On Robust Reachability of Input/State Switched Asynchronous

Sequential Machines

Seong Woo Kwak

and Jung–Min Yang

Department of Electronic Engineering, Keimyung University, 1095 Dalgubeol-daero, Dalseogu, Daegu, 42601, Korea

School of Electronics Engineering, Kyungpook National University, 80 Daehakro, Bukgu, Daegu, 41566, Korea

Keywords:

Asynchronous Sequential Machines, Switched Systems, Robust Reachability, Fault Tolerance.

Abstract:

Switched asynchronous sequential machines are composite systems consisting of a number of single asyn-

chronous machines, or submachines, and a rule that orchestrates switching operations between submachines.

In this paper, we investigate robust reachability of switched asynchronous machines. If each submachine has

equivalent state space with one another, it can be used in fault recovery against any unauthorized state tran-

sition caused by transient faults. The robust reachability of switched asynchronous machines is addressed in

terms of simple matrix expressions. The use of robust reachability in fault-tolerant corrective control is also

outlined.

1 INTRODUCTION

Asynchronous sequential machines are hard-

ware/software systems that operate sequentially with

no global synchronizing clock (Sparsø and Furber,

2001). Since ﬁrst invented in mid 1950’s (Huffman,

1954), asynchronous sequential machines have been

used in various areas as an important building block

of the system, e.g., digital systems (Unger, 1995),

communication networks (Schwartz, 1996), parallel

computation, etc. It is also expected that the notion

and control of asynchronous sequential machines

can be applied to the ﬁeld of systems biology

and bioinformatics (Hammer, 1995; Saadatpour,

Albert, and Albert, 2010), as biological systems

inherently have the feature of asynchrony, and the

state space of biological systems can be expressed in

discrete dynamics, which ﬁts into the mechanism of

asynchronous machines.

In this paper, we address robust reachability of

switched asynchronous sequential machines. The

switched systems are a kind of hybrid systems that

consist of several submachines and a rule that co-

ordinates switching operations between them. Due

to their importance in both theoretical and practi-

cal applicability, the study of switched systems has

drawn a great attention, especially in the ﬁeld of lin-

ear systems (Sun and Ge, 2006). In event-driven dy-

namics, however, few studies on switched systems

have been reported so far. Notable among them

are switched Boolean networks for gene regulatory

networks (Zhang and Feng, 2012) and control of

switched asynchronous sequential machines by the

authors (Yang, 2016).

In the prior work (Yang, 2016), the problem of

model matching for switched asynchronous sequen-

tial machines is investigated in the framework of cor-

rective control, which is a novel automatic control

theory developed exclusively for asynchronous ma-

chines (Murphy, Geng, and Hammer, 2003). The

control objective in Yang (2016) is to elucidate the

existence condition and design algorithm for a cor-

rective controller that matches the stable-state behav-

ior of the closed-loop system to that of a prescribed

reference model. In the present study, we are con-

cerned with fault-tolerant controllability of switched

asynchronous machines. We assume that the con-

sidered switched machine may suffer from transient

faults (Krishna and Shin, 1997). Transient faults

cause unauthorized state transitions to the machine,

making the next behavior unpredictable if not recov-

ered. Note that our study can be also applied to in-

termittent faults. While the adverse effect of transient

faults vanish immediately after the fault occurrence,

that of intermittent faults lasts for ﬁnite time. Hence

once an asynchronous machine undergoes an unau-

thorized transition by the intermittent fault, it cannot

return to the original state immediately and more rig-

orous procedure of fault tolerance is needed.

In this paper, we derive and quantify inherent

190

Kwak S. and Yang J.

On Robust Reachability of Input/State Switched Asynchronous Sequential Machines.

DOI: 10.5220/0006220401900195

In Proceedings of the 10th International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC 2017), pages 190-195

ISBN: 978-989-758-214-1

reachability of switched asynchronous sequential ma-

chines necessary to overcome both transient and inter-

mittent faults. We show that compared with the case

of transient faults, the switched machine must have

more reachability to tolerate the effect of intermittent

faults. Though this reachability analysis is a requisite

for designing a fault-tolerant corrective controller, in

this study we omit the controller construction and in-

stead outline the correction procedure as a remark.

