DEVELOPMENT OF CONCURRENT STRUCTURAL DECENTRALISED DISCRETE EVENT SYSTEM USING BISIMULATION CONCEPT

. This paper presents a concurrent structural decentralised control in the framework of supervisory control theory using bisimulation concept. It is a way to weaken the shared-event-marking condition of structural decentralised control developed by Lee and Wong [7]. The suﬃcient conditions to guarantee the global optimality achieved by the concurrent actions of simpler decentralised control have been presented. The developed condition becomes speciﬁcation dependent, however, the other structural condition, the mutual controllability condition, is still applied on the structure of the system. Hence the computational savings are still achievable. An example is provided to illustrate the result.

1. Introduction. Discrete-event system is characterised by discrete and qualitative changes of state values with abrupt occurrences of events over time rather than by ticks of a clock. Since their nature is quite different from conventional time-driven systems, a formal method to analyse and design such systems is necessary. One of such methods is called Supervisory Control Theory (SCT) proposed by Ramadge and Wonham [10] and Wonham [15]. For the last three decades, many follow-up researches within this framework have been conducted. However the applications of SCT into real, practical industrial applications are much smaller than the academic research. One of the major obstacles of such reality is in its computational complexity. Even though the computational complexity to synthesise supervisors in SCT is only polynomial in terms of state sizes of the generators representing the plant behaviours and specifications, the effort to compute a supervisor increases exponentially with the number of components [3]. To overcome this problem, within this framework, modular or decentralised control [2,5,8,11,17] and hierarchical control [4,12,16] have been proposed and studied. However the computational complexity still remains as a critical issue since the whole plants need to be checked for the eligibility conditions of the scheme for every single specification given. A structural decentralised approach in SCT [7] has proposed to overcome some of this issue. The conditions developed in their research are applied to the structure of the system, i.e., the conditions to guarantee the concurrent operations of the decentralised plants to be the same optimal as the centralised control operation are validated in the structure of the system. Hence once the structural decentralised control is established, the future minor changes of specifications (like change of sequences of the operations) can be made directly without any computationally expensive validation process. This obviously brings a great amount of computational 306 SANG-HEON LEE savings in the long term operations. Basically, it coincides with our intuitive thinking, i.e., if the structure of the system is properly arranged with more flexibility, then subsequent operations would be much easier. Two sufficient conditions on the structure of the system are developed: all shared events concurrently operated in more than two local plants should be marked (called the shared-event-marking condition) and each decentralised plant should be able to track down the occurrences of any uncontrollable shared events happening in other plants (called the mutual controllability condition). These two conditions are intuitively correct since the first condition implicates that each decentralised plant should be ready before any cooperation with other decentralised plants, and the second condition indicates that any unavoidable events like machine breakdown or electricity black-out happened in other decentralised plants should be possible to be monitored from other plants so that the corresponding action in each decentralised plant can be taken. It has been shown in a more detailed analysis that by achieving these two structural conditions, there is generally an exponential saving of the computational efforts involved [7].
However from the further investigations, it has found that the shared-eventmarking condition is too strong, i.e., some states are needed to be marked unnecessarily. As one of natural ways to extend the research, we are seeking to find a way to weaken this condition. It is interesting to note that the finite state machine represented by automata in SCT contains the sequential information as a language and the branching structure of allowable events. Fundamentally, due to the detailed level of information provided by the framework of SCT, it is possible to allow SCT problems to be generalised to several possible process-theoretical semantics. One of potential semantics that can be and has been used in DES is the bisimulation semantic. This motivates us to explore the concept of bisimulation to weaken the shared-event-marking condition. In fact, bisimulation has originally developed to deal with the behavioural equivalency within state transition systems [9] and been used successfully in many applications including discrete-event systems. The research conducted in [1] discussed the relationship between bisimulation and controllability of SCT and showed that bisimulation concept can be used to solve basic SCT problems especially in input/output finite state machine model matching. Zhou and others [18] proposed a necessary and sufficient condition for the existence of a bisimilar supervisor in the SCT framework and the further investigation [19] has developed a way to construct a deterministic bisimilar supervisor in this framework. In the research of Sun etc. [13], a new framework to address the decentralised bisimilarity SCT has developed and a synthesis method to establish decentralised bisimilarity supervisors is introduced.
With the similar point of view, this paper adopts the concept of bisimulation to solve decentralised DES, but with a different aspect: we adopt it to relax one of conditions in structural decentralised control. Since the benefit of structural decentralised control is obvious, it would be desirable to keep its basic framework as much as possible while bisimulation would help to reduce unnecessary actions to establish structural decentralised DES. As a result, it has found the decentralised control condition using bisimulation now becomes specification dependent like other works. However the second condition (mutual controllability condition) is still applied into the structure. So whenever a specification is modified, only the condition using bisimulation concept needs to be verified, which is simpler to be done.
The paper is organised as follows. Section 2 introduces some basic concepts of SCT and bisimulation and Section 3 formulates the problem for the paper. Section 4 presents a concurrent decentralised control of discrete-event systems in supervisory control theory using bisimulation concept. An example is presented for illustration in Section 5 and the paper ends with some concluding remarks in Section 6.

