DESIGN AND IMPLEMENTATION OF A MONITORING SYSTEM
USING GRAFCET
Adib Allahham and Hassane Alla
GIPSA-Lab, Department of Control, Institute National de Polytechnique de Grenoble
961 Rue de la Houille Blanche - Domaine universitaire BP 46, 38402 Saint Martin D’h
`
eres, France
Keywords:
Monitoring, Fault detection, Manufacturing systems, Stopwatch automata, Reachability analysis, Grafcet.
Abstract:
A monitoring system based on a stopwatch automaton is proposed to detect the system faults as early as
possible. Each location in the automaton corresponds to a system’s situation. Its time space delimits exactly
the range of the normal behavior in the corresponding system’s situation. The monitoring system detects a
fault when the time space corresponding to the actual system’s situation is violated. The stopwatch automaton
provides a formal foundation to model the system’s behavior and to synthesize the exactly time space in each
location. This paper aims to provide the grafcet monitor that allows to link the design of the monitoring system
of a system with its implementation in a programmable logic controller.
1 INTRODUCTION
Monitoring complex manufacturing systems plays an
important role for economic and security reasons. A
wide variety of methods has been considered this
problem. These methods consider a fault have oc-
curred in a system if a faulty event occurs (Ghazel
et al., 2005), reaching a faulty state (S. H. ZAd and
Wonham, 2003) or more generally violating system
specifications. Most systems monitor the timed sys-
tem specifications by using Watchdogs. They detect a
fault if the expected observation is produced early or
late with respect to certain time bounds.
The increasingly stringent requirements in monitor-
ing and fault detection problems lead to the necessity
to detect the fault as early as possible without waiting
the expiration of certain bounds. For that, we have
proposed in (A.allahham and alla, 2006) a monitoring
method which extends the method of residuals, well-
known in continuous system. In (A.allahham and alla,
2006), we have introduced the notion of acceptable
behavior of a system detailed in the following sec-
tion. We model this acceptable behavior by a stop-
watch automaton. In that representation, each loca-
tion corresponds to a state of the system and the arcs
are labeled by switching conditions between the dif-
ferent states. In each state, the differential equations
express the progression or suspension of the task rep-
resented by the stopwatch due to a fault. The time
sub-space in each location represented by a set of al-
gebraic inequalities, delimits the range of stopwatches
in the corresponding system’s situation in the accept-
able behavior. The monitoring system detects a fault
when the system exceeds this time sub-space.
The stopwatch automaton provides a formal basis to
model the system’s behavior and to analyze it in order
to characterize the exact time sub-space in each loca-
tion, corresponding to the acceptable behavior.
In this paper, our objective is to provide the grafcet
model that allows to link the design of monitoring
system of a manufacturing system with its implemen-
tation in the logic controller. We show that the grafcet
fulfils not only the sequential specification of the ap-
plications but also the continuous behavior specified
in the monitoring stopwatch automaton.
The grafcet corresponding to monitoring automaton
models a location by a step and a stopwatch by a
timer where the following problem is encountered.
The behavior of a stopwatch goes beyond the abil-
ity of a timer representing the simplest way to include
the time in grafcet model. This problem in turn af-
fects the method to represent the time sub-space as-
sociating to the steps of grafcet. However, we will
show that this problem can be overcome by complet-
220
Allahham A. and Alla H. (2007).
DESIGN AND IMPLEMENTATION OF A MONITORING SYSTEM USING GRAFCET.
In Proceedings of the Fourth International Conference on Informatics in Control, Automation and Robotics, pages 220-225
DOI: 10.5220/0001639102200225
Copyright
c
SciTePress
Execution
Normal
fault
Intermediate
state
Acceptable
behavior
Figure 1: Acceptable behavior of a system.
ing the grafcet by actions associated with steps. Also,
the grafcet will monitor permanently the consistency
of the stopwatches within its acceptable range.
Section 2 describes the acceptable behavior of a
system and its model based on stopwatch automaton.
Our approach is given and used to delimit the time
space characterizing this behavior. In Section 3, the
method to translate a monitoring automaton into a
Grafcet model is detailed. We apply this method in
an illustrative example in Section 4.
