physical system is required. Such a description shall be abstracted from the real system, which is in general a continuous–variable system. As shown in the figure, this step is performed by a quantisation of all continuous–variable signals and subsequent abstraction to a symbolical model. The granularity of the quantisation determines the extent to which details of the numerical description are neglected. The guideline for this signal quantisation is to refer to the system variables as roughly as possible on the qualitative level. From the introduced quantisation the quantised system emerges (cf. Figure 1.1). Because of the mixed continuous and discrete nature of the quantised system, a direct solution to the supervision task on the qualitative level turns out to be very difficult because this would mean to solve differential equations under several inequality constraints induced by the quantisers. To avoid this, a purely discrete description is abstracted from the quantised system, for which a stochastic automaton is chosen as representation form. It will be shown that stochastic automata can concisely approximate quantised systems and allow efficient solutions to supervision tasks. That is, instead differential equations and inequality constraints the system is described by a set of transition probabilities describing the stochastic automaton. The symbolical result obtained from the solution to the supervision task by means of the automaton is then transferred to the supervision result for the quantised system. It will be shown that this conclusion is possible provided that the stochastic automaton is a complete model of the quantised system. Therefore, completeness of the model is a crucial requirement that is thoroughly investigated in the book. The classical approach to solve supervision tasks is shown in the lower part of Figure 1.2. It represents a way of solution that uses standard techniques of continuous systems and control theory. There, instead of seeking for a higher level of abstraction, the supervision task is concretised. This means, for example, that it is attempted to numerically reconstruct the state, e.g. by an observer or a Kalman filter, even if only the region of the state is needed. Similarly, a concretised aim can be to estimate the magnitude of a fault even though its value is not required. From the numerical solution to these concretised problems, the supervision task is solved by evaluating the numerical result, e.g. by associating a numerical fault value “near to zero” with a faultless system.
1.1 Motivation and Objectives
5
This approach is mainly motivated by the fact that the numerical level offers a large toolbox of well known methods. Though this way of solution is applicable in classical situations it has several difficulties for process supervision. Among them are the following: • A model is used which is more detailed than required. A precise model with fixed parameters has to be used. However, supervision requires to consider models with uncertainties. Taking them into account in numerical models by using sets of parameters leads to considerably complex formulations and solutions to the task. • Numerical solutions require numerical measurements. However, alarm messages, for example, only indicate whether certain thresholds are exceeded. Similarly, cost reducing industrial measurement equipment, such like proximity sensors, provide merely quantised information. Therefore, supervision requires to use also qualitative measurements. • Many numerical methods rely on the linearity of a system. However, linearity holds, in general, only locally, whereas supervision refers to the global, typically nonlinear behaviour of a system. • Methods for nonlinear systems explicitly or implicitly rely on steadiness or a Lipschitz constraint. That is, no discontinuities can be considered which excludes systems with mixed continuous and discrete dynamics. However, in supervision tasks, such hybrid systems typically occur. The quantised system approach circumvents the difficulties that arise when using the classical approach. This and further benefits can be summarised as follows: • Reduction of information. The quantisers transform the numerical continuous–time signals u(t) and y(t) into quantised discrete–time signals [u(k)] or [y(k)], respectively. By this, the amount of information that needs to be processed by the supervisor is reduced. This is shown in Figure 1.3 at the example of a pH measurement of a plant considered in Chapter 9. The complex information contained in the measured signal pH(t) over continuous time t is reduced to a sequence of integer values [pH(k)] at discrete time instances k. The figure shows first the temporal quantisation by periodical sampling and subsequently the value quantisation through a partition of the signal space into three regions. The bars show in which region of the signal space the actual pH lies at the corresponding time instance. • Abstract view on the system. Quantising the signal values as roughly as shown in Figure 1.3 leads to an abstract view on the system. Accordingly, the model used by the supervisor must match this abstract level and can ignore details that are covered by quantisation. Hence, quantisation facilitates modelling, as the methods derived for quantised systems can cope with adequately imprecise models. • Concise treatment of hybrid systems. In many practical applications, not only continuous–variable signals but also discrete–event signals occur.
6
1. Introduction
Such discrete signals can, for example, result from system–inherent quantisers given through the measurement equipment, or because a continuous subsystem interacts with a discrete subsystem, for example with a programmable logic controller (PLC) widely used in process and manufacturing industry. Such systems, in which both discrete and continuous signals occur, are called hybrid systems. By signal quantisation, all measurement signals are transformed to discrete signals. Hence, the quantisers allow a concise treatment of hybrid systems on the supervision level.
Fig. 1.3. Reduction of information by quantisation.
In summary, the benefits of using quantised systems arise from the fact that all details irrelevant for the solution to the problem are ignored. This book and other contributions show the practical relevance and applicability of the approach (cf. e.g. [50], [101], [124]).
1.2 Problem Statement and Way of Solution In this section the steps in which supervision tasks are solved by using quantised systems are described in more detail. The way of solution is outlined as a sequence of problem statements that appears by applying a general rule of engineering: In order to get an efficient solution to supervision tasks, be as rough as possible and only as precise as necessary. This means that for a good solution a trade–off between precision and complexity must be found. The overall supervision problem can be split up as follows:
1.2 Problem Statement and Way of Solution
7
Modelling Problem: How can the detail of the on–line information about the system be adjusted to the supervision task? Solution: By signal quantisation. • All signals of the system are quantised. Adjusting the granularity of the quantisation allows to refer to each signal as precisely as necessary and as roughly as possible. The measurement precision is considerably reduced. The original system becomes a quantised system (cf. Figure 1.1). Problem: How can the relation among quantised signals be described efficiently? Solution: By models that have the form of automata. • The relations among the quantised signals are described by an abstract model in form of a stochastic automaton rather than by a numerical model of the quantised system. However, automata cannot precisely represent a quantised system. It will turn out that automata can be derived which are precise enough for the solution to a given supervision task. Supervision Problem: How can the state observation and fault diagnostic tasks be solved with quantised signals and abstract models? Solution: By using the state observation and fault diagnostic methods, which are developed for stochastic automata. • The state observation task for quantised systems is transformed into a symbolical observation task for the automaton. From the solution for automata, the solution to the original state observation task for the quantised system is derived. • Similarly, the fault diagnostic task is transformed into a fault diagnostic problem for automata. Faults in the system can be detected and identified using the automata–theoretic solution. • Both tasks refer to the quantised measurements and the automaton obtained from the quantised system. Decomposition of Complex Systems Problem: How can abstract models of complex systems be set up? Solution: By component–oriented modelling. • Each component of a system is approximated by an abstract model. This leads to a network of interacting automata rather than a single automaton. In this way complex systems are described by automata networks which reduces the complexity of the model considerably.
8
1. Introduction
Problem: How can supervision tasks be solved for complex systems? Solution: By supervision methods for automata networks. • Like for single automata, symbolical results to the state observation and fault diagnostic tasks are derived by using automata networks. All calculation steps refer to the automata network. The results are then transferred to the supervision result of the original task. Application Question: Can the proposed methods be used to solve supervision problems in practice? Answer: The applicability is shown for a neutralisation plant and further application examples. • The derived methods are applied to a chemical plant showing in detail that quantisation of signals and abstract models reduce the complexity such that these tasks can be solved under real–time constraints. • Further practical applications of the methods are briefly summarised. The above structure of the solution is reflected by the structure of the book which is explained in the following section.
1.3 Structure of the Book and Guidelines for Reading The book consists of four major parts: Modelling (Chapters 2, 3 and 4): The quantised system is investigated and its concise abstraction to stochastic automata is derived. Supervision (Chapters 5 and 6): The solution to the state observation and fault diagnostic problems is given based on a qualitative model in form of a stochastic automaton. Component–oriented modelling (Chapters 7 and 8): The quantised system is decomposed into a network of interconnected subsystems. The supervision task is solved based on a stochastic automata network. Application (Chapter 9): The practical relevance of the developed methods is shown for a neutralisation plant and further examples.
1.3 Structure of the Book and Guidelines for Reading
Automata theory
Quantised system
2.1 − 2.4
3.1 − 3.4 Modelling
4.1 − 4.3 5.1 − 5.3 5.5 − 5.6
7.1 − 7.3
9
7.4 − 7.5
6.1 − 6.2
Supervision
Component− oriented methods
8.1 − 8.5
Application 9.1 − 9.2
9.4
9.3
Application
9.5
Fig. 1.4. Structure of the book.
The three first parts each consist of an automata theoretic chapter and a chapter concerning the quantised system. Figure 1.4 shows the dependencies among the sections. The book is structured such that it is possible to study only those parts related to automata theory. They do not contain any reference to the theory of quantised systems. Furthermore, the component– oriented methods can be skipped as the remainder offers a self–contained toolbox for practical applications as shown in Sections 9.3 and 9.5. Additionally, the sections fall into three categories. Those without a mark present the main ideas and solutions. Those marked with an asterisk * contain advanced topics that are of general interest, but do not contribute to the main idea. Sections with two asterisks ** deal with special topics. Marked sections later in the book may require that foregoing marked sections of the same category have been read. The reader can skip all sections with asterisks, because unmarked sections do not refer to them, except for some remarks not essential for understanding the sections content. The proofs, however, use results of all categories without regard to this convention. Most of them have been moved to the appendix. The book is embedded in current research and has, therefore, many connections to contributions in literature. However, the main text only occasionally refers to them in order to focus on the presentation of the material. Bibliographical notes at the end of each chapter are used to discuss similarities and differences to other approaches in literature.
10
1. Introduction
Throughout all chapters a running example is used. Its purpose is to illustrate the presented concepts and methods and help to understand the close connections between the different topics of the book. The running example is introduced in the following section.
1.4 Running Example Throughout the text the two–tank system shown in Figure 1.5 is used as example. Its dynamical behaviour is intuitive but complex enough to serve as non–trivial illustration of the developed concepts.
P LC
qp
q12u
LS1
h max LS2
V12u
h1 leak
ql
h 12u
q12l
h LS4 V12l
LS3
h2 FI
LS4
q2
Fig. 1.5. Two–tank system.
The tanks are connected via two magnetic valves V 12l and V12u at heights zero and h12u , respectively. A pump is used to fill the left tank while a security switch deactivates the pump as soon as the liquid level reaches hmax . The left tank has no direct outflow unless there is a leak, which is considered as a possible fault. The right tank has an outflow and can be filled through the connections to the left tank. Though this setting only allows levels in the right tank lower than in the left, all liquid levels h2 from 0 up to hmax are admissible as initial conditions. From the tank system, two different types of measurements are available. To the tanks, four discrete level sensors LS1–LS4 are attached. Each sensor LSi detects whether the liquid level in the corresponding tank is above or below the height hLSi at which the sensor is installed. That is, only quantised level measurements are available. In contrast to this, the sensor FI provides a continuous–variable measurement qˆ2 of the outflow.
1.4 Running Example
11
The two tanks have the liquid levels h1 and h2 given in metres, which are used as state variables in the model given below. The outputs li of the discrete level sensors LSi are either zero if the liquid level is below hLSi or one if it is above. All flow rates q are in cubic metres per second, except the output qˆ2 of sensor FI in litres per minute. The normalised pump velocity is described by vp and the binary commands given to the valves by v12l and v12u . The cross–section area of the tanks is denoted by A and all other constants by c. All parameters of the model are given in Table 1.1. The two–tank system is described by the following equations. 1 h˙ 1 (t) = (qp (t) − q12l (t) − q12u (t) − ql (t)) , A 1 h˙ 2 (t) = (q12l (t) + q12u (t) − q2 (t)) , A p qˆ2 (t) = cˆ2 · h2 (t) , ( 1 for h1 (t) > hLSi li (t) = for i = 1, 2 0 otherwise , ( 1 for h2 (t) > hLSi li (t) = for i = 3, 4 0 otherwise ,
(1.1) (1.2) (1.3) (1.4)
(1.5)
with ( qp (t) = ( q12l (t) =
cp vp (t) for h1 (t) ≤ hmax , 0 < vp (t) ≤ 1 0
otherwise ,
c12l sgn(h1 (t) − h2 (t))
p
|h1 (t) − h2 (t)| for v12l = 1
0 otherwise , p c12u h1 (t) − h12u for h1 (t) > h12u , h2 (t) ≤ h12u , v12u = 1 p −c12u h2 (t) − h12u for h1 (t) ≤ h12u , h2 (t) > h12u , v12u = 1 q12u (t) = c12u sgn(h1 (t) − h2 (t))· p · |h1 (t) − h2 (t)| for h1 (t) > h12u , h2 (t) > h12u , v12u = 1 0 otherwise , ( p c2 h2 (t) for h2 (t) > 0 q2 (t) = 0 otherwise , ( p cl h1 (t) for h1 (t) > 0 and leak in the left tank ql (t) = 0 otherwise .
12
1. Introduction
The above eqns. (1.1)–(1.5) have the form of a nonlinear state space model ˙ ˆ (x(t), u(t)) , x(t) =g
(1.6)
y(t) = h(x(t), u(t)) ,
(1.7)
with the state x(t) = (h1 (t) h2 (t))0 , the input u(t) = (vp (t) v12l (t) v12u (t))0 , and either the output vector y(t) = (l1 (t) l2 (t) l3 (t) l4 (t))0 or the scalar output y(t) = qˆ2 (t). The two–tank is a hybrid system, as it has continuous and discrete variables as well as switching dynamics [2], [22], [98]. This becomes obvious from the above equations that contain continuous dynamics as well as switching conditions and several inequalities. Under a sample and hold assumption for the inputs, the continuous–time state space model (1.6) and (1.7) is transformed into a discrete–time state space model by Z (k+1)Ts ˆ (x(τ ), u(τ )) dτ, (1.8) x((k+1) Ts ) = g(x(k Ts ), u(k Ts )) = x(k Ts )+ g kTs
y(k Ts ) = h(x(k Ts ), u(k Ts )) ,
(1.9)
where Ts denotes the sampling time. In eqns. (1.8) and (1.9), the output function h remains as in eqn. (1.7). The function g is determined numerically by evaluating eqn. (1.8). For given sampling time Ts , the model given by eqns. (1.8) and (1.9) has the form of a discrete–time state space model x(k+1) = g(x(k), u(k)) y(k) = h(x(k), u(k)) which will be used in the remainder of the book. Unless otherwise stated, a sampling time of Ts = 5 s will be used.
Table 1.1. Parameters of the tank system A hmax h12u hLS1 hLS2 hLS3 hLS4 cp c12l c12u c2 cˆ2 cl Ts
1.5 · 10−2 m2 0.60 m 0.30 m 0.40 m 0.20 m 0.20 m 0.10 m 1.5 · 10−4 m3 /s 6.0 · 10−4 m5/2 /s 4.0 · 10−4 m5/2 /s 2.0 · 10−4 m5/2 /s 12.0 l/(min · m1/2 ) ≥ 0 m5/2 /s 5s
Cross–section area of each tank Maximum liquid level of each tank Height of the upper connection Height of level sensor LS1 Height of level sensor LS2 Height of level sensor LS3 Height of level sensor LS4 Feed rate of the pump Flow constant of valve V12l Flow constant of valve V12u Flow constant of the outlet Constant of outflow sensor FI Flow constant for a leak Sampling time
2. Basics of Stochastic Automata Theory
This chapter summarises results of the theory of stochastic automata. In Section 2.1, the stochastic automaton is defined and its representation by an automaton graph is explained. Mathematically, the stochastic automaton is a discrete stochastic processes. Its analysis, therefore, requires several notions and notations of stochastic processes that are introduced in Section 2.2. Based on this, the behaviour of stochastic automata is studied in Section 2.3. For the application of automata to fault diagnosis, the definition of the stochastic automaton is extended in Section 2.4. In Section 2.5 additional properties of automata like the stationary behaviour are discussed. Finally, in Section 2.6, stochastic operators are introduced and their relation to stochastic automata is shown.
2.1 Stochastic Automata Stochastic automata (SA) are state machines with a stochastic transition behaviour. The finite stochastic automaton is a 4-tuple S(Nz , Nv , Nw , L)
(2.1)
with the set of automaton states Nz = {1, 2, . . . , N }, the input alphabet Nv = {1, 2, . . . , M } and the output alphabet Nw = {1, 2, . . . , R}. The state of the automaton is denoted by z ∈ Nz , its input by v ∈ Nv and its output by w ∈ Nw . The behaviour of the automaton is described by the conditional probability that the automaton state changes from state z to state z 0 and produces the output w if its current input is v. This is described by a function L : Nz × Nw × Nz × Nv −→ [0, 1] defined by L(z 0 , w, z, v) = Prob(z 0 , w | z, v) .
(2.2)
In accordance with the terminology used for nondeterministic automata [97], the function L is called behavioural relation of the stochastic automaton. In J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 13-35, 2003. Springer-Verlag Berlin Heidelberg 2003
2. Basics of Stochastic Automata Theory
0.76 0.1
7
0.01
9
0.08
0.33
8
0.02
0.18
0.66
0.53
0.25
0.01
03 03
0.
0.08
0.07
73
0.
0.01
0.01
0.32
0.02
0.
01
0.
0.
0.49
0.37
0.08
0.17
0.2
0.01
0.74 0.01
0.05
0.04
13
0.
3
0.19 0.56
0.24
0.18
0.01
0.57 0.08
0.01
4
3
0.
08
0.
0.0
04
2
6
0.01
0.
22
0.
0.11
5
0.01
0.16
57
26
0.
0.31 0.6
0.1
4
0.02
0.
21
0.
0.43
1
6
0.46
0.35
0.1 0.33
5
0.03
0.
33
02
0.11
01 0. 0.01 0.21
4
9
0.02
0.85 0.11
0.17
0.76
0.1
8
0.7 0.04
0.48
7
0.54 0.12
0.29
14
1
2
0.01
3
0.01
Fig. 2.1. Automaton graph with nine states, three outputs and two inputs, drawn separately for v = 1 (left) and v = 2 (right).
order to indicate that the behavioural relation represents a conditional probability distribution, the symbol L(z 0 , w | z, v) is used rather than L(z 0 , w, z, v). From eqn. (2.2) follow the properties: X
0 ≤ L(z 0 , w | z, v) ≤ 1 , X L(z 0 , w | z, v) = 1 ,
∀z 0 , z ∈ Nz , v ∈ Nv , w ∈ Nw ,
(2.3)
∀z ∈ Nz , v ∈ Nv .
(2.4)
z 0 ∈Nz w∈Nw
Note that L is defined for all v ∈ Nv and all z ∈ Nz . That is, in all states z, all inputs v may occur. Consequently, all initial states and all sequences of input symbols are admissible. Automata graphs. The SA can be interpreted as a directed graph whose vertices denote the states. The edges denote possible transitions corresponding to those values z 0 , w, z and v for which the behavioural relation L is nonzero. All edges are associated with a certain input, output and the probability (2.2). Figure 2.1 shows the automaton graph of an SA with nine states, two inputs and three outputs. For simplicity of presentation, two separate graphs have been drawn, one for each input, but in principle, both graphs must be put together. In Figure 2.1, the different outputs are distinguished by the colour and thickness of the edges, from thin black lines for w = 1 to thick light grey lines for w = 3. From the lower left corner of the automaton graph, it can be seen that the probability for the state to change from z = 2 to z 0 = 4 while producing the output w = 1 is 0.26 for the input v = 1. Consequently, the behavioural relation yields L(4, 1|2, 1) = 0.26. For the same input, the automaton can also change its state from z = 2 to z 0 = 4 giving output w = 2. The probability for this transition is L(4, 2|2, 1) = 0.21. It further
2.1 Stochastic Automata
15
can be seen that this state change cannot occur while the output is w = 3, i.e. L(4, 3|2, 1) = 0 holds. According to eqn. (2.4) the sum of the transition probabilities of all emerging edges for each state and input is one. This can be seen from Figure 2.1 for all states and inputs. Transition and output relations. The behavioural relation has the two boundary distributions1 X G(z 0 | z, v) = L(z 0 , w | z, v) (2.5) w∈Nw
and
H(w | z, v) =
X
z 0 ∈N
L(z 0 , w | z, v) .
(2.6)
z
G(z 0 | z, v) is called the state transition relation and H(w | z, v) the output relation of the SA [194]. They likewise represent conditional probability distributions G(z 0 | z, v) = Prob(z 0 | z, v)
and
and possess the properties X G(z 0 | z, v) = 1 and
X
z 0 ∈Nz
H(w | z, v) = Prob(w | z, v)
H(w | z, v) = 1 ,
(2.7)
w∈Nw
respectively. Their values can also be interpreted with the help of the automaton graph. From Figure 2.1 it can be seen that for v = 1, the probability that the state changes from z = 2 to z = 4 is G(4|2, 1) = 0.21 + 0.26 = 0.47, and the probability that for v = 1 and z = 2 the output w = 1 is produced is H(1|2, 1) = 0.24 + 0.26 + 0.11 = 0.61. The transition and output relations represent less information than the behavioural relation. This can be seen from the above example. For v = 1 the automaton state can change from z = 2 to z 0 = 1, z 0 = 4 or z 0 = 5. This information is kept in the state transition relation G. For the same input and state, the outputs w = 1 or w = 2 can occur (cf. Figure 2.1). Accordingly, the output relation H has nonzero entries for these outputs. However, the relations G and H do not yield the possibly occurring outputs for a particular transition. Consider e.g. the transition from z = 2 to z 0 = 1. According to the output relation the state z = 2 yields either the outputs w = 1 or w = 2 for the input v = 1 but from Figure 2.1 it can be seen that in fact only w = 1 can occur. This information is contained in L but not in G and H. That is, in general, the behavioural relation L cannot be obtained from G and H. Only in the case that the successor state z 0 and the output w are stochastically independent the relation 1
For a summary of basic definitions in discrete stochastics see Appendix A.2.
16
2. Basics of Stochastic Automata Theory
L(z 0 , w | z, v) = G(z 0 | z, v) · H(w | z, v)
(2.8)
holds for all states, inputs and outputs and the transition and output relations represent the same information as the behavioural relation [23]. Special cases of SA. A special case is the SA with a single input, i.e. with Nv = {1}, or, equivalently, an SA with constant input ¯v ∈ Nv . Such an SA is called autonomous SA and can be equivalently represented by the 3-tuple S(Nz , Nw , La )
(2.9)
with La : Nz × Nw × Nz −→ [0, 1] ,
La (z 0 , w | z) = L(z 0 , w | z, v¯) . (2.10)
Similarly, an SA with a singleton as output alphabet is called SA without output and can be represented by the 3-tuple S(Nz , Nv , G)
(2.11)
with G : Nz × Nz × Nv −→ [0, 1] ,
G(z 0 | z, v) = L(z 0 , 1 | z, v) .
(2.12)
From eqns. (2.4) and (2.5), it becomes clear that the relation (2.12) of the SA without output is the transition relation of the SA (2.1). Finally, as a combination of the above, an SA without input and output is equivalently represented by the 2-tuple S(Nz , Ga )
(2.13)
with Ga : Nz × Nz −→ [0, 1] ,
Ga (z 0 | z) = G(z 0 | z, v¯) .
(2.14)
The transition relation Ga is sometimes written as a stochastic transition matrix Ga with (Ga )ij = Ga (z 0 = i | z = j) ,
(2.15)
where (Ga )ij denotes the matrix element of Ga in the i−th row and the j−th column (cf. Section 2.5).
2.2 Stochastic Processes and Markov Chains The stochastic automaton introduced in the previous section represents a discrete stochastic process. The aim of this section is to show the relation of the SA to an important class of stochastic processes, the Markov chains.
2.2 Stochastic Processes and Markov Chains
17
Furthermore, additional notions and notations of stochastic processes are introduced for a more detailed description and understanding of SA. A discrete stochastic process is a system with a finite discrete state space Nz = {1, 2, . . . , N } considered over a discrete set of time instances {0, 1, 2, . . .} where the state at a certain time instance k is random. That is, the system is a stochastic process if an experiment repeated under equivalent conditions may give different results. The successive measurements of the state define the random variables zp (0), zp (1), . . . , zp (k), . . . at times 0, 1, . . . , k, . . ., respectively, characterising the discrete stochastic process that is defined as the family {zp (k), k ∈ IN} of random variables. A sequence z(0), z(1), z(2), . . . of states resulting from a single experiment is called a realisation of the discrete stochastic process. The probability that a realisation of the stochastic process yields the state z(k) ∈ Nz at time k is denoted by Prob(zp (k) = z(k)) .
(2.16)
Considering the probabilities of each state of Nz at a certain time point k yields a discrete probability distribution denoted by Prob(z(k)) =
(2.17)
{Prob(zp (k) = 1), Prob(zp (k) = 2), . . . , Prob(zp (k) = N )} . In a stochastic process, the probability distribution (2.17), in general, changes with time k. Markov chains. The random variables zp (k) are, in general, not independent of each other. Instead their dependence reflects the dynamics of the system. A special kind of dependence among the random variables defines an important class of discrete stochastic processes: the Markov chains (cf. e.g. [188], [202]). A Markov chain satisfies the relation Prob(zp (k+1) = z(k+1) | zp (0) = z(0), zp (1) = z(1), . . . , zp (k) = z(k)) = Prob(zp (k+1) = z(k+1) | zp (k) = z(k))
(2.18)
for all times k ∈ IN and for all states z(0) ∈ Nz , . . . , z(k) ∈ Nz . The interpretation of the Markov property (2.18) is that the probabilities of the future state of the stochastic process are completely determined from its current state. Note that the Markov property (2.18) does not mean that the state at time k + 1 is independent of the states at times 0, 1, . . . , k − 1, but merely that the future state is conditionally independent of these states given the state at time k. The conditional probabilities Prob(zp (k + 1) = z(k + 1) | zp (k) = z(k)) are called single–step transition probabilities of the Markov chain. If the transition probabilities do not depend on the absolute time point k, i.e. if the relation
18
2. Basics of Stochastic Automata Theory
Prob(zp (k+1) = z 0 | zp (k) = z) = Prob(zp (1) = z 0 | zp (0) = z)
(2.19)
is satisfied for all times k and for all states z, z 0 ∈ Nz , the Markov chain is called homogeneous. Relation of Markov chains to SA. To show the relation of Markov chains to SA, an input v ∈ Nv on which the transition probabilities depend is added to the stochastic process. Furthermore, an output w ∈ Nw of the process is introduced. The input and the output define random variables vp (0), vp (1), . . . and wp (0), wp (1), . . ., respectively. Such a stochastic process is called a Markov chain with input and output if the relation þ þ z (0) = z(0), . . . , zp (k) = z(k) Prob zp (k+1) = z(k+1), wp (k) = w(k) þþ p vp (0) = v(0), . . . , vp (k) = v(k) = Prob(zp (k+1) = z(k+1), wp (k) = w(k) | zp (k) = z(k), vp (k) = v(k)) (2.20) holds for all states, inputs, outputs and for all times k. As before, the Markov chain with input and output is called homogenous if the relation Prob(zp (k+1) = z 0 , wp (k) = w | zp (k) = z, vp (k) = v) = Prob(zp (1) = z 0 , wp (0) = w | zp (0) = z, vp (0) = v)
(2.21)
is satisfied for all states, inputs, outputs and for all k. The block diagram of a Markov chain with input and output is shown in Figure 2.2.
v ( k)
Markov process z ( k)
w ( k)
Fig. 2.2. Markov chain with input and output.
From eqn. (2.21) it is clear that the SA represents a homogeneous Markov chain with input and output. Such a process is represented by an SA with the behavioural relation L(z 0 , w|z, v) = Prob(zp (k+1) = z 0 , wp (k) = w | zp (k) = z, vp (k) = v)(2.22) for any time k. Likewise, Markov chains (2.19) are represented by autonomous SA. The relation between SA and Markov chains is discussed in more detail in [23]. Remark 2.2.1. Markov chains with input are also called controlled Markov chains [20], [91] and with additional output also as controlled Markov chains with partial observations [20]. A controlled Markov chain, like the SA, does not only depend on the considered system but also on the input which can itself be described by a discrete stochastic process, i.e. as a sequence of random variables. Often, in the literature, the special case that the input is described by a single time–invariant
2.3 Behaviour of Stochastic Automata
19
random variable is considered (cf. e.g. [20]). Note that this includes the special case that the random variable yields a probability of 1 for a certain input ¯v ∈ Nv , i.e. the case that the input is not random, but a constant value for all times. Then the controlled Markov chain is identical to a Markov chain without input. Markov chains with outputs where the state cannot be observed are also known as hidden Markov chains. They are used for the recognition of speech and handwriting (cf. e.g. [45]).
2.3 Behaviour of Stochastic Automata The behaviour of SA is usually studied for a given initial state distribution. In the following, the SA (2.1) with given initial state distribution Prob(z(0)) is called initialised stochastic automaton and is given by the 5-tuple [23]: S(Nz , Nv , Nw , L, Prob(z(0))) .
(2.23)
Realisation of the stochastic process. The initialised SA can be used to generate realisations of the stochastic process represented by the SA. To generate such a realisation, an initial state z(0) is determined randomly according to the given initial state distribution Prob(z(0)). For the given input one pair of successor state and output randomly chosen according to the transition probabilities of the behavioral relation (2.2). In the automaton graph this means that one of the outgoing edges of the current state is followed, while the probability associated with the edges determines the chance of a certain edge being chosen. That is, a realisation of the discrete stochastic process is obtained by starting in a certain automaton state and following a path through the automaton graph for given inputs. Example 2.3.1. Figure 2.3 shows three realisations of the stochastic process represented by the automaton graph shown in Figure 2.1 for constant input v = 2. It shows three pairs of state and output sequences, each pair obtained from a single experiment. From Figure 2.3, the path taken in the automaton graph can be followed, starting from state z = 1. For example, in the first experiment, the edge for w = 1 (thin black line) from state z = 1 to z 0 = 1 has been followed. The probability for this transition to be chosen was 0.56. Mean behaviour of the stochastic process. Usually, the SA is used as model of the stochastic process to study its mean behaviour. This means that not a certain realisation of the SA is produced but the interest lies in all realisations simultaneously. That is, the probability distribution of all realisations is studied for a given time instance k. From the initialised SA, the conditional probability distribution of all state sequences of length k+1
2. Basics of Stochastic Automata Theory
0
3 time 6
9
0
3 time 6
1
2 1
0
3 time 6
9
0
3 time 6
9
0
3 time 6
9
3 output w
2
9 8 7 6 5 4 3 2 1
9
3 output w
3 output w
9 8 7 6 5 4 3 2 1
state z
9 8 7 6 5 4 3 2 1
state z
state z
20
2 1
0
3 time 6
9
Fig. 2.3. State (top) and output (bottom) realisations of a stochastic process represented by the SA shown in Figure 2.1 for constant input v = 2.
Z(0 . . . k) = (z(0), z(1), . . . , z(k)) ∈ Nzk+1 = Nz × . . . × Nz | {z } (k+1) times
and for given input sequence V (0 . . . k−1) = (v(0), . . . , v(k−1)) ∈ Nvk = Nv × . . . × Nv {z } |
(2.24)
k times
can be determined by Prob(Z(0 . . . k) | V (0 . . . k−1))
(2.25)
= Prob(z(0), z(1), . . . , z(k) | v(0), . . . , v(k−1)) = Prob(Z(0 . . . k) | V (0 . . . k−1), z(0)) · Prob(z(0)) =
k−1 Y
G(z(i+1) | z(i), v(i)) · Prob(z(0)) ,
i=0
where the Markov property (2.18) and the conditional independence Prob(zp (k) = z(k) | vp (k) = v(k), . . . , vp (0) = v(k)) = Prob(zp (k) = z(k) | vp (k−1) = v(k−1), . . . , vp (0) = v(k))
(2.26)
of the current state and the current input have been used. The latter holds because from the definition of a Markov process by eqn. (2.20) it follows that the input at time k only influences the state at time k+1.
2.3 Behaviour of Stochastic Automata
21
The notation of the above equation is as follows: Prob(Z(0 . . . k) | V (0 . . . k− 1)) denotes a conditional probability distribution, where the notation is like in eqn. (2.17): Prob(Z(0 . . . k) | V (0 . . . k−1)) = = {Prob(zp (0) = 1, . . . , zp (k) = 1 | vp (0) = v(0), . . . , vp (k−1) = v(k−1)), . . . , Prob(zp (0) = N, . . . , zp (k) = 1 | vp (0) = v(0), . . . , vp (k−1) = v(k−1)), . . . , Prob(zp (0) = N, . . . , zp (k) = N | vp (0) = v(0), . . . , vp (k−1) = v(k−1))
}.
Each element of this probability distribution gives the probability of a realisation of the stochastic process, i.e. of a certain state sequence. All of these realisations are considered under the same condition, i.e. for the given input sequence. Hence, the notation of eqn. (2.25) using distributions means that it holds for all possible realisations and is evaluated separately for all state sequences. Equivalently, a conditional probability distribution like in eqn. (2.25) can be interpreted as a function yielding a functional value between zero and one for each possible argument on the left–hand side of the condition, parameterised by the values on the condition side. In the following all distributions are interpreted like this. To simplify the notation, the abbreviation G(k) := G(z(k+1) | z(k), v(k)) will be used in the following. The state distribution of the initialised SA at time k > 0 is described by the boundary distribution of (2.25): Prob(z(k) | V (0 . . . k − 1)) X X X = ··· Prob(Z(0 . . . k) | V (0 . . . k−1)) z(0)∈Nz z(1)∈Nz
X =
X
z(0)∈Nz z(1)∈Nz
=
X
(2.27)
z(k−1)∈Nz
X
···
G(k−1) · G(k−2) · . . . · G(0) · Prob(z(0))
z(k−1)∈Nz
G(k−1) · G(k−2) · . . . · G(0) · Prob(z(0)) .
Z(0...k−1)∈Nzk
Equation (2.27) can be written in the recursive form k > 1 : Prob(z(k) | V (0 . . . k−1)) X = G(k−1) · Prob(z(k−1) | V (0 . . . k−2)) z(k−1)∈Nz
k = 1 : Prob(z(1) | v(0)) =
X
G(0) · Prob(z(0)) .
(2.28)
z(0)∈Nz
Equation (2.28) describes the state simulation of an SA as the state distribution at time k is determined from the state distribution and input at time k − 1. Note that eqn. (2.26) means that
22
2. Basics of Stochastic Automata Theory
Prob(z(k) | V (0 . . . k − 1)) = Prob(z(k) | V (0 . . . k))
(2.29)
holds. Similarly, for the output sequence W (0 . . . k) the relation Prob(W (0 . . . k) | V (0 . . . k)) X = Prob(W (0 . . . k) | V (0 . . . k), z(0)) · Prob(z(0)) z(0)∈Nz
=
X
X
L(k) · . . . · L(0) · Prob(z(0)) =
k Y
(2.30)
L(i) · Prob(z(0))
Z(0...k+1) i=0
Z(0...k+1)∈Nzk+2
holds, where the abbreviation L(k) := L(z(k+1), w(k) | z(k), v(k))
(2.31)
is used. Similar to the above, eqn. (2.30) can be formulated recursively as k > 0 : Prob(z(k+1), W (0 . . . k) | V (0 . . . k)) X L(k) · Prob(z(k), W (0 . . . k−1) | V (0 . . . k−1)) = z(k)∈Nz
k = 0 : Prob(z(1), w(0) | v(0)) =
X
(2.32)
L(0) · Prob(z(0)) ,
z(0)∈Nz
which yields: Prob(W (0 . . . k) | V (0 . . . k)) X = Prob(z(k+1), W (0 . . . k) | V (0 . . . k)) .
(2.33)
z(k+1)∈Nz
The current output w(k) can be obtained as boundary distribution of (2.30) or (2.33). By using eqn. (2.28), from eqns. (2.32) and (2.33) follows: Prob(w(k) | V (0 . . . k)) X = H(w(k)|z(k), v(k)) · Prob(z(k) | V (0 . . . k−1)) .
(2.34)
z(k)∈Nz
Equations (2.28) and (2.34) describe the recursive simulation of the output of an SA. Example 2.3.2. Figure 2.4 shows the mean behaviour of the stochastic process represented by the SA given in Figure 2.1 for constant input v = 2 and the initial probability distribution Prob(z(0)) = {1 0 . . . 0}. The conditional probability distributions Prob(z(k) | V (0 . . . k)) (left–hand side) and Prob(w(k) | V (0 . . . k)) (right–hand side) are shown at times k = 0, 1, . . . , 9. All probabilities are shown in grey scale. A black box means that the probability of the corresponding state or output at that time is one, white means a probability of zero. Note that the realisations of the stochastic process shown in Figure 2.3 are included in the mean behaviour.
23
1
9 8 7 6 5 4 3 2 1
probability scale
3 output w
state z
2.4 Stochastic Automata for Fault Diagnosis
2 1
0
3 time 6
9
0
3 time 6
9
0
Fig. 2.4. Mean behaviour of the state (left) and output (right) of the SA shown in Figure 2.1 initialised with Prob(zp (0) = 1) = 1 for constant input v = 2.
By means of eqns. (2.25) or (2.30), it is possible to compute the probability of each realisation. For the state sequence of the first realisation of Figure 2.3, eqn. (2.25) yields the probability (cf. Figure 2.1) Prob(Zp (0 . . . 9) = Z(0 . . . 9) | Vp (0 . . . 9) = V (0 . . . 9)) = (0.19 + 0.56) · (0.17 + 0.08) · (0.74)7 ≈ 0.0228 , with Z(0 . . . 9) = (1, 1, 4, . . . , 4) and V (0 . . . 9) = (2, 2, . . . , 2). For the output, the calculation is more difficult. Up to time k = 2, eqn. (2.30) yields Prob(Wp (0 . . . 2) = W (0 . . . 2) | Vp (0 . . . 2) = V (0 . . . 2)) = 0.56 · ( 0.19 · (0.19 + 0.17) + 0.17 · (0.16 + 0.74 + 0.1)) + +0.08 · ( 0.16 · (0.19 + 0.17) + 0.74 · (0.16 + 0.74 + 0.01) + +0.1 · (0.01 + 0.46 + 0.53)) ≈ 0.1981 , with W (0 . . . 2) = (1, 2, 2) and V (0 . . . 2) = (2, 2, 2), where the sum is over all possible state sequences starting from z = 1 resulting in the considered output sequence.
2.4 Stochastic Automata for Fault Diagnosis For the application of SA to fault diagnosis, the definition of the automaton needs to be augmented by a variable corresponding to the fault f . There are two possibilities how the fault can be introduced, both of which are used in the following. The fault can either be introduced as an additional input variable such that the SA describes the effect of a fault upon the stochastic process, or as an additional state variable such that the SA also describes the
24
2. Basics of Stochastic Automata Theory
dynamics of the fault [126]. In both cases, the SA with fault is defined as a 5-tuple S(Nz , Nv , Nw , Nf , L)
(2.35)
with the finite set of fault symbols Nf = {1, . . . , S}. Depending on whether the fault is treated as input or as state, the behavioural relation is either extended to L : Nz × Nw × Nz × Nv × Nf −→ [0, 1] L(z 0 , w | z, v, f ) = Prob(z 0 , w | z, v, f ) .
(2.36)
with the fault as additional input or to L : Nz × Nf × Nw × Nz × Nf × Nv −→ [0, 1] L(z 0 , f 0 , w | z, f, v) = Prob(z 0 , f 0 , w | z, f, v) .
(2.37)
with the fault as additional state. In both cases, the SA with fault can be interpreted as standard SA such that all results of the previous sections equivalently apply. In case that the fault is an additional input, this is done by defining an arbitrary bijective mapping ˆv , with N ˆv = {1, 2, . . . , M · S} Mvf : Nv × Nf → N ˆv is by which to each pair (v, f ) of input and fault a unique input vˆ ∈ N ˆv , Nw , L) ˆ repassigned. With this, the SA S(Nz , Nv , Nw , Nf , L) and S(Nz , N resent the same stochastic process by setting ˆ 0 , w | z, vˆ) = L(z 0 , w | z, v, f ) with vˆ = Mvf (v, f ) . L(z Analogously, if the fault is introduced as an additional state, to transform the SA with fault into a standard SA, a bijective mapping ˆz , with N ˆz = {1, 2, . . . , N · S} Mzf : Nz × Nf → N ˆ is set according to is defined, and the behavioural relation L ˆ z 0 , w | zˆ, v) = L(z 0 , f 0 , w | z, v, f ) , L(ˆ with zˆ0 = Mzf (z 0 , f 0 ) and zˆ = Mzf (z, f ).
2.5 Properties of Stochastic Automata 2.5.1 Classification of Stochastic Automata This section presents some special cases of SA and shows relations to other automata like deterministic and nondeterministic automata. Only those definitions which are relevant to this book are given. For further classifications of automata the reader is referred to the textbooks [23], [67] or [184].
2.5 Properties of Stochastic Automata
25
Deterministic automata. The SA (2.1) is called deterministic if the behavioural relation L takes only values of zero or one and hence, a function λ : Nz × Nv → Nz × Nw exists such that 1 for (z 0 , w) = λ(z, v) 0 L(z , w | z, v) = (2.38) 0 otherwise holds. In contrast to the SA, in a deterministic automaton, every state has exactly one successor state for given input, and each state transition is associated with a unique output. As deterministic automata given by eqn. (2.38) are special cases of SA, all results derived for SA also hold for deterministic automata. Semi–deterministic automata [23]. The SA (2.1) is called semi–deterministic if a function ϕ : Nz × Nv × Nw → Nz exists such that > 0 for z 0 = ϕ(z, v, w) (2.39) L(z 0 , w | z, v) = 0 otherwise holds. According to eqn. (2.39), semi–deterministic automata have the property that if in addition to the state z and input v the output w is known, the successor state z 0 is uniquely determined. Nondeterministic automata. Here, the term nondeterministic automaton is used if the description of the automaton contains merely the possibility of a successor state/output pair to occur, but assigns no probability to its occurrence. A nondeterministic automaton is defined as 4–tuple N (Nz , Nv , Nw , Ln )
(2.40)
with Nz , Nv and Nw as defined for the SA and the nondeterministic behavioural relation Ln : Nz × Nw × Nz × Nv −→ {0, 1} .
(2.41)
In Ln , a one indicates that a transition is possible while a zero means that it is not. For given SA, the embedded nondeterministic automaton can be obtained by setting 1 if L(z 0 , w | z, v) > 0 Ln (z 0 , w, z, v) = (2.42) 0 otherwise . On the other hand, an SA cannot be obtained from a nondeterministic automaton as the SA contains more information. However, it might be reasonable for some applications to derive an SA from a given nondeterministic automaton by setting the probabilities of all pairs (z 0 , w) to the same value ý !−1 P Ln (z 0 , w, z, v) if Ln (z 0 , w | z, v) = 1 (2.43) L(z 0 , w | z, v) = z 0 ∈Nz ,w∈Nw 0 otherwise ,
26
2. Basics of Stochastic Automata Theory
that is, the derived SA contains, like its originating nondeterministic automaton, no information concerning the frequency of occurrence of the different successor states and outputs. By using eqn. (2.43), it is possible to use several results obtained for stochastic automata directly for nondeterministic automata. Stochastic Mealy–automata [23]. SA for which the relation L(z 0 , w | z, v) = G(z 0 | z, v) · H(w | z, v)
(2.44)
0
holds for all z , z ∈ Nz , v ∈ Nv and w ∈ Nw are called stochastic Mealy– automata (cf. eqn. (2.8)). Stochastic direct feedthrough. In general, a dynamical system is said to have a direct feedthrough, if the value of the output at a certain time instance depends upon the input at that time without any delay. In analogy to this, an SA is said to have a stochastic direct feedthrough, if the probability distribution of the current output depends upon the input. Formally, the SA is said to have a stochastic direct feedthrough if ∃z ∈ Nz , ∃w ∈ Nw , ∃v1 , v2 ∈ Nv , v1 6= v2 : H(w | z, v1 ) 6= H(w | z, v2 ) (2.45) holds. Consequently, the SA has no stochastic direct feedthrough if there ¯ : Nw × Nz → [0, 1] such that exists a function H ¯ | z) H(w | z, v) = H(w
(2.46)
holds for all v ∈ Nv , w ∈ Nw and z ∈ Nz . 2.5.2 Classification of Automaton States* In the following, the states of the SA are classified according to their dynamical properties. For this purpose, the autonomous SA without output introduced in Section 2.1 is considered, which is equivalent to a homogenous Markov chain. Accordingly, terms used in Markov theory are used and results from this theory apply to SA. The results and definitions of this section are taken from [188] and are used to study the stationary and dynamical behaviour of SA and qualitative models (cf. Sections 2.5.3, 4.3.1 and 4.3.2). The k–step transition probability Prob(zp (k) = z(k) | zp (0) = z(0)) of the SA can be obtained by means of the Chapman–Kolmogorov equation [188] (2.47) Prob(zp (k) = z(k) | zp (0) = z(0)) X = Prob(zp (k) = z(k) | zp (l) = z(l)) · Prob(zp (l) = z(l) | zp (0) = z(0)) z(l)∈Nz
holding for any fixed l, 0 < l < k. Applying (2.47) recursively with l = 1 yields the result of eqn. (2.27) for constant input and given initial state. If for given z 0 at least one state z exists such that the transition probability
2.5 Properties of Stochastic Automata
27
Prob(zp (1) = z 0 | zp (0) = z) is nonzero, the state z 0 ∈ Nz is called reachable. All reachable states are further classified as periodic or non–periodic. The greatest common divisor kP of all indices k for which Prob(zp (k) = z | zp (0) = z) > 0 holds is called period of state z. A state for which kP > 1 holds is called kP –periodic, a state for which kP = 1 holds is called aperiodic. Furthermore, a state z is called recurrent if the probability ever to return to state z when starting in z is one. Otherwise, the state is called transient. ˜z ⊆ Nz of states is called irreducible if for every pair of states z 0 , z ∈ A set N ˜ Nz , there exists an index k ∈ IN such that Prob(zp (k) = z 0 | zp (0) = z) > 0 holds. In other words, in an irreducible set of states, every state can be ˜z ⊆ Nz of states is called reached from all other states. Furthermore, a set N closed, if ˜z , z ∈ N ˜z and k ≥ 1 . Prob(zp (k) = z 0 | zp (0) = z) = 0 holds for all z 0 6∈ N Every closed set of states with the corresponding part of the transition relation Ga can be interpreted as a separate autonomous SA. If a closed set of ˜z consists of only one state, this state is called absorbing. Its easy to states N show that a state z is absorbing if and only if Prob(zp (1) = z | zp (0) = z) = 1 holds (cf. e.g. [177]). The following results will be used in the next section and are taken from [188]. Lemma 2.5.1. [188] A closed set of states is irreducible if and only if it contains no further closed set of states. Lemma 2.5.2. [188] All states of an irreducible set of states are either periodic with the same period kP or aperiodic. The above definitions are also used in the following for non–autonomous SA and a certain constant input. Then, for example, a state is called recurrent under the constant input v¯, if the state of the autonomous SA corresponding to v¯ ∈ Nv is recurrent. 2.5.3 Stationary Behaviour of Stochastic Automata* Stationary behaviour of autonomous stochastic automata. The autonomous SA represents a Markov chain and results obtained for the stationary behaviour of Markov chains can be directly applied. The following summarises the main results, presented in more detail in e.g. [56], [87] or [188]. Stationary and limiting distribution. The probability distribution of the current state of the autonomous SA is according to eqn. (2.28) given by: X Prob(z(k)) = Ga (z(k) | z(k−1)) · Prob(z(k−1)) . (2.48) z(k−1)∈Nz
28
2. Basics of Stochastic Automata Theory
Using the vector notation pz (k) = ( Prob(zp (k) = 1) Prob(zp (k) = 2) . . . Prob(zp (k) = N ))
0
for the probability distributions of the state at time k, eqn. (2.48) reads as pz (k) = Ga · pz (k−1) .
(2.49)
¯ z is called stationary, if and only if A probability distribution p ¯z ¯ z = Ga · p p
(2.50)
holds. In contrast to this, the distribution obtained from ˜ z = lim (Ga )k · pz (0) p k→∞
(2.51)
is called limiting distribution of the initialised autonomous SA with initial distribution pz (0) if the limit exists. The stationary distribution is not necessarily the limiting distribution of an initialised SA as the following example shows. Example 2.5.1. Consider an autonomous SA with Nz = {1, 2} and
Ga =
01 10
.
¯ z = (0.5 0.5)0 . The The stationary distribution of this SA is uniquely given by p limiting distribution of the SA initialised with pz (0) = (0.5 0.5)0 is given by ˜ z = (0.5 0.5)0 , but the limiting distribution of the same SA initialised with any p other probability distribution pz (0) = (p1 p2 )0 , with p1 6= p2 does not exist.
For the stationary and limiting distributions, the following result is obtained. Lemma 2.5.3. [198] For an autonomous SA without output and an irreducible set of states Nz , the following holds: ¯ z satisfying eqn. (2.50). 1. The SA has a unique stationary distribution p 2. If the states are aperiodic, the limiting distribution always exists, and is independent of the initial state distribution and is equal to the stationary ¯z . distribution p 3. If the states are periodic, the limiting distribution does not exist or is equal ¯ z , depending on the initial distribution. to the stationary distribution p Note that according to Lemma 2.5.2, for an SA with an irreducible set of states, either the condition in item two or three of Lemma 2.5.3 is satisfied. For further investigations of the stationary behaviour of the periodic case, the reader is referred to [56] or [87]. Lemma 2.5.3 is formulated for SA with an irreducible set of states Nz . In the following, it is shown that the stationary behaviour of every autonomous SA is given by the irreducible sets of states it contains and that the stationary behaviour is therefore obtained from a superposition of the results of Lemma 2.5.3 [87].
2.5 Properties of Stochastic Automata
29
Stationary distribution for a reducible set of states Nz . According to eqns. (2.3) and (2.4), the transition matrix is a square stochastic matrix, i.e. a nonnegative matrix with a column sum of one. It has at least one eigenvalue λi = 1 and for all eigenvalues, the condition |λi | ≤ 1 holds [188]. Every eigenvector corresponding to an eigenvalue of one is a stationary distribution of the corresponding SA. It can be shown that the transition matrix of an SA with an irreducible set of states possesses exactly one eigenvalue λi = 1 and has therefore a unique stationary distribution (cf. Lemma 2.5.3). A square stochastic matrix is called decomposable if it can be transformed by a symmetric permutation of its rows and columns to the form Gu Gw ˆ Ga = (2.52) 0 Gv with square, nonzero matrices Gu and Gv and a nonzero matrix Gw . The symmetric permutation of rows and columns corresponds to a renumbering of the states of the SA. If a stochastic matrix cannot be brought to the form (2.52), it is called nondecomposable and has a unique eigenvalue of one. The nondecomposability of the transition matrix therefore corresponds to the irreducibility of the corresponding set of states of the SA. The transition matrix Ga of an SA with a reducible set of states is always decomposable and can be brought to the normal form G11 0 0 · · · 0 G1,κ+1 G1,κ+2 · · · G1,ν 0 G22 0 · · · 0 G2,κ+1 G2,κ+2 · · · G2,ν .. .. .. . . .. .. .. .. .. . . . . . . . . . 0 0 0 0 Gκκ Gκ,κ+1 Gκ,κ+2 · · · Gκ,ν ˜a = G 0 0 0 · · · 0 Gκ+1,κ+1 Gκ+1,κ+2 · · · Gκ+1,ν (2.53) 0 0 0 ··· 0 0 Gκ+2,κ+2 · · · Gκ+2,ν . .. .. . . . .. .. .. .. .. . . . . .. . . . 0
0 0 ··· 0
0
0
· · · Gν,ν
by symmetric permutation of its rows and columns, where each Gii , i = 1, 2, . . . , ν is a square, nonzero, nondecomposable matrix. Each of the submatrices Gii , i = 1, 2, . . . , κ is a stochastic matrix and has a unique eigenvalue of one. They correspond to groups of states of the Markov chain that are all recurrent [87]. In contrast to this, the submatrices Gii , i = κ+1, . . . , ν are substochastic, i.e. at least one column sum of Gii is less than one, and therefore, they do not posses eigenvalues of one [188]. They correspond to groups of states of the Markov chain that are all transient, and the submatrices Gji , i = κ+1, . . . , ν, j < i describe their transition to the recurrent groups [87]. As the set of eigenvalues of the block triangular matrix (2.53) is given by the union of the sets of eigenvalues of the individual blocks, the transition ˜ a has exactly κ eigenvalues λi = 1 and thus has exactly κ eigenvecmatrix G ¯ iz , i = 1, . . . , κ that are stationary distributions of the corresponding tors p
30
2. Basics of Stochastic Automata Theory
autonomous SA. These stationary distributions are called elementary stationary distributions as all stationary distributions of the SA can be expressed by their convex combinations [198]. That is, every stationary distribution of the SA is given by ¯ z = a1 p ¯ κz , ¯ 2z + . . . + aκ p ¯ 1z + a2 p p
with
ai ≥ 0,
κ X
ai = 1 .
(2.54)
i=1
The above results are summarised by the following lemma. Lemma 2.5.4. [188] For an autonomous SA without output and a reducible set of states Nz , the following holds: 1. By renumbering of the states, the transition matrix Ga of the SA can be brought to the form (2.53). 2. Each of the submatrices Gii , i = 1, 2, . . . , κ corresponds to an irreducible set of states. For each of these sets of states, Lemma 2.5.3 applies. 3. All stationary distributions are convex combinations of the κ eigenvectors ¯ iz corresponding to the κ eigenvalues λi = 1. p According to Lemma 2.5.4, the stationary behaviour of the SA is given as a superposition of the stationary behaviour in the irreducible set of states it contains. Remark 2.5.1. All submatrices Gii , i = 1, 2, . . . , κ have a unique eigenvalue λi = 1 but can have further eigenvalues with |λi | = 1. The number of eigenvalues with |λi | = 1 corresponds to the period KP of the irreducible set of states. Example 2.5.2. Consider the autonomous SA without output given by the automaton graph on the left–hand side of Figure 2.5. A renumbering of the states results in the SA shown on the right–hand side of Figure 2.5 which has the transition matrix: 0 0 0 0 1 0.34 0 0 0 0 0.23 0 0 0.97 0.2 0 0 0 0.3 0.14 0 0.03 0.79 0.09 0 0 0 0 0 0.2 0.07 0 0.01 0.82 0.17 0 0 0 0.28 0 0 0 0.09 0.83 0 ˜a = . G 0 0 0 0 0 0.66 0.11 0 0 0 0 0 0 0.69 0 0 0 0 0 0 0 0 0 0 0 0.35 0.39 0 0 0 0 0.24 0 0 0 0 This transition matrix is in the decomposed normalised form (2.53) with κ = 2 and ν = 6. The two nondecomposable stochastic submatrices G11 and G22 each have an unique eigenvalue of one. The corresponding eigenvectors yield the stationary distributions 1 ¯ ˜z = ( 1 0 p 0 0 0 0 0 0 0 )0 , 2 ¯ ˜ z = ( 0 0.85 0.128 0.014 0.008 0 0 0 0 )0 . p
2.5 Properties of Stochastic Automata
0.39
0.79 0.03
0.79 0.03
0.39
0.24
3
0.97
14
14
0.97
0.28
0.01
0.69 0.66 1
0.28
0.01
0.69
0.3
0.
0.66
3 0.2
0.34
0.
0.2
0.34
0.23
9
07
0.35
6
0.3
2
8
0.24
0.11
07
5
5
0.35
1
0.17
0.
6
0.09
4 0.09
7
0.2
0.83
9
0.17
0.83
8
0.
1
0.82 0.09
0.09
4
0.11
7
1
0.82 0.2
31
2
0.23
Fig. 2.5. Autonomous SA (left) transformed to an SA (right) with decomposed normalised transition matrix.
The stationary behaviour of the SA is given by the convex combinations of these two distributions. As all states of the two irreducible sets of states are aperiodic, the limiting distribution always exists and is one stationary distribution given by the convex combination 1 2 ¯ ¯ ¯ ˜ =α·p ˜ ˜ +β·p p z
z
z
with α, β ∈ [0, 1], α + β = 1 depending on the initial distribution pz (0). If the initial state is for example z = 5, then α = 0, β = 1, whereas for z = 7, one obtains α = 0.11/(0.11 + 0.2) ≈ 0.355, β ≈ 0.645. To obtain the stationary behaviour of the original SA, the state renumbering must be reversed yielding: ¯ 1z = ( 1 0 0 0 0 0 0 0 p 0 )0 , 2 ¯ z = ( 0 0.85 0 0 0.128 0 0 0.014 0.008)0 . p
Stationary behaviour of stochastic automata with input. The SA is a controlled stochastic process, and therefore, its behaviour depends upon the behaviour of the input. Hence, it is only possible to study the stationary behaviour of the SA for stationary input. The simplest assumption on the input is to assume that for k → ∞ the input is not random but given by a single constant value v¯ = Nv . Then, the stationary behaviour of the SA can be determined by considering the autonomous SA obtained for v = v¯ and the results of autonomous SA apply. If the input is not constant but changing, the study of limiting distributions is only reasonable in combination with deterministic assumptions on the input, e.g. for periodically changing input symbols. However, stationary distributions describing the mean probability of the stochastic process being in a certain state for k → ∞ can be determined also for random input as shown in the following. It is assumed that the input is described by a stationary input process described by the probability distribution
32
2. Basics of Stochastic Automata Theory
Prob(v) = {Prob(vp = 1), Prob(vp = 2), . . . , Prob(vp = M )} .
(2.55)
If this condition is not satisfied because the input itself is the result of a stochastic process, the stationary behaviour of the input process must be determined first. The stationary input distribution then has the form of eqn. (2.55). Assuming that the inputs at different times are independent of each other, the following result is obtained for the stationary behaviour. Lemma 2.5.5. The stationary behaviour of an SA with a temporally constant input distribution (2.55) is given by the stationary behaviour of an autonomous SA with the transition relation X Ga (z 0 | z) = G(z 0 | z, v) · Prob(v) . (2.56) v∈Nv
Proof. See Appendix C.1.
t u
According to Lemma 2.5.5, the stationary behaviour of SA with input can be determined using the results for autonomous SA.
v=2
1
v=2
v=2
2
v=1
3
v=1
v=2
4
v=1
v=2 v=1
5
v=1
Fig. 2.6. SA with two inputs.
Example 2.5.3. Consider the SA with two inputs shown in Figure 2.6. For constant input v¯ = 1 or v¯ = 2, one obtains ¯z = ( 0 p
1
0
0
0 )0
or
respectively. For Prob(v) = { 0.8 , mean transition relation: 0 0 0 0 1.0 0.8 0.8 0 Ga (z 0 |z) = 0 0.2 0 0.8 0 0 0.2 0.2 0 0 0 0
¯z = ( 0 p
0
0
1
0 )0 ,
(2.57)
0.2 }, one obtains by means of eqn. (2.56) the 0 0 0 . 1.0 0
(2.58)
This matrix has a unique unit eigenvalue with the corresponding eigenvector ¯z = ( 0 p
0.76
0.19
0.05
0 )0
which is the stationary distribution of the SA with input.
(2.59)
2.6 Stochastic Operators**
33
Stationary behaviour of the output. From eqn. (2.34), it is clear that the probability of the output at time k is determined from the state distribution at that time. Consequently, the stationary output distribution is given by X Prob(w) ¯ = Ha (w|¯ ¯ z ) · Prob(¯ z) , (2.60) z¯∈Nz
with Prob(¯ z ) denoting the stationary state distribution given by eqn. (2.50), and with Ha given by X Ha (w | z) = H(w | z, v) · Prob(v) (2.61) v∈Nv
under the same assumptions as for Lemma 2.5.5. For the limiting output distribution, the same comments as given above for the limiting state distribution apply.
2.6 Stochastic Operators** Equation (2.30) describes the stochastic relation between an input and an output sequence of the same length as determined by the SA. The stochastic operator introduced in the following generalises the stochastic relation between input and output sequences. Denote the sets of all input or output sequences of arbitrary length including sequences of length zero by Nv∗ =
∞ [
Nvk , or Nw∗ =
k=0
∞ [
Nwk ,
k=0
Nvk
Nwk
respectively, where or denote the sets of all input or output sequences of length k. A stochastic operator is defined as follows [23]: Definition 2.6.1. For given Nw , Nv the triple I(Nw , Nv , τ )
(2.62)
is called a stochastic operator if the mapping τ : Nw∗ × Nv∗ → [0, 1] defines a conditional probability of all sequences W ∈ Nw∗ and V ∈ Nv∗ : τ (W |V ) = Prob(W |V ) .
(2.63)
The operator is called a finite stochastic operator if Nv and Nw are finite sets.
34
2. Basics of Stochastic Automata Theory
In order to define a conditional probability, τ (W |V ) has to fulfil the condition X (2.64) τ (W |V ) = 1, ∀ V ∈ Nv∗ . ∗ W ∈Nw
For every given initial state probability distribution Prob(z(0)), an SA represents a stochastic operator. However, the converse is not true. Not every stochastic operator can be represented by an initialised SA. If the conditional probabilities τ (W |V ) of a stochastic operator are identical to those described by eqn. (2.30) for some given initial state distribution Prob(z(0)), the stochastic operator is called SA–operator, and the SA–operator is said to be realised by the SA initialised with Prob(z(0)). If the SA is finite, then the corresponding operator is called a finite SA–operator. The following lemma gives a formal criterion to decide whether a stochastic operator is an SA– operator or not. Lemma 2.6.1. [23] A stochastic operator I(Nw , Nv , τ ) is an SA–operator if and only if for all sequences V ∈ Nv∗ , W ∈ Nw∗ and for all v˜ ∈ Nv , the two conditions 1. |W | 6= |V | ⇒ τ (W |V ) = 0 X ˜ ) | (V v˜)) = τ (W |V ) τ ((W W 2.
(2.65) (2.66)
˜ ∈N ∗ W w
˜ ) ∈ N ∗ and (V v˜) ∈ N ∗ mean that the are satisfied, where the symbols (W W w v ˜ sequence W and the input symbol v˜ are appended to the sequences W or V respectively, and |V |, |W | denote the lengths of the sequences. Note that the two conditions do not imply that the SA–operator can be realised by an SA with a finite number of states. In Section 5.3.3, this result will be used to discuss the properties of the state observation algorithm.
2.7 Bibliographical Notes Sequential machines and automata have been intensively studied in the past century and are the foundations of computer science [34]. Several textbooks concern the theory of deterministic automata, also known as finite state machines, cf. e.g. [44], [67], [86]. In the sixties the theory of stochastic automata emerged [23], [25], [180], [184], [203]. The theory was developed on the background of unreliable switching circuits but found later various applications in modelling and optimisation [18], [184], [194]. From the theory of automata emerged the discrete–event systems theory which developed as a field of its own. This term subsumes a variety of different models which have in common that they are of symbolic nature. Well–known
2.7 Bibliographical Notes
35
discrete–event models are Petri nets [81], descriptions using max–plus algebras [10], condition–event networks [46], [85], [183] or binary systems [16]. These models are widely used in representation and control, e.g. to model batch processes in chemical industry [147], [167], to design supervisory controllers [155], [158] or for fault diagnosis [119], [163]. Several results of these theories are closely related to this book. However, no results of these works are used directly, because in detail the theories differ considerably. The presentation in this chapter is mainly based on the textbook [23], but a different notation more suitable for the application to qualitative modelling is introduced. Furthermore, the textbooks [67], [184] or [194] are used, where the first contains only nondeterministic rather than stochastic automata. In its basics, automaton theory is well elaborated. However, results on stochastic automata are mostly limited to fundamental properties because research in this field almost stopped at the end of the sixties. Accordingly, several new results on stochastic automata had to be elaborated in the preparation of this book. In particular, this concerns stochastic automata networks and the state observation and diagnosis of stochastic automata (cf. Chapters 5 and 7). A focus of this chapter is the study of the stationary behaviour of stochastic automata. The studies are based on results from Markov theory as presented in the textbooks [56], [87], [188] and [198]. The presentation therefore differs from that of textbooks on automata theory that study the stationary behaviour by using the language of automata or other theoretical concepts.
3. Modelling of Quantised Systems by Stochastic Automata
The quantised systems approach is introduced in this chapter in three steps. First, in Section 3.1, the main idea is outlined and the complete path from the definition of the quantised system to its qualitative model is shown under simplifying assumptions and by using the example of the two–tank system of Section 1.4. In the second step, the quantised system definition is extended in Sections 3.2 and 3.3. In Section 3.4, its behaviour is investigated in detail. The qualitative model is derived in Section 3.5, and its most important properties are outlined. The third step is a system theoretic study of the quantised system given in Section 3.6 which yields further properties.
3.1 Summary of the Modelling Approach 3.1.1 Quantised Systems According to Figure 1.1, a model to be used for supervision must describe the relation between the quantised signals [u(k)] and [y(k)]. The causal relation between these signals is derived as shown in Figure 3.1. The upper part of the figure shows the system from the viewpoint of the supervisor, where the quantised signals appear in a non–causal manner. The lower part of the figure shows the transformation to the causal quantised system which describes the causal relation between the quantised input and output signals. In the following, causality will not be explicitly mentioned if referring to the quantised system. From the context it is always clear whether it is referred to the causal or non–causal quantised system. In the following, the quantised system shown in the lower part of Figure 3.1 is studied. It consists of three blocks where the output quantiser and the continuous–variable system are those of Figure 1.1, and the input injector is the “causal inverse” of the input quantiser. The three blocks of the quantised system are described in the following. Continuous–variable system. The core of the quantised system is the discrete–time continuous–variable system J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 37-94, 2003. Springer-Verlag Berlin Heidelberg 2003
38
3. Modelling of Quantised Systems by Stochastic Automata
u
Quantised system Discrete-time continuousvariable system
y
Quantiser
Quantiser [ y]
[u]
Causal quantised system [u]
Injector
u
Discrete-time continuousvariable system
y
Quantiser
[ y]
Fig. 3.1. Causal relation among the quantised signals.
x(k+1) = g(x(k), u(k)) ,
x(0) = x0
(3.1)
y(k) = h(x(k), u(k))
(3.2) n
with the state vector x ∈ Rn ⊆ IR , the input vector u ∈ Rm ⊆ IR output vector y ∈ Rr ⊆ IRr .
m
and the
Quantiser. The quantiser transforms the numerical output y(k) of the continuous–variable system into the quantised output [y(k)] ∈ Ny at time k, with Ny = {1, 2, . . . , R}. It is defined by a partition of the relevant part of the output space into bounded sets Qy (i) and such that the relation [y(k)] = i ⇔ y(k) ∈ Qy (i)
(3.3)
holds for all outputs. Example 3.1.1. Consider the two–tank system of Section 1.4 with the liquid levels as output. A partition of the relevant output space into nine sets is shown in Figure 3.2. In case of the two–tank system, the partition boundaries are chosen so as to coincide with the minimal and maximal tank levels and the positions of the discrete level sensors LS1–LS4. That is, if the quantised output at time k is for example [y(k)] = 3, it means that the liquid level in the left tank is between 0.4 and 0.6 metres and in the right one between 0 and 0.1 metre. Figure 3.3 shows the effect of the quantiser on a numerical output signal of the tank system. On the left–hand side the sequences of numerical values for y1 (k) and y2 (k) are shown. The quantisation introduced by the partition is shown by the light grey boxes at each time step. The quantiser transforms the numerical sequence Y (0, 1, . . . , 8) into the quantised sequence [Y (0, 1, . . . , 8)] = (9, 8, 8, 8, 8, 3, 3, 3, 1). This quantised sequence is shown on the right–hand side of Figure 3.3.
Injector. The injector is the causal inverse of the quantiser. This means, given a quantised input [u(k)] ∈ Nu = {1, 2, . . . , M }, the injector must determine a numerical input u(k). Like the quantiser, the injector is defined via a partition of the relevant part of the input space into sets Qu (i) that are
3.1 Summary of the Modelling Approach
39
y2 0.6 Qy(7)
Qy(8)
Qy(9)
Qu(1) 0
0.2 0.1 0 0
Qy(4)
Qy(5)
Qy(6)
Qy(1)
Qy(2)
Qy(3)
0.2
0.4
Qu(2) Qu(3) 0.4
0.7
1
u
0.6 y1
Fig. 3.2. Partition of the relevant output space (left) and input space (right) of the two–tank system.
Fig. 3.3. Quantisation of a numerical output signal of the two–tank system.
for the moment assumed to be bounded. The selection of a numerical input u(k) by the injector is according to the equivalence relation [u(k)] = i ⇔ u(k) ∈ Qu (i) .
(3.4)
This means that the injector must incorporate some mechanism to choose a numerical input from the set Qu (i). Therefore, the injector is described such that it randomly selects one numerical input of the set Qu ([u]) corresponding to the given quantised input [u]. This is a reasonable definition of the injector as it shall describe the inverse operation of quantisation. A quantiser is a memoryless system assigning to all numerical values of a partition set the same quantised value. Accordingly, the injector must also be a memoryless system and all numerical values of the partition set associated to the given quantised value must be possible outcomes of the injection. This leads naturally to the definition of the injector as static random process.
40
3. Modelling of Quantised Systems by Stochastic Automata
Example 3.1.2. Consider the pump velocity vp as input to the two–tank system. A partition of the scalar input space is shown on the right–hand side of Figure 3.2. Accordingly, if the quantised input at time k is for example [u(k)] = 1 the injector randomly chooses one input u(k) between 0 and 0.4 and gives it to the pump. It is assumed in this section that the injector chooses the values according to a uniform distribution, i.e. for [u(k)] = 1, all values in the interval [0, 0.4) can occur with the same probability. 3.1.2 Nondeterminism of the Quantised System Behaviour Consider the two–tank system of Section 1.4 without any knowledge about the initial tank levels and, for simplification, without input and the output equal to the state. Furthermore, the pump is off, the Valve V12L is open and the Valve V12H is closed. The output space partition is as shown in Figure 3.2 and the sampling time is 5 seconds. Assume that at time k = 0, the quantised output [y(0)] = 3 is obtained. That is, the liquid levels of the system at k = 0 are known to be represented by an element of Qy (3). The question investigated now is: What quantised outputs [y(1)], [y(2)], . . . will be obtained in the future?
Fig. 3.4. Nondeterminism of the quantised system.
The continuous–variable model (3.1)–(3.2) can answer this question only for single numerical initial conditions. However, here the initial condition is not a single point in the state space. The initial condition is unknown and from [y(0)] = 3 it can only be deduced that 0.4 ≤ x1 ≤ 0.6 and 0 ≤ x2 ≤ 0.1 hold. That is, a set of initial conditions must be considered. Hence, eqns. (3.1) and (3.2) must be applied to all points of the set Qy (3). This results in the sets of points at times k = 1, 2, . . . that are shown in Figure 3.4 as grey areas in the output space. Alternatively, these different behaviours can be viewed over time as done in Figure 3.5 where an ensemble of output signals up to k = 5 is shown for different numerical initial conditions all having the same
3.1 Summary of the Modelling Approach
41
Fig. 3.5. Ensemble of output signals with the same quantised initial condition.
quantised initial value [y(0)] = 3. By means of Figure 3.4, the answer to the above question can be given: at time k = 1 the quantised output [y(1)] can be either 5, 6, 8 or 9, at k = 2 it can be either 4, 5 or 8 and so on. That is, due to the uncertainty concerning the initial condition, different quantised outputs can occur in the future. The behaviour of the quantised system is nondeterministic [109]. It should be pointed out that this nondeterminism is a direct consequence of the quantised measurement of the liquid levels and does not mean that there is any uncertainty in the continuous–variable system. Another reason why the behaviour of the quantised system is nondeterministic is the injector. Because a quantised input is given to the system, the corresponding set Qu (i) of numerical input values must be considered for the behaviour of the quantised system. This is discussed in detail in Section 3.4. 3.1.3 Modelling Problem In the previous section the nondeterministic behaviour was outlined using the example of the tank system. It has been shown that the description of the behaviour of the quantised system requires to consider sets of inputs, outputs and states rather than single trajectories of the continuous–variable system. Even for the simple two–tank system, the precise description of these sets is very complex. Though a precise description of the behaviour of the quantised system is possible, the reason for the introduction of quantisation should be recalled at this point. The aim is to abstract from a numerical description of the system to a qualitative one in order to simplify the solution to process supervision tasks. A precise description of the complex behaviour of the quantised system contradicts this aim. Therefore, a concise approximate description of the quantised system in form of a stochastic automaton is elaborated in the following. The approximate model should fulfil the following aims.
42
3. Modelling of Quantised Systems by Stochastic Automata
Modelling aims. I) Simplicity. The approximate description should be simple. It should allow the formulation of applicable solutions to process supervision problems. II) Completeness. The description should be complete in the sense that it contains all quantised output sequences possibly generated by the quantised system. III) Convergence. The approximation should be such that the degree of precision is adjustable by a “resolution parameter”, such that its converges to a precise description of the quantised system for increasing resolution.
3.1.4 Abstraction of Quantised Systems to Stochastic Automata Using a stochastic automaton as approximate model of the quantised system means to set the automaton inputs, outputs and states as well as its behavioural relation so as to describe the quantised system. It appears natural to set the automaton input and output alphabets according to the inputs and outputs of the quantised system. That is, each automaton input is associated with one input of the quantised system [u] = v and equivalently for the output [y] = w. The automaton states are set such that each automaton state corresponds to a set of numerical states of the continuous–variable system. That is, like the input and output space, the relevant state space of the continuous–variable system is partitioned into N sets. As before, the partition is such that each quantised state [x(k)] ∈ Nx = {1, 2, . . . , N } corresponds to one bounded set Qx (i) in the state space. In summary, this means that the following is set: Nz := Nx , Nv := Nu , Nw := Ny , and [x] = z , [u] = v , [y] = w . With these settings, the SA is called a qualitative model of the quantised system. The states, inputs and outputs of the qualitative model are called qualitative states, qualitative inputs and qualitative outputs, respectively. With these settings it is clear that the behavioural relation must be chosen so as to describe the conditional probability of a change of the quantised state given a certain quantised input and obtaining a certain quantised output: þ g(x, u) ∈ Qx (z 0 ), þþ x ∈ Qx (z), 0 L(z , w|z, v) = Prob . (3.5) h(x, u) ∈ Qy (w) þ u ∈ Qu (v) More precisely, the behavioural relation of the SA must be chosen according to
3.1 Summary of the Modelling Approach
43
Abstraction of the quantised system L(z 0 , w|z, v) :=
λn+m (Qxu (z 0 , w, z, v)) λn+m (Qxu (z, v))
(3.6)
with Qxu (z, v) = Qx (z) × Qu (v) = {(x, u) | x ∈ Qx (z), u ∈ Qu (v)} ⊂ IRn+m Qxu (z 0 , w, z, v)) = {(x, u) | x ∈ Qx (z), u ∈ Qu (v), g(x, u) ∈ Qx (z 0 ), h(x, u) ∈ Qy (w)} ⊆ Qxu (z, v) , where λn+m (·) denotes the Lebesgue measure of the sets that can be thought of as the sets hypervolume in the combined input and state space (cf. Appendix A.1). Equation (3.6) is referred to as abstraction of the quantised system because the equation describes how a concise model of the quantised system that is more abstract than the underlying numerical model is derived. As the remainder of this book will show, the described qualitative model in form of a stochastic automaton fulfils all of the modelling aims of Section 3.1.3. Simplicity of the model is given because the SA is a causal model with finite memory and a simple structure. As shown in Section 2.3, it is possible to iteratively determine the sets of state and output sequences. Such simple iterative solutions can also be found for process supervision problems as shown in Chapters 6 and 8. These solutions fundamentally rely on the completeness of the qualitative model. It will be shown in Section 3.5 that the qualitative model obtained by abstraction is a complete model of the quantised system, for arbitrarily chosen partition of the state space. The degree of precision is determined by the granularity of the state space partition. In Section 3.6, it will be shown that for increasingly finer partition of the state space, the qualitative model converges to a precise representation of the quantised system. Clearly, increasing granularity of the partition means that the number of automaton states, and hence, the complexity of the SA increases. In summary this means that the following proposition is satisfied. Fulfilment of the modelling aims Proposition 3.1.1. The qualitative model defined by eqn. (3.6) satisfies the three modelling aims simplicity, completeness, and convergence. The proposition is proved in the remainder of this book. The following example explains how a qualitative model of the two–tank system is derived by means of abstraction.
44
3. Modelling of Quantised Systems by Stochastic Automata
Fig. 3.6. Partition of the state space and automaton states (left), explanation of the transition probabilities (right).
Example 3.1.3. Consider the two–tank system of Section 1.4 with the sampling time Ts = 5s, without input and in the configuration where the pump is off (vp = 0), V12l open and V12u closed. That is, the two–tank system is autonomous and equation (1.8) has the form x(k+1) = g a (x(k))
x(0) = x0 .
The states of the two–tank system are the liquid levels. To simplify the example, the qualitative model is considered without output such that, for this example, eqn. (3.6) becomes Ga (z 0 |z) :=
λn (Qx (z 0 , z)) λn (Qx (z))
(3.7)
with Qx (z 0 , z) = {x | x ∈ Qx (z), g a (x) ∈ Qx (z 0 )} , where Ga (z 0 |z) is the transition relation of an autonomous SA without output (cf. Section 2.1). The state space partition can be chosen arbitrarily. Here, the state space is partitioned like the output space into nine subsets. Each subset is assigned to an automaton state as shown on the left–hand side of Figure 3.6. As example, the transition probabilities Ga (z 0 |3) from state z = 3 are calculated for all z 0 . On the right–hand side of Figure 3.6, the map of the set Qx (3) is shown. It can be seen that the states x of Qx (3) map either to Qx (5), Qx (6), Qx (8) or Qx (9). Depending on the map of the state, the set Qx (3) is thus partitioned into the four subsets Qx (3, 5), Qx (3, 6), Qx (3, 8) and Qx (3, 9). The measures of these sets are: λn (Qx (3, 5)) = 0.0156, λn (Qx (3, 8)) = 0.002,
λn (Qx (3, 6)) = 0.001 λn (Qx (3, 9)) = 0.0014 .
Note that to obtain these values it is necessary to map the set Qx (3) what means to evaluate eqn. (1.8) for all points of the set. With the above values and λn (Qx (3)) = 0.02, eqn. (3.7) yields: Ga (5|3) = 0.78, Ga (6|3) = 0.05, Ga (8|3) = 0.1, Ga (9|3) = 0.07 .
3.1 Summary of the Modelling Approach
45
0.32
73 0.
0.91
0.12
78 0.
0.43
0.02
45 0.
1
6
0.07
5
0.33
0.43
0.09
0.1
0. 02
0.01
0.01
0.33
0.35
9 0.25
0.27
2
0.05
0.17
0.1
8
0.73
4
0.48
01 0.
7
0.57
0.87
3
Fig. 3.7. Automaton graph of the qualitative model of the quantised two–tank system. It can further be seen from Figure 3.6 that none of the states in Qx (3) maps to any state in Qx (1), Qx (2), Qx (3), Qx (4) or Qx (7). Hence, Ga (z 0 |3) = 0 holds for the successor states z 0 = 1, 2, 3, 4 and 7. In the same way, all other transition probabilities are determined. The resulting qualitative model of the quantised two–tank system is shown in Figure 3.7.
3.1.5 Complexity of Qualitative Models An important issue is the complexity of qualitative models meaning the number of entries of the behavioural relation (3.6) that need to be determined and stored. Of particular interest are the nonzero transition probabilities as in a practical application only these values are stored [174]. It is useful to have a rough estimate for the number of expected nonzero entries of the behavioural relation. Such an estimate is derived is the following on a heuristical basis. The number of transition probabilities depends on various parameters. Most important are the number of qualitative states N and the number of qualitative inputs M . If the qualitative model was a deterministic automaton there would be a single successor state and output for each combination of the qualitative state and input. The number of transitions would thus be N · M . Due to the nondeterminism, however, there are, in general, various qualitative successor states and outputs. The practical experience shows that the number depends mainly on the dimensions of the state and output spaces. This motivates the approach to estimate the number |TL (z, v)| of successor r states and √ outputs for each z√∈ Nz , v ∈ Nv by |TL (z, v)| ≈ ηzn0 · ηw , where n r 1 ≤ ηz0 ≤ N and 1 ≤ ηw ≤ R are system dependent parameters reflecting
46
3. Modelling of Quantised Systems by Stochastic Automata
the average number of qualitative successor states and outputs per dimension of the state and output space, respectively. An estimate of the overall number of nonzero entries |TL | of the behavioural relation L is thus given by r |TL | ≈ N · M · ηzn0 · ηw .
(3.8)
As ηz0 = 1 or ηw = 1 mean a deterministic state or output behaviour these parameters are called nondeterminism parameters with respect to the successor state or output, respectively. The motivation for introducing the nondeterminism parameters ηz0 and ηw can be explained by means of Figure 3.6. On the right–hand side of the figure the map of a region of the state space is shown. In can be observed that the mapped region extends over two intervals per dimension of the state space. This is a typical situation making ηz0 = 2 and ηw = 2 a good estimate for the practical application. For the two–tank system of the previous section the estimate (3.8) yields |TL | ≈ 9 · 1 · 22 · 20 = 36. This is a reasonable estimate if compared to the real number of nonzero transitions probabilities which is 28 (cf. Figure 3.7). Further examples throughout the book will show that the estimate (3.8) yields good results. Equation (3.8) reflects another property of qualitative models. To show this, let N¯i be the average number of qualitative states per dimension of the ¯ i the corresponding number for the qualitative input. Then state space and M eqn. (3.8) reads ¯ i )n · (M ¯ i )m · η n0 · η r , |TL | ≈ (N z w showing that the complexity of the qualitative model increases exponentially with the dimensions of the continuous–variable system. For example a fifth order system with a three dimensional input and output space and five qualitative values per dimension would yield a qualitative model with approximately |TL | ≈ 108 nonzero entries. To store and determine such an enormous number of probabilities means a high computational effort and is near to the practical limitation brought about by current computer technology. For such or even more complex systems, a component–oriented qualitative modelling approach as presented in Chapter 8 is compulsory.
3.2 An Extended Introduction to Quantised Systems 3.2.1 Definition of Quantised Systems Continuous–variable system. As before, the core of the quantised system is the discrete–time continuous–variable system
3.2 An Extended Introduction to Quantised Systems
x(k+1) = g(x(k), u(k)) ,
47
x(0) = x0
y(k) = h(x(k), u(k)) with the state vector x ∈ Rn ⊆ IRn , the input vector u ∈ Rm ⊆ IRm and the output vector y ∈ Rr ⊆ IRr . Quantiser. The definitions of both, the injector and the quantiser are extended in this section. They are defined in the following on an arbitrary space Rν ⊆ IRν of signal values ζ(k), where ζ(k) stands for the input or output signal, and is used in Section 3.2.4 also for fault signals. The quantiser invokes a surjective mapping and is defined via a partition of the signal space Rν into sets Qζ (i), i = 1, . . . , ξ by [·] : Rν → Nζ ,
[ζ] = i ⇔ ζ ∈ Qζ (i)
(3.9)
with Nζ = {1, 2, . . . , ξ}. The partition is such that the Lebesgue measure λν in Rν of all sets is nonzero: λν (Qζ (i)) > 0 ,
i ∈ Nζ .
(3.10)
This means that the sets Qζ (i) must not lie completely in a subspace of Rν . For example Qζ (i) must not be a line or a single point in IR2 . In contrast to the introduction of the quantiser in Section 3.1.1, the whole signal space is partitioned and the sets Qζ (i) can be unbounded (cf. Figure 3.8). Remark 3.2.1. The definition of the quantiser allows to divide the signal space
into arbitrarily shaped sets. Practically, the input and output signals of a system are usually quantised independently of each other. For example in case of the two– tank system of Section 1.4, the quantisation of the output space is defined by the positions of the discrete level sensors attached to each tank. Both tank levels are thus quantised independently of one another. The resulting partition is called orthogonal partition as the bounds separating the partition regions are orthogonal to each other. For the two–tank system, the output space partition resulting from the positions of the discrete–level sensors is shown in Figure 3.8.
Remark 3.2.2. Condition (3.10) means that single points in a continuous signal space cannot be assigned an own quantised value. This restriction is necessary to obtain well defined transition probabilities (cf. Section 3.5.2). However, in particular for the input and fault spaces, such singular partition sets can be useful. In this case, the restriction (3.10) can be circumvented by introducing discrete–valued dimensions as explained in Section 3.3.3. Injector. As explained above, the injector needs to realise an injective mapping Nζ → Rν . Obviously, this mapping is not well defined as the choice of a numerical value ζ(k) for given quantised value [ζ(k)] merely fulfilling the equivalence relation [ζ] = i ⇔ ζ ∈ Qζ (i) is not unique but random. Hence, for the definition of the injector, this random choice must be specified more precisely. This is done by defining the probability with which a certain value ζ(k) of Qζ ([ζ(k)]) occurs. That is, instead of the partition of the signal space, a set of non–overlapping probability density functions1 piζ : Rν → IR+ , with 1
The space of all density functions is defined in Appendix A.1.
48
3. Modelling of Quantised Systems by Stochastic Automata
y2 0.6
0.2 0.1 0
Qy(7)
Qy(8)
Qy(9)
Qy(4)
Qy(5)
Qy(6)
Qy(1)
Qy(2)
Qy(3)
0
0.2
0.4
0.6
y1
Fig. 3.8. Orthogonal output space partition of the two– tank system including unbounded sets.
piζ (ζ)
Z = 0 ⇔ ζ 6∈ Qζ (i)
and
Rν
piζ (ζ)dζ = 1
, i = 1, 2, . . . , ξ (3.11)
must be given to define the injector. In other words, the injector is a static random process defined by the set of probability density functions, randomly choosing a value ζ out of Qζ (i) for given i. Static means here that the numerical value ζ selected at time instance k does not depend on previously selected values and that the densities piζ do not depend on the time instance k. Furthermore, the random process is assumed to be independent of all other signals of the quantised system. The density functions piζ depend on the properties of the real system. For simplification, uniform distributions 1 for ζ ∈ Qζ (i) piζ (ζ) = λν (Qζ (i)) , i = 1, . . . , ξ (3.12) 0 otherwise are often assumed for all bounded sets. On unbounded sets for example declining exponential functions can be used as density functions. An example of the definition of an injector is given in the next section. The above definition of the injector by means of probability density functions might not seem intuitive. However, it is clear that if merely a region is specified, as in the quantised system, the numerical value can be anywhere in that region. The probability density function allows to describe which numerical values within that region are more or less likely to occur, which is a very general approach. In summary, the quantised system is given as shown in the box on page 49. Remark 3.2.3. Note that according to the definition of the injector, the numerical value can change its value over time even if the quantised value is constant. This is
3.2 An Extended Introduction to Quantised Systems
49
Definition of the quantised system [u (k)]
Quantised system x(k)
[ y (k)]
The quantised system is defined as tuple QS(Rn , Rm , Rr , Nu , Ny ,{p1u , ..., pM u },{Qy (1), ..., Qy (R)}, g, h) . (3.13) Its causal behaviour for arbitrary initial state x(0) = x0 is described as follows: input [u(k)] ∈ Nu yields a random input vector u(k) according to [u(k)] the probability density function pu (u) depending on the randomly selected input: successor state: x(k+1) = g(x(k), u(k)) numerical output: y(k) = h(x(k), u(k)) output [y(k)] ∈ Ny with [y(k)] satisfying y(k) ∈ Qy ([y(k)])
because the injector is a static system, i.e. a system without memory, and, therefore, its output cannot depend on previous values. However this does not imply any limitation, as such dynamical effects of the injector could be transformed to the continuous–variable system.
3.2.2 Interpretation of Quantised Systems as Discrete Stochastic Processes According to the definition of the quantised system, the output symbol [y(k)] cannot be uniquely determined from [u(k)] but depends upon the random choices of the current and the previous numerical inputs u. That is, the quantised system is a discrete stochastic process, as the quantised output [y(k)] at time k is given as a discrete random variable (cf. Section 2.2, Appendix A.2). In Section 3.1.2 this has been referred to as the nondeterminism of the quantised system. The above definition of the quantised system describes how a realisation of the stochastic process in terms of a single quantised output sequence is obtained for an unique initial condition x(0) = x0 . For studying the quantised system, however, it is not realistic to assume that the initial state is precisely known (cf. Section 3.1.2). This is firstly because the state cannot always be directly measured and, secondly, because quantised rather than numerical information is available. That is, the available information concerns merely a set Qy (i) of possible outputs from which, even if considering subsequent
50
3. Modelling of Quantised Systems by Stochastic Automata
quantised measurements, in general, no unique numerical state can be derived [36]. Hence, it must be considered that only a set of initial states is known. Therefore, concerning the initial condition of the quantised system, it must be assumed that only a subset X 0 of the state space or, more generally, an initial probability density function Z + n px0 : R → IR with px0 (x) = 0 ⇔ x 6∈ X 0 and px0 (x)dx = 1 (3.14) Rn
is known. The actual numerical initial state x0 of the embedded continuous– variable system can be any state within the set X 0 and is determined randomly according to px0 (x). That is, in addition to the random choices of the numerical inputs by the injector, the imprecisely known initial state introduces another random variable to the stochastic process represented by the quantised system. In the following, the density function px0 (x) is simply referred to as initial condition of the quantised system. For a given initial condition, the quantised system is also referred to as initialised quantised system. 3.2.3 Representation Problems The quantised system is a stochastic process and characterised by the probabilities with which the different quantised output symbols [y(k)] occur. The aim is to find these probabilities for a given sequence of quantised input symbols [U (0 . . . k)] = ([u(0)], . . . , [u(k−1)]) ∈ Nuk+1
(3.15)
and initial state probability density function px0 (x) or to determine the set of output symbols for which this probability is nonzero. These tasks are referred to as representation problems of quantised systems. Stochastic representation problem of quantised systems. Determine the conditional probability distribution Prob([y(k)] | px0 (x), [U (0 . . . k)])
(3.16)
describing the probabilities of the output symbols [y(k)] at time k, for given symbolical input sequence [U (0 . . . k)] and initial density px0 (x). Set representation problem of quantised systems. Determine the set [Y(k | X 0 , [U (0 . . . k)])] ⊆ Ny
(3.17)
of currently possible output symbols [y(k)] at time k, for given symbolical input sequence [U (0 . . . k)] and initial set of states X 0 .
3.2 An Extended Introduction to Quantised Systems
51
fault [ e (k)] Quantised system for diagnosis
Injector e (k)
[u (k)]
Injector
u (k) x (k+1) = g( x (k), u(k), e(k)) y (k) y (k) = h( x(k), u(k), e(k))
Quantiser
[ y (k)]
Fig. 3.9. Quantised system for fault diagnosis.