Preliminary.
In the framework of supervisory control theory, a 5-tuple automaton is used to model a finite state DES. Basically, it is a generator modelled as a set of finite sequence of events representing the behaviour of DES: G = (Q, Σ, δ, q 0 , Q m ), where Q is a set of finite states, Σ is a finite set of event labels (called an alphabet), δ:Q × Σ −→ Q is a (partial) state transition function, q 0 ∈ Q is the initial state, and Q m ⊆ Q is a set of marker states. It is common to define the empty string ϵ ̸ ∈ Σ to represent the alphabet with no events. Any set of finite strings of event labels in Σ and ϵ is defined as Σ * , a language over Σ. Any feasible language generated from G is called the closed behaviour, L(G), and a special subset of such languages which reaches to the marker states is called the marked behaviour, L m (G). Their formal definitions are, respectively: L(G) : The prefix closure of K ⊆ Σ * is defined by the set of all prefixes of strings in K, i.e., Then the product of two automata G 1 and G 2 is given by Note that Rch(· · · ) means the reachable component of a DES. Intuitively, the product allows only common event labels to occur simultaneously. Also it is clear that The synchronous composition of two automata is defined by The synchronous composition of two automata synchronises the shared events while unshared events can occur whenever possible.
The natural projection is defined to remove events from a string which do not belong to a particular event set as follows: for Σ 1 and Σ 2 , where Σ 1 ∩ Σ 2 ̸ = ϕ and Using this, the closed and marked behaviours of synchronous composition can be obtained: is the inverse projection of p i . The control of DES is introduced as follows. We divide the whole event set into two: the controllable events Σ c ⊆ Σ, and the remaining uncontrollable events Σ u := Σ−Σ c . The controllable events are those which can be disabled or enabled by supervisors while the uncontrollable events are those cannot, i.e., always enabled. The desired behaviour of G according to the specification (E) can be generated by enabling or disabling controllable events whenever necessary. Wonham and Ramage [10] developed an algorithm to obtain a supervisor S which can generate a maximal permissive such behaviour: where n is the number of states in G, and m is the number of states in E [10].
For two transition systems, the concept of bisimulation is one way to describe an equivalence relation between them. Let Σ i be the event alphabet of a subplant We say that H 1 and H 2 are bisimilar with respect to Σ s if there exists a bisimulation relation of H 1 and H 2 with respect to Σ s satisfying the conditions listed in Definition 2, or ≡ H1,H2 is a bisimulation. Intuitively, two languages are bisimilar with respect to their shared events if a shared event is possible at some point in one language, the same shared event should also be possible in the other language and vice versa; and if a marked string is reached in one language, then from a corresponding string in the other language, a marked string is also reachable. The following definition for mutual controllability is necessary for the later discussion [7]. Definition 3. Let Σ 1 , Σ 2 , · · · , Σ n be the event and Σ := It is also assumed that Σ i is split into controllable and uncontrollable events, i.e. Σ i = Σ ic ∪Σ iu , and the control status of shared event of two subsystems agrees, i.e., where p ij i and p ij j are the natural projections from (Σ i ∪ Σ j ) * to Σ * i and Σ * j , respectively.
Roughly speaking, since p ij ) models the external behaviours of G j seen by G i , two subsystems are mutually controllable if the closed behaviour of one subsystem is controllable with respect to the external behaviours of the other subsystem for the uncontrollable shared events and vice versa.