The rest of this work is organized as follows. Sec-

tion 2 provides a modeling formalism of switched

asynchronous machines with transient faults. In Sec-

tion 3, the reachability of switched asynchronous ma-

chines is described in terms of numerical matrices and

the condition for fault-tolerant controllability is ad-

dressed. A simple example is provided in Section 4 to

support the proposed methodology. Finally, Section 5

concludes the paper.

2 PRELIMINARIES

2.1 Switched Asynchronous Sequential

Machines

Let us consider a switched asynchronous sequential

machine Σ with m submachines. Assume that each

submachine is a single input/state asynchronous se-

quential machine, namely the present state of the ma-

chine is given as the output. Σ is represented as

Σ = {Σ

|i ∈ M}

= (A, X, f

)

where M = {1, . . . , m}, Σ

is the ith submachine, A

is the input set, X is the state set with n states, and

: X × A → X is the state transition function of Σ

partially deﬁned on X × A. Since every submachine

is assumed to have an equal operational domain, the

input and state set of Σ

is the same for every i ∈ M. A

is further divided intoA = A

∪A

where A

and A

are

the set of normal and adversarial inputs, respectively.

Each submachine Σ

is operated according to the

characteristics of a single asynchronous sequential

machine, that is, it is not governed by any synchroniz-

ing clock and the state transition is executed only in

response to changes of external inputs. A state–input

pair (x, v

′

) ∈ X × A is a stable pair of Σ

if f

(x, v

′

) = x

and x is a stable state. If f

(x, v

′

) 6= x, on the other

hand, x is a transient state and (x, v

′

) is a transient

pair. Note that x may be stable or transient depending

on the value of the present input. Denote by

(x) = {v ∈ A

| f

(x, v) = x}

the set of normal inputs that make a stable pair with x

in Σ

. Owing to the absence of a synchronizing clock,

stays at a stable pair (x, v

′

) indeﬁnitely. If the in-

put v

′

changes to another value v for which (x, v) is

a transient pair, Σ

engages in a series of transient

transitions f

(x, v) = x

, f

, v) = x

, . . . where v re-

mains ﬁxed. Assuming no inﬁnite cycles, Σ

reaches

the next stable state x

such that x

= f

, v) at the

end of the chain with k transient transitions. Since

the transition speed of asynchronous sequential ma-

chines is very fast, the meaningful behavior of asyn-

chronous sequential machines may be described only

in terms of stable states. To this end, we introduce the

stable recursion function s as follows (Murphy et al.,

2003): s

: X × A → X, and s

(x, v) = x

′

where x

′

the next stable state of a valid state–input pair (x, v).

A chain of transient transitions from a stable state to

its next stable state, as represented by s

, is termed a

stable transition. The domain of s

can be expanded to

X × A

in a natural way as follows, where A

is the

set of all nonempty strings of characters in A.

(x, v

···v

) = s

(x, v

), v

···v

∈ A

2.2 Control Conﬁguration

C D

(i,x)

Figure 1: Control conﬁguration for the switched asyn-

chronous sequential machine Σ with transient faults.

A control conﬁguration for the switched asyn-

chronous sequential machine Σ is shown in Figure

1. C is the corrective controller, also designed in the

form of an asynchronous sequential machine. C pro-

vides Σ with the control signal u ∈ A

or the switch-

ing signal σ ∈ M, either of which is generated at a

time, but not simultaneously. The control input is de-

livered to D, the demultiplexer. D plays the role of

determining the active submachine whose dynamics

is manifested by Σ. The latter is realized by changing

the value of σ. Whenever σ is changed to a new value

in M, D gives the new active submachine the control

signal u, which can be interpreted as the switching op-

eration. P, the multiplexer, receives m state feedback

On Robust Reachability of Input/State Switched Asynchronous Sequential Machines

191

values from all submachines Σ

, . . . , Σ

and selects x,

the feedback value generated by the active subma-

chine Σ

. P forwards x and i ∈ M, the index of the

active submachine, to C. Let Σ

denote the closed-

loop system consisting of C, D, P, and Σ.

In Figure 1, v ∈ A

is the external input and

, . . . , w

∈ A

are the adversarial input occurring to

, . . . , Σ

, respectively. When w

occurs, Σ

experi-

ences an unauthorized state transition. For instance,

if the active submachine of Σ is Σ

staying at a stable

state x at which w

is deﬁned, Σ

must be forced to

reach s

(x, w

) as the result of the fault. If an imme-

diate fault recovery to the original state is not con-

ducted, the next behavior of Σ with respect to the

new external input would show incorrect state/input

behavior. Thus the objective of fault diagnosis and

tolerance is that the corrective controller C must be

designed such that the closed-loop system Σ

can

achieve instantaneous fault recovery upon diagnosing

an occurrence of a fault.