2 THE ACCEPTABLE BEHAVIOR
The possible kinds of faults that affect the resources
in a manufacturing system are the permanent faults,
which dispossess a resource’s ability to perform its
task and the intermitting faults. These faults can
appear several times during the task execution and
disappear without any external action on the system
while permanent faults disappear due to a repair of
the fault (Huang et al., 1996). Our work considers
only the intermitting faults that interrupt the task of
a resource. We call it malfunctions and the task sub-
jected to these malfunctions as interruptible task. The
system containing these tasks is called as interrupt-
ible system. Because of malfunctions, an interme-
diate state can appear between a normal state and a
faulty one. In this state, the system can come back
to the normal behavior or it leaves toward a faulty
state (Fig.1). We refer to this behavior by acceptable
behavior. These malfunctions occur often in a man-
ufacturing system, so the system’s designer accepts
to some extent this behavior for productivity motives.
The question to answer is: how the designer takes into
account these malfunctions in his system.
Let be a task Task
i
Task
int
where Task
int
represents
the set of interruptible tasks in a complex system S.
Task
i
has a known execution duration [α
i
, β
i
] which is
given in the technical characteristics of the resources
that execute Task
i
or measured directly. Because of
the interruptions resulting from malfunctions, the de-
signer accepts a tolerated duration to execute Task
i
. It
is given by the interval [α
i
, γ
i
) where β
i
< γ
i
. We call
[α
i
, β
i
] and [α
i
, γ
i
) respectively the normal and accept-
able durations of Task
i
.
Signals of monitoring
sensors
-1 -
Process + Control
Monitoring System
(Stopwatch automaton
)
Signals of the
system’s control
sensors
Alarm
-2 -
+ orders
Time
execution
Time
t
f
Task end
Task end
execution
execution
t
f
Figure 2: 1- Behavior of an interruptible task 2-
Inputs\Output of monitoring system.
2.1 Monitoring of an Interruptible Task
We refer to the apparition and disappearing of a fault
by its effect on the task execution, then we refer it by
interruption and resuming of the task.
Hypothsis 1 The execution speed is supposed to be
constant or to vary sightly around a mean value.
Considering the properties of the tasks mentioned
above, we distinguish the behavior of an interruptible
task shown in Figure 2.1. Either Task
i
is executed
without interruption, then t
f
[α
i
, β
i
] or Task
i
has
been executed but with several interruptions. After
each interruption, the system resumes from the po-
sition at which it has been interrupted. In this case:
t
f
[α
i
, γ
i
).
To monitor Task
i
, we use the timers x
i
and y
i
. The
timers x
i
and y
i
have a values ”0” when the task be-
gins. x
i
will be used to check that T ask
i
has com-
pleted before the expiration of its tolerated deadline.
y
i
is used to monitor the effective time of execution.
Then, Task
i
is correctly executed if y
i
[α
i
, β
i
] and x
i
[α
i
, γ
i
) when the task end occurs.
The arrows and in Figure 2.1 represent respec-
tively the signal of logical sensor which detects the in-
terruption and resuming of Task
i
. These signals rep-
resent an input of our monitoring system (Fig. 2.2).
2.2 Modeling of an Interruptible System
We use the stopwatch automata SWA to model the in-
terruptible system. It is a class of linear hybrid au-
tomaton where the time derivative of a clock in a lo-
cation can be either 0 or 1 (Cassez and Larsen, 2000).
Definition 1 A stopwatch automaton is a 7-tuple
(L, l
0
, X, Σ, A, I,
˙
X) where:
L is a finite set of locations, l
0
: the initial location,
X is a finite set of stopwatches,
Σ is a finite set of labels,
A is a finite set of arcs. a = (l, δ, σ, R, l
0
) A is
the arc between the locations l and l
0
, with the guard
δ C(X ), the label name σ and the set of stopwatches
to reset R. C(X ) is the set of constraints over X.