Problem Formulation.
In this section, we formulate a problem of decentralised control of SCT. For a decentralised system, we assume that a centralised plant is a synchronous composition of several smaller decentralised plants [14]. The concurrent operations of several decentralised plants could achieve the optimal objectives that can be achieved by centralised plant under certain conditions [6]. The framework of decentralised control is as follows: we consider the case with two decentralised plant. Note that this can be extended easily to more general cases. Let Σ i be the event alphabet of a subplant G i , for i = 1, 2. It is allowed that Σ 1 ∩Σ 2 ̸ = ϕ. Assume that Σ i = Σ ic ∪Σ iu . We assume that the control status of shared events are the same, i.e., Σ 1u ∩ Σ 2 = Σ 1 ∩ Σ 2u . Let Σ := Σ 1 ∪ Σ 2 be the event set of the global system, say G. Let Σ c := Σ 1c ∩ Σ 2c , Σ u := Σ 1u ∩ Σ 2u and Σ s := Σ 1 ∩ Σ 2 . Let p i and p s be the natural projections from Σ * to Σ * i and to Σ * s , respectively. Let L i,m , L i ⊆ Σ * i represent respectively the marked and closed behaviours of system G i . We assume that L i = L i,m . The marked and closed behaviours of the system G are respectively L m = L 1,m || L 2,m and L = L 1 || L 2 . Now let E i ⊆ L i,m be the local specification language on the subsystem G i , not necessarily prefix-closed. The overall specification is then E : denotes the restriction of p 1 on L. For a decentralised control approach, we synthesise local supervisors S i on G i whose closed-loop marked and closed behaviours are respectively κ Li (E i ) and κ Li (E i ). The closed behaviour under the concurrent supervisions of the local supervisors is then ( For a centralised control approach, we can synthesise for the global specification E and obtain κ L (E) as the closed behaviour of a global supervisor. Now we establish the following problem.

Problem 1. For given
and p i (κ L (E)) is nonblocking with respect to L i,m ? Problem 1 is to find conditions under which decentralised synthesis and control for local specifications can achieve the same optimality compared to the centralised synthesis, and the control of one decentralised plant never incur a blocking in other decentralised plants.

Decentralised control of DES using Bisimulation.
The following theorem provides sufficient conditions for Problem 1. Theorem 1. Let Σ i , Σ ic , Σ iu , L i,m and L i , for i = 1, 2, be given as in Section 3. Suppose that L 1 and L 2 are mutually controllable. Let E i ⊆ L i,m , for i = 1, 2. Suppose further that i) κ L1 (E 1 ) and κ L2 (E 2 ) are bisimilar with respect to Σ s := Σ 1 ∪ Σ 2 , for i ̸ = j ii) κ Li (E i ) and L j,m are bisimular with respect to Σ s .

Then problem 1 is solved.
Note that this theorem is different from the one in structural control [7]. As mentioned before, one of conditions given in [7] is too strong. In some applications, it is found that some unnecessary states need to be marked for the shared-eventmarking condition to be satisfied. To relax this condition which is applied to the structure of the system, it is found to be necessary to seek conditions applied to the given specifications.
Also note that we consider a centralised system as the synchronous composition of decentralised systems. We obtain sufficient conditions for given local, not necessary prefix-closed, specification languages. However, again the conditions now become specification-dependent conditions. However the second condition (mutual controllability condition) is still applied into the structure. So whenever a specification is modified, only the condition using bisimulation concept needs to be verified, which is simpler to be done. Note that in here nonprefix-closed specification languages are allowed and hence the problem of blocking will be addressed, which is a more relaxed case compared to [8].
To prove Theorem 1, one requires the following lemmas and proposition.

Lemma 2. Let
Proof. See Appendix B. Lemma 3. Let Σ 1 , Σ ic , Σ iu , L i,m , L i , E i and κ Li (E i ), for i = 1, 2, be given as in Section 3. Suppose that the conditions given in Theorem 1 hold. Then Proof. See Appendix C.

Lemma 4.
For given E i ⊆ L i,m , for i = 1, 2, suppose that the conditions given in Theorem 1 hold. Then where C(L) and C(L i ) are the sets of controllable sublanguages of L and L i .