One point to be reminded is that immediate fault

recovery is impossible in the case that the fault shows

intermittent characteristics. When w

represents the

intermittent fault, Σ

cannot return to x upon diag-

nosing an occurrence of w

. But since Σ has m sub-

machines and each submachine has the same state

space made of X, we can regard that fault tolerance

is achieved if Σ returns to the state x of another sub-

machine. Whether Σ has such robust reachability will

be discussed in detail in the next section.

To avoid unpredictable behaviors caused by the

absence of a synchronizing clock, we assume that Σ

always preserves the principle of fundamental mode

operations (Kohavi and Jha, 2010) whereby a variable

must change its value when both C and Σ are in sta-

ble states, and no two or more variables can be altered

simultaneously.

3 ROBUST REACHABILITY

3.1 Skeleton Matrix

Assuming |X| = n, we denote the state set by X =

, . . . , x

}. Reachability of switched asynchronous

sequential machines is classiﬁed into to two aspects:

(i) stable reachability of each submachine, and (ii)

switching capability between different submachines.

In corrective control of single asynchronous ma-

chines, reachability of a machine is described by a

Boolean matrix, termed the skeleton matrix (Murphy

et al., 2003; Peng and Hammer, 2012), as follows.

Deﬁnition 1. K(Σ

), the skeleton matrix of Σ

(A, X, f

), is an n× n matrix whose (p, q) entry is

p,q

(Σ

) =



1 ∃t ∈ A

s.t. x

= s

, t)

0 otherwise

If K

p,q

(Σ

) = 1, a corrective controller can be con-

structed that takes Σ

from x

toward x

in the asyn-

chronous mechanism using an input string t ∈ A

such that x

= s

, t). For a detailed procedure

of controller construction, the readers are referred to

Murphy et al. (2003); Peng and Hammer (2012).

Switching capability of Σ implies the ability of Σ

to change its mode from a submachine to another sub-

machine at a speciﬁc stable state. In the prior work

(Yang, 2016), a constraint is imposed on the switch-

ing operation that as the result of switching, the active

submachine always takes the same state possessed by

the previous submachine. In this study, we general-

ize the switching operation by relaxing the foregoing

constraint. In other words, the new active subma-

chine does not necessarily transfer to the same state

at which the old one has stayed before switching. To

address the switching relation between two subma-

chines, we deﬁne the following matrix.

Deﬁnition 2. W(i, j), the switching incidence ma-

trix of two submachines Σ

and Σ

, is an n × n matrix

whose (p, q) entry is

p,q

(i, j) =







1 Σ switches the mode from Σ

at x

to Σ

at x

0 otherwise

W(i, j) represents switching capability of Σ in the

most general way, that is, the state of the present

submachine may differ from the previous one after

switching. The motivation for introducing W(i, j)

stems from the fact that some switched machines have

multiple submachines that share the same system

module to realize the state space. As the switching op-

eration depends on this implementation restraint, the

next state may be different from the previous one.

Note that for switching from Σ

at x

to Σ

at x

there must exist an input a ∈ A

that makes a stable

pair with both x

of Σ

and x

of Σ

, i.e.,

p,q

(i, j) = 1 ⇒ U

) ∩U

) 6=

0 (1)

Under the principle of fundamental mode operations,

should stay at the stable state x

at the moment that

the switching signal σ changes. Hence the present

control signal is u ∈ U

). Moreover, u must also

make a stable pair with x

in Σ

, namely u ∈ U

);

otherwise Σ

could not maintain x

upon completion

of the switching operation. However, the condition

u ∈ U

) may not be always valid since u is deter-

mined only by the past state trajectory of Σ

. Still, as

long as U

)∩U

) 6=

0 is held true, C can achieve

BIOINFORMATICS 2017 - 8th International Conference on Bioinformatics Models, Methods and Algorithms

192

the switching operation by changing the control sig-

nal to u

′

∈ U

) ∩ U

) right before transmitting

the switching signal σ = j. In this sense, (1) is a req-

uisite for guaranteeing consistent switching.

The following deﬁnitions depict stable reachabil-

ity and switching capability of Σ in a single matrix,

respectively.

