CoDIT’16 - April 6-8, 2016, Malta
Towards a Diagnosability Technique of P-Time Petri
Nets Systems
Patrice Bonhomme
University François-rabelais, Tours
CNRS, LI EA 6300, OC ERL CNRS 6305
64 avenue Jean Portalis, 37200 Tours, France
Email:bonhomme@univ-tours.fr
Abstract—This paper presents a diagnosability technique of
a P-time Petri net under partial observation. Indeed, the set of
transitions is partitioned into those labeled with the empty string
 called silent (as their firing cannot be detected) including the
faulty transitions and the observable ones. The diagnosability can
be defined as the ability to detect the type of a failure within a
finite number of steps after its occurrence - the system is then said
to be diagnosable. The proposed approach is based on the syn-
thesis of a modified state observer where the fault transitions are
considered as observable allowing the construction of a Sampath-
like diagnoser. The novelty of the developed approach resides in
the fact that, although the time factor is considered as intervals,
the diagnoser is computed thanks to the underlying untimed
Petri net structure of the P-time model considered. Furthermore,
the method relies on linear programming techniques and the
schedulability analysis of particular firing sequences exhibited
by the analysis of the obtained diagnoser and does not require
the construction of the state class graph.
I. I NTRODUCTION
The fault detection [1] becomes a critical issue in numerous
systems and particularly for complex man-made systems such
as transportation, communication and manufacturing systems
... So, as the safety of both equipment and human operators
must be preserved, it is necessary to develop analysis and con-
trol techniques which can help administrators to securely make
their decisions whatever the circumstances are. Associating
a dedicated sensor to each critical component of a complex
system to monitor its internal state, in order to detect an
eventual malfunction is practically impossible due to multiple
reasons. Thus, it is often required to estimate the state in which
the considered system may be given some tangible available
data called observations. In the classical system theory, this
particular feature has led to the introduction of the state
observer notion.
Indeed, a state observer can be viewed as an external agent
allowing to estimate the internal state of a system based on
given measurements. From a discrete event dynamic systems
perspective and more precisely from a Petri net (PN on short)
point of view this issue can be similar to the estimation of
a PN marking based on the observation of particular events
associated with observable transitions [2], [3], [4] - they are
called observable because their firing can be detected by the
observer. Thus, being given a trace (or a sequence) of observed
978-1-5090-2188-8/16/$31.00 2016
c IEEE
018
events, associated with a particular behavior of the considered
plant, the following issue can be addressed: is it possible to
reconstruct with certainty the fault occurrence observing traces
of finite length ? In other words, are the plant observations
distinct enough to allow the detection of a faulty event within
a finite number of steps ? Answering this question is equivalent
to a priori determining if the considered system is diagnosable
[5], [6], [7], [8]. This paper presents a procedure allowing to
verify this property for systems modeled by P-time PN.
In the proposed method the set of unobservable transitions
is further partitioned into the set of faulty transitions and
the set of regular ones (i.e., they are unobservable and non
faulty). The developed approach is based on the synthesis of a
modified state observer (MSO) which is an estimator automa-
ton where the fault transitions are considered as observable.
The obtained MSO is then used to synthesize a diagnoser
automaton inspired by the theory of Sampath [9] which is
checked for indeterminate cycles thanks to a schedulability
analysis procedure based on linear programming techniques.
Intuitively, an indeterminate cycle corresponds to the presence
of two cycling sequences of transitions in the system producing
the same observation, such that a fault occurs in the first
sequence but not in the second one.
As opposed to many existing approaches, the proposed
technique does not require the state class graph construction
and consequently it is designed to alleviate the state space
explosion problem. Indeed, the construction of the modified
state observer and its derived diagnoser is based on the analysis
of the underlying untimed PN of the P-time PN considered.
Thus, thanks to the obtained diagnoser once an indeterminate
cycle is detected, the associated firing sequences feasible
on the untimed underlying PN consistent with the current
observation will be determined. Then, they will be checked
for schedulability allowing to decide if a fault has really
occurred in the considered system. In particular, the following
assumptions are made:
1) the net structure and the initial marking are known,
2) the fault model is known,
3) the underlying untimed PN, of the P-TPN considered
is bounded,
4) the PN induced by the set of unobservable transitions
does not contain circuit of null length,
5) the P-TPN considered does not deadlock after the
firing of any fault transition.