The solution to both representation problems is considered in Sections 3.4 and 3.6. The solution to the set representation problem presents a simplified view on the quantised system. Instead of describing the probabilities of the output symbols, it is merely considered whether or not a certain quantised output can occur. That is, sets of possible outputs are derived without assigning a probability to them. In Section 3.4.2, this simplified viewpoint is extended to a stochastic description on an intuitive level and only for autonomous systems. A complete solution to the stochastic representation problem requires several measure theoretic concepts and is, therefore, presented separately in Section 3.6. 3.2.4 Quantised Systems for Fault Diagnosis If the quantised system is to be considered for fault diagnosis, the influence of the faults upon the system must be described. This is done by introducing the fault as additional input e to the continuous–variable system x(k+1) = g(x(k), u(k), e(k)) ,
x(0) = x0
y(k) = h(x(k), u(k), e(k)) ,
(3.18) (3.19)
s
with the fault vector e ∈ Rs ⊆ IR . This means that the quantised fault [e(k)] ∈ Ne = {1, 2, . . . S} becomes an additional input to the quantised system (cf. Figure 3.9). The transformation between the numerical fault values e(k) and the quantised fault values [e(k)] is performed by a second injector. The sets resulting from the partition of the fault space are denoted by Qe (i) and the density functions by pie (e). In summary, the quantised system with fault is given by the tuple QS(Rn , Rm , Rr , Rs , Nu , Ny , Ne , {p1u , . . . , pM u },
{p1e , . . . , pSe }, {Qy (1), . . . , Qy (R)}, g, h) .
(3.20)
The introduction of the fault as additional input is a very general approach for describing faults. The fault vector e(k) appears in eqns. (3.18) and (3.19) in the nonlinear vector functions g and h. This is more general than most
52
3. Modelling of Quantised Systems by Stochastic Automata
assumptions used in the literature on fault diagnosis (cf. e.g. [11]) and will not be further restricted in the remainder of the book. In the literature on fault diagnosis, often linear systems with additive faults acting upon the inputs, states or outputs, or faults in form of parameter deviations of a linear model are considered. Models with such faults are of course special cases of eqns. (3.18) and (3.19). Note that eqns. (3.18) and (3.19) also allow to describe faults that cause structural changes of the system or changes of system order because the fault vector can be used to switch between different sets of system equations. Hence, systems given by sets of differential equations switched depending upon the fault can also be described. Example 3.2.1. Consider the two–tank system of Section 1.4 where the fault is a
leak in the left tank. The size of the leak is parameterised by the variable cl ≥ 0 which, therefore, is the fault variable e = cl /(10−4 m5/2 /s) of the scalar fault space Rs = IR+ . The fault space is partitioned into Qe (1) = [0, 0.5) ,
Qe (2) = [0.5, 2.5) ,
Qe (3) = [2.5, 8.5) ,
s
Qe (4) = R \ (Qe (1) ∪ Qe (2) ∪ Qe (3)) = [8.5, ∞) , with the semantics that [e] = 1 means no leak, [e] = 2 a small leak, [e] = 3 a big leak, and [e] = 4 a very big leak. Furthermore, the following density functions are used: 2 for e ∈ [0, 0.5) 0.5 for e ∈ [0.5, 2.5) p1e (e) = p2e (e) = 0 otherwise 0 otherwise p3e (e) =
1/6 for e ∈ [2.5, 8.5) 4 pe (e) = 0 otherwise p1e (e),
p2e (e)
exp(−e + 8.5) for e ≥ 8.5 0 otherwise
.
p3e (e)
and describe uniform distributions while The density functions R the density function p4e (e) is a declining exponential function with Rs p4e (e)de = 1 (cf. eqn. (3.11)). The partition and the density functions defining the fault injector are shown in Figure 3.10.
Remark 3.2.4. Though the density functions required for the definition of the injector are an inherent part of the technological system reflecting the nature of the fault or input, for practical cases, they often cannot be determined systematically. Therefore, usually uniform distributions like in this example are used. This is because the uniform distribution does not distinguish faults in the set Qe (i), i.e. none of the values of Qe (i) is more likely than another, and contains, from the viewpoint of information theory, no additional information compared to the partition. Extended input space. Because the fault is introduced as an additional input, it needs no extra treatment in the analysis of the quantised system. The difference between an input and a fault becomes relevant only when using the quantised system approach for fault diagnosis but is irrelevant to the analysis of its behaviour. Formally, the fault and input of the quantised system can be lumped together yielding a quantised system without fault ˜ = (u e)0 ∈ Rm+s . Accordingly, the resulting extended and with the input u input space Rm+s is partitioned into M · S sets each assigned to a quantised ˆu = {1, 2, . . . , M · S}. The partition sets in the ˜] ∈ N extended input value [u extended input space are defined as
3.3 Further Aspects of Quantised Systems*
pe 2
53
pe1(e)
1
p4e(e)
pe2(e)
0.5 0.167 0 0.5
pe3(e) 2.5
[ e]=1 [e]=2
8.5 [e ]=3
[e]=4
e e
Fig. 3.10. Definition of the fault injector of the two–tank system.
Qu˜ (Mue (i, j)) = Qu (i) × Qe (j) ⊆ Rm+s
i ∈ Nu , j ∈ N e
(3.21)
with an arbitrary bijective map ˆu Mue : Nu × Ne → N
(3.22)
assigning a unique number to each set of the partition. This is the reason why for the remainder of this chapter the quantised system is considered without fault.
3.3 Further Aspects of Quantised Systems* 3.3.1 Other Abstractions of Numerical Signals* In the literature on qualitative modelling, different approaches to abstract symbolical values from numerical signals are known (e.g. [33], [35], [89], [109], [141]). Described above and used throughout the book is the signal quantisation as suggested for qualitative modelling in [109]. This quantisation is static, i.e. the quantised value of the signal at each time point depends on the numerical signal at that time independently of its previous value. However, there are several, not necessarily static, alternatives to obtain an abstract qualitative signal from a numerical signal. Some of them are briefly outlined below. Obviously, a different definition of the quantiser also means a different definition of its causal inverse, the injector. Accordingly, an analytical description of the quantised system requires the formulation of a quantisation and injection procedure. Then, the quantised system approach can lead in a similar way as described in Sections 3.1 and 3.5 to a qualitative model. For the quantisation techniques described below, this has not yet been investigated.
54
3. Modelling of Quantised Systems by Stochastic Automata µ (ζ )
µ (ζ )
1
1
0
0 0.1 0.2 Qζ(1) Qζ(2)
0.6
ζ
0
QζF(1) QζF(2)
0 0.1 0.2
supp(QζF(1))
Qζ(3) ζ
F
Qζ (3)
0.6 F supp( Qζ (3))
F
supp( Qζ (2))
ζ ζ
Fig. 3.11. Quantisation based on crisp sets (left) and fuzzy sets (right).
Fuzzy quantisation. This well known quantisation technique is similar to the static signal quantisation used here. The main difference is that fuzzy sets are used that associate to each numerical signal value a continuous–variable degree of membership, typically between zero and one [141], [206]. Furthermore, in fuzzy quantisation, the fuzzy sets are usually not disjoint but can be overlapping. In the terminology of fuzzy sets, the sets Qζ (i) obtained from a partition of the signal space are referred to as crisp sets [141]. Figure 3.11 shows such crisp sets in their fuzzy interpretation with a membership µF (ζ) of one on the partition sets Qζ (i) and zero otherwise. On the right–hand side of the figure, the extension to fuzzy sets with a membership between zero and one is shown. It can be seen that the supports supp(QF ζ (i)) of the fuzzy sets, i.e. the values of ζ for which the corresponding fuzzy set yields a nonzero membership, are overlapping. Based on fuzzy sets, the quantiser can be defined as a map from a numerical signal value ζ to a “quantised” vector [ζ]F containing the degrees of membership to each fuzzy set. In Fuzzy theory, this vector is usually denoted as membership vector µF . The inverse quantisation then needs to assign to a “quantised” vector [ζ]F a numerical value ζ. In fuzzy control this operation is typically defined deterministically by e.g. the centre of gravity or centre of sums methods [206] rather than stochastically like the injector used here. The terms used in fuzzy control for the quantisation and injection are fuzzification and defuzzification, respectively [141]. Confluences. Confluences are qualitative differential equations that were introduced in [35] as an approach towards a qualitative physics. To obtain a confluence, all signals and parameters of a differential equation are converted to qualitative values. Each variable ζ of the differential equation can only take a qualitative value of the quantity space [ζ] ∈ {−, 0, +}. These qualitative values are introduced by defining the sets Qζ (−) = {ζ | − ∞ < ζ < 0}, Qζ (0) = {0} and Qζ (+) = {ζ | 0 < ζ < ∞}. This abstraction from a numerical signal to the three qualitative values {−, 0, +} is in principal a special case of the static signal quantisation of Section 3.2.1. By using the relation between the change of the sign of a signal and its derivative, the qualitative
3.3 Further Aspects of Quantised Systems*
55
system behaviour can be obtained by solving the confluences derived from the systems differential equations [110]. However, due to the limitation on partitions into three regions and the restriction to models in form of confluences, this approach yields, in general, numerous spurious solutions [110]. That is, a qualitative simulation yields many trajectories that cannot occur in the real system. Episodes. Based on the qualitative values used to obtain confluences, a qualitative state of a scalar numerical continuous–time signal ζ(t) is defined as triplet of the qualitative values {−, 0, +} of ζ and its temporal derivatives ζ˙ and ζ¨ at a certain time instance [28]. A time interval in which this triplet does not change is called an episode. If any of the three elements changes its value, a new episode starts. In [28] seven types of episodes also referred to as A–G type episodes are identified from the physically reasonable combinations of ˙ and [ζ]. ¨ The qualitative value of the signal itself is denoted as superscript. [ζ] A quantiser based on episodes thus transforms a numerical continuous–time signal into a sequence of episodes like (A+ B + C + C 0 C − . . .) as described in [166]. Further quantisations. The quantisation can also be realised by more complex operations. Every operation that abstracts from a signal with detailed information to a qualitative signal can be interpreted as quantisation. An example of a more abstract quantisation is presented for a practical application in [164]. The quantiser used there includes a spectral analysis of a signal and the quantised values result from evaluating the peak signal value and its peak spectral amplitude in a certain time window. Another example of a more complex definition of a quantiser are chronicles [33]. A chronicle is a combination of a short sequence of events and time constraints between them. The quantiser then is described by a chronicle detection algorithm converting a timed discrete–event signal into a sequence of chronicles [40]. 3.3.2 Temporally Quantised Continuous–Time Systems* Many systems, like the two–tank system in Section 1.4, are continuous–time systems that can be represented by a continuous–time, continuous–variable state space model ˙ ˆ (x(t), u(t)) , x(t) =g y(t) = h(x(t), u(t))
x(0) = x0
(3.23) (3.24)
with the state x, input u and output y as defined above. From such a system, a discrete–time system in the form of eqns. (3.1) and (3.2) is obtained by sampling, i.e. by considering the values of the states and outputs only at certain time points t0 , t1 , . . . , tk , . . ., combined with the assumption of a constant input between subsequent time points. Throughout the book, equidistant temporal quantisation tk = k · Ts , k ∈ IN with a fixed sampling time
56
3. Modelling of Quantised Systems by Stochastic Automata
Quantised system [u (k)]
Injector
Sampled system
u (k)
Ts
u(t) x. (t) = g ( x (t), u (t)) y(t) y (t) = h ( x (t), u (t))
y (k)
Quantiser
[ y (k)]
kTs Clock k
Fig. 3.12. Sampled quantised system with zero order hold.
Ts > 0 is considered. Then the relation between the models (3.23)–(3.24) and (3.1)–(3.2) is given by [17]: Z (k+1) Ts ˆ (x(τ ), u(τ ))dτ = g(x(k Ts ), u(k Ts )) .(3.25) g x((k+1) Ts ) = x(k Ts )+ k Ts
Figure 3.12 shows the resulting sampled quantised system. Though the existence of a function g of the discrete–time model correspondˆ of the continuous–time model is guaranteed under the ing to the function g above assumptions, it is usually difficult to derive. For linear systems ˙ x(t) = Ax(t) + Bu(t) ,
x(0) = x0
with non–singular system matrix A and input matrix B, it is well known that eqn. (3.25) yields x(k+1) = g(x(k), u(k)) = exp(ATs )x(k) + (exp(ATs )−I)A−1 Bu(k)(3.26) where I is the identity matrix [196]. For nonlinear systems, there are different approaches to approximate g e.g. by means of uniformly convergent Volterra or Taylor–Lie series (cf. e.g. [71], [77], [79], [197]). Remark 3.3.1. A different temporal quantisation method is event–based sampling [7], [138]. In event–based sampling the time points tk are set when the system trajectory crosses a certain hyperplane in the state space. Under a zero order hold assumption, the successor state can also be determined by means of eqn. (3.25) resulting in a discrete–time model (3.1)–(3.2), provided that an event determining tk+1 occurs. However, the index k of the obtained discrete–time model has no longer a temporal meaning, but describes merely the causal ordering of the events. The analogy between periodic and event–based sampling concerning the qualitative modelling approach is described in [117]. 3.3.3 Extension to Discrete Signal Spaces** The quantised system, in particular the quantiser and the injector have been introduced in Sections 3.1.1 and 3.2.1 for continuous signal spaces Rν . It is useful, however, to extend this to signals spaces Rν × N η with N η ⊆ ZZη , i.e. signal spaces possibly including discrete sets, where ν = 0 or η = 0 cover
3.3 Further Aspects of Quantised Systems*
57
the purely continuous or discrete cases, respectively. The following extends the definitions of the quantiser and injector. By this extension, it is also possible to circumvent the restriction (3.10) by reformulating the system equations (3.1) and (3.2) such that single points of a continuous set are represented by a value of a discrete set. An example of this will be given in Section 6.1.5. Extended quantiser. In analogy to Section 3.2.1, the quantiser invokes a surjective mapping and is defined via a partition of the signal space into disjoint sets Qζϕ (i) by [·] : Rν × N η → Nζϕ ,
[(ζ, ϕ)] = i ⇔ (ζ, ϕ) ∈ Qζϕ (i)
(3.27)
with Nζϕ = {1, 2, . . . , ξ}. As before, the sets Qζϕ (i) must have nonzero measure (cf. condition (3.10)), taking into account the product measure space of the measure spaces (Rν , B, λν ) of the continuous and (N η , C, γη ) of the discrete subspaces (cf. Appendix A.1). Herein, the measure of a set Q = Qν × Q η
with
Qν ∈ B(Rη ), Qη ∈ C(N η )
is given by λνη (Q) = λν (Qν ) · γη (Qη ) ,
(3.28)
where γη is the counting measure, i.e. the number of elements of Qη . Extended injector. The extended injector realises an injective mapping Nζϕ → Rν × N η . The main difference concerns the set of probability density functions piζϕ : Rν × N η → IR+
(3.29)
for which in extension to eqn. (3.11), the relations piζϕ (ζ, ϕ) = 0 ⇔ (ζ, ϕ) 6∈ Qζϕ (i) and
X Z ϕ∈N η
Rν
piζ (ζ, ϕ)dζ = 1
(3.30)
(3.31)
must hold for all i ∈ Nζϕ . Example 3.3.1. Consider the two–tank system of Section 1.4 and two faults: a leak in the left tank or the valve V12l being stuck. The fault space is thus two dimensional. The leak defined like in the example of Section 3.2.4 becomes the first fault variable: e1 = cl /(10−4 m5/2 /s), e1 ∈ IR+ . The second fault variable e2 is discrete valued, as the magnetic valve can be either faultless (e2 = 0), stuck opened (e2 = 1) or stuck closed (e2 = 2). Accordingly, the fault space is IR+ × {0, 1, 2}. Figure 3.13 shows a partition of the fault space. The partition is not orthogonal, i.e. the dimensions of the signal space are not partitioned independently. The semantics of the partition sets shown in the figure could be for example:
58
3. Modelling of Quantised Systems by Stochastic Automata
e2
Qe (5)
2 Qe (3)
Qe (4)
1 0
Qe (2)
Qe (1) 0 0.5
2.5
8.5
e1
Fig. 3.13. Non orthogonal partition of a continuous/discrete fault space. Qe (1) Qe (2) Qe (3)
: : :
no fault, leak left tank, valve V12l faulty,
Qe (4) Qe (5)
: :
uncritical multiple fault, critical multiple fault.
As example of a density function for the definition of the fault injector, consider: p4e : IR+ × {0, 1, 2} → IR+ 2/11 8/11 4 pe (e1 , e2 ) = 1/11 · exp(−e1 + 8.5) 0
for e1 ∈ [0.5, 2.5), e2 = 2 for e1 ∈ [0.5, 8.5), e2 = 1 for e1 ≥ 8.5, e2 = 1 otherwise .
It can be verified that p4e satisfies condition (3.31).
3.3.4 Remark on Causal Relations** Remark 3.3.2. The quantised system introduced above describes the causal relation between the signals connected to the supervision block (cf. Figure 1.1). A non–causal way of modelling a dynamical system is described by the behavioural approach, cf. [97], [154], [201]. In contrast to a causal model, this approach focuses on the behaviour of the system, that is, the model contains all pairs of input and output signals that can occur. An example of these different views on the system are the SA and the stochastic operator introduced in Section 2.6. The SA describes a causal relation between the input and the output sequence. That is, the SA describes the set of possible output sequences for given input sequence while all input sequences are admissible. On the other hand, the stochastic operator assigns to each pair of an input and an output sequence a probability, or, in other words, it represents the set of pairs of input and output sequences the system can show. The problem of the behavioural approaches is that, in general, infinitely many pairs exist and would need to be stored, unless a generator for the pairs belonging to the behaviour can be given. This generator is then in most cases again a causal relation, like an initialised SA generates an SA–operator.
3.4 Solution to the Representation Problems
59
3.4 Solution to the Representation Problems This section concerns the solution to the representation problems of the quantised system posed in Section 3.2.3. The presentation is limited to quantised systems without fault, as in case of quantised systems with fault these can be treated by extending the input space (cf. Section 3.2.4). 3.4.1 Solution to the Set Representation Problem For a single sequence of numerical input vectors U (0 . . . k−1) = (u(0), . . . , u(k−1)) ∈ (Rm )k
(3.32)
and a unique initial state x0 ∈ X 0 , eqn. (3.1) of the continuous–variable system yields a unique state trajectory X(0 . . . k) = (x0 , x(1), . . . , x(k)) ∈ (Rn )k+1 .
(3.33)
Depending on (3.32) and (3.33), this leads to a unique output sequence Y (0 . . . k−1) = (y(0), . . . , y(k−1)) ∈ (Rr )k
(3.34)
of the continuous–variable system which is determined by eqn. (3.2). From this sequence, the output quantiser given by eqn. (3.3) allows to determine the resulting quantised output sequence (cf. Figure 3.3): [Y (0 . . . k−1)] = ([y(0)], . . . , [y(k−1)]) ∈ Nyk .
(3.35)
If, however, a quantised input sequence [U (0 . . . k − 1)] is considered, the injector randomly determines one numerical input sequence (3.32), merely ensuring that eqn. (3.4) holds at each time instance κ from 0 to k−1. Considering all possible numerical input sequences and all initial conditions x0 ∈ X 0 simultaneously results in the set of all state sequences up to time k X (0 . . . k | X 0 , [U (0 . . . k−1)]) (3.36) þ þ x0 ∈ X 0 þ = X(0 . . . k) þþ u(κ) ∈ Qu ([u(κ)]), κ = 0, . . . , k−1 ⊆ (Rn )k+1 . þ eqn. (3.1) holds for κ = 0, . . . , k−1 This set, in contrast to (3.33) is not a singleton. Similarly, the set of output sequences can be written as Y(0 . . . k−1 | X 0 , [U (0 . . . k−1)]) (3.37) þ þ x0 ∈ X 0 þ = Y (0 . . . k−1) þþ u(κ) ∈ Qu ([u(κ)]), κ = 0, . . . , k−1 þ eqns. (3.1) and (3.2) hold for κ = 0, . . . , k−1 ⊆ (Rr )k .
60
3. Modelling of Quantised Systems by Stochastic Automata
Quantisation then yields the set of quantised output sequences for given set of initial states and given quantised input sequence, describing the causal behaviour of the quantised system: (3.38) [Y(0 . . . k−1 | X 0 , [U (0 . . . k−1)])] þ þ ∃Y (0 . . . k−1) ∈ Y(0 . . . k−1|X 0 , [U (0 . . . k−1)]) þ = [Y (0 . . . k−1)] þ such that y(κ) ∈ Qy ([y(κ)]) holds for κ = 0, ..., k−1 ⊆ Nyk . From the above sets, the projection to the current time k can be derived. For the set of state sequences, this is (3.39) X (k | X 0 , [U (0 . . . k−1)]) = {x | ∃X(0 . . . k) ∈ X (0 . . . k|X 0 , [U (0 . . . k−1)]) such that x(k) = x} . Alternatively, this set can be determined recursively by k > 1 : X (k | X 0 , [U (0 . . . k−1)]) þ þ x = g(˜ x, u) , for some u ∈ Qu ([u(k−1)]) = x þþ ˜ ∈ X (k−1 | X 0 , [U (0 . . . k−2)]) and x
(3.40)
k = 1 : X (1 | X 0 , [u(0)])
(3.41)
˜ ∈ X 0} . = {x | x = g(˜ x, u) , for some u ∈ Qu ([u(0)]) and x Equivalently, the set of current outputs can be obtained from projection to time k or from the set of states at time k by using eqn. (3.2) and the current quantised input: (3.42) Y(k | X 0 , [U (0 . . . k)]) = {y | ∃Y (0 . . . k) ∈ Y(0 . . . k|X 0 , [U (0 . . . k)]) such that y(k) = y} = {y | y = h(x, u), u ∈ Qu ([u(k)]), x ∈ X (k | X 0 , [U (0 . . . k−1)]) . This finally yields the solution to the set representation problem. Solution to the set representation problem of quantised systems The set of possible quantised outputs at time k for given initial set of states X 0 and sequence of quantised inputs [U (0 . . . k)] is given by [Y(k | X 0 , [U (0 . . . k)])] (3.43) þ ÿ = [y(k)] þ Y(k | X 0 , [U (0 . . . k)]) ∩ Qy ([y(k)]) 6= ∅ ⊆ Ny , with the set Y(k | X 0 , [U (0 . . . k)]) given by eqn. (3.42) and the set of states therein determined recursively by eqns. (3.40) and (3.41). The above solution to the set representation problem is implicit. To determine the set (3.43) first, the sets (3.39) and (3.42) need to be derived. These sets,
3.4 Solution to the Representation Problems
61
Fig. 3.14. Sets of states and outputs with initial state uncertainty.
however, are not explicitly given by the above equations but they are defined “point–by–point” referring separately to each element of the set of initial states and to each input sequence compatible with the given quantised inputs. That is, eqn. (3.43) is merely a formal description of the sought set rather than a tool to practically determined this set. Example 3.4.1. Consider the two–tank system of Section 1.4 with the pump ve-
locity vp as input and the outflow qˆ2 of the right tank as output. The sets of states (3.39) are shown for k = 0, . . . , 3 on the left–hand side of Figure 3.14 with X 0 = { (x1 , x2 ) | 0.4 ≤ x1 ≤ 0.6, 0 ≤ x2 < 0.1 }
(3.44)
and u = 0, i.e. without any input uncertainty. Mapping these sets point–by–point to the output space yields the sets (3.42) shown on the right–hand side of this figure. The horizontal lines show the bounds of the output partition. From the figure the sequence of sets [Y(k | X 0 )] is obtained as [Y(k | X 0 )]
k=0 {1, 2}
k=1 {2}
k=2 {2, 3}
k=3 {2, 3}
k=4 {2}
k=5 {2} .
It can be seen that at times k = 0, 2 and 3 different quantised outputs can occur. The second source of uncertainty is the input injector. For the two–tank system this is shown on the left–hand side of Figure 3.15. Here, in contrast to Figure 3.14, the initial condition is set to a single value x0 ∈ X 0 , whereas the input is considered in the interval [0, 0.4) meaning low pump power. The sets (3.42) are depicted for k = 0, . . . , 5. As the system has no direct feedthrough, the output is a singleton at k = 0, and becomes a set with nonzero measure for k ≥ 1. It can be seen that the input uncertainty causes nondeterministic quantised outputs at times k = 2, 3 and 4. Finally, on the right–hand side of Figure 3.15, both uncertainties are combined. From this figure the sequence of sets [Y(k | X 0 , [U (0 . . . k)])] is obtained as [Y(k | X 0 , [U (0 . . . k)])]
k=0 {1, 2}
k=1 {2}
k=2 {2, 3}
k=3 {2, 3}
k=4 {2, 3}
k=5 {2, 3} .
It can be seen that the set (3.43) of possible quantised output symbols becomes larger if both uncertainties are considered.
62
3. Modelling of Quantised Systems by Stochastic Automata
Fig. 3.15. Sets of outputs with input uncertainty but without initial state uncertainty (left) and with input and initial state uncertainty (right).
3.4.2 Solution to the Stochastic Representation Problem of Autonomous Systems In the previous section, the behaviour of the quantised system has been described as evolution of sets in the state space. This is extended in the following to a probabilistic description which is required to solve the stochastic representation problem. As the complete solution to this problem refers to several measure theoretic concepts, this section is restricted to autonomous systems, making it possible to present the theory on an intuitive level. For autonomous systems, the simplified stochastic representation problem concerns the task to determine the probability distribution Prob([x(k)] | px0 (x)) .
(3.45)
A complete solution concerning the probability distribution (3.16), will however be given in Section 3.6. The presentation in this section is oriented to an introduction given in [95]. Applying the map x(k+1) = g a (x(k)) ,
x(0) = x0
(3.46)
of the autonomous system to a large number of randomly selected initial states 1 2 σ X sel 0 = {x (0), x (0), . . . , x (0)} ⊂ X 0
(3.47)
yields the σ successor states 1 1 2 2 X sel 1 = {x (1) = g a (x (0)), x (1) = g a (x (0)), . . . , xσ (1) = g a (xσ (0))} .
By means of the indicator function 1X : Rn → {0, 1}
(3.48)
3.4 Solution to the Representation Problems
1X (x) =
1 if x ∈ X 0 if x 6∈ X ,
63
(3.49)
associated with the set X ⊆ Rn , the probability density function of the initial state can be defined as a function px0 : Rn → IR+ for which for every (not ˜ , the relation too small) region X Z σ 1X (3.50) 1 ˜ (xi (0)) px0 (x)dx ≈ σ i=1 X ˜ X holds. To indicate that px0 (x) is a density of the states at time zero, it is denoted by px (x, 0), and for arbitrary time k by px (x, k). Using this notation, the density function px (x, 1) for the successor states can be given, subsequently, by Z σ 1X px (x, 1)dx ≈ 1X (xi (1)) . (3.51) σ i=1 X The aim is now to find a relation between the density functions px (x, 0) and px (x, 1). For this, the set of all points that are mapped to a given set X ⊂ Rn is considered g −1 a (X ) := {x | g a (x) ∈ X } .
(3.52)
Obviously, xi (1) ∈ X holds if and only if xi (0) ∈ g −1 a (X ). This can be written as 1X (g a (x)) = 1g−1 (x) . a (X ) With eqn. (3.53), the density (3.51) can be written as Z σ 1X px (x, 1)dx ≈ 1g−1 (xi (0)) . a (X ) σ X i=1
(3.53)
(3.54)
˜ = g −1 (X ), the right–hand sides of eqns. (3.50) and (3.54) By choosing X a become equal, hence, Z Z px (x, 1)dx = px (x, 0)dx (3.55) X
g −1 a (X )
holds, yielding the sought relation between px (x, 0) and px (x, 1). As explained in Section 3.6, eqn. (3.55) implicitly defines the Frobenius–Perron operator P . The transformation invoked by this operator is denoted by px (x, 1) = P px (x, 0). Iterative application of the operator P results in the evolution of an initial density function in the state space caused by the system. That eqn. (3.55) defines an operator becomes clearer if it is written in an explicit form. In case that ga is a scalar diffeomorphism, a differentiation of eqn. (3.55) leads to
64
3. Modelling of Quantised Systems by Stochastic Automata
Solution to the stochastic representation problem of autonomous quantised systems The probability distribution of the quantised states at time k for the initial probability density function px0 (x) is given by Z Prob([x(k)]p = j | px0 (x)) = px (x, k)dx Qx (j)
with k > 0 : px (x, k) = P px (x, k−1) k = 0 : px (x, 0) = px0 (x) ,
(3.58)
where P denotes the Frobenius–Perron operator associated with the continuous–variable system given by g a .
d px (x, 1) = P px (x, 0) = dx
Z g −1 a (X )
px (x, 0)dx
(3.56)
for an arbitrary interval X ⊂ R (cf. Section 3.6). The right–hand side of eqn. (3.56) explicitly defines the operator P . The probability that the state is within a certain region Qx (j) in the partitioned state space can be determined from a density function px (x) by Z Prob([x]p = j) = px (x)dx , (3.57) Qx (j)
where [x]p denotes the random variable of the quantised state (cf. Appendix A.2). The solution to the stochastic representation problem for autonomous quantised systems is given in the box at the top of this page, describing the quantised system as a stochastic process. Example 3.4.2. Consider the two–tank system of Section 1.4 with the outflow qˆ2 of the right tank as output and the pump turned off (vp = 0), like in the first part of the example in Section 3.4.1. Some thousand initial points uniformly distributed over X 0 = { (x1 , x2 ) | 0.4 ≤ x1 ≤ 0.6, 0 ≤ x2 < 0.1 }
(3.59)
are considered. Mapping them by means of the system equation (1.8) of the tank system yields the successor states (3.48). By using a grid of some hundred disjoint small boxes Qx covering the state space, eqns. (3.50) and (3.51) yield an approximation of the density functions px (x, 0) and px (x, 1) shown in Figure 3.16. Successive mapping further yields the density functions px (x, 2) and px (x, 3) also shown in the figure. The relation between these densities is described by eqn. (3.58) with a fix operator P depending only on the system equation (1.8) describing the tank system. Explicit examples for the Frobenius–Perron operator are given in Section 3.6.
3.4 Solution to the Representation Problems
65
Fig. 3.16. Evolution of an initial state density function in the state space.
By using eqn. (1.3), the points are mapped to the output space. Like in the state space, counting the points over a grid of disjoint intervals approximates the density functions in the output space. These density functions are shown in Figure 3.17 for k = 0, . . . , 5. Compared to Figure 3.14, it can be seen that the densities are nonzero only on the sets of possible states or outputs, respectively. Furthermore, it can be seen that a uniform distribution px (x, 0) of the initial state does neither lead to uniform successor state distributions nor to uniform distributions in the output space.
Fig. 3.17. Evolution of densities in the output space.
66
3. Modelling of Quantised Systems by Stochastic Automata
Relation to the set representation problem. Describing the system dynamics by the temporal evolution of an initial density function in the state space is a more general approach than describing the evolution of an initial set of states. To show the formal relation between the evolution of densities and the evolution of sets, the notation of the support of a density function is used supp(px (x)) = {x | px (x) 6= 0} . By setting X 0 = supp(px (x, 0)), the relation between the evolution of sets and densities is described by: X (k | X 0 ) = supp(P k px (x, 0)) = supp(|P P {z . . . P} px (x, 0))
k ≥ 1 . (3.60)
k–times
As the set–oriented point of view allows an easier formulation and interpretation, it will be used whenever appropriate. However, in most cases the quantised system is considered in a probabilistic way because often the interpretation of the quantised system as a stochastic process is necessary. Remark 3.4.1. A sequence of densities in the state space only partly reflects the dynamics of the quantised system. Similar to the projection of the set (3.36) to the set (3.39) of states at time k, the density px (x, k) on Rn is just a projection to time k of a density on the space (Rn )k+1 describing the probability of all sequences with time horizon k. In other words, the iteratively determined density functions px (x, k) describe the random variables of the stochastic process separately at each time instance, whereas for a complete description, the relation between these random variables would also need to be described. This is because the random variables are, generally, not stochastically independent. Considering the previous example, from the sequence of densities in the output space shown in Figure 3.17, it is only possible to say that at time zero, [y] = 1 or [y] = 2 can occur and at time k = 2, the quantised outputs can be [y] = 2 or [y] = 3. The densities do not reveal whether for the given initial condition for example the sequence [Y (0 . . . 2)] = {1, 2, 3} can occur in the quantised system. However, in Section 3.6, it will be shown that the Frobenius–Perron operator can also be used to generate single numerical sequences or the probabilities of quantised sequences. Hence, the Frobenius–Perron operator can be used as representation of the quantised system.
3.5 Qualitative Model of the Quantised System 3.5.1 Motivation and Modelling Aims According to its definition, the quantised system is a stochastic process and as such its behaviour is described by a sequence of random variables (cf. Sections 2.2 and 3.2.2). This has led to the stochastic representation problem in Section 3.2.3, which asks for a description of the sequence of discrete
3.5 Qualitative Model of the Quantised System
67
probability distributions (3.16). In Section 3.4.2 it is shown that already for autonomous system the precise solution to this representation problem is very complex. Similarly, the simplified set representation problem of quantised system has led to complicated, implicitly defined sets like the set (3.43) of all quantised outputs at time k. Recalling simplicity of the solution to process supervision tasks as the first modelling aim of Section 3.1.3, it must be concluded that precise descriptions by means of eqns. (3.43) or (3.58) are not suitable. Accordingly, the claim to use a precise description of the quantised system must be abandoned for solving process supervision tasks. Instead, the aim must be to use an approximate representation of the quantised system. This leads to the additional modelling aims “completeness” and “convergence” explained in Section 3.1.3. An approximate representation of the quantised system satisfying these aims is defined now. It provides an approximate solution to the stochastic representation problem as outlined in Section 3.5.3. 3.5.2 Definition of the Qualitative Model As described in Section 3.1.4, each automaton state z is associated with the region Qx (z) of the partitioned state space. As the behavioural relation L(z 0 , w|z, v) of the SA describes the conditional probability that the automaton state changes from z to z 0 for a given input v while the output is w, setting [x] = z, [u] = v and [y] = w directly results in eqn. (3.5). Some other possibilities to assign the automaton state and thus the behavioural relation are briefly outlined in Section 4.2.5. In this section, the probability distribution on the right–hand side of eqn. (3.5) is investigated in more detail. Furthermore eqn. (3.6) will be derived. In one respect, the condition side of eqn. (3.5) is not well defined. This is because the conditions x ∈ Qx (z) and u ∈ Qu (v) do not sufficiently describe the relation between the numerical and the quantised values. For this reason, the injector has been introduced in Section 3.2.1 by probability density functions piu (u) that describe with which probability numerical inputs occur for given quantised input. This relation has not yet been considered for the numerical and the quantised state. Therefore, to further investigate the probability on the right–hand side of eqn. (3.5), density functions of the state are introduced for each Qx (i). That is, analogous to the injector, probability density functions pix : Rn → IR+ with Z i px (x) = 0 ⇔ x ∈ 6 Qx (i) and pix (x)dx = 1 , i = 1, 2, . . . , N (3.61) Rn
are defined. How these density functions are set and which consequences this definition has is discussed in Section 3.5.3. With the introduced densities pix (x), the probability distribution (3.5) is now
68
3. Modelling of Quantised Systems by Stochastic Automata
Abstraction of a qualitative model from a quantised system Definition 3.5.1. The stochastic automaton S(Nx , Nu , Ny , L) given by L(z 0 , w|z, v) :=
µn+m (Qxu (z, v) ∩ (gh)−1 (Qxy (z 0 , w))) , (3.64) µn+m (Qxu (z, v))
where µn+m denotes the measure of an arbitrary, measurable set Qxu = Qx × Qu ∈ B(Rn+m ) given by µn+m (Qxu ) = µn (Qx ) · µm (Qu ) Z Z N X i = ( px (x)) dx · Qx i=1
(3.65) (
M X
Qu j=1
pju (u)) du
is called qualitative model of the quantised system (3.13) for given set of density functions (Nx , {p1x , . . . , pN x }), provided that the transformations g and h are non–singular. The states, inputs and outputs of a qualitative model are called qualitative states, qualitative inputs and qualitative outputs, respectively.
clearly specified. Some terms from measure theory defined in Appendix A.1 are required for the following definition. Furthermore, the definition refers to the sets Qxu (z, v) = Qx (z) × Qu (v) ⊆ Rn × Rm = Rn+m , þ x þþ g(x, u) ∈ Qx (z 0 ), (gh)−1 (Qxy (z 0 , w)):= ⊆ Rn+m , u þ h(x, u) ∈ Qy (w)
(3.62) (3.63)
where the sets Qx (i) and Qu (j) are obtained from the density functions by setting Qx (i) = supp(pix ) and Qu (j) = supp(pju ), respectively. With this, a qualitative model of a quantised system can finally be defined as given in the box at the top of this page. Example 3.5.1. Definition 3.5.1 of the qualitative model is quite abstract. Therefore, a simple example is used to explain the definition in detail. In contrast to the example of Section 3.1.4, an input and an output space is considered. To allow a graphical presentation, a scalar system is used. The following quantised system is considered: x(k+1) = 0.8 x(k) − 0.1 u(k)
(3.66)
y(k) = 0.5 x(k) − 0.5 u(k)
(3.67)
with the output quantiser according to Qy (1) = (−∞, 0) Qy (2) = [0, ∞) ,
(3.68)
3.5 Qualitative Model of the Quantised System
69
Fig. 3.18. Partition and density functions of the input space (left) and state space (right).
the input injector according to exp(u + 1) u < −1 0.5 u ∈ [−1, 1] p1u (u) = p2u (u) = 0 otherwise , 0 otherwise , exp(−u + 1) u > 1 p3u (u) = 0 otherwise , and the state densities exp(x + 1) x < −1 0.5 x ∈ [−1, 1] p1x (x) = p2x (x) = 0 otherwise , 0 otherwise , exp(−x + 1) x > 1 p3x (x) = 0 otherwise .
(3.69) (3.70)
(3.71) (3.72)
Note that the density functions piu (u) and pix (x) implicitly define the input and state space partitions, respectively. The density functions (3.69)–(3.72) are shown in Figure 3.18. As example, the value L(z 0 = 1, w = 1 | z = 1, v = 1) of the behavioural relation is investigated. According to eqn. (3.64), two subsets of the combined state and input space Rn+m need to be determined for L(1, 1|1, 1), namely: Qxu (z = 1, v = 1)
and
(gh)−1 (Qxy (z 0 = 1, w = 1)) .
(3.73)
The set Qxu (z = 1, v = 1) is directly given by the partitions of the input and the state space, and corresponds to the lower left corner in the figure on the left–hand side of Figure 3.19, bounded by the black orthogonal lines. According to eqn. (3.63), the set (gh)−1 (Qxy (z 0 = 1, w = 1)) is the set of all state and input pairs (x, u) that are mapped to the region in the combined state and output space for which both [g(x, u)] = 1 and [h(x, u)] = 1 hold. The combined state and output space and its partition is shown on the right–hand side of Figure 3.19. The region of interest for L(1, 1|1, 1) is also the lower left corner in this space. The bounds of the sets (gh)−1 (Qxy (z 0 , w)) can simply be determined by mapping the partition bounds of the combined state and output space, depicted on the right– hand side of Figure 3.19 as grey lines, by means of (gh)−1 to the combined state
70
3. Modelling of Quantised Systems by Stochastic Automata
u z =2, v =3 z’=2 w =2 z =2, v =2 z’=2 w =1 z =2, v =1
z =1, v =3 1 -1
y -1 z’=3 ( gh) w =2 z =3, v =3 z’=3 w =1 z =3, v =2 0
z =1, v =2 z’=1 w =2
z =3, v =1 z =1, v =1 z’=1 w =1 (gh-1) (Q (z’=1, w =1)) Q (z =1, v=1) xy xu -1
z’=1 w =2
z’=2 w =2
z’=3 w =2
z’=1 w =1
z’=2 w =1
z’=3 w =1
x
1
-1
1
x
Fig. 3.19. Explanation of the qualitative model definition. and input space. The resulting lines are shown on the left–hand side of Figure 3.19 also in grey. They are given by x−u=0,
8x − u − 10 = 0 ,
and
8x − u + 10 = 0 .
The backwards mapped lines partition the combined state and input space into six regions, each region labelled in Figure 3.19 in grey according to the corresponding region in the combined state and output space. Now, according to eqn. (3.64), the intersection of the sets (3.73) needs to be determined. In this case the resulting set is equal to the set (gh)−1 (Qxy (z 0 = 1, w = 1)), shown as the light grey region in Figure 3.19. The transition probability L(1, 1 | 1, 1) is the quotient of the measures of the intersection and the set Qxu (z = 1, v = 1). Instead of using the Lebesgue measure Z 1 dx du λ2 (Qxu ) = Qxu
which would be the area of the sets, the measure (3.65) is used. This measure can be interpreted as area weighted by the density functions in the state and input space. Different weights exist, because the numerical inputs and states within the set Qxu (z = 1, v = 1) have different probability to occur in the quantised system. Furthermore, the measure (3.65) has the “advantage” that the unbounded sets have finite measure, what is not the case for the Lebesgue measure. The weight introduced by the input and state space densities is shown in Figure 3.20. The measure of the intersection is, according to eqn. (3.65), the volume of the light grey region shown in the lower left corner of this figure. With the intersection point x = u = −10/7 the measure is given by µ2 Qxu (z = 1, v = 1) ∩ (gh)−1 (Qxy (z 0 = 1, w = 1)) Z =
−∞
Z =
−10/7
−10/7
−∞
Z
x 8x+10
exp(u − 1) du exp(x − 1) dx
(exp(2x + 2) − exp(9x + 12)) dx =
7 6 exp(− ) ≈ 0.165 . 18 7
3.5 Qualitative Model of the Quantised System
71
Fig. 3.20. Explanation of the measure introduced by the densities in the state and input space.
Fig. 3.21. Qualitative model of the example quantised system. The measure of Qxu (z = 1, v = 1) is given by Z −1 Z −1 exp(u + 1)du exp(x + 1)dx = 1 . µ2 (Qxu (z = 1, v = 1)) = −∞
−∞
0
Accordingly, eqn. (3.64) yields L(z = 1, w = 1 | z = 1, v = 1) = 0.165. Likewise, all other transition probabilities are calculated, resulting in the SA shown in Figure 3.21. The input is distinguished by the colour of the edges, from black for v = 1 to light grey for v = 3. Thin edges mean w = 1 and thick edges w = 2.
Remark 3.5.1. Definition 3.5.1 of the qualitative model can be extended to discrete signal spaces as introduced in Section 3.3.3. The definition of the extended injector can be applied equivalently to the densities introduced in the state space. The measure µn+m is then given by eqns. (3.28) and (3.31).
72
3. Modelling of Quantised Systems by Stochastic Automata
3.5.3 Properties of the Qualitative Model A–priori densities. A prerequisite of Definition 3.5.1 is the knowledge of the densities pix (x) describing the conditional a–priori probability distribution of the numerical state variables for given qualitative state i. These densities could theoretically be obtained after observing the system over a long time with all possible combinations of input sequences applied to the system, and evaluating the frequencies of occurrence of the numerical states within each region. Practically, this way of modelling is only applicable for plants running for a long time without changes and with an automated measurement system. Otherwise, heuristic settings like uniform distributions must be used on all bounded sets. Definition 3.5.1 is therefore usually written in a simplified form, implicitly assuming bounded signal spaces Rn ⊂ IRn , Rm ⊂ IRm , Rr ⊂ IRr and uniform distributions 1 for x ∈ Qx (i) pix (x) = λn (Qx (i)) , i = 1, . . . , N (3.74) 0 otherwise for the state, and input as in eqn. (3.12) (cf. [173]). With this, eqn. (3.64) can be simplified to eqn. (3.6) where the Lebesgue measure λn+m instead of the measure (3.65) is used. That is, the transition probabilities can be determined from the quotient of the hypervolumes of Qxu (z, v) and the subset of Qxu (z, v) mapped to the region with quantised values z 0 and w. Due to eqns. (3.11) and (3.61), the denominator of eqn. (3.64) is always one: Z N M X X µn+m (Qxu (z, v)) = ( pix (x)) · ( pju (u)) dx du Qxu (z,v) i=1
Z =
Qxu (z,v)
Z =
Qu (v)
j=1
pzx (x) · pvu (u) dx du
ýZ Qx (z)
! pzx (x) dx
pvu (u) du
=1. This means that eqn. (3.64) can be simplified to: L(z 0 , w | z, v) = µn+m (Qxu (z, v) ∩ (gh)−1 (Qxy (z 0 , w)) .
(3.75)
In fact, eqn. (3.64) has only been written as fraction to show its relation to eqn. (3.6) and to Ulam’s piecewise constant approximation of the Frobenius– Perron operator (cf. Section 3.6, [195]). Interpretation of the model state as density function. The evolution of an initial qualitative state described by the qualitative model by using eqn. (2.28) yields a probability distribution Prob(z(k)) at time k. This distribution can equivalently be represented as a vector 0
pz (k) = ( Prob(zp (k) = 1) Prob(zp (k) = 2) . . . Prob(zp (k) = N )) (3.76)
3.5 Qualitative Model of the Quantised System
73
with pz (k) ∈ W N , where W N is the space of all N-dimensional discrete probability vectors: 0 N W N = {pz = (p1z . . . pN z ) ∈ [0, 1] |
N X
piz = 1} .
(3.77)
i=1
Each discrete probability vector and, thereby, each state of the SA, can be interpreted as probability density function by means of the densities pix (x) defined by the qualitative model of the quantised system. This is done by the operator IN called density injector IN : W N → D
IN pz =
N X
piz · pix (x) ,
(3.78)
i=1
where D denotes the space of all probability density functions (cf. Appendix A.1). An example how the density injector works is given in the next section. The inverse operation of the density injector is performed by the density quantiser QN defined by Z QN : D → W N QN px (x) = pz , piz = px (x)dx . (3.79) Qx (i)
The initial condition pz (0) of the SA is thus obtained from the initial condition px0 (x) of the quantised system by: pz (0) = QN px0 (x). Note that the relation pz = QN (IN pz ) holds, whereas px (x) = IN (QN px (x)), in general, does not. The latter means that the information kept by the qualitative model is not equivalent to the information contained in the current state density px (x, k) characterising the future behaviour of the quantised system. That is, the current state distribution Prob(z(k)) of the qualitative model does not represent the state of the quantised system in a system theoretic sense which has already been noted in [97]. Consequently, the dynamic behaviour of the quantised system and the qualitative model will, in general, differ. With respect to this, in [111] is shown that the state of the qualitative model does, in general, not allow to precisely predict the future of the quantised system and can, therefore, not be referred to as the state of the quantised system. The question, of which information about the behaviour of the quantised system is kept in the qualitative model is discussed in detail in the following and in Section 4.3. The Markov property of the qualitative model. As the qualitative model used here is a stochastic automaton, it possesses the Markov property. That is, the relation þ zp (k+1) = z(k+1), þþ Zp (0...k) = Z(0..k), Prob þ Vp (0...k) = V (0...k) wp (k) = w(k)
74
3. Modelling of Quantised Systems by Stochastic Automata
= Prob
þ zp (k+1) = z(k+1), þþ zp (k) = z(k), þ vp (k) = v(k) wp (k) = w(k)
holds for all input, output and state sequences and for all k. In contrast to this, the corresponding relation þ [x(k+1)]p = z(k+1), þþ [X(0...k)]p = Z(0..k), Prob þ [U (0...k)]p = V (0...k) [y(k)]p = w(k) þ [x(k+1)]p = z(k+1), þþ [x(k)]p = z(k), = Prob (3.80) þ [u(k)]p = v(k) [y(k)]p = w(k) for the quantised system does not, in general, hold for k > 0. That is, the quantised system is, in general, not a Markov process (cf. Section 2.2, [108], [116]). Only under rather restrictive conditions on the system (3.1) and (3.2) and on the state space partition the quantised system can become a Markov process (cf. [111], [116]). This is investigated in detail in Section 4.3.2. The reason why the quantised system does not, in general, possess the Markov property is illustrated by an example. Furthermore, the following example illustrates the definitions of eqns. (3.78) and (3.79). Example 3.5.2. The quantised system (3.66)–(3.72) is considered with the initial
condition
px (x, 0) = px0 (x) =
0.5 x ∈ [−1, 1] . 0 otherwise.
(3.81)
The SA is initialised with pz (0) = QN px (x, 0) = (0 1 0)0 . The probability density function p˜x (x, 0) = IN pz (0) obtained from the automaton state by means of the density injector (3.78) is equal to px (x, 0), i.e. in this particular case the relation px (x, 0) = IN (QN px (x, 0)) holds. The initial condition (3.81) of the quantised system is thus represented by the discrete probability distribution pz (0) in this case. As explained in Section 3.4.2 for autonomous systems, the initial density px (x, 0) can be mapped to the density px (x, 1) at time k = 1 by the Frobenius–Perron operator P . The example system is not autonomous. However, there exist similar operators for each quantised input, called Foias operators describing the map of densities for non–autonomous systems (cf. Section 3.6). The Foias operator is denoted by z[u] . The densities px (x, 1) and px (x, 2) resulting from successive application of the Foias operator for [u] = 3 starting with px (x, 0) are shown in the upper part of Figure 3.22. Applying the density quantiser (3.79) to these densities yields QN px (x, 1) = (0.023 0.977 0)0 and QN px (x, 2) = (0.013 0.987 0)0 . (3.82) On the other hand, by applying eqn. (2.28) to pz (0) with v = 3, the SA yields pz (1) = (0.023 0.977 0)0
and
pz (2) = (0.044 0.956 0)0
(3.83)
(cf. automaton graph in Figure 3.21). The result QN px (x, 2) 6= pz (2) shows that the quantised system yields different results than its Markovian approximation. The reason is shown in the lower part of Figure 3.22. In the first step, the probabilities of QN px (x, 1) and pz (1) are equal due to the definition of the transition probabilities by eqn. (3.64). However, the automaton inherently contains the interpretation of pz (1) as density functions reflected by the density injector (3.78). That is, each step performed by the automaton corresponds to the successive application
3.5 Qualitative Model of the Quantised System
75
Fig. 3.22. Non–Markovian behaviour of the quantised system and approximation due to the SA. of a density injection IN , a map by the Foias operator z[u] and a density quantisation QN , i.e. pz (k+1) = QN (z[u] (IN pz (k))) holds. This is shown in the lower part of Figure 3.22. From the two densities shown in the middle of the lower part of this figure, it can be seen that the densities px (x, 1) and p˜x (x, 1) = IN (QN px (x, 1)) are obviously different, though QN px (x, 1) = QN p˜x (x, 1) holds. It is therefore, clear that the automaton that obtains its state distribution pz (2) from QN (z[u] (IN pz (1))) = QN (z[u] p˜x (x, 1)) yields a different result than the quantised system which yields the distribution QN (z[u] px (x, 1)). The density z[u] p˜x (x, 1) is shown in the lower right corner of the figure. It can be verified that QN (z[u] p˜x (x, 1)) = pz (2) holds.
The completeness property of the qualitative model. The second modelling aim of Section 3.1.3 is the completeness of the qualitative model. The following chapters will show, that this is a fundamental requirement for the applicability of qualitative models for the solution to supervision tasks. This importance has been recognised in the literature on qualitative modelling by several authors (cf. e.g. [4], [108], [153], [187]). As completeness does not refer to the probabilities of the state or output sequences, this section is restricted to the set–oriented viewpoint, corresponding to the set representation problem investigated in Section 3.4.1. Before giving a formal definition of completeness, the sets of qualitative sequences occurring due to the quantised system and due to the SA are investigated first.
76
3. Modelling of Quantised Systems by Stochastic Automata
Sequences generated by the SA. From eqn. (2.30) follows that Prob(W (0 . . . k) | V (0 . . . k), z(0)) k X Y = L(z(i+1), w(i) | z(i), v(i)) Z(1...k+1)∈Nzk+1 i=0
holds. With this, the set of all output sequences generated by an SA for given input sequence V (0 . . . k) can be written as W(0 . . . k | V (0 . . . k)) = (3.84) N [ = {W (0 . . . k) | Prob(W (0 . . . k) | V (0 . . . k), z(0)) > 0} . z(0)=1
Similarly, the set of all state sequences for given initial state distribution Prob(z(0)) is obtained from eqn. (2.25): Z(0 . . . k+1 | V (0 . . . k), Prob(z(0))) = (3.85) k Y = {Z(0 . . . k+1) | G(z(i+1) | z(i), v(i)) · Prob(z(0)) > 0} . i=0
Sequences occurring in the quantised system. In analogy to eqn. (3.38) the set of all quantised state sequences for given set of initial states and given quantised input sequence is given by [X (0 . . . k | X 0 , [U (0 . . . k−1)])] (3.86) þ þ ∃ X(0 . . . k) ∈ X (0 . . . k|X 0 , [U (0 . . . k−1)]) = [X(0 . . . k)] þþ such that x(κ) ∈ Qx ([x(κ)]) holds for κ = 0, . . . , k ⊆ Nxk+1 , with X (0 . . . k|X 0 , [U (0 . . . k − 1)]) according to eqn. (3.36). Note that considering the set (3.86) implicitly includes the assumption that all numerical state sequences of the set (3.36) and all numerical input sequences can really occur in the quantised system. This holds because the densities pix (x) and piu (u) are nonzero on Qx (i) and Qu (i), respectively (cf. eqns. (3.11), (3.61) and Section 3.4.1). For the measures µn and µm , this means that λn (Qx ) > 0 ⇒ µn (Qx ) > 0 and λm (Qu ) > 0 ⇒ µm (Qu ) > 0 hold for arbitrary sets Qx and Qu , respectively. For reasons given below, some sequences must be excluded from the sets (3.38) and (3.86) to exclude singular cases. That is, for the definition of completeness the sets [X (0 . . . k | X 0 , [U (0 . . . k−1)])]∗ (3.87) þ þ [X(0 . . . k)] ∈ [X (0 . . . k | X 0 , [U (0 . . . k−1)])], þ = [X(0 . . . k)] þþ λn (Qx ([x(κ)]) ∩ X (κ | X 0 , [U (0 . . . κ−1)])) > 0 þ holds for all κ = 0, . . . , k
3.5 Qualitative Model of the Quantised System
77
and (3.88) [Y(0 . . . k−1 | X 0 , [U (0 . . . k−1)])]∗ þ þ [Y (0...k−1)] ∈ [Y(0...k−1 | X 0 , [U (0...k−1)])], þ = [Y (0 . . . k−1)] þþ λr (Qy ([y(κ)]) ∩ Y(κ | Y 0 , [U (0 . . . κ−1)])) > 0 þ holds for all κ = 0, . . . , k−1 are considered. Definitions of completeness. With the above sets, the input/output completeness (I/O–completeness) of an SA with respect to a quantised system is defined as follows: Definition 3.5.2. A stochastic automaton S(Nz , Nv , Nw , L) is called I/O– complete with respect to a given quantised system (3.13), if [Y (0 . . . k)] ∈ [Y(0 . . . k | Rn , [U (0 . . . k)])]∗ ⇒ [Y (0 . . . k)] ∈ W(0 . . . k | [U (0 . . . k)])
(3.89)
holds for all quantised output sequences [Y (0 . . . k)] and for all quantised input sequences [U (0 . . . k)]. That is, an SA is called I/O–complete if all quantised output sequences generated by the quantised system for all possible initial conditions are also generated by the SA for all initial states. The input/state completeness (I/S–completeness) of an SA is defined in a similar way. Definition 3.5.3. A stochastic automaton S(Nz , Nv , Nw , L) is called I/S– complete with respect to a given quantised system (3.13) and a given state space partition if [X(0 . . . k+1)] ∈ [X (0 . . . k+1 | X 0 , [U (0 . . . k)])]∗ ⇒ [X(0 . . . k+1)] ∈ Z(0 . . . k+1 | Prob(z(0)), [U (0 . . . k)])
(3.90)
holds with Prob(zp (0) = z) > 0 ⇔ µn (X 0 ∩ Qx (z)) > 0 ,
∀z ∈ Nz
(3.91)
for all quantised state sequences [X(0 . . . k)], for all quantised input sequences [U (0 . . . k)] and for all sets of initial states X 0 . Completeness of the qualitative model Theorem 3.5.1. The qualitative model defined by Definition 3.5.1 is an I/O–complete and I/S–complete model of the quantised system. Proof. See Appendix C.2.
t u
78
3. Modelling of Quantised Systems by Stochastic Automata
Remark 3.5.2. By definition, the sets (3.38) and (3.86) include all quantised sequences possibly occurring in the quantised system. This includes those corresponding only to a single numerical sequence, i.e. immeasurably few if compared to all other sequences. That is, from a probabilistic viewpoint, these sequences occur, but with zero probability in the quantised system. As a probabilistic model is used, these sequences must be generated with probability zero. Therefore, such sequences are excluded from the sets (3.38) and (3.86) by defining the sets (3.87) and (3.88). That is, the definition excludes all those quantised sequences for which the underlying bundle of trajectories intersects with the regions of the partition only on a subset with a measure of zero. Consider for example the set of output symbols shown on the right–hand side of Figure 3.14. With the parameters used in this example, the set of output symbols at time k = 4 is given by the singleton {2}. Assume, however, that the parameters are slightly modified such that only the outermost numerical output at k = 4 becomes y(4) = 6.0 and does, hence, no longer lie in the interval [3, 6). Then the set of possible quantised outputs would be given by {2, 3}. However, the probability that the quantised output [y(4)] = 3 is measured is zero. Therefore, in the set (3.87), such an output symbol would be excluded, whereas the set (3.38) would include this symbol. Completeness only holds with respect to those quantised sequences that occur with nonzero probability.
Remark 3.5.3. Alternatively, relations (3.89) and (3.90) can be written as: [Y(0 . . . k | [U (0 . . . k)])]∗ ⊇ W(0 . . . k | [U (0 . . . k)])
(3.92)
and [X (0 . . . k+1 | X 0 , [U (0 . . . k)])]∗ ⊇ Z(0 . . . k+1 | Prob(z(0)), [U (0 . . . k)]) . (3.93)
Remark 3.5.4. As explained later in Chapter 6, I/O–completeness of the qualitative model is necessary for its applicability to fault diagnosis, while I/S and I/O–completeness are required for state observation. I/O–completeness has, therefore, been formulated independently of the states of the SA to allow its use for diagnosis even if the automaton state has no direct relation to the state of the quantised system. However, whenever it is not necessary to distinguish between I/O– and I/S–completeness, the term completeness of the model refers to both I/O and I/S–completeness. A sufficient completeness condition. Denote the set of all possible successor state and output pairs (z 0 , w) for given state z and input v according to the behavioural relation L by TL (z, v) = {(z 0 , w) | L(z 0 , w | z, v) > 0} ⊆ Nz × Nw .
(3.94)
With this, the following result can be formulated. Lemma 3.5.1. Every stochastic automaton S(Nz , Nv , Nw , L⊕ ) whose behavioural relation satisfies TL⊕ (z, v) ⊇ TL (z, v)
(3.95)
for all z ∈ Nz and v ∈ Nv is an I/O– and I/S–complete model of the quantised system.
3.5 Qualitative Model of the Quantised System
Proof. See Appendix C.3.
79
t u
In summary, it can be said that the qualitative model does not yield the same sequences and probabilities as the quantised system. However, according to Theorem 3.5.1, it is proved that all sequences occurring in the quantised system are generated by the qualitative model with nonzero probability. According to Lemma 3.5.1, this still holds if the behavioural relation contains additional transitions with nonzero probability or differs in the probabilities contained in L. A prerequisite for fulfilling relation (3.90) or (3.93) is that the initial distribution of the qualitative model is chosen such that a qualitative state associated with a region Qx (i) that is overlapping with X 0 is not assigned a probability of zero (cf. relation (3.91)). Remark 3.5.5. Note from the above, it is only considered whether a probability is zero or not. That is, completeness can also be obtained by a model that assigns arbitrary nonzero probabilities to the sequences of the quantised system. Completeness alone is a very weak condition, satisfied already by an SA generating all existing output and state sequences. Therefore, the modelling aims of Section 3.1.3 include the convergence of the probabilities yielded by the qualitative model to those of the quantised system. This convergence is discussed in Section 3.6.5. Remark 3.5.6. The set of output sequences (3.84) generated by the qualitative model depends on the state space partition. The number of elements of the set can be changed by modifying the shape or the number of partition sets Qx (i). However, relation (3.92) holds independent of the state space partitions. It is therefore reasonable to refer to the size of the set (3.84) with respect to the set (3.88) as the accuracy of a qualitative model [156], [187]. With respect to their accuracy, it is then possible to define an order of the models. That is, a model yielding the set W1 is called more accurate than a model yielding W2 if the relation W1 (0 . . . k | [U (0 . . . k)]) ⊂ W2 (0 . . . k | [U (0 . . . k)])
(3.96)
holds while both models are I/O–complete.
Approximate solution to the stochastic representation problem. In this section, an approximate solution to the stochastic representation problem of Section 3.2.3 is given using the qualitative model. As the qualitative model is only an approximate representation of the quantised system, the probabilities determined by means of the model differ from the probabilities with which the quantised states or outputs actually occur in the quantised system. Therefore, the following equations are denoted in terms of the vari\ or [y(k)] \ for the state and output variables of the qualitative ables [x(k)] model, respectively. The probability distributions (3.16) are approximated by \ | [U (0 . . . k)]) , Prob([y(k)] | px0 (x), [U (0 . . . k)]) ≈ Prob([y(k)] \ | [U (0 . . . k)]) are determined recursively where the distributions Prob( [y(k)] using eqns. (2.28) and (2.34) by
80
3. Modelling of Quantised Systems by Stochastic Automata
\ | [U (0 . . . k)]) Prob([y(k)] (3.97) X \ | [x(k)], \ [u(k)]) · Prob([x(k)] \ | [U (0 . . . k−1)]) = H([y(k)] \ [x(k)]∈N x
and \ | [U (0 . . . k−1)]) = k > 1 : Prob([x(k)] (3.98) X \ | [x(k)], \ [u(k)]) · Prob([x(k−1)] \ | [U (0 . . . k−2)]) G([x(k+1)] \ [x(k−1)]∈N x
\ | [u(0)] = k = 1 : Prob([x(1)] X \ | [x(0)], \ [u(0)]) · Prob([x(0)]) \ , G([x(1)] \ [x(0)]∈N x
\ = QN px (x), where G and H are the state transition relawith Prob([x(0)]) 0 tion and output relation of the qualitative model, respectively (cf. eqns. (2.5) and(2.6)). Equations (3.97) and (3.98) give approximate probabilities of the quantised outputs and quantised states for a given sequence of quantised inputs and for a given initial state distribution. Therefore, these equations are referred to as qualitative simulation of the quantised output or state of the quantised system, respectively. Note that due to the completeness of the qualitative model the following relations hold \ | [U (0 . . . k)]) > 0 Prob([y(k)] | px0 (x), [U (0 . . . k)]) > 0 ⇒ Prob([y(k)] \ | [U (0 . . . k−1)]) > 0 , Prob([x(k)] | px (x), [U (0 . . . k−1)]) > 0 ⇒ Prob([x(k)] 0
provided that the qualitative model is initialised with the probability distri\ = QN px (x). That is, the completeness of the qualitative bution Prob([x(0)]) 0 model guarantees that the model yields a nonzero probability for every quantised output and quantised state possibly occurring in the quantised system. Qualitative simulation of the running example. Example 3.5.3. Consider the tank system of Section 1.4 with the valve V 12l opened and V12u closed. The tank system is considered without input and the outflow qˆ2 of the right tank as output (cf. Section 3.4.1). The state space is partitioned as shown in Figure 3.6 and the output space as shown on the right–hand side of Figure 3.14 by the horizontal lines. With this, the qualitative model shown on the left–hand side of Figure 2.1 is obtained, where the outputs are distinguished by the colour and thickness of the edges, from thin black lines for [y] = 1 to thick light grey lines for [y] = 3. The results of the qualitative simulation by means of eqns. (2.28) and (2.34) starting in the qualitative state [x] = 3 are shown on the left–hand sides of Figures 3.23 and 3.24. Shown are the probabilities of the qualitative states and outputs, respectively, in grey scale for times k = 0, . . . , 5, where the boxes correspond the regions of the corresponding partitioned signal space. For comparison, the probability distributions resulting from a quantisation of the densities depicted
3.5 Qualitative Model of the Quantised System
81
Fig. 3.23. Simulation of the qualitative model (left) and the quantised system (right). The distributions (quantised densities) are shown in the state space.
Fig. 3.24. Simulation of the qualitative model (left) and the quantised system (right). The distributions (quantised densities) are shown in the output space.
in Figures 3.16 and 3.17 are shown on the right–hand side of Figures 3.23 and 3.24, starting with a uniform distribution over the set Qx (3) at k = 0. Additionally, the supports of the densities are shown, plotted onto the state space in Figure 3.23 or shown as interval bars right of the distributions in Figure 3.24. It can be seen that the qualitative model yields a nonzero probability for all qualitative states and outputs for which the quantised system yields a nonzero probability. This shows the completeness of the model. It can further be seen that the qualitative model also yields nonzero probabilities for states and outputs that the quantised system cannot generate. These states and outputs are so–called spurious solutions. Only the state distribution at time k = 1 and the output distribution at k = 0 are identical to those of the quantised system. This is because the initial conditions of the quantised system and the qualitative model coincide in this example and because the qualitative model contains by construction the single–step transition probabilities of the quantised system. Although the probabilities of the qualitative model differ from those of the quantised system for k > 1, its probabilities are approximated by the SA.
Quantised systems augmented by faults. Using the concept of the extended input space introduced in Section 3.2.4, Definition 3.5.1 can naturally be extended to the quantised systems augmented by faults. The automaton input v˜ = [˜ u] then contains the information of both the quantised input and
82
3. Modelling of Quantised Systems by Stochastic Automata
˜ 0 , w | z, v, f ) instead of the quantised fault. This is resolved by writing L(z 0 L(z , w | z, v˜), where f = [e], f ∈ Nf = Ne is used for the quantised fault. Then, v corresponds again to the input of the quantised system. Using the ˜ 0 , w | z, v, f ) are obtained from: bijective map (3.22), the values of L(z ˜ 0 , w | z, v, f ) := L(z 0 , w | z, v˜) = L(z 0 , w | z, Mue (v, f )) (3.99) L(z for all
z 0 , z ∈ Nz , v ∈ Nv , w ∈ Nw , f ∈ Nf .
That is, the qualitative model of the quantised system augmented by faults ˜ with L ˜ given by eqn. (3.99). is given by the SA S(Nx , Nu , Ny , Ne , L)
3.6 General Solution to the Stochastic Representation Problem** In Section 3.4.2, the Frobenius–Perron operator (FPO) is introduced on an intuitive level. In this section the FPO is described in detail. The given introduction is mainly based on the textbook [95] and partly on [21]. The results on the FPO and the definition of the Foias operator in Section 3.6.3 given below are reported. The main result of this section is the use of these operators to formulate the solution to the stochastic representation problems of quantised systems posed in Section 3.2.3. Further, this representation allows the use of a result obtained for the FPO to show that the third modelling aim of Section 3.1.3 is satisfied. The study of this section requires that the basic concepts from measure theory, summarised in Appendix A.1, are known. 3.6.1 The Frobenius–Perron Operator** FPO on measures. In fact, the FPO derived in Section 3.4.2 which transforms one density into another is just a special case of a more general definition of the FPO given in the following. Consider the Borel σ–algebra B(Rn ) on Rn ⊆ IRn . All measures µ on (Rn , B(Rn )) that satisfy µ(A) < ∞ for all bounded A ∈ B(Rn ) are called locally finite measures on Rn . The space of all locally finite measures is denoted by M. The subspace of M which contains only finite measures is denoted by Mfin . To derive the FPO, the autonomous dynamical system Rn → Rn ,
x(k+1) = g a (x(k))
(3.100) k
is considered. The system defines a relation between two measures µ , µk+1 ∈ Mfin that is given by the measure conservation principle [179] n µk+1 (A) = µk (g −1 a (A)) for all A ∈ B(R )
(3.101)
3.6 General Solution to the Stochastic Representation Problem**
83
which holds for all Borel measurable transformations g a . Equation (3.101) uniquely defines the operator Pˆ : Mfin → Mfin ,
µk+1 (A) = Pˆ µk (A)
which is called Frobenius–Perron operator on measures [95]. By means of eqn. (3.101), the FPO on measures describes the evolution of an initial measure µ0 over discrete time k. The FPO on measures is very abstract but it covers two cases that are of interest for the quantised system. FPO on the L1 space. First, from the FPO on measures, the FPO on L1 functions is derived, whose special case is the FPO on densities derived in Section 3.4.2. Consider measures ν absolute continuous to the Borel measure µ with a nonnegative L1 function p. Then Z p(x)µ(dx) , for all A ∈ B(Rn ) ν(A) = A
holds. If g a is non–singular, then the left–hand side of eqn. (3.101) is a continuous measure and the right–hand side of eqn. (3.101) can be written as Z ν(g −1 (A)) = p(x)µ(dx) , for all A ∈ B(Rn ) . a g −1 a (A)
Hence eqn. (3.101) yields the operator Z Z P p(x)µ(dx) = p(x)µ(dx) . A
g −1 a (A)
(3.102)
In [95] it is shown that eqn. (3.102) can be extended to all L1 functions p. The theorem of Radon–Nikodym guarantees the existence and uniqueness of the operator P given by eqn. (3.102) provided that g a is non–singular. The operator P : L1 → L1 is called Frobenius–Perron operator. It can be shown that the FPO satisfies 1. P (c1 p1 +c2 p2 ) = c1 P p1 +c2 P p2 , for all p1 , p2 ∈ L1 , c1 , c2 ∈ IR (linearity), 2. P p ≥ 0 if p ≥ 0, p ∈ L1 and 3. ||P p||L1 = ||p||L1 if p ≥ 0, otherwise ||P p||L1 ≤ ||p||L1 , p ∈ L1 , where p ≥ 0 means that p is almost everywhere nonnegative. From the second and the third property, it is clear that the FPO given by eqn. (3.102) equivalently defines a density operator D → D, i.e. every p ∈ D yields P p ∈ D. Note that in contrast to eqn. (3.102) the FPO on measures is defined for any Borel measurable transformation also if g a is singular. That is, the FPO on measures can also transform continuous measures into measures without density [95].
84
3. Modelling of Quantised Systems by Stochastic Automata
FPO on Dirac measures. Consider the dynamical system (3.100) with a point as initial condition: x(0) = x0 ∈ Rn . This initial condition is represented by the Dirac measure δx0 (A) as 0 if x0 6∈ A δx0 (A) = 1 if x0 ∈ A holds. From this follows by eqn. (3.101) that 0 if x0 6∈ g −1 −1 a (A) ˆ P δx0 (A) = δx0 (g a (A)) = 1 if x0 ∈ g −1 a (A) which can be written as 0 if g a (x0 ) 6∈ A Pˆ δx0 (A) = = δga (x0 ) (A) . 1 if g a (x0 ) ∈ A Thus, Pˆ δx0 = δga (x0 ) holds. That is, from the FPO on measures, the trajectory of the dynamical system (3.100) is obtained by starting from a Dirac measure δxk+1 = Pˆ δxk = δga (xk ) , given δx0 .
(3.103)
3.6.2 Representation of Autonomous Quantised Systems** From the previous section, it is clear that the FPO on measures describes the temporal evolution of densities as well as the evolution of a single trajectory. It therefore provides a useful tool for the description of the quantised systems allowing unique as well as uncertain initial conditions. This makes it possible to give a compact notation of the conditional probability distribution Prob([x(k)] | µ0 ) of the quantised states for given initial measure µ0 . For notational convenience, the vector notation p[x(k)] = ( Prob([x(k)]p = 1 | µ0 ) . . . Prob([x(k)]p = N | µ0 ) )0 is used instead of Prob([x(k)] | µ0 ), denoting the i–th component of p[x(k)] by pi[x(k)] . Denoting the measure µk (A) of a set A ∈ B(Rn ) at time k by µ(A, k), the autonomous quantised system is described as follows: Representation of autonomous quantised systems µ(A, k+1) = Pˆ µ(A, k) , µ(A, 0) = µ0 ˆ N µ(A, k) . p[x(k)] = Q
(3.104)
ˆ N the In eqn. (3.104) Pˆ is the FPO on measures corresponding to g a , and Q measure quantiser given by
3.6 General Solution to the Stochastic Representation Problem**
Z N i ˆ ˆ QN : Mfin → W , QN µ(A, k) = p[x(k)] , p[x(k)] =
85
µ(dx, k) . (3.105)
Qx (i)
ˆN ) That is, the autonomous quantised system is represented by the pair ( Pˆ , Q of the FPO on measures and the measure quantiser. The representation by eqn. (3.104) is general but abstract. To further evaluate this equation, the following considerations are restricted to densities px (x) ∈ D and non–singular transformations g a . With this, eqn. (3.104) becomes px (x, k+1) = P px (x, k) ,
px (x, 0) = px,0 (x)
p[x(k)] = QN px (x, k) ,
(3.106) (3.107)
where px (x, k) ∈ D denotes the density at time k, P the FPO on densities given by eqn. (3.102) and QN the density quantiser given by eqn. (3.79) [173]. Equations (3.106) and (3.107) provide the solution to the stochastic representation problem derived on an intuitive level in Section 3.4.2. If g a is a diffeomorphism, i.e. if g a is bijective and both, g a and g −1 are a differentiable, the FPO can be written explicitly as [95] þ −1 þ þ ∂g a þþ −1 þ , (3.108) P px (x, k) = px (g a (x), k) · þdet ∂x þ where | det(∂g −1 a /∂x)| denotes the absolute value of the determinant of the Jacobian of g −1 a . Example 3.6.1. First order system. As first example, consider IR+ → IR+ ,
x(k+1) = ga (x) = (x(k))2 .
√ The FPO of is obtained from eqn. (3.108) with ga−1 = x as √ this transformation √ P p(x) = p( x)/(2 x). For the initial density px0 (x) = 5 · 1[0.6,0.8] the FPO yields: px (x, k) = P k px (x, 0) =
5 √ · 1 2k 2k . (2 x)k [0.6 ,0.8 ]
The densities are shown on the left–hand side of Figure 3.25 for k = 0, 1, 2. Applying the density quantisation (3.107) with Qx (1) = [0, 0.5), Qx (2) = [0.5, 1) and Qx (3) = [1, ∞) to px (x, 1) yields Z 1 Z 0.5 5 · 1[0.36,0.64] 5 · 1[0.36,0.64] √ √ dx = 0.5355 , p2[x(k)] = dx = 0.4645 , p1[x(k)] = 2 x 2 x 0.5 0 and p3[x(k)] = 0. This is also shown in Figure 3.25. Piecewise affine systems. As second example, consider the affine system IRn → IRn ,
x(k+1) = g a (x) = A · x(k) + b
with a non–singular system matrix A. The inverse of g a is given by g −1 a (x) = A−1 (x − b). Hence, eqn. (3.108) yields the FPO P px (x) = px (A−1 (x − b)) · | det A−1 | .
86
3. Modelling of Quantised Systems by Stochastic Automata
Fig. 3.25. Sequence of density functions for x(k+1) = x(k)2 (left) and for the tank system (right). This can be extended to piecewise affine systems 1 g a (x) if x ∈ Q1 .. .. x(k+1) = g a (x(k)) = , ξ≥2 IRn → IRn , . . ξ g a (x) if x ∈ Qξ with any partition Qi of Rn into sets with nonzero measure and g ia (x(k)) = Ai · x(k) + bi . For such a system, eqn. (3.108) yields the FPO P px (x) =
ξ X i=1
px ((Ai )−1 (x − bi )) · | det((Ai )−1 )| · 1gia (Qi ) (x) .
Two–tank system. As last with both connecting valves the left tank √ is constant and x˙ 2 = −c2 x2 for x2 ≥ 0. By
example, consider the two–tank system of Section 1.4 closed and the pump turned off. Hence, the level in the level of the right tank is decreasing with the rate means of eqn. (3.25) the discrete–time description
x1 (k+1) = ga,1 (x) = x1 (k) 1/2 x2 (k+1) = ga,2 (x) = x2 (k) − 2(d3 − x2 (k)3/2 )/(3c2 /4 − 3x2 )
(3.109)
on R2 = [0, hmax ]2 with d = (c22 /4 − c2 Ts x2 (k)1/2 + x2 (k))1/2 and with the sampling −1 −1 is given by ga,1 = ga,1 and ga,2 which is time Ts is obtained. The inverse g −1 a obtained from ga,2 by replacing c2 by −c2 , because√backwards in time, the level in the right tank is increasing with the rate x˙ 2 = +c2 x2 . With this, the FPO of the tank system is given by −1 P px (x, k) = px ( (x1 ga,2 (x2 ))0 , k) · |D|
with D =1−
3(d˜3 − x2 ) 3/2
1/2
1/2
x2 (3c2 /4 + 3x2 )2
+
(3.110)
˜ + c2 /2 · Ts x−1/2 ) − x1/2 d(1 2 2 1/2
c2 /4 + x2
and d˜ = (c22 /4 + c2 Ts x2 (k)1/2 + x2 (k))1/2 . As initial density px (x, 0), a Gaussian distribution around x ¯2 = 0.55 with a standard deviation of 0.02, restricted and normalised to the interval [0.5, 0.6] is used. The sequence obtained from (3.110) with a sampling time of Ts = 5 is shown for k = 0, . . . , 6 on the right–hand side of Figure 3.25.
3.6 General Solution to the Stochastic Representation Problem**
87
3.6.3 The Foias Operator** The FPO of Section 3.6.1 is now extended to dynamical systems with random perturbations of the form Rn × R m → Rn ,
x(k+1) = g(x(k), u(k)) ,
(3.111) n
where the u(k) are independent random vectors, Rn ⊂ IR is a closed set and Rm ⊂ IRm is Borel measurable. It is assumed that eqn. (3.111) describes a regular stochastic dynamical system, i.e. that the following is satisfied [95]: 1. For every fixed u, the function g(x, u) is continuous in x and for every fixed x, it is measurable in u. 2. The random vectors u(k) have values in IRm and are described by a probability measure ν(B), B ∈ B(Rm ) constant over time. 3. The initial random vector x0 has values in Rn and the random vectors x0 , u(0), u(1), . . . are independent. Under these assumptions, the following equation defines an operator describing the evolution of a measure under the dynamical system (3.111) [95]: ˆ : Mfin → Mfin z ˆ k (A) = µk+1 (A) = zµ for all A ∈ B(Rn ) .
Z Rn
Z Rm
1A (g(x, u))ν(du) µk (dx)
(3.112)
ˆ is called Foias operator on measures. It is straightforward to The operator z show that for g(x, u) = g a (x) + 0u, the Foias operator on measures becomes the FPO on measures: Z Z Z k k ˆ zµ (A) = 1A (g a (x))ν(du) µ (dx) = 1A (g a (x))µk (dx) Rn Rm Rn Z = 1ga (A) (x)µk (dx) = µ(g −1 a (A)) . Rn
It is easier to interpret eqn. (3.112) if it is written in a slightly different way. ¯ , eqn. (3.101) yields with Similarly to the above, for constant input u(k) = u ¯ ¯ ) = gu ¯ denoted by Pˆ u¯ g(x, u (x) the FPO on measures corresponding to u a where Z Z ¯ −1 k ) (A)) = µ (dx) = 1(gua¯ )−1 (A) µk (dx) Pˆ u¯ µk (A) = µk ((g u a ¯ −1 (A) (g u a)
Z
=
Rn
Rn
¯ k 1A (g u a (x))µ (dx) .
Hence, eqn. (3.112) can be written as Z Z k k ˆ zµ (A) = 1A (g(x, u))µ (dx) ν(du) n m ZR R = Pˆ u µk (A) ν(du) , for all A ∈ B(Rn ) . Rm
(3.113)
88
3. Modelling of Quantised Systems by Stochastic Automata
That is, the Foias operator can be interpreted as “mean” FPO for all inputs u. The integral in eqn. (3.113) “sums” the FPO’s corresponding to each input weighted with the measure ν. From eqn. (3.113), the Foias operator on densities or on the L1 space can be derived in analogy to Section 3.6.1 with the restriction to non–singular transformations and absolute continuous measures. Denoting the density corresponding to the continuous probability measure ν by pu (u), the Foias operator is given by Z (P u px (x, k)) · pu (u) µ(du) , (3.114) z : L1 → L1 , zpx (x, k) = Rm
where P u denotes the FPO corresponding to input u and µ the Borel measure on B(Rm ). An example will be given in the next section. 3.6.4 Representation of Quantised Systems** The non–autonomous quantised system is now described by means of the Foias operator. According to Section 3.2, the input injector yields random [u] vectors u and is described by densities pu (u) for each qualitative input [u]. Hence, for each qualitative input [u], there exists a Foias operator denoted ˆ [u] : Mfin → Mfin describing the dynamics of the quantised system in by z terms of the measure transformation Z k ˆ z[u] µ (A) = Pˆ u µk (A) ν[u] (du) , for all A ∈ B(Rn ) (3.115) Rm
with
Z ν[u] (B) =
B
p[u] u µ(du) ,
for all B ∈ B(Rm ) ,
where µ denotes the Borel measure. Denoting, as before, the measure of a set A at time k in the state space by µ(A, k), and writing the conditional probability distribution Prob([y(k)] | [U (0 . . . k)], µ0 ) of the quantised outputs at time k as vector p[y(k)] = ( Prob([y(k)]p = 1 | [U (0 . . . k)], µ0 ) . . . Prob([y(k)]p = R | [U (0 . . . k)], µ0 ) )0 , the quantised system is described as follows: Representation of quantised systems ˆ [u(k)] µ(A, k) , µ(A, k+1) = z ˆ [u(k)] µ(A, k) . p[y(k)] = Q R
µ(A, 0) = µ0
(3.116)
3.6 General Solution to the Stochastic Representation Problem**
89
ˆ [u] is the Foias operator on measures corresponding to g In eqn. (3.116) z ˆ [u(k)] µ(A, k) the output measure for the current quantised input [u(k)], and Q R quantiser depending on h and the current quantised input [u(k)] given by ˆ [u(k)] : Mfin → W R Q R ˆ [u(k)] µ(A, k) = p[y(k)] , Q R
pi[y(k)] =
(3.117)
Z h−1 (Qy (i))
µ(dx, k)ν[u] (du) .
ˆ [u] That is, the quantised system is represented by a set of Foias operators z [u] ˆ and output quantisers Q R for each qualitative input [u] = 1, . . . , M . As before, the operator representation (3.116) on measures can be transformed into an operator representation on densities (cf. Section 3.6.2). Example 3.6.2. Consider the quantised system defined in Section 3.5.2 by means
of eqns. (3.66)–(3.72). Due to eqn. (3.113) the FPO in dependence on the input u is needed to determine the Foias operator for each quantised input. From eqn. (3.66), the inverse (gau )−1 (x) = (x+0.1u)/0.8 is obtained, yielding according to eqn. (3.108) the FPO 1 P u px (x) = px ((x + 0.1u)/0.8) · . 0.8 Hence, according to eqn. (3.113), the Foias operators depending on the quantised input [u] in density notation are given by: Z 1 z[u(k)] px (x) = px ((x + 0.1u)/0.8) · (3.118) · pu[u(k)] (u) du , 0.8 IR [u(k)]
with pu according to eqns. (3.69) and (3.70). The solution to the above integral depends on the state density function px and can therefore not be given explicitly. However, it provides an analytical description of the transformed densities. As example, consider the density transformation shown in Figure 3.22. The figure corresponds to the quantised system given by eqns. (3.66)–(3.72). Consider the initial density px (x, 0) = 0.5 · 1[−1,1] (x) and the quantised input [u] = 3. With this, eqn. (3.118) yields: Z 0.5 px (x, 1) = 1[−1,1] ((x + 0.1u)/0.8) · 1[1,∞) exp(−u + 1) du 0.8 IR 0 if x > 0.7 if −0.9 ≤ x ≤ 0.7 = 5/8(1 − exp(10x − 7)) 5/8(exp(10x + 9) − exp(10x − 7)) if x < −0.9 . This density is shown for k = 1 in Figure 3.22. For the output quantiser, note that from eqns. (3.67) and (3.68) follows that h−1 (Qy (1)) = {(x, u) | 0.5x − 0.5u < 0} = {(x, u) | x < u} and, equivalently, h−1 (Qy (2)) = {(x, u) | x > u} hold. The output quantiser in eqn. (3.116) yields p[y(k)] = (p1[y(k)] p2[y(k)] )0 . For the example system in density notation this is Z ∞ Z u Z ∞ Z ∞ 2 p1[y(k)] = px (x, k)dx p[u(k)] du , p = p (x, k)dx pu[u(k)] du . x u [y(k)] −∞
−∞
−∞
u
For the first two time instances the integrals yield p[y(0)] = (1 0)0 and p[y(1)] = (1 0)0 .
90
3. Modelling of Quantised Systems by Stochastic Automata
3.6.5 Convergence of the Approximation** In this section, it is shown that for finer state space partition the qualitative model converges to a precise representation of the quantised system. To formally derive this result, a finite approximation of the FPO for autonomous systems is presented. This approximation became a standard tool in the analysis of nonlinear dynamical system (cf. e.g. [61], [68]). Consider the Borel σ–algebra B(Rn ) on Rn and the autonomous system (3.100). Furthermore, consider a partition of Rn into sets Qx (i), i = 1, . . . , N with nonzero Borel measure µ(Qx (i)) > 0 and the subset ∆N of all L1 functions that are represented by simple functions on the partitioned space ∆N = {s(x) | s(x) =
N X
αi · bi (x) , αi ∈ IR} ⊂ L1 ,
bi (x) =
i=1
1Qx (i) (x) . µ(Qx (i))
The operator PN : ∆N → ∆N defined by PN bj (x) =
N X
Prob(i | j) · bi (x)
(3.119)
i=1
with
Prob(i | j) =
µ(g −1 a (Qx (i)) ∩ Qx (j)) µ(Qx (j))
is called discrete or quantised FPO (cf. e.g. [48], [68], [173]). The quantised FPO has been introduced in [195] and is also called Ulam’s piecewise constant approximation of the FPO [38]. Note that the conditional probabilities of eqn. (3.119) are those of the transition relation Ga (z 0 |z) of the qualitative model in the autonomous case, if uniform distributions are used for all pix (cf. Section 3.5.2, eqn. (3.64)). That is, the quantised FPO is a qualitative model of the autonomous quantised system. Because of the above, results obtained in the literature on the quantised FPO directly apply to qualitative modelling. Two such results are given below. For the formulation of the first result, the density quantiser of Section 3.5.3 is modified according to Z N X ˜ N : L 1 → ∆N , Q ˜ N px (x) = Q px (x)µ(dx) . pi[x] bi (x), pi[x] = i=1
Qx (i)
Note that the weights pi[x] are identical to the weights of the density quantiser given by eqn. (3.79). Lemma 3.6.1. [38],[96] For all px (x) ∈ ∆N the relation ˜ N P px (x) PN px (x) = Q holds.
3.7 Bibliographical Notes
91
According to this lemma, the quantised map of any function px (x) ∈ ∆N by the FPO and by the qualitative model are equal. This result has already been obtained in Section 3.5.3 and is illustrated by Figure 3.22. In fact, the lemma proves that the weights of the two densities shown in the middle of the lower part of Figure 3.22 are identical under the influence of the quantiser. That is, for any quantisation the qualitative model precisely contains the single–step transition probabilities of the quantised system. The second result concerns the convergence of the approximation to the FPO. Convergence of the qualitative model to a representation of the autonomous quantised system Lemma 3.6.2. [38],[96] For all px (x) ∈ ∆N the following relation holds PN px (x) N−→ P px (x) →∞ provided that all partition sets Qx (i) shrink as N grows. This important result means that for increasingly finer partition the quantised FPO converges to the FPO for any transformation g a . Hence, it is proved for the autonomous case that the qualitative model converges to the precise representation of quantised system with increasing number of qualitative states. This shows that the qualitative model satisfies the third modelling aim (cf. Section 3.1.3). It is intuitively clear that the theorem can be extended to the non–autonomous case, i.e. that the qualitative model converges to a set of Foias operators for increasingly finer partition. In fact, the proof given in [96] uses standard techniques of approximation theory and should, therefore, be extendible to the non–autonomous case without any problems. However, this has not been studied in the mathematical literature so far, and a formal proof lies beyond the scope of this book.
3.7 Bibliographical Notes The quantised system is a hybrid system as it concerns discrete as well as continuous dynamics. Hence, its study needs to combine results from discrete and continuous systems theories. The following gives an overview of results in both fields which are relevant for the chapter. Historically, continuous and discrete–event systems theories developed independently of each other leading to well elaborated methods for linear and nonlinear systems on the one hand and discrete–event systems on the other.
92
3. Modelling of Quantised Systems by Stochastic Automata
Recently, there are strong research activities seeking to combine both theories within a unified framework for the representation of hybrid systems, cf. e.g. [2], [3], [13], [22], [60]. These studies are focused on an accurate representation of hybrid phenomena (cf. [3],[13]), the design of supervisory controllers (cf. e.g. [2], [84]) and reachability analysis e.g. in [93], [137], [149]. In contrast to this, the focus here is on the description of the continuous dynamics of the quantised system under the influence of quantisation, and on a concise, purely discrete abstraction of the quantised system. Accordingly, the book is concerned separately with both foundations of hybrid systems theory. That is, for the representation of quantised systems mainly methods from continuous systems theory are used, whereas discrete–event systems play a major role for the abstraction of the quantised system. Continuous systems theory is used here to analyse the dynamics of quantised systems. It has its foundations in linear systems theory, cf. e.g. [41], [49], [112] and can be extended to nonlinear systems that behave locally linear [192], [197]. These studies rely on the assumption that similar initial conditions result in a similar system behaviour, giving rise to the trajectory– oriented viewpoint commonly used in control. However, already very simple nonlinear systems exist that do not have this property. Such systems are no longer adequately described by trajectories but require to consider ensembles of trajectories [95]. For discrete–time systems this ensemble–oriented viewpoint leads to descriptions based on the Frobenius–Perron operator or, in the non–autonomous case, the Foias operator. As shown in this chapter, the quantisation similarly necessitates to consider trajectories bundles. The corresponding studies in this chapter are based on [21], [38], [95], [96] and due to the measure theoretic background of the operators also refer to [39], [63]. The non–autonomous case is only rarely discussed in the mathematical literature. For additive perturbations, an approximation of the Foias operator is discussed in [48]. Other approaches including some convergence results are given in [37] and [57]. Different approaches that have been developed in discrete systems theory are related to this chapter. Of particular interest are approaches which deal with discrete–event abstractions of continuous systems. Works in this field are, like this book, situated between continuous systems theory on the one hand and discrete–event systems theory on the other. First approaches in this area aimed at finding deterministic discrete–event abstractions of continuous systems [83], [199]. However, hard restrictions on the class of continuous systems were necessary for the existence of such abstractions [83]. Without these restrictions, nondeterministic behaviours are obtained requiring the use of nondeterministic discrete–event models. These approaches can be distinguished with respect to the way how time appears in the discrete model and, closely related to this issue, which kind of discrete–event model is used for the abstraction of the continuous system.