DESIGN AND IMPLEMENTATION OF A MONITORING SYSTEM USING GRAFCET
221
i
s
i
r
3
l
1
l
2
l
Normal execution
Interruption
Initial
1
=
i
x
Alarm
Faulty state
4
l
i
ii
x γ
ii
y
β
0
i
x
:
=
0
i
y:
=
i
σ
iii
y
α
β
0
<
ii
x γ
0
=
i
y
1
=
i
x
ii
x γ
ii
y
β
1
=
i
y
0
=
i
x
0
=
i
y
0
<
ii
x γ
0
<
ii
x γ
ii
x γ
=
<
ii
y
α
ii
x γ
=
<
ii
y
α
0
i
x
:
=
0
i
y:
=
Figure 3: Stopwatch automaton of an interruptible task.
I C(X)
L
maps an invariant to each location,
˙
X ({0, 1}
X
)
L
maps an activity to each location.
SWA of an interruptible task
We model the acceptable behavior of Task
i
by the
Stopwatch automaton shown in Fig. 3. The loca-
tion l
1
indicates that the resource is waiting to start
the task, l
2
that the resource is executing its task and
l
3
that the task is interrupted after having started. In
this automaton, the clock y
i
in l
3
does not progress
while x
i
evolves to express that the task is interrupted
but the time remains progressing. The labels s
i
and
r
i
represent respectively the stop and the resumption
of Task
i
in the physical system, while label σ
i
corre-
sponds to the end of this task. ε
i
which is the always
true event, represents the necessary condition to start
the task. Here it starts immediately.
The guard g
2
of the arc l
2
g
2
l
3
expresses that the
interruption can occur at any instant during the ac-
ceptable duration while the guard g
3
associated to
l
3
g
3
l
2
expresses that the resumption must occur be-
fore exceeding the acceptable duration. The execution
of task
i
, during its acceptable duration is represented
by the guard g
4
of the arc l
2
g
4
l
1
.
Figure 3 shows that Task
i
leaves the acceptable be-
havior to faulty state l
4
either from the location l
2
or
l
3
. The guards of arcs towards l
4
are identical and
given by g
5
= ¬g
4
= (x
i
= γ
i
y
i
< α
i
). It expresses
the fact that the acceptable duration of execution was
expired and Task
i
is not executed.
2.3 Time Space State Delimiting the
Acceptable Behavior
The acceptable behavior of a system S is represented
by a stopwatch automaton A. It is obtained by the
composition of the different tasks automata accord-
ing to the system specifications which represent the
relation between these tasks.
Property 1 The trajectories which lead Task
i
to the
state l
1
× (0, 0) from l
2
× (x
i
, y
i
) where x
i
[α
i
, γ
i
)
and y
i
[α
i
, β
i
], represent all the possible evolutions
characterizing the execution of Task
i
.
The trajectories specified in Property 1 represent only
a part of the possible ones. Thus, the synthesis prob-
lem of monitoring can be set as follows: given a stop-
watch automaton A representing a system S, restrict
the possible trajectories of this automaton in a way
that all remaining ones satisfy Property 1, for all the
tasks of S. As a result, we obtain an automaton A
where all its trajectories characterize the acceptable
execution of S. The calculation of the time space con-
taining these trajectories E
of A
is the core of our
synthesis algorithm. This is realized using of the For-
ward and backward reachability analysis. (Alur et al.,
1995)
Forward analysis of monitoring SWA:
We use the forward analysis operators to calculate all
the possible trajectories in the system. In other words:
the reachable time space E in the automaton A men-
tioned above. The forward operators look for all the
reachable states of a stopwatch automaton from its
initial state remaining in the locations of automaton
while the time progresses or by firing its transitions.
The reachable time space by forward analysis in loca-
tions l
2
and l
3
of the automaton shown in Figure 3 is
given in Figure 4.1. Note that the values of the stop-
watches given by g
4
in Figure 3 define a polyhedron.
We denote it as D
i
, and call it as the desired space of
Task
i
(Fig 4.2). Note also that the trajectories spec-
ified in Property 1 lead the task only to D
i
. These
trajectories represent only a part of the ones which are
contained in reachable time space (Fig. 4.1). Thus,we
must delimit the time space containing only these tra-
jectories to characterize the acceptable execution.
Backward analysis of monitoring SWA:
It is not hard to see that the time space E
of A
can
be obtained by removing from the time space of A
the states from which system’s evolutions do not lead
to D
i
of each interruptible task. In other words, one
needs first to apply the backward operators (called
as predecessors and annotated as Pre operators) to
the guards of arcs representing the desired space of
all the tasks over the automaton A. Then, E
=E
( Pre(D
i
)). The intuition behind the using the pre-
decessors operators for a guard representing D
i
of
Task
i
is that we look for all the states that lead to this
space D
i
from the initial state of A.