The paper is organized as follows: a brief reminder of the
 CoDIT’16 - April 6-8, 2016, Malta
basics of untimed Petri nets followed by a formal definition of
P-time Petri nets is realized in the next section. Section three
covers the procedure of estimation and the construction of the
state observer. The schedulability analysis of the occurrence
sequence highlighted by the state observer is studied in section
four. In the fifth section a procedure allowing to test the
diagnosability of a P-TPN system is given. Section six presents
an illustration of the developed method and the last section
concludes the paper. It is worth mentioning that the technique
developed in this paper is in the spirit close to the approach
of [7] but, as mentioned earlier, it does not require the
construction of the state class graph.
II. P ETRI N ETS
A. Untimed Petri Nets
The reader unfamiliar with Petri nets can refer to
[10], in the following only the basic notions are recalled.
A Place/Transition net (P/T net) is a structure N =
(P, T, P re, P ost), where P is a set of m places; T is a set
of n transitions. P re : P × T → N and P ost : P × T → N
are the pre and post incidence functions that specify the arcs;
C = P ost − P re is the incidence matrix. The preset and
postset of a node X ∈ P ∪ T are denoted ◦ X and X ◦ .
A marking is a vector M : P → N that assigns to each
place of a P/T net a non-negative integer number of tokens,
represented by black dots. M (p) is the marking of place p. A
net system N ; M0  is a net N with an initial marking M0 .
A transition t is marking enabled at M if M ≥ P re(·, t).
A transition t enabled at M may fire, yielding the marking
M  = M + C(·, t). We write M [σ > to denote that the
sequence of transitions σ is enabled at M , and we write
M [σ > M  to denote that the firing of σ yields M  . A marking
M is reachable in N ; M0  iff there exists a firing sequence
σ such that M0 [σ > M .
The set of all sequences that are enabled at the ini-
tial marking M0 is denoted L(N, M0 ) i.e., L(N, M0 ) =
{σ ∈ T  |M0 [σ >} with T  the Kleene closure of set T i.e.
the set of all firing sequences of elements of T of arbitrary
length, including the empty sequence . The notation σ  σ
will correspond to the firing sequence σ  followed by firing
sequence σ, i.e., the concatenation operation ; σ  is the prefix
of firing sequence σ  σ. The set of all markings reachable
from M0 defines the reachability set of N ; M0  and is
denoted R(N, M0 ). Given a net N = (P, T, P re, P ost) and
a subset Ts ⊆ T , the Ts -induced subnet of N is the net
Ns = (P, Ts , P res , P osts ) where P res and P osts are the
restrictions of P re and P ost to Ts . So, the net Ns is obtained
from N by removing all transitions in T \Ts , it is denoted also
by Ns ∠Ts N . Moreover, the set of transitions is partitioned into
two sets: observable transitions whose firing can be detected by
an external agent (observer), denoted as To and unobservable
transitions whose firing cannot be detected, denoted as Tu with
T = To ∪ Tu and To ∩ Tu = ∅.
B. P-time Petri Nets
Definition 1: The formal definition of a P-TPN [11] is
given by a pair N ; I where:
• N is a marked Place/Transition net (a P/T net system
augmented with a marking)
019
• P → (Q+ ∪ {0}) × (Q+ ∪ {∞}),
• pi → I(pi ) = [ai , bi ] with 0 ≤ ai ≤ bi , with:
• P : the set of places of the net N ,
• Q+ : the set of positive rational numbers,
• Ii defines the static interval of the operation duration
of a token in a place pi .
A token in place pi will be considered in the enabledness
of the output transitions of this place if it has stayed for ai time
units at least and bi at the most. Consequently, the token must
leave pi, at the latest, when its operation duration becomes
bi . After this duration bi , the token will be ”dead” and will
no longer be considered in the enabledness of the transitions.
According to the strong firing mode, a transition in a P-TPN,
is forced to fire unless it is disabled by the firing of another
conflicting transition. The semantics of a P-TPN can be defined
as a Timed Transition System [2].