3.7 Bibliographical Notes
93
Firstly, there are approaches preserving the continuous–time of a system and, hence, lead to continuous–time discrete–event abstractions in form of bond–graphs [136] or continuous–time hidden Markov processes [205]. The main problem of these approaches is that the discrete models produce a huge number of spurious solutions, i.e. the behaviour of the abstracted discrete– event model differs considerably from that of the original system. Therefore, in most approaches time is discretised, either event–based, i.e. it is sampled whenever a system variable exceeds a certain threshold, or by means of periodical sampling. Nondeterministic automata are used as discrete–event abstractions with event–based sampling in [51], [88], [146], [148] and [154], whereas in [139] and [190] stochastic or hybrid automata are used. Finally, discrete abstractions of discrete–time systems are considered in [109] and [153] which use stochastic or nondeterministic automata as discrete–event model, respectively. A common property of the above approaches is the completeness of the discrete–event abstraction with respect to the original system. That is, the discrete–event model yields all behaviours that the continuous–variable system can show. In general, discrete models yield additional behaviours which are referred to as spurious solutions. The reason for this is given by the fact that quantised systems do not possess the Markov property whereas stochastic automata do [111]. In the book the term “qualitative model” is used for the discrete–event abstraction of a continuous system. This term has its background in artificial intelligence, particularly in the fields called qualitative physics, qualitative reasoning or qualitative simulation, cf. e.g. [32], [35], [89], [90], [151], [200]. The aim of these approaches is to describe the global relation among the most important system variables which is in contrast to the numerical models commonly used in engineering. These methods have been extended to uncertain knowledge representation forms like Bayesian networks, cf. [75], [76], [119], [145], [160]. Though the aim to qualitatively describe a system is the same as in this book, the approaches in the field of artificial intelligence differ significantly from the approach presented here. The main difference is that most approaches in artificial intelligence consider static rather than dynamical system. As far as dynamical systems are concerned, their dynamics are approximated very roughly e.g. by just considering the sign of a variable and of its change [35]. One focus of the methods elaborated in artificial intelligence and computer science is the way how the qualitative knowledge is represented and processed. With respect to this, relational database theory and graph theory provide widely used tools [8], [171]. In [65] these techniques are applied to component–oriented modelling with application to diagnosis. The results ob-
94
3. Modelling of Quantised Systems by Stochastic Automata
tained there are used and extended in this book to the description of dynamical systems in form of stochastic automata networks. The idea to use stochastic automata as discrete–event abstractions of discrete– time systems is in continuation of the ideas presented in [109] that are elaborated in more detail in [97]. The chapter contains several new results if compared to these publications. One of the main differences concerns the way how the discrete–event abstraction of a discrete–time quantised systems by means of a stochastic automaton is defined (cf. Definition 3.5.1). The definition given here is the first which is completely embedded in probability theory and which is precise in detail. The quantised system is formally introduced as stochastic process and is described by the temporal evolution of an initial density function in the state space extending former descriptions based on sets of state sequences. Theorem 3.5.1 proves the completeness of the discrete–event abstraction extending an earlier proof concerning nondeterministic automata [97]. Furthermore, the stochastic process represented by the quantised system is constructively described by means of the Frobenius–Perron and Foias operators in Section 3.6. This shows a novel perspective on the representation of quantised systems and on the application of the Frobenius–Perron and Foias operators. Finally, the relation between Definition 3.5.1 and the piecewise constant approximation of the Frobenius–Perron operator is shown. A first outcome of this new relation is the application of a convergence result obtained for the approximation of the Frobenius–Perron operator. For the abstraction of quantised systems this leads to the novel result that the qualitative model converges to a precise representation of the quantised system for increasingly finer state space partitions (cf. Lemma 3.6.2).
4. Further Aspects of Modelling Quantised Systems*
This chapter concerns further aspects of modelling quantised systems. Section 4.2 presents methods to compute the qualitative model for a given quantised system. Further, it is outlined how complete models can be obtained in case of parameter uncertainties or noise. In Section 4.3, the dependence of the stationary and dynamical behaviour of the qualitative model upon the state space partition is discussed.
4.1 Motivation* For the application of qualitative models, it is necessary to compute the behavioural relation for a large system class. In principle, this is done by evaluating eqn. (3.64) for all z 0 , w, z and v in a step usually referred to as abstraction of a continuous–variable system to a qualitative model. This is because the qualitative model resulting from this computation describes the system on a higher level of abstraction (cf. [88], [109], [148], [153]). Practically, the computation of the behavioural relation is a major issue. This has mainly two reasons. The first is that the limits of computational resources can be reached easily already for relatively small systems. The second is that for the application of the computed qualitative model its completeness is a necessary condition. This means that the computation must not yield a probability of zero for a transition that can occur. Section 4.2 concerns both problems. Two methods are presented for computing the behavioural relation, while only the second can guarantee the completeness of the computation result. Section 4.2.4 presents an extension important for the practical application. This concerns a method to consider parameter uncertainties and noise in the abstraction of qualitative models. These considerations are closely related to the computational aspects studied before. Section 4.3 concerns a completely different topic, namely the accuracy with which the qualitative model describes the quantised system. Obviously, the J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 95-122, 2003. Springer-Verlag Berlin Heidelberg 2003
96
4. Further Aspects of Modelling Quantised Systems*
accuracy mainly depends on the quantisation of the signals. Whereas the partitions of the inputs and outputs are typically determined by the technological system, the partition of the state space can always be adapted to the required accuracy of the qualitative model. This concerns both the number of partition sets and their shape. In Section 4.3, conditions on the state space partition are derived under which the qualitative model has, in a sense explained there, ideal stationary and dynamical behaviour. The aim is to derive guidelines for the choice of the state space partition in practical applications. Remark 4.1.1. The discussion in Section 4.3 concerns merely the partitions without considering the density functions pix (x) or piu (u) on each set. For simplification, it is therefore assumed that the densities represent uniform distributions on all bounded sets and are described by declining exponential functions on the unbounded sets. However, the results hold for a larger class of densities which is not investigated in detail.
4.2 Computation of the Behavioural Relation* 4.2.1 Computation Principle* To explain how the behavioural relation is computed, eqn. (3.64) is first written as µn+m (Qxu (z 0 , w, z, v)) L(z 0 , w|z, v) = (4.1) µn+m (Qxu (z, v)) with Qxu (z 0 , w, z, v) =
x u
þ þ g(x, u) ∈ Qx (z 0 ), h(x, u) ∈ Qy (w) þ þ x ∈ Qx (z), u ∈ Qu (v)
⊆ Qxu (z, v) . This shows two important aspects: 1. The probabilities of all quantised successor state/output pairs (z 0 , w) for a given pair (z, v) are obtained from a partition of the set Qxu (z, v) into subsets Qxu (z 0 , w, z, v). This partition depends on the system equations (3.1) and (3.2) and on the partitions of the state and output space. 2. The behavioural relation can be computed separately for each pair (z, v). Example 4.2.1. Figure 4.1 shows this for a scalar input and scalar state space. It shows the region Qxu (2, 2) of a partitioned input and state space. The map of this region with some functions g and h shows that for all points [g(x, u)] = 2 holds, whereas some points (x, u) ∈ Qxu (2, 2) yield [h(x, u)] = 2 while for others [h(x, u)] = 3 holds. Accordingly, the set Qxu (2, 2) is partitioned into two sets Qxu (2, 2, 2, 2) and Qxu (2, 3, 2, 2). Consequently, the behavioural relation has two nonzero entries for (z, v) = (2, 2), namely, L(2, 2 | 2, 2) > 0 and L(2, 3 | 2, 2) > 0. All other entries for (z, v) = (2, 2) are zero. The nonzero values are obtained according to eqn. (4.1) by computing the measures of the sets Qxu (2, 2, 2, 2), Qxu (2, 3, 2, 2) and Qxu (2, 2).
4.2 Computation of the Behavioural Relation* u
Qxu( 2,3,2,2)
y
IRn+m g h
[u]=2
Q xu(z=2,v=2 )
[x ]=1
[x ] =2
IRn+r map of Q xu(2,2)
[ y]=2 [ y] =1
Qxu( 2,2,2,2)
[u]=1
[ y] =3
97
[x ]=3
x
[x ]=1
[x ] =2
[x ]=3
x
Fig. 4.1. Partition of Qxu (z, v) for the computation of the behavioural relation.
Practically, the measures in eqn. (4.1) can rarely be analytically described even in case of simple systems. Furthermore, even if the sets Qxu (z 0 , w, z, v) can be described analytically by various inequalities, computing their measures requires the computation of the integral (3.65) in a multi–dimensional space which is still difficult. Therefore, the aim of the methods described below is to provide computationally feasible ways to approximate the measures in eqn. (4.1). The crucial point is to guarantee that the computation does not yield a zero for sets with nonzero measure to ensure the completeness of the resulting model (cf. Lemma 3.5.1). 4.2.2 Point–Mapping* Point–mapping is the standard method to compute transition probabilities from one region of a partitioned space to another. In the following, the method is briefly summarised and applied to compute an estimate of the behavioural relation. The main idea is to take a selection of κ points of each region Qxu (z, v) denoted as ˜ xu (z, v) = {(x1 , u1 ), (x2 , u2 ), ..., (xκ , uκ )}, Q with
(xi , ui ) ∈ Qxu (z, v), i = 1, ..., κ .
The points must be selected such that they are distributed according to the density z v pzv xu (x, u) = px (x) · pu (u)
(4.2)
˜ xu (z, v), eqns. (3.1) on Qxu (z, v) (cf. Section 3.5.2). For each point (xi , ui ) of Q and (3.2) are used to compute the points (g(xi , ui ), h(xi , ui )). The state and output space partitions are used to determine the pair (z 0 , w) of the quantised successor state and output. Doing this for all points, the sets ˜ xu (z 0 , w, z, v) = {(x, u)|(x, u) ∈ Q ˜ xu (z, v), g(xi , ui ) ∈ Qx (z 0 ) Q and h(xi , ui ) ∈ Qy (w)}
98
4. Further Aspects of Modelling Quantised Systems*
can be constructed for all z 0 ∈ Nz , w ∈ Nw . With this, the behavioural relation L of the qualitative model is approximated by ˜ xu (z 0 , w, z, v)) Λ(Q Lþ (z 0 , w|z, v) = , (4.3) ˜ xu (z, v)) Λ(Q where Λ(·) denotes the number of points contained in the set. According to the law of large numbers, the estimates (4.3) of the transition probabilities converge to those defined by eqn. (3.64) or (4.1) for κ → ∞, [97]. The described method can directly be implemented on a computer as the sets ˜ xu (z, v) are finite, and thus a finite number of mappings with eqns. (3.1) Q ˜ xu (z 0 , w, z, v). Furthermore, the implementation is simple and (3.2) leads to Q as only quantisation and mapping functions are required. However, the problem of point–mapping is that the completeness of the obtained model is not guaranteed. More precisely, for the obtained behavioural relation Lþ , the relation TLÿ (z, v) ⊆ TL (z, v)
∀ (z, v) ∈ Nz × Nv
(4.4)
rather than condition (3.95) holds. This means that the SA is complete only in the ideal case that TLÿ (z, v) = TL (z, v) holds for all pairs (z, v). In Chapter 9 it is shown that even for simple systems, the number of points that must be mapped until TLÿ (z, v) = TL (z, v) is obtained, is so high that the computation would last several years. Hence, practically only incomplete models not fulfilling the modelling aim can be obtained by means of point–mapping. Such a model cannot be used for process supervision. As TL (z, v) is unknown, there is no way to check whether a model using Lþ is complete or not. Therefore, point-mapping is not suited for the abstraction task. Remark 4.2.1. Instead of distributing the points according to eqn. (4.2), it is also possible to distribute the points uniformly over Qxu (z, v) and use a measure weighted according to (4.2) instead of the counting measure Λ. 4.2.3 Hyperbox–Mapping* In this section, a method to compute the behavioural relation is presented that guarantees completeness. For this it must be assumed that the functions g and h satisfy a Lipschitz condition, i.e. that a number ψ ∈ IR+ exists such that þþ þþ þþ þþ þþ þþ þþ g(x1 , u1 ) − g(x2 , u2 ) þþ þþ ≤ ψ · þþ x1 − x2 þþ þþ (4.5) þþ u1 − u2 þþ þþ h(x1 , u1 ) − h(x2 , u2 ) þþ ∞
∞
holds. For practical reasons the infinity norm || · ||∞ is used in eqn. (4.5). For simplicity, it is assumed that all partitions are orthogonal, i.e. that all dimensions of the signal spaces are divided independently into intervals resulting in regions in form of hyperboxes (cf. Figure 4.2). An extension of this method to non–orthogonal partitions is given in [43].
4.2 Computation of the Behavioural Relation* u
Qxu( 2,3,2,2)
g h
r0
[u]=2
y
IRn+m
(x 0 ,u 0 )
[ y] =3
map of Qxu( 2,2)
r 0.ψ [ y] =1
Qxu(2,2,2,2)
[x ]=1
[x ] =2
IRn+r
[ y]=2 Q xu(z=2,v=2 )
[u]=1
99
[x ]=3
x
( x 0+ ,y0 )
[x ]=1
[x ]=2
[x ]=3
x
Fig. 4.2. Hyperbox–mapping.
The idea is described based on the same example as in Section 4.2.1 and is illustrated by Figure 4.2. On the left–hand side of the figure, the state– input space is shown. The dashed lines symbolise the partition bounds. The set Qxu (2, 2) is considered. For simplicity, it is assumed that Qxu (2, 2) is quadratic with a sidelength of 2r0 . Hence, using the centre point (x0 , u0 ), the set Qxu (2, 2) can be described by Qxu (z, v) = {(x, u) | ||(x, u) − (x0 , u0 )||∞ ≤ r0 } .
(4.6)
That is, the set Qxu (z = 2, v = 2) can be represented by a box {(x0 , u0 ), r0 } in the state–input space given by its centre (x0 , u0 ) and r0 which is referred to as radius of the box due to its interpretation as radius of a circle when denoting the set (4.6) in the Euclidean norm. Using the functions g and h, the point (x0 , u0 ) is mapped to the state–output space resulting in the point (x0+ , y0 ) depicted in black on the right–hand side of Figure 4.2. Due to the Lipschitz constraint (4.5), the map of the set Qxu (z, v) is known to be contained in the set = {(x, y) | ||(x, y) − (x0+ , y0 )||∞ ≤ r0 · ψ} , Qapprox xy i.e. the map of the box {(x0 , u0 ), r0 } in the state–input space is conservatively approximated by the box {(x0+ , y0 ), r0 ψ} in the state–output space. Figure 4.2 shows that the approximation box completely covers the map of Qxu (2, 2). Quantising the set Qapprox in the state-output space reveals that it overlaps xy with regions corresponding to several successor state/output combinations (z 0 , w). According to Figure 4.2, possible combinations (z 0 , w) due to Qapprox xy are TL⊕ (z = 2, v = 2) = {(1, 1), (2, 1), (1, 2), (2, 2), (1, 3), (2, 3)} , whereas quantising the map of Qxu (z, v) yields: TL (z = 2, v = 2) = {(2, 2), (2, 3)} .
(4.7)
100
4. Further Aspects of Modelling Quantised Systems*
yields TL⊕ ⊇ TL Hence setting the transitions of L⊕ according to Qapprox xy and, thus, according to Lemma 3.5.1, a complete model of the quantised system. The above method obviously yields a complete model of the quantised system. It is now extended such that further calculations yield better approximations of the behavioural relation L. Whenever the set Qapprox yields more than one xy quantised successor state/output combination like in (4.7), the set Qxu (z, v) in the state-input space is partitioned into subsets as follows: By introducing two additional points per dimensions, the box {(x0 , u0 ), r0 } is divided into smaller boxes. In case of Figure 4.2, this results in nine boxes with radius r0 /3. The additional points, depicted in medium grey, are mapped, resulting in boxes with radius ψr0 /3 in the state–output space. Only those boxes that do not yield a unique quantised successor state/output pair (z 0 , w) need further investigation and can be subdivided as long as needed to obtain the desired precision of the transition probabilities. In Figure 4.2, only the map of the box in the upper left corner yields two possible pairs (z 0 , w). It is further subdivided into nine boxes with radius r0 /9 with the centre point shown in light grey. Of these boxes, three yield again no unique quantised successor state/output pair and could be further subdivided. Continuing the subdivision, there will, in general, always remain boxes that yield more than one quantised successor state/output pair. Thus, the computation needs to be stopped after some subdivisions. To guarantee completeness, the measures of the boxes still yielding more than one successor state/output pair (z 0 , w) after the last subdivision are equally distributed among the measures µn+m (Qxu (z 0 , w, z, v)) of the corresponding sets. As an example, the measures obtained from the left–hand side of Figure 4.2 after the two subdivision steps are computed. It is assumed that p2x (x) and p2u (u) are uniform distributions such that eqn. (4.1) can be used with the Lebesgue measure λn+m . From the figure, it can be seen that eight of the boxes with radius r0 /3 were not further subdivided as the approximation of their map uniquely yields (z 0 , w) = (2, 2). Their area is (2r0 /3)2 each, which completely counts for λn+m (Qxu (2, 2, 2, 2)). The map of the ninth box in the upper left corner of Qxu (2, 2) yielded two different quantised state/output pairs (z 0 , w) and was therefore further subdivided into nine boxes. As the figure shows, six approximated maps of these boxes uniquely yield (z 0 , w) = (2, 2), whereas the other three again yield both possible quantised state/output pairs. Stopping the subdivision after two steps, one half of the area of the smallest boxes which is (2/9r0 )2 is added to λn+m (Qxu (2, 2, 2, 2)) and the other half to λn+m (Qxu (2, 3, 2, 2)). Accordingly, the following approximation for the measures is obtained: λn+m (Qxu (2, 2, 2, 2)) ≈ 8 · (2/3r0 )2 + 6 · (2/9r0 )2 + 3 · (2/9r0 )2 /2 λn+m (Qxu (2, 3, 2, 2)) ≈ 3 · (2/9r0 )2 /2 .
4.2 Computation of the Behavioural Relation*
With λn+m (Qxu (2, 2)) = (2r0 )2 , behavioural relation: 53/54 L⊕ (z 0 , w | 2, 2) = 1/54 0
101
eqn. (4.1) yields the following entries of the for z 0 = 2, w = 2 for z 0 = 2, w = 3 otherwise .
Extension to non–quadratic boxes. Practically, the partition regions are in general not quadratic and the system variables have different value domains. Therefore, rectangular hyperboxes are used instead of quadratic ones which were used above only to explain the main idea. The boxes are thus described by a centre point (x0 , u0 ) and a radius vector r 0 ∈ IRn+m . With this, the description of the set (4.6) becomes Qxu (z, v) = {(x, u)|x|i − x0,i | < r0,i , i = 1, ..., n and |ui − u0,i | < r0,i , i = n+1, ..., n+m} . Instead of a Lipschitz number ψ, a nonnegative matrix Ψ ∈ IR(n+r)×(n+m) is used in eqn. (4.5) mapping the radius vector r 0 from the state-input space to the radius vector r 00 = Ψ · r 0
(4.8)
in the state-output space. The elements (Ψ )ij of the Lipschitz matrix describe how much the mapped point changes in its i–th dimension, if changing the original point in its j–th coordinate. In general, all entries of P si are nonzero. The described method is explained in detail in [43]. A similar method for autonomous systems is described in [61]. The properties of the hyperbox– mapping method are summarised in the following lemma. Abstraction by hyperbox–mapping Lemma 4.2.1. By means of the hyperbox–mapping method a complete model is obtained. Furthermore, the estimated behavioural relation converges to that of Definition 3.5.1 for increasing number of subdivisions. Proof. See Appendix C.4, [61].
t u
Figure 4.3 illustrates the above results by comparing the number of nonzero entries of the approximate behavioural relations obtained by point–mapping or by hyperbox–mapping, respectively. The number of obtained nonzero transitions is shown over the number of mapped points or the number of mapped boxes. For an infinite number of points or boxes, both methods yield the correct number |TL | of entries as given by the behavioural relation L of the qualitative model. According to Lemma 4.2.1, each result obtained by means of hyperbox–mapping with a finite number of boxes yields a complete model,
102
4. Further Aspects of Modelling Quantised Systems*
Fig. 4.3. Comparison of the approximate behavioural relations obtained by point–mapping or hyperbox–mapping.
i.e. L⊕ has at least as many nonzero entries as L. On the other hand, point– mapping yields, in general, an incomplete model, i.e. a behavioural relation Lþ with fewer entries than L. Note that with the number of points or boxes to be mapped also the computation time increases. 4.2.4 Parameter Uncertainties and Noise** One motivation for using qualitative rather than numerical models is that often no precise description of the system behaviour can be found. Consequently, numerical models used for abstraction are typically models based on “first principles” neglecting higher order effects and are, hence, no precise descriptions. Accordingly, the assumption that a precise numerical model (3.1) and (3.2) is given in a practical application has to be relaxed. Instead of the model (3.1) and (3.2) considered so far as core of the quantised system, the description x(k+1) = g(x(k), u(k), ρ(k)) , y(k) = h(x(k), u(k), ρ(k)) ,
x(0) = x0
(4.9) (4.10)
is used, where uncertainties are explicitly represented by a parameter vector ρ ∈ Rq ⊆ IRq . The uncertainties are modelled as static random process described by the probability density Z pρ : Rq → IR+ , with pρ (ρ)dρ = 1 . (4.11) Rq
That is, according to eqns. (4.9) and (4.10), the successor states and outputs are random, depending on the vector ρ determined at each time instance k independent of the state, input or previous parameter values.
4.2 Computation of the Behavioural Relation*
103
The qualitative model of Definition 3.5.1 can easily be extended to describe the quantised system with the continuous–variable model (4.9) and (4.10). This is because the uncertain parameters are of the same nature as the uncertainties brought about by the input injector (cf. Section 3.2.1). Also in case of uncertainties, the qualitative model shall describe the conditional probability of a transition in the quantised system but, in addition to Definition 3.5.1, considering all possible parameter values ρ. This is achieved by extending the definition of the behavioural relation to L(z 0 , w|z, v) :=
µn+m+q (Qxuρ (z, v) ∩ (gh)−1 (Qxy (z 0 , w))) µn+m+q (Qxuρ (z, v))
(4.12)
with Qxuρ (z, v) = Qx (z) × Qu (v) × supp(pρ (ρ)) ⊆ Rn+m+q , x þþ 0 g(x, u, ρ) ∈ Qx (z ), (gh)−1 (Qxy (z 0 , w)):= u þþ ⊆ Rn+m , h(x, u, ρ) ∈ Qy (w) ρ and the measure µn+m+q (Qxuρ ) =
Z (
N X
Qxuρ i=1
pix (x)) · (
M X
(4.13) (4.14)
pju (u)) · pρ (ρ) dx du dρ (4.15)
j=1
of an arbitrary measurable set Qxuρ ⊆ Rn+m+q . For the computation of the behavioural relation (4.12) the methods described in the previous section directly apply. Bounded additive noise. A special case of eqns. (4.9) and (4.10) is additive noise x(k+1) = g(x(k), u(k)) + ρx (k) , y(k) = h(x(k), u(k)) + ρy (k) ,
x(0) = x0
(4.16) (4.17)
with the random variables ρx ∈ Rn and ρy ∈ Rr described by density functions pρx (ρx ) and pρy (ρy ), respectively. It is further assumed that the noise is bounded and uniformly distributed over a set of values according to 1/λn (Qρx ) ρx ∈ Qρx pρx (ρx ) = , Qρx = {ρx ||ρx − ρx,0 ||∞ ≤ r x,0 } (4.18) 0 otherwise and pρy (ρy ) =
1/λr (Qρy ) ρy ∈ Qρy , Qρy = {ρy ||ρy − ρy,0 ||∞ ≤ r y,0 } . (4.19) 0 otherwise
This makes it possible to abstract the qualitative model with almost no additional effort compared to the undisturbed system. The abstraction of a quantised system with (4.16)–(4.19) can be performed by applying the hyperbox– mapping method to the undisturbed system using eqns. (4.16)–(4.17) with
104
4. Further Aspects of Modelling Quantised Systems*
ρx (k) = ρx,0 and ρy (k) = ρy,0 and by determining the radii of the boxes mapped to the state–output space by r 00 = Ψ · r 0 + (r x,0
r y,0 )0
(4.20)
(cf. Section 4.2.3). This is obviously the same as applying the hyperbox– mapping to the abstraction task defined by (4.12) and the quantised system with (4.16)–(4.19) without performing any subdivision of the hyperboxes in the dimensions of the parameter space. The described method is interesting for the practical application of qualitative modelling. All kinds of uncertainties and noise can be conservatively approximated by using the two vectors r x,0 and r y,0 . The qualitative model is computed by the same method as before but using (4.20) instead of (4.8). Note that the uncertainties described by r x,0 and r y,0 introduce a kind of “natural bound” for a reasonable number of subdivision used in the hyperbox–mapping as they introduce by eqn. (4.20) a lower bound for the size of the mapped box.
4.2.5 Remarks** Other means to obtain a qualitative model. Definition 3.5.1 describes a systematic way to obtain a qualitative model from a numerical model of the quantised system. However, there are several alternatives to obtain a qualitative model. One is stochastic qualitative identification described in [97] and applied to an industrial application in [101]. This method is based on data archives containing measurements of the system variables over a long period of time covering all possible operating conditions. The qualitative model is obtained by evaluating the frequency of measured qualitative state changes. As the qualitative model describes the system on an abstract level, it is also possible to obtain the model by using expert knowledge in form of rules or logic formulae. Similarly, other discrete representations like Petri nets can be transformed into SA [115]. A combination of qualitative identification and expert knowledge for qualitative modelling has been used in [101]. Other concise models of the quantised system. Section 3.5.2 defines the qualitative model such that regions in the state space are the states of the qualitative model. An alternative way is described in [100], [153] where the current quantised output as well as the l previous quantised inputs and outputs are used as states of a nondeterministic automaton. In [153] the I/O– completeness of such an automaton with respect to the quantised system is shown. Furthermore, it is shown that the length l of the “history” stored in
4.3 Relations between Quantisation and Properties of the Model*
105
the automaton state leads to a totally ordered set of qualitative models with respect to their accuracy (cf. relation (3.96)).
4.3 Relations between Quantisation and Properties of the Model* 4.3.1 State Space Partitions Adapted to the Stationary Behaviour* The stationary behaviour of the qualitative model is given by the stationary behaviour of the SA derived in Section 2.5.3. It is investigated under which conditions the stationary distributions of the qualitative model coincides with the stationary distributions of the quantised system. Stationary behaviour of autonomous quantised systems. First, only autonomous systems are considered. As explained in Section 3.4.2 the dynamics of the autonomous quantised system is described by px (x, k+1) = P px (x, k) ,
px (x, 0) = px0 (x) ,
where P is the Frobenius–Perron operator of the continuous–variable system. A stationary density p¯x (x) of the Frobenius–Perron operator must satisfy p¯x (x) = P p¯x (x) .
(4.21)
Such a density function is also called invariant density. With this, the aim that all stationary distributions of the qualitative model are equal to those of the quantised system can be formulated as !
¯ z = QN p¯x (x) , p
(4.22)
where QN denotes the density quantiser defined by eqn. (3.79). In the mathematical literature, the stationary densities of the Frobenius–Perron operator have been studied in detail (cf. e.g. [62], [95]). However, the focus there is on cases in which the system (3.46) behaves chaotically or its attractors have complex structures [87], [192]. Such behaviours are of minor interest in the context of qualitative modelling, as systems treated on a supervision level are in general controlled systems with simpler dynamics. Therefore, the following investigations are restricted to systems for which the limit value ¯ = limk→∞ x(k) exists for all initial conditions x0 ∈ Rn . The points x ¯ in x the state space to which the state of the system converges are called fixed ¯ = g a (¯ points of the system. They are obtained from the condition x x). In the following, it is assumed that the fixed points do not lie on a boundary between two partition sets.
106
4. Further Aspects of Modelling Quantised Systems*
Asymptotically stable systems. A system is called asymptotically stable ¯ [87]. if every trajectory ends in a unique asymptotically stable fixed point x Hence, for any given partition, the quantised system has the unique quantised stationary distribution [¯ x]
¯ qs p z = δN ,
(4.23)
where δ iN ∈ W N denotes the unit vector (0 . . . 1 . . . 0) where the i-th element is equal to one. The following theorem formulates a necessary and sufficient condition on the state space partition such that the qualitative model satisfies ¯ qs ¯z = p p z . Lemma 4.3.1. The qualitative model of an autonomous quantised system ¯ with embedded continuous–variable system with a single stable fixed point x has the stationary distribution (4.23) if and only if the state space partition is such that the automaton state z¯ = [¯ x] is absorbing, i .e. Ga (¯ z | z¯) = 1 holds. Proof. See Appendix C.5.
t u
0.36
02
0.53 0.57
0.36
0. 0.15
0.51
0.01 0.07
0.51
3
0.81
06
0.
0.81
0.34
11
0.
0.19
0.93
0.09
3
0.11
0.34
2
1
5
06
0.
0.17
07
0.
0.27
0.19
6
03
0.13
0.13
1
9
0.5
0.11
0.49
6
0.82
5
0.06
0.
4
02
0.12
0.2
8 0.05
7
0.36
0.94
9
0.06
0.94
8
0.
0.53
0.73 0.18
0.06
03
0.
4
0.09
7
0.54
0.76 0.35
1
0.19
2
0.09
0.85
Fig. 4.4. Automaton graphs of the two–tank system with orthogonal (left) and non–orthogonal (right) state space partition.
The condition Ga (¯ z | z¯) = 1 means that all points of the set Qx (¯ z ) are mapped onto this set, i.e. g a (x) ∈ Qx (¯ z ) must hold for all x ∈ Qx (¯ z ). From the ¯ asymptotic stability of the system, it is clear that a neighbourhood of x and, hence, a partition which fulfils this condition always exists. For sampled continuous–time systems, these are for example all sets Qx (¯ z ) bounded by a contour line v(x) = const. of a Ljapunov function v(x) of the system. Concerning the limiting distribution of the qualitative model, the following holds.
4.3 Relations between Quantisation and Properties of the Model*
107
Lemma 4.3.2. Under the conditions of Lemma 4.3.1 the stationary distribution is the limiting distribution of the qualitative model for all initial conditions. Proof. See Appendix C.6.
t u
Example 4.3.1. Consider the tank system of Section 1.4 with the valve V 12l closed, V12u opened, constant pump velocity vp (k) = 0.5 and no leak. With these settings, the two–tank system is autonomous, and asymptotically stable in Rn = [0, 0.6] × ¯ = (0.335 0.141)0 . With the state space partition shown on the [0, 0.6] with x left–hand side of Figure 3.6 and a sampling time of Ts = 5s, the qualitative model shown on the left–hand side of Figure 4.4 is obtained. The SA is reducible. From Lemma 2.5.4 it can be calculated that the SA has one stationary distribution, namely ¯z = ( 0 p
0.572
0
0
0.221
¯ qs p z
0
0
0.046
0.161 ) ,
(4.24)
δ 59 .
¯ yields whereas quantising x = That is, for the correct stationary qualitative state z¯ = 5 the qualitative model merely yields a probability of 0.221 for k → ∞. In Figure 4.5, an alternative state space partition is shown with several trajectories of the two–tank system that have each the temporal length of the sampling period. It can be seen that the elliptic set is chosen such that all trajectories point into that region. The qualitative model resulting from this partition is shown on the right–hand side of Figure 4.4, where the automaton states correspond to the nine regions like in Figure 3.6. It can be seen that Ga (5 | 5) = 1 holds, and that both ¯ qs ¯ z = δ 59 . the qualitative model and the quantised system yield p z = p
Fig. 4.5. Non–orthogonal partition of the state space for correct stationary behaviour of the qualitative model.
Systems with multiple fixed points. The above result is now extended ¯ i, i = to the case that the system has κ asymptotically stable fixed points x
108
4. Further Aspects of Modelling Quantised Systems*
1, . . . , κ . The attraction area of each asymptotically stable fixed point is denoted by X i , assuming that the attraction areas cover almost the whole ˆ = Rn \ Sκ X i of the state space state space. That is, the “remainder” X i=1 consisting of points not converging to one of the asymptotically stable fixed ˆ ) = 0. That is, for almost all ¯ i is assumed to have zero measure: λn (X points x ˆ , the trajectory ends in one fixed point x ¯ i. initial conditions, i.e. for x0 6∈ X The stationary distributions of the quantised system can be formulated like above for any partition. Only for simplicity of presentation it is assumed that each fixed points lies in a different partition set. With this, there are κ quantised stationary distributions of the quantised system: [¯ x ]
i ¯ qs p z,i = δ N ,
i = 1, . . . , κ .
(4.25)
Recall that an autonomous SA must have κ irreducible sets of states in order ¯ iz (cf. Section 2.5.3). Furto posses κ elementary stationary distributions p ther, all stationary distributions of the SA are convex combinations of the ¯ iz as described by eqn. (2.54). As the elementary stationary distributions p stationary distributions of the quantised system are given by eqn. (4.25), the elementary distributions of the SA must have the form (4.25). Otherwise the stationary behaviour of the SA cannot be equal to the stationary behaviour of the quantised system. Denoting the set of all quantised states containing ¯x = {[¯ a fixed point by N x1 ], [¯ x2 ], . . . , [¯ xκ ]} ⊆ Nx , the following result is obtained. Identical stationary distributions of an autonomous quantised system and its qualitative model Theorem 4.3.1. The qualitative model of an autonomous quantised system with embedded continuous–variable system with κ asymptoti¯ i , i = 1, . . . , κ has κ stationary distributions cally stable fixed points x of the form (4.25) if and only if the state space partition is such that all ¯x are absorbing, i .e. Ga (¯ qualitative states z¯i = [¯ xi ], [¯ xi ] ∈ N zi | z¯i ) = 1 holds for all i = 1, . . . , κ. Proof. See Appendix C.7.
t u
Note that Theorem 4.3.1 does not mean that for a given numerical initial ¯ i the limiting distribution of the qualitative model state x0 converging to x [x ] [x¯ ] initialized with pz (0) = δN 0 is δ N i . Theorem 4.3.1 only guarantees that the the stationary distributions of the quantised system are also stationary distributions of the qualitative model. However, the theorem does not say for which initial conditions the limiting distribution of the SA, which is always a convex combination of its elementary stationary distributions, coincides with the limiting distribution of the quantised system. Hence, choosing the initial
4.3 Relations between Quantisation and Properties of the Model*
109
[x ]
distribution pz (0) = δN 0 for the SA does not mean that limk→∞ pz (k) = [x¯ ] δ N i holds. However, the partition can be chosen such that [x¯ ]
[x ]
¯ i = lim x(k), x(0) = x0 ⇒ δ N i = lim pz (k), pz (0) = δ N 0 x k→∞
k→∞
(4.26)
ˆ . The holds for almost all x0 ∈ Rn , i.e. all initial conditions satisfying x0 6∈ X following results gives a necessary and sufficient condition for the state space partition such that relation (4.26) holds. Lemma 4.3.3. Relation (4.26) holds for almost all x0 ∈ Rn if and only if, in addition to the conditions of Theorem 4.3.1, the state space partition is ˜x,i , i = 1, . . . , κ such that there exists a partition of the set Nx into sets N ˜ with [¯ xi ] ∈ Nx,i , i = 1, . . . , κ that are closed sets of states in the qualitative model. Proof. See Appendix C.8.
t u
Systems with stable invariant manifolds. Before illustrating the above results by an example, they are first extended to systems having a continuum of asymptotically stable fixed points, so called asymptotically stable invariant manifolds [9], [26]. For simplicity of presentation, it is assumed that the system has one compact invariant manifold. In contrast to the above, the invariant manifold is given by a set ¯ ⊂ Rn = {¯ ¯ = g (¯ x|x x)} , (4.27) X a
lying in an 0 < n ¯ ≤ n dimensional subspace of Rn . Asymptotic stability of ¯ holds for all the manifold means that it is assumed that lim k→∞ x(k) ∈ X x(0) ∈ Rn . ¯ does not lie on the boundary between two partition It is assumed that X sets. More precisely, this means that if δQx (i) denotes the hull of a partition ¯ ∩δQx (i)) = 0 holds for all i = 1, . . . , N . However, set, it is assumed that λn¯ (X the invariant manifold can extend over several partition sets. The set of all quantised states in which the manifold lies is denoted by ¯ ) > 0} = {[x] , [x] , . . . , [x] } ⊆ Nx . (4.28) ¯x = {[x] | λn¯ (Qx ([x]) ∩ X N 1
2
κ
With this, Theorem 4.3.1 and Lemma 4.3.3 equivalently hold, i.e. if and ¯x are absorbing and each qualitative only if all qualitative states [x]i of N ˜x,i , state belongs to a different closed set of states Nx,i , where the sets N i = 1, . . . , κ partition Nx , then the limiting distributions of the qualitative model and the quantised system coincide for almost all initial conditions x0 or [x0 ] respectively. That is, the same conditions on the state space partition are obtained if a continuum of asymptotically stable fixed points lies in a set Qx (i). Example 4.3.2. Consider the tank system of Section 1.4 with the valve V 12l closed, V12u opened, pump off and no leak in the left tank. With this, the autonomous system has an asymptotically stable compact invariant manifold given by:
110
4. Further Aspects of Modelling Quantised Systems* ¯ = {x = (x1 , x2 )0 | x1 ∈ [0, 0.3], x2 = 0} . X
(4.29)
On the left–hand side of Figure 4.6, the invariant manifold and trajectories of the system each with a temporal length corresponding to the sampling time of 5 seconds are shown. Furthermore, the figure shows the state space partition. The partition is such that the conditions of Theorem 4.3.1 as well as of Lemma 4.3.3 are satisfied. This can be verified at the resulting qualitative model shown on the right–hand side of the figure. The invariant manifold lies in the two partition sets Qx (1) and Qx (2). Hence, according to Theorem 4.3.1, Ga (1|1) = 1 and Ga (2|2) = 1 must hold, which is satisfied by the SA. Lemma 4.3.3 is satisfied because the set of automaton states ˜x,1 = {1, 4, 7} and N ˜x,2 = {2, 3, 5, 6, 8, 9} can be partitioned into two closed sets N ¯ 1z = δ 19 containing [x] = 1 or [x] = 2 respectively. It can easily be calculated that p ¯ 2z = δ 29 are the two stationary distributions of the qualitative model. and p
Fig. 4.6. Trajectories of the two–tank system and state space partition (left) and resulting qualitative model (right).
The SA shown in Figure 4.6 can be compared to the SA shown on the left–hand side of Figure 2.5 which is the qualitative model of the two–tank system for the same configuration but with the orthogonal state space partition shown on the left– hand side of Figure 3.6. Due to the rectangular shape of Qx (2) the SA is such that ¯ 2z 6= δ 29 is obtained (cf. Example in Section 2.5.3). Ga (2|2) = 0.97 holds. Hence, p The set Qx (1) of the orthogonal partition and of the partition in Figure 4.6 are ¯ 1z = δ 19 . However, starting in the same. Therefore, the SA of Figure 2.5 also yields p z = 7 yields the limiting distribution limk→∞ pz (k) = ( 0.355 0 0.548 0 0 0.083 0 0.009 0.005 )0 . ˜x,1 = {1, 4, 7} of qualitative states of the SA in Figure 2.5 This is because the set N is not closed. Comparing the orthogonal partition with the partition in Figure 4.6 ˜x,1 = {1, 4, 7} is made a closed set by forming the region Qx (7) shows that N according to the flow of the vector field.
4.3 Relations between Quantisation and Properties of the Model*
111
Remark 4.3.1. The formulation of Theorem 4.3.1 refers to asymptotically stable ¯ i = ∞. Systems with fixed points. This does not exclude infinity, i.e. fixed points x such fixed points are usually referred to as, at least for some initial conditions, unstable systems. However, using a single unbounded partition set ensuring that none of its states map to a bounded set yields an absorbing qualitative state including infinity and hence a correct stationary behaviour of the qualitative model. Extension to non–autonomous systems. As the previous section has shown, the partition must be set in accordance with the dynamics of the continuous–variable system to obtain a qualitative model with the corresponding stationary properties as the quantised system. Hence, if the system dynamics change with an input, the partition of the state space needs to change too. Since only one state space partition can be chosen for all inputs, ideal stationary behaviour can, in general, not be obtained for all inputs. However, results from the autonomous case extended to non–autonomous systems can yield “better” stationary behaviour of the qualitative model than arbitrary partitions as the following considerations show. Discrete–variable inputs. First, a quantised system is considered where the injector assigns to each quantised input [u] = i a fixed input vector ui , i = 1, . . . , M . Then, for each constant input [u], the quantised system is equal to an autonomous quantised system considered in the previous section. Hence, under the same conditions as in the previous section, a partition can be set up in accordance with Theorem 4.3.1 and Lemma 4.3.3 separately for each quantised input. However, merging the obtained partitions does not necessarily yield a qualitative model with the same stationary distributions as the quantised system. The results for merged partitions are not derived formally but illustrated using an example.
Fig. 4.7. Merged non–conflicting (left) and conflicting (right) partition of the state space for non–autonomous systems.
Example 4.3.3. Consider Examples 4.3.1 and 4.3.2 of the two–tank system. Using the two discrete inputs u = 0.5 and u = 0 for the pump, the first or second example
112
4. Further Aspects of Modelling Quantised Systems*
is obtained, respectively. On the left–hand side of Figure 4.7, a partition resulting from Theorem 4.3.1 and Lemma 4.3.3 is shown, where the partitions, obtained separately for each input, are merged. As the bounds derived for both inputs do not cross each other, the depicted partition yields a qualitative model with correct stationary behaviour for both inputs. Obviously, merging the partitions can lead to conflicts in the sense that partition sets designed for separate inputs overlap such that the resulting shapes violate the conditions of Theorem 4.3.1 or Lemma 4.3.3. Such a situation is shown on the right–hand side of Figure 4.7 for the two–tank system. Shown is the case that the elliptic partition set necessary for correct stationary behaviour for u = 0.5 is divided into two sets from the partition obtained for u = 0. It is intuitively clear that quantised systems exist for which such a conflict cannot be avoided by any shape of the partition. However, conflicting merged partitions yield in principle the same information concerning the stationary behaviour as the separate partition before merging. This is shown at the conflicting partition shown on the right–hand side of Figure 4.7. The qualitative model resulting from this partition yields for u = 0.5 the stationary distribution: ¯z = ( 0 p
0
0.2135
0.7865
0
0 )0 .
(4.30)
4 This distribution is different from the stationary distribution pqs z = δ 6 of the quan¯ z is such that the probability for the elliptic set as a whole tised system. However, p is still one. This means that the automaton states z = 3 and z = 4 form an irreducible set of states. In other words, if the partitions are designed for each input ¯x,i are absorbing, then the merged partition can either still such that the states of N have these absorbing states (left–hand side of Figure 4.7), or some of the absorbing states become an irreducible set of two or more states, like qualitative states 3 and 4 on the right–hand side of Figure 4.7.
Continuous–variable inputs. Finally, continuous–variable inputs are considered. For each qualitative input, conditions on the partition will be derived such that the stationary behaviours of the quantised system and the qualitative model coincide. The partitions derived separately for each input are then merged with the same restrictions explained in the previous section. For simplicity, it is assumed that the system has a single asymptotically stable fixed point for all inputs. The set Qu (¯ v ) of numerical inputs u corresponding to the quantised input [u] = v¯ is considered. In general, the fixed point depends upon the input. That is, the location of the fixed point is described by a function ¯ =g ¯ (u). Assuming that the function g ¯ (u) is continuous, the Q u → Rn : x region of fixed points under any input u ∈ Qu (¯ v ) is a compact set given by: ¯ = {x | x = g ¯ (u), u ∈ Qu (¯ v )} ⊆ Rn . X From this, a result similar to Lemma 4.3.1 is obtained. Lemma 4.3.4. The qualitative model of a quantised system with embedded continuous–variable system with a single asymptotically stable fixed point for v ) has, for constant qualitative input v¯, the same stationary all inputs u ∈ Qu (¯ distribution as the quantised system if the state space partition is such that
4.3 Relations between Quantisation and Properties of the Model*
113
¯ is absorbing under the automaton state z¯ corresponding to a set Qx (¯ z) ⊃ X the constant input v¯, i .e. if G(¯ z | z¯, v¯) = 1 holds. Proof. See Appendix C.9.
t u
In contrast to Lemma 4.3.1, it is difficult is to find a region satisfying the condition of Lemma 4.3.4 and its existence cannot be guaranteed. This is because a constant quantised input does not mean that the numerical input u is also constant. In fact, the numerical input can change its value at each time instance taking an arbitrary value from the set Qu (¯ v ). Hence, it is in general not possible to obtain such a region by determining sets for each numerical input u ∈ Qu (¯ v ) satisfying Lemma 4.3.1 and joining them. Instead, z ) must satisfy the the condition of Lemma 4.3.4 means that the set Qx (¯ condition ˆ = g(x, u), x ∈ Qx (¯ g(Qx (¯ z ), Qu (¯ v )) = {ˆ x|x z ), u ∈ Qu (¯ v )} !
⊆ Qx (¯ z) .
(4.31)
Equation (4.31) can be interpreted in two ways. If the condition is not satisfied either the shape of the set Qx (¯ z ) or the partition of the input space must be changed. The following example shows how sets Qx (¯ z ) and Qu (¯ v ) can be found such that condition (4.31) is satisfied.
Fig. 4.8. Construction of an input and state space partition according to the stationary behaviour.
Example 4.3.4. Consider the tank system of Section 1.4 with the valve V 12l closed, V12u opened, no leak and the pump velocity vp (k) as input. First, the input vp (k) = 0.5 is chosen. Considering this input as constant, the system becomes autonomous and Lemma 4.3.1 can be applied. For this input, Figure 4.5 shows a partition satisfying the condition of Lemma 4.3.1. That is, setting Qx (¯ z ) to the ellipsoid shown in Figure 4.5, the relation g(Qx (¯ z ), 0.5) ⊆ Qx (¯ z ) is satisfied. Now,
114
4. Further Aspects of Modelling Quantised Systems*
a neighbourhood of vp (k) = 0.5 is taken as set Qu (¯ v ). This is shown on the left– hand side of Figure 4.8. For the interval Qu (¯ v ) = [0.48, 0.55] the set Qx (¯ z ) maps onto itself for all u ∈ Qu (¯ v ) satisfying condition (4.31). The condition is violated if the interval Qu (¯ v ) is chosen too large. This is shown on the right–hand side of Figure 4.8 for Qu (¯ v ) = [0.2, 0.8]. There are two possible ways to proceed. Either, Qu (¯ v ) = [0.48, 0.55] is chosen as one quantised input or the shape of the set Qx (¯ z ) is modified in order to be able to further increase the size of Qu (¯ v ). However, using Qu (¯ v ) = [0.48, 0.55] as quantised input and the state space partition of Figure 4.5 yields an SA where the state z¯ is absorbing under the input v¯. Hence, according to Lemma 4.3.4, the stationary distributions of the qualitative model and the quantised system coincide. Similarly, the rest of the input space can be partitioned. The state space partition is obtained by merging the partitions for all quantised inputs each satisfying the conditions of Lemma 4.3.4, as described above.
Remark 4.3.2. According the above result, it is possible to find a state and input space partition such that the stationary distributions of the quantised system become stationary distributions of the qualitative model for a large class of quantised systems. However, this cannot, in general, be extended to limiting distributions. That is, to formulate a result similar to Lemma 4.3.3 requires that the manifolds separating attraction areas do not depend on the input. This is generally not the case. 4.3.2 State Space Partitions Adapted to the Dynamical Behaviour* The discussion in the previous section has shown that for autonomous systems, state space partitions can be derived for which the quantised system and the qualitative model have the same stationary and limiting distributions. It has further been shown that ideal stationary behaviour for non– autonomous system cannot always be achieved. However, as explained in the previous section, partitions of non–autonomous systems that result from merging partitions designed separately for each input are still related to the ideal stationary behaviour and are therefore preferable. In this section, it is shown how partitions yielding qualitative models with the same stationary and dynamical behaviour as the quantised system can be constructed. It will be shown that partitions which yield ideal dynamical behaviour are partitions for ideal stationary behaviour plus additional constraints on the partition sets. This section is restricted to autonomous systems as in the non–autonomous case, no precise results can be derived. As aforementioned, merged partitions yield, in general, a satisfactory behaviour of the qualitative model of non– autonomous quantised system, as the partition is then adapted to the system dynamics for the different quantised inputs.
4.3 Relations between Quantisation and Properties of the Model*
115
In the following, systems satisfying the conditions of Theorem 4.3.1 or systems with invariant manifolds described in Section 4.3.1 are considered. The starting point of the following considerations are partition sets satisfying Theorem 4.3.1, and do thus already yield ideal stationary behaviour of the qualitative model. Conditions on the shape and number of the remaining regions will be derived such that the qualitative model has the same dynamical behaviour as the autonomous quantised system. With such partitions, the quantised system has the Markov property, i.e. it satisfies eqn. (3.80), because the quantised system in this case can be represented by a Markov chain (cf. Section 2.2). Therefore, state space partitions of quantised systems which posses the Markov property are called Markov partitions. A special case of Markov partitions are deterministic partitions, i.e. partitions that result in a deterministic behaviour of the quantised system. Such partitions are considered first. Conditions for such partition have first been investigated in [111], where for a given partition, rather restrictive conditions are derived for an embedded linear continuous–variable system such that the quantised systems yields deterministic behaviour. Similarly, for embedded linear systems, a first approach to deterministic partitions is given in [97] which has been extended to a larger class of deterministic partitions in [116]. Based on the results in [116] this is extended to nonlinear systems in the following. ¯z yielding Deterministic partitions. Consider any set Qx (¯ zi ) with z¯i ∈ N a qualitative model with Ga (¯ zi | z¯i ) = 1 (cf. Theorem 4.3.1). The set g −1 zi )) = {x | g a (x) ∈ Qx (¯ zi )} ⊆ Rn a (Qx (¯
(4.32)
zi ). has the property that all numerical states x it contains are mapped to Qx (¯ Hence a partition of the state space including the sets Qx (¯ zi +0) = Qx (¯ zi )
and
Qx (¯ zi +1) = g −1 zi )) \ Qx (¯ zi ) a (Qx (¯
(4.33)
yields a qualitative model with Ga (¯ zi | z¯i ) = 1 and Ga (¯ zi | z¯i + 1) = 1. Further sets are constructed by iteratively mapping Qx (¯ zi +1) with g −1 a yielding: Qx (¯ zi +2) = g −1 zi +1)), . . . , a (Qx (¯ Qx (¯ zi +νi +1) = g −1 zi +νi )), . . . . a (Qx (¯ The obtained sets, Qx (¯ zi+νi ), partition the state space and yield a qualitative model for which Ga (¯ zi + νi | z¯i + νi + 1) = 1 holds for all νi . Doing this for all quantised states containing fixed points leads to the following algorithm which can be used for all autonomous quantised systems with non–singular transformation g a with asymptotically stable fixed points.
116
4. Further Aspects of Modelling Quantised Systems*
Natural state space partition Algorithm 4.1 Given: System (3.100) with asymptotically stable fixed points Disjoint sets Qx,i with g a (Qx,i ) ⊆ Qx,i , i = 1, . . . , κ Maximum number of mappings per set νimax , i = 1, . . . , κ Do:
For i = 1, . . . , κ P −1 set z¯i := 1 + ij=1 Nj set Qx (¯ zi ) := Qx,i determine Qx (¯ zi +1) := (g −1 zi )) \ Qx (¯ zi )) ∩ Rn a (Qx (¯ set νi = 1 do until λn (Qx (¯ zi +νi )) = 0 or νi = νimax determine Qx (¯ zi +νi +1) := (g −1 zi +νi ))) ∩ Rn a (Qx (¯ set νi := νi +1 loop set Ni := νi +1 Loop P Result: Disjoint sets Qx (j), j = 1, . . . , N with N = κi=1 Ni
If Algorithm 4.1 is stopped because the maximum number νimax of sets for the attraction area of fixed points in Qx (¯ zi ) is reached, the sets Qx (j) obtained from Algorithm 4.1 only cover a subset of Rn . In general the remainder of zi + νimax ), resulting in a the state space maps to itself as well as to Qx (¯ nondeterministic behaviour [116]. Hence, the quantised system can only be deterministic in the set R˜n =
N [
Qx (j) .
j=1
Only if Ni ≤ νimax holds for all i = 1, . . . , κ then the sets Qx (j) do cover the whole state space R˜n = Rn . As the sets Qx (j) determined by Algorithm 4.1 are disjoint, they are a partition of R˜n . Note that from the construction of R˜n follows that g a can be defined on this subset, i.e. g a : R˜n → R˜n holds. Definition 4.3.1. A state space partition obtained by Algorithm 4.1 is called natural partition of R˜n for a given autonomous quantised system. Note that the only freedom in designing a natural partition concerns the shape of the partition sets containing fixed points. All other partition sets are thereby determined. Example 4.3.5. Consider the tank system of Section 1.4 with the valve V 12l closed, V12u opened, pump off and no leak. A partition for correct stationary behaviour is shown in Figure 4.6. Giving the two sets containing fixed points to Algorithm 4.1 yields the natural partition shown on the left–hand side of Figure 4.9. The corresponding qualitative model is the deterministic automaton shown on the right–hand side of the figure.
4.3 Relations between Quantisation and Properties of the Model*
117
Fig. 4.9. Natural state space partition for the two–tank system (left) and resulting qualitative model (right).
Fig. 4.10. Qualitative simulation with a natural partition (left) and an orthogonal partition (right). To show the advantage of natural partitions, the behaviour of a qualitative model based on the natural partition of Figure 4.9 is compared to a qualitative model with an orthogonal partition. The orthogonal partition is such that the interval [0, 0.6] of possible liquid levels is partitioned into 5 equally sized intervals for each state resulting in 25 qualitative states. Compared are the results of a simulation of the qualitative output, which is the outflow of the right tank partitioned like in previous examples into three intervals. As initial distributions for the simulation, the density px (x, 0) = 1X 0 /λ2 (X 0 ) with X 0 = [0, 0.1] × [0.35, 0.55] is quantised by the density quantisers QN corresponding to each state space partition. The results of the simulation are given in Figure 4.10. Shown are the probabilities of the qualitative outputs [y(k)] = 1, . . . , 3 obtained by using the qualitative model with the natural partition (left–hand side) and the orthogonal partition (right–hand side) for k = 0, . . . , 5. The probabilities are shown in grey scale, where the boxes correspond to the partition of the output space. To compare the results with those of the quantised system, the interval of outflows resulting from a simulation of the quantised system with the initial condition px (x, 0) are shown for each time step
118
4. Further Aspects of Modelling Quantised Systems*
Deterministic state space partition Algorithm 4.2 ˜ n into subsets Qx (l), l = 1, . . . , N Given: Deterministic partition of R Partition of any set Qx (˜ l), ˜ l 6= z¯i into sets Qx (˜ l, γ), γ = 1, . . . , Γ Do:
Set ν := 0 Set Nxrem := {1, . . . , N } \ {˜ l} For γ = 1, . . . , Γ ˜ x := (g −1 (Qx (˜ ˜n determine Q l, γ))) ∩ R a ˜ do until λn (Qx ) = 0 set ν := ν +1 ˜x set Qx (˜ l, Γ +ν) := Q ˜ x ∩ Qx (j)) > 0 holds determine Qx (j) for which λ(Q rem rem set Nx \ {j} := Nx ˜ x := (g −1 (Q ˜ x )) ∩ R ˜n determine Q a loop Loop + + + ˜ n into subsets Q+ Set the new partition of R x (l ) with l ∈ Nx = {1, . . . , N + }, N + = |Nxrem |+Γ +ν, by uniquely assigning to + ˜ each set Q+ x (l ) one of the sets Qx (l, γ), γ = 1, . . . , Γ + ν or Qx (l), l ∈ Nxrem ˜ n into sets Qx (l+ ), l+ = 1, ..., N + Result: New deterministic partition of R
as interval bars right of the probability bars. It can be seen that the qualitative model based on the natural partition yields considerably fewer spurious solutions while having less automaton states.
Further deterministic partitions. Every natural partition is a deterministic partition. However, there also exist other deterministic partitions. These partitions are based on natural partitions and are obtained by introducing further regions within any set of the natural partition. That is, a deterministic partition remains deterministic if any set Qx (¯ zi+j), 1 ≤ j < Ni is partitioned into subsets Qx (¯ zi+j, γ) and the sets obtained from Algorithm 4.1 by mapping Qx (¯ zi+j) with g −1 zi+j+νi ), a are also further partitioned. That is, all sets Qx (¯ νi = 1, . . . , Ni −j−1 must be partitioned according to the sets obtained from i zi +j, γ)). By this, the overall number of partition sets and thus the g −ν a (Qx (¯ granularity of the partition is increased. After mapping, all partition sets are renumbered by assigning a unique number to each set. The described method is summarised by Algorithm 4.2. Example 4.3.6. Consider the natural partition for the two–tank system shown in
Figure 4.9. To this partition, Algorithm 4.2 is applied, dividing Qx (3) into two sets Qx (3, 1) and Qx (3, 2). The result of Algorithm 4.2 is shown on the left–hand side of Figure 4.11, where the black bounds shown in the left part of this figure result from dividing Qx (3). The shown partition contains further bounds, depicted in
4.3 Relations between Quantisation and Properties of the Model*
119
grey, resulting from three further applications of Algorithm 4.2. First, the former set Qx (15) of Figure 4.9 is partitioned into two sets resulting in the dark grey bounds. In the resulting partition, the medium grey bound separating the sets Qx (23) and Qx (24) in Figure 4.11 was introduced, and thereafter, the light grey bound between the sets Qx (26) and Qx (27). The qualitative model resulting from the derived deterministic partition is shown on the right–hand side of the figure.
Fig. 4.11. Deterministic state space partition for the two–tank system derived from a natural partition (left) and resulting qualitative model (right).
The above example makes it clear that by means of Algorithm 4.2 arbitrarily fine partitions can in principle be obtained. However, the shape of most of the partition sets is determined by the system dynamics and cannot be chosen. Remark 4.3.3. In [97], deterministic partitions for linear systems x(k+1) = Ax(k) transformed to a canonical form where all eigenvalues of A are in its principal diagonal are considered. For such systems, it can be shown that orthogonal partitions, where the ratios between neighbouring partition bounds are the eigenvalues of A, are deterministic. In [118] it is shown that these partitions represent a subclass of the partitions obtained by Algorithm 4.2 for such linear systems. Dependence upon the sampling time. For sampled quantised systems introduced in Section 3.3.2, there is a straightforward dependence between the number of sets of a natural partition and the sampling time. Therefore, the bounds of the sets containing fixed points are considered. Following the solution curves φ(x, t) for all states x on these bounds backwards in time, the bounds of the natural partition are given by the solution curves at times φ(x, t − k · Ts ), k = 1, 2, . . .. Hence, doubling the sampling time to 2Ts means that the corresponding natural partition contains only every second bound. Similarly, for 0.5Ts between each pair of bounds at kTs and (k+1)Ts , a further
120
4. Further Aspects of Modelling Quantised Systems*
bound at (k + 0.5)Ts is introduced. This is shown in Figure 4.12. On the left–hand side, a natural partition with a sampling time of Ts = 10 seconds is shown, on the right–hand side with Ts = 2.5 seconds. Comparing these partitions to the partition in Figure 4.9 shows the above. In summary, this means that the smaller the sampling time Ts of a continuous–variable system is chosen, the higher is the number of partition sets of a natural partition.
Fig. 4.12. Natural state space partition for the two–tank system with a sampling time Ts = 10s (left) and Ts = 2.5s (right).
Markov partitions. The idea for the definition of Markov partitions is to allow possibly nondeterministic behaviour of the quantised system but such that eqn. (3.80) holds for all times k [117], [179]. For autonomous systems (3.46), this means that the condition Prob([x(k+1)] | [X(0 . . . k)]) = Prob([x(k+1)] | [x(k)])
(4.34)
shall hold for all times k and for all quantised state sequences. However, the probabilities of eqn. (4.34) do not only depend on the partition but also on the densities pix . Using the term Markov partition therefore always includes an assumption concerning the densities in order to ensure that eqn. (4.34) depends merely on the shape of the partition sets. In [179], the considerations are restricted to piecewise linear systems, which preserve piecewise constant density functions according to Section 3.6.2. In [116], Markov partitions are defined by restricting all densities to uniform distributions. This is generalised by the definition given below. Note that the probability Prob([x(k+1)] | [X(0 . . . k)]) of the qualitative states at times k+1 only depends on the initial distribution px0 (x). This leads to the following definition. Definition 4.3.2. A state space partition for which eqn. (4.34) holds for all times k and for all initial conditions px0 (x) satisfying px0 (x) = IN pz for any pz ∈ W N is called a Markov partition of the autonomous quantised system.
4.4 Bibliographical Notes
121
Obviously, Markov partitions depend on the system equation (3.46). It is intuitively clear but has yet to be proved that nondeterministic Markov partitions do not exist for arbitrary systems. In particular, neither the existence nor the precise definition of Markov partitions have been investigated for non–autonomous quantised systems. However, for autonomous quantised systems the following result holds, with the referred sets (3.85) and (3.87) simplified for the autonomous case. Autonomous quantised systems represented by stochastic automata Theorem 4.3.2. If and only if the state space partition is a Markov partition are the (quantised) dynamical behaviours (3.85) and (3.87) of a qualitative model and its originating autonomous quantised system identical for all times k. Then the autonomous quantised system is represented by its qualitative model. Proof. See Appendix C.10.
t u
It is clear that if the condition of Theorem 4.3.2 is satisfied the qualitative model generates no spurious solutions and (3.93) holds with equality sign. Lemma 4.3.5. Every deterministic partition of an autonomous quantised system is a Markov partition independently of the densities pix . Proof. See Appendix C.11.
t u
Remark 4.3.4. There also exist nondeterministic Markov partitions. Consider for example autonomous linear systems with Rn ⊂ IRn , λn (Rn ) < ∞ and uniform distributions pix . Then a nondeterministic Markov partition can be obtained by ˜ x ) > 0 holds. means of Algorithm 4.2 by exiting from the inner loop while λn (Q By exiting the loop, a qualitative state zi of the underlying natural partition is not further divided and thus has nondeterministic transitions to the sets that resulted from the last–performed inner loop of the algorithm. However, the linearity of the system guarantees that the mapped density IN δ zNi corresponding to state zi is represented by the uniform distributions in its qualitative successor states.
4.4 Bibliographical Notes The classical method to compute transition probabilities from one region of a partitioned space to another is point–mapping [69], [87]. It was originally introduced for the analysis of nonlinear autonomous systems and is also referred to as Monte–Carlo method [61]. In [97] it has first been applied to qualitative modelling and has been extended to non–autonomous system with output.
122
4. Further Aspects of Modelling Quantised Systems*
For systems satisfying a Lipschitz constraint, the hyperbox–mapping describes a new method to compute the qualitative model for given quantised system guaranteeing completeness of the obtained result. Independently of this method for qualitative modelling, a similar method for analysing the stationary behaviour of autonomous nonlinear systems has been developed [61]. These results are used in Lemma 4.2.1 to show the convergence of the computed transition probabilities to those of Definition 3.5.1. The second part of this chapter concerns the stationary behaviour of quantised systems in dependence upon the state space partition. This has not been investigated in literature so far. The derived methods use results on the stationary behaviour of continuous–variable systems (cf. [9], [26], [87] and [192]) and of Markov chains (cf. [56], [188] or [198]). A dynamical continuation of the conditions derived for the stationary behaviour results in partitions yielding deterministic behaviour of autonomous quantised systems. Algorithms 4.1 and 4.2 describe their construction for a class of nonlinear systems. The presented methods extend earlier results in this field that concern either merely linear systems [97], [111] or are restricted to orthogonal partitions [83], [111].
5. Automata Theory for Process Supervision
In this chapter the state observation and fault diagnostic problems are posed and solved for stochastic automata. The observation problem is introduced in Section 5.1, solved in Section 5.2 and discussed in Section 5.3. In Section 5.4 results in the observability of stochastic automata are given. Next, the fault diagnostic problem is posed and solved based on the solution to the state observation problem in Sections 5.5 and 5.6. Diagnosability is then discussed in Section 5.7 and several extensions relevant to the practical application of the presented methods are given in Section 5.8.
5.1 State Observation Problems 5.1.1 Problem Statement The state observation of a stochastic process concerns the situation in which the state is to be determined from the input and output measurements obtained from a realisation of the process. The task can either be to observe the initial state or to reconstruct the state at time instance k up to which measurements are available (cf. Figure 5.1). In this section stochastic processes represented by stochastic automata (SA) are considered. Whenever the term stochastic process (SP) is used in the following sections, it always refers to processes represented by SA, i.e. Markov chains with input and output. The following two observation problems are posed: Initial state observation problem. Given: SP represented by the SA S(Nz , Nv , Nw , L). Sequences V (0 . . . k), W (0 . . . k) of input and output symbols. A–priori initial state distribution Prob(z(0)). Find: A–posteriori initial state distribution Prob(z(0) | V (0 . . . k), W (0 . . . k)).
J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 123-167, 2003. Springer-Verlag Berlin Heidelberg 2003
124
5. Automata Theory for Process Supervision
v ( k)
Markov process z ( k)
w ( k)
Stochastic automaton State observer Prob( z ( k) V (0... k), W(0... k) )
Fig. 5.1. Current state observation problem.
Current state observation problem. Given: SP represented by the SA S(Nz , Nv , Nw , L). Sequences V (0 . . . k), W (0 . . . k) of input and output symbols. A–priori initial state distribution Prob(z(0)). Find: Current state distribution Prob(z(k) | V (0 . . . k), W (0 . . . k)). It will be shown in the following that both observation problems yield, in general, no unique solution but sets of more than one possible state. These sets are denoted by Zk (0 | V, W ) = {z(0) | Prob(zp (0) = z(0) | V (0 . . . k), W (0 . . . k)) > 0}
(5.1)
and Zk (k | V, W ) = {z(k) | Prob(zp (k) = z(k) | V (0 . . . k), W (0 . . . k)) > 0} (5.2) which include all states z(0) or z(k) from or to which the automaton may move while getting the given input sequence and generating the given output sequence. As will be discussed in Section 5.4 in detail, observability definitions given in literature concern only the situation in which the sets Zk (0 | V, W ) or Zk (k | V, W ) become singletons for a finite time horizon k and, hence, the state can be unambiguously determined. Here, the observation problem is solved under the more general condition that both sets may have more than one element for all times k. 5.1.2 Existence of Solutions to the Observation Problems This section investigates the existence of a solution to both observation problems. A pair (V, W ) of an input sequence V ∈ Nvk+1 and an output sequence W ∈ Nwk+1 is called I/O pair. Roughly speaking, solutions exist if the given I/O pair can “occur” for the given SP. That is, V must be an admissible input sequence and an initial state z(0) must exist such that the SP generates the given output sequence W with non–vanishing probability. According to
5.2 Solution to the State Observation Problems
125
eqn. (2.24) and the definition of the behavioural relation, the set of admissible input sequences V (0 . . . k) considered in this book is given by Nvk+1 . Definition 5.1.1. An I/O pair is called consistent with the SA, if V is an admissible input sequence and there exists an initial state probability distribution Prob(z(0)) such that eqn. (2.30) yields a non–vanishing probability Prob(W |V ). This and the following definitions or results analogously hold for the SP represented by an SA. That is, an I/O pair is called consistent with an SP if it is consistent with the SA representing the SP. Lemma 5.1.1. An I/O pair (V, W ) is consistent with the SA (SP), if and only if the two conditions 1. the lengths |V | and |W | of the input and output sequences are equal (5.3) X 2. L(k) · L(k−1) · ... · L(0) > 0 holds for V (0 . . . k) and W (0 . . . k) (5.4) Z(0...k+1)
are satisfied, with the abbreviation L(k) given in eqn. (2.31). Proof. See Appendix C.12.
t u
Note that the consistency of an I/O pair (V, W ) with the SA implies that P (W, V ) = P (W |V ) · P (V ) > 0
(5.5)
holds because for each admissible input sequence, P (V ) > 0 is valid. The connection between the consistency of the pair (V, W ) and the existence of solutions to the observation problems is obvious. The consistency guarantees that an initial state distribution exists such that Prob(W |V ) > 0 holds (cf. Proof of Lemma 5.1.1). Hence, there exists at least one state sequence Z(0 . . . k) for which Prob(Z|V, W ) > 0 holds. The first element z(0) of this state sequence belongs to Zk (0 | V, W ) and the last element z(k) to Zk (k | V, W ). If no such initial state distribution exists, then there is no state sequence such that the SA generates the output sequence W . This result is summarised in the following corollary. Corollary 5.1.1. Solutions to both observation problems exist if and only if the I/O pair (V, W ) is consistent with the SP.
5.2 Solution to the State Observation Problems 5.2.1 General Solution In this section, the solution to the state observation problem is presented and illustrated with a simple example.
126
5. Automata Theory for Process Supervision
The solution to the observation problem requires one additional assumption. This concerns the conditional independence of the current input of the states given the previous inputs and outputs: Prob(v(k) | Z(0 . . . k), V (0 . . . k−1), W (0 . . . k−1))
(5.6)
= Prob(v(k) | V (0 . . . k−1), W (0 . . . k−1)) . This assumption is referred to as independence of the current input of the state. Condition (5.6) is satisfied as long as there is no feedback from the output w to the input of the SP. However, certain kinds of feedback are allowed as the input does not necessarily need to be independent of previous inputs and outputs. From the structure of the observation problem shown in Figure 5.1, it is clear that the conditional independence of v(k) from the states Z(0 . . . k −1) given the measurements up to time k −1 always holds because the measurements represent all available information about the state up to time k−1. However, condition (5.6) additionally requires the independence of v(k) of the current state z(k). As the output w(k) in general depends on z(k), this means that direct feedback from the output of the SP to its input must be excluded. Hence, if the feedback is via a dynamical system, it must not have a stochastic direct feedthrough (cf. Section 2.5.1). This will be discussed in more detail in Section 7.2.3. Throughout this chapter it is assumed that eqn. (5.6) holds without further reference to it. Observation of state sequences Theorem 5.2.1. Consider an SP with the a–priori initial state probability distribution Prob(z(0)). If the I/O pair (V, W ) is consistent with the SP and the current input is independent of the current state, the following relation holds: Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) P z(k+1) L(k) · . . . · L(1) · L(0) · Prob(z(0)) P . = Z(0...k+1) L(k) · . . . · L(1) · L(0) · Prob(z(0)) Proof. See Appendix C.13.
(5.7) t u
Equation (5.7) describes for all Z(0 . . . k) ∈ Nzk+1 the probability that the SA with input sequence V (0 . . . k) has generated the state sequence Z(0 . . . k) provided that the output sequence W (0 . . . k) has occurred. From Theorem 5.2.1, the solutions to both observation problems can be obtained by determining the boundary distributions Prob(z(0) | V (0 . . . k), W (0 . . . k)) X = Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) Z(1...k)∈Nzk
5.2 Solution to the State Observation Problems
127
or Prob(z(k) | V (0 . . . k), W (0 . . . k)) X = Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) Z(0...k−1)∈Nzk
of the distribution (5.7), respectively. The results are summarised in the following theorem, which is a direct consequence of Theorem 5.2.1. Theorem 5.2.2. Consider an SP with the a–priori initial state probability distribution Prob(z(0)). If the I/O pair (V, W ) is consistent with the SP and the current input is independent of the current state, the a–posteriori initial and current state distributions are given by Prob(z(0) | V (0 . . . k), W (0 . . . k)) P Z(1...k+1) L(k) · L(k−1) · . . . · L(1) · L(0) · Prob(z(0)) =P Z(0...k+1) L(k) · L(k−1) · . . . · L(1) · L(0) · Prob(z(0))
(5.8)
and Prob(z(k) | V (0 . . . k), W (0 . . . k)) P Z(0...k−1),z(k+1) L(k) · L(k−1) · . . . · L(1) · L(0) · Prob(z(0)) P = , (5.9) Z(0...k+1) L(k) · L(k−1) · . . . · L(1) · L(0) · Prob(z(0)) respectively, and the sets of initial or current states by eqns. (5.1) and (5.2).
w=1, 0.5
6
w=1, 0.5
7
w=1, 1
8
4
w=2, 1
1
w=1, 0.5
w=3, 1
5
w=1, 0.3
Note that the given initial state probability distribution Prob(z(0)) represents the a–priori knowledge about the initial state of the stochastic process whereas the probability distribution Prob(z(0) | V (0 . . . k), W (0 . . . k)) determined in eqn. (5.8) describes the a–posteriori probability distribution, which is obtained by exploiting the information about the initial state included in the I/O pair (V, W ).
w=2, 0.5
w=1, 0.5
2
w=1, 1
3
w=1, 1
w=1, 0.2
Fig. 5.2. Automaton graph.
Example 5.2.1. Consider the SP represented by the SA whose automaton graph is shown in Figure 5.2 and whose initial state distribution is given by
128
5. Automata Theory for Process Supervision
Table 5.1. Probability distributions Prob(Z | V, W ) of the example process. k=0 k=1 V (0 . . . 0) = (1) V (0 . . . 1) = (1, 1) W (0 . . . 0) = (1) W (0 . . . 1) = (1, 1) Z(0...0) Prob(Z|V, W ) Z(0...1) Prob(Z|V, W ) (1) 0.1818 (1, 1) 0.0923 (2) 0.1818 (1, 2) 0.1538 (3) 0.1818 (1, 3) 0.0615 (5) 0.1818 (2, 3) 0.3077 (6) 0.0909 (5, 5) 0.1538 (7) 0.1818 (5, 6) 0.0769 (6, 7) 0.1538 k=3 V (0 . . . 3) = (1, 1, 1, 1) W (0 . . . 3) = (1, 1, 1, 3) Z(0...3) Prob(Z|V, W ) (5, 6, 7, 8) 1
k=2 V (0 . . . 2) = (1, 1, 1) W (0 . . . 2) = (1, 1, 1) Z(0...2) Prob(Z|V, W ) (1, 1, 1) 0.0632 (1, 1, 2) 0.1053 (1, 1, 3) 0.0421 (1, 2, 3) 0.3509 (5, 5, 5) 0.1754 (5, 5, 6) 0.0877 (5, 6, 7) 0.1754
k=4 V (0 . . . 4) = (1, 1, 1, 1, 1) W (0 . . . 4) = (1, 1, 1, 3, 3) Z(0...4) Prob(Z|V, W ) (5, 6, 7, 8, 8) 1
Prob(z(0)) = { 0.125, 0.125, 0.125, 0.125, 0.125, 0.125, 0.125, 0.125 } . The SA is autonomous. Accordingly, the SA has a unique input symbol v = 1. The three different outputs are distinguished in Figure 5.2 by the colour and thickness of the edges, from thin black lines for w = 1 to thick light grey lines for w = 3. All state sequences which occur with non–vanishing probability for the input sequence V (0 . . . 4) = (1, 1, 1, 1, 1) and yield the output sequence W (0 . . . 4) = (1, 1, 1, 3, 3) are shown in Table 5.1 as well as their probabilities Prob(z(0) | v(0), w(0)), . . . , Prob(Z(0 . . . 4) | V (0 . . . 4), W (0 . . . 4)) obtained by means of eqn. (5.7). Note that Prob(z(0) | v(0), w(0)) which is shown in the second column of the table differs from the a–priori probability distribution Prob(z(0)) because the a–posteriori probability includes the information contained in the I/O pair (v(0), w(0)) = (1, 1). This is the reason why the states z = 4 and z = 8, which have the a–priori probability 0.125, do not appear in the first column. The a–posteriori initial and current state distributions obtained from Table 5.1 by means of eqns. (5.8) and (5.9), respectively, are shown in Figure 5.3. The sets Zk (0 | V, W ) and Zk (k | V, W ) include all states with nonzero probability corresponding to the grey and black boxes.
5.2.2 Recursive Form of the Solution For the practical application, the elements of the sequences V (0 . . . k) and W (0 . . . k) appear one after the other for k = 0, 1, 2, . . . and should be processed in this way. Therefore, the following recursive relation for determining the probability distribution and the solution set of the current state observation problem is important.
8 7 6 5 4 3 2 1
state z
state z
5.2 Solution to the State Observation Problems
0
1
time
3
4
129
8 7 6 5 4 3 2 1 0
1
time
3
4
Fig. 5.3. Observation results: A–posteriori initial state distribution (left) and a–posteriori current state distributions (right).
Recursive solution to the current state observation problem Theorem 5.2.3. Consider an SP with the a–priori initial state probability distribution Prob(z(0)). If the I/O pair (V, W ) is consistent with the SP and the current input is independent of the current state, the a–posteriori current state probability distribution is given by k>0: Prob(z(k) | V (0 . . . k), W (0 . . . k)) (5.10) P z(k+1) L(k) · Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) =P z(k),z(k+1) L(k) · Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) k=0:
P
Prob(z(0) | v(0), w(0)) = P
z(1)
L(0) · Prob(z(0))
z(0),z(1)
(5.11)
L(0) · Prob(z(0))
with the recursive relation k>1: Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) (5.12) P z(k−1) L(k−1)·Prob(z(k−1) | V (0 . . . k−2), W (0 . . . k−2)) =P z(k),z(k−1) L(k−1)·Prob(z(k−1) | V (0 . . . k−2), W (0 . . . k−2)) k=1:
P
Prob(z(1) | v(0), w(0)) = P
z(0)
L(0) · Prob(z(0))
z(1),z(0)
L(0) · Prob(z(0))
.
(5.13)
130
5. Automata Theory for Process Supervision
Proof. See Appendix C.14.
t u
Equation (5.12) describes a “prediction” of the state z(k) at time k−1 by using the information about the movement of the SA until time k−1. It is a recursive relation initialised at k = 1 by eqn. (5.13), determining Prob(z(k) | V (0 . . . k− 1), W (0 . . . k−1)) from Prob(z(k−1) | V (0 . . . k−2), W (0 . . . k−2)) and the new measurements v(k−1) and w(k−1). Hence, only the probability distribution Prob(z(k −1) | V (0 . . . k −2), W (0 . . . k −2)) consisting of N values has to be stored in an implementation of the observer (cf. Section 5.3.2). Equation (5.10) describes how the prediction from the previous time instance has to be corrected after the new measurements v(k) and w(k) became available. This step can be interpreted as a “projection” of the prediction onto the set of those states z(k) compatible with the latest measurements [126]. The result of the recursion is the a–posteriori probability distribution Prob(z(k) | V (0 . . . k), W (0 . . . k)) of the current state z(k) for the given measurements until time k. Remark 5.2.1. The recursive relations (5.10), (5.13) can be derived directly from an explicit representation of the probability distribution Prob(z(k+1), z(k) | V (0 . . . k), W (0 . . . k)) as shown in [131] and [169].
Remark 5.2.2. Theorems 5.2.1–5.2.3 also hold for processes represented by deterministic automata. Furthermore, they can be applied to descriptions based on nondeterministic automata either by using the transformation (2.43) or by replacing the probability distribution Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) by some indicator function which is positive whenever Z(0 . . . k) is a possible state sequence of the nondeterministic automaton [127].
5.3 Application of the State Observer 5.3.1 Properties of the State Observer The following remarks concern the application of both observation methods. The first two comments deal with problems that may appear if the results presented in Theorems 5.2.2 and 5.2.3 are used to implement an observation algorithm, which processes the measured sequences V and W . Section 5.3.2 presents such an algorithm. The following remarks concern extensions of the algorithm, necessary to handle inconsistent I/O pairs or wrong a–priori knowledge about the initial state of the SP. Inconsistent I/O pairs. If the I/O pair processed by the observation algorithm has been generated by the SP with an initial state z(0) for which
5.3 Application of the State Observer
131
Prob(zp (0) = z(0)) > 0 holds, the resulting I/O pair is consistent. However, in a practical application, the sequences may be subjected to some measurement noise, which may cause the I/O pair to become inconsistent. The question arises as to what happens with the observation result. Since the lengths of V and W are equal, the inconsistency of the given I/O pair leads to a violation of condition (5.4), which makes the denominators in eqns. (5.7)–(5.13) vanish. This means that no solutions to the observation problems are found. The observation algorithm should therefore be interrupted if the mentioned denominators become zero, as this indicates the inconsistency of the I/O pair. Such a test is included in the algorithm of Section 5.3.2. A-priori knowledge about the initial state. In the solutions to the state observation problems, the a–priori initial state distribution Prob(z(0)) has to be known. Since this a–priori knowledge is often not available, for the practical application, Prob(z(0)) is measured or “guessed”, and the question arises as to what happens if the a–priori knowledge about z(0) has a conflict with the initial state of the actual realisation of the SP. To answer this question, assume that Prob(ˆ z (0)) denotes the approximate initial state probability distribution and consider the sets Z0 = {z(0) | Prob(zp (0) = z(0)) > 0} ⊆ Nz , z (0) | Prob(ˆ zp (0) = zˆ(0)) > 0} ⊆ Nz . Zˆ0 = {ˆ The SP starts from an initial state z(0) ∈ Z0 , whereas in the observation algorithm it is assumed that the SP starts from some state z(0) ∈ Zˆ0 . The a–priori knowledge about the initial state has no conflict with the real system if the relation Zˆ0 ⊇ Z0 (5.14) holds. Then the solutions to the observation problems ensure that the relations z(0) ∈ Zk (0 | V, W ) and z(k) ∈ Zk (k | V, W ) are valid, i.e. the sets of initial or current automaton states determined by the observation algorithm include the true state of the SP. If the probability distribution Prob(ˆz (0)) used in the observation algorithm is different from the real distribution Prob(z(0)), the computed probability distributions might be wrong, but they will be accepted in practice as solutions to the observation problems due to the lack of a better a–priori knowledge. If, however, condition (5.14) is violated, it is possible that Prob(W | V, z(0)) is zero for all initial states z(0) ∈ Zˆ0 . Consequently, Zˆ0 ∩ Zk (0 | V, W ) = ∅ holds, which means that the solution to the initial state observation problem at time k is restricted to a set of states which has no intersection with the set Zˆ0 given by the a–priori knowledge. In this case, the denominators in eqns. (5.7)–(5.13) vanish and no solutions to the observation problems exist.
132
5. Automata Theory for Process Supervision
Like in the case of an inconsistent I/O pair, the violation of condition (5.14) makes the denominators vanish, which can be used as an indicator to stop the observation algorithm. This and the preceding remark show that the observation algorithm cannot distinguish between an inconsistent I/O pair and a wrong a–priori initial state distribution. As a consequence, in a practical application the set Zˆ0 has to be chosen “large enough”. A secure way is to assume Prob(ˆ z (0)) such that Zˆ0 = Nz holds, for example, by using the uniform initial state distribution 1 (5.15) for all zˆ ∈ Nz . N Current state observation starting from a known initial state. State observation problems are usually solved if the initial state z(0) is not known. However, for nondeterministic systems, the problem of reconstructing the current state makes sense also if z(0) is completely known as shown in the following example. Prob(ˆ zp (0) = zˆ) =
8 7 6 5 4 3 2 1
state z
state z
Example 5.3.1. Assume that in Example 5.2.1 the initial state is known to be z(0) = 1. If the automaton was deterministic, the current states z(k) could be determined unambiguously for given input sequence V . However, since the SA is nondeterministic, the current state observation problem remains to be solved. Simulation by means of eqn. (2.27) with the input sequence V (0 . . . 4) = (1, 1, 1, 1, 1) yields the result shown on the left–hand side of Figure 5.4. On the right–hand side of the figure, the observation result for the above input sequence and the output sequence W (0 . . . 4) = (1, 1, 1, 1, 1) is shown. For k = 1 the results obtained from simulation and from observation are equal because for all state transitions, the same output occurs (cf. Figure 5.2). However, since in state z = 4 the only possible output w = 2 contradicts the measurements, the simulation and the observation results differ for k > 1. In particular, the state observation yields the result that the automaton cannot be in state z = 4 whereas the simulation yields a high probability for this state.
0
1
time
3
4
8 7 6 5 4 3 2 1 0
1
time
3
4
Fig. 5.4. Comparison of simulation (left) and observation (right) for known initial state distribution.
5.3 Application of the State Observer
133
5.3.2 Observation Algorithm To show in which way the observation method developed in Section 5.2.2 can be applied, in the following an observation algorithm is described. It is based on the recursive solution given in Theorem 5.2.3 and the considerations given in the previous section. For its formulation, the following functions are used, where the variable z corresponds to the state z(k) at time instance k: function
corresponding to
pint : Nz → [0, 1] pres : Nz → [0, 1] haux : Nz → [0, 1]
Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) Prob(z(k) | V (0 . . . k), W (0 . . . k)) P z(k+1) L(k) · Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1))
The observation algorithm is given by Algorithm 5.1. Its formulation is such that it runs forever provided that the I/O pair is consistent and that the a–priori distribution satisfies condition (5.14). At the beginning of each loop, the algorithm waits for a new pair of measurements (v, w). This pair, the behavioural relation L and the N stored values of the function pint (z) are used to compute the observation result pres (z) and an update of pint (z). The computation of pres and pint is according to eqns. (5.10) and (5.12) respectively. A foregoing check guarantees that a division by zero cannot occur. As discussed in Section 5.3.1, a vanishing denominator indicates an inconsistent I/O pair or a wrong a–priori distribution. In this case the algorithm is aborted. Note that in each cycle of the algorithm, very few calculations have to be carried out. This makes the algorithm applicable under relatively strong real– time constraints. Since the algorithm is based on the recursive solution to the current state observation problem, neither its computational nor its storage complexity increases with the length of the measurement sequences V and W. 5.3.3 Stochastic Operator of the Observer** From an abstract point of view, a state observer is a dynamical system that obtains the I/O pairs as inputs and generates the observation result as output. Since the solution to the observation problem is not unique but described by the probability distribution Prob(z(k) | V, W ), the state observer is not a deterministic dynamical system but a stochastic process with input (v, w) ∈ Nv × Nw and output z ∈ Nz , where the output is generated with the probability Prob(z(k) | V, W ). In this section it will be shown that the state observer can be represented as stochastic operator, but it is in general no SA-operator, and hence cannot be represented by any SA. At first, this is an astonishing result, because the state observer uses the behavioural relation L of the given SA and “simply inverts” the automaton in order to determine the unknown state from the
134
5. Automata Theory for Process Supervision
Observation algorithm for stochastic processes represented by stochastic automata Algorithm 5.1 Given: Stochastic automaton S(Nz , Nv , Nw , L) A–priori initial state probability distribution Prob(ˆ z (0)) Do:
Set pint (z) = Prob(ˆ zp (0) = z) for all z ∈ Nz Do wait for new measurements v and w P z , w | z, v) · pint (z) for all z ∈ Nz determine haux (z) = z¯ L(¯ P if z haux (z) = 0 holds, stop the algorithm (inconsistent I/O pair or wrong initial state distribution) P P z )/ z haux (z) for all z ∈ Nz determine pint (z) = z¯ L(z, w | z¯, v)· pint (¯ P for all z ∈ Nz determine pres (z) = haux (z)/ z haux (z) Loop
Result: Current state probabilities pres (z)
known input and output. Hence, it is reasonable to presume that the observer itself can be represented by some SA. In order to use the notations introduced in Section 2.6, the state observer is treated as a process with a single input vobs that replaces the pair (v, w). The input vobs is defined via the bijective mapping Mobs : Mobs : Nv × Nw → Nvobs ,
vobs = Mobs (v, w) ,
−1 (v, w) = Mobs (vobs ) .
Vobs denotes a sequence of observer input symbols which is obtained by applying the mapping Mobs successively to all pairs (v, w) of the sequences V and W . The state observer does not define a mapping Nv∗obs × Nz∗ → [0, 1] because it does not yield any result Z if its input (V, W ) is an inconsistent I/O pair. In order to construct a stochastic operator representing the observer, the state ˜z = Nz ∪ {} on which set is extended by introducing the extended state set N the operator will be defined. To simplify the notation, the denominator of the state observer given by eqn. (5.9) is abbreviated by Π(Vobs (0 . . . k)) =
X
k Y
L(i) · Prob(z(0)).
Z(0...k+1) i=0
˜v∗ × Nz∗ → [0, 1]. The aim now is to construct a stochastic operator τ : N obs There are different possibilities how the operator can be defined for inconsistent I/O pairs. The following formulation of the operator is such that if
5.3 Application of the State Observer
135
the I/O pair becomes inconsistent at time k1 , a non–vanishing probability is associated with all state sequences that are continued by repeating the state , i.e. for inconsistent I/O pairs the operator shall yield Prob Z(0 . . . k) = (z(0), z(1), ..., z(k1 −1), , , ..., )| V (0 . . . k), W (0 . . . k) | {z } k−k1 +1 times
= Prob(Z(0 . . . k1 −1) | V (0 . . . k1 −1), W (0 . . . k1 −1)) . The operator τ (Z|Vobs ) is defined as follows: τ (Z(0 . . . k) | Vobs (0 . . . k)) P Qk i=0 L(i)·Prob(z(0)) z(k+1)Π(V obs (0...k)) 0 = τ (Z(0 . . . k−1) | V (0 . . . k−1)) obs 1
Π(Vobs (0 . . . k)) > 0 Π(Vobs (0 . . . k)) = 0 and z(k) ∈ Nz Π(Vobs (0 . . . k)) = 0, z(k) = and k > 0 Π(Vobs (0 . . . k)) = 0, z(k) = and k = 0 .
As long as the I/O pair is consistent, the equality τ (Z(0 . . . k) | Vobs (0 . . . k)) = Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) holds. The remaining three cases concern inconsistent I/O pairs. In the second case, the operator yields for inconsistent I/O pairs a probability of zero for sequences that end with some state z ∈ Nz . If the last state is , the probability is the same as that of the state sequence of length k−1, cf. case three. Finally, to the state sequence Z = () a probability of one is assigned if Π(vobs (0)) = 0 holds. ˜z , τ ) is a stochastic operator. Lemma 5.3.1. (Nvobs , N Proof. See Appendix C.15.
t u
Lemma 5.3.2. The state observer is, in general, no SA–operator and therefore, cannot be realised by any SA. Proof. See Appendix C.16.
t u
Remark 5.3.1. The reason why the observer is not an SA-operator is due to the fact that the state observer associates a non–vanishing probability only with those state sequences that the SA can follow for the given I/O pair with an increasing time k. If it becomes obvious from the I/O pair at time k+1 that a certain state z(k) which has been associated with a positive probability Prob(z(k) | V (0...k), W (0...k)) cannot have been assumed, the observer does not produce a continuation of the corresponding state sequence. As, in general, this “cutting off ” of probabilities does not end, no SA can represent the observer.