Example.
For a practical example, consider a simple chemical reactor as shown in Figure 1. The reactor is comprised of a feed valve V 1 , a drain valve V 2 , a weight measurement unit W 1 , a timer T 1 , and a continuous reaction controller C 1 . For the decentralised control, the whole plant is divided into two subplants as shown in Figure 1: the filling-draining subplant (G 1 ) and the reaction subplant (G 1 ). Note that there are no shared components among subplants.  Figure 2(a) for G 1 and 2(b) for G 2 . In the figure, a circle represents (•) a state and an arrow (with a label) from an exit state to the entrance state represents an event. Also an entering arrow (−→ •) indicates the initial state and an exiting arrow (• −→) represents the marker state, while the double arrow (• ←→) shows the initial state and the marker state. The arrow with a bar in the middle represents a controllable event. The synchronous composition of all elementary components generates the possible system behaviours. The batch reaction process operates as follows. Firstly, the feed valve V 1 is opened (event α 1 ) to fill the reactor tank with material until W 1 indicates it is full (η 1 ). Then the feed valve is closed (β 1 ). The chemical reaction is then be enabled using reaction controller C1 (γ). The duration of the reaction is timed by the timer T1 which can be set for 3 minutes (µ 1 ), 5 minutes (µ 2 ) and 7 minutes (µ 3 ). Assume that we choose 5 minutes in this specific case. During the operation, the timer can be held at its current time (µ 4 ) if necessary and then it can be reset to the idle state (µ 8 ) or re-released (µ 5 ). When the set time is expired (uncontrollable event µ 6 ), the controller C1 is disabled (δ) and the timer is reset (µ 7 ). Then the drain valve V 2 is opened (α 2 ) to discharge the finished product from the tank until W 1 indicates that the tank is empty (η 2 ). When this happens, the drain valve is closed (β 2 ). This completes one cycle of the batch reaction process. To enforce the process proceeds in a specified order, three controllable shared events (σ 1 , σ 2 , σ 3 ) are introduced to indicate a completion of a certain process: the event σ 1 represents that the filling process is completed and the event σ 2 represents the completion of the chemical reaction, while σ 3 represents that the draining is finished and indicates a complete cycle of the batch reaction. These controllable synchronised events are represented as flags and their DES models are shown in Figure 3 The event sets for the decentralised plants are Σ 1 = {α 1 , α 2 , β 1 , β 2 , η 1 , η 2 , σ 1 , σ 2 , σ 3 } and Σ 2 = {µ 1 , µ 2 , µ 3 , µ 4 , µ 5 , µ 6 , µ 7 , µ 8 , γ, δ, σ 1 , σ 2 , σ 3 }. Their shared events are Σ s = {σ 1 , σ 2 , σ 3 } and all of them are controllable events. Due to this, the mutual controllability conditions are verified trivially. According to the operation procedure described above, the specifications in each decentralised plant can also be established. Their DES models are given in Figure 4(a) for G 1 and (b) for G 2 . It can be checked that E i ⊆ L i,m , for i = 1, 2.  The supervisors are obtained using the algorithm [10] and their marked behaviours κ L1 (E 1 ) ( Figure 5(a)) and κ L2 (E 2 ) ( Figure 5(b)) are displayed in Figure  5. It can be checked that in this case, the conditions in Theorem 1 hold. So the concurrent actions of decentralised control will guarantee the optimality of the centralised operation. Note again that the mutual controllability condition is applied to the structure of the system while the conditions using bisimulation are applied to each specification. Hence if there is a minor change of specifications like the changes of sequences, only the conditions with bisimulation need to be verified again.
6. Conclusion. This paper presented a concurrent structural decentralised control framework using bisimulation concept as a way to relax the shared-event-marking condition of the structural decentralised control of discrete-event systems [7]. It has found that the conditions developed in this paper now become specification dependent, i.e., the condition needs to be checked for given specifications. So whenever a specification is modified, the conditions using bisimulation concept need to be verified, which is simpler to be done. The issue of how to establish these conditions as structural conditions, namely they hold for a set of specifications, is still an open question.
Appendix A. Proof of Proposition 1.
For the reverse inclusion, since C(L), the set of closed,