Supervisory control of a class of discrete event processes
SIAM Journal on Control and Optimization
On characterizations of the input-to-state stability property
Systems & Control Letters
Optimal Sampled-Data Control Systems
Optimal Sampled-Data Control Systems
On the Synthesis of an Asynchronous Reactive Module
ICALP '89 Proceedings of the 16th International Colloquium on Automata, Languages and Programming
CONCUR '99 Proceedings of the 10th International Conference on Concurrency Theory
LICS '05 Proceedings of the 20th Annual IEEE Symposium on Logic in Computer Science
Brief paper: Input-to-state stability of switched systems and switching adaptive control
Automatica (Journal of IFAC)
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Average-Price and Reachability-Price Games on Hybrid Automata with Strong Resets
FORMATS '08 Proceedings of the 6th international conference on Formal Modeling and Analysis of Timed Systems
Supervisory control for real-time systems based on conflict-tolerant controllers
CASE'09 Proceedings of the fifth annual IEEE international conference on Automation science and engineering
Verification and Control of Hybrid Systems: A Symbolic Approach
Verification and Control of Hybrid Systems: A Symbolic Approach
Multi-level hierarchical interface-based supervisory control
Automatica (Journal of IFAC)
Feedback Systems: An Introduction for Scientists and Engineers
Feedback Systems: An Introduction for Scientists and Engineers
KES'11 Proceedings of the 15th international conference on Knowledge-based and intelligent information and engineering systems - Volume Part IV
Synthesis of minimal-error control software
Proceedings of the tenth ACM international conference on Embedded software
Hi-index | 0.00 |
During the life cycle of a cyber-physical system, it is sometimes necessary to upgrade a working controller with a new, but unverified, one which provides better performance or additional functionality. To make sure that system invariants are not broken because of bugs in the new controller, an architecture is used in which both controllers are implemented on the platform, and a supervisor process checks that the actions of the new controller keep the system within its safe states. If an invariant may be violated, the supervisor switches over to the old controller that ensures correct behavior, but possibly degraded performance. A key question in the design of such supervisors is the switching strategy: when should the supervisor reinstate the new controller after it has switched to the old one? In general, one would prefer to use the new controller as much as possible, provided it does not violate safety. However, arbitrarily switching back to the new controller can cause the system to become unstable, even when each controller in isolation ensures stability. We provide a supervisor synthesis procedure that uses a simple counting strategy for the supervisor. Our synthesized supervisor ensures that switching between the controllers ensures stability of the system, while maintaining its safety properties and providing a lower bound on the use of the new controller. We prove the correctness of the strategy and show on an example that it can provide close to optimal use of the new controller against many disturbance scenarios.