136
5. Automata Theory for Process Supervision
Remark 5.3.2. At the first glance, the result of Lemma 5.3.2 seems to contradict to the result of [140], where it is proved that the state observer of a nondeterministic automaton is itself a nondeterministic automaton. However, the latter result has to be considered under the assumption that the nondeterministic automaton is observable in the sense that it is possible to uniquely determine the automaton state. Hence, the observer has to reduce the set of possible automaton states until only one state remains. This selection process can be represented by an automaton. As no such assumption is made here, Lemma 5.3.2 is in accordance with this result. In fact, it appears that the observability condition of [140] identifies the class of SA for which the observer is an SA–operator. Remark 5.3.3. As a consequence of Lemma 5.3.2, state observers cannot be analysed by methods elaborated for stochastic automata. In particular, the convergence property, which is known to be a fundamental property of observers for continuous– variable systems, cannot be tested by using techniques concerning the stationary behaviour of SA described in Section 2.5.3. Remark 5.3.4. Finally it should be remarked that the observer can be interpreted as a continuous–variable system (3.1) with the input vector u = (v w)0 and the state vector x according to pint (z) (cf. Section 5.3.2). Hence, from the viewpoint of continuous system theory, the observer is an N –th order dynamical system.
5.4 Observability* The observability of an SP is an important issue for the application of the state observer. However, known results in automata theory always refer to the case that the automaton state can be determined unambiguously after a finite number of steps. Furthermore, most results for example in [140] or [104] refer to nondeterministic rather than stochastic automata. Therefore, in this section, a broader notion of observability of an SP is introduced. Other existing observability definitions are summarised and compared to the definitions given here in Section 5.4.4. 5.4.1 Stochastic Unobservability* Global stochastic unobservability. The following definition of observability is based on a comparison of the results that are obtained by using the I/O pair (V, W ) on one hand, and the input sequence V alone on the other. Roughly speaking, the SP is observable if it is possible to determine the state more precisely by exploiting the output information than using the input alone. Before giving the definition of observability, stochastic unobservability is first defined.
5.4 Observability*
137
Definition 5.4.1. An SP is called stochastically unobservable if the relation Prob(zp (1) = z 0 , wp (0) = w | zp (0) = z, vp (0) = v)
(5.16)
0
= Prob(zp (1) = z | zp (0) = z, vp (0) = v) · Prob(wp (0) = w | vp (0) = v) holds for all z 0 , z ∈ Nz , v ∈ Nv and w ∈ Nw . In Definition 5.4.1, the probability distribution Prob(wp (0) = w | vp (0) = v) means the probability of an output for given input without knowing the state. It can be thought of as mean probability of the output for all states of Nz : X Prob(wp (0) = w | vp (0) = v) = Prob(wp (0) = w | zp (0) = z, vp (0) = v)/N . z∈Nz
Definition 5.4.1 has an obvious interpretation. Equation (5.16) says that the output w does not depend on z and, hence, does not provide any information about the current automaton state. Furthermore, eqn. (5.16) implies that w does not depend on z 0 and, hence, the output does not provide any information about the successor state. Corollary 5.4.1. An SP is stochastically unobservable if and only if for the SA representing the SP, the following two conditions hold: 1. The value of the output relation H(w | z, v) does not depend on z and ˜ | v). That is, can, therefore, be written as H(w ˜ | v) = H(w | zi , v) H(w holds for all zi ∈ Nz , v ∈ Nv and w ∈ Nw . 2. The SA is a stochastic Mealy–automaton. That is, the SA satisfies relation L(z 0 , w | z, v) = G(z 0 | z, v) · H(w | z, v) for all z 0 , z ∈ Nz , v ∈ Nv and w ∈ Nw (cf . eqn. (2.44)). The consequences of stochastic unobservability are shown by comparing state observation with simulation. For both simulation and observation, the initial state distribution Prob(z(0)) and the input sequence V have to be known. In simulation, the current state probability distribution is determined by eqn. (2.27) which propagates the initial state probability distribution according to the state transition relation G of the SA and yields Prob(z(k) | V (0 . . . k−1)). Using eqn. (2.29), the set of states that the SP can assume at time k is given by Zk,sim (k | V ) = {z(k) | Prob(z(k) | V (0 . . . k)) > 0} . The state observer described by Theorem 5.2.2 has access to the additional information included in the output sequence W . It determines the probability distribution Prob(z(k)|V, W ) according to eqn. (5.9) and the set of
138
5. Automata Theory for Process Supervision
states Zk (k | V, W ) resulting from eqn. (5.2). The following result shows the consequence of unobservability: Lemma 5.4.1. If the SP is stochastically unobservable, then for all consistent I/O pairs (V, W ), the following relation holds: Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) = Prob(Z(0 . . . k) | V (0 . . . k)) . (5.17) Proof. See Appendix C.17. According to Lemma 5.4.1, the observation yields the same result as a simulation if the SP is unobservable. That is, the output sequence W (0 . . . k) does not include additional information compared to Prob(z(0)) and V (0 . . . k). The following corollary is a direct consequence of Lemma 5.4.1 and the fact that the solutions to the current and initial state observation problem are obtained from calculating the boundary distribution of the current and initial state of the distribution Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)). Corollary 5.4.2. If the SP is stochastically unobservable, then for all consistent I/O pairs (V, W ), the results of the current state observation and simulation are identical, i .e. the relations Prob(z(k) | V (0 . . . k), W (0 . . . k)) = Prob(z(k) | V (0 . . . k)) , Zk (k | V, W ) = Zk,sim (k | V )
(5.18) (5.19)
hold for all k. Furthermore, no information about the initial state is obtained from the I/O pair: Prob(z(0) | V (0 . . . k), W (0 . . . k)) = Prob(z(0))
∀k .
(5.20)
Local stochastic unobservability. The SP may not satisfy condition (5.16) for all z ∈ Nz , but only for a subset Nzu ⊆ Nz . Then the following definition applies: Definition 5.4.2. An SP is called locally stochastically unobservable within a set Nzu ⊆ Nz of at least two states (|Nzu | ≥ 2) if condition (5.16) holds for all z ∈ Nzu , z 0 ∈ Nz , v ∈ Nv and w ∈ Nw , with Prob(wp (0) = w | vp (0) = v) P = Prob(wp (0) = w | zp (0) = z, vp (0) = v)/|Nzu | .
(5.21)
z∈Nzu
The subsequent corollary follows immediately from Definition 5.4.2 and relation (2.22). Corollary 5.4.3. An SP is stochastically unobservable within a set of states Nzu ⊆ Nz , |Nzu | ≥ 2 if and only if for the SA representing the SP satisfies the following two conditions:
5.4 Observability*
139
Fig. 5.5. SA with a locally (left) or strongly (right) stochastically unobservable set of states.
1. The output relation H(w | z, v) does not depend on z within the set of ˜ | v). That is, states Nzu and can therefore be written as H(w ˜ | v) = H(w | zi , v) H(w holds for all zi ∈ Nzu , v ∈ Nv and w ∈ Nw . 2. The relation ˜ | v) L(z 0 , w | z, v) = G(z 0 | z, v) · H(w holds for all z ∈ Nzu , z 0 ∈ Nz , w ∈ Nw and v ∈ Nv , where G denotes the transition relation (2.5) of the SA. In Section 5.4.3, a result similar to Lemma 5.4.1 and Corollary 5.4.2 will be derived for the observation within an unobservable set of states Nzu . It is clear that if the SP is locally stochastically unobservable within a set of states Nzu , this does not mean that the states within Nzu can never be distinguished. It is possible, for example, that each state within a set Nzu has a different and unique successor state not in Nzu that occurs independently of the output and can unambiguously be measured in the next time step. Then the measurement at the next time step unambiguously reveals the state of the SP one time step before, though this state lies within a set of stochastically unobservable states. This motivates the following stronger definition of stochastic unobservability within a set of states. Definition 5.4.3. An SP is called strongly stochastically unobservable within a set Nzu ⊆ Nz of at least two states (|Nzu | ≥ 2) if the SP is stochastically unobservable within Nzu and Nzu is a closed set of states under all inputs v ∈ Nv . To illustrate Definitions 5.4.2 and 5.4.3, Figure 5.5 shows two autonomous SA. The SA shown on the left–hand side has a locally unobservable set of states. However, this does not mean that the states within the unobservable
140
5. Automata Theory for Process Supervision
set cannot be distinguished. This is because the SP can leave the locally unobservable set of states and outside of this set the output contains information about the previous states. In contrast to this, the SP corresponding to the SA shown on the right–hand side of Figure 5.5 cannot leave the closed set of states Nzu = {3, 4, 5} if the initial states lies within it. Hence, these states can never be distinguished from the measurements. It is clear that if for the initial set of states Z0 ⊆ Nzu holds, and Nzu is a strongly stochastically unobservable set of states, then Lemma 5.4.1 and Corollary 5.4.2 equivalently hold for all times k. This is summarised in the following corollary: Corollary 5.4.4. If the SP is strongly stochastically unobservable within Nzu and for the initial set of states Z0 ⊆ Nzu holds, then for all consistent I/O pairs (V, W ), the results of state observation and simulation are identical, i .e. the relations (5.17)–(5.19) and (5.20) hold for all k. 5.4.2 Stochastic Observability* Stochastic observability can now be defined as the property of an SP not to possess sets of states in which it is unobservable. Definition 5.4.4. An SP is called stochastically observable if it does not contain any set of states in which it is locally stochastically unobservable. According to this definition, the SP is called observable if there exists at least one input for which the state observation yields more information about the state than simulation, independent of current state of the process. This fact is represented by the following corollary, which follows directly from Lemma 5.4.1 and Definition 5.4.4: Corollary 5.4.5. If the SA is stochastically observable, then Zk (k | V, W ) ⊆ Zk,sim (k | V )
(5.22)
holds for all times k. In contrast to this, for a stochastically unobservable SA the relation Zk (k | V, W ) = Zk,sim (k | V ) holds for all initial states, for all input sequences and for all times k. Note that while unobservability always means that stochastic independencies hold for all inputs, observability is given if there exists at least one input for which stochastic dependencies exist. Accordingly, it is reasonable to distin-
5.4 Observability*
141
SA containing locally, but no strongly unob− servable sets of states Set of all observable SA
SA containing strongly unobservable sets of states
Set of all weakly observable SA
Set of all globally unobservable SA
Fig. 5.6. Relation among the different kinds of stochastic observability and unobservability.
guish between those inputs that yield stochastic dependencies and those that do not. This will be considered in Section 5.4.3. The notion of strong unobservability leads to a weaker definition of observability. Definition 5.4.5. An SP is called weakly stochastically observable if there does not exist any set of states in which it is strongly stochastically unobservable. Weak stochastic observability of an SP means that the number of steps for which state observation definitely yields the same result as simulation is finite. This is because there exists an input sequence that possibly brings the SP out of the locally unobservable set of states Nzu and for which the output contains information about the state as soon as the SP can possibly leave the set Nzu . Then observation differs from simulation. This shall be explained at the autonomous SA shown on the left–hand side of Figure 5.5. The SA is not observable as it contains a locally unobservable set of states Nzu = {3, 4, 5}. However, as the set of states is not closed the SA is weakly observable. In this example, state observation equals simulation for no more than two steps. This is because after the first time instance at which it has been possible to leave the set of states Nzu , the output can reveal whether the set of states Nzu has been left. Note that because the probabilities for leaving the set Nzu via states z = 3 or z = 4 are different, even the non–occurrence of an output different from w = 1 contains information about the states within Nzu . Only if the initial state distribution contains a probability of 1 for the state z(0) = 5, state observation and simulation will be equal until the measurements at time k = 2 are obtained. The relation of the various definitions concerning observability is illustrated in Figure 5.6. The figure shows how the set of all SA is structured with respect to observability. Check for observability. According to Definition 5.4.4, the observability can be tested by applying Corollary 5.4.3 to all possible sets of states. How-
142
5. Automata Theory for Process Supervision
ever, testing all possible combinations of states is a tedious task even for a relatively small number of states. The following results reduce the complexity of an observability test and simplify the computation of unobservable sets of states considerably. Firstly, note that from the second condition of Corollary 5.4.3 it is clear that a ˜z = {z1 , z2 } necessary condition for unobservability within a set of two states N is that both states satisfy the relation L(z 0 , w | zi , v) = G(z 0 | zi , v) · H(w | zi , v)
(5.23)
for all z 0 ∈ Nz , v ∈ Nv and w ∈ Nw . Note that condition (5.23) is not ˜z also requires that H(w | z1 , v) = sufficient, as unobservability within N ˜ H(w | z2 , v) = H(w | v) holds (cf. Corollary 5.4.3). Secondly, note that the following holds: Corollary 5.4.6. [126] An SP is stochastically unobservable within a set Nzu of at least three states (|Nzu | ≥ 3) if and only if the SP is stochastically ˜ u ⊂ N u of two states (|N ˜ u | = 2). unobservable within all subsets N z z z According to these results, the search for sets of states in which the SP is stochastically unobservable can be reduced to the test of all pairs of states. Moreover, both states of such a pair must satisfy condition (5.23). Hence, an observability check can start with checking condition (5.23) separately for all states zi ∈ Nz . If no two states are found that satisfy this condition, then ˜z ⊂ Nz satisfying condithe SP is observable. If two or more states zi ∈ N tion (5.23) exist, all these states need to be further investigated by checking ˜ | v) satisfying H(w ˜ | v) = H(w | zi , v) for whether there exists a function H(w ˜z . This check is relatively simple as it can be performed by testing all zi ∈ N ˜z is equal to H(w | zj , v) for all other if H(w | zi , v) for the first state of N ˜ states of Nz . Remark 5.4.1. It is not reasonable to call an SP stochastically unobservable within a single state that satisfies condition (5.23), because a reasonable observability condition must check whether the output relation H(w | z, v) contains information concerning the current state. For such a check, at least two states need to be considered. Condition (5.23) is satisfied for example by states where the output w allows to unambiguously identify the current state but is the same for all successor states. This is the case in processes where the output symbol is equal to the current state. Such a process is, of course, observable. Remark 5.4.2. According to Corollary 5.4.6, the SP is unobservable if it is unobservable within all pairs of states, whereas the SP is not observable if it is unobservable within at least one pair of states. Example 5.4.1. The following example illustrates how the different observability definitions can be checked. Consider the SP represented by the autonomous SA shown in Figure 5.7. It can easily be verified that the SP is not unobservable because the first condition of Corollary 5.4.1 is violated, e.g. due to H(w = 3 | z = 2) = 0.2 6= H(w = 3 | z = 1) = 0. To check whether the SP is observable, first condition (5.23)
w=1, 0.63
1
w=2, 0.8
2 w=2, 0.07
w=2, 0.1
w=3, 0.2 w=2, 0.03
3
143
w=1, 0.27
w=1, 0.9
5.4 Observability*
Fig. 5.7. Automaton graph of a neither observable nor globally unobservable SP. is checked for all states. It can easily be verified that the SP satisfies the condition for all states. Hence, pairs of states need to be investigated to decide whether the ˜z = {1, 3}, the first condition of Corollary 5.4.3 is satisfied SP is observable. For N because H(w | z = 1) = {0.9, 0.1, 0}
and
H(w | z = 3) = {0.63+0.27, 0.07+0.03, 0}
are equal. Further, the second condition of Corollary 5.4.3 is satisfied because ˜ ˜ L(z 0 = 1, w | z = 3) = 0.7 · H(w) L(z 0 = 1, w | z = 1) = 1 · H(w) 0 ˜ ˜ L(z = 2, w | z = 1) = 0 · H(w) L(z 0 = 2, w | z = 3) = 0 · H(w) ˜ ˜ L(z 0 = 3, w | z = 1) = 0 · H(w) L(z 0 = 3, w | z = 3) = 0.3 · H(w) ˜ ˜z = {1, 3}, the SP is stochastically hold with H(w) = {0.9, 0.1, 0}. Hence, within N unobservable, and therefore, the SP is not observable. ˜z = {1, 3} is closed, as there is no state transition to state Furthermore, the set N ˜z and, z = 2. That is, the SP is also strongly stochastically unobservable within N hence, the SP is not even weakly observable (cf. Figure 5.6).
5.4.3 Distinguishing Inputs* The above definition of stochastic observability means that the output provides information concerning the state of the process. However, this does not mean that state information is contained in every pair (v, w). In fact, the definition of stochastic unobservability is such that if condition (5.16) does not hold for a single pair of input v and output w, the set is not called unobservable. However, the condition of Corollary 5.4.3 can be studied for each pair (v, w). That is, it can be checked for the SA whether the relation ˜ | v) L(z 0 , w | z, v) = G(z 0 | z, v) · H(w (5.24) holds for a given pair (v, w) for all z 0 ∈ Nz within a set of states z ∈ Nzu , |Nzu | ≥ 2. Hence, it possible to determine under which conditions the observer improves its result by processing the k–th I/O pair (v(k), w(k)) in comparison to the result obtained until the (k−1)–th step. To show this, again current state observation is compared to simulation. It is assumed that both simulation and observation use the same state probability distribution at time k: Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) = Prob(z(k) | V (0 . . . k−1)) =: Prob(˜ z (k)) .
144
5. Automata Theory for Process Supervision
The set of states corresponding to this probability distribution is denoted by zp (k) = z) > 0} . Zk,sim,obs (k | V, W ) = {z | Prob(˜ The following lemma says under which condition a simulation and an observation step yield the same result. Lemma 5.4.2. Assume that the state probability distribution Prob(˜ z (k)) is known and the SP yields the pair (v(k), w(k)) at time k. If and only if condition (5.24) is satisfied for all z ∈ Zk,sim,obs (k | V, W ) and z 0 ∈ Nz then the state observation result at time k is equal to the simulation of Prob(˜ z (k)), i .e. Prob(z(k) | V (0 . . . k), W (0 . . . k)) = Prob(z(k) | V (0 . . . k))
(5.25)
holds, and simulation and state observation yield the same state prediction Prob(z(k+1)|V (0 . . . k), W (0 . . . k)) = Prob(z(k + 1)|V (0 . . . k)) . (5.26) Proof. See Appendix C.18.
t u
Condition (5.24) can be tested in each recursion step of the observation algorithm in order to indicate at time k whether the observer works really as an observer or merely as a simulator. Furthermore, this result has an interesting consequence concerning the choice of the input. This is referred to by the following definition. Definition 5.4.6. An input v is called non–distinguishing for the SP within a set of states Nzu , |Nzu | > 2, if condition (5.21) holds for this input for all z ∈ Nzu , z 0 ∈ Nz and w ∈ Nw . As a consequence, for every set of states Nzu , it is possible to partition the ˜v (N u ) and N ¯v (N u ) such that the decomposiinput set Nv into two sets N z z ˜v (N u ) and impossible for all v ∈ N ¯v (N u ). tion (5.24) is possible for all v ∈ N z z That is, if the SA gets, for some reason, only non–distinguishing inputs it would be impossible to solve the observation problem although the SA might be observable. On the other hand, if there is some freedom concerning the input, an input can be selected from the set of distinguishing inputs at each time step in order to improve the observation result. If the SA is stochastically observable, there exist at least one distinguishing input for every set of two or more states. If, in particular, an input v is distinguishing for the SP within all sets of states, the SP is called uniformly observable for the input v. Furthermore, if the SP is uniformly observable for every input v ∈ Nv , then the SP is called uniformly stochastically observable. On the other hand, if an input is not distinguishing for the SP within the set Nz , the SP is called unobservable for the input v. Note that the unobservability of Nz includes due to Corollary 5.4.6 the unobservability within all subsets of Nz .
5.4 Observability*
145
5.4.4 Other Observability Definitions* In Section 2.5.1, semi–deterministic SA have been defined as SA that satisfy condition (2.39). Exactly this condition is the classical observability definition of SA given in [24]. Textbooks on SA also refer to this condition as observability condition for SA (cf. [23] and [184]). According to this condition, an SA is called observable if the successor state z 0 can be unambiguously determined for all states z if the current input v and current output w are known. The attribute semi–deterministic means that although the automaton might be nondeterministic for given input, the successor state can be unambiguously determined if the generated output is known. That is, different successor states z 0 that may be reached from the same current state z and for the same input v distinguish themselves by the generated output w. This notion of observability is closely related to the situation discussed in Section 5.3.1, where the initial state z(0) is known and the current state has to be observed. If the SA is observable in the sense of semi–determinism, the current state z(k) can be determined unambiguously for all times k for given z(0). The reason why the definition of observability as semi–determinism is not appropriate for the observation problem posed in Section 5.1 is explained by means of the following example.
w=1, v=2 0.5
1
w=2, v=2, 0.5 w=1, v=1 w=1, v=1
w=2, v=2
2
Fig. 5.8. Semi–deterministic SA.
Example 5.4.2. Consider the SA shown in Figure 5.8. The SA is semi–deterministic because if the current state was unambiguously known then the I/O pair allows to uniquely determine the successor state (cf. Section 2.5.1). In this case the state can be determined unambiguously from the measurement sequences for all k. However, the example also shows the restriction of defining the observability as semi– determinism. Doing so is only reasonable if it can be assumed that the initial automaton state is precisely known. As long as this assumption is not satisfied, the semi–determinism does not say anything about the solvability of the observation problem. This drawback is also shown by the above example. If the initial state is not known, the state cannot be determined as long as the input to the SP is v = 1. However, as soon as the input becomes v = 2 the observation problem is solved uniquely for all times. Obviously, the property that the SA is semi-deterministic does not imply that there exists a solution to the observation problem. The observability conditions introduced here yield that the SP is unobservable for v = 1 and uniformly stochastically observable for v = 2. Similar remarks hold true for other observability definitions like those given in [104], [140], [157] for automata or discrete–event systems, or in [201] for
146
5. Automata Theory for Process Supervision
dynamical systems in general. All similarly claim that the state should be unambiguously determined. In [128] the observability definition given in [201] is applied to SA giving necessary conditions for the observability of an SP. It is shown that defining observability asking for a unique observation result after a finite number of steps results in rather restrictive conditions such that almost every SP obtained from the abstraction of a technical system is not observable in this sense.
5.5 Fault Diagnostic Problem 5.5.1 Problem Statement The aim of diagnosis is to detect abnormal system behaviour, which is referred to as fault f , from a measured I/O pair and to identify its cause. Whether a fault is present in the system at time k is unknown. Therefore, the fault is described by a sequence of random variables fp (k) that can assume values f (k) from the finite set Nf = {1, . . . , S} at each time instance k. Each value of Nf represents a certain fault case, one of which is associated with the faultless case denoted by f0 ∈ Nf .
Markov process
v ( k)
z ( k)
w ( k)
f ( k)
stochastic automaton fault diagnosis Prob( f ( k) V (0... k), W(0... k) )
Fig. 5.9. Fault diagnostic problem.
Fault diagnostic problem. Given: SP represented by the SA S(Nz , Nv , Nw , Nf , L). Sequences V (0 . . . k), W (0 . . . k) of input and output symbols. A–priori initial state and fault distribution Prob(z(0), f (0)). Find: Current fault probability distribution Prob(f (k) | V (0 . . . k), W (0 . . . k)).
5.6 Solution to the Fault Diagnostic Problem
147
All faults for which this probability does not vanish belong to the set of currently possible faults Fk (k | V, W ) = {f (k) | Prob(fp (k) = f (k) | W (0 . . . k), V (0 . . . k)) > 0} . (5.27) The fault diagnostic problem is shown in Figure 5.9. It has the same structure as the current state observation problem posed in Section 5.1.1 (cf. Figure 5.1). Like for the observation it is assumed throughout this section that the current input is independent of the state and fault. 5.5.2 Stochastic Processes Augmented by Faults In general, the fault at a certain time instance depends upon the previous faults, states and inputs to the system. Furthermore, the fault influences the output and the future system states. That is, the temporal evolution of the stochastic process including the fault is described by the distribution: þ fp (k+1) = f (k+1) þþ fp (0) = f (0), . . . , fp (k) = f (k) Prob zp (k+1) = z(k+1) þþ zp (0) = z(0), . . . , zp (k) = z(k) . (5.28) þ vp (0) = v(0), . . . , vp (k) = v(k) wp (k) = w(k) It is assumed that the stochastic process possesses the Markov property with respect to the states and faults such that the description (5.28) can be simplified. Then þ fp (k+1) = f 0 þþ fp (0) = f (0), . . . , fp (k) = f Prob zp (k+1) = z 0 þþ zp (0) = z(0), . . . , zp (k) = z (5.29) wp (k) = w þ vp (0) = v(0), . . . , vp (k) = v = Prob(fp (1) = f 0 , zp (1) = z 0 , wp (0) = w | fp (0) = f, zp (0) = z, vp (0) = v) holds for all states, faults, inputs and outputs for all times k (cf. Section 2.2, Figure 5.9). The stochastic process (5.29) is represented by an SA with the fault as additional state variable as introduced in Section 2.4 and the behavioural relation set according to the probabilities (5.29): L(z 0 , f 0 , w | z, f, v) = 0
(5.30) 0
Prob(fp (1) = f , zp (1) = z , wp (0) = w | fp (0) = f, zp (0) = z, vp (0) = v) .
5.6 Solution to the Fault Diagnostic Problem 5.6.1 Formal Solution In Section 2.4 it is shown that the SA with fault can be transformed into an SA with a single state variable zˆ by using a bijective mapping
148
5. Automata Theory for Process Supervision
ˆz , Mzf : Nz × Nf → N
zˆ = Mzf (z, f ) .
Applying this to the SA with behavioural relation (5.30) yields an SA where the fault is part of the automaton state zˆ. Hence, the diagnostic problem is solved by observing the state zˆ as described in Section 5.2 and by projecting the result to the fault f . This is done by considering all states zˆ with the same fault part f as described by the sets ˆz . Nzˆ(f ) = {ˆ z | zˆ = Mzf (z, f ), for some z ∈ Nz } ⊆ N
(5.31)
Analogous to the observation problem, a solution to the diagnostic problem exists if and only if the I/O pair (V, W ) is consistent with the SP. That is, ˆ . . . k) an initial state distribution Prob(ˆ z (0)) and hence a state sequence Z(0 must exist such that eqn. (2.30) yields a nonzero probability Prob(W | V ) for the measured I/O pair. As before, the a-priori initial state and fault distribution Prob(ˆ z (0)) = Prob(Mzf (z(0), f (0)) must be known to solve the diagnostic problem. Theorem 5.6.1 on page 149 provides the solution to the diagnostic problem ˆ ˆ z (k+1), w(k) | zˆ(k), v(k)). using the abbreviation L(k) := L(ˆ Discussion of the solution. From the above, it is clear that the diagnostic and the current state observation problems are analogous. Hence, all remarks on the solution to the state observation problem given in Section 5.3 also apply to the diagnostic problem and a diagnostic algorithm similar to Algorithm 5.1 can be derived. Furthermore, from Section 5.3.3, it is clear that the diagnosis can in general not be performed by an SA. Remark 5.6.1. The solution to the fault diagnostic problem includes the observation of the state of the SP. The state can be obtained by projecting the distribution over zˆ to the states z instead of the fault f . This is done by replacing the sums over Nzˆ(f ) in the numerators of eqns. (5.32) and (5.33) by sums over the set Nzˆ(z) = {ˆ z | zˆ = Mzf (z, f ), for some f ∈ Nf } .
Remark 5.6.2. The fault can be introduced in a more general way than as an additional state of the stochastic process by partitioning the set Nz of all states of the SP into subsets Nz,i each unambiguously associated with a certain fault f . This means that models of different complexities can be used for each fault. By using the sets Nz,i instead of the sets (5.31), the solution to the fault diagnostic problem remains as in Theorem 5.6.1 [126]. From this viewpoint, diagnosis is just an interpretation of the observation result, namely that of the SP being within certain subsets Nz,i of states. 5.6.2 Diagnostic Algorithm Due to the analogy of state observation and fault diagnosis the diagnostic algorithm given below is almost identical to Algorithm 5.1. Like in Section 5.3.2, for its formulation the following functions are used:
5.6 Solution to the Fault Diagnostic Problem
149
Solution to the fault diagnostic problem Theorem 5.6.1. Consider an SP with the a–priori initial state and fault probability distribution Prob(ˆ z (0)) = Prob(Mzf (z(0), f (0))). If the I/O pair (V, W ) is consistent with the SP, the current fault distribution is given by k>0: Prob(f (k) | V (0 . . . k), W (0 . . . k)) (5.32) P P ˆ z (k) | V (0...k−1), W (0...k−1)) zˆ(k+1) zˆ(k)∈Nzˆ (f (k)) L(k)·Prob(ˆ = P ˆ L(k)·Prob(ˆ z (k) | V (0...k−1), W (0...k−1)) zˆ(k),ˆ z (k+1)
k=0:
P
P zˆ(1)
Prob(f (0) | v(0), w(0)) =
P
ˆ
z (0)) zˆ(0)∈Nzˆ (f (0)) L(0)·Prob(ˆ ˆ
z (0)) zˆ(0),ˆ z (1) L(0)·Prob(ˆ
(5.33)
with the recursive relation k>1: Prob(ˆ z (k) | V (0 . . . k−1), W (0 . . . k−1)) (5.34) P ˆ z (k−1) | V (0 . . . k−2), W (0 . . . k−2)) zˆ(k−1) L(k−1) · Prob(ˆ =P ˆ L(k−1)·Prob(ˆ z (k−1) | V (0 . . . k−2), W (0 . . . k−2)) zˆ(k),ˆ z (k−1)
k=1:
P
Prob(ˆ z (1) | v(0), w(0)) = P
zˆ(0)
ˆ L(0)·Prob(ˆ z (0)) . ˆ L(0) · Prob(ˆ z (0))
(5.35)
zˆ(1),ˆ z (0)
Proof. See Appendix C.19. function ˆz → [0, 1] pint : N pres : Nf → [0, 1] haux : Nf → [0, 1]
t u
corresponding to Prob(ˆ z (k) | V (0 . . . k−1), W (0 . . . k−1)) Prob(f (k) | V (0 . . . k), W (0 . . . k)) P P ˆ L(k)· Prob(ˆ z (k) | V (0...k−1), W (0...k−1)) zˆ(k+1) zˆ(k)∈Nzˆ (f )
The diagnostic algorithm is given by Algorithm 5.2. Like for the observation algorithm, the algorithm waits at the beginning of each loop for a new pair ˆ and the N · S of measurements (v, w). This pair, the behavioural relation L z ) are used to compute the diagnostic result stored values of the function pint (ˆ pres (f ) and an update of pint (ˆ z ). The computation of pres and pint is according to eqns. (5.32) and (5.34) respectively. The foregoing check guarantees that
150
5. Automata Theory for Process Supervision
a division by zero cannot occur. As for the observation algorithm, in each cycle, only few calculations are carried out, which makes the algorithm applicable under relatively strong real–time constraints. Note that neither the computational nor the storage complexity of the algorithm increases with the length of the measurement sequences V and W . Remark 5.6.3. While Algorithm 5.2 includes the practically necessary check to avoid division by zero it does not explicitly refer to the possibility to use an a–priori initial state and fault distribution that differs from the actual distribution of the SP. Nevertheless, the remarks of Section 5.3.1 hold analogously for the diagnostic algorithm.
Diagnostic algorithm for stochastic processes represented by stochastic automata Algorithm 5.2 ˆ ˆz , Nv , Nw , L) Given: Stochastic automaton S(N A–priori initial state and fault probability distribution Prob(z(0), f (0)) Do:
−1 ˆz Set pint (ˆ z ) = Prob((zp (0), fp (0)) = Mzf (ˆ z )) for all zˆ ∈ N
Do wait for new measurements v and w P P ˆ z , w | zˆ, v) · pint (ˆ z) for all f ∈ Nf determine haux (f ) = z¯ zˆ∈Nzˆ(f ) L(¯ P if f haux (f ) = 0 holds, stop the algorithm (inconsistent I/O pair or wrong initial state and fault distribution) P P ˆ ˆz determine pint (ˆ z )/ f haux (f ) z ) = z¯ L(ˆ z , w | z¯, v)· pint (¯ for all zˆ ∈ N P for all f ∈ Nf determine pres (f ) = haux (f )/ f haux (f ) Loop Result: Current fault probabilities pres (f )
5.7 Diagnosability* 5.7.1 Stochastic Diagnosability and Undiagnosability* Since diagnosis is in principle a state observation, diagnosability can be defined in a similar way to Definitions 5.4.1–5.4.6. The following definitions are formulated for an SP represented by an SA as described by eqn. (5.30).
5.7 Diagnosability*
151
Definition 5.7.1. An SP is called stochastically undiagnosable if the output contains no information about the fault due to one of the following circumstances: 1. The SP is stochastically unobservable with respect to the state and fault pair (z, f ) such that the relation Prob(zp (1) = z 0 , fp (1) = f 0 , wp (0) = w | zp (0) = z, fp (0) = f, vp (0) = v) = Prob(zp (1) = z 0 , fp (1) = f 0 | zp (0) = z, fp (0) = f, vp (0) = v) · Prob(wp (0) = w | vp (0) = v) 0
(5.36)
0
holds for all z , z ∈ Nz , f , f ∈ Nf , v ∈ Nv and w ∈ Nw . 2. The fault is independent of the state, and only the state of the SP is observable such that the relation Prob(zp (1) = z 0 , fp (1) = f 0 , wp (0) = w | zp (0) = z, fp (0) = f, vp (0) = v) = Prob(zp (1) = z 0 , wp (0) = w | zp (0) = z, vp (0) = v) · Prob(fp (1) = f 0 | fp (0) = f, vp (0) = v) 0
(5.37)
0
holds for all z , z ∈ Nz , f , f ∈ Nf , v ∈ Nv and w ∈ Nw . The first undiagnosability case is the direct extension of the unobservability defined in Section 5.4. This can be seen by applying any bijective mapping zˆ = Mzf (z, f ) to (5.36). Then the undiagnosability condition (5.36) is identical to the unobservability condition (5.16) with respect to the state zˆ. Accordingly, Definitions 5.4.2–5.4.6 and Lemmas 5.4.1–5.4.2 directly apply. Undiagnosability due to the independencies described by eqn. (5.37) has to be distinguished from the first case though its consequences are similar (cf. Lemma 5.7.2). This kind of undiagnosability cannot be tested by Corollary 5.4.1 but by using the following result. Lemma 5.7.1. An SP is stochastically undiagnosable due to eqn. (5.37) if and only if for the SA representing the SP, the following three conditions hold: 1. The behavioural relation L can be decomposed into two functions X ˜ 0 , w | z, f, v) = L(z L(z 0 , f 0 , w | z, f, v) f0
˜ f (f 0 | z, f, v) = G
X
L(z 0 , f 0 , w | z, f, v)
z 0 ,w
such that the relation ˜ 0 , w | z, f, v) · G ˜ f (f 0 | z, f, v) L(z 0 , f 0 , w | z, f, v) = L(z holds for all z 0 , z ∈ Nz , f 0 , f ∈ Nf , v ∈ Nv and w ∈ Nw . ˜ does not depend on f , and can therefore be 2. The value of the function L ¯ 0 , w | z, v). written as L(z
152
5. Automata Theory for Process Supervision
˜ f does not depend on z, and can therefore be 3. The value of the function G 0 ¯ written as Gf (f | f, v). Proof. The lemma follows immediately from Definition 5.7.1 and relation (5.30). t u In analogy to Lemma 5.4.1, the consequence for the diagnosis of a stochastically undiagnosable SP is that the I/O pair does not contain more information about the fault than the input sequence alone, i.e. not more than a simulation of the a–priori initial fault distribution. This is the result of the following lemma. Lemma 5.7.2. If the SP is stochastically undiagnosable, then for all consistent I/O pairs (V, W ) the relation Prob(f (k) | V (0 . . . k), W (0 . . . k)) = Prob(f (k) | V (0 . . . k))
(5.38)
1. holds for all a–priori initial fault and state distributions Prob(z(0), f (0)) in case that the SP is undiagnosable according to condition (5.36). 2. holds whenever the initial fault and state are stochastically independent such that Prob(z(0), f (0)) = Prob(z(0)) · Prob(f (0)) holds in case that the SP is undiagnosable according to condition (5.37). Proof. See Appendix C.20.
t u
Similar to the unobservability definition, stochastic undiagnosability refers to the SP as a whole. That is, in case of an undiagnosable SP, the output never contains information about the fault, independently of the current state, fault or input to the system. Similar to Definition 5.4.2, global undiagnosability can be restricted to a local undiagnosability as follows: Definition 5.7.2. An SP is called stochastically undiagnosable with respect to a set of faults Nfu ⊆ Nf (|Nfu | ≥ 2) within a set of states Nzu ⊆ Nz if one of the conditions of Definition 5.7.1 holds for all f ∈ Nfu , z ∈ Nzu as well as for all f 0 ∈ Nf , z 0 ∈ Nz , v ∈ Nv and w ∈ Nw . In analogy to Definition 5.4.3 this definition can be extended to strong undiagnosability referring to whether the set of states or faults is closed. If an SP is stochastically undiagnosable with respect to a set of faults Nfu within a set of states Nzu , it is also stochastically undiagnosable with respect ˜ u ⊆ N u within any subset of states N ˜ u ⊆ N u . The to any subset of faults N z z f f test for sets of fault and states in which the SP is undiagnosable is analogous to the results of Section 5.4.2, treating both kinds of undiagnosability separately. Finally, stochastic diagnosability is defined as the property of the SP not to be undiagnosable within any set of faults and states.
w=1, 0.5
(z,f)= (2,2)
w=1, 0.5
(z,f)= (3,2)
w=1, 1
(z,f)= (4,2)
(z,f)= (4,1)
w=2, 1
(z,f)= (1,2)
w=3, 1
w=1, 0.5
5.7 Diagnosability*
153
w=1, 0.3
w=2, 0.5
(z,f)= w=1, 0.5 (z,f)= (1,1) (2,1)
w=1, 1
(z,f)= (3,1)
w=1, 1
w=1, 0.2
Fig. 5.10. Automaton graph.
Definition 5.7.3. An SP is called stochastically diagnosable if there neither exists any set of faults nor any set of states within which the SP is stochastically undiagnosable. Remark 5.7.1. Similar to Definition 5.4.6, those inputs for which the conditions of Definition 5.7.1 hold are called non–fault–distinguishing within a certain set of faults and states. Remark 5.7.2. Even if the SP is not stochastically undiagnosable within the set of currently possible states and faults it is possible that the current diagnostic step equals a simulation of the fault. The reason is as follows. The SP is not undiagnosable if the output contains information only about the state and the state and fault are dependent. In this case the diagnostic algorithm reconstructs different state probabilities in dependence upon the fault and the output that differ from simulation. However, this does not mean that the boundary distribution with respect to the fault cannot be equal to a simulation of the fault. Example 5.7.1. Consider the SP with a single input, three outputs, four states and two faults represented by the SA shown in Figure 5.10. This SP is not stochastically undiagnosable. Nevertheless, it is undiagnosable with respect to both faults within the set of states Nzu = {1, 3} because in these states, the output w = 1 always occurs independent of the state, fault or their successors such that eqn. (5.36) holds within Nzu . Within the states Nzu = {1, 3}, no information about the fault can be obtained. Accordingly, if for example the initial state is known to be z = 1, the first measurement cannot contain information about the fault. This can be seen at the diagnostic result shown in Table 5.2 obtained for the input sequence V (0 . . . 3) = (1, 1, 1, 1), the output sequence W (0 . . . 3) = (1, 1, 1, 3) and the a–priori initial state and fault distribution 0.5 z = 1, f = 1, 2 Prob(zp (0) = z, fp (0) = f ) = 0 otherwise . At k = 0, the diagnostic result is equal to the simulation of the initial fault distribution which yields Prob(f (k) | V (0 . . . k)) = {0.5 0.5} for all times k. In the next time step, however, the diagnostic result differs from simulation as the SP could have assumed state z = 2 for w = 1 within which the SP is not undiagnosable with respect to both faults.
154
5. Automata Theory for Process Supervision Table 5.2. Probability distribution Prob(f (k) | V, W ) of the current fault.
k=0 k=1 k=2 k=3 V (0...0) = (1) V (0...1) = (1, 1) V (0...2) = (1, 1, 1) V (0...3) = (1, 1, 1, 1) W (0...0) = (1) W (0...1) = (1, 1) W (0...2) = (1, 1, 1) W (0...3) = (1, 1, 1, 3) f Prob(f (0)|V, W ) Prob(f (1)|V, W ) Prob(f (2)|V, W ) Prob(f (3)|V, W ) 1 0.5 0.5714 0.5614 0.0 2 0.5 0.4286 0.4386 1.0
5.7.2 Fault Detectability and Identifiability* In the literature on fault diagnosis, it is usually distinguished between fault detection and fault identification (cf. e.g. [72], [144]). Fault detection means to decide whether any fault fi 6= f0 occurred, whereas fault identification concerns the question which fault fi is occurring in the system. Accordingly, many papers refer to fault detectability and identifiability rather than fault diagnosability. Fault detectability means the possibility to distinguish between the faultless and the faulty case, and fault identifiability the possibility to distinguish between different faults occurring in the system (cf. e.g. [50], [58]). The diagnostic approach presented here does not explicitly distinguish between fault detection and identification. In fact, both problems are solved simultaneously as the probabilities of the faults as well as the probability of the faultless case are determined by eqn. (5.32). From this, the probability that any fault has occurred can be obtained by summing over all faults fi 6= f0 and fault identification is given through the probabilities of the different faults fi . Similarly, the definition of stochastic diagnosability combines stochastic detectability and identifiability. However, it can be split up as shown below. Definition 5.7.4. Given an SP, a fault fi ∈ Nf is called not stochastically undetectable if the SP is not stochastically undiagnosable with respect to Nfu = {f0 , fi } within the set of states Nz . Equivalently, a fault fi ∈ Nf is called not stochastically unidentifiable for a given SP if there does not exist any fault fj ∈ Nf for which the SP is stochastically undiagnosable with respect to Nfu = {fi , fj } within the set of states Nz . Definition 5.7.5. Given an SP, a fault fi ∈ Nf is called stochastically detectable if there does not exist any set of states Nzu ⊆ Nz within which the SP is stochastically undiagnosable with respect to Nfu = {f0 , fi }. Equivalently, a fault fi ∈ Nf is called stochastically identifiable for a given SP if there does neither exist a set of states Nzu ⊆ Nz nor a fault fj ∈ Nf within which the SP is stochastically undiagnosable with respect to Nfu = {fi , fj }.
5.7 Diagnosability*
155
5.7.3 Comparison to Other Diagnosability Definitions* Only few papers concern the diagnosability analysis of automata. In [163] and [165], diagnosability of a nondeterministic automaton is defined by means of its language which represents the behaviour of a finite nondeterministic automaton [159]. The nondeterministic automata used there differ from the automata considered here as only a subset of transitions, called events, result in a measurement available for diagnosis. The fault is an immeasurable event in the automaton and diagnosability is defined as the possibility to uniquely identify all faults from the measured sequence of events. Like here, it is shown that diagnosability is closely related to the observability of automata. These papers are analogous to the papers used for comparison with stochastic observability in Section 5.4.4. In [50], fault detectability and identifiability of the same class of nondeterministic automata introduced in Section 2.5.1 is considered. The comparison is given in detail here. The definitions in [50] are for the special case that the output symbol is equal to the automaton state and the fault is a temporally constant input to the automaton. Furthermore, no stochastic information is used. There, a fault fi 6= f0 is called detectable if there exists an initial state for which at least one input sequence exists such that at least one state sequence is generated by the automaton for the fault fi but not in the faultless case f0 . This condition is obviously equivalent to the existence of a successor state, state and input triple (z 0 , z, v) existing in case of a fault fi but not for f0 . Reducing the stochastic undetectability given by Definition 5.7.4 to the special case of constant faults and measurable states means that a fault is not undetectable, if there exists at least one state z, measured by w = z, for which the successor state z 0 ∈ Nz is stochastically dependent of the faults of the set Nfu = {f0 , fi }. In case that a nondeterministic automaton with w = z is converted to an SA by eqn. (2.43), the transition probabilities depend only on the number of successor states. Hence, if and only if for f0 and fi , the same successor states z 0 are reached then the successor state is stochastically independent of f ∈ Nfu . In this particular case fi is not stochastically undetectable if at least one successor state is different for f0 and fi for at least one state and input pair (z, v). That is, the definition of detectability of fi given in [50] is a special case of the more general definition of fi not being stochastically undetectable. The same holds true for the identifiability of a fault, as the identifiability of a fault fi as defined in [50] is the same as the fault fi not being stochastically unidentifiable under the simplifications given above.
156
5. Automata Theory for Process Supervision
5.8 Extensions** 5.8.1 Diagnosis Using Fault Sequences** Motivation for using fault sequences. The diagnostic problem considered so far concerns the task to determine the current fault f (k) from the I/O pair V (0 . . . k) and W (0 . . . k) (cf. Section 5.5). This implicitly assumes that a fault is present until its effects can be seen in the measurements. If, however, the fault has already disappeared when its effects become “visible” through the measured signals, the presented diagnostic method cannot detect it. A practical example of such an SP is given in [120], where a fault occurring at the beginning of a manufacturing process is to be diagnosed from measurements available after production. This is the motivation for extending the diagnostic task to a problem in which the whole fault sequence F (0 . . . k) is considered. In order to pose the problem in a precise form, some considerations concerning fault sequences are made first. Sequences of faults. Theoretically, it is possible to consider all alternative fault sequences F (0 . . . k) ∈ Nfk+1 by extending Theorem 5.2.1 to fault diagnosis. However, the number of these sequences and thus the number of probabilities to be determined increases exponentially with an increasing time horizon k. Therefore, the diagnostic problem has to be focused on relevant subsets of Nfk+1 . This is done by classifying all fault sequences as those containing certain fault values, and sequences not containing these values. For this purpose, sets Nf,i of Nf are introduced Nf,1 , . . . , Nf,Θ ,
Nf,i ⊂ Nf ,
according to which the set tioned into
Nfk+1
(5.39)
of all fault sequences up to time k is parti-
k+1 F (0 . . . k | Nf,i ) = {F (0 . . . k) | F (0 . . . k) ∈ Nf,i } k+1 }. and F (0 . . . k | Nf,i ) = {F (0 . . . k) | F (0 . . . k) ∈ Nfk+1 \Nf,i
Each fault sequence of F (0 . . . k | Nf,i ) contains only fault values of the subset Nf,i , whereas each fault sequence of F (0 . . . k | Nf,i ) contains at least one value of Nf \ Nf,i . Note that each fault sequence F (0 . . . k) belongs either to F (0 . . . k | Nf,i ) or to F (0 . . . k | Nf,i ). Hence, a family of discrete random variables Fpi (k) can be defined for each time instance k as 1 if F (0 . . . k) ∈ F (0 . . . k | Nf,i ) Fpi (k) : Nfk+1 −→ {1, 2} , Fpi (k) = 2 otherwise, denoting the corresponding probability distributions by Prob(F i (k)). From the definition of the random variable, it is clear that there is a relation between the random variables fp (k), Fpi (k) and Fpi (k −1). This relation is described by:
5.8 Extensions**
157
Prob(Fpi (k) = 1 | Fpi (k−1) = F i (k−1), fp (k) = f (k)) 0 if f (k) 6∈ Nf,i or F i (k−1) = 2 = 1 if f (k) ∈ Nf,i and F i (k−1) = 1 , (5.40) Prob(Fpi (k) = 2 | Fpi (k−1) = F i (k−1), fp (k) = f (k)) 0 if f (k) ∈ Nf,i and F i (k−1) = 1 = 1 if f (k) 6∈ Nf,i or F i (k−1) = 2 . The relation is deterministic and is required for the solution to the diagnostic problem. For notational convenience, the conditional probability distribution (5.40) is denoted by FS (F i (k) | F i (k − 1), f (k)). Note that the relation FS contains neither additional information about the SP nor assumptions on the fault but results from the definition of the new random variable. At time k = 0 the relation is given by 1 if f (0) ∈ Nf,i and F i (0) = 1 0 i FS (F (0) | f (0)) = 1 if f (0) 6∈ Nf,i and F i (0) = 2 0 otherwise . Example 5.8.1. Usually it is of interest whether a certain fault occurred in the past or not. This information is contained in Prob(Fik ) provided that the sets Nf,i are adequately chosen. As an example, consider the two–tank system of Section 1.4 with Nf = {1, 2, 3, 4}, where f = 1 means that the system is faultless, f = 2 a leak in the left tank, f = 3 that the pump is broken and f = 4 that both faults occur simultaneously. The following table contains a selection of possible Nf,i ⊂ Nf and the resulting interpretation of Prob(Fpi (k) = 1) and Prob(Fpi (k) = 2). Nf,i {1, 2} {1, 3} {3, 4} {1} {2, 3, 4}
interpretation of Prob(Fpi (k) = 1) pump never broken never a leak in the left tank pump never operated system always faultless system never faultless
interpretation of Prob(Fpi (k) = 2) pump broken at least once a leak occurred at least once pump operated at least once at least once any fault occurred system at least once faultless
It obviously depends on the set Nf,i whether it means a fault or not, if the fault sequence is an element of F (0 . . . k | Nf,i ).
Diagnosis of faults in the entire past. In contrast to the probabilities of the current faults, now probabilities of fault sequences shall be calculated. That is, the diagnostic problem is to find for given sequences V (0 . . . k), W (0 . . . k) of input and output symbols the probability distribution Prob(F i (k) | V (0 . . . k), W (0 . . . k)) for all i = 1, . . . , Θ. The iterative solution to this diagnostic problem is given by the following theorem using the abbreviations L(k) := L(z(k+1), f (k+1), w(k) | z(k), f (k), v(k)) and p(k) := Prob(z(k+1), f (k+1), F i (k)|V (0 . . . k), W (0 . . . k)) .
158
5. Automata Theory for Process Supervision
Theorem 5.8.1. Consider an SP with the a–priori initial state and fault distribution Prob(z(0), f (0)). If the I/O pair (V, W ) is consistent with the SP, the conditional probability distribution for the sequence of faults belonging to F (0 . . . k | Nf,i ) is given by X p(k) (5.41) Prob(F i (k)|V (0 . . . k), W (0 . . . k)) = z(k+1),f (k+1)
with the recursive relation P k > 0 : p(k) =
L(k) · FS (F i (k) | F i (k−1), f (k)) · p(k−1)
z(k),f (k),F i (k−1)
P
L(k) · FS (F i (k) | F i (k−1), f (k)) · p(k−1)
f (k),f (k+1),z(k), z(k+1),F i (k),F i (k−1)
P k = 0 : p(0) =
z(0),f (0)
P
(5.42) L(0) · FS0 (F i (0) | f (0)) · Prob(z(0), f (0)) L(0) · FS0 (F i (0) | f (0)) · Prob(z(0), f (0))
f (0),f (1),z(0),z(1),F i (0)
Proof. The proof of the theorem is given in [170].
t u
Note that the number of probability values to be determined in each step is constant over time as it depends only on the number Θ of considered subsets of Nf and not on k. Diagnosis of faults in a past time interval. The way the diagnostic problem in the previous section is posed leads to two problems: 1. Once it has been identified that the fault sequence is not element of the set F (0 . . . k | Nf,i ), the probability Prob(Fpi (k) = 2 | V (0 . . . k), W (0 . . . k)) = 1 will remain for all times k. Thus, it cannot be identified whether a fault persists or disappears in the future. 2. Even if the fault sequence is element of the set F (0 . . . k | Nf,i ), the probability Prob(Fpi (k) = 2 | V (0 . . . k), W (0 . . . k)) is permanently increasing and approaches 1 for long time horizons k. This is due to the fact that the number of elements in Nf is larger than the number of elements in Nf,i , i.e. |Nf | > |Nf,i | holds. Therefore, |F(0 . . . k | Nf,i )| = |Nf,i |k+1 |F (0 . . . k | Nf,i )| = |Nf |k+1− |Nf,i |k+1 for large k. Thus if the fault cannot be excluded at each time instance lim Prob(Fpi (k) = 2 | V (0 . . . k), W (0 . . . k)) = 1
k→∞
holds, whether a fault occurs or not. To avoid these problems the diagnostic problem can be modified such that only an adjustable time interval in the past is considered for diagnosis. The solution to this problem is given in [170].
5.8 Extensions**
159
5.8.2 Isolation of I/O Signal Corruptions** Main idea and motivation. The solution to the observation and diagnostic problem is obtained provided that the I/O pair (V, W ) is consistent with the SP. According to the results of Section 5.3.1, inconsistency means that the denominator of the corresponding observer equation becomes zero, indicating that no solution exists. In this section, a scheme is presented with which it is possible to investigate the reasons of an occurring inconsistency in more detail. The scheme is developed for the case that the symbolical input and output symbols v and w are composed of several symbolical inputs and outputs as follows: Nvi = {1, 2, . . . , Mi } , i = 1, . . . , m , Mv : Nv,1 × · · · × Nv,m −→ Nv , Nwi = {1, 2, . . . , Ri } , i = 1, . . . , r , Mw : Nw,1 × · · · × Nw,r −→ Nw ,
Nv = {1, 2, . . . , M1 · M2 · · · Mm }
v = Mv (v1 , . . . , vm ) , Nw = {1, 2, . . . , R1 · R2 · · · Rr } w = Mw (w1 , . . . , wr ) .
That is, the input and output of the SP are assumed to be in fact vectorial and the bijective mappings Mv and Mw transform these input and output vectors to scalar symbolical values. With these bijective mappings in mind, in the following a vectorial notation with the input vector v ∈ Nv and the output vector w ∈ Nw with Nv = Nv,1 × · · · × Nv,m and Nw = Nw,1 × · · · × Nw,r is used. The aim now is to determine which symbolical input vi or output wi has caused an inconsistency of the observation or diagnostic algorithm. The motivation is to identify faulty measurements of the input or output without the need to precisely describe in which way the measured input vi differs from the actual value v˜i . Provided that the corrupted input or output signal is identified, the observation or diagnosis can be continued with reduced performance by excluding the corrupted signal. The main idea is explained at corrupted output signals and by means of the current state observer. Assume that output symbols wi are measured that differ from those really occurring in the SP denoted by w ˜ i . According to Section 5.3.1, the denominator X L(k) · Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) (5.43) D(k) = z(k+1),z(k)
of eqn. (5.10) is nonzero if and only if the I/O pair (V, W ) up to time k is consistent with the SP. Hence, as long as for all outputs i = 1, . . . , r the ˜i (κ), κ = 0, . . . , k holds, a nonzero denominator D(k) > 0 relation wi (κ) = w is obtained. If the denominator D(k) becomes zero, at least one of the outputs wi (κ) must differ from the correct output w ˜ i (κ) for at least one time instance κ. If this inconsistency is removed by repeating the observation from time
160
5. Automata Theory for Process Supervision
v1 ... vm
Markov process z (k) Stochastic automaton State observer
v
Prob( z ( k) | V,W )
v
w
D( k )
State observer without w 1 DS1( k )
v
w1 ... wr
State observer without wr
w2 wr w1 w r-1
DSr( k )
Generalised observer scheme
Fig. 5.11. Generalised observer scheme.
zero onwards while using all but the i–th output, it becomes clear that the i– th output must be corrupted. For this repetition of the observation, a model has to be used, which describes the system with respect to all but the i– th output. Resolving the inconsistency in this way isolates the source of an output signal corruption. Generalised observer scheme. The idea explained above leads to the generalised observer scheme (GOS) depicted in Figure 5.11. The upper block is the state observer as shown in Figure 5.1. By means of its output D(k), the consistency of the I/O pair is checked. If D(k) becomes zero, the other r observers are invoked to test whether the corresponding output signal is corrupted. Each of the r blocks of the GOS obtains all but one output signals and tests the consistency of the input sequence and the sequence of the remaining outputs with a model that describes the system with all but the i–th output. Each block of the GOS yields the denominator of the corresponding observer as output. Furthermore, each block yields an observation result based on less information compared to the main observation block. When a corrupted output signal wi is identified, the observation result of the i–th block can be used. As this scheme is conceptually similar to the generalised observer scheme developed for continuous–variable systems in [53], the same terminology is used here for the lower part of Figure 5.11. A similar approach using qualitative observers has been proposed in [205].
5.8 Extensions**
161
The following results formally state the above explanations of the GOS. The first result concerns the model to be used by the blocks of the GOS. Lemma 5.8.1. The SP without the i–th output wi is represented by the SA S(Nz , Nv , Nw,1 × · · · Nw,i−1 × Nw,i+1 × · · · × Nw,r , Lw¯i ) , with the behavioural relation Lw¯i (z 0 , (w1 , . . . , wi−1 , wi+1 , . . . , wr ) | z, v) =
X
L(z 0 , w | z, v) .
wi
Proof. The proof of the lemma is given in [130].
t u
That is, the SA representing the SP without output wi can be obtained from the SA representing the whole SP. Lemma 5.8.2. D(k) > 0 implies DiS (k) > 0 (i = 1, ..., r) for each block of the GOS. Proof. The proof of the lemma is given in [130].
t u
According to this result, the observation blocks of the GOS need only be invoked if D(k) becomes zero. Otherwise it is clear that the blocks connected to a fewer number of outputs are consistent. Provided that only one output signal is corrupted, it can be identified due to the following property of the GOS: Lemma 5.8.3. Assume that the i-th output signal contains values wi (κ) different from w ˜i (κ) while the remaining output signals and all inputs are correct. Then DiS > 0 holds. Proof. The proof of the lemma is given in [130].
t u
According to this result, the i–th block does not become inconsistent if only the i–th output signal is corrupted. Hence, the GOS can be used to identify the corrupted output signal as follows: Identification of corrupted output signals Corollary 5.8.1. Assume that the i-th output signal contains values ˜i (κ) while the remaining output signals and all wi (κ) different from w inputs are correct. If the observer block yields the result D(k) = 0 and the generalised observer scheme the results DjS (k) = 0 DiS (k)
j = 1, ..., i−1, i+1, ..., r
>0
then the i–th output signal is corrupted.
162
5. Automata Theory for Process Supervision
v1 ... vm
v
Markov process z (k)
w1 ... wr
Stochastic automaton State observer
w
Prob( z ( k) | V,W )
v
w1
v2 vm
wr
v1 vm-1
DS1( k )
v
State observer using only wr
v
Markov process z (k)
w
D( k )
State observer without v1
w
DA1 ( k )
State observer without v m
w
DmA( k )
DSr( k )
Dedicated observer scheme
w1 ... wr
Stochastic automaton State observer
Prob( z ( k) | V,W )
D( k )
State observer using only w 1
v1 ... vm
Generalised observer scheme
Fig. 5.12. Dedicated observer scheme (left) and generalised observer scheme applied to input signal supervision (right).
Dedicated observer scheme and input signal supervision. An alternative way to identify corrupted I/O signals is provided by the dedicated observer scheme (DOS) shown on the left–hand side of Figure 5.12. In contrast to the GOS, each block of the DOS is connected to only one output. The model used for each observer of the DOS is analogous to Lemma 5.8.1 obtained by summing over all but one output. Lemma 5.8.2 holds equivalently for the DOS and the corrupted output signal can be identified from the following result: Lemma 5.8.4. Assume that all inputs are correct. If the observer block yields the result D(k) = 0 and the dedicated observer scheme the result DiS (k) = 0, then the i–th output signal is corrupted. Proof. The proof of the lemma is given in [130].
t u
The main advantage of the DOS is that multiple corrupted outputs can be detected while the GOS, in general, yields DiS (k) = 0 in this case. On the other hand, the blocks of the GOS use more information, and are therefore more sensitive to corrupted signals. Furthermore, the GOS directly yields the observation result excluding the faulty signal. On the right–hand side of Figure 5.12, the GOS for supervising the input signals is shown. Its application is as described by Lemmas 5.8.2 and 5.8.3. The models to be used in the blocks of the GOS are obtained as follows: Lemma 5.8.5. The SP without the i–th input vi is represented by the SA S(Nz , Nv,1 × · · · Nv,i−1 × Nv,i+1 × · · · × Nv,m , Nw , Lv¯i ) ,
5.8 Extensions**
with the behavioural relation Lv¯i (z 0 , w | z, (v1 , . . . , vi−1 , vi+1 , . . . , vm )) =
X
163
L(z 0 , w | z, v) · Prob(vi ) ,
vi
where Prob(vi ) denotes the a–priori probability distribution of the i–th input signal. Proof. The proof of the lemma is given in [130].
t u
5.8.3 Measurement Uncertainties** In the foregoing sections, the state observation and fault diagnostic problems are considered for an unambiguously measured I/O pair (V, W ). However, for the practical application the case that the symbolical measurements VM and WM differ from the actual sequences V and W is of interest. This case is considered in the following for state observation. Because of the formal equivalence of state observation and fault diagnosis, the results analogously hold for fault diagnosis. Uncertainties can be dealt with easily in a probabilistic setting as shown in the following. To represent the measurement uncertainties, new random variables vp,M (k) and wp,M (k) are introduced for the measurements at time k. Assume that the following conditional probability distribution is known Prob(V (0 . . . k), W (0 . . . k) | VM (0 . . . k), WM (0 . . . k)) .
(5.48)
Knowing this distribution means that for given measurement sequences VM and WM the probabilities of the sequences V and W actually occurring for the system are known. From Bayes formula it follows immediately that Prob(Z(0 . . . k) | VM (0 . . . k), WM (0 . . . k)) = X X Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) · V (0...k) W (0...k)
(5.49)
Prob(V (0 . . . k), W (0 . . . k) | VM (0 . . . k), WM (0 . . . k))
holds, because of the conditional independence of the state sequence Z of the measured sequences VM and WM given the actual sequence V and W . Note that eqn. (5.49) holds also for inconsistent I/O pairs if setting the corresponding probabilities Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) to zero. Equation (5.49) describes the extension of the general solution to the state observation problem given by Theorem 5.2.1 to measurement uncertainties. However, to use eqn. (5.49) the probability distribution (5.48) must be known what is usually not the case. Therefore, assume that instead only the conditional probability distributions Prob(vp (k) = v | vp,M (k) = vM ) and Prob(wp (k) = w | wp,M (k) = wM ) (5.50)
164
5. Automata Theory for Process Supervision
Recursive solution to the current state observation problem for uncertain symbolical measurements Corollary 5.8.2. Consider an SP with the a–priori initial state probability distribution Prob(z(0)). If the conditional probability distribution (5.48) is given by the product on the right–hand side of eqn. (5.51) then the a–posteriori current state probability distribution for measured I/O pair (VM , WM ) is given by k>0: Prob(z(k) | VM (0...k), WM (0...k)) (5.44) P X L(k) · Prob(z(k) | V (0...k−1), W (0...k−1)) z(k+1) P · = z(k),z(k+1) L(k) · Prob(z(k) | V (0...k−1), W (0...k−1)) vM (k), · Prob(v(k) | vM (k)) · Prob(v(k) | vM (k)) wM (k) k=0: Prob(z(0) | vM (0), wM (0)) P X z(1) L(0) · Prob(z(0)) P · Prob(v(0) | vM (0)) · = z(0),z(1) L(0) · Prob(z(0)) vM (0), · Prob(v(0) | vM (0))
(5.45)
wM (0)
with the recursive relation k>1: Prob(z(k) | VM (0...k−1), WM (0...k−1)) (5.46) P X L(k−1)·Prob(z(k−1) | V (0...k−2), W (0...k−2)) z(k−1) P = z(k),z(k−1) L(k−1)·Prob(z(k−1) | V (0...k−2), W (0...k−2)) vM (k), · Prob(v(k) | vM (k)) · Prob(v(k) | vM (k)) wM (k) k=1: Prob(z(1) | vM (0), wM (0)) P X z(0) L(0) · Prob(z(0)) P · Prob(v(0) | vM (0)) · = z(1),z(0) L(0) · Prob(z(0)) vM (0), · Prob(v(0) | vM (0))
(5.47)
wM (0)
are given at each time instances k. This means that from an obtained I/O pair vM (k), wM (k) the probabilities for the symbols v and w actually occurring are known. Then, these distributions are used to approximate the distribution (5.48) by Prob(V (0...k), W (0...k) | VM (0...k), WM (0...k)) ≈
k Y κ=0
Prob(v(κ) | vM (κ)) ·
k Y κ=0
Prob(w(κ) | wM (κ)) .
(5.51)
5.8 Extensions**
165
Of course, eqn. (5.51) does, in general, not hold with equality sign. Because the inputs and outputs at different time instances are not stochastically independent. Hence, by using additional knowledge about the system, e.g. by the ˜ | v) corresponding to the “mean” output relation for all states, a relation H(w better estimate of the distribution on the left–hand side of eqn. (5.51) can be obtained than by the product on the right–hand side of the equation. However, the approximation by means of eqn. (5.51) allows to consider uncertain symbolical measurements for the recursive solution to the state observation problem. Assuming that eqn. (5.51) holds with equality sign, from (5.49) and the proof of Theorem 5.2.3 the corollary given on page 164 is immediate.
5.8.4 Unknown–Input Observer** With slight modifications, the state observer can be used to observe unknown input signals. Assume that the SP has measurable inputs v m ∈ Nvm and unknown inputs v u ∈ Nvu . Using a vectorial notation as in Section 5.8.2, the SP is represented by the SA S(Nz , Nvu × Nvm , Nw , L) with L(z 0 , w | z, (v m , v u )) = Prob(zp (1) = z
0
(5.52) , wp (0) = w | zp (0) = z, vpm (0) = v m , vpu (0) = v u )
.
It is assumed that the a–priori distribution Prob(v u ) of the unknown input is known but no a–priori information concerning the dynamics of the unknown input is available. That is, the relation Prob(vpu (k+1) = (v u )0 | vpu (k) = v u ) = Prob(vpu = v u )
(5.53)
is assumed to hold for all k. Composing the relations (5.52) and (5.53) yields a process where the input appears as state. This SP is represented by the SA ˜ with the behavioural relation S(Nz × Nvu , Nvm , Nw , L) ˜ L((z, v u )0 , w | (z, v u ), v m )
(5.54)
= Prob(zp (1) = z 0 , wp (0) = w | zp (0) = z, vpm (0) = v m , vpu (0) = v u ) · Prob(vpu = v u ) . Of course, this description does not contain any a–priori information about the temporal evolution of the unknown input, though the unknown input appears as a state variable in (5.54). This artificial transformation of the unknown input into a state variable allows the application of the state observer to estimate the unknown input. The result is stated as Corollary 5.8.3.
166
5. Automata Theory for Process Supervision
Observation of an unknown input Corollary 5.8.3. Consider an SP with the a–priori initial state probability distribution Prob(z(0)) and unknown inputs v u with the a–priori distribution Prob(v u ). If the I/O pair (V m , W ) is consistent with the SP, the a–posteriori current unknown input distribution is given by Prob(v u (k) | V m (0 . . . k), W (0 . . . k)) X = Prob(z(k), v u (k) | V m (0 . . . k), W (0 . . . k)) ,
(5.55)
z(k)
where the probability distribution on the right–hand side of eqn. (5.55) is obtained from the state observer described in Theorem 5.2.3 using the behavioural relation (5.54) and the initial state distribution Prob(z(0), v u (0)) = Prob(z(0)) · Prob(v u (0)). Remark 5.8.1. If some a–priori information concerning the temporal dependencies of the unknown inputs at successive time instances is available, it can be used instead of relation (5.53) in the composition (5.54). This is, in fact, identical to the solution to the fault diagnostic problem for quantised systems with separate fault process that will be introduced in Section 6.2.
5.9 Bibliographical Notes The approaches in literature differ from the observer presented here as they do not consider stochastic automata. Only in [99] an observation problem for stochastic automata is considered. However, the results obtained there hold only for stochastic automata for which the output is stochastically independent of the state. As this is in general not the case for discrete–event abstractions, this result has to be extended. The observer presented is this book provides the general solution to the state observation problem for stochastic automata. Similar approaches in literature concern the observation of discrete–event systems. In [140] the observation problem of nondeterministic automata is considered. It is solved by an observer which itself is an automaton, but which exists only in case that the state of the automaton can be unambiguously determined after a finite number of steps. Similarly, in [1], observers for interpreted Petri nets are given. Observers for linear automata similar to the Luenberger observer are described in [55]. An important issue in this chapter is the observability of automata. Observability conditions given in the literature on discrete–event systems differ from the notation of observability introduced here (cf. e.g. [104], [140], [157], [201]). They do not refer to a stochastic setting and usually claim that the state shall
5.9 Bibliographical Notes
167
be unambiguously determinable. As explained in detail in Section 5.4, this claim is to restrictive for stochastic automata. Therefore, a new notion of observability of stochastic automata is introduced which is not known in literature so far. The second part of this chapter deals with the diagnosis of stochastic automata. Except for first conceptual considerations presented in [103], no diagnostic approaches in literature are known that refer to stochastic automata. Those that concern discrete–event systems use other models like nondeterministic automata [52], [146], [191], continuous–time Markov models [205], Semi–Markov models [114] or probabilistic logic formulae [168]. At the end of the chapter, several extensions for the practical application are given. This concerns the problem to identify faults that occurred at any time in the entire past, an extension for uncertain symbolic measurements and the observation of unknown inputs. None of these problems for stochastic automata has been considered in literature so far. Furthermore, the generalised and dedicated observer schemes are developed for stochastic automata at the end of the chapter. These schemes have been developed for the use with continuous–variable systems (cf. [53]) and have been applied in [205] to observers based on continuous–time Markov models. The schemes presented here are based on these publications. However, the different theoretical frameworks leads to significant differences in the realisation of the schemes.
6. State Observation and Diagnosis of Quantised Systems
This chapter concerns state observation and fault diagnosis of quantised systems. These supervision tasks are solved in Sections 6.1 and 6.2 by means of a qualitative model of the quantised system. Section 6.3 concerns the diagnosis of sensor and actuator faults.
6.1 State Observation of Quantised Systems 6.1.1 Problem Statement Figure 6.1 shows the current state observation problem of the quantised system. The task is to determine a set of states X (k) guaranteed to include the state x(k) of the continuous–variable system based on the quantised measurement sequences [U (0 . . . k)] and [Y (0 . . . k)]. This aim differs from that of classical observers like the Luenberger observer, whose aim is to determine ˆ (k) converging to x(k) for increasing time horizon k. an approximate state x Classical observers use numerical measurements, whereas here only quantised inputs and outputs are available. The observation problem considered in the following does not concern sets X (k) but, more generally, probability density functions of the state. The following observation problem is considered: Current state observation problem. Given: Quantised system QS(Rn , Rm , Rr , Nu , Ny , piu , Qy (j), g, h). Quantised measurement sequences [U (0 . . . k)], [Y (0 . . . k)]. A–priori initial state density function px0 (x). Find: Current state probability density function px,k (x, k | [U (0 . . . k)], [Y (0 . . . k)]). From these probability density functions, the sets X k (k | [U ], [Y ]) of states guaranteed to include the current state x(k) can be obtained from the support of the density: J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 169-197, 2003. Springer-Verlag Berlin Heidelberg 2003
170
6. State Observation and Diagnosis of Quantised Systems
Quantised u (k ) system
Discrete-time continuousvariable system x (k)
Quantiser
y (k )
Quantiser
[u (k )]
[ y(k )] Model of the quantised system State observer Xk( k | [ U(0... k)], [ Y (0... k)]) px,k( x , k | [ U(0... k)], [ Y (0... k)] )
Fig. 6.1. Current state observation problem.
X k (k | [U ], [Y ]) = supp(px,k (x, k | [U ], [Y ])) ,
(6.1)
where the abbreviations [U ] and [Y ] are used throughout this section and mean the quantised input and output sequences up to time instance k. Because of eqn. (6.1) the set observation problem needs no extra treatment as its solution is included in the solution to the above observation problem. In addition to the current state observation problem, an initial state observation problem can be posed similarly to Section 5.1. An approximate solution to this problem can be obtained in analogy to the solution to the current state observation problem given below. 6.1.2 Solution to the State Observation Problem As shown in in Sections 3.4 and 3.6 a precise representation of the quantised system is very complex. Therefore, no precise solution to the above observation problem is presented in this section. Instead an approximate solution will be given which is simple and at the same time detailed enough for the practical application as shown in Chapter 9. The main idea is to solve the observation problem by using the qualitative model instead of a precise description of the quantised system. This is shown in Figure 6.2. Assuming that the quantised system behaves like the Markov process represented by the qualitative model, the observation problem is solved by using Theorem 5.2.2 or recursively by means of Theorem 5.2.3. The application of Theorem 5.2.3 to the observation problem is straightforward. The inputs and outputs of the qualitative model correspond to those
6.1 State Observation of Quantised Systems
Quantised u (k ) system
Discrete-time continuousvariable system x (k)
Quantiser
171
y (k )
Quantiser
v ( k)=[u (k )]
w (k)=[ y(k )] Qualitative model State observation for SA
Prob ([ x (k )] | [ U(0... k)], [ Y (0... k)]) Fig. 6.2. Solution to the current state observation problem.
of the quantised system. Hence, the measured quantised input and output sequences directly correspond to the I/O pair (V, W ). To apply Theorem 5.2.3, the a–priori initial state probability distribution of the process is required. It is obtained by transforming the given initial state density function px0 over the continuous–variable state into a probability distribution over the quantised state by means of the density quantiser QN introduced in Section 3.5.3. However, the density quantiser QN and the density injector IN in that section are defined on probability vectors corresponding to discrete probability distributions. For notational convenience, however, they are used below to directly describe the relation between the distribution and the density. Note that the qualitative model does not, in general, allow to determine the probability distributions Prob([x(k)] | [U (0 . . . k)], [Y (0 . . . k)]) precisely. This is because the qualitative model is just an approximate model which possesses the Markov property (cf. Section 3.5.3). On the other hand, the quantised system, in general, does not possess this property. In fact, the Markov property of the qualitative model is the reason for the simplicity of the presented solution to the state observation problem. But at the same time it is the reason for the approximative character of the solution. In order to distinguish between the precise and the approximate distribution obtained from the application of Theorem 5.2.3, the approximate distribution is denoted by \ | [U (0 . . . k)], [Y (0 . . . k)]) . Prob([x(k)]
(6.2)
Form the determined probability distribution (6.2), a current state probability density function is obtained from
172
6. State Observation and Diagnosis of Quantised Systems
\ pd x,k (x, k | [U ], [Y ]) := IN Prob([x(k)] | [U (0 . . . k)], [Y (0 . . . k)]) . (6.3) In summary, the modified state observation problem and its solution are as follows. Approximate solution to the current state observation problem Given:
Qualitative model S(Nx , Nu , Ny , L) of the quantised system. Quantised measurement sequences [U (0 . . . k)], [Y (0 . . . k)]. A–priori initial state distribution Prob([x(0)]) = QN px0 (x).
Find:
Approximation of the discrete probability distribution Prob([x(k)] | [U (0 . . . k)], [Y (0 . . . k)]).
Solution: Obtained from Theorem 5.2.3 as follows: - use the symbolical input sequence V (0 . . . k) = [U (0 . . . k)] and the symbolical output sequence W (0 . . . k) = [Y (0 . . . k)] - use the initial state distribution Prob(z(0)) = QN px (x) - interpret the resulting probability distribution (5.10) as \ | [U (0 . . . k)], [Y (0 . . . k)]). Prob([x(k)] For the current state probability density function (6.3) obtained from the solution to the quantised state observation problem, the following holds.
Completeness of the solution to the state observation problem Theorem 6.1.1. Consider the state observation of a quantised system where the actual initial state of the continuous–variable system satisfies the relation x0 ∈ supp(px0 (x)) for the given initial state density px0 . If the SA S(Nx , Nu , Ny , L) is an I/O–complete and I/S–complete model of the quantised system then the density (6.3) satisfies the relation supp(pd x,k (x, k | [U ], [Y ])) ⊇ supp(px,k (x, k | [U ], [Y ]))
(6.4)
for every measured I/O pair ([U (0 . . . k)], [Y (0 . . . k)]) almost everywhere, i .e. the above relation might only be violated on sets of measure zero. Proof. See Appendix C.21.
t u
As the qualitative model is according to Theorem 3.5.1 an I/O–complete and I/S–complete model of the quantised system, Theorem 6.1.1 applies to every qualitative model of a quantised system independently of the state space partition. However, the theorem also applies to every SA satisfying the conditions of Lemma 3.5.1.
6.1 State Observation of Quantised Systems
173
In addition to the result of the theorem, the probability density function (6.3) provides an approximate solution to the state observation problem as it can be used as approximation of the density px,k (x, k | [U ], [Y ]). It is intuitively clear that for increasingly finer quantisation of the state space, the approximate density (6.3) converges to px,k (x, k | [U ], [Y ]), as the same holds true for simulation (cf. Lemma 3.6.2). However, this intuitive result has neither been investigated nor proved. Due to the completeness of the qualitative model, it is clear that if the I/O pair ([U (0 . . . k)], [Y (0 . . . k)]) is inconsistent with the qualitative model, the set of currently possible states must be empty. Clearly, if there is no sequence of states in the qualitative model that can generate the measured I/O pair, there can be no such state sequence in the quantised system because relation (3.90) always holds. This is summarised by the following corollary: Corollary 6.1.1. If the measured I/O pair ([U (0 . . . k)], [Y (0 . . . k)]) is inconsistent with the qualitative model, then the set of currently possible states is empty and no solution to the current state observation problem for the quantised system exists. 6.1.3 State Observation Algorithm for Quantised Systems The state observation algorithm for quantised systems is given by Algorithm 6.1. It is analogous to Algorithm 5.1 given in Section 5.3.2. As before, the functions pint : Nx → [0, 1] ,
pres : Nx → [0, 1] ,
haux : Nx → [0, 1]
are used for the formulation of Algorithm 6.1. Due to Theorem 6.1.1 the resulting probability distribution \ | [U (0 . . . k)], [Y (0 . . . k)]) Prob([x(k)] is a conservative approximation of the actual probabilities of the quantised states. Analogous to the observation of SA, the algorithm must be stopped in case of a vanishing denominator. According to Corollary 6.1.1 a vanishing denominator equivalently corresponds to an inconsistent I/O pair or a wrong a–priori initial state distribution. 6.1.4 Remarks on the Observability of Quantised Systems* The observability of quantised systems has been considered in literature only by a few authors. Studies referring to the observability of hybrid systems e.g. in [12] usually assume that the continuous variables are measured numerically, and can, therefore, not be directly used for the situation considered here. In [152], quantised outputs are considered but observability is defined
174
6. State Observation and Diagnosis of Quantised Systems
Quantised state observation algorithm for quantised systems described by a qualitative model Algorithm 6.1 Given: Qualitative model of the quantised system S(Nx , Nu , Ny , L) A–priori initial state probability distribution Prob([x(0)]) = QN px,0 (x) Do:
Set pint (z) = Prob([x(0)]p = z) for all z ∈ Nx Do wait for new measurements [u] and [y] P z , [y] | z, [u]) · pint (z) for all z ∈ Nx determine haux (z) = z¯ L(¯ P if z haux (z) = 0 holds, stop the algorithm (inconsistent I/O pair or wrong initial state distribution) P P for all z ∈ Nx determine pint (z) = z¯L(z, [y] | z¯, [u])·pint (¯ z )/ z haux (z) P for all z ∈ Nx determine pres (z) = haux (z)/ z haux (z) Loop
Result: Approximation of the current quantised state probabilities \p = z | [U ], [Y ]) for all z ∈ Nx pres (z) = Prob([x(k)]
merely for linear systems with deterministic injection and event–based sampling. On the other hand, studies based on purely discrete models e.g. in [104], [157] only apply if the continuous variables are quantised. They can only refer to a partitioned state space and are, therefore, only indirectly related to the observability issue of quantised systems. Similarly, the results obtained in Section 5.4 concerning the observability of stochastic processes represented by SA can only be used to study the observability of quantised systems with respect to a partitioned state space. Therefore, observability is defined below for a given quantised state space. First note that eqn. (2.30) and Corollary 5.4.1 yield the following result: Corollary 6.1.2. An SP is stochastically unobservable if and only if the relation Prob(Z(1 . . . k+1), W (0 . . . k) | V (0 . . . k), z(0)) (6.5) = Prob(Z(1 . . . k+1) | V (0 . . . k), z(0)) · Prob(W (0 . . . k) | V (0 . . . k)) =
k Y i=0
G(z(i+1) | z(i), v(i)) ·
k Y
˜ H(w(i) | v(i))
i=0
holds for all state, input and output sequences and for all initial states z(0). From the duality of the stochastic and the set representation problems posed in Section 3.2.3 and the sets (3.87) and (3.88) of sequences generated by the
6.1 State Observation of Quantised Systems
175
quantised system, it is clear that for given initial state density px0 (x) and given state space partition the conditional probability distribution Prob([X(1 . . . k+1)], [Y (0 . . . k)] | [U (0 . . . k)], px0 ) exists and represents the behaviour of the quantised system. Based on this distribution, stochastic unobservability of the quantised system can be defined in the spirit of Corollary 6.1.2 as follows: Definition 6.1.1. A quantised system (3.13) is called stochastically unobservable with respect to a given state space partition (Nx , pix ) if the relation Prob([X(1 . . . k+1)], [Y (0 . . . k)] | [U (0 . . . k)], px0 )
(6.6)
= Prob([X(1 . . . k+1)] | [U (0 . . . k)], px0 ) · Prob([Y (0 . . . k)] | [U (0 . . . k)]) holds for all quantised state, input and output sequences and for all initial state densities px0 ∈ D(Rn ). According to this definition, the quantised system is called unobservable if there is no stochastic relation between the quantised output sequence and the quantised state sequence. This means that the quantised output sequence does not contain any information about the quantised state sequence. Accordingly, the first factor on the right–hand side of eqn. (6.6) represents the solution to the observation problem for stochastically unobservable quantised system which means that the solution to the observation problem is given by the simulation of the initial density function px0 . The relation between unobservability of the qualitative model and the quantised system is given by the following result. Unobservability of the quantised system Lemma 6.1.1. If the quantised system is stochastically unobservable with respect to a state space partition (Nx , pix ) then the SP represented by the corresponding qualitative model is also stochastically unobservable. Proof. If the quantised system is stochastically unobservable then eqn. (6.6) holds for all k. In particular, for k = 1 this means that the relation Prob([x(1)], [y(0)] | [u(0)], px0 ) = Prob([x(1)] | [u(0)], px0 ) · Prob([y(0)] | [u(0)]) holds for all quantised states, inputs and output and for all initial densities. In particular, the last equation holds for all initial densities satisfying
176
6. State Observation and Diagnosis of Quantised Systems
px0 = IN pz (0) with pz (0) ∈ W N . The equation therefore implies according to Definition 5.4.1 the unobservability of the qualitative model. t u Hence, according to Lemma 6.1.1, the stochastic unobservability of the qualitative model is a necessary condition for the unobservability of the quantised system. But obviously, the condition cannot be sufficient. If longer quantised output sequences are stochastically dependent of the state sequences, meaning that the quantised system is not stochastically unobservable, then this cannot be represented by a Markov model containing only the single–step transition probabilities. On the other hand, stochastic observability of the SP means that the decomposition (6.5) is not even possible when restricting the state sequences to those within a subset of at least two states. This could provide a sufficient condition to an equivalent definition for the quantised system. The drawback is, however, that the restriction to densities satisfying px0 = IN pz (0) does not allow to formulate a sufficient observability condition. This is because the qualitative model cannot distinguish two initial densities p1x0 , p2x0 , p1x0 6= p2x0 satisfying supp(IN QN p1x0 ) = supp(IN QN p2x0 ). However, these two initial densities can have different properties concerning the decomposition (6.6). Nevertheless, for increasingly finer state space partition it is intuitively clear that the observability of the qualitative model means that the quantised state and output sequences can be distinguished for all initial densities. In the limit N → ∞, observability of the quantised system then means that the quantised output sequences are different for different numerical initial conditions. This is, in fact, the observability definition given for continuous system with symbolical measurements in [152], [182]. 6.1.5 State Observation of the Running Example Example 6.1.1. The state observation shall be illustrated in detail by means of the two–tank system described in Section 1.4. Throughout the example, the upper valve V12u is closed and no leak occurs. As input to the system the position of the valve V12l is considered at discrete positions v12l = 0 or v12l = 1 for closed or opened valve respectively. The pump can be either switched off with a flow qp = 0 or switched on. When switched on, the pump velocity is unknown, i.e. 0 < vp ≤ 1 holds. Hence, the input space consists of continuous as well as discrete variables for which the extensions of Section 3.3.3 apply. However, the understanding of this theoretical extension is not required for the example. In order to comply with the formal introduction of mixed discrete and continuous spaces, the way the flow qp of the pump appears in the model needs to be slightly modified. In contrast to Section 1.4, the flow is modelled by cp vp (t) for h1 (t) ≤ hmax , 0 < vp (t) ≤ 1 and p1 (t) = 1 qp (t) = 0 otherwise , with the additional discrete valued input p1 (t) which can be either 1 meaning pump on, or 0 for pump off. Thus, the input space consists of the variables vp , p1 and
6.1 State Observation of Quantised Systems
p1
177
[u]=4
1
[u]=3 [u]=2
0
[u]=1
0
1
0 v p1
1
[y]=1 [y]=2
v12l
0
[y]=3 10 q 2
6
3
Fig. 6.3. Partition of the input space (left) and output space (right).
0.81 0.09
7
0.
0.27
0.
0.01
0.02
0.01
0.4
0.26
0.02
17
0. 0. 04
0.35 0.63
5
0.09
6
0.3
1
9 0.3 0.09
0.37 0.63
9
1
0.01
52
0.
34
0.
0.63
0.01
02
0.6
3
5
0.64
0.37 0.63
2
0.13
0.
4
0.74
0.74
0.74
1
0.35
0.09
0.01
0.04
6
0.26
0.26
5
0.04
8
0.4
0.13
0.13
0.13
0.13
0.13
0.13
4
0.49
03
9
01
8
0.47
7
0.74
0.74
0.74
2
0.0
5
3
0.01
0.37
Fig. 6.4. Automaton graph of the qualitative model of the two–tank system for pump off and closed valve V12l (left) or opened valve (right).
v12l . The partition of the three dimensional input space is shown on the left–hand side of Figure 6.3. The output variable is the outflow qˆ2 (t) of the right tank. The output space partition is shown on the right–hand side of the Figure 6.3. The state space is partitioned as shown in Figure 3.6. For all densities piu and pix , uniform distributions are used. The sampling time is Ts = 10 s. The automaton graph of the resulting qualitative model is shown in Figure 6.4 for the pump switched off and for closed or opened valve V 12l respectively. As before, the three outputs are distinguished by the colour and thickness of the edges, from thin black lines for [y] = 1 to thick light grey lines for [y] = 3. Observability. First, the observability of the tank system is checked using the qualitative model. This is done separately for the four inputs with the result given below, where the state numbering is as shown in Figure 3.6. [u] = 1 unobservable sets strongly unobserv. sets
[u] = 2
[u] = 3
{1, 2, 3}, {4, 5, 6} {4, 5, 6} {1, 2, 3}, {4, 5, 6} {1, 2, 3} {1, 2, 3}
[u] = 4 {4, 5, 6}
178
6. State Observation and Diagnosis of Quantised Systems
Hence, the system is neither stochastically unobservable as none of the sets is equal to Nz nor stochastically observable because for all inputs, the SP is unobservable within the set {4, 5, 6}. However, the tank system is weakly observable as there is no strongly unobservable set for all inputs.
3
0.182 0.313 0.129
2
1
0.21 0.5 0.29
0.109 0.189
0.109 0.189
2
0.078
0.078
3
0.291 0.502 0.207
1
0.29 0.5 0.21
0.29 0.5 0.21
Nevertheless, for closed connecting valve V 12l , the tank system is strongly unobservable within the set Nxu = {1, 2, 3}. That is, it can never be distinguished between these states unless a different input is applied, i.e. unless the valve is opened. This is an intuitive result, as the states {1, 2, 3} mean different levels in the left tank which, of course, cannot be distinguished from the outflow of the right tank if the connecting valve is closed.
0.129 0.313 0.182
Fig. 6.5. Automaton graph obtained from the graph on the left–hand side of Figure 6.4 by lumping together the states {1, 4, 7}, {2, 5, 8} and {3, 6, 9} (left). Analogous graph for pump switched on (right).
A closed connecting valve does, however, not necessarily mean that states with the same quantised level of the left tank form an unobservable set of states. For example, the tank system is not unobservable within the set {7, 8, 9}. This is because the quantised output contains information concerning the successor state, and hence, within the states {7, 8, 9}, simulation and observation differ. However, the structural unobservability of the left tank for closed connecting valve can also be seen from the qualitative model. For this analysis, the states {1, 4, 7}, {2, 5, 8} and {3, 6, 9}, corresponding to different levels in the right tank but same levels in the left tank, are lumped together. The resulting automaton graphs for pump off and on are shown in Figure 6.5. They are obtained by joining all edges of the states {1, 4, 7} etc. and by dividing the resulting probabilities by three. The two automata of Figure 6.5 are stochastically unobservable. This reflects the property that from the quantised outflow of the right tank, the level in the left tank cannot be determined for a closed connecting valve. Observation results. Now the observation Algorithm 6.1 is applied to the two– tank system using the qualitative model derived above. On the left–hand side of Figure 6.6, the input sequence used in the experiment is shown. It can be seen that until time k = 4 the connecting valve is closed (cf. Figure 6.3). The quantised output sequence obtained in the experiment is shown on the right–hand side of Figure 6.6. The initial state is unknown, represented by the a–priori initial state density function px0 (x) = 1/0.36 · 1[0,0.6]×[0,0.6] . From this density the a–priori initial state distribution is obtained by means of the density quantiser QN Prob([x(0)]) = QN px0 (x) = { 1/18
···
1/18
2/9
2/9
2/9 } .
(6.7)
Note that the initial state distribution is not uniform because the partition sets Qx (i) have different measures.
6.1 State Observation of Quantised Systems
179
Fig. 6.6. Quantised input sequence (left) and sequence of output interval measurements (right).
Fig. 6.7. Observation result for the levels of the left and right tank.
Fig. 6.8. Quantised levels of the left and right tank obtained from simulation.