III. E STIMATION P ROCEDURE
The goal of the observer is to give the current state estimate
of the system based on the information of the observed traces
(sequence of transitions). The state of the observer will consist
in a set of states the model can be in after the current
observation. The following set is defined with respect to the
observed sequence of transitions ω:
• L(ω) is the set containing all sequences of transitions
that are consistent with ω, i.e., the set of all possible
firing sequences that produce observation ω.
In general, if ω is an observed word, the associated firing
sequence σ = ω is not necessarily fireable on the net as
some unobservable transitions should be interleaved to obtain
a fireable sequence that produce ω.
Definition 2: Let N = (P, T, P re, P ost) be a net with
T = To ∪ Tu . The following operator is defined:
• The projection over To is Po : T  → To defined
as:(i) Po () = ; for all σ ∈ T  and t ∈ T, Po (σt) =
Po (σ)t if t ∈ To and Po (σt) = Po (σ) otherwise (with
 representing the empty string).
Given a sequence σ ∈ L(N, M0 ), ω = Po (σ) denotes the
corresponding observed word.
Definition 3: Let N = (P, T, P re, P ost) be a net with
T = To ∪ Tu and ω ∈ To be an observed word.
L(ω) is defined as L(ω) = Po−1 (ω) ∩ L(N, M0 ) =
{σ ∈ L(N, M0 )|Po (σ) = ω}, the set of firing sequences con-
sistent with ω ∈ To ,
Definition 4: Let N = (P, T, P re, P ost) be a net with
T = To ∪Tu and ω ∈ To be an observed word. C(ω) is defined
as C(ω) = {M ∈ R(N, M0 )|∃σ ∈ L(ω) : M0 [σ > M }, the
set of markings consistent with ω ∈ To .
So, being given an observed word ω, L(ω) is the set of
sequences that may have fired while C(ω) is the set of markings
in which the system may actually be.
Definition 5: Let N = (P, T, P re, P ost) be a net with
T = To ∪ Tu , the unobservable reachability mapping UR,
 CoDIT’16 - April 6-8, 2016, Malta
which enables to find the markings reachable from a given
marking Mi , following the firing of all unobservable sequences
is defined as: UR : Nm → 2N ,
m The following algorithm allows to construct the state
Mi → UR(Mi ) = {Mj ∈ Nm |∃σu ∈ Tu , Mi [σu > Mj } ,
m
with 2N the power set or the set of subsets of the markings
of the PN considered.
A. State observer
Let Ni and Nj be two nodes of the graphical representation
of the state observer (associated respectively with the states yi
and yj of the observer) such that there exists a directed arc
linking Ni to Nj labeled with transition tk ∈ To .
Definition 6: The state observer for the partially observ-
able PN N ; M0 , with T = To ∪ Tu is defined by the 5-tuple
(Yso , Eso , fso , y0 , ςso ) where:
• Yso is the set of states of the state observer,
• Eso = To is the set of observable (events) transitions,
• ςso : Yso → 2R(N,M0 ) is a function associating with
each state yso ∈ Yso a set of reachable markings,
• y0 is the initial state of the state observer (associated
with node N0 ) and ςso (y0 ) = SEM (N0 )∪SSM (N0 ),
 if  a node Nj such that Nj ⇔ Nt (Nj ∈
• fso : Yso × Eso → Yso is the transition function
defined as :
for yl ∈ Yso a state of the observer and

ω ∈ Eso a string of observable transitions
fso (y0 , ω) = yl if ςso (yl ) ∈
/ ∅ where ςso (yl ) =
τ
Ml : M0 → Ml ∧ Po (τ ) = ω = SEM (Nl ) ∪
SSM (Nl ).
With the two sets, as in [4], SSM and SEM defined as
follows:
• SEM (Nj ), the Set of Entry Markings of Nj ,
SEM (Nj ) = {Ms ∈ Nj |∃Mu ∈ Ni , tk ∈ To
: Mu [tk > Ms }
• SSM (Nj ), the Set of Shadow Markings of Nj ,
SSM (Nj ) = {Ms ∈ Nj |∃Mu ∈ SEM (Nj ),
σu ∈ Tu : Mu [σu > Ms }
or equivalently, SSM (Nj ) = UR(SEM (Nj )).