Applying the backward analysis for the automaton
given in Figure 3 gives the time space shown in Figure
4.3. The intersection of this space and that of forward
analysis is given in Figure 4.4. It is the space charac-
terizing the execution acceptable of Task
i
. One of the
trajectories contained in synthesized space (Fig. 4.4)
shows that the task reaches a faulty state, only from
the location l
3
with the dynamics ˙x = 1 and ˙y = 0. Fig-
ure 4.5 presents the final monitoring automaton A
.
ICINCO 2007 - International Conference on Informatics in Control, Automation and Robotics
222
i
y
i
x
i
β
i
γ
i
α
i
D
-2-
-4-
-1-
-3-
ii
γα
i
y
i
y
i
y
i
x
i
x
i
x
i
α
ii
γα
i
β
i
β
i
β
i
γ
i
γ
i
γ
i
s
i
r
3
l
1
l
2
l
1
=
i
x
Faulty state
4
l
i
ε
0
i
x:
=
0
i
y:
=
i
σ
0
=
i
y
1
=
i
x
1
=
i
y
0
=
i
x
0
=
i
y
0
i
x:=
0
i
y:=
*
A
2
E
3
E
-5-
Figure 4: Time space in l
2
and l
3
: (1) reachable by forward
analysis, (2) desired, (3) reachable by backward analysis (4)
delimiting acceptable execution (5) Synthesized Monitoring
automaton of an interruptible task.
T
i
C
i
T
T
i
I
T
i
O
T
i
x
T
i
C
j
j
X
T
i
C
t
t
t
T
i
x
-2 -
2
l
3
l
0
i
x:
=
1
l
1
=
i
x
1
T
i
C
-3 -
2
3
-1 -
1
=
i
x
1
=
i
x
Figure 5: (1) Timer (2) A part of monitoring automaton (3)
Corresponding grafcet G
1
.
3 GRAFCET OF THE
MONITORING SYSTEM
Grafcet and its international standard SFC (CEI/ IEC
60848 revised in 2002) are used for the implementa-
tion of discrete events models for manufacturing sys-
tems and many programmable logic controllers use
it as a programming language. The basic concepts of
the grafcet are: the step, action, transition and its asso-
ciated receptivity (David, 1995). A Boolean variable
X
i
is associated with each step. Its value is 1 when
step is active.
The general idea to translate the monitoring automa-
ton A
into a grafcet is to represent each location of
the automaton by a step. The faulty state is also mod-
eled by a step. Let L = {l
1
, ..., l
n
} be the set of loca-
tions of A
. The set of steps corresponding to these
locations is denoted by {1, ..., n}. An arc linking two
locations is modeled by a transition linking the two
corresponding steps. The transition receptivity is the
label of the arc. The simplest way to include time in
the grafcet model is to use timer objects, for that, each
stopwatch will be modeled by a timer.
Figure 5 shows a timer (T
i
) which is typically initial-
ized with a value representing a duration (I
T
i
input)
and a control input (C
T
i
) for starting the timer. This
timer produces a boolean output (O
T
i
). Associating
an impulse action C
T
i
with a step j will activate the
timer T
i
as soon as X
j
= 1. Here, we are not inter-
ested in the logic output of timer, but in the instanta-
neous value of the timer T
i
denoted by x
T
i
, which is
0
=
i
y
i
s
2
l
3
l
i
r
i
σ
i
ε
1
=
j
x
0
i
x:=
0
i
y:=
1
=
j
y
1
=
i
x
1
=
i
y
1
=
i
x
-1 -
4
l
0
i
x:=
0
i
y:=
1
l
(3)
0
y
i
:
δ
=
0
x
i
:
δ
=
(1)
(2)
xxT
iii
:x
δδ
=+
yy
T
ii
j
:x
δδ
=+
xxT
iii
:x
δδ
=+
-2 -
i
s
2
T
i
C
i
r
i
σ
1
i
ε
T
j
C
4
(1)
(2)
(3)
T
i
C
(1)
3
-3 -
11
1
2
(t
21
)
alar
m
i
i
(E .X )
(t
22
)
m
Figure 6: (1) A part of monitoring automaton (2) G
1
and
shifting and initiation actions (3) G
2
model.
supposed to be readable and testable in real time. In
fact, many PLC manufacturers provides products with
timers equipped with functions permitting to read and
test the value x
T
i
.