\ | [U (0 . . . k)], [Y (0 . . . k)]) is shown in Figure 6.7 The observation result Prob([x(k)] for k = 0, . . . , 11. The resulting probability distributions are projected to the quantised levels of the left and right tank. Therefore, first the probability distribution Prob([x(k)]) is interpreted as joint probability distribution Prob([x(k)]) = Prob([x1 (k)], [x2 (k)]), where x1 and x2 denote the level in the left and right tank, respectively. This is possible because the state space is partitioned independently in the directions of x1 and x2 . Projecting Prob([x(k)]) to the quantised levels [x1 ] and [x2 ] thus means to determine the boundary probability distribution
180
6. State Observation and Diagnosis of Quantised Systems
\ Prob([x 1 (k)]) =
X
Prob([x1 (k)], [x2 (k)])
[x2 (k)]
={
X
\ Prob([x(k)])
{1,4,7}
= { Prob([x\ 1 (k)]p = 1)
X
\ Prob([x(k)])
X
\ } Prob([x(k)])
{2,5,8}
{3,6,9}
Prob([x\ 1 (k)]p = 2)
Prob([x\ 1 (k)]p = 3) }
for the left tank and analogously for the right tank. First, the observation result is compared to simulation. The simulation result for the same input sequence and the same initial state distribution is shown in Figure 6.8. It can be seen that as long as the connecting valve is closed and, hence, the output only contains information concerning the level of the right–tank, the probability distributions of the left tank are equal for simulation and observation up to time k = 4. After opening the valve, however, the observation and simulation results differ significantly for both tanks. This is the expected result explained in the observability analysis.
Fig. 6.9. Precise observation result for the quantised two–tank system.
For further comparison, Figure 6.9 shows the sets X k (k | [U ], [Y ]) projected to the first state variable x1 . The sequence of sets represents the exact solution to the observation problem of the quantised system without stochastics. The sets were determined by using the equations of the two–tank system, the quantiser and the injector without approximating the solution sets. This precise solution is to be compared with the solution obtained from the qualitative observer shown on the left–hand side of Figure 6.7. It can be seen that the observer based on the qualitative model yields a good approximation of this precise solution. Quantised states in which the quantised system cannot be have either a very low probability or are correctly excluded by the qualitative observer. On the other hand, for those quantised states in which the quantised system can actually be, the qualitative observer yields a high probability.
6.2 Diagnosis of Quantised Systems
181
6.2 Diagnosis of Quantised Systems 6.2.1 Problem Statement Diagnostic problem. The diagnostic problem for quantised systems is posed in analogy to the diagnostic problem for Markov processes and to the observation problem of Sections 5.5.1 and 6.1.1, respectively. The structure of the diagnostic scheme is shown in Figure 6.10. The precise way the fault is modelled is left open at first, and is introduced at the end of this section by extending the definitions of Section 3.2.4. The fault appears in the quantised systems as continuous variable e(k) that can change over time. Like the state of the quantised system, the fault at time k is described by a density function pe (e, k), assuming that the initial a–priori density function pe0 (e) is known. With this, the diagnostic problem is as follows:
Quantised system x(k) [u (k )]
e (k) [ y(k )]
Model of the quantised system Fault diagnosis pe,k ( e, k | [ U(0... k)], [ Y (0... k)]) Fig. 6.10. Fault diagnostic problem of quantised systems.
Fault diagnostic problem. Given: Quantised system with continuous states x and faults e. Quantised measurement sequences [U (0 . . . k)], [Y (0 . . . k)]. A–priori initial state density function px0 (x). A–priori initial fault density function pe0 (e). Find: Current fault probability density function pe,k (e, k | [U ], [Y ]). Throughout this section, it is assumed that the current input is independent of the state and fault.
182
6. State Observation and Diagnosis of Quantised Systems
Modelling of faults in quantised systems. In Section 3.2.4, the fault has been introduced as additional input to the quantised system. The reason for this will become clear at the end of this section. In principle, however, this viewpoint must be extended for fault diagnosis.
Quantised system for diagnosis
Fault process e (k)
[u (k)]
Injector
u (k)
e
x(k)
Discrete-time Quantiser continuous-variable system x y (k)
[ y (k)]
Fig. 6.11. Quantised system with embedded fault process.
For diagnosis, it is important how the fault influences the system behaviour and also how the fault can change over time. Clearly, the latter requires a dynamical fault model. Therefore, for diagnosis, the quantised system shown in Figure 6.11 must be considered with the fault dynamics described by an embedded fault process. The way the fault appears in Figure 6.11 is very general. It allows to represent fault dynamics in dependence upon the input and state of the continuous– variable system. However, in a practical application, the quantised system will only rarely be given in this form, because a numerical model of the dynamical fault process is, in general, difficult to determine. Therefore, a simplified structure of the quantised system is considered which is shown in Figure 6.12. The simplifications concern two aspects: 1. The dynamics of the fault is assumed to be independent of the system state and input. 2. The qualitative rather than the numerical fault dynamics is considered. The resulting system shown in Figure 6.12 consists of two parts. One is the quantised system with the fault as additional input as introduced in Section 3.2.4. The second part is the quantised fault process. In contrast to the fault process in Figure 6.11, the quantised rather than the numerical fault dynamics must be modelled for diagnosis. Model of the quantised fault process. In general, the appearance of a certain fault symbol [e(k)] at time k is random. That is, the quantised fault process must be described as a discrete stochastic process. As such, it is characterised by the conditional probability distributions Prob([e(k+1)] | [e(k)], [e(k−1)], . . . , [e(0)])
6.2 Diagnosis of Quantised Systems
Quantised system for diagnosis
Quantised fault process
183
e
[ e (k)] Quantised system with the fault as input
Injector e (k)
[u (k)]
Injector
u (k)
Discrete-time y (k) Quantiser continuous-variable system x
[ y (k)]
Fig. 6.12. Quantised system with separate quantised fault process.
(cf. Section 2.2). It is assumed in the following that the stochastic process of the fault possesses the Markov property and is homogenous. Hence, the relation Prob([e(k+1)] | [e(k)], . . . , [e(0)]) = Prob([e(1)] | [e(0)])
(6.8)
holds for all times k and for all quantised faults. Thus, the quantised fault process is represented by an autonomous SA Sf (Ne , Gf ) with the fault transition relation Gf (f 0 | f ) defined as Gf (f 0 | f ) = Prob([e(1)] = f 0 | [e(0)] = f ) .
(6.9)
Remark 6.2.1. In case that the quantised fault process is inhomogeneous or does not possess the Markov property, the SA Sf (Nf , Gf ) must be a complete qualitative fault model. That is, all sequences of quantised faults that are generated by the quantised fault process with nonzero probability must also be generated by the model. Remark 6.2.2. The first simplification made above to decompose the quantised system with embedded fault process is made under an assumption which is not always satisfied in a practical application. To give an example, wear–off in a mechanical system is usually stronger if the system is operated under extreme conditions and, therefore, a failure becomes more likely. Hence, in this case, the fault probability depends on the history of states and inputs. In fact, the motivation for this simplification is to reduce the difficulties that arise when modelling the fault dynamics. The nature of the faults would not suggest this assumption. Quantised fault diagnostic problem. Based on the quantised system shown in Figure 6.12 with a separate quantised fault process, the following simplified fault diagnostic problem is posed:
184
6. State Observation and Diagnosis of Quantised Systems
Quantised fault diagnostic problem. Given: Quantised system augmented by faults QS(Rn , Rm , Rr , Rs , Nu , Ny , Ne , piu , pje , Qy (l), g, h). Quantised fault process represented by Sf (Ne , Gf ). Quantised measurement sequences [U (0 . . . k)], [Y (0 . . . k)]. A–priori initial state density function px0 (x). A–priori initial fault probability distribution Prob([e(0)]). Find: Current fault probability distribution Prob([e(k)] | [U ], [Y ]). An approximate solution to this diagnostic problem will be given in the next section. Remark 6.2.3. In analogy to Section 6.1.2, the relation of the above diagnostic problem to the problem posed at the beginning of this section can be described by means of a density injector IS and a density quantiser QS for the fault. The operators IS and QS are defined in analogy to Section 3.5.3 for an S-dimensional discrete fault distribution and refer to the density functions pie (e) defined by the fault injector. By using Prob([e(0)]) = QS pe0 (e) and by setting pe,k (e, k | [U ], [Y ]) = IS Prob([e(k)] | [U ], [Y ]) an approximate solution to the fault diagnostic problem posed at the beginning of this section is obtained from the discrete fault probability distributions.
6.2.2 Solution to the Quantised Fault Diagnostic Problem As before, the main idea for the solution is to use a qualitative model of the quantised system for diagnosis. Then the solution to the fault diagnostic problem is obtained from Theorem 5.6.1. Theorem 5.6.1 is based on an SA where the fault is given as additional state variable. Hence, in order to apply this result, the system given in Figure 6.12 must be described by an SA of the form S(Nz , Nv , Nw , Nf , L) with the behavioural relation L given by eqn. (5.30). Therefore the conditional probability distribution Prob([x(1)], [e(1)], [y(0)] | [x(0)], [e(0)], [u(0)])
(6.10)
which can be interpreted as a qualitative model of the quantised system with the fault as additional state variable is needed. Due to the structure of the quantised system shown in Figure 6.12 the quantised successor fault [e(1)] is independent of the quantised successor state [x(1)] and the quantised output [y(0)] given the quantised state, fault and input. Accordingly, the distribution (6.10) can be written as product Prob([x(1)], [e(1)], [y(0)] | [x(0)], [e(0)], [u(0)]) = Prob([x(1)], [y(0)] |[x(0)], [e(0)], [u(0)])·Prob([e(1)] |[x(0)], [e(0)], [u(0)]) .
6.2 Diagnosis of Quantised Systems
185
Furthermore, according to Figure 6.12, the quantised successor fault [e(1)] is independent of the quantised state [x(0)] and input [u(0)]. Hence, the conditional probability distribution (6.10) becomes Prob([x(1)], [e(1)], [y(0)] | [x(0)], [e(0)], [u(0)])
(6.11)
= Prob([x(1)], [y(0)] | [x(0)], [e(0)], [u(0)]) · Prob([e(1)] | [e(0)]) . The first factor on the right–hand side of eqn. (6.11) is given by the qualitative ˜ as described at the end of Section 3.5.3. The model S(Nx , Nu , Ny , Ne , L) second factor corresponds to the quantised fault process given by the model Sf (Ne , Gf ). Hence, the behavioural relation L(z 0 , f 0 , w | z, f, v) required for the solution to the quantised fault diagnostic problem is obtained from ˜ 0 , w | z, f, v) · Gf (f 0 | f ) . (6.12) L(z 0 , f 0 , w | z, f, v) = L(z Similarly, the a–priori initial state and fault distribution required for the application of Theorem 5.6.1 is obtained from the composition Prob([x(0)], [e(0)]) = Prob([x(0)]) · Prob([e(0)]) . Analogous to the solution to the quantised state observation problem, the solution to the quantised fault diagnostic problem described below yields an approximation of the sought distribution Prob([e(k)] | [U (0 . . . k)], [Y (0 . . . k)]) which is denoted by \ | [U (0 . . . k)], [Y (0 . . . k)]) . Prob([e(k)]
(6.13)
Approximate solution to the quantised fault diagnostic problem Given:
˜ Model of the quantised system S(Nx , Nu , Ny , Ne , L). Model of the quantised fault process Sf (Ne , Gf ). Quantised measurement sequences [U (0 . . . k)], [Y (0 . . . k)]. A–priori initial state distribution Prob([x(0)]) = QN px0 (x). A–priori initial fault probability distribution Prob([e(0)]).
Find:
Approximation of the discrete probability distribution Prob([e(k)] | [U (0 . . . k)], [Y (0 . . . k)]).
Solution: Obtained from Theorem 5.6.1 as follows: - use the symbolical input sequence V (0 . . . k) = [U (0 . . . k)] and the symbolical output sequence W (0 . . . k) = [Y (0 . . . k)] - use the initial state and fault distribution Prob(Mzf ([x(0)], [e(0)])) = QN px0 (x) · Prob([e(0)]) ˆ - use the behavioural relation (6.12) for L - interpret the resulting probability distribution (5.32) as \ | [U (0 . . . k)], [Y (0 . . . k)]). Prob([e(k)]
186
6. State Observation and Diagnosis of Quantised Systems
Completeness of the solution to the quantised fault diagnostic problem Theorem 6.2.1. Consider a quantised system for fault diagnosis with the fault process represented by Sf (Ne , Gf ) and assume that the given initial fault distribution Prob([e0 ]) is nonzero for the actual initial quantised fault [e0 ]. If the SA S(Nz , Nu , Ny , Ne , L) is an an I/O–complete model of the quantised system then the relation Prob([e(k)]p = f | [U (0 . . . k)], [Y (0 . . . k)]) > 0
(6.14)
\p = f | [U (0 . . . k)], [Y (0 . . . k)]) > 0 ⇒ Prob([e(k)] holds for every measured I/O pair ([U (0 . . . k)], [Y (0 . . . k)]) and for all fault symbols f ∈ Ne with an arbitrary initial state probability distribution of the SA satisfying Prob(zp (0) = i) > 0, ∀i ∈ Nz . Proof. See Appendix C.22.
t u
Completeness of the diagnostic result. The above solution to the quantised fault diagnostic problem is formulated for a qualitative model of the quantised system. According to Theorem 3.5.1, the qualitative model is an I/O–complete and an I/S–complete model of the quantised system. Fault diagnosis, however, does not require the use of an I/S–complete model (cf. Theorem 6.2.1). Instead, any I/O–complete model can be used. If, however, the state of the SA is not directly related to the state of the quantised system the diagnosis cannot be initialised with the distribution QN px0 (x). Instead, adequate a–priori information must be given, e.g. a uniform distribution. The following result concerns the completeness of the diagnostic result (6.13) and is formulated for an I/O–complete model with arbitrary state set Nz . For the theorem it is assumed that a–priori no initial states are excluded. Theorem 6.2.1 is given at the top of this page. As a qualitative model is an I/O–complete model of the quantised system, Theorem 6.2.1 applies for arbitrary state space partitions. However, as a qualitative model is also I/S–complete, it need not necessarily be initialised with a distribution satisfying Prob([x(0)]p = i) > 0, ∀i ∈ Nx . Provided that the initial condition of the embedded continuous–variable system satisfies the condition x0 ∈ supp(px0 (x)), it is clear from the proof of the theorem that relation (6.14) is also satisfied when using Prob([x(0)]) = QN px0 (x) as initial state distribution.
6.2 Diagnosis of Quantised Systems
187
Interpretation of the diagnostic results. Theorem 6.2.1 allows to conclude from the diagnostic results obtained by means of the qualitative model on the fault occurring in the quantised system. Therefore, note that relation (6.14) implies the relation \p = f | [U (0 . . . k)], [Y (0 . . . k)]) = 0 Prob([e(k)]
(6.15)
⇒ Prob([e(k)]p = f | [U (0 . . . k)], [Y (0 . . . k)]) = 0 .
(6.16)
This means that if a certain fault f can be excluded by means of the qualitative model, then this fault is proved not to occur in the quantised system. In particular, the fault symbol f0 corresponding to the faultless case relation (6.15) provides a fault detection mechanism as shown below. The following corollary summarises the interpretation of the diagnostic result. It is formulated in terms of the set d [E k ](k | [U ], [Y ]) = { f | Prob([e(k)]p = f | [U (0 . . . k)], [Y (0 . . . k)]) > 0 } ⊆ Ne of all quantised faults for which the diagnostic result (6.13) yields a nonzero probability. Corollary 6.2.1. Within the considered fault space Rs the diagnostic result has the following interpretation concerning the fault occurring in the quantised system: Fault detection. Some fault is proved to be present in the quantised system if d f0 6∈ [E k ](k | [U ], [Y ]) holds, where f0 represents the faultless case. d Fault isolation. Only faults fi ∈ [E k ](k | [U ], [Y ]) are possibly present in the quantised system. Fault identification. The fault fi , i 6= 0 is proved to be present if d [E k ](k | [U ], [Y ]) = {fi } holds. Faultless operation. The quantised system is proved to be faultless if d [E k ](k | [U ], [Y ]) = {f0 } holds. Remark 6.2.4. Note that the above corollary is under the assumption that the actual fault lies within the fault space Rs . This assumption is also referred to as closed world assumption [108]. This assumption concerns the last three interpre\p = f0 ) = 1 holds, it tations of Corollary 6.2.1. For example, even if Prob( [e(k)] cannot be guaranteed that not a fault outside of Rs , i.e. a fault not contained in the model occurs in the system. The closed world assumption is not affected by \p = f0 ) = 0 holds, it is guaranteed that a the fault detection. That is, if Prob([e(k)] fault is present, independent of whether it is included in the model or not. Diagnosability. Concerning the diagnosability of the quantised system in principle, the remarks of Section 6.1.4 apply. That is, stochastic undiagnosability of the qualitative model is a necessary condition for the undiagnosability of the quantised system. Stochastic diagnosability is, however, no sufficient
188
6. State Observation and Diagnosis of Quantised Systems
condition for the diagnosability of arbitrarily small differences of faults but is only sufficient for distinguishing the faults with respect to their quantisation. A further aspect concerning diagnosability is the effect of the structure of the quantised system shown in Figure 6.12 on the undiagnosability. This is because some of the independencies that yield undiagnosability are already given by the quantised system itself. The first case of undiagnosability due to Definition 5.7.1 requires that the behavioural relation can be decomposed according to ˆ 0 , f 0 | z, f, v) · H(w ˆ | v) . L(z 0 , f 0 , w | z, f, v) = G(z Interpreting this decomposition requirement for the composed model (6.12) ˜ means that the composed SP is undiagnosable if the behavioural relation L can be written as product ˜ 0 | z, f, v) · H(w ¯ | v) . ˜ 0 , w | z, f, v) = G(z (6.17) L(z This condition corresponds to the unobservability condition given by Corollary 5.4.1. Condition (6.17) means the unobservability of the SP with the ˜ as described by eqn. (3.99). compound input v˜ = (v, f ) corresponding to L Additionally, condition (6.17) requires that the output relation H(w | v˜) = ˜ | v, f ) is independent of f , i.e. that it satisfies H(w ˜ | v, f ) = H(w ¯ | v) for H(w all f ∈ Ne . The second case of stochastic undiagnosability is concerned by Lemma 5.7.1. Due to the structure of the composed model used here, the first and third condition of Lemma 5.7.1 are always satisfied. Hence, the check for the second case of stochastic undiagnosability is reduced to verifying the second condition, i.e. that ˜ 0 , w | z, f, v) = L(z ¯ 0 , w | z, v) L(z (6.18) holds for all f ∈ Ne . These results are summarised by the following corollary. Corollary 6.2.2. The SP represented by the composition (6.12) of the SA ˜ can S(Nx , Nu , Ny , Ne , L) and Sf (Ne , Gf ) is stochastically undiagnosable if L be decomposed either according to eqn. (6.17) or to eqn. (6.18). 6.2.3 Fault Diagnostic Algorithm for Quantised Systems In the previous section it has been shown how the solution to the fault diagnostic problem for SA can be used for fault diagnosis for quantised system. Accordingly, the fault diagnostic algorithm for quantised systems presented in the following is in principle identical to Algorithm 5.2 given in Section 5.6.2. Consequently, Algorithm 6.2 given on page 189 is formulated analogously by means of the functions ˆx → [0, 1] , pres : Ne → [0, 1] , haux : Ne → [0, 1] , pint : N ˆx = N ˆz , where N ˆz is the set of state and fault pairs lumped together with N by means of a bijective mapping Mzf as explained in Section 2.4.
6.2 Diagnosis of Quantised Systems
189
Quantised fault diagnostic algorithm for quantised systems described by a qualitative model Algorithm 6.2 Given: Qualitative model of the quantised system S(Nx , Nu , Ny , L) Model of the quantised fault process Sf (Ne , Gf ) A–priori initial state probability distribution Prob([x(0)]) = QN px,0 (x) A–priori initial fault probability distribution Prob([e(0)]) Do:
−1 ˆx z ) = Prob(([x(0)]p , [e(0)]p ) = Mzf (ˆ z )) for all zˆ ∈ N Set pint (ˆ
Do wait for new measurements [u] and [y] for all f ∈ NP e determine P P haux (f ) = z¯ f¯ z L(¯ z , [y] | z, [u], f ) · Gf (f¯ | f ) · pint (Mzf (z, f )) P if f haux (f ) = 0 holds, stop the algorithm (inconsistent I/O pair or wrong initial state or fault distribution) ˆ determine z and f by (z, f ) = M −1 (ˆ these for all zˆ ∈ N zf z ) and with Px P z ) = z¯,f¯ L(z, [y] | z¯, [u], f¯)·Gf (f | f¯)·pint (Mzf (¯ z , f¯))/ f haux (f ) pint (ˆ P for all f ∈ Ne determine pres (f ) = haux (f )/ f haux (f ) Loop Result: Approximation of the current quantised state probabilities \p = f | [U ], [Y ]) for all f ∈ Ne pres (f ) = Prob([e(k)]
6.2.4 Fault Diagnosis of the Running Example Example 6.2.1. To illustrate the diagnosis the two–tank system of Section 1.4 is considered. Throughout the example it is assumed that the upper valve V 12u is closed. The positions of the valve V12l and the pump are considered as inputs to the system. The valve can be either closed (v12l = 0) or opened (v12l = 1). The pump is permanently switched on but works with either half (vp = 0.5) or full velocity (vp = 1). Correspondingly, the quantised input values have the following meaning: [u] = 1
[u] = 2
[u] = 3
[u] = 4
valve closed half pump velocity
valve opened half pump velocity
valve closed full pump velocity
valve opened full pump velocity
As fault, a leak in the left tank is considered. The fault variable e is defined as in Example 3.2.1 with the densities pie shown in Figure 3.10. The densities define four qualitative fault symbols from no leak for [e] = 1 to very big leak for [e] = 4. The output variable is the outflow qˆ2 (t) of the right tank. The output space partition is shown on the right–hand side of the Figure 6.3. The state space is partitioned as shown in Figure 3.6. For the densities pix , uniform distributions are assumed. The sampling time is Ts = 10 s. The overall model for diagnosis is composed of a qualitative model of the tank system with the fault as input and a model of the fault process. With the four
190
6. State Observation and Diagnosis of Quantised Systems
8
0.62
0. 1
0. 07
0. 1
5
0.2
0. 47
0. 63
0.25
1
0.99 0.001
2
0.99 0.01
3
1 0.01
4
0.06
0.13
2
0.2 0.36
3
0.03 0.05
0.4 0.6
0.999
6
0.14
0.01
0.49
0.01
0.75
1
5 0.13
0.0 0.19 0.07
0.05
5
4
4
0.0
0.01
0.02
0.13
0.12
0.03
0.24
9
0.45
0. 07
7
0.06
0.75
0.13
0.23
0.33 0.1 0.08
Fig. 6.13. Qualitative model for half pump power, valve V 12l closed and big leakage (left) and model of the fault process (right).
Fig. 6.14. Quantised input sequence (left) and sequence of output interval measurements (right).
faults, the qualitative model has M = 16 input symbols. The automaton graph corresponding to [u] = 1 and [e] = 3 is shown on the left–hand side of Figure 6.13. As before, the three outputs are distinguished by the colour and thickness of the edges, from thin black lines for [y] = 1 to thick light grey lines for [y] = 3. The model of the fault process is unknown. Therefore, it is set up from intuitive a–priori knowledge concerning the temporal behaviour of the fault. The automaton graph of the SA assumed to represent the fault process is shown on the right–hand side of Figure 6.13. The graph has four vertices corresponding to the four fault symbols. According to this model, the leak can only become bigger. Furthermore, the fault symbol can only change to neighbouring qualitative faults meaning that the size of the leak cannot increase arbitrarily fast. Diagnosability. The diagnosability is checked separately for the four inputs. The result is given below, where the state numbering is shown in Figure 3.6.
6.2 Diagnosis of Quantised Systems
191
Fig. 6.15. Diagnostic result (left) and numerical fault sequence used in the experiment (right).
undiagnosable within strongly undiagnosable within
[u] = 1, [u] = 3
[u] = 2, [u] = 4
Nxu = {1, 2, 3}, Neu = Ne and Nxu = {4, 5, 6}, Neu = Ne
Nxu = {4, 5, 6}, Neu = Ne
Nxu = {1, 2, 3}, Neu = Ne
According to this result, the leak in the left tank is undiagnosable for closed connecting valve and weakly diagnosable for opened connecting valve. Weak diagnosability means that within certain quantised states, namely within Nxu = {4, 5, 6}, the output contains no information concerning the fault. However, for the other quantised states, diagnosability is given for an opened valve. Diagnostic results. Figure 6.14 shows the quantised input sequence [U ] and the sequence of measured intervals of the outflow corresponding to the quantised output sequence [Y ] obtained in an experiment. The initial state and qualitative fault are unknown. Accordingly, for the state the distribution (6.7) and for the qualitative fault, the distribution Prob([e(0)]) = {0.25 0.25 0.25 0.25} is used. With this, Theorem 5.6.1 is used to determine the probability distributions \ | [U (0 . . . k)], [Y (0 . . . k)]) Prob([e(k)] for k = 0, . . . , 39. The result is shown on the left–hand side of Figure 6.15. For comparison, the right– hand side of the figure shows the numerical fault sequence used in the experiment for which the quantised measurements shown in Figure 6.14 were obtained. From the result, it can be seen that until k = 6, no information about the fault is obtained. This is because the connecting valve was closed during that time, and hence, the leakage is not diagnosable. Quickly after the valve has been opened the faultless case becomes most probable. That is, from the obtained measurement sequences the diagnostic algorithm can derive that the system is faultless. Beginning at time k = 20 a leak in the left tank occurs, becoming gradually bigger, and the diagnostic result changes accordingly. It can be seen that at time k = 29, the faultless case was excluded, i.e. a leak has been detected with certainty. It can further be verified that relation (6.14) holds, i.e. the symbols of the quantised numerical fault sequence always have nonzero probability. However, until the fault leads to a qualitative change in the input and output sequence, the faultless case re-
192
6. State Observation and Diagnosis of Quantised Systems
mains most probable. This is due to the fault model which assigns to the probability that a leak occurs within one sampling interval a probability of 0.001.
6.3 Sensor and Actuator Fault Diagnosis** In this section a scheme to detect faults occurring in the sensors and actuators of a system is presented. The described method turns out to be very elegant as faults can be identified without any need to model them explicitly. For faults occurring in sensors and actuators, this is of particular interest because such faults are often difficult to describe analytically. For simplicity of presentation, it is assumed that each input to the system is physically realised by one actuator and each output of the system is measured by a separate sensor. Furthermore, each input and output signal is quantised separately. The quantised system then has the structure shown in Figure 6.16. In the figure, the continuous–variable system is split up into the actuators, the plant and the sensors. Accordingly, the faults are distinguished into sensor faults esen , actuator faults eact or plant faults epl . In the previous sections all three kinds of fault were lumped together in the fault vector e.
Quantised system Actuators
um
u~m
e pl Plant
y~1 ~ yr
e sen Sensors
e act u~1
u1
y1 yr
Continuous−variable system Quantisers
Quantisers
[u1] . . . [u m]
[y1] . . . [ yr]
Fig. 6.16. Quantised system for sensor and actuator fault diagnosis.
When a fault occurs in sensor i, the actual output y˜i of the plant differs from the measured value yi . Similarly, in case of a fault in actuator i, the input command ui differs from how the actuator really acts on the system by u ˜i. If the sensor or actuator faults are significant, they lead to corrupted quantised measurements which can be detected using the generalised or dedicated
6.3 Sensor and Actuator Fault Diagnosis**
193
observer schemes GOS or DOS respectively, (cf. Section 5.8.2). For the application of the observer schemes, the quantised system for diagnosis is set up only for plant faults. That is, it is assumed that ui = u ˜i and yi = y˜i hold for all sensors and actuators. Accordingly, the qualitative model only contains plant faults. For diagnosis, one of the schemes of Section 5.8.2 is used, e.g. the GOS of Figure 5.11 to detect corrupted output signals, i.e. sensor faults. In contrast to Figure 5.11, fault diagnostic blocks are used instead of state observers. Consequently, as long as all sensors and actuators yield the faultless quantised signals [˜ ui ] and [˜ yi ], the fault diagnostic block yields the probability distribution pl (k)] | [U (0 . . . k)], [Y (0 . . . k)]) Prob([e\
of the plant faults. As described in Section 5.8.2, the GOS is based on a check of the denominator of the observer. Hence, for sensor and actuator diagnosis, the denominator as it appears in Theorem 5.6.1 must be determined. For the quantised system this is D(k) =
X pl (k)], [u(k)]) \ [y(k)] | [x(k)], \ [e\ ˜ [x(k+1)], L(
\ [x(k)], \ [x(k+1)], \ pl (k)] [epl (k+1)],[e\
=
X \ [x(k)], pl (k)] [e\
pl (k)]) (k+1)] | [e\ · Gf ([epl\ pl (k)] | [U (0...k−1)], [Y (0...k−1)]) \ [e\ · Prob([x(k)],
pl (k)], [u(k)]) \ [e\ ˜ H([y(k)] | [x(k)],
(6.19)
pl (k)] | [U (0...k−1)], [Y (0...k−1)]) , \ [e\ ·Prob([x(k)],
where the simplified equation is obtained using the properties (2.6) and (2.7) of the SA S and Sf respectively. Each block of the GOS obtains all but one quantised output and uses a re˜ as given by Lemma 5.8.1. As described by duced model obtained from L Lemma 5.8.2 in Section 5.8.2, the GOS only needs to be invoked if the denominator (6.19) becomes zero. Sensor faults are identified as described by Corollary 5.8.1 from the non–vanishing denominators of the diagnostic blocks of the GOS. Equivalently actuator faults can be identified by using the input signal supervision scheme of Section 5.8.2. The application of the DOS is similar. The application of the GOS for sensor and actuator fault diagnosis is summarised by the following corollary:
194
6. State Observation and Diagnosis of Quantised Systems
Sensor and actuator diagnosis of quantised systems Corollary 6.3.1. Sensor and actuator faults are diagnosed using a qualitative model which takes only plant faults into account as follows. • According to Lemma 5.8.2, a sensor or actuator fault is detected if eqn. (6.19) becomes zero. In this case the GOS is invoked. • Using Lemmas 5.8.1 and 5.8.5, the qualitative models for all but one quantised output or input are derived respectively. • Lemma 5.8.3 is used to identify sensor and actuator faults as described by Corollary 5.8.1. Note that for using this approach, sensor and actuator faults need not be modelled explicitly. Furthermore, unless a sensor or actuator fault occurs, the application of the method requires no additional computational effort as the denominator (6.19) must be determined anyway in a practical application to avoid division by zero. Only the past quantised input and output values have to be stored. In case that a sensor or actuator fault occurs, the DOS or GOS provide elegant schemes to identify the fault as the required qualitative models can be derived from the given one. Furthermore, the GOS and DOS allow to automatically reconfigure the diagnostic system and to continue diagnosis ignoring the information of a faulty sensor or actuator as shown at the end of the following example. Example 6.3.1. The application of the GOS is shown using the example of the two–tank system of Section 1.4. Throughout the example, the valve V 12u is closed. Input to the system is the valve V12l which can be either closed or opened and the pump which can be switched on with vp = 1 or switched off with vp = 0. As plant fault, a leak in the left tank is considered. The fault is considered with discrete amplitudes cl = 0 m5/2 /s ([epl ] = 1) or cl = 1.0 · 10−4 m5/2 /s ([epl ] = 2). Measured are the quantised levels in both tanks by means of the discrete level sensors at the positions indicated in Section 1.4. For simplification, the sensors LS1, LS2 or LS3, LS4 are considered as quantised level sensor 1 or 2 for the left or right tank level respectively. The state space is partitioned like the output space as shown in Figure 3.6. The sampling time is Ts = 10 s. In an experiment, the quantised input sequence shown on the left–hand side of Figure 6.17 is applied to the tank system. This yields the sequences of quantised tank levels shown in Figure 6.18. Instead of the correct outputs shown on the left– hand side of this figure, sensor 1 yields the sequence shown on the right–hand side of Figure 6.17. It can be seen that from time k = 10 onwards, the sensor yields y1 ∈ [0, 0.2) independent of the actual level in the left tank. To the measured sequences, the GOS with diagnostic blocks as shown in Figure 5.11 is applied. Furthermore, two blocks for actuator supervision as shown on the right– hand side of Figure 5.12 are used. That is, next to the diagnostic result, the four signals D1S (k), D2S (k), D1A (k) and D2A (k) are determined, corresponding to the denominators of the diagnostic blocks without sensor 1, sensor 2, the valve or the
6.3 Sensor and Actuator Fault Diagnosis**
195
Fig. 6.17. Quantised input sequence (left) and faulty interval measurements of level sensor 1 (right).
Fig. 6.18. Sequence of quantised liquid levels in the left and right tank, respectively.
Fig. 6.19. Diagnostic result for the plant fault (left) and denominators of the blocks of the GOS (right).
pump respectively. The diagnostic result is shown on the left–hand side of Figure 6.19. The values of the four denominators are shown on the right–hand side of the figure, where a black bar indicates a nonzero denominator. From the left–hand side of Figure 6.19, it can be seen that until k = 9 the diagnosis works correctly and that the faultless case is isolated for unknown initial plant fault after a few steps. At k = 10, when sensor 1 breaks down, the denominator D(s) of the main diagnostic block becomes zero. This is indicated by the white bars from
196
6. State Observation and Diagnosis of Quantised Systems
k = 10 onwards. Hence no further diagnosis is possible and the diagnostic block yields no further diagnostic results. The right–hand side of the figure shows that at k = 10, two other denominators, namely D2S (k) and D1A (k), also became zero indicating that neither a valve fault nor a fault in sensor 2 could have caused the inconsistency with the model of the main diagnostic block. After a few more steps at k = 14, the measured sequences also become inconsistent with the model without the signal for the pump. This indicates that sensor 1 must be faulty as the only block which is still consistent with the measurement sequences is the block of the GOS not using the information of sensor 1. Having identified the faulty component, the diagnostic system is reconfigured. That is, only sensor 2 is used for diagnosis. Such a diagnostic block is already included in the GOS. Accordingly, the former main diagnostic block just needs to be replaced by this block of the GOS. The probabilities of the plant faults determined by this block are shown on the left–hand side of Figure 6.19 from time k = 14 onwards. Note that the new diagnostic block implicitly performs a state observation of the level in tank 1. At time k = 18, a leak occurs in the left–tank and is present until the end of the experiment. It can be seen that after some time, this plant fault is identified. However, the reconfigured diagnostic system has a lower performance as it obtains less information because sensor 1 is lost. If sensor 1 was still operating, the leak could be detected already at time k = 19 as the level in the left tank decreases for a closed connecting valve, cf. Figure 6.17 (left) and Figure 6.18 (left). The reconfigured scheme is slower but allows that the diagnosis can be continued though the original diagnostic block could no longer be used from time k = 10 onwards.
6.4 Bibliographical Notes The state observation approach developed here is related to the literature on observers for continuous systems, discrete–event systems and, as a combination of both, hybrid systems. Classical approaches to the observation of continuous systems like the Luenberger observer or its nonlinear extensions are designed so that their state converges to the actual state of the system, if possible independently of the initial conditions and the actual measured input and output signals (cf. e.g. [107], [193], [204]). Similar remarks hold true for Kalman filters in a stochastically perturbed framework [19], [181]. As these kind of state observers require numerical measurements they cannot be used for the observation of quantised system. The observation approach proposed here is comparable to another branch of the literature on the observation of continuous system. These methods aim at refining an initially coarse inclusion of the system state by using interval measurements [6], [36], [82], [150] or, in a more general framework, stochastically disturbed signals with known upper bounds on the disturbances [135]. In contrast to the method presented here, these observers do not use discrete– event abstractions of the continuous dynamics but process the information by using a numerical model. Accordingly, results obtained there cannot be used directly.
6.4 Bibliographical Notes
197
With respect to the observation of discrete–event and hybrid systems different approaches are known in literature. In [80] and [162] the observation task is considered for qualitative models of continuous–variable systems in form of Petri nets, whereas [205] solves the observation problem for continuous– time Markov models. In [146] the state observation of a discretely observed continuous system is considered using a nondeterministic discrete–event abstraction. A stochastic approach to the state observation of a qualitative model is given in [99]. Except for the latter that introduces simplifying assumptions, all approaches are based on different models and do, therefore, differ significantly from the observation method presented here. Fault diagnosis is an important issue concerned in literature by numerous papers (for an overview cf. [54], [58], [143]). They can be distinguished into signal–based or model–based approaches and further into those concerning static or dynamical systems. Throughout the book only model–based diagnosis of dynamical systems is considered. The diagnostic method presented here contributes to the diagnosis of discrete–event systems as well as to the diagnosis of quantised systems. All model–based diagnostic approaches have in common that the task is in principle solved by comparing the observed event sequence with the dynamics of the model [113]. Based on this principle, different approaches have been elaborated in the field of artificial intelligence and control, cf. e.g. [64], [161], [168], [191], [205]. The existing model–based approaches to fault diagnosis of dynamical system can further be distinguished with respect to the measurement information and the models they use. If numerical measurements are available and numerical models in form of differential or difference equations are considered, the fault detection task can be solved by identifying the current process parameters (cf. e.g. [70]) or by observing the current output or state (cf. e.g. [29], [53], [105], [142]) and comparing them to their nominal values. Most approaches in this field consider fault identification as the second step. That is, in case that a fault has been detected, it is to be determined which fault has occurred. This task is solved by considering the direction in which a deviation from the nominal value occurred [59], [185], or by evaluating which inequality constraints have been violated [186]. The diagnostic approaches based on numerical models differ significantly from the diagnostic approach presented here. However, some concepts concerning the structure of diagnosis are used in this book. This concerns for example the dedicated and generalised observer schemes, originally developed for the identification of sensor and actuator faults in [31], [53]. These schemes are used here with stochastic automata.
7. Stochastic Automata Networks
This chapter concerns networks of interacting stochastic processes each represented by a stochastic automaton. In Section 7.2, such networks are formally described by automata networks. Their behaviour is investigated in Section 7.3. In Section 7.4 it is shown how an automata network can be transformed into an equivalent single automaton. This transformation is referred to as composition of automata. Hence, instead of analysing the network itself, the composed automaton can be investigated by means of the methods presented in the previous chapters. Based on the composition, it is shown how the state observation and fault diagnostic tasks are solved for automata networks in Section 7.5.
7.1 Motivation for Using Automata Networks It is intuitively clear, and will be shown in this chapter, that networks of interacting stochastic process can be represented by a single stochastic automaton. So the question arises, why networks of stochastic automata need to be introduced. In fact, there is only one reason and this is the lower complexity of an automata network if compared to a single stochastic automaton. As shown in Section 7.2.2, the representation by automata networks becomes practically compulsory for larger networks of stochastic processes what makes their formal introduction inevitable. A major issue in the formalisation of possibly large networks is the notation. To cope with arbitrary network topologies and complexities, a notation used in relational algebra and database theory is introduced for stochastic automata. This leads to automata on attributes presented in Section 7.2.4. This notation seems inconvenient at first sight but will turn out to be well suited for this purpose. The core of this chapter are the composition operations presented in Section 7.4. They formally describe the relation between an automata network J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 199-232, 2003. Springer-Verlag Berlin Heidelberg 2003
200
7. Stochastic Automata Networks
and the equivalent single automaton. It will be shown that this allows to apply the supervision methods of Chapter 5 almost unaltered also to automata networks.
7.2 Networks of Stochastic Processes 7.2.1 Introduction to Networks of Stochastic Processes The focus of this chapter are interacting stochastic processes (SPs) where each process is represented by an SA as introduced in Chapter 2. Instead of a single SP, networks of SPs are used to describe a system. This allows a component–oriented qualitative modelling. As outlined in Section 7.2.2 this leads to a dramatic reduction of the complexity of the representation. Using the extension to networks of SPs is the basis for extending the qualitative modelling approach to complex systems in Chapter 8. Supervision tasks for a single SP have been considered in Chapter 5. For networks of interacting SPs they are solved in three steps: 1. Interacting SPs are described by networks of stochastic automata. 2. The behaviour of stochastic automata networks is investigated. 3. The state observation and fault diagnostic tasks are solved for automata networks. The remainder of this section is devoted to the first step, i.e. the representation of interacting SPs. The second step is considered in Section 7.3. In Section 7.4 it will be shown that an automata network can be equivalently represented by a single SA. This equivalence is shown in a constructive way. That is, by successive application of two elementary composition rules, an arbitrary automata network is transformed step–by–step into a single SA. The resulting SA is referred to as composed automaton. The main idea for the solution to the supervision tasks is to apply the results of Chapters 2 and 5 to the composed SA as it equivalently represents the network. This will be presented in Section 7.5. The motivation for studying automata networks is their lower complexity if compared to a representation of the same system by a single SA (cf. Section 7.2.2). At first sight this seems to be in conflict with the idea to transform the automata network into a single SA as this seemingly negates the advantage of the more compact network representation. It turns out, however, that this is not the case. In fact, the composition is not used to explicitly determine the composed SA but merely as a formalism to systematically process the information in the network. That is, only that part of the composed SA is determined which is needed for an actual simulation, observation or diagnostic step. Hence, the solution to a given supervision task only necessitates
7.2 Networks of Stochastic Processes
v1(k)
Markov process 1 z1(k)
w1 (k) s 2(k)
Markov process 2 z2(k)
201
w2 (k)
s 3(k)
s 1(k) Markov process 3 z3(k)
v2(k)
Fig. 7.1. Network of stochastic processes.
a partial composition of the network and does not require to determine the whole composed SA. Figure 7.1 shows an example of interacting SPs. It can be seen that the processes in a network can have more than one input or output signal. Hence, the definition of SA must be extended to multi–input, multi–output automata. This will be done in Section 7.2.4. In a network of SPs, the inputs or outputs to the individual processes are, in general, not all measurable. Only the external inputs v 1 , . . . , v µ are given and in case of state observation also the external outputs w1 , . . . , w ρ . However, the coupling signals s1 , . . . , sκ are unknown (cf. Figure 7.1). A coupling signal ensures that the values of the corresponding input and output signals of the SPs must coincide at all times. Hence, feedback loops as shown in the figure can cause conflicts if this condition cannot be satisfied for a given automata network. This situation is investigated in Section 7.2.3.
7.2.2 Complexity Considerations Automata networks have, in general, a lower complexity than a single SA that represents the network. Here, complexity means the number of nonzero values of the behavioural relation which have to be stored in an application.
Overall Markov process ( z1 , z2 ,..., zn )(k ) / N 1 . N2 ... N n v1(k) /M
1 Markov process 1 s (k) Markov process 2 / N1 z2(k) / N 2 z1(k) / N 1
s n-1 (k) Markov process 2 / N n-1 zn(k) / N n
Fig. 7.2. Complexities of the network and the overall process.
w1 (k) /R
202
7. Stochastic Automata Networks
The actual difference in the number of nonzero probabilities of the network and of the equivalent single SA is, of course, application dependent as it depends on the network topology. Therefore, the reduction of complexity is shown by an example. Consider the network of SPs shown in Figure 7.2 where the coupling output signals si are equal to the states z i of the corresponding processes i = 1, . . . , n−1. In the worst–case all transitions occur with nonzero probability. Denoting the number of states of each SP by Ni , the number of external inputs by M and the number of external outputs by R this means that the first SP requires to store M · (N1 )2 values, the SPs i = 2, . . . , n−1 to store Ni−1 · (Ni )2 values and the last SP to store Nn−1 · (Nn )2 · R values. Altogether these are M · (N1 )2 +
n−1 X
Ni−1 · (Ni )2 + Nn−1 · (Nn )2 · R
(7.1)
i=2
values for the network instead of M · (N1 · N2 · · · Nn )2 · R values for the composed SP. Obviously, the complexity of the network is much lower. For example for n = 10 SPs with M = R = Ni = 10 eqn. (7.1) means that 19000 values must be stored whereas the composed SP yields 10 22 nonzero probabilities. Though the above example is a worst–case estimate it clearly shows that for a larger number of SPs it is not possible to store a description of the overall SP at reasonable costs. Several examples in the remainder of the book show that for the practical application it is inevitable to represent larger systems by automata networks. Remark 7.2.1. The reason for the differences in the complexities is that the representation by an automata network implicitly contains conditional independencies among the stochastic variables of the network. Hence, the values stored in the composed SA are not independent of each other. This means that their information content could be represented by a fewer number of probability values what is done automatically when keeping it in form of a network. 7.2.3 The Feedback Problem Consider an SP represented by an SA S(Nz , Nv , Nw , L) with Nw = Nv . The question is whether closing the feedback loop as shown in Figure 7.3 still yields a well–defined SP. As shown in the following it depends only on the output relation H whether closing the loop is possible or not. The problems that can arise when closing the loop are illustrated by means of two output relations that may be obtained from some behavioural relation L by means of eqn. (2.6). From the theory of continuous–variable systems such problems are known as algebraic loops [27]. Example 7.2.1. Assume that Nv = Nw = {1, 2} are given and that the output relation of the SA is given for all states z ∈ Nz by
7.2 Networks of Stochastic Processes
v (k)
Markov process z (k)
203
w (k)
Fig. 7.3. Feedback problem. H(w = 1 | z, v) =
0 for v = 1 , 1 for v = 2
H(w = 2 | z, v) =
1 for v = 1 0 for v = 2 .
(7.2)
Let the feedback law be v(k) = w(k) as shown in Figure 7.3 and assume that the output of the process was w(0) = 1. Then, due to the feedback coupling, the input must also be v(0) = 1. According to the output relation (7.2), this means, however, that the output can only be w(0) = 2. This in turn means that the input must be v(0) = 2 causing w(0) = 1 and so on. Hence, closing the feedback loop is not possible as it yields no well–defined output of the stochastic process. If instead of (7.2) the output relation is 1 for v = 1 0 for v = 1 H(w = 1 | z, v) = , H(w = 2 | z, v) = 0 for v = 2 1 for v = 2
(7.3)
for all z ∈ Nz , then closing the feedback loop causes a different problem. In this case an output w(0) = 1 unambiguously yields v(0) = 1 whereas w(0) = 2 yields ˜ | z) describing the closed–loop v(0) = 2. This means that the output relation H(w process could contain arbitrary values for each output w without being in conflict with the output relation (7.3). Hence in this case, closing the feedback loop is not ˜ is not uniquely defined. possible as the output relation H
Common in both of the above examples is that the output w(k) depends directly on the input v(k). In Section 2.5.1, this property is recognised as stochastic direct feedthrough of an SA. It is therefore reasonable to ask for no stochastic direct feedthrough when closing a feedback loop. That is, there ¯ such that must exists a function H ¯ | z) H(w | z, v) = H(w holds for all v ∈ Nv , w ∈ Nw and z ∈ Nz . Hence, w(k) does not depend on the input v(k) occurring at the same time instance k. Lemma 7.2.1. If an SP is represented by an SA S(Nz , Nv , Nw , L) without stochastic direct feedthrough and with Nw = Nv , then closing the feedback ˜ z , Nw , L) ˜ with the loop yields a well–defined SP represented by the SA S(N ˜ behavioural relation L given by ˜ 0 , w | z) := L(z 0 , w | z, w) , for all z 0 , z ∈ Nz , w ∈ Nw . L(z Proof. See Appendix C.23.
(7.4) t u
For simplicity of presentation, it is assumed in the following that all SPs are represented by SA without stochastic direct feedthrough. In Section 7.4.4
204
7. Stochastic Automata Networks
this assumption will be relaxed to networks in which no stochastic direct feedthrough loops exists. That is, direct feedthrough will be allowed for some SA unless these automata form a closed–loop in the network. Remark 7.2.2. From the proof of Lemma C.23 it is clear that a necessary and sufficient condition for closing the loop is that the output relation of the SA satisfies P H(w | z, w) = 1 for all z ∈ Nz . However, this condition is difficult to interpret. w Furthermore, in Section 8.2, a condition is derived for which a qualitative model has no stochastic direct feedthrough. Therefore, the sufficient condition of Lemma 7.2.1 is more important in the context of this book. 7.2.4 Stochastic Automata on Attributes The definition of SA can easily be extended to vectorial inputs, outputs and states. Such SA have already been used in Section 2.4, where the fault f and the input v or the fault f and the state z have been lumped together in a vector (v, f ) or (z, f ) respectively. By means of bijective mappings Mvf or Mzf , the SA with vectors has then been transformed into an equivalent SA with scalar variables. In the following, the use of pairs as variables of the SA is extended in two ways. Firstly, an arbitrary number of scalar signals is considered for the input, output, state and fault of the SA. Secondly, a formalism shall be used that allows to specify the set of network signals among which the SA defines a relation, without prescribing the order in which the signals appear in the SA and without defining bijective mappings as before. Because of the latter aspect, no vectorial notation will be used. In a vector notation like v = (v 1 v 2 . . . v l )0 ∈ Nv1 × Nv2 × · · · × Nvl , the i–th entry of the vector is always associated with the i–th set of values Nvi . This means that the order of the values within the vector is significant and cannot be changed. Here, a more general formalism will be introduced to define multi–input, multi–output automata. The idea is to assign to each set Nvi a name, called attribute, by which it is identified. This technique is commonly used in relational algebra [171] or database theory [8] and has been used in [65] for component–oriented symbolical descriptions of technical systems. Attributes and domains. The approach is now introduced formally for the input of the SA. Consider a set of domains denoted by Dv = {Nv1 , Nv2 , . . . , Nvν } and let Av = {v 1 , v 2 , . . . , v l } be the set of all input attributes, i.e. the names of all input signals that occur in a network. Then the map domv : Av → Dv
(7.5)
assigns to each attribute v i a corresponding domain domv (v i ). For example, assume that three input signals v 1 , v 2 and v 3 occur in a network. Furthermore, let v 1 and v 2 be binary signals while v 3 can take values from 1 to 5. Then the set of domains is given by Dv = {Nv1 , Nv2 } with Nv1 = {1, 2} and Nv2 = {1, 2, 3, 4, 5}. The map domv is according to
7.2 Networks of Stochastic Processes
domv (v 1 ) = Nv1 ,
domv (v 2 ) = Nv1 ,
205
domv (v 3 ) = Nv2 .
Tuples. In contrast to the classical definition of tuples as vectors, in relational algebra a tuple is defined differently. There, an l–tuple v over a set of attributes Av is defined as a function v : Av →
l [
domv (v i )
(7.6)
i=1
with v(v i ) ∈ domv (v i ) [65]. Referring to the l–tuple by v = ( v(v 1 ), v(v 2 ), . . . , v(v l ) )
(7.7)
means that the function v is written down explicitly for each value of its domain, i.e. for each attribute. For notational convenience, the domain dom v (v i ) of the attribute v i will be written as N (v i ) = domv (v i ). Note that according to the above, specifying a tuple means to define a function. For the definition of a function it is irrelevant in which order its values are given. That is, denoting the values of the function (i.e. the tuple) v in the order v = ( v(v l ), v(v 1 ), v(v 2 ) . . . , v(v l−1 ) ) is, of course, the same as writing it in the order (7.7) or any other order. Hence, the order of the values in a tuple as introduced above is arbitrary. Cartesian product of domains. The Cartesian product of all domains with respect to a set of attributes is denoted as N (Av ) := {v = ( v(v 1 ), v(v 2 ), . . . , v(v l ) ) | v(v i ) ∈ N (v i ), i = 1, ..., l} . (7.8) That is, the Cartesian product contains all possible tuples v that can be built from the domains N (v i ) of all attributes v i . An advantage of the introduced notation is the commutativity of the Cartesian product (7.8) meaning that N ({v 1 , v 2 }) = N ({v 2 , v 1 }) holds [65]. Convention used in the following. To simplify the notation, it is assumed in the following that each signal v i has its own domain denoted by Nvi . Then the map (7.5) is simply given by domv (v i ) = Nvi for all attributes v i . The same convention is used for other signal names, e.g. the domain of a signal with the attribute si will be denoted by Nsi . Example 7.2.2. The notations introduced above shall be explained by using a simple example. Consider the Markov process 3 of Figure 7.1. The process has two input signals. The names of these signals are s3 and v 2 . Both names constitute the set of attributes Av = {s3 , v 2 }. Let there be two domains Ns3 = {1, 2} and Nv2 = {1, 2, 3} forming the set Dv = {Ns3 , Nv2 }. Due to the above convention the domains of these signals are given by N (s3 ) = domv (s3 ) = Ns3 ,
N (v 2 ) = domv (v 2 ) = Nv2 .
206
7. Stochastic Automata Networks
According to eqn. (7.6) every 2–tuple v is a function v : {s3 , v 2 } → {1, 2} ∪ {1, 2, 3} . An example for such a function is given by v(s3 ) = 1 ,
v(v 2 ) = 2
which is written as (v(s3 ) = 1, v(v 2 ) = 2). The Cartesian product of the two domains is given by N ({s3 , v 2 }) = (v(s3 ) = 1, v(v 2 ) = 1), (v(s3 ) = 2, v(v 2 ) = 1), (v(s3 ) = 1, v(v 2 ) = 2), (v(s3 ) = 2, v(v 2 ) = 2), (v(s3 ) = 1, v(v 2 ) = 3), (v(s3 ) = 2, v(v 2 ) = 3)
.
Obviously, the relation (v(s3 ) = 1, v(v 2 ) = 2) = (v(v 2 ) = 2, v(s3 ) = 1) ∈ N ({s3 , v 2 }) holds. This shows the advantage of tuples on attributes compared to a vectorial notation where the vectors (1, 2) and (2, 1) mean different elements of the set Ns3 × Nv2 .
The Cartesian product N (Av ) requires that the set of attributes Av , the set of domains Dv and the map domv are given. In the following it is assumed that these elements are given when using the Cartesian product without further reference to them. In the following, partitions of the set of attributes S are often considered. That ξ is, given ξ mutually disjoint sets A1v , . . . , Aξv with i=1 Aiv = Av , the l–tuple i v is composed of tuples v , i = 1, . . . , ξ and is written as v = (v 1 , . . . , v ξ ) where each tuple v i is over the corresponding set of attributes Aiv . Automata on attributes. The above notations are equivalently introduced for state tuples z and output tuples w. With this, a finite stochastic automaton on attributes is defined as S(N (Az ), N (Av ), N (Aw ), L)
(7.9)
with the set of state tuples N (Az ), the set of input tuples N (Av ) and the set of output tuples N (Aw ). For given domains Nzi , Nvi and Nwi the SA on attributes is thus characterised by the sets of attributes Az , Av and Aw , respectively. The behavioural relation L is, in analogy to Section 2.1, given as a function L : N (Az ) × N (Aw ) × N (Az ) × N (Av ) → [0, 1] describing the conditional probabilities of a change of the state tuple z ∈ N (Az ) to a state tuple z 0 ∈ N (Az ) given the input tuple v ∈ N (Av ) while producing the output tuple w ∈ N (Aw ) L(z 0 , w | z, v) = Prob(z 0 , w | z, v) .
(7.10)
7.2 Networks of Stochastic Processes
207
Example 7.2.3. This example shall illustrate how an SA on attributes can be defined. Consider the Markov process 3 of Figure 7.1. Assume that the following sets of attributes and domains are given: Az = {z 3 }, Av = {s3 , v 2 }, Aw = {s1 }, Nz3 = {1, 2, 3, 4}, Ns3 = {1, 2}, Nv2 = {1, 2, 3}, Ns1 = {1, 2} . The maps dom• are intuitive and like above given by domz (z 3 ) = Nz3 ,
domv (s3 ) = Ns3 , domv (v 2 ) = Nv2 ,
domw (s1 ) = Ns1 .
An example of a behavioural relation L of the stochastic automaton on attributes S(N ({z 3 }), N ({s3 , v 2 }), N ({s1 }), L) is given by the following table. Only those tuples for which L yields a nonzero value appear in the table. z0 (z 3 )0 3 3 4 2 3 .. . 1 1
w s1 1 2 2 2 2 .. . 3 3
z z3 1 1 1 1 1 .. . 4 4
s3 1 1 1 1 1 .. . 2 2
v
v2 1 1 1 2 2 .. . 3 3
L(z 0 , w | z, v) 0.5 0.3 0.2 0.8 0.2 .. . 0.9 0.1
The commutativity of the set N (Av ) and of the automaton input v means that the order of the columns that constitute the input v can be changed without changing the SA.
Clearly, an SA on attributes can be equivalently represented by a usual SA using bijective mappings assigning to each state, input and output tuple a different number of a discrete set with an appropriate number of elements. It, hence, has the same properties as outlined in Chapter 2. Stochastic direct feedthrough. In analogy to Section 2.5.1 the SA on attributes is said to have no stochastic direct feedthrough if there exists a ¯ : N (Aw ) × N (Az ) → [0, 1] such that function H X ¯ L(z 0 , w | z, v) = H(w | z) z 0 ∈N (Az )
holds of all tuples v ∈ N (Av ), w ∈ N (Aw ) and z ∈ N (Az ). In contrast to the usual SA, the SA on attributes may have a partial stochastic direct feedthrough. That is, a subset of output signals of the SA may depend on a subset of input signals. The SA is said to have no stochastic direct feedthrough from the input signals A¯v ⊆ Av to the output signals A¯w ⊆ Aw ¯ : N (A¯w ) × N (Az ) × N (Aˆv ) → [0, 1] with if there exists a function H Aˆv = Av \A¯v such that
208
7. Stochastic Automata Networks
Network of Markov processes
v1(k)
z 1 ( k ) . . . z ν( k ) s 1(k) . . . s κ (k)
vµ(k)
w1 (k)
w ρ(k )
Fig. 7.4. Signals of the overall network.
X
X
¯ w ˆ w) ¯ | z, v ˆ ) = H( ¯ | z, v ˆ) L(z 0 , (w,
¯w ) ˆ (Aw \A z ∈N (Az ) w∈N 0
ˆ ∈ N (Aˆv ), w ¯ ∈ N (A¯w ) and z ∈ N (Az ). holds for all tuples v Remark 7.2.3. In relational algebra, a relation is defined as a subset of tuples of the Cartesian product (7.8) [171]. On the other hand, the behavioural relation Ln of a nondeterministic automaton assigns to each tuple of the set Nz × Nw × Nz × Nv the value zero or one (cf. Section 2.5.1). Hence, the set of all tuples to which the behavioural relation assigns the value one (or zero) is a relation in the sense of relational algebra [94]. In fact, this is the reason why the function L is called behavioural relation in this book instead of behavioural function as in [184] or [203]. 7.2.5 Network Representation by Stochastic Automata on Attributes The aim of this section is to formally describe an arbitrary network of interacting SPs by an automata network. In order to distinguish between the overall stochastic process represented by the whole network and the SPs the network consists of, an SP of the network is in the following referred to as stochastic sub–process (SSP), in plural abbreviated as SSPs. The signals of the overall network are denoted as shown in Figure 7.4. The network has µ external inputs v i . It is assumed that these inputs do not depend on the outputs of the system. Otherwise, they would not be referred to as external but as coupling inputs. Coupling inputs are either immeasurable coupling outputs of other SSPs or measurable external outputs. Immeasurable coupling signals are denoted by si , i = 1, . . . , κ and are also referred to as internal coupling signals. Each SSP has a state z i . The number of SSPs is given by ν. The external outputs wi , i = 1, . . . , ρ are those which can be measured for state observation or diagnosis. The names of all signals of the network constitute the sets Av = {v 1 , v 2 , . . . , v µ }, As = {s1 , s2 , . . . , sκ },
Aw = {w1 , w2 , . . . , w ρ } Az = {z 1 , z 2 , . . . , z ν }
(7.11)
of external input attributes, external output attributes, coupling attributes and state attributes respectively. All signals are identified by these names.
7.2 Networks of Stochastic Processes
209
Each SSP is described by an SA on attributes S i (N (Aiz ), N (Aiv ), N (Aiw ), Li ) ,
i = 1, . . . , ν .
(7.12)
i
In the following the stochastic automata S of the network are referred to as network SA (NSA). The inputs to each NSA are according to its set of inputs attribute Aiv given by Aiv ⊆ Av ∪ Aw ∪ As .
(7.13)
That is, the inputs of each NSA are a combination of external input, external output or internal coupling signals. The set N (Aiv ) is the Cartesian product of the domains of these signals (cf. eqn. (7.8)). Similarly, for the sets of output and state attributes of each NSA (7.12), the relations Aiw ⊆ Aw ∪ As
and
Aiz ⊆ Az
hold. In order to distinguish between the input and output signals v i and wi that are used as attributes and the inputs and outputs of the NSA S i the input and output tuples of the NSA are always denoted in bold face v i and wi even if the corresponding sets of attributes Aiv and Aiw are singletons. With respect to a set of measurable output signals Aw every network of interacting SSPs is thus represented as follows. Representation of a network of stochastic processes A network of SSPs is represented by the automata network SN ({S 1 , . . . , S ν }, Aw )
(7.14)
with the NSA S i (N (Aiz ), N (Aiv ), N (Aiw ), Li ) , i = 1, . . . , ν .
For each NSA the relation Aiz = {z i } holds because each NSA represents one of the ν SSPs. The state, input and output tuples of an NSA S i are denoted by z i , v i and wi , respectively. They are not to be confused with the signals of the network. For example v i means the external input signal i of the network, whereas v i means the input tuple of NSA S i which can consist of several external inputs, external outputs and coupling signals. Note that all NSA have disjoint sets of output attributes, i.e. Aiw ∩ Ajw = ∅, i 6= j holds. Furthermore, because of the convention of Section 7.2.4, the network automata implicitly contain the definitions of all domains D• , all sets of attributes A• and all maps dom• of the signals that occur in the network, where • stands for z, v or w.
210
7. Stochastic Automata Networks
It is important to note that the topology of the network is represented by the sets of attributes Aiv and Aiw of the individual NSA. This will be shown below using an example. For the sets (7.11) of network attributes, the following relations hold: Az =
ν [
Aiz ,
As =
i=1
ν [
Aiw \ Aw ,
Av =
ν [
Aiv \ (As ∪ Aw ) .
i=1
i=1
Note that the set Aw cannot be derived from the NSA and appears, therefore, separately in the tuple (7.14). Note further that an NSA S i has a self–feedback loop if Aiv ∩ Aiw 6= ∅ holds. Example 7.2.4. As an example, the network of SSPs shown in Figure 7.1 is considered. The corresponding automata network (7.14) is given by S 1 (N ({z 1 }), N ({v 1 , s1 }), N ({w1 , s2 }), L1 ) , S 2 (N ({z 2 }), N ({s2 }), N ({w2 , s3 }), L2 ) , S 3 (N ({z 3 }), N ({v 2 , s3 }), N ({s1 }), L3 ) , Aw = {w1 , w2 } with Az = {z 1 , z 2 , z 3 }, Av = {v 1 , v 2 }, Aw = {w1 , w2 }, As = {s1 , s2 , s3 },
Dz = {Nz1 , Nz2 , Nz3 }, Dv = {Nv1 , Nv2 }, Dw = {Nw1 , Nw2 }, Ds = {Ns1 , Ns2 , Ns3 },
domz (z i ) = Nzi , domv (v i ) = Nvi , domw (wi ) = Nwi , doms (si ) = Nsi .
Note that the topology of the network is represented by the sets of attributes of the NSA.
Remark 7.2.4. The network has been introduced for the purpose of state observation and diagnosis. Therefore, the difference between coupling and output signals is that the outputs are measurable, whereas the coupling signals are immeasurable. Alternatively, coupling signals could be defined as those signals which are inputs to other SSPs, possibly including measurable signals. Then, instead of (7.13), the relation Aiv ⊆ Av ∪ As would hold. As a consequence, all sets (7.11) including the set Aw could be derived from the NSA, and hence, the definition of the automata network would not need to include the set Aw of measurable output attributes. This means that the definition of the tuple (7.14) is not independent of its purpose which is for state observation and diagnosis.
7.3 Behaviour of Automata Networks Realisations of the network of stochastic processes. As described in Section 2.3, the SA can be used to generate realisations of the SP it represents. For an automata network, however, this turns out to be more difficult
7.3 Behaviour of Automata Networks
211
than for a single SA. Determining a realisation becomes difficult if the network cannot be processed in such a way that the inputs to the SPs are always completely known. An example for such a network is shown in Figure 7.1. For none of the SSPs the input is completely determined by the external inputs. Instead, the successor state and the output of each SSP depend on at least one other process of the network. In the following it is shown how realisations of a network of SSPs can be determined provided that none of the SSPs has a stochastic direct feedthrough. Under this condition, the outputs of the SSPs do not depend on their current inputs and all outputs can be determined randomly depending on the current state. By this, all inputs to the SSPs are known and the successor states can be determined. The outputs are determined using the output relations H i (wi | z i , v i ), where the tuples wi consist of external output and internal coupling signal values according to their set of attributes Aiw . As the SSPs do not have a stochastic direct feedthrough it follows that ¯ i (wi | z i ) , H i (wi | z i , v i ) = H
(7.15)
holds. Accordingly, the outputs wi can be determined in a first step just from the knowledge about the current states. In the second step, the successor states of all SSPs are determined. Note that the transition relation Gi (z 0i | z i , v i ) must not be used to determine the successor state tuple z 0i . This is because the successor state and output tuples are, in general, not stochastically independent. Instead, a different relation must be used which is obtained from the decomposition Li (z 0i , wi | z i , v i ) = Prob(z 0i , wi | z i , v i )
= Prob(z 0i | wi , z i , v i ) · H i (wi | z i , v i ) ¯ i (wi | z i ) , = Prob(z 0 | wi , z i , v i ) · H i
(7.16)
which holds for all state, input and output tuples. From eqn. (7.16), it is clear that the probability distribution Prob(z 0i | wi , z i , v i ) must be used to determine the successor state tuple z 0i , because this distribution describes the distribution of z 0i for given output tuple wi . According to eqn. (7.16), this distribution is obtained from the behavioural relation by Prob(z 0i | wi , z i , v i ) =
Li (z 0i , wi | z i , v i ) Li (z 0i , wi | z i , v i ) = ¯ i (wi | z i ) H i (wi | z i , v i ) H
(7.17)
provided that H(wi | z i ) > 0 holds. As the output relation has been used in the first step to randomly determine the output wi , it is clear that this condition is always satisfied for the given output. The above is summarised by the following corollary.
212
7. Stochastic Automata Networks
Fig. 7.5. Example network of two Markov processes.
Realisations of a network of stochastic processes Corollary 7.3.1. Provided that none of the NSA has a direct stochastic feedthrough, a realisation of a network of SSPs is obtained by recursive application of the following two steps: 1. The values wi (k) consisting of external outputs wj (k) and internal coupling signals sl (k) are randomly determined due to the output relations (7.15) for the current states z i (k). 2. The successor states z 0i (k) of all SSPs are randomly determined according to the distributions (7.17). Clearly, the condition that none of the SSPs may have a stochastic direct feedthrough is more restrictive than necessary. In fact, this condition can be relaxed in such a way that there is no closed path through the net with partial stochastic direct feedthroughs at each block. The condition will be relaxed formally in Section 7.4.4. However, the following example shows how realisations can be obtained in spite of direct feedthroughs in some of the SSPs. Example 7.3.1. This example illustrates how a realisation is obtained from a given network of interacting SSPs. Figure 7.5 shows two automaton graphs and the way they are coupled. The network has no external input. The inputs and outputs of the two SSPs are distinguished in the graphs by the colour and the thickness of the edges. In the graph on the left–hand side the edges corresponding to the input w1 = 1 are thin and those for w1 = 2 are thick, while a black edge means the output s1 = 1 and a grey edge s1 = 2. In the graph on the right–hand side, the inputs are distinguished by the colours black and grey while the outputs are distinguished by the thickness of the edges. The network shown in the figure is represented by S 1 (N ({z 1 }), N ({w1 }), N ({s1 }), L1 ) , S 2 (N ({z 2 }), N ({s1 }), N ({w1 }), L2 ) , Aw = {w1 } .
7.3 Behaviour of Automata Networks
213
Accordingly, the input, output and state tuples of the NSA are given as follows: v 1 = w1 , w1 = s1 , z 1 = z 1 , v 2 = s1 , w2 = w1 , z 2 = z 2 . From Figure 7.5, it can be seen that the NSA S 1 has a stochastic direct feedthrough while the NSA S 2 does not. Let the initial states of the NSA be given by z 1 = 2 and z 2 = 2. According to Corollary 7.3.1, in the first step the outputs need to be determined. As S 1 has a direct feedthrough and an unknown input, the output of S 2 must be determined first. For z 2 = 2 the output relation of S 2 is given by H(w2 = 1 | z 2 = 2, v 2 = 1) = 0.4 + 0.2 H(w2 = 1 | z 2 = 2, v 2 = 2) = 0.6 H(w2 = 2 | z 2 = 2, v 2 = 1) = 0.4 H(w2 = 2 | z 2 = 2, v 2 = 2) = 0.4 which is independent of the unknown input as the NSA has no stochastic direct feedthrough. Assume that the random experiment yields w2 = 1. With this, the output of the network and the input to S 1 is determined as w1 (0) = 1 and v 1 (0) = 1, respectively. The output relation of S 1 for input v 1 = 1 and state z 1 = 2 at k = 0 is given by H(w1 = 1 | z 1 = 2, v 1 = 1) = 0.2 ,
H(w1 = 2 | z 1 = 2, v 1 = 1) = 0.8 .
Let this random experiment yield w1 (0) = 2 or in terms of the network signals s1 (0) = 2. The next step according to Corollary 7.3.1 is to determine the successor states. The distributions Prob(z 0i | wi , z i , v i ) of the two processes are determined from eqn. (7.17): Prob(z 01 = 1 | w1 = 2, z 1 = 2, v 1 = 1) = 0.8/0.8 Prob(z 01 = 2 | w1 = 2, z 1 = 2, v 1 = 1) = 0/0.8 Prob(z 02 = 1 | w2 = 1, z 2 = 2, v 2 = 2) = 0.2/0.6 Prob(z 02 = 1 | w2 = 1, z 2 = 2, v 2 = 2) = 0.4/0.6 . Note that the distribution of the second SSP differs from the state transition relation G2 which is given by G2 (z 02 = 1 | z 2 = 2, v 2 = 2) = 0.2
G2 (z 02 = 2 | z 2 = 2, v 2 = 2) = 0.8 .
According to this probability distributions, the successor states of the SSPs are determined randomly yielding e.g. z 01 = 1 and z 02 = 1. In this case, the following realisation has been obtained in terms of the signals of the network: w1 (0) = 1
Z 1 (0 . . . 1) = ( 2, 1 )
Z 2 (0 . . . 1) = ( 2, 1 ) .
The probability of this realisation for the given initial states is given by 0.6 · 0.8 · 0.2/0.6 = 0.16 which is the product of the probabilities of all random choices.
Mean behaviour of the network. Corollary 7.3.1 can also be used to determine the mean behaviour of the network, i.e. the probability distribution 1 þ Z (0 . . . k+1), . . . , Z ν (0 . . . k+1), þ 1 µ Prob (0 . . . k), . . . , V (0 . . . k) (7.18) V þ W 1 (0 . . . k), . . . , W ρ (0 . . . k) for given initial state distributions Prob(z i (0)) = Prob(z i (0)) of all NSA. Equation (7.18) is in analogy to eqn. (2.30) for single SA. How Corollary 7.3.1
214
7. Stochastic Automata Networks
can be used to determine all entries of the distribution (7.18) has been shown by the above example. It is important to note that the states of the NSA are, in general, not stochastically independent. That is, the current state of the network is given by the joint distribution Prob(z 1 (k), . . . , z ν (k))
(7.19)
and not by separate distributions Prob(z i (k)), i = 1, . . . , ν. Furthermore, the successor states and outputs of the SSPs are, in general, not stochastically independent. This is because the coupling inputs contain information concerning the successor state of the SSP from which they originate. As a consequence, the different NSA cannot be treated separately for analysis. That is, using the state distribution Prob(z i (k)) of the NSA S i to determine its output distribution Prob(wi (k)) and using this distribution as input distribution to another NSA does not yield the correct result. This will be illustrated by the example given below. Consequently, all NSA must be processed anew for each state combination of the distribution (7.19) and separately for all combinations of coupling outputs what makes a network simulation a tedious task. Example 7.3.2. The aim of this example is to show that the attempt to determine the mean behaviour by processing the NSA separately yields a wrong result. As before, the network of SSPs shown in Figure 7.5 is considered with the initial states given by z 1 (0) = 2 and z 2 (0) = 2. Determining the probabilities of all realisation separately as described in the previous example yields the distribution Prob(z 1 (1), z 2 (1), w1 (0) | z 1 (0) = 2, z 2 (0) = 2) shown in the following table.
w1 (0) = 1 w1 (0) = 2
(z 1 (1), z 2 (1)) =(1, 1) 0.16 0.4
(z 1 (1), z 2 (1)) =(2, 1) 0.12 0
(z 1 (1), z 2 (1)) =(1, 2) 0.32 0
(z 1 (1), z 2 (1)) =(2, 2) 0 0
On the other hand, processing the NSA separately yields the following result. For the output distribution of NSA S 2 Prob(w2 (0) | z 2 (0) = 2) = {0.6, 0.4} is obtained. Using this distribution as input distribution of NSA S 1 yields Prob(w1 (0) | z 1 (0) = 2) = Prob(w1 (0) | z 1 (0) = 2, v 1 (0) = 1) · Prob(w2 (0) = 1 | z 2 (0) = 2) Prob(w1 (0) | z 1 (0) = 2, v 1 (0) = 2) · Prob(w2 (0) = 2 | z 2 (0) = 2) = { 0.52, 0.48 } Prob(z 1 (1) | z 1 (0) = 2) = Prob(z 1 (0) | z 1 (0) = 2, v 1 (0) = 1) · Prob(w2 (0) = 1 | z 2 (0) = 2) Prob(z 1 (0) | z 1 (0) = 2, v 1 (0) = 2) · Prob(w2 (0) = 2 | z 2 (0) = 2) = { 0.88, 0.12 } . As NSA S 2 has no stochastic direct feedthrough the determined probability distribution Prob(w1 (0) | z 1 (0) = 2) only effects the successor state distribution of the second NSA for which
7.4 Composition of Automata Networks
215
Prob(z 2 (1) | z 2 (0) = 2) = Prob(z 2 (1) | z 2 (0) = 2, v 2 (0) = 1) · Prob(w1 (0) = 1 | z 1 (0) = 2) Prob(z 2 (1) | z 2 (0) = 2, v 2 (0) = 2) · Prob(w1 (0) = 2 | z 1 (0) = 2) = { 0.616, 0.384 } is obtained. Based on these probability distributions the following result is obtained for Prob(z 1 (1), z 2 (1), w1 (0) | z 1 (0) = 2, z 2 (0) = 2). (z 1 (1), z 2 (1)) = (1, 1) w1 (0) = 1 w1 (0) = 2
0.88 · 0.616 · 0.6 = 0.3252 0.88 · 0.616 · 0.4 = 0.2168
(z 1 (1), z 2 (1)) (z 1 (1), z 2 (1)) (z 1 (1), z 2 (1)) = (2, 1) = (1, 2) = (2, 2) 0.0444 0.0296
0.2028 0.1352
0.0276 0.0184
Obviously, this distribution differs from the correct result given above. This is because the computation of separate distributions includes the assumption of several stochastic independencies of the random variables of the network which are not given.
A formal description of the mean behaviour for arbitrary network topologies based on the behavioural relations of the NSA is difficult to obtain. Therefore, the mean behaviour of automata networks is not further investigated in this section. Instead, it will be shown in Section 7.4.5 that the composition approach presented in the following provides an elegant way for the analysis of the mean behaviour of the network.
7.4 Composition of Automata Networks 7.4.1 Main Idea It is intuitively clear and will be derived formally in this section that the network of NSA can be represented by a single automaton. This SA has the form S(N ({z 1 , . . . , z ν }), N ({v 1 , . . . , v µ }), N ({w1 , . . . , w ρ }), L)
(7.20)
and describes, like the network, the relation between all external input signals v i , all measurable outputs wi and all states z i . All internal couplings signals si ∈ As are eliminated. This makes the analysis of the overall SA easier than the analysis of the network, as no values need to be determined for the coupling signals (cf. Corollary 7.3.1). In the following, a formalism is derived how the behavioural relation L can be obtained from the network (7.14). This idea seems to contradict the results of Section 7.2.2 which showed that the overall SA is, in general, more complex than the network and, for larger networks, impossible to determine
216
7. Stochastic Automata Networks
completely. In fact, the purpose of the methods presented in the following is not to literally determine the overall SA but to derive the formalism how it would be determined. For emphasis, this important point is restated. The purpose of composition of automata networks as used in the book is to have a formalism how the overall SA is derived. It is not used to determine this SA. The formalism will be used to describe a systematic way how to process the information in the network. It will be shown in Sections 7.4.5 and 7.5 that with this formalism, it is easy to describe the behaviour of the network and to solve process supervision tasks. First, in Section 7.4.2, an operation is derived to replace two NSA of the network by a single NSA. This operation requires that none of the two NSA has a self–feedback loop, i.e. both NSA must satisfy the condition Aiw ∩ Aiv = ∅. In case of a self–loop, the operation presented in Section 7.4.3 is needed to eliminate this loop. Furthermore, the composition of two NSA without self–loop can yield an NSA with self–loop, which must also be eliminated by using this operation. Both operations together can be used to successively reduce the number of automata of the network until only a single NSA is left. That is, for every network, a series of operations can be derived to transform it into a single SA. 7.4.2 Self–Loop–Free Composition Operation In this section, an operation is presented to transform two NSA S i (N (Aiz ), N (Aiv ), N (Aiw ), Li ) and S j (N (Ajz ), N (Ajv ), N (Ajw ), Lj ) (7.21) satisfying the conditions Aiw ∩ Aiv = ∅ and
Ajw ∩ Ajv = ∅
(7.22)
into a single SA. The operation is shown in Figure 7.6 and is due to the conditions (7.22) referred to as self–loop–free composition. For this composition operation, it is necessary to distinguish between the signals as shown in Figure 7.6 and summarised in Table 7.1. The way the signals are distinguished is explained for the input tuple v i of the NSA S i . Recall that the tuple v i refers to the set of attributes Aiv . According to relation (7.13), the set Aiv can contain a selection of external input signals v i of external output signals wi and internal coupling signals si . With this in mind, the set Aiv is partitioned into three sets ˆi ˆj→i . Aiv = Aˆi,j v ∪ Av ∪ Aw
(7.23)
i The set Aˆi,j v contains all those signals of Av which are also inputs to SSP j but do not originate from this process. Similarly, the set Aˆiv contains signals neither originating from nor connected to the process j. Both sets can contain
7.4 Composition of Automata Networks
217
Fig. 7.6. Composition of two self–loop–free Markov processes. Table 7.1. Division of the tuples for the self–loop–free composition operation. original tuple/attr. v i / Aiv
wi / Aiw
v j / Ajv
wj / Ajw
divided into containing tuple/attr. signals of i,j ˆ ˆ i,j / Av Av ∪ A w ∪ A s v ˆ i / Aˆiv Av ∪ A w ∪ A s v ˆ j→i / Aˆj→i Aw ∪ A s w w ˆ i / Aˆiw Aw ∪ A s w ˆ i→j / Aˆi→j Aw ∪ A s w w ˆi→j / Aˆi→j As s s ˆ i,j / Aˆi,j Av ∪ A w ∪ A s v v ˆ j / Aˆjv Av ∪ A w ∪ A s v ˆ i→j / Aˆi→j Aw ∪ A s w w ˆi→j / Aˆi→j As s s j ˆ ˆ j / Aw Aw ∪ A s w ˆ j→i / Aˆj→i Aw ∪ A s w w
meaning of the signals inputs to SSP i and j inputs only to SSP i outputs of SSP j to SSP i outputs of SSP i not to SSP j external outputs of SSP i to SSP j internal coulpings of SSP i to SSP j inputs to SSP i and j inputs only to SSP j external outputs of SSP i to SSP j internal coulpings of SSP i to SSP j outputs of SSP j not to SSP i outputs of SSP j to SSP i
external input, external output or internal coupling signals. The set Aˆj→i w contains all external and internal output signals of SSP j that are inputs of SSP i. Note that, the sets can also be empty meaning that no such signal exists in the network. With the partition (7.23), the input tuple v i of the NSA S i is written as ˆ i,j , v ˆi, w ˆ j→i ) , vi = ( v ˆ i ∈ N (Aˆiv ) and w ˆ j→i ∈ N (Aˆj→i ˆ i,j ∈ N (Aˆi,j consisting of the tuples v v ), v w ). Similarly, the tuples wi , v j and wj are decomposed into sub–tuples according
218
7. Stochastic Automata Networks
Self–loop–free composition operation Theorem 7.4.1. Consider an automata network (7.14) of ν NSA that contains two NSA S i and S j satisfying the conditions (7.22). With respect to its external behaviour this network is equivalently represented by the network SN ( ({S 1 , . . . , S ν }\{S i , S j }) ∪ {S i,j } , Aw ) i,j i,j i,j with the NSA S i,j (N (Ai,j z ), N (Av ), N (Aw ), L ) where j i Ai,j z = Az ∪ A z i,j i,j Av = Aˆv ∪ Aˆiv ∪ Aˆjv ∪ Aˆj→i w ˆi ∪ Aˆjw ∪ Aˆi→j ∪ Aˆj→i = A Ai,j w w w
w
and Li,j (z 0i,j , wi,j | z i,j , v i,j ) =L =
i,j
(7.24)
ˆ i, w ˆ j, w ˆ i→j , w ˆ j→i ) | (z i , z j ), (ˆ ˆi, v ˆj , w ˆ j→i )) (z 0i , z 0j , (w v i,j , v X
ˆ i, w ˆ i→j , s ˆi→j ) | z i , (ˆ ˆi, w ˆ j→i )) Li (z 0i , (w v i,j , v j 0 i→j i→j ˆ ˆ ∈N (As ·) L (z j , (w s ˆ j, w ˆ j→i ) | z j , (ˆ ˆj , w ˆ i→j , s ˆi→j )) v i,j , v
hold. Proof. See Appendix C.24.
t u
to the meaning of the signals they consist of. The meaning of all signals shown in Figure 7.6 is summarised in Table 7.1. The coupling signals from process i ˆi→j contains to process j are divided into the sets Aˆi→j and Aˆi→j s w . The set As only those signals exclusively appearing between the two processes. All other signals constitute the set Aˆi→j which therefore contains measurable outputs w or internal couplings also connected to processes other than i or j. Note that all partitions of the sets of attributes can be determined from the sets of attributes of the NSA. For the sets of eqn. (7.23) these are for example i j Aˆi,j v = Av ∩ A v ,
= Aiv ∩ Ajw , Aˆj→i w
ˆj→i Aˆiv = Av \(Aˆi,j v ∪ Aw ) .
With this, the theorem shown at the top of this page is obtained. The composition operation of Theorem 7.4.1 is shown in Figure 7.6. Note that the sets Aiz or Ajz need not be singletons. That is, the composition operation can also be applied to NSA that originated from foregoing compositions. For the successive application of the self–loop–free composition operation, the following result is important:
7.4 Composition of Automata Networks
219
Fig. 7.7. Self–loop elimination operation.
Lemma 7.4.1. If neither the automaton S i nor the automaton S j has a stochastic direct feedthrough, then the stochastic automaton S i,j obtained from the self–loop–free composition according to Theorem 7.4.1 has no stochastic direct feedthrough. Proof. See Appendix C.25.
t u
According to this result, the property that none of the NSA in a network has a stochastic direct feedthrough is invariant with respect to self–loop–free composition. Remark 7.4.1. Note that the self–loop–free composition operation is not symmetˆ j→i still appears on the right–hand ric with respect to the indices i and j as w side of Li,j . It will become clear at the end of the next section that symmetry is obtained after eliminating the self–loop of the NSA S i,j . 7.4.3 Self–Loop Elimination Operation In this section, a composition operation to eliminate self–loops is derived. The operation is shown in Figure 7.7 and is referred to as self–loop elimination. Like the self–loop–free composition, this operation requires to distinguish between the different signals that constitute the input v i and output wi of the NSA S i . The way the tuples are divided is shown in Figure 7.7 and is summarised in Table 7.2. The signals that constitute such self–loops are obtained from Aiw ∩ Aiv 6= ∅ .
(7.25)
Due to condition (7.22), the self–loop elimination operation supplements the self–loop–free composition considered above. As shown in Figure 7.7 this composition operation eliminates all self–loops. As before, the set of coupling signals Aiw ∩ Aiv is partitioned into the sets ˆi→i contains only those signals that do not appear Aˆi→i and Aˆi→i s w , where As in any other SSP. The following theorem provides the sought composition operation.
220
7. Stochastic Automata Networks
Table 7.2. Division of the tuples for the self–loop elimination operation. original tuple/attr. v i / Aiv wi / Aiw
divided into tuple/attr. ˆ i / Aˆiv v ˆ i→i / Aˆi→i w w ˆi→i / Aˆi→i s s ˆ i / Aˆiw w ˆ i→i / Aˆi→i w w ˆi→i / Aˆi→i s s
containing signals of Av ∪ A w ∪ A s Aw ∪ A s As Aw ∪ A s Aw ∪ A s As
meaning of the signals inputs not originating from SSP i external self–loop signals of SSP i internal self–loop signals of SSP i outputs not fed back to SSP i external self–loop signals of SSP i internal self–loop signals of SSP i
Self–loop elimination operation Theorem 7.4.2. Consider an automata network (7.14) that contains an NSA satisfying condition (7.25). With respect to its external behaviour this network is equivalently represented by the network SN ( ({S 1 , . . . , S ν }\{S i }) ∪ {S˜i } , Aw ) ˜ i ), A˜i = Aˆi ∪ Aˆi→i and with the NSA S˜i (N (Aiz ), N (Aˆiv ), N (A˜iw ), L w w w ˜ i (z 0 , (w ˆ i, w ˆ i→i ) | z i , v ˆi) L i X i 0 ˆ i, w ˆ i→i , s ˆi→i ) | z i , (ˆ ˆ i→i , s ˆi→i )) . = L (z i , (w vi , w
(7.26)
ˆi→i ) ˆi→i ∈N (A s s
Proof. See Appendix C.26.
t u
Remark 7.4.2. The self–loop elimination operation can be combined with the self– loop–free composition of Theorem 7.4.1 such that the operation shown in Figure 7.6 directly yields an NSA without self–loop. By joining the composition equations (7.24) and (7.26), it can be seen that the joint operation is symmetric with respect to the indices i and j. This property was expected as the assignment of the processes to the indices is arbitrary. 7.4.4 Composition Algorithm and Composition Order By means of the two operations of Theorems 7.4.1 and 7.4.2, every network can be transformed into an equivalent single SA. Algorithm 7.1 shows the flow chart of the corresponding composition algorithm. In each cycle, the number of automata of the network is reduced by one. Hence, the algorithm always terminates and yields the overall SA representing the network. As it can be seen from Algorithm 7.1, the composition algorithm includes in every cycle a choice of the automata to be composed. This means a freedom concerning the composition order. Obviously, there are good and bad choices
7.4 Composition of Automata Networks
221
Algorithm 7.1: Composition of automata networks
of the order with respect to the computational effort. Clearly, choosing NSA with disjoint signals leads to a more complex computation than composing NSA with internal couplings that can be eliminated. However, this issue is not discussed in detail in this book. Instead, a result from computer science will be used for the composition order which is explained in the following. In Section 7.4.6 it will be shown that the composition of NSA is closely related to the computation of a natural join of relations in database theory. Therefore, results on optimal composition orders achieved in computer science can be used. There, the issue is referred to as query optimisation [106] and is approached by different heuristics and an optimal strategy is still under research [65]. In the following, a strategy known in literature as greedy–heuristics is used. It has been suggested in [65] for composing static symbolical models for
222
7. Stochastic Automata Networks
diagnosis and is, thus, closely related to the aims of this book. According to this strategy the NSA with the minimal number of edges is first chosen. It is combined with the adjacent NSA which likewise has the smallest number of edges. The assumption behind this strategy is that the number of necessary compare–operations when searching for the proper entries of the behavioural relations is minimised if the operands have a minimal number of entries. This, however, cannot be guaranteed but yields satisfactory results in the practical application [65]. 7.4.5 Behaviour Analysis Using the Composed Automaton The above composition algorithm yields the SA S(N ({z 1 , . . . , z ν }), N ({v 1 , . . . , v µ }), N ({w1 , . . . , w ρ }), L)
(7.27)
which represents the external behaviour of the given automata network. As the SA (7.27) is equivalent to an usual SA, all results of Chapters 2 and 5 apply. This means that instead of Corollary 7.3.1, eqns. (2.28) and (2.34) can be used to simulate the automata network. In particular this means that the simulation need not be performed in two steps and no distributions (7.17) need to be determined. Furthermore, the states can be simulated without determining the outputs by eqn. (2.28) using the state transition relation G of the SA (7.27). This is possible because the composed SA has, in contrast to the network, a decomposed computation order of the successor states and outputs which is a byproduct of the composition algorithm. As already mentioned above, it is not always desirable to compute the SA (7.27) to represent a given network. This is because the number of nonzero entries in the behavioural relation L is, in general, much higher than the sum of nonzero entries in all behavioural relations Li of the NSA (cf. Section 7.2.2). Hence, from a practical viewpoint it is compulsory or at least preferable to use the decomposed rather than the composed representation of the network of SSPs. The composition algorithm provides a systematic way to analyse the network without computing the overall SA (7.27) first. This idea is based on the observation that both composition operations need not necessarily be performed for all signal values but can be restricted to those of current interest. In the following, this idea is the briefly outlined for simulation and is described in more detail for state observation and diagnosis in Section 7.5. From eqns. (7.24) and (7.26), it is clear that the composition operations can be carried out separately for each value of the state z i,j or z i as well as ˆ i , respectively. For simulation, this means the for each input value v i,j or v following. Given are the sequences V 1 (0, . . . , k), . . . , V µ (0, . . . , k)
(7.28)
7.4 Composition of Automata Networks
223
of external inputs and the initial state distributions Prob(z i (0)) of the SSPs. The latter directly correspond to the initial state distributions Prob(z i (0)) of the NSA. From these distributions the sets Z i (0) with Z i (0) = {z i (0) | Prob(z i (0) > 0)} ,
i = 1, . . . , ν
(7.29)
are determined. The sets (7.29) directly yield the sets of state tuples z i,j or z i for which the composition operations must be carried out. These are Z i,j (0) = {(z i , z j ) | z i ∈ Z i (0), z j ∈ Z j (0)}
and
Z i (0) ,
respectively. For k > 0, the probability distributions Prob(z 1 (k), . . . , z ν (k)) obtained from simulation are projected to the boundary probability distributions Prob(z i (k)) which likewise yield the sets Z i (k) to be considered for composition. Similarly, the given external inputs restrict the set of inputs that need to be considered. That is, the self–loop-free composition or self–loop elimination operations at time k need to be carried out only for the inputs of the sets V i,j (k) = {v i,j | v i,j (v ι ) = v ι (k), for all v ι ∈ Ai,j v ∩ Av } i ι ι ι i ˆ and V (k) = {v i | v i (v ) = v (k), for all v ∈ Av ∩ Av } , respectively, given the external input symbols v 1 (k), . . . , v µ (k) of the sequences (7.28) at time k. In summary, in each simulation step only the required part of the SA (7.27) is determined. Therefore, this method is referred to as network simulation by partial composition. Example 7.4.1. In this example, the composition algorithm is applied to the automata network shown in Figure 7.5. The composition operation can be applied without any modification as only one of the processes has a stochastic direct feedthrough. This will be shown formally in Section 7.4.7. None of the two NSA has a self–loop. Hence the self–loop-free composition operation is applied choosing i = 1 and j = 2. The formal partitions of the sets A1v = {w1 }, A1w = {s1 }, A2v = {s1 } and A2w = {w1 } are as follows (cf. Table 7.1): A1v : A1w : A2v : A2w :
ˆ1 ˆ2→1 = {w1 } , Aˆ1,2 v = {}, Av = {}, Aw 1 1→2 ˆ ˆ Aw = {}, Aw = {}, Aˆs1→2 = {s1 } , ˆ1→2 = {}, Aˆ1→2 ˆ2 Aˆ1,2 = {s1 } , s v = {}, Av = {}, Aw 2→1 Aˆ2w = {}, Aˆw = {w1 } .