Intuitively, for a given node Ns of the state observer, after
the observation of the word ω, the set SEM (Ns )∪SSM (Ns )
represents the set of markings that are consistent with the
current observed word (i.e., C(ω)).
Proposition 1: Two nodes Ni and Nj of the state observer
will be equivalent (denoted Ni ⇔ Nj ) if and only if, the
following holds: SEM (Ni ) = SEM (Nj ).
020
B. State observer construction
observer, being given a P-TPN and its initial marking M0 .
First, let define the following sets:
• UPN ODES, the set of unprocessed nodes, i.e., they
are under investigation,
• PN ODES, the set of processed nodes,
• F TOBS (Ne ), the set of observable transitions fireable
from a given marking of node Ne ,
i.e., F TOBS (Ne ) =
{ts ∈ To |∃M ∈ SEM (Ne ) ∪ SSM (Ne ) : M [ts >}.
Algorithm 1 State observer building
UPN ODES ← ∅, PN ODES ← ∅,
Create node N0 with SEM (N0 ) = {M0 } and SSM (N0 ) =
UR(M0 ),
UPN ODES ← UPN ODES ∪ {N0 },
while UPN ODES = ∅ do
Remove a node Ncur from UPN ODES,
PN ODES ← PN ODES ∪ {Ncur },
Evaluate F TOBS (Ncur ),
for all t ∈ F TOBS (Ncur ) do
Create a temporary node Nt ,
Compute sets SEM (Nt ) and SSM (Nt ),
UPN ODES ∪ PN ODES) then
UPN ODES ← UPN ODES ∪ {Nt },
end if
Create a directed arc from Ncur to Nt labeled with t,
end for
end while
Definition 7: Given a marking Mi ∈ R(N, M0 )
and a transition tf ∈ To , the set of candidate se-
quences denoted CS(Mi , tf ) is the set of firing se-
quences, composed of the unique final observable transi-
tion tf , which can occur from Mi , i.e.: CS(Mi , tf ) =
{s.tf |s ∈ Tu ∪ , tf ∈ To : Mi [s.tf >}.
With respect to the timing constraints to be satisfied,
candidate sequences can be in the state possible or impossible.
As Nu ∠Tu N (i.e., the Petri net induced by the set of
unobservable transitions) is not Zeno by assumption, it is
ensured that the time is diverging with regard to the length of
the firing sequences, thus, the set of candidate sequences from
a marking is necessarily finite (at the instant of observation)
and it can be investigated. The following section addresses the
schedulability analysis of an occurrence sequence.
IV. S CHEDULABILITY A NALYSIS
Let σ = ta tb tc . . . tq be a firing sequence of length s
(denoted |σ| = s). The j th fired transition of σ will be
associated with the j th firing instant [2]. A variable xi will
represent the elapsed time between the (i − 1)th firing instant
and the ith one (with x0 = 0).
In a P-TPN, the sojourn time (i.e., the amount of time that
a token has been waiting in a place) is counted up as soon
 CoDIT’16 - April 6-8, 2016, Malta 021

as the token has been dropped in the place. To compute the the set of non negative vectors (x1 , ..., xq ) such that the first,
firing instants, this approach requires that a token is identified the second, . . . and the q th firing conditions are satisfied. Thus,
by three parameters: the place that contains it, the information a firing sequence σ = t1 t2 ....tq is schedulable if and only if
of its creation instant and of its consumption one. its associated firing space F S σ (q) is non-empty.
Function T OK is defined with this purpose assuming that Thanks to this characterization of a firing sequence, the
a FIFO queuing policy in the net is used in the sequel: Zenoness property can be checked by evaluating the mini-
T OK:N × (N \ {0}) × T  → 2P ), mal duration of the circuit of unobservable transitions under
consideration (for instance, by minimizing the sum of the xi
T OK(j, n, σ) = {p ∈ P |p contains a token created by associated with the considered transitions).
the j th firing instant and consumed by the nth one in firing
sequence σ}. Definition 9: A P-TPN Nr firing schedule, will be a se-

i
When it is clear from the context σ will be omitted in quence of ordered pairs (ti , xk ) ; transition ti firable at
k=0
the notation of T OK(.).When the weight of the P-TPN arcs 
i
is element of N, T OK(j, n) is a multi-set. For the sake of time ( xk ), obtained from the state reached by starting from
simplicity, only ordinary P-TPN are considered. k=0
Nr initial state and firing the transitions tj , 1 ≤ j < i, in the
Tokens, with the same creation instant, located in different schedule at the given times.