Deﬁnition 3. K(Σ), the skeleton matrix of Σ for sub-

machines, is an nm× nm matrix deﬁned as

K(Σ) =







K(Σ

) 0

n×n

·· · 0

n×n

K(Σ

) ··· 0

n×n

·· · K(Σ

)







W(Σ), the switching incidence matrix of Σ, is an nm×

nm matrix deﬁned as

W(Σ) =







n×n

W(1, 2) ·· · W(1, m)

W(2, 1) 0

n×n

·· · W(2, m)

W(m, 1) ·· · W(m, m− 1) 0

n×n







Deﬁnition 4. The one-step switching skeleton matrix

(Σ) is an nm× nm Boolean matrix deﬁned as

(Σ) =







K(Σ

) W(1, 2) ·· · W(1, m)

W(2, 1) K(Σ

) ·· · W(2, m)

W(m, 1) ·· · W(m, m− 1) K(Σ

)







The k-step switching skeleton matrix S

(Σ) (k ≥ 2)

is recursively deﬁned as

(Σ) = S

k−1

(Σ) ×

(Σ)

where ‘×

’ denotes the Boolean product of two

Boolean matrices where logic AND and OR are used

instead of multiplication and plus operations in the

matrix product.

Deﬁnition 5. The combined switching skeleton ma-

trix Z(Σ) of the switched asynchronoussequential ma-

chine Σ is an nm× nm Boolean matrix deﬁned as

Z(Σ) =

nm−1

∑

k=1

(Σ)

where ‘+

’ denotes the Boolean addition of two ma-

trices.

Note that in the above deﬁnitions, state x

(p ∈

{1, . . . , n}) of the ith submachine Σ

is assigned the

index p

′

∈ {1, . . . , nm} such that

′

= (i− 1)n+ p

K(Σ) just assembles stable reachability of all the

submachines. Referring to Deﬁnition 3, K(Σ) does

not contain any reachability information between dif-

ferent submachines. If K

′

(Σ) = 1 for some p

′

, q

′

∈

{1, . . . , nm}, p

′

= (i− 1)n + p, and q

′

= (i − 1)n + q,

it follows that K

p,q

(Σ

) = 1, which means x

is stably

reachable from x

in submachine Σ

W(Σ) epitomizes switching capability of Σ. In

contrast to K(Σ), W(Σ) does not contain any stable

reachability measured within a single submachine.

Having W(i, j) as sub-blocks, W(Σ) shows whether

Σ can transfer from a state of a submachine to another

state of another submachine through switching oper-

ations. If W

′

(Σ) = 1 for some p

′

, q

′

∈ {1, . . . , nm},

′

= (i − 1)n + p, and q

′

= ( j − 1)n + q, we have

p,q

(i, j) = 1. Thus Σ can move from x

of Σ

to x

of Σ

via the switching operation.

(Σ) in Deﬁnition 4 contains both stable reacha-

bility and switching capability of Σ. Here, “one-step”

implies that Σ takes either one switching operation or

correction procedure. Indeed, a correction procedure

by the controller involves more than one stable transi-

tions if the length of the used input sequence is greater

than one (Murphy et al., 2003).

The combined switching skeleton matrix Z(Σ) is

a generalized description of stable reachability for the

switched asynchronous sequential machine Σ. Not

only does Z(Σ) represent stable reachability within

each submachine, it also elucidates whether a state

of a submachine can be reached from another state

of a different submachine by a combination of stable

transitions and switching operations. Since Σ has nm

states in total, any state in Σ can be reached within

nm− 1 steps of switching and correction procedures.

Hence S

(Σ), . . . , S

nm−1

(Σ) are sufﬁcient to express

the entire reachability of Σ.

3.2 Robust Reachability Analysis

In order to address the robust reachability of Σ, we

must quantify the adverse effect of fault inputs. De-

ﬁne F

(x) ⊂ A

for x ∈ X and i ∈ M as

(x) = {w ∈ A

(x, w)! and s

(x, w) 6= x}

where s

(x, w)! means s

(x, w) is deﬁned in Σ

. F

(x)

is the set of adversarial inputs that cause unauthorized

transitions at x of Σ

. In a similar way to K(Σ

), we ex-

press the characteristics of all unauthorized state tran-

sitions by a simple matrix as follows.