According to Theorem 7.4.1, the composed NSA S 1,2 has the following sets of attributes: = {z 1 , z 2 }, A1,2 z
1 A1,2 v = {w },
1 A1,2 w = {w } .
The automaton graph of the NSA S 1,2 is shown on the left–hand side of Figure 7.8 where the inputs and outputs are distinguished by the colour and thickness of the edges as given by the following table.
224
7. Stochastic Automata Networks
Fig. 7.8. Network automaton after first composition step (left), composed automaton (middle) and partial composition for the initial states z 1 = 2 and z 2 = 2 (right). v 1,2 = 1, w1,2 = 1 black, thin
v 1,2 = 2, w1,2 = 1 grey, thin
v 1,2 = 1, w1,2 = 2 grey, thick
v 1,2 = 2, w1,2 = 2 black, thick
After this composition operation, there is a single NSA left. As implied in the composition algorithm, the NSA are renumbered such that S 1,2 becomes S 1 in a network containing only a single NSA. The set of input and output attributes of the resulting NSA have common signals because A1v ∩ A1w = {w1 } 6= ∅ holds. According to Algorithm 7.1 a final self–loop elimination operation is performed. In the notation of Theorem 7.4.2, the following sets are obtained: A1v : A1w
:
1→1 Aˆiv = {}, Aˆw = {w1 }, Aˆ1→1 = {} s i 1→1 Aˆw = {}, Aˆw = {w1 }, Aˆ1→1 = {} . s
The elimination operation means to eliminate all edges of S 1,2 for which the output symbol does not coincide with the input symbol. In Figure 7.8 these are all grey edges. Eliminating them yields the automaton graph shown in the middle of the figure. This SA represents the external behaviour of the network of Figure 7.5. The automaton graph on the right–hand side of Figure 7.8 illustrates the idea of simulation by partial composition. Assume that the initial state distributions of the two processes are given by Prob(z 1 (0)) = {0, 1} ,
Prob(z 2 (0)) = {0, 1} .
Accordingly, for the first simulation step, the composition needs to be determined only for the states of the set Z 1,2 (0) = {(2, 2)}. The corresponding part of the composed NSA is shown in the figure. For a second simulation step, however, partial composition has no advantage. This is because the projection of the simulation result on the boundary distributions Prob(z 1 (1)) and Prob(z 2 (1)) yields a nonzero probability for both states of each SSP. Accordingly, Z 1,2 (1) = N (A1,2 z ) holds such that the whole composition needs to be carried out. Note that the graph on the right–hand side of Figure 7.8 illustrates that the states of the two SSPs are, in general, not stochastically independent. That is, for the initial states z 1 = 2 and z 2 = 2, the successor state of both SSPs can be either 1
7.4 Composition of Automata Networks
225
or 2. However, it is not possible that both SSPs remain in state 2. At least one of them must leave the state. If one SSP does not, this forces the other one to change its state. Accordingly, the state of the network of SSPs shown in Figure 7.5 cannot be described by the boundary distributions Prob(z 1 ) and Prob(z 2 ) but only by the joint distribution (7.19).
7.4.6 Automata Composition and Diagnosis in Relational Algebra** In this section it is shown that the composition of automata presented above has a close connection to database theory and relational algebra. According to eqn. (7.8), the Cartesian product N (A) of a set of attributes A contains all tuples over this set of attributes. Every subset of N (A) is called a relation and is denoted by R(A) ⊆ N (A) [65], [171]. The elements of a relation are tuples which are denoted by t ∈ R(A). An important operation between two relations is the natural join [8], [65]. Given two relations R1 (A1 ), R2 (A2 ) the natural join is defined as R1 (A1 ) ÿý R2 (A2 ) (7.30) n 1 2 1,2 o 1 1,2 2 1,2 1 2 1 1 2 := (ˆt , ˆt , ˆt ) ∈ N (A ∪ A ) | (ˆt , ˆt ) ∈ R (A ), (ˆt , ˆt ) ∈ R (A2 ) , with Aˆ1,2 := A1 ∩ A2 , Aˆ1 := A1 \Aˆ1,2 and Aˆ2 := A2 \Aˆ1,2 . If Aˆ1,2 = ∅ holds the natural join is the Cartesian product of relations. It can be shown that the natural join is a commutative and associative operation [8], [65].
Fig. 7.9. Component–oriented modelling based on the signal flow graph.
In addition to the natural join the projection of a relation is needed. Given a relation R(A) and a subset of attributes A1 ⊂ A the projection of R to A1 is defined as πA1 (R) := {t1 ∈ N (A1 ) | ∃t2 such that (t1 , t2 ) ∈ R(A)} .
(7.31)
The main idea of the approach presented in [65] is as follows. Assume that a static system with l signals named according to the set of attributes A = {a1 , a2 , . . . , al } is given. These signals can be inputs ui , outputs y i or internal variables xi . The causal dependence of these signals is described by a signal flow graph. It is a directed graph for which an example is shown
226
7. Stochastic Automata Networks
in Figure 7.9. Each signal is a node of the graph. An edge from node ai to aj means that the value of signal aj depends directly on the value of signal ai . Input nodes do not have any predecessor node and output nodes no successor. The system behaviour is given by component models. Such a component model is given for each node that has a predecessor, i.e. for all outputs and internal variables. A component model is a relation Ri that contains all combinations of signals values that the system can generate, where the relation Ri is between the signal of the node itself and its predecessors. A system is thus described by ν < l component models. In case of Figure 7.9 these are the ν = 5 relations R1 , . . . , R5 . According to [65] for the overall model R(A) of the system represented by the relations Ri (Ai ), i = 1, . . . , ν the following holds: R(A) = R1 (A1 ) ÿý · · · ÿý Rν (Aν ) = ÿý νi=1 Ri (Ai ) .
(7.32)
This means that the overall model of the system is given by the natural join of its component models. As described in Section 2.5.1 every SA S can be transformed into a nondeterministic automaton (NA) N by neglecting the probabilities. Analogously, an NA on attributes N (N (Az ), N (Av ), N (Aw ), Ln ) can be obtained from an SA on attributes. As already remarked in Section 7.2.4 the nondeterministic behavioural relation Ln can be represented by a relation
Fig. 7.10. Signal flow graph of an automaton (left) and two automata in series connection (right).
R(Az ∪ Av ∪ Aw ∪ Az ) ⊆ N (Az ∪ Av ∪ Aw ∪ Az ) . Accordingly, a network of NSA yields a corresponding network of NA that can be represented by a set of relations Ri , i = 1, . . . , ν. Each relation describes the possible combinations of the signal values for all signals on which
7.4 Composition of Automata Networks
227
it is defined. Self–loops are, thus, implicitly resolved by setting up the relation. On the left–hand side of Figure 7.10 the signal flow graph of the SA, respectively NA, is shown [180], where the symbol at the edge from z 0 to z means a delay of one time step. In the graph the dependency of the successor state and output is resolved as described in Corollary 7.3.1 and eqn. (7.17) by determining the successor state in dependence upon the previously determined output. On the right–hand side of the figure an example for the signal flow graph of two coupled automata is shown. To shown the direct analogy to the method presented in [65] a compound node consisting of the output, state and successor state nodes can be introduced. This is shown in Figure 7.10 by the large grey nodes. In a signal flow graph corresponding to a network of NA there exist ν of such compound nodes, where each node is associated with one relation Ri (cf. Figure 7.10). Using these compound nodes, the signal flow graph appears as shown in Figure 7.9. Hence, the overall model can be obtained according to eqn. (7.32) by the natural join of all relations Ri . Formally, this result is given below. For simplicity of presentation it is assumed that all self–feedback loops of a given network of SA are eliminated beforehand. ˜ i,j derived from ˜ i,j corresponding to the NA N Lemma 7.4.2. The relation R i,j the SA S˜ obtained from the subsequent application of the self–loop–free composition and the self–loop elimination operation of Theorems 7.4.1 and 7.4.2 to any two NSA S i and S j is equivalently obtained from ˜ i,j (Ai,j ) = πAi,j Ri (Ai ) ÿý Rj (Aj ) (7.33) R with ˆi ˆj ˆi ˆj ˆi→j ∪ Aˆj→i Ai,j = Aiz ∪ Ajz ∪ Aiz ∪ Ajz ∪ Aˆi,j v ∪ Av ∪ Av ∪ Aw ∪ Aw ∪ Aw w i i i i,j i j→i j→i i i→j A = Az ∪ Az ∪ Aˆv ∪ Aˆv ∪ Aˆw ∪ Aˆs ∪ Aˆw ∪ Aˆw ∪ Aˆi→j s j→i j→i j i→j i→j j ˆ ˆ ˆ ˆ ˆ ˆ Aj = Ajz ∪ Ajz ∪ Aˆi,j ∪ A ∪ A ∪ A ∪ A ∪ A ∪ A s w w s w v v where Ri and Rj denote the relations corresponding to the NA derived from the SA S i and S j , respectively. The notions of the above sets of attributes is according to Tables 7.1 and 7.2. Proof. See Appendix C.27.
t u
According to this lemma the composition of SA presented in this book can be viewed as the stochastic extension of the composition presented in [65] applied to dynamical system represented by networks of NA. In fact, Lemma 7.4.2 shows the formal equivalence of the method presented here to the approach in [65] projecting the composition algorithm of Section 7.4.4 to nondeterministic automata. Accordingly, the following corollary holds.
228
7. Stochastic Automata Networks
Corollary 7.4.1. The stochastic automaton S representing the external behaviour of an automata network SN ({S 1 , . . . , S ν }, Aw ) yields a nondeterministic automaton corresponding to the relation R(A) = πA ÿý νi=1 Ri (Ai ) with A = Av ∪ Aw ∪ Az ∪ Az . Diagnosis based on relational representations. The background of the composition approach of [65] is like here the diagnosis of technical systems. The diagnostic algorithm derived in [65] is as follows. Let F ⊂ A denote the fault signals which are a subset of the set of signals A of the system. Then diagnosis means to compute the relation D(F ) = πF σv,w ÿý νi=1 Ri (Ai ) (7.34) where σv,w means the selection of those tuples of the overall model for which the external inputs and outputs coincide with the measured tuples v and w. In database theory the operation σ is referred to as selection. The diagnosis rule is very similar to the diagnosis presented here as it means to find the set of all internal variables that agree to the measurements and to project the resulting set to the fault variables. However, the diagnosis (7.34) is, in contrast to the method presented here, a static diagnostic rule and can, therefore, not be applied directly to the diagnostic problem posed in Section 5.5. For an efficient diagnosis in [65] a method is presented that avoids the computation of the internal variables xi . However, for dynamical systems as considered here the computation of the internal states z i is inevitable as shown in Section 5.5. However, values of the internal coupling signals need not be computed. The simplifications introduced in [65], therefore, correspond to the summations over the internal couplings after each composition step as included in Theorems 7.1 and 7.2. 7.4.7 Networks with Stochastic Direct Feedthroughs** For simplicity of presentation it has been assumed throughout this chapter that none of the NSA has a stochastic direct feedthrough. This assumption can be relaxed as shown below. From eqn. (7.26) of Theorem 7.4.2 and Lemma 7.2.1 it is clear that for the self–loop elimination operation only a stochastic direct feedthrough from the ˆ i→i and s ˆi→i of the self–loop must be excluded. That inputs to the signals w is, none of the given NSA must have partial stochastic direct feedthrough from the inputs Aiv to the outputs Aˆiw ∪ Aˆis ⊆ Aiw . In the following it is shown that the condition that none of the given NSA and none of the NSA obtained during composition has such a partial stochastic direct feedthrough is sufficient for the network to represent a well–defined SP.
7.5 State Observation and Diagnosis of Automata Networks
229
It must be shown that whenever a self–loop–free composition operation is not well–defined this can be detected from checking the above condition, i.e. to check for partial stochastic direct feedthrough of the composed NSA S i,j . According to the proof of Theorem 7.4.1 the self–loop–free composition is possible provided that the NSA S j has no direct feedthrough (cf. Appendix C.24). More precisely, it has been assumed that ˆ j→i | z i , (ˆ ˆ i )) = Prob(w ˆ j→i | z i , (w ˆ i→j , s ˆi→j , v ˆ i,j , v ˆ i )) (7.35) Prob(w v i,j , v holds. Condition (7.35) means that a partial stochastic direct feedthrough and Aˆi→j to Aˆj→i must be excluded. Othfrom the input signals of Aˆi→j w s w ˆ i→j and s ˆi→j cannot be introduced on the condition erwise, the signals w side in eqn. (7.35). As the assignment of the indices i and j to the NSA is arbitrary, condition (7.35) needs to hold only for any one of the two NSA to be composed. Hence, only in case that both NSA have such a feedthrough a composition by Theorem 7.4.1 is not possible. In this case, however, the composed NSA S i,j has a partial stochastic direct feedthrough from the self–loop ˆ i→i and s ˆi→i to themselves. This, however, is included in the above signals w check of the composed NSA. In summary the following result is obtained. Corollary 7.4.2. A network of NSA SN ({S 1 , . . . , S ν }, Aw ) represents a well–defined stochastic process if neither any of the given NSA S i has a partial stochastic direct feedthrough from the inputs Aiv to the outputs Aˆiw ∪ Aˆis ⊆ Aiw nor any NSA of the networks SN ({S 1 , . . . , S ν˜ }, Aw ), ν˜ = 1, . . . , ν−1 obtained during the application of Algorithm 7.1. According to this result, Algorithm 7.1 should be extended by a block before the block that checks whether ν > 1 holds. This block has to check for the partial stochastic direct feedthrough of the corollary. In case that such a feedthrough occurs the composition must be stopped. This extension allows to compose networks in which some of the NSA have stochastic direct feedthroughs.
7.5 State Observation and Diagnosis of Automata Networks The composition algorithm of Section 7.4.4 yields a single SA (7.27) for which all results of Chapter 5 apply. Accordingly, the introduced composition method allows to extend the results on state observation and fault diagnosis directly to automata networks. The reason for further considerations in this section is that it is usually not possible to compute the composed SA of a large network as already outlined in Section 7.4.5. Therefore, the composition algorithm is used as a rule how to process the information in the network rather than as a method to determine the composed SA.
230
7. Stochastic Automata Networks
Network information needed for state observation. According to Theorem 5.2.3, the current state observation requires to recursively determine the two conditional probability distributions Prob(z(k) | V (0 . . . k), W (0 . . . k)) and Prob(z(k+1) | V (0 . . . k), W (0 . . . k))
(7.36) (7.37)
for all states tuple z(k), z(k + 1) ∈ N (Az ) and for the uniquely given input and output sequences V and W , where the distribution (7.36) is the observation result and the distribution (7.37) is needed for the next observation step. From eqns. (5.10) and (5.12) it is clear that at time k only parts of the behavioural relations are required: 1. The behavioural relation L of the composed SA needs to be determined only for the measured external inputs v(k) and outputs w(k). 2. The behavioural relation L needs to be composed only for those states z(k) for which the probability distribution (7.37) determined at time k−1 is nonzero. The latter means that each composition step needs to be performed only for those states of automaton S i that belong to the set Z Aiz (k) = {z i (k) |
X
(7.38) Prob((˜ z (k), z i (k)) | V (0 . . . k−1), W (0 . . . k−1)) > 0} .
z ˜(k)∈N (Az \Aiz )
Note that this set must be determined for each NSA and in each composition step. The definition of the set (7.38) is such that Aiz need not necessarily be a singleton. From the above, an observation algorithm similar to Algorithm 5.1 can be derived. Such an algorithm is not given here but will be given for the observation of quantised states in automata networks in Section 8.3.1.
Fig. 7.11. Sequence of partial compositions for state observation.
7.5 State Observation and Diagnosis of Automata Networks
231
Example 7.5.1. Consider Example 7.3.1 with the network shown in Figure 7.5. For the a–priori initial state distributions Prob(z 1 (0)) = {0, 1} and Prob(z 2 (0)) = {0, 1} and the measurement sequence W (0 . . . 3) = (2, 2, 1, 1) the following sequence of sets (7.38) is obtained: Z A1z (0) = {2} Z A1z (1) = {1} Z A1z (2) = {1} Z A1z (3) = {2}
Z A2z (0) = {2} , Z A2z (1) = {1} , Z A2z (2) = {1, 2} , Z A2z (3) = {1} .
Figure 7.11 shows the corresponding automaton graphs of the partially composed SA, where thin edges correspond to w = 1 and thick ones to w = 2. From the complete composition shown in the middle of Figure 7.8 it can be seen that the partial compositions consist of those edges that correspond to the above sets of states and the measured external outputs. For state observation only the probabilities of these partial compositions are required. The observation result is given by the following table. Prob(z(0) | v(0), w(0)) Prob(z(1) | V (0 . . . 1), W (0 . . . 1)) Prob(z(2) | V (0 . . . 2), W (0 . . . 2)) Prob(z(3) | V (0 . . . 3), W (0 . . . 3))
z = (1, 1) z = (2, 1) z = (1, 2) z = (2, 2) 0 0 0 1 1 0 0 0 0.5/1.1 0 0.6/1.1 0 0 1 0 0
Fault diagnosis of automata networks. Due to the duality of fault diagnosis and state observation the composition algorithm and the above considerations concerning the partial composition equivalently hold for diagnosis ˆ = (z, f ). This mean that the fault is with respect to the compound state z introduced to the network in the same way as for single SA in Section 5.5.2. That is, each SSP is augmented by a “fault state” f i , i = 1, . . . , ν with f i ∈ Nfi such that the SA representing the overall network includes the fault tuples f and the successor fault tuple f 0 . However, there is one difference to state observation. According to Theorem 5.6.1 diagnosis requires to determine the distributions Prob(f (k) | V (0 . . . k), W (0 . . . k))
(7.39)
and Prob(ˆ z (k+1) | V (0 . . . k), W (0 . . . k)) .
(7.40)
Direct analogy to state observation, however, would mean to determine the distribution Prob(ˆ z (k) | V (0 . . . k), W (0 . . . k)) instead of (7.39). This seemingly means that for diagnosis the current state can be eliminated after each composition step and would, thus, correspond to the result in [65] that all internal variables can be eliminated after each join operation (cf. Section 7.4.6). However, after a closer investigation it turns out that this is not the case, i.e. the current state can not be eliminated
232
7. Stochastic Automata Networks
before the whole partial composition has been computed. Accordingly, only the simplifications mentioned above for state observation apply to diagnosis. The reason is as follows. According to Theorem 5.6.1 eliminating the current state means to multiply the composed behavioural relation with the probabilities of the distribution (7.40) obtained at time k−1. If this shall be used for intermediate composition results this would mean to multiply the intermediate behavioural relation with the boundary distribution of (7.40) with respect to the states appearing in the intermediate composition. However, this does only yield the correct result if the overall distribution (7.40) is equivalently represented by its boundary distributions or, in other words, if the states of the SSPs are stochastically independent. As this is, in general, not the case such simplifications at intermediate steps are impossible. The diagnostic algorithm for networks will be given in Section 8.3.2 for networks of qualitative models. Furthermore, a detailed example for the application of the diagnostic method to a network of SSPs will be given in Section 9.4.
7.6 Bibliographical Notes The composition of stochastic automata has only been considered be few authors in literature so far. In [23] a composition operation is derived under the assumption that the output of each stochastic automaton depends merely on the successor state and with the restriction to deterministic state transition relations. The considerations in this chapter are more general. In [47] and [97] only nondeterministic automata are studied. Furthermore, in [47] the behaviour of the network is studied based on the individual state transition relations of the automata of the network. As shown here, this means that independence between the successor state and output is assumed which is a rather restrictive assumption. One focus of the methods elaborated in artificial intelligence and computer science is the way how the qualitative knowledge is represented and processed. With respect to this, relational database theory and graph theory provide widely used tools [8], [171]. In [65] these techniques are applied to component–oriented modelling with application to diagnosis. However, in [65] only static systems are considered and no probabilities are used. Nevertheless, because of the similarities to the composition approach presented here it is discussed in some detail in Section 7.4.6. It is shown that the extension of the method to dynamical systems is identical to the composition presented here when neglecting all probabilities. Some results of [65] are directly used in this chapter.
8. Component–Oriented Modelling and Supervision of Quantised Systems
This chapter concerns qualitative modelling, state observation and fault diagnosis of quantised systems which are decomposed into subsystems. First, in Section 8.1 different ways to decompose the quantised system are investigated. Then it is shown in Section 8.2 how such decomposed quantised systems can be abstracted to automata networks. The supervision tasks are then solved by using results of previous chapters. Remarks on this way of solution are given in Section 8.3. In Section 8.4 the presented methods are illustrated at the running example.
8.1 Networks of Quantised Systems 8.1.1 Decomposed Quantised Systems In Chapter 6 the state observation and fault diagnostic tasks have been solved by using a single qualitative model of the quantised system. However, for higher order systems with several inputs and outputs the complexity of the qualitative modelling task necessitates a decomposition of the quantised system (cf. Section 3.1.5). For an example system, such a decomposed quantised system is shown in the upper part of Figure 8.1. In the figure the following notation is used. The states of the continuous–variable subsystems are denoted by xi . Measurable input signals are denoted by ui , measurable output signals by y i and immeasurable coupling signals by r i . In contrast to the quantised system shown in Figure 3.1, the embedded continuous–variable system of the decomposed quantised system is split up into a network of subsystems. The remainder of this chapter considers such decomposed quantised systems and shows, how a given decomposed quantised system can be abstracted to a network of qualitative models. J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 233-251, 2003. Springer-Verlag Berlin Heidelberg 2003
234
8. Component–Oriented Modelling of Quantised Systems
Decomposed quantised system
u 1 (k )
Continuousvariable system
y1(k )
x 1( k )
r 2(k ) u 2 (k )
Quantiser
[u1(k )]
Quantiser
[u 2 (k )]
y 2 (k )
Continuousvariable system
r 1( k )
x 2( k )
Continuousvariable system
x 3( k )
Quantiser
[y 1 (k )]
Quantiser
[y 2 (k )]
Network of qualitative models Supervision block
Supervision result
Fig. 8.1. Decomposed quantised system.
8.1.2 Decentralised Supervision In Figure 8.1 a single supervision block is used for the decomposed quantised system. However, depending on which coupling signals are measurable, it might be possible to decompose the supervision task if subsystems exist for which all external signals are measurable. This is shown in Figure 8.2 for an example system, which is similar to the system shown in Figure 8.1. However, in contrast to Figure 8.1, the output y 3 (k) of the third subsystem is measurable. Accordingly, the system can be split up using separate supervisors for both parts. This splitting up of the supervision is referred to as decentralised supervision. The advantage of a decentralised supervision is a reduction of complexity, because the complexity depends on the size of the network. Therefore, it is preferable to use several supervision blocks for different parts of the system instead of a single block for the whole system. Except for the measurability condition on all inputs and outputs, there is another limitation for isolating quantised subsystems for decentralised supervision. This concerns the condition that there must not be a direct coupling between the inputs and outputs of the quantised subsystems. In case of Figure 8.2 this means that the input y 3 (k) of subsystem 1 must not depend on the value of y 1 (k) at the same time instance. In other words, the decomposed quantised system 2 must not have a direct feedthrough from its input y 1 (k) to its output y 3 (k). The reason for this limitation is the assumption (5.6)
8.1 Networks of Quantised Systems
Decomposed quantised system 1
u 1 (k )
Continuousvariable system
Decomposed quantised system 2
y 1 (k )
y 3 (k ) u 2 (k )
Quantiser
Quantiser
[y 3 (k )]
Quantiser
[y 1 (k)]
Continuousvariable system
x 2( k )
x 1( k )
[u1(k )]
235
r 1( k )
Continuousvariable system
x 3( k )
Quantiser
[y 1 (k)]
y 2 (k )
Quantiser
[u 2 (k )]
Quantiser
[y 2 (k )]
Quantiser
[y 3 (k )]
Network 1 of qualitative models
Network 2 of qualitative models
Supervision block 1
Supervision block 2
Supervision result 1
Supervision result 2
Fig. 8.2. Decentralised Supervision of a decomposed quantised system.
that the current input is independent of the state. This assumption had to be made in Sections 5.2.1 and 5.5.1 in order to derive the state observation and fault diagnostic algorithms. Note that each quantised subsystem for itself is again a decomposed quantised system. Hence, independently of whether quantised subsystems can be detached or not, modelling must concern a decomposed quantised system. Remark 8.1.1. To reduce the complexity of the supervision task it is desirable to decentralise supervision as far as possible. As described above, this is only possible if all inputs and outputs of the quantised subsystems are measurable. However, in some cases such a decomposition might be inevitable for practical reasons. Then, the splitting up of the quantised system can be forced by ignoring immeasurable outputs of a quantised subsystem and by treating unknown input signals as uncertain parameters as introduced in Section 4.2.4. However, in general this means a loss of performance with respect to the supervision result as less information about the quantised subsystem is used by the supervision block. 8.1.3 Decomposition of Sampled Quantised Systems* In a practical application the systems under investigation are usually continuous–time rather than discrete–time systems. As described in Section 3.3.2, continuous–time systems are, therefore, considered under sampling with a fixed sampling time Ts , assuming that the inputs are constant between subsequent sampling instances. This yields a discrete–time system which has been referred to as sampled system in Section 3.3.2.
236
8. Component–Oriented Modelling of Quantised Systems
However, when decomposing a sampled continuous–time system care must be taken concerning the sample and hold condition on the coupling signals. Assume that a network of two coupled continuous–time systems is given as follows ˆ i (xi (t), ui (t), r j (t)) , xi (0) = xi0 x˙ i (t) = g ˆ j (xj (t), uj (t), r i (t)) , xj (0) = xj0 x˙ j (t) = g r i (t) = hir (xi (t), ui (t), r j (t)) r j (t) = hjr (xj (t), uj (t), r i (t)) .
Then, in general, the state equations of the corresponding discrete–time systems will have the form xi (k+1) = g i (xi (k), ui (k), xj (k), uj (k), r j (k)) , xj (k+1) = g j (xj (k), uj (k), xi (k), ui (k), r i (k)) . That is, the successor state of subsystem i depends also on the input and the state to subsystem j and vice–versa. Formally this becomes clear from eqn. (3.25) which yields i Z (k+1)Ts i i i ˆ (x (τ ), ui (τ ), r j (τ )) g x (kTs ) x ((k + 1)Ts ) = + dτ . xj (kTs ) xj ((k + 1)Ts ) ˆ j (xj (τ ), uj (τ ), r i (τ )) g kTs Clearly, the integration does not necessarily yield two functions g i and g j which are independent of the state and input of the corresponding other subsystem. Intuitively, this result can be explained as follows. Within a sampling interval the coupling signals r i and r j are not constant but change over time. Hence, the successor state of subsystem i does not only depend on the coupling signal r j at a sampling instance but also on the shape of the coupling signal within the sampling interval. The shape of the coupling signal r j depends, of course, on the state xj and the input uj . This explains the dependence of xi (k+1) on xj (k) and uj (k). The same arguments hold true for subsystem j. An example for the decomposition of a sampled continuous–time system will be given in Section 8.4.
8.2 Qualitative Modelling of Decomposed Quantised Systems 8.2.1 Network of Causal Quantised Systems For the same reasons as for the quantised system of Chapter 3, the modelling of the decomposed quantised system concerns the causal decomposed
8.2 Qualitative Modelling of Decomposed Quantised Systems
237
quantised system. Hence, similar to Figure 3.1, the decomposed quantised system must be transformed. However, the aim is not to set up a single qualitative model of the decomposed quantised system but to derive a network of qualitative models where each qualitative model is an abstraction of one continuous–variable subsystem. As the couplings between these models are quantised signals this means that the internal coupling signals also need to be quantised. The necessary transformations for deriving a network of qualitative models are as follows: 1. In the first step for each internal coupling signal a quantiser and some injectors are introduced. 2. In the second step the decomposed quantised system is transformed such that causal quantised subsystems are obtained. 3. Finally, each causal quantised subsystem is abstracted to a qualitative model yielding a network of qualitative models. Figure 8.3 illustrates these transformations at an example system.
Decomposed quantised system
u 1 (k )
Continuous− variable system
y1(k )
x 1( k )
r 2(k ) u 2 (k )
Quantiser
[u1(k )]
Quantiser
[u 2 (k )]
Decomposed quantised system with quantised couplings
y 2 (k )
Continuous− variable system
1(
r k)
x 2( k )
x 1( k )
Continuous− variable system
Quantiser
x 1( k )
Injector
x 3( k )
Quantiser
[y 1 (k )]
Quantiser
[y 2 (k )]
Quantiser
[r 2(k )] Injector
[u1(k )]
Quantiser
Injector
[r 1(k)] Injector
Continuous− variable system
x 3( k )
Quantiser
[u 2 (k )]
Quantiser
[y 1 (k )]
[y 2 (k )]
Network of qualitative models Quantiser
x 2( k )
Injector
Quantiser
Qualitative model
Qualitative model
[ x1(k ) ] = z 1
[ x2(k ) ] = z 2
[r 1(k)] Injector
x 2( k )
[ y1(k ) ]
Quantiser
Quantiser
[u1(k )]
y 2 (k )
Continuous− variable system
[r 2(k )] u 2 (k )
Continuous− variable system
[ y1(k ) ]
Continuous− variable system Quantiser
Causal decomposed quantised system Continuous− variable system
u 1 (k )
Continuous− variable system
[r 1(k)]= s1
Injector
[r 2(k )] = s2
x 3( k )
Qualitative model
[ x3(k ) ] = z 3
Injector
[u 2 (k )]
[y 1 (k )]
[y 2 (k )]
[u1(k )] = v1 [u 2 (k )] = v2
[y 1 (k )]= w1
[y 2 (k )]= w2
Fig. 8.3. Transformation of a decomposed quantised system (upper left) into a network of qualitative models (lower right) by quantising the internal couplings (upper right) and via a transformation into a causal system (lower left).
238
8. Component–Oriented Modelling of Quantised Systems
In principle, each qualitative model of the network is obtained as described is Chapter 3. The only difference concerns the fact that the quantised subsystems can have more than one quantised input or output. Consequently, its qualitative model also has more than one symbolical input or output signal and is, therefore, described by means of an SA on attributes as introduced in Section 7.2.4. The following section formally introduces the decomposed quantised system and the causal quantised subsystems. Section 8.2.3 then concerns the definition of a network of qualitative models as abstraction of the causal decomposed quantised system. 8.2.2 Formal Description of Networks of Quantised Systems Signals of the network and their quantisation. As in Section 7.2.5 the signals of the networks are identified by means of attributes, i.e. by means of symbolical signal names. All attributes of the network constitute the sets Au = {u1 , u2 , . . . , uµ } , Ar = {r 1 , r 2 , . . . , r κ } ,
Ay = {y 1 , y 2 , . . . , y ρ } , Ax = {x1 , x2 , . . . , xν } ,
(8.1)
where the signals of the set Au are measurable inputs and those of Ay measurable outputs. The signals of the set Ar are immeasurable internal coupling signals and the attributes of Ax mean the states of the subsystems. All signals of the network are quantised. Except for those measurable output signals y i that do not couple to other subsystems, all quantisations are defined by means of probability density functions as follows. i
The signal space of an input signal ui , i = 1, 2, . . . , µ is given by Rm . On this i space M i non–overlapping probability density functions pjui : Rm → IR+ , i.e. density functions with disjoint supports are used to define the signal quantisation. These densities are according to Z pjui (ui ) = 0 ⇔ ζ 6∈ Qui (j) and pjui (ui )dui = 1 , j = 1, 2, . . . , M i , Rmi
i
i
where the sets Qui (j) partition the signal space Rm ⊆ IRm . Equivalently, the coupling signal spaces and the state spaces are partitioned into sets Qri (j) or Qxi (j) on which density functions pjri (r i ) or pjxi (xi ) are defined, respectively. The quantisation of the external output signals is given by sets Qyi (j) which partition the corresponding output signal space. In case that an external output signal is also an input to another subsystem, density functions pjyi (y i ) are defined for the injector which are, as before, nonzero exactly on Qyi (j). In the following, the signal spaces of the numerical signals are denoted by Riu , Riy , Rir and Rix for the input space, the output space, the internal coupling space and the state space, respectively. Similarly, the domains of the quantised signals are denoted by Nui , Nyi , Nri or Nxi , respectively. That is,
8.2 Qualitative Modelling of Decomposed Quantised Systems
239
for the inputs ui ∈ Riu and [ui ] ∈ Nui hold, and respectively for the outputs, internal couplings and states. The introduced signal quantisations define all quantisers and injectors of the network. Note that due to the above definition the quantisers and injectors of the same coupling signal always match. Remark 8.2.1. For signals that are measured numerically, i.e. for signals where the quantisation is chosen on purpose, it is possible to use different signal quantisations for each quantised subsystem. In order to comply with the notation introduced above, signals with different quantisations are treated as different quantised signals. An example for this will be given in Section 8.4. Description of the causal quantised subsystems. Each causal quantised subsystem can have different input and output signals of the sets Au , Ay and Ar . This is reflected by the sets of attributes Aiu ⊆ Au ∪ Ay ∪ Ar , Aiy ⊆ Ay ∪ Ar , and Aix ⊆ Ax , i = 1, . . . , ν
(8.2)
which specify the inputs, outputs and the state of each quantised subsystem of the network. The sets Aix are singletons by definition, i.e. Aix = {xi } holds for all i = 1, . . . , ν. Note that like for automata networks, the entity of the sets (8.2) represents the topology of the network (cf. Section 7.2.5). For the input, output and state of the continuous–variable system embedded in each causal quantised subsystem a tuple notation as introduced in Section 7.2.4 is used. The input tuple is denoted by ui , the output tuple by y i and the state tuple by xi . Each tuple is composed of the network signals as specified by the corresponding set of attributes Aiu , Aiy or Aix . The tuples are not to be confused with the notation of the network signals introduced in the previous section. For example, the attribute ui means “external input signal i”, whereas ui means the input tuple of the i–th subsystem. To give an example for the introduced notation, the input to the first causal quantised subsystem in Figure 8.3 is considered. The signals u1 and r 2 are inputs to this subsystem. Accordingly, the set of input attributes of this system is given by A1u = {u1 , r 2 } and an input tuple u1 of the embedded continuous–variable system is denoted by u1 = (u1 (u1 ), u1 (r 2 )). The domains of the tuples ui , y i and xi are given by the Cartesian product of the domains of the signals they consist of. In analogy to eqn. (7.8) the Cartesian product of real–valued signal spaces with respect to a set of attributes Aiu = {u1 , u2 , . . . , ul } is given by n o R(Aiu ) = u = ( u(u1 ), u(u2 ), . . . , u(ul ) ) | u(ui ) ∈ R(ui ), i = 1, . . . , l where R(ui ) denotes the domain of the signal with the attribute ui . For the above example the signal domains are R(u1 ) = R1u and R(r 2 ) = R2r , and for the input tuples u1 the relation u1 ∈ R({u1 , r 2 }) holds. The same notation is used for the outputs and states.
240
8. Component–Oriented Modelling of Quantised Systems
Using this notation, each continuous–variable subsystem is denoted by xi (k+1) = g i (xi (k), ui (k)) ,
xi (0) = xi,0
(8.3)
y i (k) = hi (xi (k), ui (k)) ,
(8.4)
with i = 1, 2, . . . , ν. By means of the attributes of the sets (8.2) also the domains of the quantised signals are identified. For example N (r 2 ) means the set Nr2 and N (A1u ) with A1u = {u1 , r 2 } means the Cartesian product of the domains N (u1 ) and N (r 2 ). Accordingly, the quantisation of the signals ui , y i and xi is given by the quantisations of the signals they are composed of. That is, the signal space R(Aiu ) is partitioned into a finite number of sets Qui ([ui ]), where [ui ] stands for a tuple of quantised inputs [ui ] ∈ N (Aiu ). The density function corre[u ] sponding to each partition set Qui ([ui ]) is denoted by pui i : R(Aiu ) → IR+ . It is nonzero exactly on Qui ([ui ]). For a set of attributes Aiu = {u1 , . . . , ul } these density function are given by 1 l i] p[u ui (ui = ( ui (u ), . . . , u(u ) )) =
l Y j=1
[u ](uj )
puji
(ui (uj ))
(8.5)
where [ui ](uj ) means the entry of the tuple [ui ] corresponding to the attribute uj . 8.2.3 Qualitative Modelling of Quantised Subsystems The qualitative model of each causal quantised subsystem is in principle given by Definition 3.5.1. The only difference is that in order to reflect the network topology an SA on attributes is used as qualitative model instead of a simple SA. For the definition of the qualitative model of a quantised subsystem the following two sets are needed, which are defined in analogy to the sets (3.62) and (3.63) Qxi ui (z i , v i ) = Qxi (z i ) × Qui (v i ) ⊆ R(Aix ) × R(Aiu ), ) ( þ 0 þ xi þ g i (xi , ui ) ∈ Qxi (z i ), −1 0 (g i hi ) (Qxi yi (z i , wi )) := þ ui þ hi (xi , ui ) ∈ Qyi (wi ) ⊆ R(Aix ) × R(Aiu ) .
8.2 Qualitative Modelling of Decomposed Quantised Systems
241
Qualitative model of a causal quantised subsystem Definition 8.2.1. The SA S i (N (Aix ), N (Aiu ), N (Aiy ), Li ) on attributes given by Li (z 0i , wi |z i , v i ) µx u (Qxi ui (z i , v i ) ∩ (g i hi )−1 (Qxi yi (z 0i , wi ))) , := i i µxi ui (Qxi ui (z i , v i ))
(8.6)
where µxi ui denotes the measure of an arbitrary measurable set Qxi ui = Qxi × Qui ∈ B(R(Aix ) × R(Aiu )) given by µxi ui (Qxi ui ) = µxi (Qxi ) · µui (Qui ) Z Z X z = ( pxi (xi )) dxi · ( Qxi z∈N (Ai ) x
X
Qui v∈N (Ai ) u
(8.7) pvui (ui )) dui
is called qualitative model of the causal quantised subsystem i for given state density functions, provided that the transformations g i and hi are non–singular. The qualitative models of all causal quantised subsystems of the network are determined as described by Definition 8.2.1. The result is a network of qualitative models in form of an automata network of SA on attributes SN ({S 1 , . . . , S ν }, Ay ) . As the definition of the qualitative model is in principle identical to Definition 3.5.1 it is clear that each qualitative model satisfies the three modelling aims simplicity, completeness and convergence. It remains to be shown that the modelling aims are also satisfied with respect to the network. Simplicity is given because the abstraction to automata networks means a simple model class and simple solutions to supervision tasks as shown in Section 7.5. Completeness of the network with respect to the decomposed quantised system is also given what will be proved below in Theorem 8.2.1. Finally, though the convergence issue will not be investigated for networks, it is intuitively clear that for increasingly finer state space and coupling space partitions the network of qualitative models converges to a precise representation of the decomposed quantised system. Before showing the completeness of the network of qualitative models it must be investigated under what conditions the network of qualitative models is well–defined with respect to feedback–loops. According to Section 7.2.3 this means to investigate whether the qualitative models have stochastic direct feedthrough. The following result gives the relation between direct feedthrough of the system and the qualitative model. Note that a continuous–
8. Component–Oriented Modelling of Quantised Systems
[u i]
[ui,j]
[u j]
Injector
Injector
Injector
Continuous− variable system
[ui]
Continuous− variable system
xi
Quantiser
[ y i]
xj
Quantiser Quantiser
Quantiser Quantiser
[ui] Injector
Continuous− variable system
xi
Injector
[ y j]
[ui,j]
Injector
[u j] Injector
Injector
Quantiser
Injector
Injector
Quantiser
Continuous− variable system
Quantiser
[ y i] [ y i−>i]
[ yj−>i]
( [ xi],[ xj] )
[ y j] [ yj−>j]
(Theorem 8.1)
[ui] Qualitative model i [x i]
[ui,j]
[u j] Qualitative model j [x j]
Injector Quantiser
[ yi−>j]
[ui,j]
[ y i−>i] [ yi−>j]
[ yj−>i]
xj
Quantiser
Quantiser
Qualitative model i,j
Quantiser
[ y i−>i] [ yi−>j] [ yj−>i] [ yj−>j]
[ y i]
[u j]
(Theorem 3.1)
242
[ y i]
[ y i−>i] [ yi−>j] [ yj−>i] [ yj−>j]
[ y j]
[ yj−>j] [ y j]
Fig. 8.4. Completeness of the network of qualitative models (lower right) with respect to the decomposed quantised system (upper left).
¯ i exists variable system is said to have no direct feedthrough, if a function h ¯ i (x) holds for all x and for all u. such that hi (x, u) = h Lemma 8.2.1. The qualitative model has no stochastic direct feedthrough if the continuous–variable system embedded in a causal quantised subsystem does not have a direct feedthrough. Proof. See Appendix C.28.
t u
In the following it is assumed that none of the subsystems has a direct feedthrough. However, from Lemma 8.2.1 and Section 7.4.7 it is clear that the network of qualitative models is also well–defined if the network of embedded continuous–variable systems has no algebraic loop. The following result concerns the completeness of the network of qualitative models. The result of Theorem 8.2.1 is illustrated by Figure 8.4. For simplification of presentation it is assumed that all coupling signals are measurable. However, as the following theorem includes the proof of I/O–completeness it is clear that completeness is also given if some of the couplings are immeasurable.
8.2 Qualitative Modelling of Decomposed Quantised Systems
243
Completeness of networks of qualitative models Theorem 8.2.1. Given a decomposed quantised system with an embedded network of two continuous–variable subsystems (cf . Figure 8.4). Then the network of qualitative models is an I/O–complete and I/S–complete model of the decomposed quantised system. Proof. See Appendix C.29.
t u
Obviously, the recursive application of Theorem 8.2.1 yields the result that networks of qualitative models are complete models of arbitrary decomposed quantised system with any number of embedded subsystems. 8.2.4 Complexity of Networks of Qualitative Models The motivation for using networks of qualitative models instead of a single qualitative model is the lower complexity of the network. In Section 3.1.5 an estimate of the complexity of a single qualitative model has been derived. According to this result, the number of nonzero entries in the behavioural relation L is approximated by |TL | ≈
n Y i=1
Ni ·
m Y
r Mi · ηzn0 · ηw ,
(8.8)
i=1
where n, m and r are the dimensions of the state, input and output space and Ni and Mi denote the number of qualitative states or inputs in dimension i, respectively. The nondeterminism parameters ηz0 and ηw depend on the system dynamics. However, a value of two for both parameters yields a good estimate in many practical applications. In this section a similar estimate of the complexity of networks of qualitative models shall be derived and compared to the complexity of a single qualitative model of the overall system. Obviously, the complexity of the network depends on the network topology. Before giving a worst–case estimate, a series connection of n first order systems with a single input to the first subsystem and a single output of the last subsystem is considered. The quantised coupling output of each subsystem is assumed to be equal to the quantised system state. On the same heuristical basis as in Section 3.1.5 the complexity of the network of qualitative models is described by the number TL1 ,...,Ln of nonzero entries of the behavioural relation which is approximated by |TL1 ,...,Ln | ≈ M1 · N1 · ηz0 +
n−1 X
Ni−1 · Ni · ηz0 + Nn−1 · Nn · ηz0 · ηw .(8.9)
i=2
Table 8.1 compares the complexities of a single qualitative model due to eqn. (8.8) and of the network due to eqn. (8.9) for Ni = 10, i = 1, . . . , n, M1 = 10 and the nondeterminism parameters ηz0 = 2 and ηw = 2.
244
8. Component–Oriented Modelling of Quantised Systems
Table 8.1. Approximate number of nonzero entries of the qualitative model. representation form
number of subsystems n=1 n=2 n=3 n=4 n=5
single model, |TL | network, |TL1 ,...,Ln |
400 -
800 600
160000 3.2 · 10 800 1000
6
6.4 · 10 1200
... 7
n = 50
. . . 2.3 · 1066 . . . 10200
In the worst–case every qualitative model is influenced by all external inputs and the states of all other subsystems. If, furthermore, each model has an external output the estimate of the complexity of the network is given by |TL1 ,...,Ln | ≈ n ·
n Y
Ni ·
i=1
m Y
Mi · ηz0 · ηw ,
i=1
and as such only marginally lower than the complexity of a single qualitative model if compared to eqn. (8.8). However, in the practical application this worst–case usually does not occur. Accordingly, the complexity of the network of qualitative models is usually much lower than that of a single qualitative model. In any case, the price for the reduction of complexity is a reduced accuracy of the network if compared to a single qualitative model. That is, the network assigns nonzero transition probabilities also to transitions which are not included in a single qualitative model. The reason for the reduced accuracy of the network becomes clear from Figure 8.4. In order to obtain a network of qualitative models additional injectors have been introduced to the decomposed quantised system. This means additional uncertainties.
8.3 Supervision Based on Networks 8.3.1 State Observation of Decomposed Quantised Systems The solution to the state observation task of the decomposed quantised system is straight forward. The observation task is solved by means of the network of qualitative models as described in Section 7.5 leading to the state observation algorithm for decomposed quantised systems given below. As before the formulation of the algorithm uses the three functions pint : N (Ax ) → [0, 1] ,
pres : N (Ax ) → [0, 1] ,
haux : N (Ax ) → [0, 1] .
According to Theorem 8.2.1 the network of qualitative models is an I/O– complete and I/S–complete model of the decomposed quantised system.
8.3 Supervision Based on Networks
245
Hence, Theorem 6.1.1 applies, guaranteing the completeness of the observation result. Accordingly, the actual states of the continuous–variable subsystems are guaranteed to lie within those quantised states for which the state observation algorithm yields a nonzero probability. Observation algorithm for decomposed quantised systems Algorithm 8.1 Given: Network of qualitative models SN ({S 1 , ..., S ν }, Ay ) A–priori initial state probability distribution Prob(([x1 (0)], ..., [xν (0)])) Do:
Set pint (z) = Prob(([x1 (0)]p , ..., [xν (0)]p ) = z) for all z ∈ N (Ax ) Do wait for new measurements ([u1 ], ..., [uµ ]) = v and ([y 1 ], ..., [y ρ ]) = w determine the partial composition of the behavioural relation L of the overall network by means of Algorithm 7.1 with its composition operations restricted to the measurements v and w and the sets of states (7.38) determined according to the nonzero entries of pint (z) P for all z ∈ N (Ax ) determine haux (z) = z¯ L(¯ z , w | z, v) · pint (z) P if z haux (z) = 0 holds, stop the algorithm (inconsistent I/O pair or wrong initial state distribution) P P ¯ , v)·pint (¯ z )/ z haux (z) ∀z ∈ N (Ax ) determine pint (z) = z¯ L(z, w | z P ∀z ∈ N (Ax ) determine pres (z) = haux (z)/ z haux (z) Loop
Result: Approximate current quantised state probabilities pres (([x1 ], ..., [xν ]) = z)
8.3.2 Diagnosis of Decomposed Quantised Systems Decomposed quantised systems for fault diagnosis. In Section 6.2.1 the fault has been introduced to the quantised system by means of an embedded fault process as shown in Figure 6.11. This quantised system with embedded fault process is nothing else but a decomposed quantised system. With the formalism of networks of qualitative models at hand, the simplifications introduced in Section 6.2.1 leading to the quantised system with the fault as input need not be made in this section. Instead a more general approach is introduced for which the results of Section 6.2.1 appear as a special case. The main idea is to augment the decomposed quantised system by fault processes that interact with the continuous–variable subsystems. An example for such a decomposed quantised system is shown on the left–hand side of Figure 8.5. As described in Section 8.2.1, this system is transformed into a network of causal quantised subsystems. For the example system this is shown on the right–hand side of Figure 8.5. Of each causal quantised subsystem a qualitative model is determined. For those quantised subsystems
246
8. Component–Oriented Modelling of Quantised Systems
Decomposed quantised system with embedded fault process
Network of causal quantised subsystems with quantised fault process
Fault process
Fault process
e 1( k )
r 1( k ) u 1 (k )
Continuous− variable system
x 1( k )
Quantiser [ 1(
r 3( k )
r 2(k )
Continuous− variable system
Injector
y 1 (k )
Continuous− variable system
Quantiser
[y 1 (k )]
Continuous− variable system
x 2( k )
x 1( k )
Quantiser
[u1(k )]
Quantiser
[ r 3(k)]
Injector
x 2( k )
Quantiser
e 1( k )
r k)]
Injector
[u1(k )]
[ r 2(k )]
Injector Quantiser
[y 1 (k )]
Fig. 8.5. Decomposed quantised system with embedded fault process (left) and network of causal quantised subsystems for diagnosis (right).
with embedded continuous–variable system the qualitative model is given by Definition 8.2.1. For those quantised subsystems with embedded fault process this is, in general, not the case as the fault process is a stochastic process and as such not described by a state space model (cf. Section 6.2.1). For modelling it is therefore assumed that these quantised subsystems are homogenous Markov processes. It is further assumed that the models of all quantised subsystem with embedded fault process are given and have the form of an SA on attributes. Formal description of decomposed quantised systems for fault diagnosis. For fault diagnosis the set of fault attributes Ae = {e1 , e2 , . . . , eσ }
(8.10)
is added to the sets of attributes (8.1) of the network. In analogy to Section 8.2.2 the fault space Rie of each fault signal ei is partitioned into sets Qei (j) on which densities pjei (ei ) are defined. The signals of each causal quantised subsystems of the network are defined by the sets Aiu ⊆ Au ∪Ay ∪Ar , Aiy ⊆ Ay ∪Ar , and Aixˆ ⊆ Ax ∪Ae , i = 1, . . . , ν +σ which replace the sets of attributes (8.2) for quantised system without fault. As before, the sets Aixˆ are singletons by definition. Quantised subsystems with Aixˆ = {xj } are components of the system, whereas quantised subsystems with Aixˆ = {ej } are fault processes. ˆ i and the The state tuple of the i–th quantised subsystem is denoted by x ˆ i ]. For the tuples the relations x ˆi ∈ corresponding quantised state tuple by [ x xi ] ∈ N (Aixˆ ) hold. R(Aixˆ ) and [ˆ As mentioned before, the qualitative models of quantised subsystem with embedded continuous–variable system are given by Definition 8.2.1. For the
8.4 Modelling and Supervision Example
247
other quantised subsystems, i.e. for those with embedded fault process, it is assumed that they are given in the form S i (N (Aixˆ ), N (Aiu ), N (Aiy ), Li ). Diagnostic algorithm for networks. Formally, the networks of qualitative models obtained from a decomposed quantised system with or without fault are the same. Consequently, the diagnostic algorithm is in principe identical to Algorithm 8.1. The only difference concerns the initial quantised state and fault distribution and the way the result is determined. For the formulation of Algorithm 8.2 the functions pint : N (Ax ∪Ae ) → [0, 1] , pres : N (Ae ) → [0, 1] , haux : N (Ae ) → [0, 1] are used. Furthermore, the set Axˆ = Ax ∪ Ae and for all f ∈ N (Ae ) the sets ˆ = (z, f ), for some z ∈ N (Ax )} z ∈ N (Axˆ ) | z Nzˆ (f ) = {ˆ are needed. The latter correspond to the sets Nzˆ(f ) of Section 5.6.1. According to Theorem 8.2.1 the network of qualitative models is complete with respect to the decomposed quantised system augmented by faults. Hence, Theorem 6.2.1 applies guaranteeing that the actual faults influencing the system lie within those regions of the quantised fault spaces for which the diagnostic algorithm yields a nonzero probability.
8.4 Modelling and Supervision Example Example 8.4.1. This example explains in detail the modelling and fault diagnosis by means of a network of qualitative models at the running two–tank example of Section 1.4. As the two–tank system is only a second order system, a component– oriented modelling is neither necessary nor brings a considerable reduction of complexity. However, the example is well–suited to illustrate the main effects of networks of qualitative models. The following configuration of the two–tank system is considered. The valve V 12u is permanently closed. The valve V12l can be either closed or opened and the pump can be switched off (vp = 0) or on (vp = 1). As fault a leak in the left tank is considered. Only the two discrete fault amplitudes cl = 0 and cl = 1.0 · 10−4 m5/2 /s are taken into account. The quantised outflow of the right tank is the only measurement information available. For this configuration the structure of the continuous–time model of the two–tank system is shown on the left–hand side of Figure 8.6. Each tank is represented by one subsystem. The tanks are coupled via the liquid levels are related to the inputs and output as shown in the block diagram. On the right–hand side of Figure 8.6 the corresponding discrete–time model is shown. The sampling time used in this example is Ts = 5s. As explained in Section 8.1.3 the temporal quantisation has the effect that the input signals of the pump and the leak directly influence the subsystem representing the right tank.
248
8. Component–Oriented Modelling of Quantised Systems
Fault diagnostic algorithm for decomposed quantised systems Algorithm 8.2 Given: Network of qualitative models SN ({S 1 , ..., S ν }, Ay ) A–priori initial state and fault probability distribution Prob( ([x1 (0)], ..., [xν (0)], [e1 (0)], ..., [eσ (0)]) ) Do:
ˆ) Set pint (z) = Prob(([x1 (0)]p , ..., [xν (0)]p , [e1 (0)]p , ..., [eσ (0)]p ) = z ˆ ∈ N (Axˆ ) for all z Do wait for new measurements ([u1 ], ..., [uµ ]) = v and ([y 1 ], ..., [y ρ ]) = w determine the partial composition of the behavioural relation L of the overall network by means of Algorithm 7.1 with its composition operations restricted to the measurements v and w and the sets of states (7.38) determined according to the nonzero entries of pint (ˆ z) P P ¯ ˆ, w | z ˆ , v) · pint (ˆ ∀f ∈ N (Ae ) determine haux (f ) = N ˆ (f ) z¯ˆ L(z z) z P if f haux (f ) = 0 holds, stop the algorithm (inconsistent I/O pair or wrong initial state distribution) P P ¯ ¯ ˆ )/ f haux (f ) ˆ , v)·pint (z z ) = z¯ˆ L(ˆ ∀ˆ z ∈ N (Axˆ ) determine pint (ˆ z, w | z P ∀f ∈ N (Ae ) determine pres (f ) = haux (f )/ f haux (f ) Loop
Result: Approximate current quantised fault probabilities pres (([e1 ], ..., [eσ ]) = f )
vp1( t ) Left tank . h1, h1 leak
v12 l ( t ) h1( t ) h2( t )
vp1(k ) Right tank . h2, h2
q 2( t )
Left tank h1(k ), h1(k+1)
v12 l (k )
h1( k) h2( k)
Right tank h2(k ), h2(k+1)
q2( k)
leak
Fig. 8.6. Structure of the continuous–time model (left) and the discrete–time model (right) of the two–tank system.
The discrete–time block diagram leads to the causal decomposed quantised system shown in Figure 8.7. To obtain a network of quantised systems, a quantiser and an injector have been introduced for each of the two coupling signals. The system is augmented by a quantised fault process which will be defined below. As before, quantisers and injectors have been introduced for the fault signal. For the moment the signal [˜ vp1 ] is ignored and the injector is connected to [vp ] by the dashed line. According to the formalism of Section 8.2.2 each signal is assigned a symbolical name and is quantised. The attributes are assigned to the physical signals as follows:
8.4 Modelling and Supervision Example
[vp1(k ) ] Injector
Left tank [ h1(k )]
[ v~p1(k )]
[v12 l (k ) ]
Injector
Injector
Quantiser Injector
[ h1( k) ] [ h2( k)]
249
Injector Quantiser
Injector
Right tank [ h2(k )]
Quantiser
[q2( k)]
Injector
Injector
[ c l (k )] Quantiser
Quantised fault process [ c l (k )]
Fig. 8.7. Causal decomposed quantised system of the two–tank system. inputs: couplings: faults:
u1 ↔ vp , r 1 ↔ h1 , e1 ↔ cl .
u2 ↔ v12l r 2 ↔ h2
3
,r ↔ cl
outputs: states:
y 1 ↔ q2 x 1 ↔ h1 , x2 ↔ h2
All signals are quantised. The inputs are discrete valued and are quantised such that “valve closed” or “pump switched off” yields [ui ] = 1 and [ui ] = 2 means “valve opened” or “pump switched on” for i = 1, 2, respectively. The output is quantised as shown on the right–hand side of Figure 6.3 and the two states as shown in Figure 3.6. For the two coupling signals the same quantisation is used as for the states. The fault is quantised such that [e1 ] = 1 means no fault and [e1 ] = 2 means a leak. For all density functions, i.e. for p1x1 , p2x1 , p1x2 , p2x2 , p1r1 , p2r1 , p1r2 and p2r2 uniform distributions are used. Except for the fault process the causal decomposed quantised system is thus completely defined. According to the topology of the network the three quantised subsystems have the following sets of attributes A1u = {u1 , u2 , r 2 , r 3 }, A1y = {r 1 }, A1x = {x1 }, 2 1 2 1 3 2 1 2 Au = {u , u , r , r }, Ay = {y , r }, A2x = {x2 }, A3u = { }, A3y = {r 3 }, A3x = {e1 }.
(8.11)
Remark 8.2.1 concerns the possibility to use different quantisations for the same physical signal at the different quantised subsystems. This possibility shall also be illustrated by this example. Therefore, instead of the dashed line in Figure 8.7 the dotted line and the quantised signal [˜ vp1 ] are used. This quantised input signal also corresponds to the pump signal but the quantisation is such that to “pump switched off” and “pump switched on” the same quantised value [˜ vp1 ] = 1 is assigned. In fact, this means that the quantised pump signal is eliminated from the qualitative model of the right tank as the two operating modes of the pump are no longer distinguished in the model. Formally, the signal is treated separately and is given the attribute u3 ↔ v˜p1 . Accordingly, the set of input attributes of the second quantised subsystem changes to A2u = {u2 , u3 , r 1 , r 3 }.
250
8. Component–Oriented Modelling of Quantised Systems y 10
[u] pump on valve opened pump off valve opened
6
pump on valve closed
3
pump off valve closed
0
5
10
15
20
k
0
0
5
10
15
20
k
Fig. 8.8. Quantised input (left) and output sequence (right).
The qualitative models of the causal quantised subsystems with embedded continuous–variable system are determined according to Definition 8.2.1 yielding the following results. The qualitative model of the left tank contains 119 nonzero transition probabilities. That of the right tank contains 107 transitions when using the normal configuration as given by the sets (8.11). In its simplified form where the pump signal has been eliminated the qualitative model of the right tank has 99 transitions. The qualitative model of the quantised fault process is defined as follows: S 3 (N ({e1 }), ∅, N ({r 3 }), L3 ) with 3
0
1
0
3
1
x3 ] (e ) = f , [y 3 ](r ) = s | [ˆ x3 ](e ) = f ) = L ([ˆ
1 0
for f 0 = f = s otherwise,
where the tuples f 0 , f , s can only take the values 1 or 2. This quantised fault model means that the quantised fault [e1 ] does not change over time. Furthermore, the quantised coupling signal [r 3 ] is always equal to the value of the quantised fault. The network of qualitative models is now compared to the single qualitative model of the whole two–tank system. This qualitative model has 274 nonzero entries which is slightly more than the sum of the two qualitative models that is 226 or 218, respectively. Composing the network of qualitative models with Algorithm 7.1 yields a qualitative model with 329 entries if using the normal model of the right tank. With the the simplified model the composed model has 338 transitions. Both composed qualitative models are complete with respect to the decomposed quantised system and cover all 274 transitions of the single qualitative model as expected from Theorem 8.2.1. They contain additional transitions which means that the network of qualitative models is less accurate than the single qualitative model (cf. Remark 3.5.6, Section 8.2.4). Furthermore, the composed model with the simplified right tank model has more entries than the other composed model meaning that it is less accurate. This is clear because the simplified model of the right tank ignores the input signal of the pump. The network of qualitative models is now used for fault diagnosis. The input sequence shown on the left–hand side of Figure 8.8 is applied to the two–tank system which has an unknown initial state. During the whole experiment there is a leak in the left tank leading to the quantised output sequence shown on the right–hand side of Figure 8.8. The diagnostic results obtained by using the networks with normal and simplified qualitative model of the right tank are shown in Figure 8.9. The
8.4 Modelling and Supervision Example
faultless
faultless
leak
[e ]
leak
[e ]
251
0
5
10
15
20
k
0
5
10
15
20
k
Fig. 8.9. Diagnostic result based on the network of qualitative models (left) and diagnostic result using the simplified model of the right–tank (right).
results are very similar. Hence, using the simplified model yields almost no loss of performance with respect to the diagnostic result. Table 8.2 shows the absolute value of the difference between the probabilities obtained for [e1 ] = 2 with the two different network models of the two–tank system for some selected time instances k. It can be seen that the use of the simplified model means almost no loss of performance. In the last two rows of Table 8.2 the number of edges of the composed qualitative model are indicated that had to be determined for the diagnostic step. It can be seen that in this example the complexity of the partial composition depends mainly on the measured quantised output value. For [y 1 ] = 2 the number of entries that need to be determined is much higher than for [y 1 ] = 1. Furthermore, using the simplified qualitative model of the right tank means that more entries must be determined during diagnosis. For on–line applications this reflects the trade–off between more compact models and on–line computational effort.
Table 8.2. Comparison of the diagnostic results of the two network models (upper rows) and number of entries of the partial compositions used for diagnosis (lower rows). prob. differences/ composed entries normal model simplified model normal model simplified model
k=0 0 0 6 6
k=4 0.008 0.015 10 10
time instance k = 8 k = 12 k = 16 0.008 0.008 0.014 0.015 0.015 0.081 10 6 46 10 6 56
k = 20 0.003 0.107 42 56
k = 24 0.007 0.024 5 5
9. Applications
This chapter shows different applications of the methods developed in the book. The focus lies on applications to a chemical plant which is introduced in Section 9.1 and modelled numerically in Section 9.2. A qualitative model of the main reactor and a network of qualitative models of the overall system are derived and used for state observation and fault diagnosis in Sections 9.3 and 9.4, respectively. Finally, Section 9.5 outlines further applications with different technical backgrounds.
9.1 The Titration and Neutralisation Plant Figure 9.1 shows the chemical plant which serves as application example in this chapter. The plant is operated by the Institute of Control Engineering at the Technical University of Hamburg–Harburg for demonstration purposes and serves as test bench for new methods developed at the institute. In its standard configuration the plant is operated with hydrochloric acid (HCl) and sodium hydroxide (NaOH). The neutralisation reaction taking place when mixing the liquids gives the plant its name which is titration and neutralisation plant (TINA). From Figure 9.1 it can be seen that TINA consists of five tanks. The tanks are connected via pumps and valves as shown in Figure 9.2. Tank B 1 is the central element of TINA. It is a stirred tank reactor with six integrated heating elements each with 3kW heating power. By means of the heating elements the liquid in the reactor can be boiled. The emerging steam goes to a condenser where it condensates and flows into Tank B 4 . Furthermore, a cooling helix is installed to the reactor which is connected to the cooling circuit via Valve V9 . The peak cooling power of the reactor is approximately 21kW. Tank B1 has a cylindrical shape and a capacity of about 30 litres. The other tanks have spherical shapes and a capacity of 20 litres except for Tank B4 which can be filled with up to 10 litres of liquid. All tanks are made of glass and are, like the other parts of the plant, resistant to acid, base and temperatures from 10 to 100◦ C. J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 253-292, 2003. Springer-Verlag Berlin Heidelberg 2003
254
9. Applications
Fig. 9.1. Titration and neutralisation plant (left) and neutralisation reaction at 100◦ C (right).
As it can be seen from Figure 9.2 the overall system has 17 actuators which are 4 pumps and 13 valves. The velocities of all pumps and the apertures of the valves V1 and V2 can be varied continuously. In contrast to this, the valves V3 to V13 are magnetic valves and can only be completely closed or opened. Valves V3 and V4 are two–way valves directing the flows caused by Pumps P2 or P3 for V3 , V4 = 0 to Tank B5 and otherwise to Tank B1 . TINA is equipped with 26 sensors which give on–line measurement information. These are 8 continuous temperature sensors measuring the liquid temperatures in Tanks B1 , B3 , B4 and B5 , different temperatures in the cooling circuit and the steam temperature. Two continuous level sensors are installed to Tanks B1 and B5 and twelve discrete level sensors LS 7 –LS19 are distributed over the plant. They are active if the level in the corresponding tank is higher than the position of the sensor or inactive otherwise. Finally, there are 3 pH sensors QI1 –QI3 located at Tanks B1 , B3 and B4 and one continuous flow sensor to measure the amount of inflowing cooling water. The plant is operated by means of a standard PC supplemented by a dSPACE system that is equipped with a digital signal processor (DSP) and several analog to digital (A/D) and D/A converters. All low–level signal processing tasks
9.1 The Titration and Neutralisation Plant
P r o c e ss liq u id
T I 7
W
a ste w a te r
V
V B
T I 2
I n c o m in g c o o la n t
S te a m
V V
B
L S 0 7
1
L S 1 8 L S 1 9
1
V 9
1
B
L I 0 6 W
5
T I 5
T I 6
W
2
W
3
W
W
4
5
W
V
F r e sh w a te r
L S 1 0
V
B
1 3
L S 1 5
4
L S 1 6
Q I 2 3
Q I 2 1
L S 0 9
P
T I 8
2
V
1 2
T I 4
T I 1 6
4
L S 1 7
L I 2 0
O u tg o in g c o o la n t
L S 0 8
3
F I 1
F r e sh w a te r
255
3
V
1 0 T I 3
2
B
1 1
L S 1 2
3
Q I 2 2 L S 1 1
P 1
V
W
P
5
V 8
V 7
V
L S 1 3
6
P 2
4
a ste w a te r
Fig. 9.2. Schematic of TINA.
are performed by the DSP. This allows to access all sensors and actuators of TINA in realtime from a MATLAB/Simulink TM environment. However, the actuators of TINA are not connected directly to the dSPACE system but via a programmable logic controller (PLC). The PLC only passes the actuator command through if no safety conditions are violated. For example, pumps cannot be switched on or are automatically switched off if the receiving tank is full or the originating tank is empty. Similarly, the heating is turned off if the liquid level in the reactor B 1 or the cooling water flow are too low or the tank for the condensate is full. The PLC only interferes with those commands which are currently safety critical. Though TINA is not of industrial scale it has already a considerable complexity. The plant is composed of standard components also used in industry
256
9. Applications
and is yet large enough to serve as a benchmark for an industrial application. This is because larger industrial plants are usually composed of subsystems where the complexity of each subsystems is often comparable with that of TINA.
9.2 Modelling of the Titration and Neutralisation Plant In this section numerical models of TINA are derived by using “first principles”. However, due to the complexity of the plant no complete model of TINA can be presented. Instead, only the main ideas are outlined in this section by deriving a model of the main reactor. Basically, each tank has three state variables namely the temperature, the level and the pH of the stored liquid. This is reflected by the variables ϑi for the temperature, pHi for the pH and hi for the liquid level counted from the bottom of each tank for i = 1, . . . , 5. This leads to the block diagram of the model of TINA shown in Figure 9.3. The block diagram consists of five parts for the tanks, one block for each of the pumps P 1 to P3 , one block for the fresh water supply, one for the waste–water system operated by Pump P 4 and one block for the condenser. The model contains all sensor and actuator signals. The block diagram is already drawn for setting up a network of qualitative models as described in Section 9.4. Accordingly, all external input signals are drawn as slightly thicker black lines beginning at the bottom of the diagram. Measurable outputs are shown as grey lines and end on the right–hand side of the figure. In the following a model for the level h1 , the temperature ϑ1 and pH1 of Tank B1 are derived outlining the modelling principles that can be applied equivalently to all other tanks. A complete model of TINA is given in [78]. Liquid level models. Neglecting the dependence of the liquid densities on the temperature, the change of the amount of liquid in each tank is given by X X dV = qi,in − qi,out , (9.1) dt i i as the sum of inflowing liquid minus the sum of outflowing liquid. All liquid flows of TINA are given in Figure 9.3. The notation is such that the first subscript denotes the source and the second the destination of the flow. For example, q21 denotes the volume flow from Tank B2 to Tank B1 . Due to the cylindrical shape of Tank B1 its volume is given by V1 = A1 · h1 such that eqn. (9.1) yields
9.2 Modelling of the Titration and Neutralisation Plant
q14 q21 q31 q41 q51 LS12 V2
. h1, h1
. h2, h2
ϑ2 ϑ3 ϑ4 ϑ5
q51
Tank B1 q21
q31
h1
V9
Pel
q13
q2W q21 qF2
q41
. ϑ1 , ϑ1
qF2
ϑF
Tank B2
. h5, h5
q13 qF3
q14 qF4
ϑC ϑF
q35
ϑ4 ϑ3
q21
Heating V9 V1 V2
nH
Pump 1 P1
LS9 LS8 LS7
Discrete level sensors Tank B1
q31 q35 q3x
q41 q45 q4x
Pump 2
Pump 3
P2 V3
LS11
LS10
Discrete level sensors Tank B2
P3 V4
LS13
q45
. pH5,pH5
ϑ5
pH4 pH3
pH5
h5
q51
Pel
pH4 ϑ4
h4
q45
. ϑ5 , ϑ5
pHC
. pH4,pH4
ϑ4
Tank B5 h5
pH3 ϑ3
h3
q14
. ϑ4 , ϑ4
h4
pH1
. pH3,pH3
ϑ3
Tank B4 q35
LS7
h2
ϑ1 ϑF
q4W q4x qF4 q14
V1
. pH2,pH2
q13
. ϑ3 , ϑ3
h3
pH1 ϑ1 h1
qF2
ϑ2
Tank B3 qF4
q5W q35 q45
. pH1,pH1
ϑ1
. ϑ2 , ϑ2
h2
pH 2 pH 3 pH 4 pH 5 pHC
q51
h1
q3W q3x qF3 q13
. h4, h4
q41
q14
qF3
. h3, h3
q21
q31
qF2 qF3 qF4 q2W q3W q4W q5W
ϑ5 h5
q14
Fresh water Waste water Condenser V10 V13
LS12
Discrete level sensors Tank B3
LS16
P4 V5 V8
LS15
Discrete level sensors Tank B4
257
qCl ϑCl1 ϑSt ϑF
LS19 LS18 LS17
Discrete level sensors Tank B5
Fig. 9.3. Structure of the overall model of TINA.
ϑC
ϑCl2
258
9. Applications
1 dh1 = · (q21 + q31 + q41 + q51 − q13 − q14 ) dt A1 with the individual volume flows given as follows: q21 = kP 1 · P1 , CP 2 (P2 ) if V3 = 1 q31 = = C˜P 2 (P2 , V3 ) , 0 otherwise CP 3 (P3 ) if V4 = 1 q41 = = C˜P 3 (P3 , V4 ) , 0 otherwise √ CV 1 (V1 ) · h5 + h31 if h5 > 0 q51 = , 0 otherwise √ CV 2 (V2 ) · h1 + h15 if h1 > 0 q13 = , 0 otherwise q14 = kev · Aev · pvap (h1 , ϑ1 , nH ) − pamb .
(9.2) (9.3) (9.4) (9.5) (9.6) (9.7)
In the above equations kP 1 denotes the pump constant of P1 . The functions CP 2 , CP 3 , CV 1 and CV 2 represent the pump and valve characteristics. The constants h31 and h51 denote the height differences between the bottom of Tank B1 and the top of Tank B3 or the bottom of Tank B5 and the top of Tank B1 , respectively. Furthermore, kev denotes the evaporation coefficient, Aev the area of evaporation, pvap the vapour pressure and pamb the ambient pressure. The values of all these parameters are given in Appendix D. Temperature models. Assuming homogeneous conditions within each tank the differential equations of the liquid temperatures are derived using the enthalpy balance equation for open systems [189]. It has the form dH dp = H˙ in − H˙ out + Q˙ in − Q˙ out + V dt dt
(9.8)
with dH dt
H˙ in H˙ out Q˙ in Q˙ out V
dp dt
:
change of enthalpy stored in the system,
: : : : :
enthalpy gain of the system, enthalpy loss of the system, heat gain of the system, heat dissipation of the system, work done at the system.
The term V dp dt originates from e.g. the stirring of the liquid in Tank B 1 . However, for TINA it can be neglected. The enthalpy with respect to a reference temperature ϑref stored in a medium is given by [189]
9.2 Modelling of the Titration and Neutralisation Plant
H = m · cp (ϑ) · (ϑ − ϑref ) ,
259
(9.9)
where m is the mass, cp the specific heat capacity and ϑ the temperature of the medium. Differentiation of eqn. (9.9) with respect to time yields c (ϑ) dϑ dH dm dϑ p · (ϑ − ϑref )+ cp (ϑ) · .(9.10) = · cp (ϑ) · (ϑ − ϑref ) + m dt dt dϑ dt dt Solving eqn. (9.10) for
dϑ dt
and inserting eqn. (9.8) yields
· (ϑ − ϑref ) H˙ in − H˙ out + Q˙ in − Q˙ out − dm dϑ dt · cp (ϑ) . = dcp (ϑ) dt m dϑ · (ϑ − ϑref ) + cp (ϑ)
(9.11)
Equation (9.11) provides the basis for the temperature model of reactor B 1 derived in the following. All other temperature models are obtained likewise as described in [78]. Neglecting enthalpy gains from the neutralisation reaction, the enthalpy gain H˙ in,1 of B1 is given by the sum of enthalpies carried by the inflowing liquids (cf. Figure 9.3): H˙ in,1 = H˙ 21 + H˙ 31 + H˙ 41 + H˙ 51 + H˙ R .
(9.12)
According to eqn. (9.10) the enthalpy flow is obtained from the volume flow and the (constant) temperature of the liquid by H˙ i1 = ρi · qi1 · cp,i (ϑi ) · (ϑi − ϑref ) ,
(9.13)
where ρi denotes the density of the liquid in Tank B i and cp,i its temperature dependent specific heat capacity. The enthalpy loss H˙ out,1 of B1 is determined from the outgoing media H˙ out,1 = H˙ 13 + H˙ 14 ,
(9.14)
where H˙ 13 and the enthalpy loss H˙ 14 through steam are in analogy to eqn. (9.13). The heat gain Q˙ in,1 is produced by six identical heating elements, each of which can be switched on or off separately. It is given by Q˙ in,1 = nH · Pel where Pel is the constant electrical power of one heating element and nH denotes the number heating elements switched on. Finally, the heat loss Q˙ out,1 due to heat transfer through the reactor surface and the cooling circuit is given by Q˙ out,1 = Kagl · h1 · 2π · r1 · (ϑ1 − ϑamb ) + ccool · (ϑ1 − ϑcool ) ,
(9.15)
where the second term stems from the cooling. In eqn. (9.15) Kagl is the heat transfer coefficient for the air-glass-liquid system, r1 the radius of the
260
9. Applications
reactor cross section, ϑamb the ambient temperature and ϑcool the coolant temperature. The constant ccool describes the cooling system characteristics. Inserting eqns. (9.12)–(9.15) as well as the volume flows (9.2)–(9.7) into eqn. (9.11) yields the differential equation of the temperature in Tank B 1 . In the following the change of the specific heat capacity with the temperature is neglected. Furthermore, it is assumed that the densities and heat capacities of all liquids are equal and temperature independent. Denoting them by cp and ρ the following temperature model is obtained: d(ϑ1 ) 1 · kP 1 · P1 · (ϑ2 − ϑ1 ) + C˜P 2 (P2 , V3 ) · (ϑ3 − ϑ1 ) = dt A1 · h1 (t) p +C˜P 3 (P3 , V4 ) · (ϑ4 − ϑ1 ) + CV 1 (V1 ) · h5 + h31 · (ϑ5 − ϑ1 ) +
1 ·(nH ·Pel −Kagl ·2π·h1 ·r1 ·(ϑ1 −ϑamb )−ccool ·(ϑ1 −ϑcool )) . ρ·cp
Models of the pH. Assuming, as before, homogenous conditions the pH models can be derived by using the balance equation of charges [178]. In the neutralisation reaction of hydrochloric acid and sodium hydroxide the ions H+ , OH− , Na+ and Cl− occur. Their concentrations are denoted by cH+ , cOH− , cNa+ and cCl− . Since the overall mixture is always electrically neutral the equation (cH+ − cOH− + cNa+ − cCl− ) · V = 0
(9.16)
holds, where V denotes the volume of the liquid. Differentiation of eqn. (9.16) yields dcH+ dc + dc − dc − (9.17) = OH − Na + Cl . dt dt dt dt As for diluted solutions the pH of the liquid is given by pH = − lg(cH+ ) the aim is to express all concentrations in eqn. (9.17) in terms of H + ions. The OH− ion concentration can be expressed by means of the H + ion concentration via the temperature dependent ion product of water KW (ϑ) [178] cH+ · cOH− = KW (ϑ) ⇒
KW (ϑ) dcH+ dcOH− =− . · dt (cH+ )2 dt
(9.18)
To express the changes of the other ion concentrations further assumptions on the liquids are made. It is assumed that the liquids are lowly concentrated hydrochloric acid or sodium hydroxide. Accordingly, acidic solutions are assumed to contain only few Na+ ions and basic solutions few Cl− ions. Furthermore, it is assumed that the acid and base dissociate completely and that the number of H+ ions coming from the acid or the number of OH − ions coming from the base is so high that those coming from the dissociation of water are negligible. Under these assumptions the relations
9.2 Modelling of the Titration and Neutralisation Plant
261
Fig. 9.4. Trajectory of the pH for maximum acid inflow due to the reaction model (left) and due to the extended model in comparison to experimental data (right).
cH+ = cCl−
or
cOH− = cNa+
(9.19)
hold for acid or base, respectively. Under these assumptions an acidic liquid acid with an H+ concentration cacid changes H+ flowing into a tank with the rate qin − the Cl ion concentration in the tank according to dcCl− d nCl− (t) 1 = = 2 (n˙ Cl− · V − nCl− · V˙ ) dt dt V (t) V acid acid ·cH+ qin 1 acid acid cH+ acid = 2 (qin ·cH+ ·V − nH+ ·V ·qin ) = · 1− acid , (9.20) V V cH+ where nCl− (t) denotes the absolute number of Cl − ions. A corresponding relation can be set up for the change of the Na + ion concentration. Inserting relations (9.18), (9.20) and the corresponding relation for Na + ions in eqn. (9.17) yields ! base base ý acid acid qin ·cOH− ·cH+ dcH+ KW (ϑ) dcH+ qin cOH− cH+ =− + · 1− base · 1− acid − . · dt (cH+ )2 dt V V cH+ cOH− From this follows with cH+ = 10−pH , dcH+ /dt = −cH+ · ln(10) · dpH/dt and relation (9.18) the model for the pH. For Tank B 1 the pH model is given by dpH1 = dt base qin ·KW (ϑbase )·10pH
−pHbase acid acid · 1− 1010−pH1 − qin ·10−pH · 1−
base
A1 · h1 · ln(10) · (10−pH1 + KW (ϑ) · 10pH1 ) where the inflows are given by eqns. (9.2)–(9.7).
10−pH1 10−pHacid
,
262
9. Applications
Verification of the pH model. On the left–hand side of Figure 9.4 the trajectory of the pH in Tank B1 for maximal acidic inflow from Tank B4 is shown as obtained from the above pH model. The trajectory is obtained for a temperature of ϑ1 = 20 ◦ C and an initial liquid level of h1 = 20 cm. It can be seen that the reaction is very fast near to a pH of 7. Therefore, the time constants of the mixing and of the sensor cannot be neglected. Hence, for the practical application dynamical models for the pH sensor and the homogenisation must be incorporated [124]. Both effects are taken into account by a first–order delay model with a time constants of 4 seconds each. On the right–hand side of Figure 9.4 the trajectories of the pH obtained with this extension of the model are shown for two different initial temperatures ϑ1 = 20 ◦ C and ϑ1 = 75 ◦ C and an initial liquid level of h1 = 20 cm. A comparison with experimental data shows that the pH model yields reasonable results.
9.3 State Observation Example 9.3.1 Problem Statement The example in this section does not use networks of qualitative models, but only the methods introduced up to Chapter 6. This means that the complexity of the considered supervision task must be kept low. Therefore, only the main reactor is considered. Furthermore, it is assumed that all tanks are filled with water such that the pH is not relevant. Consider the case that the continuous level sensor LI 6 in Tank B1 is faulty and cannot be used. Instead, the current liquid level h1 shall be determined from other available measurements. The configuration of TINA in this example is as follows: Supervision task: • State observation of the liquid level in Tank B 1 . Available measurements: 7 8 • Discrete level sensors LS7 –LS9 installed at hLS = 42cm, hLS = 19cm and 1 1 LS9 h1 = 2cm, respectively. The sensors have an approximate tolerance of 2cm, i.e. they may react with up to 2cm offset to where they are installed. • Temperature sensor TI1 with a tolerance of 1 K.
In– and outflows of Tank B1 : • Inflow of cold water with a temperature between 10 ◦ C and 20◦ C from Tank B3 via Pump P2 , where the pump is only switched on or off.
9.3 State Observation Example
Quantised system P2 V1 V2 h5
{0, 1} {0, 1} {0, 1} [0, 0.32]
263
ϑ3 ϑ5 ϑ0 [10, 20] [60, 70] [15, 25] ϑ 1 [10, 70] Tank B1 ϑ 1 , h1
Quantiser
LS 7
Signal quantiser Mv
[ U(0... k)]
LS 7-9 {0, 1}3
P2 ,V1 ,V2
Quantiser
PLC
Signal quantiser
enable
Mw
LS 12 Qualitative state observer
Signal quantiser
[ Y (0... k)]
Prob([h1(k )] | [ U(0... k)], [ Y(0... k)])
Fig. 9.5. Structure of the considered observation task.
• Inflow of hot water with a temperature between 60 ◦ C and 70◦ C from Tank B5 via Valve V1 , where the valve is either completely opened or closed. • Outflow of water from Tank B1 via Valve V2 , where the valve is either completely opened or closed. Controllers: • PLC switching off the inflows if LS7 is activated and switching off the outflow if Tank B3 is full. Further configurations: • • • • •
Tank B5 can be refilled with hot water from Tank B 4 . Water can be pumped from Tank B3 to the waster water system. Tank B3 can be refilled with cold water from the fresh water supply. The temperatures ϑ3 and ϑ5 are assumed to be immeasurable. The room temperature ϑ0 is not measured and lies between 15 ◦ C and 25 ◦ C.
Figure 9.5 shows the block diagram of the described observation tasks. Due to the quantised level measurements, the various uncertainties, the nonlinearity of the system dynamics and the hybrid, i.e. continuous– and discrete– variable system characteristics induced by the PLC it is very difficult to solve the described observation problem with classical observers. In contrast to this, the quantised system approach allows to directly incorporate all of the above uncertainties, switchings and nonlinearities. The only additional restriction coming with the quantised system approach is that the numerical measurements are quantised on purpose. However, the quantisation of the temperature will be chosen near to the resolution of the sensor such that the
264
9. Applications
solution to the state observation problem presented in the following is near to the precise solution to the observation task under the conditions of the application example. 9.3.2 Qualitative Modelling of the Reactor Description of the quantised reactor system. The numerical model of Tank B1 has been described in Section 9.2. For qualitative modelling, the system is considered with a sampling time of Ts = 20 s. Accordingly, it is assumed that the input signals are constant within one sampling interval. The discrete–time state space model of Tank B 1 is not derived explicitly, but is left in the integral form (3.25) which is solved numerically during the computation of the qualitative model. To determine the qualitative model the input and output quantisation must be defined. This means that the partitions of the signal spaces and, for the inputs and states, also the density functions must be defined (cf. Sections 3.2.1 and 3.5.2). As some of the signals are discrete–valued the extensions of Section 3.3.3 are needed. Furthermore, the uncertainties concerning the temperatures of the inflowing liquids and the room temperature ϑ0 requires the extension of the qualitative model to systems with parameter uncertainties as described in Section 4.2.4. However, the example can also be understood if ignoring the details of these extensions. Quantisation of the inputs and outputs. Throughout this example uniform distributions are used for the injectors and for the state densities. Accordingly, only the signal space partitions must be defined. All signals are quantised independently of each other. Accordingly, five quantised inputs and two quantised outputs are obtained (cf. Figure 9.5). Bijective mappings Mv and Mw transform the five or two quantised values into a scalar quantised input value [u] or [y], respectively. The quantisation of five variables need to be defined, namely the quantisation of the input u4 = h5 , of the outputs y1 = ϑ1 and y 2 = LS7−9 and the quantisation of the two states x1 = h1 and x2 = h5 . The input u4 contains information about the amount of liquid flowing into Tank B 1 through Valve V1 . However, the influence of h5 on the flow is relatively small such that the input space R4u = [0, 0.32] of u4 is partitioned only into three regions Qu4 (1) = [0, 0.32/3) , Qu4 (2) = [0.32/3, 0.64/3) , Qu4 (3) = [0.64/3, 0.32] . The output y1 is quantised like the state x1 of which the partition will be derived below. Finally, the output y 2 = (LS7 , LS8 , LS9 ) is quantised according to Qy2 (1) = {(0, 0, 0)} , Qy2 (2) = {(0, 0, 1)} , Qy2 (3) = {(0, 1, 1)} , Qy2 (4) = {(1, 1, 1)} , Qy2 (0) = {(0, 1, 0), (1, 0, 0), (1, 0, 1), (1, 1, 0)} .
9.3 State Observation Example
265
Fig. 9.6. State space partition according to the stationary behaviour of the reactor (left) and natural state space partition (right).
Partitioning of the state space. In Section 4.3 the relation between the state space partition and the system dynamics is investigated. As outlined there, the idealised assumptions made in Section 4.3 are, in general, not met in a practical application. However, the results give a guideline for an appropriate state space partition. These guideline are used now to define the partition of the state space. As described in Section 4.3.2, adapting the partition to the system dynamics requires to study its stationary behaviour first. Accordingly, assume that there was a constant inflow of hot liquid with a temperature of ϑ5 = 65 ◦ C from Tank B5 to the reactor. Assume further that the level in Tank B 5 is held constantly at h5 = 0.3 m by refilling Tank B5 using Pump P3 . Under these conditions the system is autonomous and yields state trajectories as shown on the left–hand side of Figure 9.6 in the state space. It can be seen that due to the automatic shut down of the inflow at h1 = 0.42 m by the PLC all points of the set ¯ = {x = (x1 , x2 )0 | x1 ≥ 0.42, x2 ∈ [10, 70]} X are fixed points of the system. That is, the system has a stable invariant manifold as considered in Section 4.3.1. A state space partition with the partition set marked by the light grey box on the left–hand side of Figure 9.6 satisfies the condition of Theorem 4.3.1 as no trajectory leaves the marked box. Hence, such a partition would yield correct stationary behaviour of the qualitative model. Based on these considerations, now a partition adapted to the dynamical behaviour of the system is derived. Frist, the marked box on the left–hand side of the Figure 9.6 is divided into smaller partitions sets each satisfying the condition of Theorem 4.3.1. This is necessary in order to distinguish different temperatures. Algorithm 4.1 is applied to these sets. This yields the parti-
266
9. Applications
Fig. 9.7. Superposition of two natural state space partitions (left) and actually used partition of the reactor state space (right).
tion shown on the right–hand side of Figure 9.6 by the dark lines. From the trajectories drawn to the figure in light grey it can be seen how this partition is adapted to the system dynamics. To illustrate the mappings performed by Algorithm 4.1, one set including fixed points is marked in Figure 9.6 and is given the number 14. The regions numbered from 15 to 21 are obtained by mapping the set number 14 step by step with the inverse of the system equation (see also Figure 4.9). However, the reactor in this example is not autonomous but possesses several inputs. Hence, the derived state space partition is not optimal for other inputs than the one assumed above. For example, repeating the design of a natural partition with a constant inflow from Tank B 3 instead of B5 with a temperature of ϑ3 = 15 ◦ C yields a different partition. The superposition of the state space partition derived for this input with the previous partition is shown on the left–hand side of Figure 9.7. It can be seen that many new bounds are introduced. Varying also the other inputs and parameters would yield a continuum of partition sets which are practically impossible to handle. Nevertheless, Figures 9.6 and Figure 9.7 give an impression about the “natural size” of the partition sets. This leads to the partition shown on the right–hand side of Figure 9.7 which partitions the state space into 440 equally sized boxes. The granularity of this partition is oriented to the size of the regions of the derived natural partitions. Knowing that a “good shape” of the partition sets depends on the numerical inputs that vary over a wide range, rectangular boxes are chosen to keep calculations simple. Note that the state space partition only determines the accuracy of the qualitative model and, hence, the model complexity but not the precision of the measurements which is given by the application. Qualitative model of the quantised reactor system. The qualitative model of the reactor is derived as described by Definition 3.5.1, for the par-
9.3 State Observation Example
267
titions defined in the previous section. As the computation of the model is a major issue, some practical results are outlined in this section. Computation using point–mapping. The easiest way to compute an estimate of the qualitative model is point–mapping as described in Section 4.2.2. However, as explained there, the problem is that point–mapping might yield incomplete qualitative models, i.e. transitions possibly occurring in the quantised system are not contained in the computed SA. The aim of the following considerations is to show that this problem is not only of theoretical nature but has a practical relevance. Therefore, the qualitative model has been estimated using different configurations of points for computation. For the computations the point–mapping algorithm of the QuaMo–Toolbox has been used (cf. Appendix B, [174]). The QuaMo–Toolbox is a MATLAB toolbox but the point–mapping algorithm is implemented in C for faster computations [175]. For the algorithm it is specified for each dimension of the state, input and parameter spaces how many points are to be used. For discrete dimensions, the number of points is, of course fix, using one point for each discrete value. Table 9.1 shows different configurations of the number of points used to compute the qualitative model. Columns two to seven contain the number of points uniformly distributed within the value range indicated in the respective column. The last three columns contain, from left to right, the total number of points mapped during computation, including the points in the discrete dimensions, then the computation time in seconds measured on a standard PC with a clock–rate of 1GHz, and finally the number |TL | of nonzero entries of the behavioural relation of the obtained SA. The results of Table 9.1 can be interpreted as follows. Firstly, it can be seen from rows 1–4 that the number of nonzero entries in the behavioural relation changes significantly by increasing the number of points in all dimensions. To determine how many points per dimension are necessary, the number of points is increased separately in each dimension, in the ideal case until no further transitions are detected. Comparing rows 9, 14, 18 and 21 shows that the number of nonzero transitions of the SA increases steadily when increasing the number of points meaning that none of former models has been complete. However, for higher absolute number of points the number of additional transitions decreases. That is, between rows 8 to 13 there is a difference of 881 transitions, whereas the step from row 18 to 21 only resulted in 594 new transitions. Looking at the differences in the number of transitions also shows in which dimensions the number of points should be further increase. For example, increasing the number of points used for the room temperature ϑ0 only yields
268
9. Applications
Table 9.1. Computation time and number of nonzero entries of the behavioural relation of the computed estimate of the qualitative model using point–mapping. relevant value range [0, 0.44] [10, 70] [0, 0.32] [10, 20] [60, 70] [15, 25] h1 ϑ1 h5 ϑ3 ϑ5 ϑ0
#P 6
time [s]
|TL |
1 2 3 4
100 100 200 500
100 100 200 500
10 10 10 20
1 3 5 5
1 3 5 5
1 2 2 2
1.6·10 2.9·107 3.2·108 8.0·109
56 1003 11146 139489
28890 32364 37324 39955
5 6 7 8 9 10
100 100 100 100 100 1000
100 100 100 100 1000 100
10 10 10 100 10 10
1 1 10 1 1 1
1 10 1 1 1 1
10 1 1 1 1 1
1.6·107 1.6·107 1.6·107 1.6·107 1.6·107 1.6·107
558 634 558 558 634 558
28901 30744 32502 29421 31799 32264
11 12 13 14 15
100 100 100 100 2000
100 100 100 2000 100
10 10 200 10 10
1 20 1 1 1
20 1 1 1 1
1 1 1 1 1
3.2·107 3.2·107 3.2·107 3.2·107 3.2·107
1116 1115 1110 1116 1116
30948 32914 29428 32680 32506
16 17 18 19
100 100 100 4000
100 100 4000 100
10 10 10 10
1 40 1 1
40 1 1 1
1 1 1 1
6.4·107 6.4·107 6.4·107 6.4·107
2233 2232 2231 2231
31059 33128 33347 32604
20 21
100 100
100 8000
10 10
80 1
1 1
1 1
1.3·108 1.3·108
4465 4459
33247 33941
22
4000
8000
200
80
40
10
3.3·1015
≈ 3630 years
11 additional entries (cf. rows 1 and 5), whereas for the temperature ϑ3 3613 additional transitions are obtained (cf. rows 1 and 7). In rows 5 to 20 of the table the number of points has only been increased in one dimension. But to obtain a reasonable estimate of the behavioural relation the number of points must be increased in all dimensions simultaneously. This is shown in row 22, knowing from rows 5–21 that the number of points in each dimension is probably still too small. Nevertheless, extrapolating the computation time for the number of points as indicated in row 22 would mean a computation time of more than 3000 years. Accordingly, it must be concluded that by means of point–mapping no complete model of the system can be obtained. Practically, however, stochastic automata obtained by point–mapping might be acceptable as estimate of the qualitative model. When using a high number of points the transition probability of a missing entry will be very low.