places and involved in the same transition firing may mutually
constrained their sojourn time, the quantities, Dsmin and
Dsmax, are introduced in order to evaluate the contribution of V. D IAGNOSABILITY
these tokens. So, Dsmin represents their availability in order Thanks to the topological and timing structures of the
to participate to this firing and similarly, Dsmax expresses considered P-TPN system, is it possible to detect a fault in
the fact that they all must be prevented from dying. a finite number of steps after its occurrence ? For this purpose
 the notion of modified state observer (MSO) is introduced, it
max (ai ), i | pi ∈ T OK(j, n)
Dsmin(j, n) = , will be the prerequisite for the construction of a diagnoser
else 0 if T OK(j,n) = ∅ in order to solve diagnosability issues. Moreover, the set
 of unobservable transitions is partitioned into two subsets,
min (bi ), i | pi ∈ T OK(j, n) Tu = Tf ∪ Treg where the set Tf includes all the fault
Dsmax(j, n) = .
else + ∞ if T OK(j,n) = ∅ transitions (modeling anomalous or faulty behavior) while
Treg includes all unobservable transitions which correspond
The definition of the following set SEN (q), allowing to to regular events. Furthermore, the set Tf is partitioned into
determine the creation instants of tokens involved in the q th r different subsets Tfi , where i = 1, . . . , r, that models the
firing instant, is also necessary: different fault classes.
SEN (q) = {u|T OK(u, q) ⊂ ( ˚ tq )}. Definition 10: The modified state observer for the par-
To express more simply the obtained results, the definition tially observable P-TPN N with initial marking M0 , T =
of the following coefficients is required: To ∪ Tu and Tu = Tf ∪ Treg is defined by the 5-tuple
 (Ymso , Emso , fmso , y0 , ςmso ) where the key modification for
Dsmin(u, q) if u ∈ SEN (q) its construction, with regard to the state observer of definition
cuq = ,
0 else 6 previously presented is: Emso = To ∪ Tf .

Dsmax(j, k) if T OK(j, k) = ∅ Considering the state observer construction algorithm de-
djk =
+∞ else tailed in section III-B, the modified state observer will be
With, ∀(j, k) ∈ [0, q − 1] × [1, q], j ∈
/ SEN (q) and k = obtained in the same way but with the set F TOBS (Ne )

q, then cjk = 0, and ∀k ∈ [0, q], xk ≥ 0. replaced by the set F TOBS (Ne ) such that:

The following proposition is finally obtained: F TOBS (Ne ) = {ts ∈ To ∪ Tf |∃M ∈ SEM (Ne )
Proposition 2: A sequence of transitions σ = t1 t2 ....tq ∪SSM (Ne ) : M [ts >}.
is schedulable if and only if there exist x1 ≥ 0, x2 ≥ 0,...,
xq ≥ 0 such that:
Intuitively, the set of observable transitions of the P-TPN
⎧ considered is augmented with the set Tf of faulty transitions
⎪ c0k ≤ x1 ≤ d0k , k = 1, ..., n
⎪
⎪ max (c0k , c1k + x1 ) ≤ x1 + x2 ≤ min (d0k , d1k + x1 )
⎪
⎪ (i.e., they are now considered as observable). This modification
⎪
⎨ k=2,...,n k=2,...,n
... is also considered for the construction of the modified basis
⎪
⎪ j
 q
 j
 reachability graph in the approach of Cabasino et al. [5] for
⎪
⎪
⎪
⎪ max (cjk + xs ) ≤ xs ≤ min (djk + xs ) the diagnosability of bounded PN.
⎩ j=0,...,q−1 j=0,...,q−1
k=q,...,n s=0 s=0 k=q,...,n s=0
Definition 11: A P-TPN N, M0 , I is diagnosable with
In the sequel this system will be denoted as Sσ (q) or simply respect to a projection operator Po if:
Sσ when it is clear from the context.