Deﬁnition 6. K

(Σ

), the adversarial skeleton matrix

of submachine Σ

, is an n × n matrix whose (p, q) en-

try is

p,q

(Σ

) =



1 ∃w ∈ F

) s.t. s

, w) = x

0 otherwise

On Robust Reachability of Input/State Switched Asynchronous Sequential Machines

193

In particular, assume that there exists an adversar-

ial input w

∈ F

) such that s

, w

) = x

. Ac-

cording to the above deﬁnition, we have K

p,q

(Σ

) = 1.

The fact that the unauthorized transition from x

is manifested means that Σ

is serving as the active

submachine of Σ. The condition for robust reacha-

bility varies depending on how many steps and sub-

machines will be used for realizing the fault-tolerant

control process.

First, assume an extreme case that we would like

to maintain the active submachine as the same despite

an occurrence of the fault. In the foregoing case, this

means that submachine Σ

must have fault-tolerance

capability against w

. Clearly, the condition for driv-

ing Σ

back to the original state x

is that Σ

must have

stable reachability from x

to x

. Thus, we have

p,q

(Σ

) = 1 ⇒ K

q, p

(Σ

)

Generalizing the above relation, we derive as follows

the robust reachability for fault tolerance using a sin-

gle submachine.

(Σ

))

≤ K(Σ

) (2)

where the inequality is taken entry by entry and

(Σ

))

denotes the transpose of K

(Σ

). Note that

an intermittent fault cannot be tolerated using this ro-

bust reachability, since the instantaneous recovery to

is infeasible.

Next, assume that we would like to involve one

more submachine in realizing fault-tolerant control.

This means that upon diagnosing a fault occurrence,

the controller will provide a switching signal, with

which Σ will change its mode to another submachine,

say Σ

. Then fault tolerance is conducted in Σ

enforcing Σ

to reach the desired state x

. With the

skeleton matrices, the reachability condition for the

latter case is described as

q,r

(i, j) = 1 and K

r, p

(Σ

) = 1

where we suppose that Σ reaches x

of Σ

as the result

of the switching operation from Σ

at x

. Submachine

can be arbitrarily chosen so long as the above con-

dition is satisﬁed. We represent in formal terms this

robust reachability condition as follows.

∀i ∈ M, ∃ j ∈ M such that

(Σ

))

≤ W(i, j) ×

K(Σ

) (3)

Finally, assume that fault-tolerant procedures can

be implemented using either only submachine Σ

and another submachine, and that different subma-

chines can be used in the entire fault-tolerant control

procedure. To this end, we introduce another Boolean

matrix as follows.

Deﬁnition 7. For Σ, let

K (Σ) = W(Σ) +

W(Σ) ×

K(Σ)

Z(Σ

), the augmented skeleton matrix of submachine

, is an n× n matrix whose (p, q) entry is

p,q

(Σ

) = max

j∈M, j6=i

′

(Σ)

where p

′

= (i− 1)n+ p and q

′

= ( j − 1)n+ q.

Using Z(Σ

), we derive the following robust

reachability condition for fault-tolerant controllabil-

ity of Σ.

∀i ∈ M, (K

(Σ

))

≤ Z(Σ

) (4)

Whereas (2) cannot solve fault tolerance against

intermittent faults, (3) and (4) ensure fault-tolerant

controllability against them, since Σ does not return to

the original state at which the fault occurs. Although

not used in this paper, the combined skeleton ma-

trix Z(Σ) in Deﬁnition 5 can be applied to represent

the overall fault-tolerant controllability of Σ, namely

whether Σ can overcome any unauthorized state tran-

sition using arbitrary number of submachines and cor-

rection procedures. Once the robust reachability con-

ditions (2)–(4) are guaranteed, a fault-tolerant correc-

tive controller can be easily designed based on the

previous algorithm for the model matching problem

(see, e.g, Murphy et al. (2003); Peng and Hammer

(2012); Yang (2016)).

4 EXAMPLE

c,w

b a,w

Figure 2: Switched asynchronous machine Σ = {Σ

, Σ

Consider a simple switched asynchronous machine

Σ = {Σ

, Σ

} (M = {1, 2}) shown in Figure 2, where

X = {x

, x

}, A

= {a, b, c}, and A

= {w

, w

For simplicity, we set f

(x, v) = s

(x, v) for all i = 1, 2

and (x, v) ∈ X × A. A slight examination of Figure 2

leads to

K(Σ

) =





1 1 1





K(Σ

) =





1 1 1

0 0 1





BIOINFORMATICS 2017 - 8th International Conference on Bioinformatics Models, Methods and Algorithms

194

We assume that Σ has switching capability expressed

by the following switching skeleton matrix.