9.3 State Observation Example
269
Otherwise, there would certainly be at least one point yielding this transition. To give a rule–of–thumb assume that there are about κ points for one state– input pair (z, v). Then the threshold probability above which transitions are likely to be detected is about 1/κ. For the reactor model this means that to detect transition probabilities higher than 0.1%, approximately κ ≈ 103 points per qualitative state–input pair are required. As there are about 2·104 of such state–input pairs this means that 2·107 points should be used in the state–input space. With this and 10 points per dimension of the parameter space this means 2 ·1010 points and, according to Table 9.1, a computation time of about 8 days. Computation using hyperbox–mapping. An alternative way to compute an estimate of the qualitative model is the hyperbox–mapping method outlined in Section 4.2.3. This method requires that a Lipschitz matrix Ψ of the system is known. For the reactor it is very difficult to analytically derive such a matrix. Therefore, numerical experiments are made to estimate the Lipschitz matrix as described in [43]. For the continuous variables this yields the matrix
h1
1 150 ◦ C m Ψ = 1 0
ϑ1
h5
ϑ3
ϑ5
0 1 0 1
0.4 ◦ 80 mC 0 0
0 0.7 0 0
0 0.6 0 0
ϑ0
+ 0 h1 + ϑ 0.0004 1 h1 0 ϑ1 . 0
The entries of the matrix are very conservative. For example, the entry in the second row of the first columns means that two initial conditions that differ only in h1 about 1cm can yield temperature differences of up to 1.5 ◦ C after Ts = 20s. In fact, such extreme differences can occur, but only for almost empty Tank B1 . The consequence is that such large values yields very conservative approximations of the mapped boxes. This could only be avoided by changing the entries of Ψ in dependence upon the state and input. But this has not been investigated so far, and the QuaMo–Toolbox provides no such possibility. Nevertheless, the hyperbox–mapping method yields complete models with the above Lipschitz matrix. Table 9.2 shows the results of hyperbox–mapping. The central parameters of the algorithm are the subdivision parameters (s– div), specifying how many times a box may be subdivided per dimension. Furthermore, the initial number of boxes (i–box) per dimension is given to the algorithm. The table shows the total number of boxes, the computation time and the number of nonzero transitions of the obtained SA. It can be seen that the numbers of nonzero entries of the resulting behavioural relations are much higher if compared to Table 9.1.
270
9. Applications
In summary, Tables 9.1 and 9.2 yield the result that the actual number of nonzero entries of the behavioural relation lies between 39955 and 343665. In the following, the qualitative models corresponding to row 4 of Table 9.1 and the last row of Table 9.2 are used and are compared to each other.
Table 9.2. Computation time and number of nonzero entries in the behavioural relation of the computed estimate of the qualitative model using hyperbox– mapping. relevant value range [0, 0.44] [10, 70] [0, 0.32] [10, 20] [60, 70] [15, 25] h1 ϑ1 h5 ϑ3 ϑ5 ϑ0 #B i–box 10 10 10 2 2 1 675200 s–div 1 1 1 0 0 0
time [s] 5884
|TL | 428176
i–box s–div
10 2
10 2
10 2
2 1
2 1
1 0
9.4·107
19827
369928
i–box s–div
10 3
10 3
10 2
2 1
2 1
1 0
2.1·109
4.1 days
346684
i–box s–div
22 1
20 1
10 1
2 0
2 0
1 0
3.1·106
7337
357111
i–box s–div
22 2
20 2
10 2
2 1
2 1
1 0
6.8·109
1.3 days
343665
9.3.3 State Observation Results The estimates of the qualitative model of the reactor are now used to solve the supervision task. First, the SA obtained by point–mapping is used. In an experiment the input sequences shown on the left–hand side of Figure 9.8 are given to TINA, yielding the quantised output measurement sequences shown on the right–hand side of the figure. Because of the uncertainties of the output measurements no unique sequence of output symbols is obtained. The measurement errors are taken into account as follows. The numerical temperature measurement of ϑ1 has a tolerance of 1 K (cf. Section 9.3.1). Accordingly, a triangular distribution is put around the measured value as shown for the last temperature measurement on the right–hand side of Figure 9.8. The uncertainties of the quantised level measurements cannot be incorporated like this, as they are discrete–valued, obtained from the sensors LS 7−9 . Instead, whenever the discrete measurement changes its value within a sampling interval, it is assumed that the actual level can be above or below the
9.3 State Observation Example
271
Fig. 9.8. Quantised input sequence (left) and output sequence (right) measured in the experiment.
Fig. 9.9. Observation result based on the SA obtained by point–mapping (left) and comparison of the observation result with the measured level in B 1 (right).
sensor position with the same probability. For the above measurement sequence this concerns the time instances 120, 160, etc. The outlined method provides a very conservative way to represent the measurement uncertainties, to guarantee the completeness of the observation result. Another possibility would be to incorporate the uncertainties in the abstraction process. However, this has not been studied so far. To the sequences of Figure 9.8 the observation Algorithm 6.1 with the extension of Section 5.8.3 is applied. This yields the result shown on the left–hand side of Figure 9.9. It can be seen that the probability distribution contracts itself relatively fast and follows the dynamics of the liquid level. To compare the observation result with the liquid level measured by means of sensor LI6 the experiment has been continued for about 30 minutes. The liquid level measured in the experiment by means of LI 6 is shown as dark dashed line on the right–hand side of Figure 9.9. For comparison with the observation result the upper and the lower bounds of the regions for which
272
9. Applications
Fig. 9.10. Observation result based on the SA obtained by hyperbox–mapping (left). Comparison of the observation result with the real level in B 1 (right).
the observation algorithm yields a nonzero probability is shown by the light grey lines. For reasons of presentation the envelope is linearly interpolated between the sampling instances. The same holds true for the mean value of \ | [U ], [Y ]) shown as solid grey the probability density function IN Prob([x(k)] line. It can be seen that the measured value lies always within the envelope. The quality of the observation result is very good what can be seen when comparing the mean value of the distribution to the actual liquid level. According to Theorem 6.1.1 it would be guaranteed that the envelope encloses the measurements (at the sampling instances) if the SA used for observation was a complete model of the reactor. For the SA obtained from point–mapping this is not the case. Nevertheless, the envelope covers the measured sequence. For comparison, the observation algorithm is applied again to the same measurement sequences of above but with the SA obtained by hyperbox– mapping. The result is shown in Figure 9.10. It can be seen that the observation result is more fuzzy if compared to Figure 9.9. The envelope is at every time instance wider than before, reflecting that the SA obtained by hyperbox–mapping is complete with respect to the SA obtained by point– mapping.
9.4 Fault Diagnosis Example 9.4.1 Problem Statement In this section an example will be given that requires a component–oriented qualitative modelling approach. The task is to detect and to identify faults that may occur during neutralisation at the titration and neutralisation plant (TINA) shown in Figure 9.1.
9.4 Fault Diagnosis Example
273
In this example, concentrated sodium hydroxide (NaOH) stored in Tank B 4 shall be neutralised in the reactor B 1 by means of hydrochloric acid (HCl) in Tank B2 (cf. Figure 9.2). The base is not pumped directly to the reactor but is first pumped to Tank B5 where it is diluted with water from Tank B 3 . To make the control of the neutralisation reaction easier, the liquid in B 1 is heated to approximately 80 ◦ C where the reaction is slower. A batch program running on the PLC controls the process. It is responsible for refilling Tank B5 from Tanks B4 and B3 , for the temperature control in B 1 and for the neutralisation reaction. Neutralised liquid is let out to Tank B 3 , which is emptied by means of the waste water pump, and afterwards refilled with water to be pumped into Tank B5 . For the diagnostic task all sensors as given in Figure 9.2 are available. However, the continuous level sensor LI 6 in Tank B1 will not be used to make the example more challenging. In contrast to the previous example, the dis7 8 crete level sensors LS7 –LS9 are installed at hLS = 42cm, hLS = 25cm and 1 1 LS9 h1 = 19cm, respectively. In detail, the configuration of the neutralisation process is as follows: Supervision task: • Detection and identification of the following faults: – The base Valve V1 is stuck closed. – The outlet Valve V2 is stuck closed. – The acid Pump P1 is not operating. – The base refilling Pump P2 is not operating. – The heating cannot be switched on. – The acid concentration in Tank B2 is too low. – Acid instead of base has been filled into Tank B 4 . Available measurements: • All sensors as indicated in Figure 9.2 except for LI 6 . Controllers: • Dual–mode temperature controller for Tank B 1 . All heating elements are switched on if the temperature is below 78 ◦ C and switched off at 82 ◦ C. Furthermore, the heating is switched off if the level in B 1 is below LS9 . • Neutralisation controller. Maximum acid inflow until the pH in B 1 is close to neutral. Then a proportional control is used until the pH is within the interval pH1 ∈ [6.5, 7.5]. With this simple controller, stability of the closed loop system is achieved. However, the controller works only near to the nominal temperature and for liquid levels between LS 8 and LS9 [124]. • If the discrete level sensors LS i indicate a completely empty or full tank, then the PLC switches off the corresponding pumps or closes the corresponding valves.
274
9. Applications
P1 LS 7 LS 11
Injector
Pump P1 static
Injector Injector
Level B5 h5
Injector Injector
Quantiser
h5
Quantiser
Injector
q35
q45
Quantiser
Pump P2 static
q21 q51
q45 q35
Pump P3 static
h5
Temp. B1 ϑ1
Quantiser
ϑ1 q21
q51
Injector
h Quantiser 1 LS 7 Quantiser LS 8
Injector
V2 LS12 V2,stuck
Injector
Quantiser
Injector
Pel
q51
V1,stuck
Injector
Injector
h1
Injector
Injector
LS 9 e heat
Injector
Injector
P1,broken V1 LS7
Dual-mode controller mode
Quantiser
Injector
Quantiser
q21 q51
Quantiser
nH
Injector
Heating static
Injector Injector Injector
Level B1 h1
Quantiser
Quantiser
Injector
LS 9
pH5 h1 ϑ1
e acid
Injector Injector Injector
pH B1
Injector
pH1
Injector Injector
Quantiser
pH1 Injector Injector Injector
pH B 5 pH5
Quantiser
pH5
Injector Injector
Injector
Injector
Injector
Injector
Injector
e base
Injector Injector
P 2,broken
V2,stuck
P 3,broken Quantiser
P2 LS13 LS17
P3 LS16 LS17
Separate diagnostic system
Quantiser
V1,stuck
Quantiser
Quantiser
Quantised fault process Quantiser
Quantiser Quantiser
e heat e acid
Quantiser
P1,broken
Fig. 9.11. Decomposed quantised system for fault diagnosis.
Further configurations: • Tank B5 is refilled via Pumps P2 and P3 . • The temperatures of the acid in Tank B 5 , the base in Tank B4 and the water in Tank B3 are between 15 ◦ C and 20 ◦ C. The room temperature ϑ0 is between 15 ◦ C and 25 ◦ C. 9.4.2 Component–Oriented Qualitative Modelling of TINA Structure of the decomposed quantised system. The above fault diagnostic problem leads to the decomposed quantised system shown in Figure 9.11. The block diagram contains only those subsystems wich are needed for the diagnostic tasks. If compared to Figure 9.3 it can be seen that all relevant signals are considered in Figure 9.11. The only exception is the flow q13 from Tank B1 to Tank B3 . This flow is an immeasurable output of the block for the level h1 (cf. Figures 9.3 and 9.11). This means that, in principle, the decomposed quantised system shown in Figure 9.11 must be extended by the block for the level h3 and further blocks of Tank B3 , because information about the change of h3 means information about the flow q13 , which depends on h1 . Hence structurally, the measurements of Tank B 3 can be used to observe the level in Tank B1 . Practically this is not reasonable, because the additional information about h1 from the measurements of Tank B3 is very
9.4 Fault Diagnosis Example
275
small, in particular if compared to the information from the measured temperature and pH of Tank B1 . As shown in Figure 9.11, a decentralised diagnostic approach can be used. That is, for the diagnosis of faults in Pump P 2 , Pump P3 and Valve V1 , a separate diagnostic block is used. In particular for faults in Pump P 2 and Pump P3 this is reasonable, because the change of the continuously measured level h5 provides the best available information about these faults. In contrast to this, a fault in Valve V1 can also be detect by using the measurement of ϑ1 and pH1 . The diagnostic system is split up as as shown in Figure 9.11. The main diagnostic block considers all faults except for the faults in Pumps P 2 and P3 . Note that the blocks of Pumps P2 and P3 cannot be removed from the network because the flows q35 and q45 are immeasurable inputs to the block of pH5 . For the main diagnostic block, the dynamical model of h5 becomes a static relation to determine the flow q51 from the measured level h5 . In the following only the main diagnostic block is considered. The diagnosis of the faults in Pumps P2 and P3 is straightforward as a single qualitative model can be used for diagnosis. Table 9.3 contains all relevant signals of the decomposed quantised system and their quantisation. The quantisations define the corresponding quantisers and also the injectors as for all density functions uniform distributions are used. Aspects of temporal quantisation. The system structure shown in Figure 9.11 is according to physical dependencies represented by the continuous– time model. However, as explained in Section 8.1.3, further dependencies must be taken into account for blocks of the corresponding discrete–time model because some inputs do not satisfy the sample and hold condition. In fact, analysing Figure 9.11 shows that several signals do not satisfy this condition, even if assuming that all external inputs are held constant within the sampling interval. These are for example the level h5 and, hence, also the flow q51 or the number of active heating elements nH and others. The formal method to cope with this problem is given in Section 8.1.3. There it is suggested to connect each block, e.g. the block of the dual–mode controller, with all those signals of the network which are necessary to unambiguously predict its continuous–variable successor state in the discrete–time case. In case of the dual–mode controller this would mean several additional inputs. These are, firstly, the flows q21 and q51 , the level h1 and the heating power Pel . However, these variables are themselves not constant within a sampling interval as they depend on other, not constant signals. Obviously, adding all these input signals to the block is not applicable.
276
9. Applications
Table 9.3. Signal of the network of qualitative models and their quantisation. signal names plant model
quantisation bounds
V1 u1 / v 1 {0, 0.2, 0.7, 1.0} u2 / v 2 {0, 0.2, 0.7, 1.0} V2 u3 / v 3 {0, 0.05, 0.7, 1.0} P1 u4 / v 4 {0, 0.05, 0.7, 1.0} P2 u5 / v 5 {0, 0.05, 0.7, 1.0} P3 u6 / v 6 {0, 0.07, 0.12, 0.16, 0.20, 0.25, 0.32}m h5 u7 / v 7 {0}, {1} (discrete) LS11 u8 / v 8 {0}, {1} (discrete) LS12 u9 / v 9 {0}, {1} (discrete) LS13 u10 / v 10 {0}, {1} (discrete) LS16 u11 / v 11 {0}, {1} (discrete) LS17 11–dimensional input space. Overall number of qualitative inputs: pH1 y 1 / w1 y 2 / w2 ϑ1 y 3 / w3 LS7 y 4 / w4 LS8 y 5 / w5 LS9 5–dimensional output
{1, 2, 3, 4, 5.5, 8.5, 10, 11, 12, 14}pH {15, 30, 60, 75, 80, 85, 100}◦ C {0}, {1} (discrete) {0}, {1} (discrete) {0}, {1} (discrete) space. Overall number of qualitative outputs:
valency 3 3 3 3 3 6 2 2 2 2 2 46656 9 6 2 2 2 432
q21 r1 / s1 {0, 0.75, 4, 8, 12, 15} · 10−6 m3 /s 5 r2 / s2 {0, 0.5, 11, 22, 33, 45} · 10−6 m3 /s 5 q51 r3 / s3 {0, 3.5, 20, 40, 50, 65, 80, 85} · 10−6 m3 /s 7 q35 r4 / s4 {0, 3.5, 20, 40, 50, 65, 80, 85} · 10−6 m3 /s 7 q45 r5 / s5 {0}, {6} (discrete) 2 nH r6 / s6 {0}, {18} in kW (discrete) 2 Pel r7 / s7 {0, 0.1, 0.19, 0.25, 0.32, 0.42, 0.45}m 6 h1 r8 / s8 {1, 4, 9, 10, 11, 12, 14}pH 6 pH5 8–dimensional signal space. Overall number of qualitative values: 176400 h1 x1 / z 1 {0, 0.1, 0.19, 0.25, 0.32, 0.42, 0.45}m x2 / z 2 {15, 30, 60, 75, 80, 85, 100}◦ C ϑ1 x3 / z 3 {1, 2, 3, 4, 5.5, 8.5, 10, 11, 12, 14}pH pH1 x4 / z 4 {0}, {1} (discrete) mode x5 / z 5 {1, 4, 9, 10, 11, 12, 14}pH pH5 5–dimensional state space. Overall number of qualitative states: V1,stuck e1 / f 1 {0} (ok), {1} (stuck) e2 / f 2 {0} (ok), {1} (broken) P1,broken e3 / f 3 {0} (ok), {1} (stuck) V2,stuck e4 / f 4 {0} (ok), {1} (broken) eheat e5 / f 5 [1.9, 2.1]pH (ok), [3.5, 4.5]pH (faulty) eacid e6 / f 6 [11.9, 12.1]pH (ok), [1.9, 2.1]pH (faulty) ebase 6–dimensional fault space. Overall number of qualitative faults:
6 6 9 2 6 3888 2 2 2 2 2 2 64
9.4 Fault Diagnosis Example
277
Fig. 9.12. Extension of the qualitative temperature controller model due to a violated sample and hold condition.
Practically, two alternative methods are used that take the violated sample and hold condition into account. For signals that change only slightly during a sampling interval like, for example, the level h5 or the flow q51 , the unknown change of the signal is replaced by the assumption that the signal is noisy. With the extensions of Section 4.2.4, these uncertainties are included in the abstraction of the qualitative model. For signals that change considerably with changes in the unknown input signal, e.g. the “mode” of the dual–mode controller, a “mean model” is derived, taking into account all possibilities of unknown input signal changes. This is explained for the dual mode controller. To make the explanation easier, the temperature is partitioned into 3 regions: below 78 ◦ C, between 78◦ C and 82◦ C and above 82◦ C. The continuous–time model of the controller is shown in Figure 9.12a. Whenever the temperature falls below 78 ◦ C, the controller switches to mode = 1 which gives the command nH = 6 to the heating. The controller remains in this state until the temperature exceeds 82 ◦ C in which case it returns to mode = 0 and gives nH = 0. Figures 9.12b–f show different qualitative models of the controller for the sampling time Ts = 20s. For simplification only the state transitions are considered. In the figures, a thin black line means possible transitions if the temperature ϑ1 is below 78◦ C at time instance k, a medium grey line those corresponding to temperatures between 78 ◦ C and 82◦ C, and a thick light grey line means edges for temperatures above 82 ◦ C. Under the assumption that the temperature ϑ1 is constant between two sampling instances the qualitative model shown in Figure 9.12f is obtained. However, Figures 9.12b–e show that additional transitions exist. The reason for
278
9. Applications
these additional transitions is clear and will be explained using Figure 9.12b. When the heating is on (mode = 1) the temperature will rise and the heating will be turned off during the sampling interval if 82 ◦ C is reached. Accordingly, for 78◦ C < ϑ1 < 82◦ C a transition from mode = 1 to mode = 0 is possible. This transition is included in Figure 9.12b and has a probability of 0.374. However, Figure 9.12f excludes this transition. Similarly, the additional transitions shown in the other automaton graphs of Figure 9.12 can be explained. Accordingly, the model in Figure 9.12f is obviously incomplete and cannot be used. To obtain a complete qualitative model of the temperature controller, further signals are considered. These are the level h1 and the inflows q21 and q51 . Figures 9.12b–d show a selection of controller models obtained for different assumptions on these inputs. The controller model actually used is shown in Figures 9.12e. It is obtained by abstracting the controller taking into account all possible values for the inflows and the level h1 . This model can be interpreted as the model which is obtained when “merging” Figures 9.12b–d plus those obtained for the remaining assumptions on the inputs. It can be seen that the qualitative model shown in Figures 9.12e allows all possible transitions. This means that its information content is low. This can be avoided only if taking the inflows and the level h1 as further qualitative inputs to the qualitative model of the temperature controller. By means of the outlined extensions, all qualitative models of the network are derived while maintaining the structure shown in Figure 9.11 also for the discrete–time case. Network of qualitative models and complexity evaluations. Abstracting all subsystems of the decomposed quantised system shown Figure 9.11 yields the network of qualitative models shown in Figure 9.13. It can be seen that two additional blocks have been introduced, namely the NSA S 11 and S 12 . Their purpose is only to change the granularity of the temperature and level inputs to NSA S 3 , respectively. That is, the new coupling signals s9 and s10 also mean the qualitative level or temperature in Tank B 1 . But instead of 6 qualitative values of s7 and w2 , the new coupling signals are defined with only 3 or 2 qualitative values, respectively. This reduces the complexity of the NSA S 3 , what has a noticeable effect on the composition time, because the composition operation with NSA S 3 is the most time consuming. In the introduced framework of quantised systems, the two models NSA S 11 and S 12 can be interpreted as qualitative model of a static quantised system with the output equation y(k) = u(k). Fault model. It is assumed that all faults can occur independently of each other. Accordingly, each fault can be modelled separately by means of a fault model Gif ((f i )0 | f i ), i = 1, . . . , 6. As all faults in this example are binary faults, this means that due to
9.4 Fault Diagnosis Example
279
Fig. 9.13. Network of qualitative models for fault diagnosis.
Gif ((f i )0 = 1 | f i = 1) = 1 − pf1→2 Gif ((f i )0 = 1 | f i = 2) = 1 − p2→1 i fi i i 0 i 1→2 Gf ((f ) = 2 | f = 1) = pf i Gif ((f i )0 = 2 | f i = 2) = p2→1 i f that for each fault two parameters are required. For example, for the first fault, f 1 = 1 means the faultless and f 1 = 2 the faulty case. Accordingly, p1→2 means the probability that within one sampling interval a fault occurs, f1 i.e. that the Valves V1 gets stuck. Similarly, p2→1 means the probability that f1 between two time instances, the stuck valve returns to normal operation. Obviously, these probabilities are not known but must be guessed. A guideline for this can be characteristic values of components like the mean time before failure. For example, if the mean time before failure of Pump P 1 is known to be about 5000h, then the probability that it breaks down within a sampling interval of 20 seconds is about 10−6 . Clearly, this is only a rough estimate, as in contrast to the fault model, the stochastic process actually describing the pump fault is, most likely, no Markov process. Practically, the parameters of the fault models can also be used to tune the behaviour of the diagnostic algorithm. For example, if measurements occur that allow to exclude a fault f i while measurements never allow to conclude to a higher value than p1→2 on it, it is reasonable to set pf2→1 i f i . This technique has been used for Pump P1 what will become visible from the diagnostic results given below. Below all parameters used for the fault models are given.
280
9. Applications
pf1→2 i pf2→1 i
G1f
G2f
G3f
G4f
G5f
G6f
10−6 10−6
10−3 10−8
10−6 10−6
10−3 10−8
0 0
0 0
Note that due to these fault models, an acid or base fault cannot change during the operation of the plant. This is a reasonable assumption, as either initially wrong acid or base is filled into the tanks or not. In this example, the concentrations cannot change by themselves over time. Complexity of the network. Table 9.4 shows the number of nonzero transitions of all NSA. Furthermore, the table shows for all dynamical subsystems the estimated number of transitions obtained from eqn. (3.8) with nondeterminism parameters of ηz = 2 and ηw = 1 as all qualitative outputs depend deterministically on the qualitative states. It can be seen that the estimate yields reasonable results. Table 9.4. Number of nonzero transition probabilities of all NSA, compared to the estimated number. L1 L2 L3 L4 L5 L6 L7 L8 L9 L10 L11 L12 L13 |TLi | 3213 3610 28777 28 5413 94 8 26 17 17 7 5 1024 ≈ |TLi | 3600 3600 32400 24 7056 − − − − − − − −
According to Table 9.4, the overall network has only 42239 nonzero transition probabilities. For comparison, if a single SA of the overall network was to be abstracted, this would mean approximately |TL | ≈ 3888 · 46656 · 64 · 25 · 15 ≈ 3.7 · 1011 nonzero transition probabilities according to eqn. (3.8) (cf. Table 9.3). Just to give an impression what this number means: using the QuaMo–Toolbox for such a model would mean a memory demand of nearly 9000 GigaByte. Furthermore, with the abstraction time per point of Table 9.1 it would take at least 10000 years to compute this model, even if using an insufficiently small number of points per dimension. 9.4.3 Diagnostic Result In this section, a selection of diagnostic results is presented obtained by applying Algorithm 8.2 to experimental measurement sequences. The component–based approach allows to solve this complex diagnostic task. However, the necessary partial compositions require time consuming computations. Using the composition algorithms of the QuaMo–Toolbox, the computation of a partial composition takes between 1 and 15 seconds on a standard PC with 1GHz clock–rate. However, as the sampling time is Ts = 20s, the diagnosis can still be performed on–line. The computation time can be reduced by
9.4 Fault Diagnosis Example
281
Fig. 9.14. External input and output sequences.
improving the composition algorithms of the toolbox because currently, the partial composition is computed for all qualitative states and faults, and without utilising intermediate results that can yield a zero probability for certain coupling signal values. Nevertheless, the partial composition remains to be a complex task as, approximately, between 500 and 10000 nonzero probabilities must be determined in each composition. Figure 9.14 shows all external input and output signals of the first experiment. It can be seen that first Valve V 1 is opened to let base into Tank B1 .
282
9. Applications
Fig. 9.15. Diagnostic result for faultless operation.
Then Pump P1 is switched on to neutralise the liquid. As the reaction near pH 7 is much faster than the sampling time of 20 seconds, the phase in which the proportional controller adjusts the pH cannot be seen. In fact, the liquid is neutralised by the controller after time instance k = 24 which can also be seen from the quantised pH measurement. After neutralisation, the liquid is let out of Tank B1 by opening Valve V2 . In the meantime, Tank B5 has been refilled with a mixture of concentrated sodium hydroxide and water by means of Pumps P2 and P3 . After the neutralised liquid has been let out, a new neutralisation batch is started. Applying Algorithm 8.2 to these sequences with a uniform initial state and fault distribution yields the diagnostic result shown in Figure 9.15. According to the diagnostic result, the system behaves normally. All faults are excluded except for the base fault ebase for which a very low probability is obtained. It can further be seen that the pump and valve faults are undiagnosable for some time. This is clear, because it cannot be seen whether, for example, a pump is broken unless it is tried to switch it on. The same holds true for the valves. An interesting result is the diagnosis of the base fault. It can be seen that during the first neutralisation batch up to time k = 40, no information about the fault was obtained. This is clear, because in the first batch the pH of Tank B5 has been influenced by the base in Tank B 4 only after Valve V1 was closed. As the pH in Tank B5 is immeasurable this means that the fault was not diagnosable. To explain why the fault can, nevertheless, be diagnosed in the second batch, Figure 9.16 shows the observed qualitative state of pH 5 which is implicitly reconstructed by the diagnostic Algorithm 8.2. It can be seen that after starting the algorithm, it is derived from the neutralisation reaction that the pH in Tank B5 must be between 10 and 12. Then, at time instance k = 24 water is pumped into Tank B5 . Accordingly, the pH goes
9.4 Fault Diagnosis Example
283
Fig. 9.16. Observation result for the pH in Tank B 5 .
slightly down. Note that at this time the observation of pH 5 is merely a simulation, because Valve V1 is closed and, hence, no information about the actual pH in Tank B5 is obtained. The same holds true when at time k = 30 liquid of Tank B4 is pumped into Tank B5 . It can be seen from Figure 9.16 that at this time the observed pH splits up into two parts. This is because the shown observation result is due to X Prob(z) = Prob(z, f ) f
a “mean” distribution for all possible faults. In this case, the probabilities for states above pH 7 correspond to the faultless case, whereas those below pH 7 are from the faulty case, in which accidently acid has been pumped into Tank B5 . When at time k = 40 the Valve V1 is opened again, it is observed from the reaction in Tank B1 that the pH in Tank B5 must be between 10 and 12. That is, states below pH5 = 7 are excluded. As the probabilities for these states were obtained under the assumption of a base fault, excluding these states means excluding the fault. This explains the diagnostic result shown in Figure 9.15. Figure 9.17 shows the external input and and output sequences of a second experiment during which some faults occur. For reasons of presentation only the sequences relevant for the diagnostic result are shown. In this experiment, the acid pump broke down at time k = 20, returned to operation at time k = 50 and finally broke down again at time k = 68. Furthermore, the heating broke down at time k = 63. Practically this was realised by disconnecting the pump or heating from the power supply during the experiment. Note that the external input sequences changed if compared to the normal batch program shown in Figure 9.14. For example, as the pH in Tank B 1 did not go down near to time k = 25, the neutralisation controller simply remains giving the maximum command to Pump P 1 and continued as normally, after the pump returned to operation at time k = 50. The diagnostic Algorithm 8.2 is applied to these sequences yielding the results shown in Figure 9.18. As the diagnostic algorithm has already been running for some time before k = 0, the initial fault distribution is such that all components are known to be faultless at k = 0. It can be seen that the
284
9. Applications
Fig. 9.17. External input and output sequences in case of some faults.
faults occurring during this experiment are diagnosed correctly. Depending on the fault, it takes some time until a qualitative difference to the faultless behaviour occurs. For example, when the pump broke down for the first time, it takes some time until it becomes clear from the non–changing pH in Tank B1 that the pump is not operating. Later, when the neutralisation succeeded, it became clear that the pump must be faultless again. The diagnostic result is accordingly. Note that no probability appears for the acid fault because it has already been excluded, and due to the fault model, a
9.4 Fault Diagnosis Example
285
Fig. 9.18. Diagnostic result in case of some faults.
too low acid concentration in Tank B2 can only be present for all times but cannot occur during operation. The heating fault is also detected correctly. When the temperature dropped, it became clear that a heating fault must be present. It can be seen that multiple faults, like the simultaneous presence of a pump and a heating fault, can also be detected by the diagnostic algorithm.
286
9. Applications
9.5 Further Applications In the previous sections the application of the supervision approach based on quantised systems to a chemical plant has been explained in detail. In this section further application examples are outlined. Some of them are the result of cooperations with industrial partners. Fault Diagnosis of a Hydrogen Compressor Problem statement. The aim in this application example was to diagnose valve faults occurring in an industrial hydrogen compressor. For the compressor no numerical model was available. Instead archived measurement data as shown in Figure 9.19 over a period of almost two years was available.
Fig. 9.19. Measured variables of a hydrogen compressor for one week.
Motivation for using quantised systems. Valve faults have a qualitatively visible effect on the measurement sequences. To avoid time consuming manual analysis of the measurement data by the human operators, an automatic model–based diagnostic systems was to be installed. To avoid expensive and time consuming numerical modelling, the idea was to identify a qualitative model from the huge measurement archive by analysing which qualitative state transitions can occur during normal operation and which not. Furthermore, qualitative knowledge of the human operators about the behaviour in case of faults needed to be incorporated into the model. Conclusions. From the archived data, it was straightforward to identify the qualitative model. This means that a model for fault detection could be
9.5 Further Applications
287
derived at almost no costs. Also the qualitative knowledge of the operators could easily be incorporated into the model, which is a further advantage of the qualitative approach. The main problem was to guarantee the completeness of the obtained model as the archive might not cover all operating conditions. Several extensions were necessary to obtain good results in case of missing transitions of the model. A detailed description of this application example including diagnostic results obtained in this industrial environment is given in [97], [101]. Fault Diagnosis of a Common Rail Fuel Injection System Problem statement. The demand for on–board diagnosis in automotive system is recently growing due to stricter legal restraints and increasing safety requirements. In this context, new approaches to the on–board diagnosis of the common rail fuel injection systems shown in Figure 9.20 were investigated. The focus of this project was to detect and identify of faults possibly occurring in the power stage 10 (Figure 9.20) which drives the fuel injection valves 9. Furthermore, within the project, diagnosis based on stochastic discrete–time abstractions was compared to diagnosis using nondeterministic discrete–event abstractions of the system.
Fig. 9.20. Common rail fuel injection system.
Motivation for using quantised systems. The reasons for using a quantised system approach were twofold. Firstly, a model–based and dynamical method was needed to reliably detect and identify faults occurring in the
288
9. Applications
system. Secondly, the system is fast with time constants of a few µs. Therefore, simplicity was compulsory, in particular because of the limited on–board computational resources. Conclusions. All considered faults were reliably detected and identified. The comparison of the two approaches has shown that most faults are detected by both methods. Some faults were identified faster and more reliable with the stochastic discrete–time approach, because it contains temporal information rather than only the order in which events occur. On the other hand, the event–based models were less complex, i.e. they had less transitions to be stored and do not use probabilities. For results of this project cf. [50], [52]. The comparison of the two methods at the common rail example is given in [92]. Fault Diagnosis of a Manufacturing Cell Problem statement. Another application example for fault diagnosis is given by the manufacturing cell shown in Figure 9.21. The problem in this application is as follows. Assume that Transportation 1 incidentally grasps a wrong material. Assume further that this fault cannot be detected from the measurement before the material is used for production, which is represented by a heating in this example. The fault can only be detected at the end of production from the measurements of Transportation 2, but at that time Transportation 1 works correctly again. Transportation 1
Temperature sensor 1
Material 1 Material 2
Transportation 2 Heating
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ þþþþþþþþþþþþþþþ þþþþþþþþþþþþþþþ ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ þþþþþþþþþþþþþþþ
0m
Conveyor belt
Temperature sensor 2
3m
Fig. 9.21. Scheme of a manufacturing cell.
Motivation for using quantised systems. For manufacturing processes like the above, it is a typical situation that discrete processes coexist with continuous process. This means that manufacturing process are typically hybrid system. Numerically, such systems are difficult to handle and, so far, no approaches are known that provide a general solution to the diagnostic problem for hybrid systems. Therefore, the approach for solving the diagnostic problem in this application was to abstract the continuous subsystems to
9.5 Further Applications
289
a discrete–event model in form of a stochastic automaton and to solve the diagnostic problem on a symbolical level. Conclusions. The main problem to be solved for this application was that the estimate of the probability Prob([e(k)] | [U (0 . . . k)], [Y (0 . . . k)]) cannot reveal the fault in this case, as the measurement sequences do not reveal a fault currently occurring in the system but a fault that occurred several time instances ago. Therefore, faults that occurred in the past had to be considered for diagnosis. The extension of the qualitative diagnostic algorithm that was necessary for this application is briefly described in Section 5.8.1 and in more detail in [170] and [120]. With this extension, the diagnostic problem was solved and good results were obtained. Fault Diagnosis of a Ship Propulsion System Problem statement. The diagnostic algorithm was applied to the propulsion system of a ferry ship. This example was elaborated as benchmark for numerical nonlinear diagnostic approaches within the scope of the european COSY project [73]. The aim was to detect different faults occurring in the system of which a block diagram is shown in Figure 9.22. The benchmark completely defines all numerical models. Furthermore, the models are parameterised with real measurements obtained from a ferry ship. Motivation for using quantised systems. In this example, the aim was the comparison to other existing diagnostic approaches that use numerical methods. The qualitative approach was applied to the system without introducing any simplifications, sticking to the nonlinear variant of the benchmark. Conclusions. Though the benchmark is challenging also for numerical approaches, the qualitative diagnosis could be applied successfully. Due to the complexity of the system a component–oriented approach had to be used. The qualitative approach proved to be very robust against the noise defined in the example. Finally, it shall be pointed out that the application of the qualitative approach to the benchmark was straightforward. In contrast to nonlinear diagnostic approaches, no particular observer design was necessary. Only the quantisation of all variables had to be designed to abstract the qualitative models. The results of this application are given in [66]. For results obtained with numerical approaches cf. [72]. Fault–Tolerance of a Stirred Tank Reactor Problem statement. In another application example, the stirred tank reactor B1 of the titration and neutralisation plant shown in Figure 9.1 was
290
9. Applications
handle position
engine mode select
Co-ordinated control θcom
n com
θcorr
Overload control νY
Ym
ÿþ
Governor
nm
ÿÿþþ
n ref -
Propeller pitch controller
∆n
νn
∆k y
θ
Qf
Diesel dynamics
-
.
∆θinc
Q eng
Shaft dynamics
Q
ÿþ
n
ÿþ
prop
Va
θm
T ext T prop
Propellercharacteristics
θ ref
Ship-speed dynamics
∆θ
νθ
νU
Um
Q prop
Speed to water
Fig. 9.22. COSY benchmark for fault diagnosis of a ship propulsion system.
considered. The configuration shown in Figure 9.23 was used. The task of the shown process is to heat the liquid pumped with a changing and immeasurable temperature between 20 ◦ C and 70◦ C into the tank, such that the outflowing liquid has a constant temperature of about 70 ◦ C. A dual mode controller is used to keep the liquid level between 30cm and 40cm and another for the temperature control. The supervision task to be solved is to maintain the control aim also in presence of a fault, taking into account a fault in the heating system, a faulty outlet valve or a too hot inflow. Therefore, two additional inflows can be used by the supervisor. Motivation for using quantised systems. In combination with the dual mode controllers the reactor is a hybrid system. Using numerical methods is very difficult, as the fault diagnosis and the observation of an unknown input and unknown controller states must lead to the discrete decision whether to use the additional inputs or not. Conclusions. The use of a qualitative approach turned out to be very useful in this example. The diagnostic algorithm was applied to the system with an additional supervision block that generates the command for the additional inflows such that it keeps the system with the highest probability within its desired mode. In case that no fault is present, the best command is to use none of the additional inflows, whereas in case of a fault, automatically the correct additional inflow is invoked. The results of this application are given in [169].
9.5 Further Applications
fault-tolerance inputs
pump
{half,full} power
291
liquid 20°C
liquid 90°C temperature sensor
ϑ in
20..70°C 40
ϑ
h
level sensor temperature controller 69..71°C
30 Contr. 20 Contr.
heating elements
level controller 30-40cm
0
stirred reactor
{off, on}
outlet valve
{half, completely} open
Fig. 9.23. Scheme of the stirred tank reactor.
Hybrid Control of a Neutralisation Process Problem statement. The task is to neutralise the liquid in a stirred tank reactor by using hydrochloric acid (HCl) and sodium hydroxide (NaOH) for different liquid levels and for different temperatures. For this application example the titration and neutralisation plant shown in Figure 9.1 was used. Motivation for using quantised systems. It is well known that the strong nonlinearity of the neutralisation reaction requires a nonlinear controller [42]. The design of such a controller can be difficult in practice, in particular if no numerical model of the process is known. Therefore, the aim was to investigate an alternative approach to systematically design a controller for neutralisation without need of an accurate numerical model. Conclusions. The approach is shown in Figure 9.24. The idea is to combine a linear controller which neutralises the liquid near the neutral point pH = 7 with a qualitative controller which brings the pH into the regions in which the linear controller operates. For this task, the qualitative controller uses a qualitative model of the process to predict the near future. Similar to a model–predictive controller, the qualitative controller selects, based on the prediction, the best input, where one of the inputs means to switch to linear control. In this combination, the scheme represents a hybrid controller for which the design is separated into a linear design using standard techniques and a qualitative design based on rough models or expert knowledge. By
292
9. Applications
qualitative level
additionally measured qualitative process variables Hybrid Controller [w]
Process supervision component [u]
numerical level
Quantiser
w
-
Quantiser
Injector
Linear controller
[y]
u
Plant
y
Fig. 9.24. Hybrid controller for neutralisation.
using this hybrid controller, good results for all operating conditions were obtained [124]. Conclusions on the Application Examples The above application examples have shown the usefulness of the quantised system approach before very different technical backgrounds. Remarkable is that in all examples the only effort was to derive a numerical model. Once such a model was derived, the further steps, i.e. the abstraction of the qualitative model and the application of the supervision algorithm, simply meant to use the appropriate algorithm of the QuaMo–Toolbox. If compared to other approaches, however, modelling was still simple. This is because the qualitative modelling approach allows to use rough models based on first principles. Furthermore, it allows to easily incorporate uncertainties and hybrid dynamics. Thus, in all cases the supervision task could be solved with a minimum effort and with practically applicable results.
10. Summary and Conclusions
Summary A new approach for the solution to process supervision tasks has been presented. The main idea has been to simplify the task in three ways: 1. Reduction of information by quantisation of all signals. 2. Abstraction to a purely discrete model – a stochastic automaton. 3. Component–oriented modelling by automata networks. New theoretical concepts as well as a collection of methods for the practical application have been presented. Novel theoretical results are: • The quantised system has been introduced as stochastic process and represented by the Frobenius–Perron or Foias operators. • A qualitative model in form of a stochastic automaton has been used as concise abstraction of the quantised system. Its simplicity, completeness and convergence to a precise representation has been shown. • Component–oriented qualitative modelling by means of stochastic automata network has been introduced. • General solutions to the state observation and fault diagnostic problems for stochastic automata and automata networks have been presented. • A novel notion of observability and diagnosability of stochastic automata has been introduced. For the practical application the most important contributions of the book can be summarised as follows: • Solutions to the state observation and fault diagnostic tasks for quantised systems have been presented. • The methods needed for the practical application of the supervision approach have been given in algorithmic form. This includes: – Methods for the computation of qualitative models. – Observation and diagnostic algorithms for stochastic automata and quantised systems. – A composition algorithm for automata networks. – Observation and diagnostic algorithms for networks of quantised systems. J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 293-269, 2003. Springer-Verlag Berlin Heidelberg 2003
294
10. Summary and Conclusions
A Conceptual Summary of the Book The following summarises the concepts of the book in more detail. Reduction of information by quantisation. The main idea of the proposed method has been to reduce the amount of information to an extent just detailed enough for the solution to supervision tasks. This has been done by signal quantisation and abstraction. Quantisation refers to a quantisation of the signal value as well as to a quantisation of time. Throughout the book periodical sampling has been used. That is, a constant time Ts lies between neighbouring samples. By changing the sampling time or the granularity of the value quantisation, the original signal can be represented as fine as necessary. Nondeterminism, a matter of fact. In has been shown that reducing information by value quantisation entails a new perspective on dynamical systems. It introduces uncertainty in the sense that it becomes impossible to unambiguously predict the future behaviour of the quantised system, even if the underlying continuous–variable system was precisely known. This nondeterminism is a consequence of quantisation. It has been proved that it can, in general, not be avoided and must, therefore, be accepted as a natural consequence of information reduction. As a matter of fact, formalising the behaviour of the quantised system yields a nondeterministic mathematical description. In the book a stochastic description has been used, yielding not only the different possibilities of future behaviour, but additionally their probability. Stochastics has been used instead of other representation forms of uncertain knowledge like fuzzy logic or purely nondeterministic automata mainly due to the following reasons: 1. Probability theory is well developed, offers powerful mathematical tools and results in compact representations. 2. The developed stochastic methods are more general because they can easily be reduced to corresponding non–stochastic methods, used e.g. in database theory, by neglecting the probabilities. 3. Probability has a well defined semantics, corresponding to the frequency of occurrence of a certain result with respect to all other possible outcomes of a random experiment. Reduction of information by abstraction. The heterogeneous structure of the quantised system, consisting of an injector, a dynamical system and a quantiser yields a mathematical description which is too complicated to solve supervision tasks with reasonable effort. Therefore, it has been necessary to abstract quantised systems to stochastic automata. A method has been developed that yields a stochastic automaton for a given quantised system. The main idea of the approach has been to quantise the states x and to identify each automaton state with one quantised state [x]. The obtained stochastic
10. Summary and Conclusions
295
automaton is called qualitative model of the quantised system. Methods have been provided to compute the qualitative model for a huge class of nonlinear and hybrid systems. It has been shown that the qualitative model is no precise representation of the quantised system. This is because a stochastic automaton is a Markov model whereas the quantised system does in general not possess the Markov property. Nevertheless, the qualitative model is concise and has the important completeness property allowing to interpret results obtained from the model for the quantised system. That is, the qualitative model is a conservative approximation in the sense that the sets of states or outputs predicted by the model overestimate the real sets given by the quantised system. Furthermore, the qualitative model can describe the quantised system as precisely as necessary, converging to a precise representation by using increasingly finer state quantisation. Solution to the observation task. Observation with respect to the quantised system concerns the task to identify the quantised state [x] given a measured sequence of quantised inputs [U ] and outputs [Y ]. The solution to this task has been obtained by reformulating the problem for stochastic automata. Then the task is to identify the automaton state z, given a sequence of automaton input symbols V and output symbols W , where the automaton inputs and outputs are associated with the corresponding quantised input and output sequences [U ] and [Y ]. From the results obtained for z, the quantised state [x] is derived, as completeness of the automaton guarantees that the observed states z conservatively approximate the regions of the quantised states [x]. Solution to the diagnostic task. Diagnosis of the quantised system means to identify the quantised fault [e] from a given measured sequence of quantised inputs [U ] and outputs [Y ]. To solve this task, first the influence of a fault on the quantised system has been described. This has been done by extending the definitions of the quantised system and the qualitative model so as to include the effect of faults. With this, the diagnostic task has been solved on a symbolical level using the stochastic automaton. Completeness allows to conclude from faults f occurring due to the qualitative model onto the faults [e] occurring in the system. Quality of the supervision results. Solving the supervision problem has led to an inclusion of the states or faults, respectively. However, this inclusion can be too conservative for practical applications. The question how much information about the system is contained in the quantised measurements concerns the observability and the diagnosability of the quantised system. Both properties have been investigated for the stochastic automaton. It has been shown that unobservability or undiagnosability of the qualitative model provides necessary conditions for the corresponding property of the quantised system.
296
References
Component–oriented modelling and supervision. It has turned out that one of the major issues concerning the application of the symbolical methods is their combinatorial complexity. This problem has been overcome by decomposing the quantised system into quantised subsystems. From each quantised subsystem a qualitative model is abstracted, resulting in a network of stochastic automata completely approximating the overall quantised system on a symbolical level. It has been shown that the supervision task is solved by processing the available information in the automata network and interpreting the result for the quantised system.
Concluding Remarks The book has presented a new approach for process supervision. The approach differs significantly from classical methods and offers completely new perspectives on the practical application and future research. The main difference is that the level of abstraction, i.e. the extend to which details are ignored is adjustable. With a fine temporal quantisation and a fine quantisation of signals, the results are comparable to those of classical approaches based on continuous–variable models. On the other hand, for large sampling intervals and rough signal quantisation, the level of rule–based approaches is reached. Hence, the methods allows the engineer to design solutions to supervision tasks with a huge bandwidth of possible abstraction levels at hand. However, the book is only a first step in this new field. Now it is important to extend the methods in several ways to improve their applicability. These could be, for example, deeper studies of automata networks, studies on the diagnosability of faults in a network or methods for the use of Foias operators as a compact substitute of stochastic automata. Impulses from a variety of practical applications are necessary to determine the direction for future research in this field. Because of the many advantages of the presented methods for the solution to supervision tasks if compared to classical approaches, it is believed that the quantised systems approach will lead to many interesting future applications.
References
1. Aguirre, L., A. Ramirez and O. Begovich: Design of asymptotic observers for discrete event systems modelled by interpreted Petri nets. in Proc. of the IASTED Intern. Conf. on Intelligent Systems and Control, pages 188–193, Santa Barbara, 1999. 2. Antsaklis, P., X. Koutsoukos and J. Zaytoon: On hybrid control of complex systems: A survey. in Proceedings of the 3rd International Conference on Automation of Mixed Processes: Hybrid Dynamical Systems, pages 1023–1045, 1998. 3. Antsaklis, P. and M. Lemmon (Eds.): Hybrid Systems V. Springer–Verlag, Berlin Heidelberg, 1997. 4. Armengol, J., J. Vehi, L. Trave-Massuyes and M. A. Sainz: Interval model– based fault detection using multiple sliding time windows. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 168–173, Budapest, 2000. 5. Askari-Marnani, J., B. Heiming and J. Lunze: Control reconfiguration: The COSY benchmark problem and its solution by means of a qualitative model. Report 99.12, Institute of Control Engineering, Techn. Univ. Hamburg– Harburg, 1999. 6. Astrid, P.: Application of an interval observer to a biogas tower reactor. Master Thesis, Report 2000.14, Institute of Control Engineering, Techn. Univ. Hamburg–Harburg, 2000. 7. Astr¨ om, K. and B. Bernhardsson: Comparison of periodic and event based sampling for first–order stochastic systems. in Proceedings of 14th World Congress of IFAC, Vol. J, pages 301–302. IFAC, 1999. 8. Atzeni, P. and V. de Antonellis: Relational Database Theory. The Benjamin Cummings Publishing Company, Redwood City, California, 1993. 9. Aulbach, B.: Continuous and Discrete Dynamics near Manifolds of Equilibria. Springer–Verlag, Berlin Heidelberg, 1984. 10. Baccelli, F., G. Cohen, G. Olsder and J. Quadrat: Synchronization and Linearity - An Algebra for Discrete Event Systems. John Wiley & Sons, Chichester, 1992. 11. Basseville, M. and I. Nikiforov: Detection of Abrupt Changes: Theory and Application. Information and System Sciences Series, Prentice Hall, 1993. 12. Bemporad, A., G. Ferrari-Trecate and M. Morari: Observability and controllability of piecewise affine and hybrid systems. IEEE Transactions on Automatic Control, 45, pages 1864–1876, 2000. 13. Benedetto, M. D. and A. Sangiovanni-Vincentelli: Hybrid Systems: Computation and Control, Vol. 2034 of LNCS, Springer–Verlag, Berlin Heidelberg, 2001. 14. Blanke, M., C. Frei, F. Kraus, R. Patton and M. Staroswiecki: Fault-tolerant Control Systems, Chapter 8. Springer–Verlag, London, pages 165–189, 2000. J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 297-306, 2003. Springer-Verlag Berlin Heidelberg 2003
298
References
15. Blanke, M., M. Kinnaert, J. Lunze, M. Staroswiecki, Diagnosis and Fault– Tolerant Control, Springer–Verlag, Berlin Heidelberg, 2002 (to appear). 16. Bochmann, D. and C. Posthoff: Bin¨ are dynamische Systeme. R. Oldenbourg Verlag, M¨ unchen Wien, 1981. 17. B¨ ocker, J., I. Hartmann and C. Zwanzig: Nichtlineare und adaptive Regelungssysteme. Springer–Verlag, Berlin Heidelberg, 1986. 18. B¨ ohling, K. and G. Dittrich: Endliche stochastische Automaten. Wissenschaftsverlag, Mannheim, 1972. 19. B¨ oker, G. and J. Lunze: Freeway traffic state estimation with floating-cardata. in 1st IFAC Conference Telematics Applications in Automation and Robotics TA 2001, VDI/VDE-GMA, 2001. 20. Borkar, V.: Topics in Controlled Markov Chains. Longman Scientific and Technical, 1991. 21. Boyarsky, A. and P. Gora: Laws of Chaos. Birkh¨ auser, Boston, 1997. 22. Branicky, M., V. Borkar and S. Mitter: A unified framework for hybrid control: Model and optimal control theory. IEEE Transactions on Automatic Control, 43, pages 31–45, 1998. 23. Bukharaev, R.: Theorie der stochastischen Automaten. B.G. Teubner, Stuttgart, 1995. 24. Carlyle, J.: State–calculable stochastic sequential machines, equivalences and events. Switching circuit theory and logic. in IEEE Conf. Rec. Switch. Circuit Th. and Logic Design, pages 865–870, 1965. 25. Carlyle, J.: Stochastic finite–state system theory. McGraw–Hill, pages 387– 424, 1969. 26. Carr, J.: Applications of Centre Manifold Theory. Springer–Verlag, New York, 1981. 27. Cellier, F.: Continuous System Modelling. Springer–Verlag, New York, 1991. 28. Cheung, J. and G. Stephanopoulos: Representation of process trends - part I. Computers and Chemical Engineering, 14, pages 495–510, 1990. 29. Chow, E. and A. Willsky: Analytical redundancy and the design of robust failure detection systems. IEEE Transactions on Automatic Control, 29, pages 603–614, 1984. 30. Cislak, R., C. Desclaux, A. Fawaz and P. Varaiya: Supervisory control of discrete–event processes with partial observation. IEEE Transactions on Automatic Control, 33, pages 249–260, 1988. 31. Clark, R. N.: Instrument fault detection. IEEE Trans. Aero. and Electr. Syst., 14, pages 456–465, 1978. 32. Coghill, G. and M. Chantler: MYCROFT: A framework for qualitative reasoning. in Intelligent Systems Engineering. IEE, Conference Publication, 395, 1994. 33. Cordier, M. and C. Dousson: Alarm driven monitoring based on chronicles. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 286–291, Budapest, 2000. 34. Davis, M.: The universal computer: The road from Leibnitz to Turing. Norton, 2000. 35. deKleer, J. and J. Brown: A qualitative physics based on confluences. Artificial Intelligence, 24, 1984. 36. Delchamps, D.: Extracting state information from a quantized output record. Systems and Control Letters, 13, pages 365–372, 1989. 37. Dellnitz, M. and O. Junge: On the approximation of complicated dynamical behaviour. SIAM Journal on Numerical Analysis, 36, pages 491–515, 1999.
References
299
38. Ding, J. and A. Zhou: Finite approximations of Frobenius–Perron operators. A solution of Ulam’s conjecture to multi–dimensional transformations. Physica D, 92, pages 61–68, 1996. 39. Doob, J.: Measure Theory. Springer–Verlag, New York, 1994. 40. Dousson, C. and T. Duong: Discovering chronicles with numerical time constraints from alarm logs for monitoring dynamic systems. in Proc. of the 16th IJCAI, pages 620–626, 1999. 41. Doyle, J., B. Francis and A. Tannenbaum: Feedback Control Theory. MacMillan Publishing, USA, 1991. 42. Draeger, A., S. Engell, F. Hanisch and K.-U. Klatt: An experimental comparison of nonlinear controllers for a neutralisation process. Automatisierungstechnik, 47, pages 350–357, 1999. 43. Eginlioglu, P.: Sound Abstraction of Quantised Systems. Study Thesis, Report 2000.9, Institute of Control Engineering, Techn. Univ. Hamburg–Harburg, 2000. 44. Ehring, H.: Universal Theory of Automata. Teubner Studienb¨ ucher, Informatik, B.G. Teubner, Stuttgart, 1974. 45. Elliot, R. J., L. Aggoun and J. B. Moore: Hidden Markov Models: Estimation and Control. Springer, New York, 1995. 46. Engell, S., S. Kowalewski, J. Preißig and O. Stursberg: Verification of logic controllers for continuous plants using timed condition/event–system models. Automatica, 35, pages 505–518, 1999. 47. Finkas, H.: Komposition von qualitativen Modellen dynamischer Systeme. Diploma Thesis, Report 96.10, Institute of Control Engineering, Techn. Univ. Hamburg–Harburg, 1996. 48. Fischer, J. and E. Kreuzer: Generalized cell mapping for randomly perturbed dynamical systems. ZAMM, 2000. 49. F¨ ollinger, O.: Regelungstechnik. H¨ uthig Verlag, Heidelberg, 1990. 50. F¨ orstner, D.: Qualitative Modellierung f¨ ur die Prozeßdiagnose und deren Anwendung auf Dieseleinspritzsysteme. PhD Thesis, Techn. Univ. Hamburg– Harburg, 2001. 51. F¨ orstner, D. and J. Lunze: A discrete–event abstraction of continuous– variable systems with asynchronous inputs. in Proc. 3rd IMACS Symposium on Mathematical Modelling, pages 449–452, 2000. 52. F¨ orstner, D. and J. Lunze: Discrete–event models of quantised systems for diagnosis. International Journal of Control, 74, pages 690–700, 2001. 53. Frank, P. M.: Diagnosis in Dynamical Systems via State Estimation – A Survey. Vol. 1, D. Reidel Publishing Company, pages 35–98, 1987. 54. Frank, P. M.: Analytical and qualitative model–based fault diagnosis – A survey and some new results. European Journal of Control, 2, pages 6–28, 1996. 55. Franke, D.: On the use of reduced observers in discrete systems with a finite number of states – an arithmetic approach. in 5th Intern. Symposium on Application of Multivariable System Techniques, 1994. 56. Freedman, D.: Markov Chains. Springer, New York, 1983. 57. Froyland, G.: Ulam’s method for random interval maps. Nonlinearity, pages 1029–1052, 1999. 58. Gertler, J.: Fault Detection and Diagnosis in Engineering Systems. Marcel Dekker, New York, 1998. 59. Gertler, J. and R. Monajemy: Generating directional residuals with dynamic parity equations. in 12th IFAC World Congress, pages 505–510, 1993. 60. Grossman, R., A. Nerode, A. Ravn and H. Rischel: Hybrid Systems. Springer– Verlag, Berlin Heidelberg, 1993.
300
References
61. Guder, R.: Adaptive Zellabbildung. PhD Thesis, Techn. Univ. Hamburg– Harburg, 2000. 62. Guder, R., M. Dellnitz and E. Kreuzer: Numerical approximation of invariant measures and error estimates. Chaos Solitons and Fractals, 8, pages 525–534, 1997. 63. Halm¨ os, P. R.: Measure Theory. Springer–Verlag, New York, 1974. 64. Hamscher, W., L. Console and J. deKleer: Readings in Model–Based Diagnosis. Morgan Kaufmann, 1992. 65. Heiming, B.: Parallele Prozeßdiagnose auf der Grundlage einer qualitativen Systembeschreibung, VDI Fortschrittberichte, Vol. 8, 817, VDI Verlag, D¨ usseldorf, 2000. 66. Herrmann, D.: Qualitative Fehlerdiagnose im Automatennetz am COSY Ship Propulsion Benchmark. Diploma Thesis, Report 2000.18, Institute of Control Engineering, Techn. Univ. Hamburg–Harburg, 2000. 67. Hopcroft, J. and J. Ullman: Introduction to Automata Theory, Languages and Computation. Addison–Wesley, Reading, 1979. 68. Hotzel, W., N. Lehmkuhl and B. Werner: The Spectrum of the FrobeniusPerron Operator and its Discretization for Circle Diffeomorphisms. Techn. Report Preprint 160, Dep. of Mathematics, Univ. of Hamburg, 2001. 69. Hsu, C.: Cell–to–Cell Mapping. Springer–Verlag, Berlin Heidelberg, 1987. 70. Isermann, R.: Process fault detection based on modeling and estimation methods – A survey. Automatica, 20, pages 387–404, 1984. 71. Isidori, A.: Nonlinear Control Systems: An Introduction. Lecture Notes in Control and Information Sciences. Springer–Verlag, Berlin Heidelberg, 1995. 72. Isidori, A., K. J. Astr¨om, M. Blanke, W. Schaufelberger, P. Albertos and R. Sanz: Control of Complex Systems. Springer–Verlag, London, 2001. 73. Izadi–Zamanabadi, R. and M. Blanke: A ship propulsion system as a benchmark for fault–tolerant control. Control Engineering Practice, 7, pages 227– 239, 1999. 74. Jacobs, K.: Discrete Stochastics. Birkh¨ auser Verlag, Basel, 1992. 75. Jensen, F. V.: An introduction to Bayesian Networks. UCL Press, 1996. 76. Kane, T.: Reasoning with Uncertainty using Nilsson’s Probabilistic Logic and the Maximum Entropy Formalism. Heriot–Watt University, 1992. 77. Kazantzis, N. and C. Kravaris: System–theoretic properties of sampled data representations of nonlinear systems obtained via Taylor–Lie series. International Journal of Control, 67, pages 997–1020, 1997. 78. Kiryaman, A. K. and J. Schr¨oder: Modelling of the Titration and Neutralisation Plant. Report 2000.30, Institute of Control Engineering, Techn. Univ. Hamburg–Harburg, 2000. 79. Kleczka, W.: Symbolmanipulationsmethoden zur Analyse nichtlinearer dynamischer Systeme am Beispiel Fluid–gekoppelter Strukturen. PhD Thesis, Techn. Univ. Hamburg–Harburg, 1994. 80. Kluwe, M., V. Krebs, J. Lunze and H. Richter: Rekonstruktion qualitativer Prozeßzust¨ ande durch ereignisdiskrete Beobachter. Automatisierungstechnik, 43, pages 289–296, 1995. 81. K¨ onig, R. and L. Qu¨ ack: Petri-Netze in der Steuerungstechnik. VEB Verlag Technik, Berlin, 1989. 82. Koplon, R. and E. Sontag: Linear systems with sign–observations. SIAM J. of Control and Optimization, 31, pages 1245–1266, 1993. 83. Kornoushenko, E.: Finite–automaton approximation to the behaviour of continuous plants. Automation and Remote Control, pages 2068–2074, 1975. 84. Koutsoukos, X., P. Antsaklis, J. Stiver and M. Lemmon: Supervisory control of hybrid systems. In Proceedings of the IEEE, 88, pages 1026–1049, 2000.
References
301
85. Kowalewski, S.: Modulare diskrete Modellierung verfahrenstechnischer Anlagen zum systematischen Steuerungsentwurf. PhD Thesis, Universit¨at Dortmund, Lehrstuhl f¨ ur Anlagensteuerungstechnik, 1996. 86. Krapp, M.: Digitale Automaten. Verlag Technik, Berlin, 1991. 87. Kreuzer, E.: Numerische Untersuchung nichtlinearer dynamischer Systeme. Springer–Verlag, Berlin Heidelberg, 1987. 88. Krogh, B. H. and A. Chutinan: Hybrid systems: Modelling and supervisory control. in Advances of Control, ECC 1999, Springer–Verlag, London, pages 227–246, 1999. 89. Kuipers, B.: Qualitative simulation. Artificial Intelligence, 29, pages 289–338, 1986. 90. Kuipers, B.: Qualitative Reasoning. MIT-Press, Cambridge, Massachusetts, 1994. 91. Kushner, H. and P. Dupuis: Numerical Methods for Stochastic Control Problems in Continuous Time. Springer-Verlag, New York, 1992. 92. Kwiatkowski, A.: Vergleich der Diagnose mit zeitdiskreten und ereignisdiskreten qualitativen Modellen am Beispiel des Common–Rail–Dieseleinspritzsystems. Diploma Thesis, Report 99.22, Institute of Control Engineering, Techn. Univ. Hamburg–Harburg, 1999. 93. Lafferriere, G., G. Pappas and S. Sastry: Reachability analysis of hybrid systems using bisimulations. in Proceedings of the 37th Conference on Decision and Control, pages 1623–1628, 1998. 94. Lafortune, S. and E. Chen: A relational algebraic approach to the representation and analysis of discrete event systems. in Proceedings of the American Control Conference, pages 2893–2898, 1991. 95. Lasota, A. and M. Mackey: Chaos, Fractals, and Noise - Stochastic Aspects of Dynamics. Springer–Verlag, New York, 1994. 96. Li, T.: Finite approximation for the Frobenius–Perron operator. A solution to Ulam’s conjecture. Journal of Approximation Theory, 17, pages 177–186, 1976. 97. Lichtenberg, G.: Theorie und Anwendung der qualitativen Modellierung zeitdiskreter dynamischer Systeme durch nichtdeterministische Automaten. VDI Fortschrittberichte, Vol. 8, 686. VDI Verlag, D¨ usseldorf, 1998. 98. Lichtenberg, G. and S. Kamau: A classification of the input–output behaviour of hybrid systems. in Proceedings of European Control Conference, 2001. 99. Lichtenberg, G. and J. Lunze: Observation of qualitative states by means of a qualitative model. International Journal of Control, 66, pages 885–903, 1997. 100. Lichtenberg, G., J. Lunze and J. Raisch: Zwei Wege zur Modellierung des qualitativen Verhaltens dynamischer Systeme. Automatisierungstechnik, 47, pages 187–197, 1999. 101. Lichtenberg, G., J. Lunze, R. Scheuring and J. Schr¨oder: Prozeßdiagnose mittels qualitativer Modelle am Beispiel eines Wasserstoffverdichters. Automatisierungstechnik, 47, pages 101–109, 1999. 102. Lichtenberg, G., J. Lunze and J. Schr¨oder: QuaMo–Toolbox f¨ ur Matlab/ Simulink. Automatisierungstechnik, 45, pages 442–443, 1997. 103. Lichtenberg, G. and A. Steele: An approach to fault diagnosis using parallel qualitative observers. in Workshop on Discrete Event Systems, pages 290–295, Edinburgh, 1996. 104. Lin, F. and W. Wonham: On observability of discrete-event systems. Information Sciences, 44, pages 173–198, 1988. 105. Lootsma, T.: Observer–based Fault Detection and Isolation for Nonlinear Systems. PhD Thesis, Aalborg University, 2001.
302
References
106. Lu, H., B. Ooi and K. Tan: Query Processing in Parallel Relational Database Systems. IEEE Computer Society Press, Los Alamitos California, 1994. 107. Luenberger, D.: An introduction to observers. IEEE Transactions on Automatic Control, 16, pages 596–602, 1971. 108. Lunze, J.: K¨ unstliche Intelligenz f¨ ur Ingenieure. Band 1. Oldenbourg–Verlag, M¨ unchen, 1994. 109. Lunze, J.: Qualitative modelling of linear dynamical systems with quantised state measurements. Automatica, 30, pages 417–431, 1994. 110. Lunze, J.: K¨ unstliche Intelligenz f¨ ur Ingenieure. Band 2. Oldenbourg-Verlag, M¨ unchen, 1995. 111. Lunze, J.: On the markov property of quantised state measurement sequences. Automatica, 34, pages 1439–1444, 1998. 112. Lunze, J.: Regelungstechnik. Springer–Verlag, Berlin Heidelberg, 1999. 113. Lunze, J.: Diagnosis of quantised systems. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 28–39, Budapest, 2000. 114. Lunze, J.: Diagnosis of quantised systems based on a timed discrete-event model. IEEE Transactions on Systems, Man, and Cybernetics, Part A, 30, pages 322–335, 2000. 115. Lunze, J.: Introduction to Qualitative Methods for Fault Detection. Lecture Notes 2000.16, Institute of Control Engineering, Techn. Univ. HamburgHarburg, 2000. 116. Lunze, J., B. Nixdorf and J. Schr¨oder: Deterministic discrete–event representations of linear continuous–variable systems. Automatica, 35, pages 395–406, 1999. 117. Lunze, J., B. Nixdorf and J. Schr¨oder: A unified approach to the representation of discrete–time and discrete–event quantised systems. in ECC 99 Proceedings of the European Control Conference, Karlsruhe, 1999. 118. Lunze, J., B. Nixdorf and J. Schr¨oder: On the Nondeterminism of Discrete– event Representations of Continuous–Variable Systems. Report 97.20, Institute of Control Engineering, Techn. Univ. Hamburg-Harburg, 1997. 119. Lunze, J. and F. Schiller: An example of fault diagnosis by means of probabilistic logic reasoning. Control Engineering Practice, 7, pages 271–278, 1999. 120. Lunze, J., F. Schiller and J. Schr¨oder: Diagnosis of transient faults in quantised systems. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 1174–1179, Budapest, 2000. 121. Lunze, J. and J. Schr¨oder: Sound abstraction of quantised systems. in ECC 01, Proceedings of the European Control Conference, Porto, 2001. 122. Lunze, J., J. Schr¨oder and P. Supavatanakul: A graduate course on qualitative modelling and process supervision. in ECC 2001, Proceedings of the European Control Conference, Porto, 2001. 123. Lunze, J. and J. Schr¨oder: Sensor and Actuator Fault Diagnosis of Quantised Systems. in ECC 01, Proceedings of the European Control Conference, Porto, 2001. 124. Lunze, J. and J. Schr¨oder: Hybride Regelung eines Neutralisationsprozesses. Automatisierungstechnik, 49, pages 160–167, 2001. 125. Lunze, J., J. Schr¨oder and P. Supavatanakul: Diagnosis of discrete event systems: The method and an example. in Proceedings of the Workshop on Principles of Diagnosis, DX’01, pages 111–118, Via Lattea, 2001. 126. Lunze, J. and J. Schr¨oder: State observation and diagnosis of discrete-event systems described by stochastic automata. Discrete Event Dynamic Systems: Theory and Applications, 11, pages 319–369, 2001.
References
303
127. Lunze, J. and J. Schr¨oder: Diagnosis based on symbolic dynamical models. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 280–285, Budapest, 2000. 128. Lunze, J. and J. Schr¨oder: State observation and diagnosis of discrete–event systems described by stochastic automata. Report 2000.7, Institute of Control Engineering, Techn. Univ. Hamburg-Harburg, 2000. 129. Lunze, J. and J. Schr¨oder: Diagnosis of discrete–event systems described by stochastic automata. in Proceedings of 45th International Scientific Colloquium, pages 85–90, Ilmenau, 2000. 130. Lunze, J. and J. Schr¨oder: Sensor and actuator fault diagnosis of systems with discrete inputs and outputs. IEEE Transactions on System, Man and Cybernetics, 2002 (submitted). 131. Lunze, J. and J. Schr¨oder: Process diagnosis based on a discrete–event description. Automatisierungstechnik, 47, pages 358–365, 1999. 132. Lunze, J. and J. Schr¨oder: Qualitative diagnosis of the three–tanks system. in ECC 99 Proceedings of the European Control Conference, Karlsruhe, 1999. 133. Lunze, J. and J. Schr¨oder: Application of qualitative observation and prediction to a neutralisation process. in Proceedings of 14th IFAC Congress, Vol I, pages 49–54, Beijing, 1999. 134. Lunze, J. and T. Steffen: Reconfigurable control of a quantised system. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 822–827, Budapest, 2000. 135. Milanese, M. and A. Vicino: Optimal estimation theory for dynamic systems with set membership uncertainty – an overview. Automatica, 27, pages 997– 1009, 1991. 136. Mosterman, P., R. Kapadia and G. Biswas: Using bond graphs for diagnosis of dynamic physical systems. in Proceedings of DX–95, pages 81–85, 1995. 137. Nenninger, G., B. Nixdorf, V. Krebs and J. Lunze: Erreichbarkeitsanalyse hybrider Systeme. Automatisierungstechnik, 49, pages 75–85, 2001. 138. Nixdorf, B.: Discrete–Event Qualitative Modelling and Control. PhD Thesis, Techn. Univ. Hamburg–Harburg, 2002 (submitted). 139. Nixdorf, B. and J. Lunze: Representation of hybrid systems by means of stochastic automata. Mathematical and Computer Modelling of Dynamical Systems, 2001(submitted). ¨ 140. Ozveren, C. and A. Willsky: Observability of discrete-event dynamic systems. IEEE Transactions on Automatic Control, 35, pages 797–806, 1990. 141. Palm, R., D. Driankov and H. Hellendoorn: Model Based Fuzzy Control. Springer–Verlag, Berlin Heidelberg, 1997. 142. Patton, R. and J. Chen: A review of parity space approaches to fault diagnosis. in Proceedings of Safeprocess 91: 1st Symposium on Fault Detection, pages 239–255, 1991. 143. Patton, R. J. and J. Chen: in Proceedings of Safeprocess 97: 3rd Symposium on Fault Detection, University of Hull, 1997. 144. Patton, R. J., P. M. Frank and R. N. Clark: Fault Diagnosis in Dynamic Systems Theory and Application. Prentice Hall, New York, 1989. 145. Pearl, J.: Probabilistic Reasoning in Intelligent Systems: Network of Plausible Inference. Morgan Kaufmann Publishers, San Mateo, California, 1988. 146. Philips, P.: Modelling, Control and Fault Detection of Discretely-Observed Systems. PhD Thesis, Techn. Univ. Eindhoven, 2001. 147. Preisig, H.: Towards discrete event dynamic models of chemical processes. in CHEMECA, 1992.
304
References
148. Preisig, H. A., M. J. H. Pijpers and M. Weiss: A discrete modelling procedure for continuous processes based on state–discretisation. in Proc. 2nd IMACS Symposium on Mathematical Modelling, pages 189–194, 1997. 149. Preussig, J., O. Stursberg and S. Kowalewski: Reachability analysis of a class of switched continuous systems by integrating rectangular approximation and rectangular analysis. Lecture Notes in Computer Science: Computation and Control, 1569, pages 209–222, 1999. 150. Pronzato, L. and E. Walter: Minimum–volume ellipsoids containing compact sets: Application to paramater bounding. Automatica, 30, pages 1731–1739, 1994. 151. 13th International Workshop on Qualitative Reasoning, Loch Awe, Scotland, 1999. 152. Raisch, J.: Simple Hybrid Control Systems - Continuous FDLTI Plants with Quantized Control Inputs and Symbolic Measurements. Lecture Notes in Control and Information Sciences, Springer–Verlag, London, pages 369–376, 1994. 153. Raisch, J.: Nondeterministic automata as approximations for continuous systems – an approach with an adjustable degree of accuracy. in IMACS Symposium on Mathematical Modelling, pages 195–202, 1997. 154. Raisch, J.: Hybride Regelsysteme. Shaker Verlag, 1999. 155. Raisch, J. and S. O’Young: A DES approach to control of hybrid dynamical systems. Springer–Verlag, pages 563–574, 1996. 156. Raisch, J. and S. O’Young: A totally ordered set of discrete abstractions for a given hybrid or continuous system. Hybrid System IV, Vol. 1273 of LNCS. Springer–Verlag, Berlin Heidelberg, pages 342–360, 1997. 157. Ramadge, P.: Observability of discrete event systems. in 25th IEEE Conference on Decision and Control, pages 1108–1112, 1986. 158. Ramadge, P. and W. Wonham: Supervisory control of a class of discrete event processes. SIAM J. Control and Optimization, 25, pages 206–230, 1987. 159. Ramadge, P. and W. Wonham: The control of discrete event systems. in Proceedings of the IEEE 77, pages 81–98, 1989. 160. Ravindranathan, M. and R. Leitch: Multiple reasoning architecture for intelligent systems. in 2nd IEE International Conference on Intelligent Systems Engineering (ISE), 1994. 161. Reiter, R.: A theory of diagnosis from first principles. Artificial Intelligence, 32, pages 57–96, 1987. 162. Richter, H.: Qualitative Modellierung, Simulation und operative Steuerung dynamischer Systeme, VDI Fortschrittberichte, Vol. 8, 610, VDI Verlag, D¨ usseldorf, 1997. 163. Sampath, M.: A Discrete Event Systems Approach to Failure Diagnosis. PhD Thesis, University of Michigan, 1995. 164. Sampath, M., A. Godambe, E. Jackson and E. Mallow: Combining qualitative and quantitative reasoning, a hybrid approach to failure diagnosis of industrial systems. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 494–501, Budapest, 2000. 165. Sampath, M., R. Sengupta, S. Lafortune, K. Sinnamohideen and D. Teneketzis: Diagnosability of discrete event systems. IEEE Transactions on Automatic Control, 40, pages 1555–1575, 1995. 166. Schaich, D., R. King, U. Keller and M. Chantler: Interval identification – a modelling and design technique for dynamic systems. in 13th Intern. Workshop on Qualitative Reasoning, pages 185–192, 1999. 167. Scheuring, R.: Modellierung, Beobachtung und Steuerung ereignisorientierter verfahrenstechnischer Systeme. VDI Fortschrittberichte, Vol. 8 475, D¨ usseldorf, 1995.
References
305
168. Schiller, F.: Diagnose dynamischer Systeme auf der Grundlage einer qualitativen Prozeßbeschreibung, VDI Fortschrittberichte, Vol. 8, 653, VDI Verlag, D¨ usseldorf, 1997. 169. Schiller, F. and J. Schr¨oder: Combining qualitative model–based diagnosis and observation within fault–tolerant systems. AI Communications, 12, pages 79–98, 1999. 170. Schiller, F., J. Schr¨oder and J. Lunze: Diagnosis of transient faults in quantised systems. Engineering Applications of Artificial Intelligence, 14, pages 519–536, 2001. 171. Schmidt, G. and T. Str¨ohlein: Relations and Graphs. Springer–Verlag, Berlin Heidelberg, 1993. 172. Schnabel, M., G. Nenninger and V. Krebs: Control of hybrid systems based on net state models. in ECC 99, Proceedings of the European Control Conference, 1999. 173. Schr¨ oder, J. and J. Lunze: Representation of quantised systems by the Frobenius-Perron operator. Hybrid System: Computation and Control, Vol. 2034 of LNCS, pages 473–486, Springer–Verlag, Berlin Heidelberg, 2001. 174. Schr¨ oder, J. (Ed.): QuaMo–Toolbox User’s Guide. Techn. Univ. Hamburg– Harburg, Documentation Release 5.2, 2000 175. Schr¨ oder, J. (Ed.): QS–Tool Programmer’s Guide. Techn. Univ. Hamburg– Harburg, Documentation Release 5.2, 2000 176. Schr¨ oder, J. (Ed.): QuaMo–Toolbox Reference. Techn. Univ. Hamburg– Harburg, Documentation Release 5.2, 2000. 177. Schr¨ oder, J.: Untersuchungen zum station¨ aren Verhalten qualitativer Modelle linearer und nichtlinearer dynamischer Systeme. Report 98.12, Institute of Control Engineering Techn. Univ. Hamburg–Harburg, 1998. 178. Schr¨ oter, W., K. Lautenschl¨ager, H. Bibrack and A. Schnabel: Chemie. VEB Fachbuchverlag, Leipzig, 1986. 179. Schwarz, W., M. G¨ otz, K. Kelber, A. Abel, T. Falk and F. Dachselt: Statistical analysis and design of chaotic systems, Chap. 9 in Chaotic Electronics in Telecommunication CRC Press, Boca Raton, pages 253–305, 2000. 180. Schwarz, W., B. Lewin and G. Wunsch: Stochastische Signale und Systeme in ¨ der Ubertragungsund Steuerungstechnik. Akademie Verlag, Berlin, 1991. 181. Siffling, G. and K. Brammer: Kalman–Bucy–Filter, Deterministische Beobachtung und stochastische Filterung. R. Oldenbourg Verlag, M¨ unchen Wien, 1985. 182. Sontag, E. D.: Mathematical Control Theory. Springer–Verlag, Berlin Heidelberg, 1998. 183. Sreenivas, R. and B. Krogh: On condition/event systems with discrete state realization. Discrete Event Dynamic Systems: Theory and Applications, pages 209–236, 1991. 184. Starke, H.: Abstrakte Automaten. VEB Verlag der Wissenschaften, Berlin, 1969. 185. Staroswiecki, M., J. P. Cassar and V. Cocquempot: Generation of optimal structured residuals in the parity space. in 12th IFAC World Congress, pages 535–542, 1993. 186. Staroswiecki, M. and D. Guerchouh: Fault detection and isolation in the monitoring of inequality contstraints. in Proceedings of Safeprocess 2000: 4th Symposium on Fault Detection, pages 162–167, Budapest, 2000. 187. Steele, A. and R. Leitch: A strategy for qualitative model–based diagnosis. in Proceedings of 13th IFAC World Congress, San Francisco, 1996. 188. Stewart, W. J.: Introduction to the Numerical Solution of Markov Chains. Princeton University Press, Princeton, 1994.
306
References
189. St¨ ocker, H.: Taschenbuch der Physik. Verlag Harri Deutsch, Thun, 1998. 190. Strusberg, O.: Analyse gesteuerter verfahrenstechnischer Prozesse durch Diskretisierung. PhD Thesis, Universit¨at Dortmund, 2000. 191. Teneketzis, D., K. Sinnamohideen, M. Sampath, R. Sengupta and S. Lafortune: Failure diagnosis using discrete event models. in Proceedings of Conference on Decision and Control, pages 3110–3116, 1994. 192. Thompson, J. and H. Stewart: Nonlinear Dynamics and Chaos. John Wiley and Sons, Chichester, 1986. 193. Tibken, B.: Rechnergest¨ utzter Beobachterentwurf f¨ ur bilineare Systeme. PhD Thesis, Techn. Univ. Hamburg–Harburg, 1991. 194. Tou, J.: Applied Automata Theory. Academic Press, New York, 1968. 195. Ulam, S.: A Collection of Mathematical Problems. Interscience, 1960. 196. Unbehauen, H.: Regelungstechnik II. Vieweg & Sohn, Braunschweig, 1983. 197. Vidyasagar, M.: Nonlinear Systems Analysis. Prentice Hall, Englewood Cliffs, 1978. 198. Voß, H.: Stochastische Prozesse. Lecture Notes, Universit¨at Hamburg, 1993. 199. Wang, P.: A method for approximating dynamical processes by finite-state systems. International Journal of Control, 8, pages 285–296, 1968. 200. Weld, D. and J. deKleer: Readings in Qualitative Reasoning. Morgan Kaufman, 1990. 201. Willems, J.: Paradigms and puzzles in the theory of dynamical systems. IEEE Transactions on Automatic Control, 36, pages 259–294, 1991. 202. Wunsch, G. and H. Schreiber: Systemanalyse. Band 2. H¨ uthig Verlag, Heidelberg, 1972. 203. Wunsch, G. and H. Schreiber: Stochastische Systeme. Springer–Verlag, 1992. 204. Zeitz, M.: Nichtlineare Beobachter f¨ ur chemische Reaktoren. VDI Fortschrittberichte, Vol. 8, VDI Verlag, D¨ usseldorf, 1977. 205. Zhuang, Z.: Qualitative Modeling for Observer–Based Fault Diagnosis, VDI Fortschrittberichte, 805, Vol. 8, VDI Verlag, D¨ usseldorf, 1999. 206. Zimmermann, H.: Fuzzy Set Theory and its Application. Kluwer Academic Publishers, Boston, 1987.
A. Mathematical Prerequisites
A.1 A Brief Introduction to Measure Theory This section gives a brief summary of essential concepts from measure theory. For a more detailed introduction the reader is referred to the textbook [95] or the monographs [39], [63]. This appendix is based on [21] and [95] and is limited to the terms and definitions used in the book. Measures and measure spaces. Consider a set Ω and a family σ(Ω) of subsets of Ω. This family is called a σ–algebra, if 1. Ω ∈ σ(Ω), 2. A ∈ σ(Ω) ⇒ Ω\A ∈ σ(Ω), S 3. for every sequence {Ak }, Ak ∈ σ(Ω) ⇒ k Ak ∈ σ(Ω) hold. Note that from 1. and 2. follows immediately that the empty set ∅ = Ω\Ω must also be element of the σ–algebra. A measure is a function µ : σ(Ω) → IR+ that satisfies 1. µ(∅) S = 0 andP 2. µ( k Ak ) = k µ(Ak ) , if Ai ∩ Aj = ∅, i 6= j. The triple (Ω, σ(Ω), µ) is called a measure space and all A ∈ σ(Ω) are called measurable sets. The measure and the measure space are called finite if µ(Ω) < ∞ holds. In particular, if µ(Ω) = 1, then the measure space is called probabilistic, and the measure a probability measure. Examples. An often used measure space is the Borel measure space (R, B(R), µ), with R ⊆ IR, where the Borel σ–algebra is by definition the smallest σ–algebra containing all combinations of intervals on R and the Borel measure is given by µ([a, b]) = b − a. Note that it is enough to define the measure of an interval, because due to the definitions of the σ–algebra and the measure the measure of every Borel measurable set is thereby determined. Another commonly used measure on (R, B(R)) is the Lebesgue measure λ. The Lebesgue measure is in principal identical to the Borel measure. The difference between them is marginal and beyond the scope of this introduction. For all Borel measurable sets, the Lebesgue measure is equal to the Borel measure. A further measure on (R, B(R)) is the Dirac measure δx0 at x0 ∈ R defined by 1 if x0 ∈ A , for all A ∈ B(R) . δx0 (A) = 0 if x0 6∈ A J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 307-312, 2003. Springer-Verlag Berlin Heidelberg 2003
308
A. Mathematical Prerequisites
Another measure space is (N , σ(N ), γ), with N ⊆ ZZ, σ(N ) containing all subsets of N , and with the counting measure γ(A) = |A|, A ∈ σ(N ), where |A| means the number of elements of A. Product measure spaces. The extension to higher dimension fundamentally relies on the definition of the Cartesian product of sets A1 , . . . , An : A1 × · · · × An = {(x1 , . . . , xn ) | x1 ∈ A1 , . . . , xn ∈ An } . Given n measure spaces (Ωi , σ(Ωi ), µi ), i = 1, . . . , n. Let σ(Ω) be the smallest σ– algebra of Ω = Ωi × · · · × Ωn containing all sets of the form A1 × · · · × An , with Ai ∈ σ(Ωi ), i = 1, . . . , n. With this, the product measure space of the measure spaces (Ωi , σ(Ωi ), µi ) is given by (Ω, σ(Ω), µ) with the product measure µ(A1 × · · · × An ) = µ1 (A1 ) · · · µn (An ) . For example the product measure space of n Borel measure spaces is given by (Rn , B(Rn ), µn ), containing all combinations of hypercubes with their hypervolume as measure. Lebesgue integration. The definition of the Lebesgue integral requires nothing more than a measure space (Ω, σ(Ω), µ) on which it is defined. It is defined for all real valued measurable functions, i.e. all functions p : Ω → IR for which p−1 (∆) ∈ σ(Ω) holds for every interval ∆ ⊂ IR, where p−1 (∆) denotes the set p−1 (∆) = {x | p(x) ∈ ∆}. Consider sets Ai ∈ σ(Ω), i = 1, . . . , N , with Ai ∩ AP j = ∅ for all i 6= j. Then the Lebesgue integral of each simple function s(x) = i αi 1Ai (x), αi ∈ IR is defined as Z X s(x)µ(dx) := αi µ(Ai ) , Ω
i
where 1Ai (x) denotes the indicator function (cf. eqn. (3.49)). The definition of the Lebesgue integral is now extended to any measurable function. Consider an arbitrary nonnegative bounded measurable function pB , and a sequence {sj } of simple functions converging uniformly to pB . Then the Lebesgue integral is defined as Z Z sj (x)µ(dx) . pB (x)µ(dx) := lim Ω
j→∞
Ω
This is extended to unbounded nonnegative measurable functions pN by Z Z pM (x)µ(dx) pN (x)µ(dx) := lim M →∞ X Ω pN (x) if pN (x) ≤ M with pM (x) = M otherwise. Finally, for an arbitrary measurable function p the Lebesgue integral is defined by Z Z Z p(x)µ(dx) := max(0, p(x)) µ(dx) − max(0, −p(x)) µ(dx) . (A.1) Ω
Ω
Ω
The function p is called Lebesgue integrable if both integrals on the right–hand side of eqn. (A.1) are finite. If p is not to Rbe integrated over R the entire space Ω, but over any A ∈ σ(Ω) this is by definition A p(x)µ(dx) := Ω p(x)1A (x)µ(dx). Note that from the definition follows that the Lebesgue integral of two functions p1 and p2 is equal even if they differ on a set of measure zero. Such functions are said to be equal almost everywhere with respect to a measure µ. Without explicit reference
A.1 A Brief Introduction to Measure Theory
309
to a measure, the term almost everywhere is used with respect to the Lebesgue measure. By Fubini’s theorem the Lebesgue integral is extended to product spaces Z Z p(x)µ(dx) = p(x1 , x2 )µ(dx1 , dx2 ) Ω
Z =
Ω1 ×Ω2
Z
Ω1
Ω2
p(x1 , x2 )µ2 (dx2 ) µ1 (dx1 ) ,
and equivalently for an arbitrary number of factors. On the Borel measure space, the Lebesgue integral is equal to the well–known Riemann integral. Absolutely continuous measures. The Borel measure of every R Borel measurable set A can be expressed by the Lebesgue integral by µ(A) = A µ(dx). It can be shown that by means of any nonnegative, integrable function p : Ω → IR+ a new finite measure is defined by: Z µp (A) = p(x)µ(dx) , ∀A ∈ σ(Ω) . A
A fundamental result of measure theory is the theorem of Radon–Nikodym. For finite measure spaces it is: Theorem A.1.1. Let (Ω, σ(Ω), µ) be a finite measure space and let ν be a second finite measure with the property that ν(A) = 0 whenever µ(A) = 0. R Then there exist a nonnegative integrable function p : Ω → IR such that ν(A) = A p(x)µ(dx) holds for all A ∈ σ(Ω). The function p whose existence is guaranteed R by the theorem R is in a certain sense unique taking into account that whenever A p1 (x)µ(dx) = A p2 (x)µ(dx) holds for all A ∈ σ(Ω) then p1 = p2 almost everywhere. That is, when identifying functions that differ only on a set of measure zero as the same element of the space of all measurable functions, the function p of the theorem is unique. A measure ν satisfying the condition of the theorem is called absolutely continuous with respect to the measure µ. Lρ space of measurable functions. In a measure space the family of all real– valued measurable functions p : Ω → IR satisfying Z ||p||Lρ := |p(x)|ρ µ(dx) < ∞ Ω
with 1 ≤ ρ < ∞ is the Lρ (Ω, σ(Ω), µ) space, abbreviated by Lρ (Ω). In particular, the space Lρ (IRn ) is in the book referred to as Lρ space. The value ||p||Lρ of the integral is the Lρ norm of the function p. A sub–space of the L1 is the space D(Ω, σ(Ω), µ) = {p ∈ L1 | p(x) ≥ 0, ∀x ∈ Ω, ||p||L1 = 1} of all density functions. Transformations. A transformation g : Ω → Ω is called measurable if g −1 (A) = {x ∈ Ω | g(x) ∈ A} ∈ σ(Ω) holds for all A ∈ σ(Ω). A measurable transformation g : Ω → Ω is called non–singular on a measure space (Ω, σ(Ω), µ) if µ(g −1 (A)) = 0 holds whenever µ(A) = 0. Analogously, the measurability and non–singularity of a transformation between different sets Ω1 and Ω2 , and thus, different measure spaces are defined.