∀s ∈ Ψ(Tfi ), ∃K ∈ N, ∀r ∈ LG(N, M0 )/s, |r| ≥ K ⇒
Definition 8: The firing space at the q th firing instant,
associated with a firing sequence σ, denoted by F S σ (q) is ∀w ∈ Po−1 (Po (sr)), ∃tf ∈ Tfi : tf ∈ w, with:
 CoDIT’16 - April 6-8, 2016, Malta
• Ψ(Tfi ) denotes the set of schedulable transitions se-
quences that end in a faulty event of class Tfi ,
• |r| denotes the number of events of trace r,
• LG(N, M0 ) = {σ ∈ T  |σ ∈ L(N, M0 ) :
F S σ (|σ|) = ∅}
• LG(N, M0 )/s = {s ∈ T  | ss ∈ LG(N, M0 )}
Thus, let s be a firing sequence (trace) ending with a fault
transition of class Tfi and let r be a long enough firing sequence
which is a continuation of s. The diagnosability (with regard
to fault class Tfi ) is ensured if any firing sequence having the
same observable projection of firing sequence sr contains also
a fault transition in Tfi . If there are several fault classes, a P-
TPN system will be said to be diagnosable if it is diagnosable
with respect to all fault classes. The diagnosability will be
verified thanks to a diagnoser automaton and the procedure to
obtain it from the MSO G, is fully explained and detailed in
the book by Cassandras et al. [12]. Intuitively, in our approach
each state Si of the diagnoser Diag(G) is of the form:
• Xj N , when the state Xj of the corresponding MSO
is reached after a sequence of events without fault, or
• Xj Fk , when the state Xj of the corresponding MSO
is reached after a sequence of events containing a fault
of class Tfk .
It can be noticed that as initially no fault has occurred, the
initial node of Diag(G) is labeled with X0 N . Indeed:
• If all the states of the MSO G in the current state of
Diag(G) have label N , then it is sure that no faulty
event has occurred yet. As in [12] such a state will be
called a negative state,
• If all the states of the MSO G in the current state of
Diag(G) have label Fi , then it is certain that a faulty
event of the corresponding class has occurred at some
point in the past. Such a state will be called a positive
state,
• If the current state of Diag(G) contains at least one
state of the MSO G with label N and at least one
state of G with label Fi , then a faulty event of class
Tfi may or may not have occurred in the past. This
kind of state will be called an uncertain state.
In the latter case, there exist, in the P-TPN considered,
two untimed firing sequences σ1 and σ2 such that Po (σ1 ) =
Po (σ2 ) (they lead to the same state in Diag(G)) where σ1
contains a faulty transition of class Tfi and σ2 does not. Thus,
the following definitions of uncertain and indeterminate cycles
are recalled:
Definition 12: An uncertain cycle in Diag(G) is a cycle
composed exclusively of uncertain states.
Definition 13: [1] An indeterminate cycle in Diag(G) is an
uncertain cycle corresponding to the presence of two cycling
sequences of transitions (words) in the system with the same
observable projection, such that a fault of class Tfi occurs in
the first sequence but not in the second one.
022
It follows that the property of diagnosability can be tested
by analyzing the cycles of uncertain states in Diag(G). Thus,
the following major result, in the untimed case, is reminded:
Theorem 1: [9] Let N be a P-TPN with T = To ∪ Tu
and Tu = Tf ∪ Treg where the set Tf includes all the fault
transitions while Treg includes all unobservable transitions
which correspond to regular events. Furthermore, the set Tf is
partitioned into r different subsets Tfi , where i = 1, . . . , r, that
models the different fault classes. The untimed system consid-
ered is diagnosable if and only if there are no indeterminate
cycles in the associated diagnoser Diag(G) for any fault type.
The previous results are obtained in the untimed case by
considering the untimed underlying structure of the P-TPN
considered. The next proposition build a bridge between the
time and the untimed structures.
Proposition 3: Let N, I be a P-TPN with N, M0  its
associated underlying untimed PN. If N, M0  is diagnosable
with respect to (w.r.t.) a fault class Tfi then N, I is also
diagnosable w.r.t. Tfi .