In these translation rules, the behavior of a stopwatch
goes beyond the ability of a timer. To show that,
we consider the part of monitoring automaton shown
in Figure 5.2. In this automaton the stopwatch x
i
is newly activate in l
1
and remains active in l
2
and
l
3
. Translating this model into a grafcet by using the
method described above, gives the model shown in
Figure 5.3 where T
i
is the timer corresponding to stop-
watch x
i
. In this grafcet, we activate the timer T
i
as
soon as the X
1
= 1. T
i
remains active in steps 2 and
3. However this is not sufficient to represent the be-
havior of the monitoring automaton since an impor-
tant issue is the behavior at the firing the arc of au-
tomaton between l
3
and l
1
. The stopwatch x
i
persists
active after the commutation and has a certain value
at the instant of reaching l
1
, while there will be an ini-
tialization of the value of corresponding timer T
i
when
X
1
= 1 in the grafcet. However, we show that this
problem can be overcome by completing the grafcet
by actions and by using intermediate variables.
Modeling of stopwatches by timers:
Let us consider that the automaton given in Figure
6.1 follows the behavior given in Figure 7. T
i
and T
j
are the timers corresponding to stopwatches x
i
and y
i
.
We express the dynamics ˙x
i
= 1 and ˙y
i
= 1 in the lo-
cation l
2
by associating to step 2 the impulse actions
C
T
i
and C
T
j
. These actions will activate T
i
and T
j
as soon as X
2
= 1. In a similar way, we express the
dynamic ˙x
i
= 1 in l
3
. We will now give the method to
represent the behavior of x
i
and y
i
whose values are 0
at the entry of l
2
. Note that the value of x
i
in a given
location l
2
or l
3
is the sum of: the value of x
i
when the
system reaches this location and the passed time from
the reaching instant to actual one.
The latter item corresponds to the value of timer T
i
which is activated when the system reaches the step
corresponding to the given location. For the for-
DESIGN AND IMPLEMENTATION OF A MONITORING SYSTEM USING GRAFCET
223
2
X
t
i
x
x
i
δ
T
i
x
xT
ii
x
δ
+
3
X
2i
x
(t )
t
t
t
t
t
i
y
t
t
t
t
t
1i
x
(t )
T
j
x
y
i
δ
2
X
3
X
Figure 7: Representing behavior of stopwatches in grafcet.
mer item, an intermediate variable denoted by δ
x
i
and
called as shifting variable is used. δ
x
i
is initialized
when the automaton resets to 0 the stopwatch x
i
. The
value of δ
s
i
corresponding to x
i
(t
1
) in Figure 7 can be
obtained by associating to the step 2 (Fig. 6.2) the
impulse action δ
x
i
:= δ
x
i
+ x
T
i
(Shifting action). It
adds to δ
s
i
whose initially has the value 0, the value
of x
T
i
representing the duration that the grafcet stays
in step 2. The value of δ
x
i
corresponding to x
i
(t
2
) in
Figure 7 can be obtained by associating to step 3 the
same action. It adds to previous value of δ
x
i
the du-
ration that the system rests in step 3. The resulting
values of δ
x
i
are shown in Figure 7. They correspond
to that of x
i
at the instants of reaching l
2
and l
3
after
each commutation between these two locations. As a
result, δ
x
i
+x
T
i
is equivalent to that of x
i
at any instant
during the system dynamics either in l
2
or l
3
.
The behavior of stopwatch y
i
is different from that
of x
i
. y
i
is suspended when the automaton fires from
l
2
to l
3
. y
i
resumes in location l
2
from the same value
when it was suspended, then we associate the action
δ
y
i
:= δ
y
i
+ x
T
j
to step 2 to memorize this value. δ
y
i
is initialized when the automaton resets to 0 the stop-
watch y
i
. The describing exactly the given part of au-
tomaton is given in Figure 6.2.