310
A. Mathematical Prerequisites
Probability spaces. A probability space is a measure space (Ω, σ(Ω), prob), where Ω is the space of elementary events, σ(Ω) a σ–algebra of subsets of Ω called events and prob a probability measure. Note that the probability measure assigns a probability to each element of the σ–algebra and not to the elements of Ω. The relation of the probabilities to Ω is described by random variables. Random variables. A continuous random variable %p is a measurable transformation from Ω to IR. That is, for %p : Ω → IR the following must hold: %−1 p (B) = {ω ∈ Ω | %(ω) ∈ B} ∈ σ(Ω)
for all B ∈ B(IR).
The above set is usually written as {%p ∈ B}. The density of the random variable %p is defined as a function p(x) ∈ D(IR, B(IR), µ) for which Z prob({%p ∈ B}) = p(x)µ(dx) for all B ∈ B(IR) B
holds, where µ is the Borel measure. Throughout the book densities are used to characterise continuous random variables.
A.2 Definitions in Discrete Stochastics This section gives a brief introduction to discrete stochastics. It is based on [74], [95], [198] and [202]. In fact, probability theory is intimately related to measure theory discussed in Appendix A.1. However, this and the previous section are formulated independently, as both appendices are related to different parts of the book. Discrete probability spaces. Consider a set Ω of possible outcomes of a random experiment, called space of elementary events. In discrete stochastics, Ω is a countable, and in this book usually finite set. Furthermore, consider the family σ(Ω) of all possible subsets A of Ω, including Ω itself and the empty set. Every A ∈ σ(Ω) is called an event. All singletons A are called elementary events. A function Prob : σ(Ω) → [0, 1] is called a probability measure if 1. Prob(Ω) = 1 and 2. for every S sequence P {Ak }, Ak ∈ σ(Ω), Ai ∩ Aj = ∅, i 6= j the following holds: Prob( k Ak ) = k Prob(Ak ). The triplet (Ω, σ(Ω), Prob) is called discrete probability space. Discrete random variables. Given a discrete probability space, (Ω, σ(Ω), Prob) a transformation ζp : Ω → IN is called a discrete random variable if for any set N ⊆ IN the relation ζp−1 (N ) := {ω ∈ Ω | ζp (ω) ∈ N } ∈ σ(Ω)
(A.2)
holds. The set (A.2) is customarily written in the more compact notation {ζp ∈ N }. A function pζ : IN → [0, 1] satisfying X Prob({ζp ∈ N }) = pζ (ζ) , for all N ⊆ IN (A.3) ζ∈N
A.2 Definitions in Discrete Stochastics
311
is called discrete probability density function of the random variable ζp . If the set Ω of all elementary events is finite, the random variable is, without loss of generality, defined as transformation ζp : Ω → Nζ , with Nζ = {1, . . . , ξ}. According to eqn. (A.3), the random variable ζp is thus characterised by knowing Prob({ζp ∈ N }) for all singletons N = {ζ}, ζ = 1, . . . , ξ, as these are the values of the density: Prob({ζp ∈ {ζ}}) = pζ (ζ). With a slight abuse of terminology and notation these values are referred to as discrete probability distribution denoted by Prob(ζ) = { Prob(ζp = 1), Prob(ζp = 2), . . . , Prob(ζp = ξ) } ={ pζ (1), pζ (2), ..., pζ (ξ) }, and a value of this distribution by Prob(ζp = ζ). Discrete random vectors. In extension to the above, a transformation ζ p : Ω → INn with ζ p = ( ζp,1 ζp,2 . . . ζp,n )0 is called a discrete random vector if for any set N n ⊆ INn the relation n ζ −1 p (N ) := {ω ∈ Ω | ζ p (ω) ∈ N } ∈ σ(Ω)
holds. In the following, finite discrete random vectors ζ p : Ω → Nζn , with Nζn = {1, . . . , ξ1 } × {1, . . . , ξ2 } × · · · × {1, . . . , ξn } ⊂ INn are considered. Such random vectors are characterised by a joint discrete probability distribution for which, in analogy to the above, the notation Prob(ζ) = { Prob(ζ p = (1 1 . . . 1)0 ), Prob(ζ p = (2 1 . . . 1)0 ), . . . ,Prob(ζ p = (ξ1 1 . . . 1)0 ), Prob(ζ p = (1 2 . . . 1)0 ), Prob(ζ p = (2 2 . . . 1)0 ), . . . ,Prob(ζ p = (ξ1 2 . . . 1)0 ), .. .. .. .. . . . . 0 0 Prob(ζ p = (1 ξ2 . . . ξn ) ),Prob(ζ p = (2 ξ2 . . . ξn ) ),. . . ,Prob(ζ p = (ξ1 ξ2 . . . ξn )0 ) } is used. The distribution is customarily written as Prob(ζ) = Prob(ζ1 , ζ2 , . . . , ζn ) = { Prob(ζp,1 = 1, . . . , ζp,n = 1), . . . , Prob(ζp,1 = ξ1 , . . . , ζp,n = ξn ) }
(A.4)
and has the property X X Prob(ζ1 , ζ2 , . . . , ζn ) = 1 . ··· ζ1
ζn
Boundary probability distribution. Each element ζp,i , i = 1, . . . , n of a discrete random vector is a discrete random variable. Its probability distribution is obtained by X XX X Prob(ζi )= Prob(ζ1 , ζ2 , . . . , ζn ) (A.5) ··· ··· ζi−1 ζi+1
ζ1
ζn
ξj
={
X
Prob(ζp,1 = ζ1 , . . . , ζp,i = 1, . . . , ζp,n = ζn )
ζj =1 j=1,...,n, j6=i
,...,
ξj X
Prob(ζp,1 = ζ1 , . . . , ζp,i = ξi , . . . , ζp,n = ζn ) } .
ζj =1 j=1,...,n, j6=i
The distributions (A.5) are called elementary boundary probability distributions of the joint probability distribution (A.4). If the sum in eqn. (A.5) is only over ν,
312
A. Mathematical Prerequisites
1 ≤ ν < n−1 variables then, instead of a single random variable, a n−ν dimensional random vector is obtained. The corresponding joint probability distribution is called a n−ν dimensional boundary distribution of the joint distribution (A.4). Stochastic independence. Consider a discrete random vector ζ p of two random variables ζp,i and ζp,j . The random variables are called stochastically independent, if their joint probability distribution is equal to the product of the two elementary boundary distributions, i.e. if the relation Prob(ζp,i = ζi , ζp,j = ζj ) = Prob(ζp,i = ζi ) · Prob(ζp,j = ζj ) holds for all ζj ∈ {1, . . . , ξi } and for all ζj ∈ {1, . . . , ξj }. Similarly, for an n– dimensional random vector, if a random variable ζp,i is mutually stochastically independent of all other n−1 random variables the joint distribution can be written as product of the i–th elementary boundary distribution and the n−1 dimensional boundary distribution of the remaining random variables. Conditional probability distributions. Consider a discrete random vector ζ p = (ζp,i ζp,j )0 described by the joint discrete probability distribution Prob(ζi , ζj ). Provided that Prob(ζp,j = ζj ) 6= 0 holds for a given ζj ∈ {1, . . . , ξj }, the distribution Prob(ζi | ζj ) = { Prob(ζp,i = 1 | ζp,j = ζj ), . . . , Prob(ζp,i = ξi | ζp,j = ζj ) } Prob(ζp,i = 1, ζp,j = ζj ) Prob(ζp,i = ξi , ζp,j = ζj ) := , ..., Prob(ζp,j = ζj ) Prob(ζp,j = ζj )
(A.6)
is called conditional probability distribution of ζi given ζj . The conditional probabilP ity distribution has the property ζi Prob(ζi | ζj ) = 1 for all ζj . The relation (A.6) is often written as Prob(ζi | ζj ) =
Prob(ζi , ζj ) Prob(ζj )
or
Prob(ζi , ζj ) = Prob(ζi | ζj ) · Prob(ζj )
referring to these relations as Bayes formulas. Higher dimensional conditional probability distributions are defined analogously. Conditional independence. Given a discrete random vector ζ p = (ζp,i ζp,j ζp,l )0 of three random variables. The random variable ζp,j is called conditionally independent of ζp,i for given ζp,l if the relation Prob(ζp,i = ζi | ζp,j = ζj , ζp,l = ζl ) = Prob(ζp,i = ζi | ζp,l = ζl ) holds for all ζi ∈ {1, . . . , ξi } whenever Prob(ζp,j = ζj ) > 0 and Prob(ζp,l = ζl ) > 0 hold. Note that the conditional independence does not imply that the random variables ζp,i and ζp,j are stochastically independent whereas the contrary always holds, i.e. the stochastic independence implies the conditional independence. For a discrete random vector of two random variables the conditional independence is equal to stochastic independence.
B. The QuaMo–Toolbox
The results of all examples in this book have been computed with the Qualitative Modelling Toolbox (QuaMo–Toolbox). The QuaMo–Toolbox is a toolbox for MATLAB/SimulinkTM developed for generating, analysing and identifying qualitative models of dynamical systems. Furthermore, the toolbox contains a variety of algorithms for supervision including the observation and diagnostic algorithms presented in the book. The QuaMo–Toolbox has been developed in different research projects. Therefore, it is not limited to the discrete–time approach but contains also routines for event–based sampling (cf. [138]) and other tasks like qualitative control [97] and simulation.
Fig. B.1. QLib of the QuaMo–Toolbox. The QuaMo–Toolbox and its documentation [174], [175], [176] is available at: http://www.ruhr-uni-bochum.de/atp . The toolbox consists of three parts. The first part is the Quantised System–Tool (QS–Tool) for analysing and abstracting quantised systems. It contains routines to J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 313-314, 2003. Springer-Verlag Berlin Heidelberg 2003
314
B. The QuaMo–Toolbox
determine natural partitions (cf. Section 4.3) and to abstract qualitative models using the algorithms presented in Section 4.2. The QS-Tool is written in the programming language C for fast computations using the CMEX Matlab interface. The second part of the toolbox contains several m–functions for analysing qualitative models in form of stochastic automata. This includes functions for plotting automata graphs, for analysing observability and diagnosability, for network composition (cf. Chapter 7) and others. The Qualitative Modelling Library (QLib) constitutes the third part. It contains a collection of SimulinkTM blocks shown in Figure B.1. By using the blocks of the QLib, supervision and control tasks can be solved easily. As an example, Figure B.2 shows the realisation of an observer for quantised system. The blocks are configured with the necessary parameters like the input and output space partitions, the behavioural relation of the qualitative model and the a–priori initial state distribution. Running SimulinkTM directly yields the observation result which is plotted by the “Probability Scope”–block in the format used throughout the book.
Fig. B.2. Realisation of an observer for quantised systems using the QuaMo–Toolbox.
C. Proofs
C.1
Proof of Lemma 2.5.5
Equation (2.28) yields for the probability distribution of the state at time k Prob(z(k)) X =
(C.1) Prob(z(k) | V (0 . . . k−1)) · Prob(V (0 . . . k−1))
V (0...k−1)∈Nvk
=
X
G(k−1) · Prob(z(k−1) | V (0 . . . k−2)) · Prob(V (0 . . . k−1)) .
z(k−1)∈Nz V (0...k−1)∈Nvk
As the inputs at different times are independent of each other eqn. (C.1) yields X
Prob(z(k)) =
X
G(k−1) · Prob(v(k−1)) ·
z(k−1)∈Nz v(k−1)∈Nv
·
X
Prob(z(k−1) | V (0 . . . k−2)) · Prob(V (0 . . . k−2))
V (0...k−2)∈Nvk
X
=
X
G(k−1) · Prob(v(k−1)) · Prob(z(k−1)) . (C.2)
z(k−1)∈Nz v(k−1)∈Nv
As Prob(v(k)) is constant over time it follows from eqn. (C.2) that Prob(z(k)) =
X
X
G(k−1) · Prob(v) · Prob(z(k−1))
z(k−1)∈Nz v∈Nv
=
X
Ga (z(k) | z(k−1)) · Prob(z(k−1))
(C.3)
z(k−1)∈Nz
holds, with Ga as given in the lemma. According to eqn. (C.3) the state distribution can be determined from Ga (z 0 | z) for all times and thus the stationary behaviour is given from the properties of Ga (z 0 | z). 2
J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 315-336, 2003. Springer-Verlag Berlin Heidelberg 2003
316
C. Proofs
C.2
Proof of Theorem 3.5.1
The theorem is proved by induction and separately for I/S and I/O–completeness. I/S–completeness k=0 For k = 0 consider a sequence [X(0 . . . 1)] = ([x(0)], [x(1)]) ∈ [X (0 . . . 1 | X 0 , [u(0)])]∗ .
(C.4)
It has to be shown that every such sequence is in the corresponding set generated by the qualitative model, i.e. that G([x(1)] | [x(0)], [u(0)]) · Prob(zp (0) = [x(0)]) > 0
(C.5)
holds for any choice (C.4) and for arbitrary quantised input [u(0)] (cf. eqn. (3.85)). ˜ 0 = X 0 ∩Qx ([x(0)]). From the definition of the set (3.87) follows Consider the set X ˜ that λn (X 0 ) > 0 holds. Hence, according to eqn. (3.91) Prob(zp (0) = [x(0)]) > 0 holds. Accordingly, condition (C.5) is satisfied if G([x(1)] | [x(0)], [u(0)]) > 0 holds. From the definition of the set (3.87) and the non–singularity of g it follows that the set ˜ 0 , u ∈ Qu ([u(0)])} ∩ Qx ([x(1)]) ˆ 1 = {ˆ ˆ = g(x, u), x ∈ X x|x X ˆ 1 ) > 0 holds. From this follows immediately that has nonzero measure, i.e. λn (X −1 ˆ ˜ 0 and λm (Qu (i)) > 0, ∀i ∈ Nv it λn+m (g (X 1 )) > 0 holds. Due to Qx ([x(0)]) ⊇ X −1 ˆ is clear that λn+m ((Qx ([x(0)]) × Qu ([u])) ∩ g (X 1 )) > 0 holds. From this follows ˆ 1 that with Qx ([x(1)]) ⊇ X λn+m ( (Qx ([x(0)]) × Qu ([u])) ∩ g −1 (Qx ([x(1)])) ) > 0 holds. Due to λr (Qy (i)) > 0, ∀i ∈ Nw and because of the non–singularity of h it is clear that there exist a w such that λn+m ( (Qx ([x(0)]) × Qu ([u])) ∩ (gh)−1 (Qx ([x(1)]) × Qy (w)) ) > 0 holds, from which due to the assumption that µn+m is nonzero whenever λn+m is nonzero follows that L([x(1)], w | [x(0)], [u(0)]) > 0 holds (cf. eqn. (3.64)). Hence from eqn. (2.5) follows that G([x(1)] | [x(0)], [u(0)]) > 0 is satisfied. k →k+1 Assume that the I/S–completeness is given for all quantised sequences [X(0 . . . k)] up to time k. Consider any sequence [X(0 . . . k+1)] = ([X(0 . . . k)], [x(k+1)]) ∈ [X (0 . . . k+1 | X 0 , [U (0 . . . k)])]∗ .
(C.6)
Clearly, [X(0 . . . k)] ∈ [X (0 . . . k | X 0 , [U (0 . . . k −1)])]∗ holds. It has to be shown that for any chosen sequence (C.6) k Y
G([x(i+1)] | [x(i)], [u(i)]) · Prob(zp (0) = [x(0)]) > 0
i=0
holds. From the I/S–completeness up to time k follows that
C. Proofs k−1 Y
317
G([x(i+1)] | [x(i)], [u(i)]) · Prob(zp (0) = [x(0)]) > 0
i=0
holds. Hence, it remains to be shown that G([x(k+1)] | [x(k)], [u(k)]) > 0 holds for any choice (C.6). Consider the set X˜k = X (k | X 0 , [U (0 . . . k−1)]) ∩ Qx ([x(k)]) that has according to the definition of the set (3.87) and the non–singularity of g nonzero measure and its continuation ˜ k , u ∈ Qu ([u(k)])} ∩ Qx ([x(k+1)]) . ˆ k+1 = {ˆ ˆ = g(x, u), x ∈ X x|x X ˆ1 With the same argumentation given above for the set X˜0 and its continuation X it follows that G([x(k+1)] | [x(k)], [u(k)]) > 0 holds, showing the I/S–completeness. I/O–completeness k=0 For k = 0 consider any [y(0)] ∈ [Y(0 | Rn , [u(0)])]∗ for given quantised input [u(0)]. According to eqn. (3.84) it has to be shown that for any choice [y(0)] there exist a state z(0) such that X L(z(1), [y(0)] | z(0), [u(0)]) > 0 (C.7) z(1)
holds. From the construction of the set (3.88) and the non–singularity of h it follows that the set ˜ 0 = Y(0 | Rn , [u(0)]) ∩ Qy ([y(0)]) Y ˜ 0 ) > 0. Hence λn+m (h−1 (Y ˜ 0 )) > 0 holds. In analogy to has nonzero measure λr (Y the above, the non–singularity of g, λn (Qx (i)) > 0, ∀i ∈ Nz and λm (Qu (i)) > 0, ∀i ∈ Nv guarantee that there exist z 0 , z ∈ Nz such that ˜ 0) ) > 0 λn+m ( (Qx (z) × Qu ([u(0)])) ∩ (gh)−1 (Qx (z 0 ) × Y ˜ 0 it is clear that holds. Due to Qy ([y(0)]) ⊇ Y λn+m ( (Qx (z) × Qu ([u(0)])) ∩ (gh)−1 (Qx (z 0 ) × Qy ([y(0)])) ) > 0 also holds. With the assumption that µn+m is nonzero whenever λn+m is nonzero this means that L(z 0 , [y(0)] | z, [u(0)]) > 0 holds and hence condition (C.7) is satisfied. k →k+1 Assume that the I/O–completeness is given for all quantised sequences [Y (0 . . . k)] up to time k. Consider any sequence [Y (0 . . . k+1)] = ([Y (0 . . . k)], [y(k+1)]) ∈ [Y(0 . . . k+1 | Rn , [U (0 . . . k+1)])]∗ .
(C.8)
Clearly [Y (0 . . . k)] ∈ [Y(0 . . . k | Rn , [U (0 . . . k)])]∗ holds. According to eqn. (3.84) it has to be shown that for any chosen sequence (C.8) there exists a z(0) such that X
k+1 Y
Z(1...k+2)∈Nzk+2 i=0
L(z(i+1), [y(i)] | z(i), [u(i)]) > 0
(C.9)
318
C. Proofs
holds. Consider the set ˜z (k+1) = {z(k+1) | N
X
k Y
L(z(i+1), [y(i)] | z(i), [u(i)]) > 0} .
Z(1...k)∈Nzk i=0
˜z (k + 1) is not From the I/O–completeness up to time k it follows that the set N empty. Hence, condition (C.9) is satisfied if there exists a z 0 such that L(z 0 , [y(k+1)] | z, [u(k+1)]) > 0
(C.10)
˜z (k+1). From the I/S–completeness of the qualitative model it holds for any z ∈ N is clear that for the set of states on the right–hand side of (3.42) the relation [ Qx (z) ⊇ X (k+1 | Rn , [U (0 . . . , k)]) (C.11) ˜z (k+1) z∈N
holds. Furthermore, the non–singularity of g guarantees that the measure of the state set at time k + 1 is nonzero, i.e. λn (X (k + 1 | Rn , [U (0 . . . , k)])) > 0 holds. Consider the set Y˜ k+1 = Y(k+1 | Rn , [U (0 . . . , k+1)]) ∩ Qy ([y(k+1)]) which has nonzero measure because h is non–singular, X (k +1 | Rn , [U (0 . . . , k)]) has nonzero measure and due to the construction of the set (3.88). It follows immediately that λn+m (h−1 (Y˜ k+1 )) > 0 holds, and due to Y˜ k+1 ⊆ Y(k + 1 | Rn , [U (0 . . . , k+1)]) that h−1 (Y˜ k+1 ) ⊆ X (k+1 | Rn , [U (0 . . . , k)])×Qx ([u(k+1)]) ˜z (k+1) such that holds. From this and (C.11) it is clear there exist a state z ∈ N λn+m ( ( Qx (z) × Qu ([u(k+1)]) ) ∩ h−1 (Y˜ k+1 ) ) > 0 holds. Like above, due to the non–singularity of g and Qx (z) > 0, ∀z ∈ Nz there exists a state z 0 such that λn+m ( ( Qx (z(k+1)) × Qu ([u(k+1)]) ) ∩ (gh)−1 (Y˜ k+1 × Qx (z 0 )) ) > 0 holds. Because of Qy ([y(k + 1)]) ⊇ Y˜ k+1 and the assumption on µn+m it finally follows that condition (C.10) is satisfied, proving the I/O–completeness. 2
C.3
Proof of Lemma 3.5.1
I/S–completeness. It has to be shown that for any choice [X(0 . . . k)] ∈ [X (0 . . . k | X 0 , [U (0 . . . k−1)])]∗ the SA yields k−1 Y i=0
G⊕ ([x(i+1)] | [x(i)], [u(i)]) · Prob(zp (0) = [x(0)]) > 0 .
(C.12)
C. Proofs
319
From the I/S–completeness of the qualitative model follows that (C.12) holds with G instead of G⊕ . As G⊕ (z 0 | z, v) is nonzero whenever G(z 0 | z, v) > 0 holds, condition (C.12) is also satisfied with G⊕ . I/O–completeness. Similarly, for I/O–completeness, it has to be shown that for any choice [Y (0 . . . k)] ∈ [Y(0 . . . k | Rn , [U (0 . . . k)])]∗ there exist at least one initial state z(0) for which the SA yields Prob([Y (0 . . . k)] | [U (0 . . . k)], z(0)) = X =
k Y
(C.13)
L⊕ (z(i+1), [y(i)] | z(i), [u(i)]) > 0 .
Z(1...k+1)∈Nzk+1 i=0 ⊕
As L (z 0 , w | z, v) is nonzero whenever the qualitative model yields L(z 0 , w | z, v) > 0, there exist an initial state such that condition (C.13) is satisfied, because due to the I/O–completeness of the qualitative model an initial state can be chosen such that (C.13) is satisfied with L instead of L⊕ . 2
C.4
Proof of Lemma 4.2.1
From the construction of the method it is clear that the obtained behavioural relation L⊕ satisfies condition (3.95) such that the SA with L⊕ is according to Lemma 3.5.1 a complete model of the quantised system. In [61], [62] it is shown that the approximation error of the hyperbox method for autonomous systems can be made smaller than any given bound > 0 for increasing number of subdivision. This result directly applies to the method described here. 2
C.5
Proof of Lemma 4.3.1
¯ If and only if the z¯–th column of the stochastic transition matrix Ga is δ zN the z ¯ z ¯ z ¯ relation holds Ga δ N = δ N holds. That is, δ N is a stationary distribution if and only if Ga (¯ z | z¯) = 1 holds. This proofs the necessity because if Ga (¯ z | z¯) < 1 would z ¯ hold then pqs z = δ N would be no stationary distribution of the SA.
According to Lemma 2.5.4 the condition of the theorem is sufficient if the SA has ¯z = {¯ no other irreducible sets of states than N z }. This is proofed by means of ˜z . This set Lemma 2.5.1. Assume that there was another irreducible set of states N ¯z is a closed set and thus according to Lemma 2.5.1 N ˜z would cannot contain z¯ as N ˜ not be irreducible. On the other hand, if Nz was a closed set not containing z¯ then [ ˜)⊆X ˜ , with X ˜ = ˜ ¯ 6∈ X Qx (i) and x g (X a
˜z i∈N
320
C. Proofs
˜ the latter would mean that all ¯ does not lie on the bound of X would hold. As x ˜ do not converge to x ¯ contradicting the asymptotic stability of the points in X system. 2
C.6
Proof of Lemma 4.3.2
In the proof of Lemma 4.3.1 it is shown that the qualitative model has a single ¯z = {¯ irreducible set of states N z }. Consequently, according to Section 2.5.3 all ˆ ¯ ˆz states of Nz = Nz \Nz are transient and hence for all states zˆ ∈ N lim Prob(zp (k) = zˆ | zp (0) = z) = 0 ,
k→∞
∀z ∈ Nz
¯ holds [198]. This means that the stationary distribution δ zN is also the limiting distribution for all initial conditions. 2
C.7
Proof of Theorem 4.3.1
The proof is similar to the proof of Lemma 4.3.1. The necessity is clear because if ¯i ¯i ¯i and only if the z¯i –th column of Ga is δ zN the relation Ga δ zN = δ zN holds. This is equivalent to the condition that for each z¯i the relation Ga (¯ zi | z¯i ) = 1 must hold. The sufficiency is clear due to Lemma 2.5.4, because as before, the SA cannot have further irreducible sets of states because this would mean that the continuous– variable system has further fixed points contradicting the assumptions of the theorem. 2
C.8
Proof of Lemma 4.3.3
ˆz contains not only First, the necessity is proved. Assume that a closed set of states N ¯ j ], i 6= j containing a the qualitative state [¯ xi ] but also another qualitative state [x ˆz cannot be divided into two closed fixed point. Furthermore, assume that the set N ˆz,j , N ˆz,i ∪ N ˆz,j = N ˆz each containing one of these qualitative states. ˆz,i and N sets N ˆz with the property that some Then there exist at least one qualitative state zˆ ∈ N of the numerical states x ∈ Qx (ˆ z ) converge to xi while others converge to xj . Such ˆz would only consist of qualitative states a state zˆ must exist, because otherwise N ˆz into closed sets ¯ i ] or towards [¯ xj ] partitioning N with transitions either towards [x ˆz,j . Hence, due to the I/S–completeness of the qualitative model lim k→∞ ˆz,i and N N [¯ x ] [¯ x ] ˆ can neither be δ N i nor δ N j . with pz (0) = δ zN
C. Proofs
321
˜x,i are closed containing only one The condition is sufficient, because if the sets N ˜ ¯ i ] ∈ Nx,i and such that the condition G([¯ of the qualitative states [x xi ] | [¯ xi ]) = 1 is satisfied, then Lemma 4.3.1 guarantees that there exist a unique stationary distribution within these sets of states which is also the limiting distribution. Hence eqn. (4.26) holds for almost all initial states.
C.9
Proof of Lemma 4.3.4
If G(¯ z | z¯, v¯) = 1 holds the relation g(x, u) ∈ Qx (¯ z ) × Qu (¯ v ) holds for all x ∈ Qx (¯ z) and all u ∈ Qu (¯ v ). Hence, independent of the actual distribution p¯x (x), the relation ¯ DN p¯x (x) = δ zN holds. To SA with constant input v¯ the methods for autonomous SA apply (cf. Section 2.5.3). Hence, the z¯–th column of G(¯ v ), which is the transition matrix of the ¯ SA under the constant input v¯, must be δ zN , corresponding to G(¯ z | z¯, v¯) = 1 (cf. Appendix C.5). Similar to the proof of the sufficient condition of Lemma 4.3.1 it is clear that the SA with constant input v¯ cannot have any further irreducible set of ¯ 6∈ Qx (¯ states, as this would necessitate the existence of at least one fixed point x z) under a set of inputs with nonzero measure, contradicting the assumption that the ¯ ⊂ Qx (¯ set of all fixed points satisfies X z ). 2
C.10
Proof of Theorem 4.3.2
In fact the theorem is a consequence of the definition of a Markov partition. If and only if eqn. (4.34) holds for all quantised state sequences and for all times k the (quantised) dynamical behaviours of the quantised system and the qualitative model coincide. If there exist any state sequence for which eqn. (4.34) does not hold, the qualitative model yields a different probability than the quantised system. 2
C.11
Proof of Lemma 4.3.5
As the FPO describing the temporal evolution of px0 (x) is a linear operator (cf. Sec[x(0)] tion 3.6) it is sufficient to show that for all initial conditions px0 (x) = IN δ N , [x(0)] ∈ Nx and for all times k the relation Prob([x(k+1)] | [X(0 . . . k)]) = Prob([x(k+1)] | [x(k)]) [x(0)]
holds. The initial condition px0 (x) = IN δ N implies supp(px0 (x)) ⊆ Qx ([x(0)]). Hence, as the deterministic partition means that
322
C. Proofs g a (Qx ([x(k)])) ⊆ Qx ([x(k+1)])
(C.14)
holds for all quantised states and for all times k, it clear that the relations [x(k)]
Prob([x(k)] | [X(0 . . . k−1)]) = δN and
[x(k+1)]
Prob([x(k+1)] | [X(0 . . . k)]) = δN
hold. From this and relation (C.14) follows that [x(k+1)]
Prob([x(k+1)] | [x(k)]) = δN holds for all times k.
C.12
= Prob([x(k+1)] | [X(0 . . . k)])
2
Proof of Lemma 5.1.1
To prove the sufficiency of the two conditions for the consistency of the I/O pair (V, W ), denote the sum in eqn. (5.4) by λ. If both the conditions |V | = |W | and λ > 0 would hold, the SA with initial state probability distribution Prob(zp (0) = z) = 1/N, ∀z ∈ Nz satisfies Prob(W |V ) = λ/N > 0, which can be seen from eqn. (2.30). To prove the necessity, assume that there exists an initial state probability distribution Prob(z(0)) such that Prob(W |V ) > 0 holds for the given I/O pair. As the initialised SA is an SA–operator for which Lemma 2.6.1 holds, |V | = |W | follows immediately. Further, from Prob(W |V ) > 0 and from eqn. (2.30) it follows directly that λ (the sum in eqn. (5.4)) is positive. 2
C.13
Proof of Theorem 5.2.1
Bayes formula (cf. Appendix A.2) yields Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) Prob(Z(0 . . . k), V (0 . . . k), W (0 . . . k)) = , Prob(V (0 . . . k), W (0 . . . k))
(C.15)
because Prob(V (0 . . . k), W (0 . . . k)) > 0 holds for every consistent I/O pair (V, W ) (cf. eqn. (5.5)). Equation (C.15) can be written as Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) P z(k+1) Prob(z(0), . . . , z(k+1), v(0), . . . , v(k), w(0), . . . , w(k)) . = P Z(0...k+1) Prob(z(0), . . . , z(k+1), v(0), . . . , v(k), w(0), . . . , w(k))
(C.16)
The probability distribution that appears in the numerator and denominator of (C.16) can be simplified as follows:
C. Proofs Prob(z(0), . . . , z(k+1), v(0), . . . , v(k), w(0), . . . , w(k)) = Prob(z(k+1), w(k) | z(k), v(k), Z(0 . . . k−1), V (0 . . . k−1), W (0 . . . k−1)) ·Prob(z(k), v(k), Z(0 . . . k−1), V (0 . . . k−1), W (0 . . . k−1)) = Prob(z(k+1), w(k) | z(k), v(k)) ·Prob(Z(0 . . . k), v(k), V (0 . . . k−1), W (0 . . . k−1)) = Prob(z(k+1), w(k) | z(k), v(k)) ·Prob(v(k) | Z(0 . . . k), V (0 . . . k−1), W (0 . . . k−1)) ·Prob(Z(0 . . . k), V (0 . . . k−1), W (0 . . . k−1)) = Prob(z(k+1), w(k) | z(k), v(k)) ·Prob(v(k) | V (0 . . . k−1), W (0 . . . k−1)) ·Prob(Z(0 . . . k), V (0 . . . k−1), W (0 . . . k−1)) = Prob(z(k+1), w(k) | z(k), v(k)) · . . . · Prob(z(1), w(0) | z(0), v(0)) ·Prob(v(k) | V (0 . . . k−1), W (0 . . . k−1) · . . . · Prob(v(1) | v(0), w(0)) ·Prob(z(0), v(0)) = L(k) · L(k−1) · . . . · L(0) · Prob(z(0)) ·
k Y
Prob(v(κ) | V (0 . . . κ−1), W (0 . . . κ−1) · Prob(v(0)) .
323 (C.17) (C.18) (C.19)
(C.20)
(C.21)
(C.22)
(C.23)
κ=1
The above simplification steps hold due to the following reasons. To obtain eqn. (C.18) Bayes formula is used. For eqn. (C.19) first the fact that the output sequence W (0 . . . k−1) contains no further information than the states and inputs is used. Then the Markov property (2.18) is applied. To obtain eqn. (C.20) again Bayes formula is used. Equation (C.21) is obtained by using eqn. (5.6). The third factor in eqn. (C.21) is equal to (C.17) with the time shifted by one. Repeating the steps (C.18) to (C.21) again and again finally yields eqn. (C.22). Since the SP is homogeneous and, hence, the relation Prob(z(k+1), w(k) | z(k), v(k)) = L(k) holds for all k, and the initial state and input are stochastically independent it follows eqn. (C.23). Expression (C.23) is inserted in eqn. (C.16). All factors in the second line of (C.23) do not depend on the summations in eqn. (C.16) and are nonzero due to the consistency of the I/O pair. They can, therefore, be cancelled yielding eqn. (5.7). 2
C.14
Proof of Theorem 5.2.3
Following the idea of the proof of Theorem 5.2.1 (cf. Appendix C.13) the relation Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) P Z(0...k−1) L(k−1) · . . . · L(1) · L(0) · Prob(z(0)) = P Z(0...k) L(k−1) · . . . · L(1) · L(0) · Prob(z(0))
(C.24)
can be obtained. The denominator of (C.24) is positive because the pair (V, W ) is assumed to be consistent with the SA (cf. Theorem 5.2.1). Equation (C.24) implies
324
C. Proofs
the relation X
L(k−1) · . . . · L(1) · L(0) · Prob(z(0))
Z(0...k−1)
=
Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) · c(k)
(C.25)
with the abbreviation X c(k) = L(k−1) · . . . · L(1) · L(0) · Prob(z(0)) , Z(0...k)
where c(k) > 0 is a real number depending on the time k. Similarly X L(k−2) · . . . · L(1) · L(0) · Prob(z(0)) Z(0...k−2)
= Prob(z(k−1) | V (0 . . . k−2), W (0 . . . k−2)) · c(k−1)
(C.26)
with some c(k−1) > 0 holds. By inserting (C.25) into (5.9) and (C.26) into (C.24), respectively, the relations Prob(z(k) | V (0 . . . k), W (0 . . . k)) P z(k+1) L(k) · Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) · c(k) = P z(k),z(k+1) L(k) · Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) · c(k)
(C.27)
and Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) P L(k−1) · Prob(z(k−1) | V (0 . . . k−2), W (0 . . . k−2)) · c(k−1) =
z(k−1)
P
L(k−1) · Prob(z(k−1) | V (0 . . . k−2), W (0 . . . k−2)) · c(k−1)
(C.28)
z(k),z(k−1)
follow. By eliminating c(k) and c(k−1) from eqns. (C.27) and (C.28), eqns. (5.10) and (5.12) are obtained. 2
C.15
Proof of Lemma 5.3.1
It has to be shown that τ satisfies the conditions (2.65) and (2.66). As the definition of τ shows, the first condition is satisfied. With the symbols used here, the second condition reads as X τ (Z(0 . . . k) | Vobs (0 . . . k)) = 1 . (C.29) Z(0...k)
For Π(Vobs ) > 0, i.e. for nonzero denominator it follows immediately: P Qk P X i=0 L(i) · Prob(z(0)) Z(0...k) z(k+1) =1 τ (Z(0 . . . k) | Vobs (0 . . . k)) = Qk P i=0 L(i) · Prob(z(0)) Z(0...k+1) Z(0...k) If Π(Vobs (0 . . . k)) = 0 holds, the recursive relation
C. Proofs X
τ (Z(0 . . . k) | Vobs (0 . . . k))
Z(0...k)
(
=
P
Z(0...k−1)
τ (Z(0 . . . k−1) | Vobs (0 . . . k−1)) for k > 0
1
for k = 0
.
is obtained which likewise shows that condition (C.29) is satisfied.
C.16
325
2
Proof of Lemma 5.3.2
According to eqn. (2.66) of Lemma 2.6.1 the relation X τ ((Z zˆ) | (Vobs vˆobs )) = τ (Z | Vobs )
(C.30)
z ˆ
must hold for all vˆobs ∈ Nvobs if (Nvobs , Nz , τ ) was an SA–operator. The lemma is proved by giving a counterexample. Consider the automaton shown in Figure 5.2. The second elements of the third and fourth columns of Table 5.1 yield τ ((1, 2)|Vobs ) = 0.1538 for Vobs = (Mobs (1, 1), Mobs (1, 1)). With vˆobs = Mobs (1, 1) eqn. (C.30) yields X τ ((1, 2, zˆ)|Vobs , vˆobs ) = 0.3509 z ˆ
(cf. fourth element of columns five and six of Table 5.1). Obviously, X τ ((1, 2, zˆ)|Vobs , vˆobs ) 6= τ ((1, 2)|Vobs ) z ˆ
holds, which shows that the observer is no SA-operator.
C.17
2
Proof of Lemma 5.4.1
Due to eqn. (5.16) the relation L(k) = L(z(k+1), w(k) | z(k), v(k)) = G(z(k+1) | z(k), v(k)) · H(w(k) | v(k)) holds and, hence, eqn. (5.7) yields: Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) H(w(k) | v(k)) · . . . · H(w(0) | v(0)) · =
P
z(k+1)
H(w(k) | v(k)) · . . . · H(w(0) | v(0)) ·
P
G(k) · . . . · G(0) · Prob(z(0)) G(k) · . . . · G(0) · Prob(z(0))
Z(0..k+1)
.
326
C. Proofs
P From eqn. (2.7) and z(0) Prob(z(0)) = 1 follows that the sum in the denominator is 1. As all H(w(i) | v(i)) are nonzero due to the consistency of the I/O pair, the relation Prob(Z(0 . . . k) | V (0 . . . k), W (0 . . . k)) = G(k−1) · · · G(0) · Prob(z(0)) is obtained, which is identical to the simulation result described by eqn. (2.25).
C.18
2
Proof of Lemma 5.4.2
In the proof, the set Zk,sim,obs (k | V, W ) is abbreviated as Zk . For v(k) and w(k) eqn. (5.10) yields Prob(z(k+1) | V (0 . . . k), W (0 . . . k)) P z (k)) z(k+1)∈Nz L(z(k+1), w(k) | z(k), v(k)) · Prob(˜ = P L(z(k+1), w(k) | z(k), v(k)) · Prob(˜ z (k)) z(k),z(k+1)∈Nz P z (k)) z(k+1)∈Nz L(z(k+1), w(k) | z(k), v(k)) · Prob(˜ P = P L(z(k+1), w(k) | z(k), v(k)) · Prob(˜ z (k)) z(k)∈Zk z(k+1)∈Nz
(C.31)
If and only if the SA satisfies condition (5.24) for all z(k) ∈ Zk eqn. (C.31) yields Prob(z(k) | V (0 . . . k), W (0 . . . k)) P ˜ z (k)) z(k+1)∈Nz G(z(k+1) | z(k), v(k)) · H(w(k) | v(k)) · Prob(˜ = P P ˜ G(z(k+1) | z(k), v(k)) · H(w(k) | v(k)) · Prob(˜ z (k)) z(k)∈Zk
z(k+1)∈Nz
˜ H(w(k) | v(k)) · Prob(˜ z (k)) = P ˜ z (k)) H(w(k) | v(k)) z(k)∈Zk Prob(˜ = Prob(˜ z (k)) = Prob(z(k) | V (0 . . . k−1)) = Prob(z(k) | V (0 . . . k)) . This proofs eqn. (5.25). Similarly, eqn. (5.12) yields Prob(z(k+1) | V (0 . . . k), W (0 . . . k)) P z (k)) z(k)∈Nz L(z(k+1), w(k) | z(k), v(k)) · Prob(˜ P = L(z(k+1), w(k) | z(k), v(k)) · Prob(˜ z (k)) z(k+1),z(k)∈Nz P z (k)) z(k)∈Zk L(z(k+1), w(k) | z(k), v(k)) · Prob(˜ P . = P z (k)) z(k)∈Zk z(k+1)∈Nz L(z(k+1), w(k) | z(k), v(k)) · Prob(˜
(C.32)
If and only if the SA satisfies condition (5.24) for all z(k) ∈ Zk eqn. (C.32) becomes Prob(z(k+1) | V (0 . . . k), W (0 . . . k)) P ˜ z (k)) z(k)∈Zk G(z(k+1) | z(k), v(k)) · H(w(k) | v(k)) · Prob(˜ = P ˜ H(w(k) | v(k)) · Prob(˜ z (k)) =
X z(k)∈Zk
z(k)∈Zk
G(z(k+1) | z(k), v(k)) · Prob(˜ z (k)) .
C. Proofs
327
This is according to eqn. (2.28) a recursion step of the simulation and, therefore, proofs eqn. (5.26). 2
C.19
Proof of Theorem 5.6.1
The observation of zˆ(k) according to eqn. (5.10) yields the probability distribution Prob(ˆ z (k) | V (0 . . . k), W (0 . . . k)). The diagnostic result described by eqn. (5.32) is obtained by determining the boundary distribution over all states zˆ which concern the same fault f (k). This state set Nzˆ(f ) is given by eqn. (5.31). The recursively determined distribution (5.34) is obtained directly from eqn. (5.12). 2
C.20
Proof of Lemma 5.7.2
If the stochastic process is stochastically undiagnosable due to condition (5.36) then from Lemma 5.4.1 or Corollary 5.4.2 follows: Prob(ˆ z (k) | V (0 . . . k), W (0 . . . k)) = Prob(ˆ z (k) | V (0 . . . k)) = Prob(z(k), f (k) | V (0 . . . k)) . Hence, it follows directly that Prob(f (k) | V (0 . . . k), W (0 . . . k)) = =
X
X
Prob(z(k), f (k) | V (0 . . . k), W (0 . . . k))
z(k)
Prob(z(k), f (k) | V (0 . . . k)) = Prob(f (k) | V (0 . . . k))
z(k)
holds, proving the lemma for the first undiagnosability case. For the other case of undiagnosability the lemma is proved in two steps. First it is shown by induction that Prob(z(k), f (k) | V (0 . . . k−1), W (0 . . . k−1)) = Prob(z(k) | V (0 . . . k−1), W (0 . . . k−1)) · Prob(f (k) | V (0 . . . k−1))
(C.33)
holds for all k. k=0 Equation (C.33) holds for k = 0 due to the assumption made in the lemma that the initial fault and state are stochastically independent such that Prob(z(0), f (0) | V (0 . . . − 1), W (0 . . . − 1)) := Prob(z(0), f (0)) = Prob(z(0)) · Prob(f (0)) holds.
328
C. Proofs
k → k+1 It is assumed that the state and fault at time k are stochastically independent and that the fault does not depend upon the outputs such that the following holds: Prob(z(k), f (k) | V (0 . . . k−1), W (0 . . . k−1)) = Prob(z(k)|V (0...k−1), W (0...k−1))·Prob(f (k)|V (0...k−1), W (0...k−1)) (C.34) = Prob(z(k)|V (0...k−1), W (0...k−1))·Prob(f (k)|V (0...k−1)) . (C.35) It will be shown that eqn. (C.35) holds also for time k + 1. In order to abbreviate the notation Prob(z(k) | V (0...k − 1), W (0...k − 1)) is denoted by p(z(k)) and Prob(f (k) | V (0...k−1), W (0...k−1)) by p(f (k)). Furthermore, L(k) := L(z(k+1), f (k+1), w(k) | z(k), f (k), v(k)) ¯ ¯ L(k) := L(z(k+1), w(k) | z(k), v(k)) ¯ ¯ and Gf (k) := Gf (f (k+1) | f (k), v(k)) are used. With eqn. (C.34) it follows from eqn. (5.34) that Prob(z(k+1), f (k+1) | V (0 . . . k), W (0 . . . k)) P z(k),f (k) L(k) · p(z(k)) · p(f (k)) P = P z(k+1),f (k+1) z(k),f (k) L(k) · p(z(k)) · p(f (k)) holds. If the SP is stochastically undiagnosable it follows Prob(z(k+1), f (k+1) | V (0 . . . k), W (0 . . . k)) P P ¯ ¯ z(k) L(k) · p(z(k)) · f (k) Gf (k) · p(f (k)) P = P ¯ ¯ z(k),z(k+1) L(k) · p(z(k)) · f (k),f (k+1) Gf (k) · p(f (k)) P ¯ X z(k) L(k) · p(z(k)) ¯ f (k) · p(f (k)) , = P G · ¯ z(k),z(k+1) L(k) · p(z(k)) f (k)
(C.36)
P ¯ where the last equation holds due to f (k+1) Gf (k) = 1 for all f (k) ∈ Nf and v(k) ∈ Nv . The first factor in eqn. (C.36) is the state observation (cf. eqn. (5.12)) and is, therefore, identical to Prob(z(k + 1) | V (0 . . . k), W (0 . . . k)). According to eqn. (C.35) p(f (k)) = Prob(f (k) | V (0 . . . k−1), W (0 . . . k−1)) = Prob(f (k) | V (0 . . . k−1)) holds. As in analogy to eqn. (2.28) X ¯ f (k) · Prob(f (k) | V (0 . . . k−1)) G Prob(f (k+1) | V (0 . . . k)) = f (k)
holds, eqn. (C.36) yields eqn. (C.35) for time k+1. It remains to be shown that from this follows that eqn. (5.38) holds. With eqn. (C.34) it follows from eqn. (5.32) that Prob(f (k) | V (0 . . . k), W (0 . . . k)) P P z(k) z(k+1),f (k+1) L(k) · p(z(k)) · p(f (k)) P = P z(k),f (k) z(k+1),f (k+1) L(k) · p(z(k)) · p(f (k)) holds. If the SP is stochastically undiagnosable it follows from that
P f (k+1)
¯ f (k) = 1 G
C. Proofs Prob(f (k) | V (0 . . . k), W (0 . . . k)) P P ¯ ¯ z(k+1),z(k) L(k) · p(z(k)) f (k+1) Gf (k) · p(f (k)) · P = P ¯ ¯ Gf (k) · p(f (k)) · L(k) · p(z(k)) f (k+1),f (k)
329 (C.37)
z(k+1),z(k)
= p(f (k)) = Prob(f (k) | V (0...k−1), W (0...k−1)) = Prob(f (k) | V (0...k−1)) holds, where the last equality follows from eqn. (C.35). As in analogy to eqn. (2.29) the current fault does not depend on the current input, i.e. Prob(f (k) | V (0 . . . k−1)) = Prob(f (k) | V (0 . . . k)) holds, eqn. (C.37) proves the lemma.
C.21
t u
Proof of Theorem 6.1.1
The following relations hold almost everywhere, i.e. they might be violated only on subsets of measure zero. Due to the property (3.61) of the densities pix (x) the relation supp(pix (x)) = Qx (i) holds. Accordingly, the left–hand side of relation (6.4) can be written due to eqn. (6.3) as [ supp(pd Qx (i) x,k (x, k | [U ], [Y ])) = ˆx i∈N
\p = i | [U (0 . . . k)], [Y (0 . . . k)]) > 0} . ˆx = {i | Prob([x(k)] with N Similarly, for the right–hand side of relation (6.4) the relation [ Qx (i) supp(px,k (x, k | [U ], [Y ])) = ˜x i∈N
˜x = {i | Prob([x(k)]p = i | [U (0 . . . k)], [Y (0 . . . k)]) > 0} . with N holds. Hence, relation (6.4) holds if Prob([x(k)]p = i | [U (0 . . . k)], [Y (0 . . . k)]) > 0 \p = i | [U (0 . . . k)], [Y (0 . . . k)]) > 0 ⇒ Prob([x(k)]
(C.38)
is satisfied for all states i ∈ Nx and all times k. To prove that relation (C.38) holds assume that instead the relation Prob([x(k)]p = i | [U (0 . . . k)], [Y (0 . . . k)]) > 0 \p = i | [U (0 . . . k)], [Y (0 . . . k)]) = 0 ⇒ Prob([x(k)]
(C.39)
were satisfied. This would violate at least one assumption of the theorem as shown now. First, note that for every measured I/O pair ([U (0 . . . k)], [Y (0 . . . k)]) = ([U ], [Y ]) the equality Prob([x(k)] | [U ], [Y ]) =
Prob([x(k)], [U ], [Y ]) Prob([x(k)], [Y ] | [U ]) = (C.40) Prob([U ], [Y ]) Prob([Y ] | [U ])
330
C. Proofs
holds, because every measured I/O pair is consistent with the system. The consistency of the measured sequences with the system implies due to the I/O–completeness of the model that the I/O pair is also consistent with the SA. Accordingly, eqn. (C.40) also holds with respect to the model. In summary this means that the implication \p = i | [U (0 . . . k)], [Y (0 . . . k)]) = 0 Prob([x(k)] \p = i, [Y (0 . . . k)] | [U (0 . . . k)]) = 0 ⇒ Prob([x(k)] holds due to the I/O–completeness of the SA for all i ∈ Nx and for all k. This \p = i | [U (0 . . . k)]) = 0 also holds what in turn means that implies that Prob([x(k)] b ] denotes the set of quantised b (k | QN px0 (x), [U (0 . . . k)])] holds, where [X i 6∈ [X states due to the SA. As the probability of quantised state i is nonzero due to the left–hand side of relation (C.39) this means due to Definition 3.5.3 that either the SA is not I/S–complete or that for the initial state x0 6∈ supp(IN QN px0 (x)) holds. Hence, relation eqn. (C.39) contradicts the assumptions of the theorem. This proofs relation (C.38) and, thus, the theorem. t u
C.22
Proof of Theorem 6.2.1
Relation (6.14) holds if the diagnosis yields a nonzero probability for all faults possibly occurring in the system at time k. It will be proved that the diagnosis yields a nonzero probability for any fault sequence [E(0 . . . k)] that is actually occurring in the system. This implies the proof of the theorem. First note that due to Theorem 5.2.1 and the formal equivalence of diagnosis and observation it is clear that the diagnosis yields a nonzero probability for a fault sequence if and only if the composed model (6.12) can possibly generate this fault sequence in combination with the measured quantised output sequence for the measured quantised input sequence and given initial state. Accordingly, it will be shown that the real fault sequence can possibly be generated under the assumption made in the theorem. Let the real fault sequence be [E(0 . . . k)] with [e(0)] = [e0 ]. For this fault sequence the model Sf (Ne , Gf ) yields a nonzero probability as the fault model is, by assumption, exact and correctly initialised. Hence, it only remains to be proved that for this sequence of faults the quantised output sequence [Y ] can occur with nonzero probability for the measured quantised input sequence [U ] and for the initial quantised state [x0 ]. As, by assumption, the diagnosis is initialised with a nonzero probability for all initial automaton states this means that it remains to be proved that the I/O pair ([U ], [Y ]) is consistent with the SA S(Nz , Nu , Ny , Ne , L) for the given fault sequence. For this SA the fault is merely an input. As all input sequences to the SA are admissible the diagnostic algorithm yields a nonzero probability if for the fault sequence [E] and the measured I/O pair ([U ], [Y ]) the SA satisfies the condition Prob([Y (0 . . . k)] | [U (0 . . . k)], [E(0 . . . k)]) > 0 .
(C.41)
C. Proofs
331
Denoting the set of all output sequences generated by the SA by b . . . k | [U (0 . . . k)], [E(0 . . . k)])] [Y(0 relation (C.41) is satisfied if b . . . k | [U (0 . . . k)], [E(0 . . . k)])] [Y (0 . . . k)] ∈ [Y(0 holds. According to Definition 3.5.2 this is satisfied as the SA is an I/O–complete model of the quantised system. t u
C.23
Proof of Lemma 7.2.1
˜ represents an SP if L ˜ satisfies conditions (2.3) and The resulting SA S(Nz , Nw , L) (2.4). As eqn. (7.4) means a selection of values of L it is clear that condition (2.3) P ˜ 0 , w | z) = 1 holds for all is always satisfied. It remains to be proved that z0 ,w L(z z ∈ Nz . From eqn. (7.4) and the condition (2.46) for no direct feedthrough follows X X X X ˜ 0 , w | z) = ¯ | z) = 1 ∀z ∈ Nz L(z 0 , w | z, w) = H(w | z, w) = L(z H(w z 0 ,w
z 0 ,w
w
w
proving the lemma.
C.24
t u
Proof of Theorem 7.4.1
It has to be proved that the probabilities of all state transitions and output symbols as given by the composed NSA coincide with those as given by the network of two NSA. This is proved by showing that the following equivalence holds for all ˆ i,j , v ˆi, v ˆj ) > 0 admissible inputs to the two NSA, i.e. for all inputs satisfying Prob( v ˆ i, w ˆ j, w ˆ i→j , s ˆi→j , w ˆ j→i ) | (z i , z j ), (ˆ ˆi, v ˆj , w ˆ j→i )) Prob((z i , z j )0 , (w v i,j , v ˆ i, w ˆ i→j , s ˆi→j ) | z i , (ˆ ˆi, w ˆ j→i )) v i,j , v = Prob(z 0i , (w ˆ j, w ˆ j→i ) | z j , (ˆ ˆj , w ˆ i→j , s ˆi→j )) . v i,j , v · Prob(z 0j , (w
(C.42)
ˆi→j is an internal signal not influencing any SSP other than the concerned SSPs As s i and j the composed NSA needs to yield only the boundary distribution of (C.42) with respect to the internal signal. This boundary distribution is the composition equation (7.24). Hence, proving eqn. (C.42) proves the theorem. To abbreviate the notation, the tuples are used in undivided form in the proof whenever possible. Then the distribution on the left–hand side of eqn. (C.42) reads Prob((z i , z j )0 , (wi , wj ) | (z i , z j ), v i,j ) which can be written due to Bayes formula as
332
C. Proofs
Prob((z i , z j )0 , (wi , wj ) | (z i , z j ), v i,j ) =
(C.43)
0
Prob((z i , z j ) , (wi , wj ), (z i , z j ), v i,j )
Prob((z i , z j ), v i,j )
(C.44)
Prob(z 0i , wi , (z i , z j ), v i,j ) Prob((z i , z j ), v i,j )
= Prob(z 0j , wj | z 0i , wi , (z i , z j ), v i,j )
·
= Prob(z 0j , wj | z 0i , wi , (z i , z j ), v i,j )
·Prob(z 0i , wi | (z i , z j ), v i,j ) ,
(C.45)
provided that the denominator in eqn. (C.44) is nonzero. The case of a vanishing denominator will be investigated below. The first factor of (C.45) can be written as Prob(z 0j , wj | z 0i , wi , (z i , z j ), v i,j ) ˆ j, w ˆ j→i ) | z 0i , (w ˆ i, w ˆ i→j , s ˆi→j ), (z i , z j ), (ˆ ˆi, v ˆj , w ˆ j→i )) v i,j , v = Prob(z 0j , (w ˆ j, w ˆ j→i ) | (w ˆ i→j , s ˆi→j ), (z j ), (ˆ ˆ j )) v i,j , v = Prob(z 0j , (w
(C.46)
ˆ j, w ˆ j→i ) | z j , (ˆ ˆj , w ˆ i→j , s ˆi→j )) , v i,j , v = Prob(z 0j , (w
(C.47)
because process j is a Markov process completely determined by the variables on the condition side of (C.46), i.e. the successor state and output of process j is ˆ i , zi , v ˆ i and w ˆ j→i given the variables on the conditionally independent of z 0i , w condition side. Similarly, the second factor of (C.45) can be written as Prob(z 0i , wi | (z i , z j ), v i,j ) ˆ i, w ˆ i→j , s ˆi→j ) | (z i , z j ), (ˆ ˆi, v ˆj , w ˆ j→i )) = Prob(z 0i , (w v i,j , v ˆ i, w ˆ i→j , s ˆi→j ) | z i , (ˆ ˆi, w ˆ j→i )) , v i,j , v = Prob(z 0i , (w
(C.48)
because the successor state and output of process i are conditionally independent ˆ j given its state and inputs. Inserting (C.47) and (C.48) in (C.45) yields of z j and v (C.42). It remains to be investigated what a vanishing denominator in eqn. (C.44) means. Therefore, the probability distribution of the denominator is decomposed according to ˆi, v ˆj , w ˆ j→i )) Prob((z i , z j ), v i,j ) = Prob((z i , z j ), (ˆ v i,j , v ˆi, v ˆ j )) · Prob((z i , z j ), (ˆ ˆi, v ˆ j )) . ˆ j→i | (z i , z j ), (ˆ v i,j , v v i,j , v = Prob(w
(C.49)
The second factor of eqn. (C.49) is always nonzero as all states are admissible (cf. Section 2.1) and, hence, the distribution is nonzero for all admissible inputs to the two NSA (cf. beginning of the proof). Hence, a vanishing denominator means that the first factor is zero. As process j has no direct feedthrough this distribution can be written as ˆi, v ˆ j )) ˆ j→i | (z i , z j ), (ˆ v i,j , v Prob(w ˆ i→j , s ˆi→j , v ˆ i,j , v ˆi, v ˆ j )) ˆ j→i | (z i , z j ), (w = Prob(w ˆ j→i | z j , (w ˆ i→j , s ˆi→j , v ˆ i,j , v ˆ j )) , = Prob(w where the last equality holds due to the same conditional independencies as used for (C.46). The distribution of the right–hand side is part of the output of the two NSA. Hence, whenever this probability is zero it means that the two NSA cannot
C. Proofs
333
ˆ j→i . Accordingly, the composed NSA must also yield produce a specific output w a probability of zero for these specific outputs. This is satisfied, because due to eqns. (2.3) and (2.6) the relation ˆ j→i | z j , (w ˆ i→j , s ˆi→j , v ˆ i,j , v ˆ j )) = 0 Prob(w ˆ j→i | z j , (w ˆ i→j , s ˆi→j , v ˆ i,j , v ˆ j )) = 0 ⇒ Prob(z 0j , w holds for all (z j )0 ∈ N (Ajz ) and, hence, the second factor on the right–hand side of eqn. (C.42) yields the corresponding vanishing entries in the composition. u t
C.25
Proof of Lemma 7.4.1
From eqn. (7.24) it follows that X X i,j 0 L (z i,j , wi,j | z i,j , v i,j ) H i,j (wi,j | z i,j , v i,j ) = =
X ˆi→j s
(z i )0 (z j )0
X
H i (wi | z i , v i ) · H j (wj | z j , v j ) =
H i (wi | z i ) · H j (wj | z j )
(C.50)
ˆi→j s
holds, where the last step is possible because neither NSA S i nor NSA S j has a stochastic direct feedthrough. As the product on the right–hand side of eqn. (C.50) does not depend on any signal of v i,j the output relation can be represented by a ¯ i,j (wi,j | z i,j ), i.e. the NSA S i,j has no stochastic direct feedthrough. u function H t
C.26
Proof of Theorem 7.4.2
According to Lemma 7.2.1 the feedback–loop is well defined as the NSA representing SSP i has, by assumption, no stochastic direct feedthrough. Hence, in direct analogy ¯i) to Lemma 7.2.1 SSP i is represented by the NSA S¯i (N (Aiz ), N (Aˆiv ), N (Aiw ), L with the behavioural relation ¯ i (z 0i , (w ˆ i, w ¯ i ) | z i , (ˆ ¯ i )) , ˆ i, w ¯ i ) | zi , v ˆ i ) = Li (z 0i , (w L vi , w
(C.51)
¯ i = (w ˆ i→i , s ˆi→i ). ¯ i denotes internal as well as external self–loop signals w where w ˆi→i do not appear in any other SSP they can be eliminated. That As the signals s is, with respect to the network the SSP can be replaced by an SSP corresponding ˆi→i . This boundary to the boundary distribution of eqn. (C.51) with respect to s ˜ i , i.e. eqn. (C.51) becomes eqn. (7.26). u t distribution is the behavioural relation L
334
C. Proofs
C.27
Proof of Lemma 7.4.2
It has to be proved that the equivalence relation ˜ i,j (Ai,j ) ˆ j, w ˆ i→j , w ˆ j→i ) ∈ R ˆ i,j , v ˆi, v ˆj w ˆ i, w (z 0i , z 0j , z i , z j , v X X i 0 ˆ i, w ˆ i→j , s ˆi→j ) | z i , (ˆ ˆi, w ˆ j→i , s ˆj→i )) ⇐⇒ L (z i , (w v i,j , v ˆi→j s ˆj→i s
(C.52)
ˆ j, w ˆ j→i , w ˆ j→i ) | z j , (ˆ ˆj , w ˆ i→j , s ˆi→j )) > 0 v i,j , v · Lj (z 0j , (w
holds for all tuples of the set N (Ai,j ), where the left–hand side of relation (C.52) is obtained from the natural join (7.33) of the relations Ri and Rj and the right–hand side is the self–loop–free composition followed by a self–loop elimination operation of stochastic automata (cf. eqns. (7.24) and (7.26)). According to eqn. (7.33) and the definition of the projection by eqn. (7.31), the ˜ i,j (Ai,j ) if and only if tuple on the left–hand side of relation (C.52) is element of R there exists at least one tuple for which ˆ i,j , v ˆi, v ˆj , w ˆ i, w ˆ j, w ˆ i→j , w ˆ j→i , s ˆi→j , s ˆj→i ) ∈ Ri (Ai ) ÿú Rj (Aj ) (z 0i , z 0j , z i , z j , v holds. Such a tuple exists if and only if two tuples equivalent on their shared attributes exist for which ˆ i,j , v ˆi, w ˆ i, w ˆ i→j , w ˆ j→i , s ˆi→j , s ˆj→i ) ∈ Ri (Ai ) (z 0i , z i , v ˆ i,j , v ˆj , w ˆ j, w ˆ i→j , w ˆ j→i , s ˆi→j , s ˆj→i ) ∈ Rj (Aj ) and (z 0j , z j , v hold. If and only if such tuples exist it follows for these tuples that ˆ i, w ˆ i→j , s ˆi→j ) | z i , (ˆ ˆi, w ˆ j→i , s ˆj→i )) > 0 v i,j , v Li (z 0i , (w ˆ j, w ˆ j→i , w ˆ j→i ) | z j , (ˆ ˆj , w ˆ i→j , s ˆi→j )) > 0 and Lj (z 0j , (w v i,j , v hold. The existence of such tuples for which these conditions hold is, thus, equivalent to a nonzero sum on the right–hand side of relation (C.52). This shows the equivalence of the conditions on the left– and right–hand side of relation (C.52). u t
C.28
Proof of Lemma 8.2.1
The output relation H i (wi | z i , v i ) of the qualitative model is given by H i (wi |z i , v i ) =
µxi ui (Qxi ui (z i , v i ) ∩ (hi )−1 (Qyi (wi ))) , µxi ui (Qxi ui (z i , v i ))
with the set (hi )−1 (Qyi (wi )) according to xi . | hi (xi , ui ) ∈ Qyi (wi ) (hi )−1 (Qyi (wi )) = ui
(C.53)
(C.54)
If the embedded continuous–variable system has no direct feedthrough the output ¯ i (xi ). Hence, the set (C.54) expands over function can be written as hi (xi , ui ) = h the same states for all inputs in the state space and can, therefore, be written as
C. Proofs ¯ i (xi ) ∈ Qy (wi )} × R(Aiu ) (hi )−1 (Qyi (wi )) = {xi | h i i ¯ i )−1 =: (h i (Qy (w i )) × R(Au ) . x
335
(C.55)
i
Inserting the set (C.55) into (C.53) yields H i (wi |z i , v i ) = =
¯ i )−1 µxi ui ((Qxi (z i ) × Qui (v i )) ∩ ((h (Qyi (wi )) × R(Aiu ))) xi µxi ui ((Qxi (z i ) × Qui (v i ))) i ¯ i )−1 µx (Qx (z i ) ∩ (h i (Qy (w i ))) · µu (R(Au ) ∩ Qu (v i )) i
i
x
i
i
i
µxi (Qxi (z i )) · µui (Qui (v i )) ¯ i )−1 (Qyi (wi ))) µxi (Qxi (z i ) ∩ (h xi = µxi (Qxi (z i )) ¯ i (wi |z i ) . =H
C.29
Proof of Theorem 8.2.1
It will be proved that the network of qualitative models is complete with respect to a single qualitative model of the decomposed quantised system (cf. Figure 8.4). As the single qualitative model is according to Theorem 3.5.1 an I/S–complete and I/O–complete model of the decomposed quantised system this will prove the theorem. The behavioural relations of the two qualitative models are given by Li ([xi ]0 , ([y i ], [y i→i ], [y i→j ]) | [xi ], ([ui ], [ui,j ], [y i→i ])) and Lj ([xj ]0 , ([y j ], [y j→j ], [y j→i ]) | [xj ], ([uj ], [ui,j ], [y j→j ])) . According to Theorems 7.4.1 and 7.4.2 the network of these two qualitative models is equivalently represented by an NSA with the behavioural relation Li,j (([xi ],[xj ])0 , ([y i ],[y j ],[y i→i ],[y j→j ],[y i→j ],[y j→i ]) | ([xi ],[xj ]), ([ui ],[uj ],[ui,j ])) = Li ([xi ]0 , ([y i ], [y i→i ], [y i→j ]) | [xi ], ([ui ], [ui,j ], [y i→i ])) ·Lj ([xj ]0 , ([y j ], [y j→j ], [y j→i ]) | [xj ], ([uj ], [ui,j ], [y j→j ])) .
(C.56)
This composed NSA is now compared to the single qualitative model obtained from the decomposed quantised system with the state space quantisation obtained from combining the quantisations of xi and xj in analogy to eqn. (8.5). The behavioural relation of this qualitative model is denoted by ˆ i,j (([xi ],[xj ])0, ([y ],[y ],[y L i j i→i ],[y j→j ],[y i→j ],[y j→i ]) | ([xi ],[xj ]), ([ui ],[uj ],[ui,j ])) (C.57) According to eqn. (C.56) the composed NSA yields a probability of zero for a transition if at least one of the corresponding factors Li or Lj is zero. Hence, the composed NSA is complete with respect to the qualitative model (C.57) if the behavioural relation (C.57) is zero whenever Li or Lj is zero. This is always the case as proved now.
336
C. Proofs
If Li ([xi ]0 , ([y i ], [y i→i ], [y i→j ]) | [xi ], ([ui ], [ui,j ], [y i→i ])) = 0 holds this means that there does not exist any combination of numerical vectors xi ∈ Qx ([xi ]), ui ∈ Qx ([ui ]), ui,j ∈ Qx ([ui,j ]), y i→i ∈ Qx ([y i→i ])
(C.58)
such that all relations g i (xi , ui , ui,j , y i→i ) ∈ Qx ([xi ]0 ) hyi (xi , ui , ui,j , y i→i ) ∈ Qyi ([y i ]) (C.59) hyi→i (xi , ui , ui,j ) ∈ Qyi→i ([y i→i ])hyi→j (xi , ui , ui,j , y i→i ) ∈ Qyi→j ([y i→i ]) are satisfied, where hyi , hyi→i and hyi→j denote the parts of the output function hi that yield the output referred to by the subscript. Note that hyi→i does not depend on y i→i as the subsystems have no direct feedthrough. That no such numerical vectors (C.58) exist means that the behavioural relation (C.57) is also zero, because ˆ i,j is only nonzero if in addition to the numerical vectors (C.58) further vectors, L namely xj , uj , y j→j exist that satisfy relations (C.59) plus additional conditions. ˆ i,j = 0. The same arguments also apply if Lj = 0 holds. t u Hence, Li = 0 implies L
D. Parameters of the Titration and Neutralisation Plant
Geometrical constants Tank B1 : Tanks B2 , B4 and B5 : Tank B3 :
Cylindrical, height 0.45 m, diameter 0.313 m Spherical, radius 0.16 m Spherical, radius 0.16 m
Height between inlet B1 to outlet B5 : Height between inlet B3 to outlet B1 :
h15 = 0.107 m h31 = 0.140 m
Pump and valve characteristics The nonlinear valve and pump characteristics are linearly interpolated with the sampling points given below. V1 , V2 , P2 , P3 CV 1 (V1 ), m5/2 /s CV 2 (V2 ), m5/2 /s CP 2 (P2 ), ml/s CP 3 (P3 ), ml/s Pump P1
0 0.2 0.4 0.6 0.8 1.0 0 0 2.510·10−6 8.825·10−6 2.352·10−5 6.537·10−5 0 0 3.573·10−5 9.503·10−5 2.255·10−4 2.194·10−4 0 16.82 34.57 52.31 74.0 83.51 0 16.82 34.57 52.31 74.0 83.51 kP 1 · P1 with kP 1 = 15 ml/s
Thermic and chemical constants Heating power per element: Cooling constant: Heat transfer coefficient B1 : Coolant temperature: Ambient temperature: Specific heat capacity of water: Density of water:
Pel = 3 kW ccool = 0.246 kW/K Kagl = 1.17 · 10−6 kW/(m · K) ϑcool = 15◦ C ϑamb = 20◦ C cp = 4.194 kJ/(kg · K) ρ = 1001 kg/m3
The temperature dependent ion product of water is linearly interpolated with the sampling points given below. ϑ in ◦ C KW (ϑ) in (mol/l)2 /10−14
0 0.13
25 1.0
50 5.95
75 40.0
100 74.0
J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, p. 337, 2003. Springer-Verlag Berlin Heidelberg 2003
E. Nomenclature
Abbreviations A/D D/A DOS DSP GOS PC SA NSA SP SSP TINA
analog to digital digital to analog dedicated observer scheme digital signal processor generalised observer scheme personal computer stochastic automaton stochastic automaton of a network stochastic process (represented by a stochastic automaton) stochastic sub–process of a network titration and neutralisation plant
General conventions Meaning scalars scalar functions vectors, tuples vector valued functions sequences of scalars automata functions sequences of vectors matrices sets of scalars sets of scalar sequences sets of vectors sets of vector sequences physical units placeholder for z, v or w autonomous case inverse random variables
Convention lower–case, italic lower–case, italic lower–case, bold–font, italic lower–case, bold–font, italic upper–case, italic upper–case, italic upper–case, bold–font, italic upper–case, bold–font, italic upper–case, calligraphic upper–case, calligraphic upper–case, bold–font, calligraphic upper–case, bold–font, calligraphic roman subscript • subscript a superscript −1 subscript p
Examples i, η h, µ u, ρ g V, X L, H Y, W A, Ga N, A Z Y X m, N dom• G a , ga g −1 zp , Wp , [x]p
J. Schröder: Modelling, State Observation and Diagnosis of Quantised Systems, LNCIS 282, pp. 339-342, 2003. Springer-Verlag Berlin Heidelberg 2003
340
E. Nomenclature
Meaning quantisation stationary, mean value condition
Convention brackets [·] horizontal bar¯ vertical bar |
Examples [x], [U ] ¯ ¯z , L p Prob(a | b), {x | x > 2}
Symbols Symbol A Az , Av , Aw B B D D dom e [E] f, f0 F z g ˆ g G h haux H i, j, l IN I I k L Ln L1 m M M v , Mw Mzf , Mvf Mobs M, Mfin n N N Nf Nz , Nv , Nw IN px0 pz
Description system matrix of linear systems set of state, input or output attributes input matrix of linear systems Borel σ–algebra denominator within the state observation algorithm space of all probability density functions map assigning domains to attributes numerical fault vector set of quantised fault symbols automaton fault, successor fault set of automaton fault symbols or fault sequences Foias operator state transition function of discrete–time systems state transition function of continuous–time systems state transition relation of stochastic automata output function of continuous–variable systems function of the observation and diagnostic algorithms output relation of stochastic automata counters, positive integer variables density injector identity matrix stochastic operator discrete time variable behavioural relation of stochastic automata behavioural relation of nondeterministic automata space of all L1 functions dimension of the input space number of qualitative inputs bijective mappings, numbering of vectors bijective mappings, numbering of pairs bijektive mappings for state observation set of all (finite) measures dimension of the state space number of qualitative states nondeterministic automaton set of automaton faults sets of automaton states, inputs or outputs set of natural numbers including zero initial state probability density function discrete probability distribution as column vector
Page 56 205 56 57 159 73 205 51 187 24 147 87 38 55 15 38 133 15 20 73 56 33 17 13 25 90 38 46 159 24 133 82 38 46 25 24 13 17 50 27
E. Nomenclature Symbol P Prob pix , piu , pie pint , pres px,k QN Qu , Qx Qx Qe QS r ri r0 , r 0 r R IR R R s si S S SN supp TL Ts u ui U [U ] v vi vi vobs V V w wi wi W W WN x xi X y yi Y Y wi z, z 0 zi
Description Frobenius–Perron operator discrete probability distribution a–priori density functions in partition i functions of the observation and diagnostic algorithms state probability density function at time k density quantiser set of the input or output space partition set of the state space partition set of the fault space partition quantised system dimension of the output space internal numerical coupling signal of a network radius (vector) of hyperbox–mapping numerical immeasurable coupling signal number of qualitative outputs set of real numbers subset of the set of real numbers relation on a set of attributes dimension of the fault space internal coupling signal in automata networks number of qualitative faults stochastic automaton network of stochastic automata support of a function set of transitions of a stochastic automaton sampling time numerical input vector external numerical input signal of a network sequence of input vectors sequence of quantised input symbols automaton input external input signal in automata networks input tuple of NSA i input for the stochastic operator of the observer sequence of automaton inputs set of automaton input tuples or sequences of tuples automaton output external output signal in automata networks output tuple of NSA i sequence of automaton outputs set of automaton output symbols or output sequences space of all N–dimensional discrete probability vectors numerical state vector i–th numerical state vector of a network set of state vectors or state sequences numerical output vector external numerical output signal of a network sequence of output vectors set of output vectors or output sequences external output signal in automata networks automaton state, successor state state of the i–th SP in a network
341
Page 64 17 48 133 169 73 39 42 51 49 38 233 99 234 13 46 47 225 51 208 24 13 209 66 78 56 38 233 59 50 13 208 209 133 20 223 13 208 209 22 79 73 38 233 59 38 233 59 50 208 13 208
342
E. Nomenclature
Symbol zi Z Z Z γη δ iN δx ∆N ζ ηz0 , ηw λn Λ µ, ν µF µn πA ρ σv,w τ ψ Ψ ÿú
Description state tuple of NSA i sequence of automaton states set of automaton state symbols or state sequences set of automaton state tuples or sequences of tuples counting measure i-th unit vector of length N Dirac measure with respect to x Set of all quantised L1 functions general numerical signal nondeterminism parameters Lebesgue measure in IRn number of elements of a set of points measures fuzzy membership function measure in IRn Projection of a relation w.r.t. the set of attributes A vector of uncertainties selection of tuples of a relation mapping of a stochastic operator Lipschitz constant nonnegativ Lipschitz matrix natural join operator
Page 209 20 76 223 57 106 84 90 47 46 43 98 82 54 68 225 102 228 33 98 101 225
Index
σ–algebra, 307 Lρ space, 309 A–priori knowledge, 131 Absorbing automaton state, 27, 106, 108, 109, 111–113 Abstraction, 4, 43, 68, 95, 101, 237, 238, 287 – discrete–event, 287 Accuracy, 95, 266 – of a qualitative model, 105 Actuator fault, 192 Additive noise, 103 Admissible input, 14, 124 Algebraic loop, 202, 242 Almost everywhere equal, 308 Asymptotically stable – fixed point, 108 – system, 106 Attraction area, 108 Attribute, 204, 208, 238, 239 Automata network, 8, 200, 201, 215, 222, 229 Automaton graph, 14, 106, 143, 212, 223, 231 Bayes formula, 163, 312 Behaviour – causal, 49 – of automata networks, 216 – of quantised systems, 175, 237 – stationary, 105, 265 Behavioural approach, 58 Behavioural function, 208 Behavioural relation, 13, 18, 42, 67, 78, 95, 97, 98, 101, 103, 125, 133, 147, 149, 151, 161, 165, 185, 188, 201, 202, 206, 208, 215, 222, 230, 243, 267, 270 – with fault, 24 Borel – σ–algebra, 90, 307 – measurable set, 87
– measure, 83, 88, 90, 307 – measure space, 307 Boundary distribution, 15, 179, 311 Cartesian product, 225, 308 – of domains, 205, 209, 239 Causal behaviour, 60 – of quantised systems, 49 Causal relation, 37 Centre of gravity, 54 Chapman–Kolmogorov equation, 26 Chronicles, 55 Closed set of states, 27, 139, 152 Closed world assumption, 187 Common rail system, 287 Completeness, 4, 42, 43, 75, 77, 79, 80, 97, 98, 101, 172, 173, 186, 241, 243, 245, 267, 269 – of the diagnostic result, 186 – of the fault model, 183 – sufficient condition for c., 78 Complexity, 45, 46, 200, 201, 233, 243, 262, 266, 280 Component model, 226 Component–oriented modelling, 46, 200 Composition – of automata, 188, 200 – optimal order, 221 – partial, 201, 223, 231, 245, 248, 280 Composition algorithm, 220, 222, 229, 231 Composition operation – self–loop elimination, 219, 220 – self–loop–free, 216, 218 Computation, 96 Conditional independence, 17, 20, 126, 312 Confluences, 54 Consistent I/O pair, 125, 148, 158, 159 Continuous–time system, 235 Continuous–variable system, 1, 37, 46, 51, 55, 102, 103
344
Index
Convergence of the model, 42, 43, 79, 91, 241 Convex combination, 30, 108 Coupling output, 208 Coupling signal, 201 Database theory, 221 Decentralised supervision, 234, 275 Decomposable matrix, 29 Decomposed quantised system, 236, 278 Dedicated observer scheme, 162, 193 Defuzzification, 54 Density function, 47, 63, 69, 72, 102, 238, 310 – invariant, 105 – space of, 309 – stationary, 105 Density injector, 73, 74, 171, 184 Density operator, 83 Density quantiser, 73, 74, 85, 90, 105, 117, 171, 184 Deterministic automaton, 25, 130 Diagnosability, 150, 190 – of the quantised system, 187 Diagnostic algorithm, 148, 188, 232, 248 Diagnostic problem, 146, 148, 181, 273, 274 – of the quantised fault, 184 Diffeomorphism, 63, 85 Dirac measure, 83, 307 Direct feedthrough, 242 Discrete stochastics, 310 Discrete–time system, 235 Distinguishing input, 144 Domain, 204 Episode, 55 Expert knowledge, 104 Fault, 23, 51, 146 – detection, 154, 187 – diagnosis, 2, 23, 51, 146, 154, 200, 210, 229, 231, 233, 245, 286–289 – – in the entire past, 157 – dynamics, 23, 182 – identification, 154, 187 – isolation, 187 – model, 278 – process, 182, 247, 248 – quantised, 81 – space, 57 Fault injector, 52, 58, 184
Fault transition relation, 183 Fault–tolerant control, 289 Faultless operation, 187 Feedback, 126 – law, 203 – loop, 202, 241 Fixed point, 105, 107 Foias operator, 74, 82, 88, 89, 91 – on measures, 87, 89 Frobenius–Perron operator, 63, 72, 74, 82, 83, 88, 90 – on Dirac measures, 83 – on measures, 82, 83, 85 – on the L1 space, 83 – quantised, 90 – Ulam’s approximation, 90 Fubini’s theorem, 309 Fuzzification, 54 Fuzzy – logic, 294 – sets, 54 Generalised observer scheme, 160, 193 Greedy–heuristics, 221 Hybrid automata, 93 Hybrid control, 291 Hybrid signal space, 176 Hybrid system, 2, 5, 12, 91, 288, 290 Hydrogen compressor, 286 Hyperbox–mapping, 98, 101, 104, 269, 272 I/O pair, 124, 126, 129, 130, 133, 146, 172 I/O–completeness, 77–79, 104, 172, 186, 244 I/S–completeness, 77, 78, 172, 186, 244 Identification – of qualitative models, 104, 286 Inconsistent I/O pair, 163, 173, 245 Independence – conditional, 17, 20, 126, 312 – of current input and state, 126 – stochastic, 15, 32, 214, 312 Indicator function, 62, 308 Information reduction, 5 Initial fault distribution, 152 Initial state and fault distribution, 146, 149, 152, 158, 248 Initial state density, 169, 175 Initial state distribution, 124, 127, 129, 133, 164, 172, 173, 245
Index Injector, 37, 38, 47, 51, 52, 56, 103, 237, 239, 248 – extended, 57, 71 Input – external, 201, 208 Input alphabet, 13 Input signal supervision, 162 Input space – extended, 81 Invariant manifold, 109, 265 Irreducible set of states, 27, 108, 112 Kalman filter, 4 Law of large numbers, 98 Lebesgue – integrable, 308 – integral, 308 – measure, 43, 47, 70, 72, 307 Limiting distribution, 108, 114 Linear system, 174 Lipschitz – condition, 98 – matrix, 101, 269 Ljapunov function, 106 Logic formulae, 104 Luenberger observer, 169 Manufacturing cell, 288 Markov – partition, 120 – process, 74, 170, 181, 246 – property, 17, 20, 73, 115, 147, 171, 183 Markov chain, 17, 26, 115, 123 – controlled, 18 – hidden, 19 – homogenous, 18 Mealy–automaton, 26, 137 Measurable – function, 308 – set, 68, 307 Measure, 68, 70, 307 – absolutely continuous, 309 – Borel, 83, 88, 90, 307 – counting, 57, 98, 308 – Dirac, 83, 307 – finite, 82, 307 – Lebesgue, 43, 47, 70, 72, 307 – locally finite, 82 – probabilistic, 307, 310 – product, 308 Measure conservation principle, 82 Measure quantiser, 84, 85, 89
345
Measure space, 307 – product, 308 Measure theory, 62, 68, 82, 307 Membership, 54 Memoryless system, 39 Modelling aims, 41, 43, 67, 75, 79, 82, 91, 241 Monte–Carlo method, 121 Natural join, 225 – of relations, 221 Natural partition, 116, 266 Network – of qualitative models, 233, 241, 244, 278 – of stochastic automata, 8, 200, 201, 215, 222, 229 – of stochastic processes, 200 – simulation, 214 – topology, 202, 210, 239, 243 Network stochastic automaton, 209 Non–distinguishing input, 144 Non–fault–distinguishing input, 153 Nondeterminism, 41 – of quantised systems, 49 Nondeterminism parameters, 46, 243 Nondeterministic automaton, 25, 130, 136, 155, 226, 294 Nondeterministic behaviour, 41 Observability, 124, 136, 177 – of quantised systems, 173, 176 – of stochastic automata, 136 Observation, 2, 137, 143, 178 – of state sequences, 126 – of the current state, 127, 129 – of the initial state, 127 – of unknown inputs, 165 Observation algorithm, 133, 144, 173, 230, 244, 271 Observation problem, 123, 125 – current state, 124, 169, 172 – initial state, 123, 170 Output – coupling, 208 – external, 201, 208 Output alphabet, 13 Output relation, 15, 80, 202 Parameter uncertainties, 102 Partial composition, 201, 223, 231, 245, 248, 280
346
Index
Partition, 42, 47 – deterministic, 115, 118 – Markov, 115, 120 – natural, 116, 121 – non–orthogonal, 107 – of the signal space, 38, 238, 264 – of the state space, 44, 90, 96, 106, 108, 109, 111, 112, 120, 172, 174 – orthogonal, 47, 57, 98 Petri nets, 104 Piecewise affine system, 85 Plant fault, 192 Point–mapping, 97, 101, 121, 267, 270 Probability density, 47, 102 – discrete, 311 Probability distribution, 17, 311 – boundary, 311 – conditional, 312 – joint, 311 – limiting, 28 – stationary, 28, 29, 105, 108, 112 Probability space, 310 – discrete, 310 Probability theory, 294 Process supervision, 98 Product measure space, 308 Projection, 225 Qualitative – input, 42, 68 – knowledge, 286 – measurements, 5 – output, 42, 68 – simulation, 55, 80 – state, 42, 68 Qualitative fault model, 183 Qualitative model, 42, 43, 45, 46, 68, 73, 75, 77, 80, 82, 90, 91, 95, 96, 103, 108, 109, 111, 112, 170, 172, 173, 175, 178, 184, 185, 233, 237, 240, 241, 245, 264 – accuracy, 79, 244 – complexity, 45 – of complex systems, 200 Qualitative physics, 54 QuaMo–Toolbox, 267, 269, 292, 313 Quantisation – Fuzzy, 54 – of a density, 73 – of a measure, 84 – of a signal, 4, 46 Quantised fault process, 185 Quantised subsystem, 240, 245
Quantised system, 1, 4, 42, 49, 56, 59, 64, 68, 73–75, 77, 78, 88, 96, 102, 108, 109, 111, 112, 169, 173, 181, 192, 233, 263 – augmented by faults, 81 – autonomous, 85, 91, 120 – causal, 37 – causal behaviour, 60 – decomposed, 233, 244 – defintion of the, 49 – for fault diagnosis, 51, 184 – inital condition, 50 – modelling problem, 41 – representation problem, 50, 82, 170 – sampled, 56, 119 Quantiser, 1, 2, 37, 38, 47, 56, 57, 237, 239, 248 – extended, 57 Query optimisation, 221 Radon–Nikodym – theorem of, 83, 309 Random variable, 17, 64, 146, 310 – continuous, 310 – discrete, 310 Random vector – discrete, 311 Realisation – of a stochastic process, 17, 19, 210 Reconfiguration, 2, 194, 196 Recurrent automaton state, 27 Reduction of information, 5 Regular stochastic dynamical system, 87 Relation, 208, 225 – Cartesian product of, 225 – natural join, 225 – projection of a, 225 Relational algebra, 205 Representation problem, 50, 59, 75, 82 – stochastic, 50, 62, 79, 85 Riemann integral, 309 SA–operator, 34, 58, 133, 135 – finite, 34 Sample and hold, 12, 275 Sampling, 5, 55, 235 – event–based, 56, 174 Sampling time, 12, 235, 264 Selection, 228 Self–feedback loop, 216 Sensor fault, 192 Set representation problem, 50, 59, 75 Ship propulsion system, 289
Index Signal flow graph, 225 Simple function, 90, 308 Simplicity, 42, 43, 241 Simulation, 21, 117, 137, 143, 173, 175, 178 – of automata networks, 214, 222 – of the fault, 152 Space of probability vectors, 73 Spurious solutions, 55, 81, 93, 118, 121 State machine, 13 State observation, 2, 123, 133, 169, 200, 210, 229, 233, 244, 262 State space model, 11, 37, 46, 55 – discrete–time, 12 State transition relation, 15, 44, 80, 137, 139, 222 States – absorbing, 27, 106, 108, 109, 111–113 – aperiodic, 27 – closed set of, 27, 139, 152 – irreducible set of, 27–29, 108, 112 – periodic, 27 – reachable, 27 – recurrent, 27 – reducible set of, 30 – transient, 27 Stationary behaviour, 105, 265 Stationary distribution, 28, 29, 105, 108, 112 – elementary, 108 – of the output, 33 – quantised, 106 Stochastic – detectability, 154 – diagnosability, 153 – identifiability, 154 – observability, 140, 178 – – uniform, 144 – – weak, 141, 178 – undiagnosability, 151, 187 – – strong, 152 – – within a set, 152 – unobservability, 137, 151, 174, 178 – – local, 138 – – of the quantised system, 175 – – strong, 139, 178 – – within a set, 138 Stochastic automata network, 8, 200, 201, 215, 222, 229 Stochastic automaton, 4, 13, 18, 41, 42, 58, 67, 68, 73, 75, 78, 104, 105, 108, 123, 133, 136, 146, 147, 150, 186, 200, 204, 229, 267, 269
347
– autonomous, 16, 28, 30, 44, 183 – composed, 200 – initialised, 19 – multi–input, multi–output, 201, 204 – on attributes, 206, 238, 240, 246 – semi–deterministic, 25, 145 – simulation of a, 21, 22 – stationary distribution, 28, 30 – with fault, 23, 24 Stochastic direct feedthrough, 26, 126, 203, 204, 207, 211, 219, 228, 242 – partial, 207 Stochastic independence, 15, 32, 214, 312 Stochastic matrix, 16, 29 Stochastic Mealy–automaton, 26 Stochastic operator, 33, 34, 58, 133, 135 Stochastic process, 16, 17, 49, 64, 66, 123, 133, 147, 150, 183, 200 – homogeneous, 183 Stochastic representation problem, 50, 62, 79, 85 Stochastic sub–process, 208 Stochastic unobservability, 136 Subdivision, 101 Supervision, 1, 4, 43, 58, 98, 105 – decentralised, 234 Supervision task, 2, 41, 67, 75, 200, 234, 241, 262 Supervisor, 1, 37 Supervisory control, 2 Support – of a density, 66, 169 – of a fuzzy set, 54 Taylor–Lie series, 56 Titration and neutralisation plant, 8, 253, 262, 272, 289, 291 Transformation – Borel measurable, 83 – measurable, 309 – non–singular, 68, 83, 85, 115, 309 Transition matrix, 16, 29 – decomposed, 29 – nondecomposable, 29 Transition probability, 17 – k–step, 26 Transition relation, 15, 44, 80, 137, 139, 222 – of the fault, 183 Tuple, 205 Two–tank system, 10, 38, 39, 44, 47, 52, 57, 61, 64, 80, 86, 107, 109, 111, 113, 116, 118, 157, 176, 189, 194, 247
348
Index
Ulam’s approximation, 72 Uncertainties, 5, 102 – in the symbolical measurements, 164 Uniform distribution, 72, 132
Unknown input observer, 165 Volterra series, 56