Proof : it follows from the fact that the behavior of the P-
TPN considered is included in the behavior of its associated
underlying untimed PN (i.e., the set of feasible firing sequences
of the P-TPN considered is a subset of the one of its associated
underlying untimed PN). Indeed, the timing structure can only
restrict the behavior of the underlying untimed PN model (no
new firing sequences can be generated in N, I).
In the proposed approach, the consideration of the time fac-
tor will lead to the schedulability analysis of all pairs of firing
sequences (σ1 , σ2 ) associated with an indeterminate cycle of
the diagnoser Diag(G). Thus, the firing space of these firing
sequences will be determined and if it is found non-empty
then it means that it exists, for each firing sequence, a firing
schedule associated with the observation under consideration
(i.e., σ1 and σ2 are both time feasible or schedulable). The
proposed procedure allowing to test the diagnosability of a
P-TPN system, derived from [7] is as follows:
1) Build the modified state observer G of the system,
2) Compute the associated diagnoser Diag(G),
3) Search for the uncertain cycles for any fault class
Tfi , ∀i,
4) If there are no uncertain cycles for any fault class
Tfi , ∀i, then the system is diagnosable; else for each
fault class Tfi , ∀i having uncertain cycles, verify if
such cycles are also indeterminate,
5) If there are no indeterminate cycles for any fault
class Tfi , ∀i, then the system is diagnosable, else if
there are indeterminate cycles for some fault class Tfi ,
then for each indeterminate cycle, consider all pairs
of sequences in G associated with it; for any pair
(σ1 , σ2 ) feasible on the untimed underlying PN of
the P-TPN considered, having the same observable
projection, one containing a fault transition in Tfi
and the other one not, compute F S σ1 (|σ1 |) and
F S σ2 (|σ2 |).
6) If F S σ1 (|σ1 |) = ∅ and F S σ2 (|σ2 |) = ∅ then
the system is not diagnosable with respect to the
fault class Tfi else, let consider the pair (σ1 , σ2 )
 CoDIT’16 - April 6-8, 2016, Malta 023

with σ1 containing a fault and σ2 not. As soon as consequently the faulty transition t5 cannot occur. If b2 is
F S σ1 (|σ1 |) = ∅, the faulty transition can be detected. chosen such that b2 ≥ a4 , the system becomes non diagnosable
as σ1 and σ2 becomes schedulable but a control layer must
Indeed, in the Else statement of the last item the following be added to prevent the death of tokens in p2 and p4 .
cases are to be considered: For instance, if I(p4 ) = [1, 3] an example of schedule is:
• F S σ1 (|σ1 |) = ∅, F S σ2 (|σ2 |) = ∅, i.e., the fault never (t1 , 1), (t2 , 2), (t4 , 3), (t1 , 4), (t3 , 5), (t5 , 6) . . . and the system
occur, is clearly non diagnosable with respect to t5 .

• F S σ1 (|σ1 |) = ∅, F S σ2 (|σ2 |) = ∅, i.e., the fault VII. C ONCLUSIONS

always occur and can be therefore detected,
In this paper, a new methodology allowing to analyze
• F S σ1 (|σ1 |) = ∅, F S σ2 (|σ2 |) = ∅, i.e., the firing the diagnosability of systems modeled by P-time Petri nets
sequences associated with the indeterminate cycles are is developed. It is based on the construction of a diagnoser
both non schedulable. inspired from the procedure originally presented by Sampath
in the automata context. This diagnoser is obtained thanks to
VI. I LLUSTRATIVE EXAMPLE the synthesis of a modified state observer which is an estimator
where the fault transitions are considered as observable. Fur-
Let consider the P-TPN of Fig.1 with To = {t1 }, Tu =
thermore, both, the modified state observer and the resulting
{t2 , t3 , t4 , t5 } and Tf = {t5 }.
diagnoser are computed on the basis of the untimed underlying
Petri net of the P-time PN considered. This particularity allows
P1 [0,1]
to avoid the combinatorial state space explosion problem
t1
usually associated with the consideration of the time factor
[1,2] [7, infty[ modeled as time intervals. The diagnosability of the system
P2
P3 [0, infty[ P4
is based on the analysis of the set of indeterminate cycles
t2
t3 highlighted by the structure of the obtained diagnoser. Thus,
[1,8] [0,4]
thanks to a schedulability analysis technique, the feasibility
P6
P5
of the candidate firing sequences associated with the indeter-
minate cycles, on the P-TPN considered is verified. To this
t4 t5
purpose, an efficient procedure based on linear programming
techniques is provided.