In Figure 6.1, x
i
and y
i
are initialized by firing the arc
l
2
l
4
. Our grafcet does this resetting by allocating
to zero the variables δ
x
i
and δ
y
i
after the firing from
step 2 to 4. The action resetting the shifting variables
will be associated to the step 4. The initial step of is
associated by an impulse action resetting all the shift-
ing variables used in the grafcet.
The grafcet monitor checks permanently the time
space associated to the actual step. The faulty step
is reached when the system violates this time range.
This fact can be represented in the grafcet model by
using the concept of hierarchy. It is easy to imagine
that a grafcet G
1
has an influence on anther grafcet
G
2
. G
1
is the Grafcet resulting from structural trans-
lation described above (Fig. 6.2). G
2
has two steps:
initial and faulty steps (Fig. 6.3). The activation of
initial step of G
2
expresses that the system’s behavior
is acceptable. G
2
evolves to faulty step when the time
space is violated. Let E
1
,..E
i
,..,E
n
be the time sub-
space in the locations l
1
,..,l
i
,..,l
n
permitting to evolve
to the faulty state. The corresponding steps in grafcet
G
1
are 1,..,i,..,n. The receptivity of t
21
in Figure 6.3
is: [X
1
.E
1
+ .. + X
i
.E
i
+ .. + X
n
.E
n
]. In Figure 6.3, the
event m represents the reparation operation.
4 APPLICATION
conveyor
Sensor
Pallet
Robot
Assembly
station
A
c
tu
a
to
r
-2-
d
d
R
R
b
e
b
R
2
y
2
()y
θ
-1-
-3-
3
24
, xy
4
,x
Alarm
0.5
1.5
3
t
2
1
2
()x
θ
3
t
Figure 8: -1- Workshop -2- Working specification -3- A sce-
nario of working.
Figure 8 shows a manufacturing system and its work-
ing specification. In this system, when the control
system gives the order d, the actuator puts down a
pallet on the conveyor. When the sensor B detects
the transferred pallet (event b), and if the robot is not
busy (event e), it transfers the pallet to the assembly
station. The actuator comes back to its initial state and
waits again d. When the robot finishes its task (event
R), it returns to its initial state. The information con-
cerning the interruptible tasks is given in the follow-
ing table. t.u is the abbreviation for ”time units”.
Task name Conveyor task Robot task
[α
i
,β
i
] (t.u) [3,4] [2,3]
[α
i
,γ
i
) (t.u) [3,5) [2,4)
Used stopwatches x
2
and y
2
x
4
and y
4
Monitoring signals s
2
and r
2
s
4
and r
4
In Figure 9.1, we give the monitoring automaton of
the considered system composed of 12 locations and
focalize to a part of it in Figure 9.2. The time spaces
in the locations have been calculated by using the
model-checker PHAVer (Frehse, 2005).
Figure 8.3 shows a scenario of working where the
robot and conveyor start their tasks simultaneously.
This situation is represented by location L
7
as the
stopwatches dynamic’s show. In this scenario, the
conveyor is interrupted 2 t.u. Then, the system fires
to L
8
. The inequality in bold in L
8
detects a fault in
the considered behavior at the instant x
2
(θ) = 3. The
corresponding value of y
2
is y
2
(θ) = 1. This result
can be explained as follows: to finish the conveyor
task correctly, one needs to have at least the duration
α
2
y
2
(θ) = 3 1 = 2 t.u. The corresponding value
of x
2
will be x
2
= x
2
(θ) + (α
2
y
2
(θ)) = 3 + 2 = 5.