W(1, 2) = W(2, 1) =





1 0 0

0 1 0





Following Deﬁnition 6 and referring to Figure 2, we

quantify the adverse effect of A

(Σ

) =





0 0 0

1 0 0





(Σ

) =





0 0 1

0 0 0





Consider the adversarial input w

in the ﬁrst.

Clearly, we have (K

(Σ

))

≤ K(Σ

). Hence the

unauthorized transition s

, w

) = x

caused by w

can be invalidated (if w

has the transient feature) by

employing only Σ

, as Σ

has sufﬁcient robust reach-

ability (K

1,3

(Σ

) = 1 and s

, bc) = x

). Next, con-

sider the case of w

. We see that K

1,3

(Σ

) = 1 but

3,1

(Σ

) = 0. This implies that fault tolerance cannot

be achieved within Σ

. However, since W

3,2

(2, 1) = 1

and K

2,1

(Σ

) = 1, fault-tolerant control may be real-

ized by activating a two-step procedure: switching to

(σ = 1) upon diagnosing an occurrence of w

, and

initiating the correction procedure from x

to x

in Σ

This argument can be also asserted by applying con-

dition (4).

5 CONCLUSION

In this study, fault-tolerant controllability for a class

of switched asynchronous sequential machines has

been investigated. We have presented matrix ex-

pressions to describe robust reachability of switched

asynchronous sequential machines in a quantitative

manner. We have found that the condition for fault-

tolerant controllability is determined by the number

of submachines that are used in fault-tolerant control

procedures. The examination of the controller exis-

tence has been demonstrated in a simple example.

ACKNOWLEDGEMENTS

The research of S. W. Kwak was supported

by Basic Science Research Program through

the National Research Foundation of Korea

(NRF) funded by the Ministry of Education

(No. 2016R1D1A1B02012959). The research

of J.–M. Yang was supported by Basic Science

Research Program through the National Research

Foundation of Korea (NRF) funded by the Ministry

of Education (No. 2015R1D1A1A01056764) and by

the Ministry of Science, ICT and future Planning

(No. 2015R1A2A1A15054026).

REFERENCES

Hammer, J. (1995). On the modeling and control of biolog-

ical signaling chains. In Proceedings of IEEE Interna-

tional Conference on Decision and Control, pp. 3742–

3752.

Huffman, D. A. (1954). The synthesis of sequential switch-

ing circuits. Journal of The Franklin Institute, 257,

161–190.

Kohavi, Z., Jha, N. K.(2010). Switching and ﬁnite automata

theory (3rd ed.). Cambridge, UK: Cambridge Univer-

sity Press.

Krishna, C. M., Shin, K. G. (1997). Real-time systems.

NewYork: McGraw-Hill.

Murphy, T. E., Geng, X., Hammer, J. (2003). On the control

of asynchronous machines with races. IEEE Transac-

tions on Automatic Control, 48(6), 1073–1081.

Peng, J., Hammer, J. (2012). Bursts and output feedback

control of non-deterministic asynchronous sequential

machines. European Journal of Control, 18(3), 286–

300.

Saadatpour, A., Albert, I., Albert, R. (2010). Attractor

analysis of asynchronous Boolean models of signal

transduction networks. Journal of Theoretical Biol-

ogy, 266(4), 641–656.

Schwartz, M. (1996). Broadband integrated networks. New

Jersey: Prentice Hall.

Sparsø, J., Furber, S. (2001). Principles of asynchronous

circuit design — a systems perspective. Kluwer Aca-

demic Publishers.

Sun, Z., Ge, S. S. (2006) Switched linear systems: control

and design. London: Springer-Verlag.

Unger, S. H. (1995). Hazards, critical races, and metasta-

bility. IEEE Transactions on Computers. 44(6), 754–

768.

Yang, J. M. (2016). Modeling and control of switched asyn-

chronous sequential machines. IEEE Transactions on

Automatic Control, 61(9), 2714–2719.

Zhang, L., Feng, J. (2012). Controllability and observabil-

ity of switched Boolean control networks. IET Control

Theory & Applications, 6(16), 2477–2484.

On Robust Reachability of Input/State Switched Asynchronous Sequential Machines

195