Fig. 1. P-TPN model.
R EFERENCES
The modified state observer of the P-TPN of Fig.1 is [1] J. Zaytoon and S. Lafortune, “Overview of fault diagnosis methods for
depicted in Fig.2. It is obtained by considering faulty transition discrete event systems,” Annual Reviews in Control, vol. 37, no. 2, pp.
t5 as observable. 308 – 320, 2013.
[2] P. Bonhomme, “Marking estimation of P-time Petri nets with unobserv-
t1 able transitions,” IEEE Transactions on Systems, Man, and Cybernetics:
X1
Systems, vol. 45, no. 3, pp. 508–518, 2015.
SEM SSM
X0
[3] F. Basile, M. Cabasino, and C. Seatzu, “State estimation and fault diag-
SEM [000110]
SSM
[010001]
nosis of labeled time Petri net systems with unobservable transitions,”
t1 [01110]
[100000]
[100000]
IEEE Trans. on Automatic Control, vol. 60, no. 4, pp. 997–1009, 2015.
[4] M. Ghazel, A. Toguyéni, and P. Yim, “State observer for des under
t5
partial observation with time Petri nets,” Journal of Discrete Event
Dynamic Systems, vol. 19, no. 2, pp. 137–165, 2009.
Fig. 2. Modified State observer G. [5] M. Cabasino, A. Giua, and C. Seatzu, “Diagnosability of bounded Petri
nets,” in Proceedings of the 48th IEEE Conference on Decision and
Control, CDC 2009, Dec 2009, pp. 1254–1260.
t1 t1
{X0 N}
S1
{X1 N}
S2
{X1 N, X1 F}
S3
[6] F. Basile, P. Chiacchio, and G. D. Tommasi, “On k-diagnosability of
Petri nets via integer linear programming,” Automatica, vol. 48, no. 9,
t1
pp. 2047 – 2058, 2012.
[7] F. Basile, M. P. Cabasino, and C. Seatzu, “K-diagnosability of time
Fig. 3. Diag(G), diagnoser of the modified state observer of Fig.2. labeled Petri nets,” in 12th International Workshop on Discrete Event
Systems, WODES 2014, 2014, pp. 135–141.
Thanks to the diagnoser Diag(G) of Fig.3, there is an [8] M. P. Cabasino, A. Giua, and C. Seatzu, “Diagnosability of discrete
event systems using labeled Petri nets,” IEEE Transactions on Automa-
elementary uncertain cycle for the fault class Tf corresponding tion Science and Engineering, vol. 11, no. 1, pp. 144–153, 2014.
to S3 t1 S3 . This cycle is associated with the observed sequence [9] M. Sampath, R. Sengupta, S. Lafortune, K. Sinnamohideen, and
ω = t1 . Then, an indeterminate cycle is exhibit as the two D. Teneketzis, “Diagnosability of discrete-event systems,” IEEE Trans-
following cyclic firing sequences σ1 = t1 t2 t4 and σ2 = t1 t3 t5 actions on Automatic Control, vol. 40, no. 9, p. 15551575, 1995.
are determined, both producing observation t1 . Thanks, to the [10] T. Murata, “Petri nets, properties, analysis and applications,” Proceed-
previous theorem, it is certain that the fault transition t5 of ings of the IEEE, vol. 77, pp. 541–580, 1989.
class Tf is not diagnosable in the untimed case. Indeed, thanks [11] W. Khansa, J. P. Denat, and S. Collart-Dutilleul, “P-time Petri nets for
to the timing structure of the P-TPN, it is easy to verify manufacturing systems,” WODES’96, Edinburgh UK, pp. 94–102, 1996.
that F S σ2 (|σ2 |) = ∅ and F S σ1 (|σ1 |) = ∅ (as b2 < a4 ). [12] C. G. Cassandras and S. Lafortune, Introduction to Discrete Event
It means that only firing sequence σ1 is schedulable and Systems. Springer-Verlag New York, Inc., 2008.