This value exceeds the maximum permitted duration
of conveyor’s task. Figure 10.1 shows the monitoring
ICINCO 2007 - International Conference on Informatics in Control, Automation and Robotics
224
22
44
22
44
42
22
44
x1, y1
x1, y1
0x y 2
0x y 2
0x x 2
y4,x5
y3,x4
••
••
=
=
=
=
≤−<
≤−<
≤−<
<
≤<
22
44
22
44
42
22
44
x1, y1
x1, y0
0x y 2
0x y 2
0x x 2
y4,x5
y3,x4
••
••
=
=
=
=
−<
−<
−<
<
≤<
4
s
4
r
2
r
b
b
R
R
2
s
L
8
L
7
L
9
22
0
2
−<xy
41
x1, x
1
••
=
=
4
s
4
r
R
L
10
L
2
2
y4
L
12
4
x4
<
44
0x y
2
≤−<
2
x1
=
22
0x
y2
−<
22
44
x1, y
0
x1, y1
••
••
=
=
=
=
44
42
22
44
0x y 2
0x x 2
y4,x5
y3,x4
−<
−<
<
≤<
4
y1
=
-1-
-2-
L
8
L
2
L
1
L
3
L
4
L
5
L
6
L
7
L
9
L
10
L
11
L
12
d
d
d
b
b
b
e
R
R
R
R
R
2
r
2
s
4
s
4
r
2
s
2
r
2
s
2
r
4
r
4
s
4
r
4
s
4
s
4
r
4
y3
1
0x
41
3x x
41
x1, x
1
••
=
=
4
x4
<
44
0x y
2
−<
4
y
0
=
4
y3
1
0x
41
3x x
2
x5
<
2
y1
=
Figure 9: 1- Automaton A
2- Scoped part of A
.
Figure 10: 1- G
1
2- Shifting and initiation actions 3- G
1
evolutions 4- evolution of Grafcet variables.
grafcet G
1
of the system. The timers T
1
, T
2
, T
3
, T
5
and
T
6
correspond respectively to stopwatches x
1
, x
2
, y
2
,
x
4
and y
4
. The used shifting variables are : δ
x
1
, δ
x
2
,
δ
y
2
, δ
x
4
, and δ
y
4
. Figure 10.3 shows the evolution of
G
1
according to the proposed scenario.
The receptivity of transition t
21
in G
2
(Fig. 6.3) is:
(X
3
.E
3
+X
6
.E
6
+X
8
.E
8
+X
9
.E
9
+X
11
.E
11
+X
12
.E
12
).
Its predicate becomes true at the instant t = 3 because
X
8
= 1 and the inequality (δ
x
2
+ x
T
2
) δ
y
2
2 in E
8
becomes true at this instant as shown in Figure 10.4.
5 CONCLUSION
Active approach has been carried out to provide solu-
tion to specific problem related to the fault detection
which is the ability to detect the faults as early as pos-
sible. It is based on a stopwatch automaton which
provides a formal support to this approach. The link
between the design of monitoring system and its im-
plementation in programmable logic controller is pro-
vided using grafcet tool. We have shown how the
grafcet can be used to describe the monitoring stop-
watch automaton’s behavior.
REFERENCES
A.allahham and alla, H. (2006). Monitoring of timed dis-
crete events systems: Application to manufacturing
systems. In The 32nd Annual conference of IEEE In-
dustrial Electronics Society.
Alur, R., Courcoubetis, C., Halbwachs, N., Henzingerd,
T., Hod, P., Nicollin, X., Olivero, A., Sifakis, J., and
Yovine, S. (1995). The algoritmic analysis of hybrid
systems. Theoretical Computer Science, 138(1).
Cassez, F. and Larsen, K. (2000). The impressive power of
stopwatch. In 11th conference on concurrency theory,
number 1877, pages 138–152.
David, R. (1995). Grafcet: A powerful tool for specification
of logic controllers. IEEE transactions on control, sys-
tems technology, 3(3).
Frehse, G. (2005). Phaver: Algorithmic verification of hy-
brid systems past hytech. In The Fifth International
Workshop on Hybrid Systems: Computation and Con-
trol, pages 258–273.
Ghazel, M., Togu
´
eni, A., and Bigang, M. (2005). A mon-
itoring approach for discrete events systems based on
a timed perti net model. In Proceedings of 16th IFAC
World Congress.
Huang, Z., Chandra, V., Jiang, S., and Kumar, R. (1996).
Modeling discrte event systems with faults using a
rules based modeling formalism. Mathematical Mod-
eling of Systems, 1(1).
S. H. ZAd, R. H. K. and Wonham, W. M. (2003). Fault
diagnosis in discrete-event systems: Framework and
model reduction. IEEE Transactions On Automatic
Control, 48(7):1199–1212.
DESIGN AND IMPLEMENTATION OF A MONITORING SYSTEM USING GRAFCET
225