FactoryAutomation472 Four conditions are identified in the literature for a deadlock to occur. First, tasks claiming exclusive control of the resource they acquire may lead to deadlock (the mutual exclusion condition). Second, deadlock may occur when resources cannot be forcibly removed from the tasks holding them until the resources are used to completion (the no-preemption condition). Third, processes holding resources allocated to them while waiting for additional ones may prevent proper termination of all tasks (the wait-for condition). Fourth, circular claims of tasks, such that each task holds one or more resources that are being requested by the next task(s) in the claim (the circular wait condition), will cause indefinite blockage of a system. In Automated Manufacturing Systems, the first three conditions always hold true. Orchestrators do claim exclusive control of the resources (machines/robots/conveyors) they acquire. Once acquired, a resource must complete the processing it was originally contracted for: a device cannot be forcibly stopped while processing in order to start machining for a different requestor. Last but not least, orchestrators hold resources allocated to them until (some of the) needed future (transportation) devices become available. Therefore, deadlocks can be excluded only if the circular wait condition is falsified. Three main strategies have been identified for resolving deadlock problems: prevention, detection & recovery, and avoidance. Deadlock prevention is an offline technique involving static resource allocation policies for eliminating deadlocks. Knowledge of the system state is not required to realize the control. However with this method the utilization of resources is low and production flexibility is limited. The detection and recovery technique aims at resolving blockages after they have occurred. The recovery process is assisted by special buffers reserved for breaking deadlocks. This solution enables higher resource utilization, however it should be used only when deadlock is rare and detection & recovery cost is low. Deadlock avoidance is an online method that uses look-ahead strategies and operational control of part flow to falsify the circular wait condition. Track of the current system state and possible future states is needed. This technique is considered to yield better performance from the viewpoint of resource utilization than the first two. Deadlock analysis and handling approaches seek the circular waits within models of process-resource interactions (job mix). The interactions between jobs and resources are traditionally represented through graphs (Wysk et al., 1991; Cho et al., 1995; Kim & Kim, 1997; Zhang & Judd, 2007) or Petri Nets (Banaszak & Krogh, 1990; Viswanadham et al., 1990; Wu et al., 2008): Wysk, Yang and Joshi (Wysk et al., 1991) consider the deadlock problem for direct address Flexible Manufacturing Systems (FMS) during design phase. They use a graph representation of all wait relations between the input job mix and resources. All circuits within, together with their interactions , are investigated. A circuit is considered to be a deadlock if the number of jobs occupying the nodes of the cycle is equal to the numbers of nodes and edges of the cycle. The circuits are identified through a string multiplication procedure that uses one distinct character to encode each machine/node in the graph. Circuit detection is computed only upon the introducing of a new part into the system. Cho and colleagues (Cho et al., 1995) develop graph theoretic deadlock handling procedures that are suitable for the real time control of manufacturing systems. The complete part routings of all the parts in the circuit are needed to detect impending part flow deadlocks. A system status graph is virtually updated for every part movement before the parts move physically to the next destination. The deadlock detection and resolution procedures are based on the defined notion of ‘bounded circuit’ and its derivatives for this graph. A circuit becomes a sufficient condition for part flow deadlock if the number of edges in the circuit is equal to the number of parts and machines. The circuit type and its degree of node occupation characterize both part flow deadlocks and impending part flow deadlocks. Kim (Kim & Kim, 1997) approach the deadlock avoidance problem from the graph theoretic viewpoint. Deadlock avoidance is rephrased as the problem of inserting´/deleting edges to/from the resource allocation graph while keeping it acyclic. Cycle detection on this graph is employed via a method originally developed by Belik (Belik, 1990). This technique is enriched with a resource allocation policy, effective in Automated Manufacturing Systems, to ensure superior resource utilization and productivity. Banaszak and Krogh (1990) model concurrent job flow and dynamic resource allocation in an FMS with Petri Nets. A policy to restrict transition enabling in this model is used to avoid possible deadlocks. Viswanadham, Narahari and Johnson (Viswanadham et al., 1990) describe a set of deadlock prevention policies that utilize look-ahead procedures on the reachability graph of the system. All behavioral characteristics of an FMS (including deadlocks) are captured offline, at modeling phase. The feasibility of the method for large systems is questionable as the entire state space of the system must be computed in its initial phase. Another important drawback concerns adaptability: if any change is made in the system the corresponding modifications have to be translated into the formal model. Zhang and Judd (Zhang & Judd, 2008) propose a deadlock avoidance algorithm (DAA) for FMS which allows free choices in part routing. They calculate the effective free space of circuits in the digraph model of all wait relations between the resources involved in all process plans. The presented DAA runs in polynomial time once the set of necessary circuits of the digraph is computed offline. 4. Summary This chapter provides a short introduction to the topic of formal methods in factory automation. The discussion covers the differences between two formalisms widely used in the considered application domain (Petri Nets and timed automata), and process algebras (commonly used in the field of computer science). Details are given on how formal methods are used in factory automation for verification and synthesis of process logic control and for coordination control. Pointers to relevant studies in the field are given, to provide the newcomers to the field with initial guidelines for further investigations. 5. References Aalst, Van der, W.M.P., ‘The Application of Petri nets to workflow management’ Journal of Circuits, Systems and Computers, vol.8, pp. 21-66. Abumaizar, R.J. and Svetska, J.A., ‘Rescheduling job shops under random disruptions’, International Journal of Production research, 1997, vol. 35(7), pp. 2065-2082 FormalMethodsinFactoryAutomation 473 Four conditions are identified in the literature for a deadlock to occur. First, tasks claiming exclusive control of the resource they acquire may lead to deadlock (the mutual exclusion condition). Second, deadlock may occur when resources cannot be forcibly removed from the tasks holding them until the resources are used to completion (the no-preemption condition). Third, processes holding resources allocated to them while waiting for additional ones may prevent proper termination of all tasks (the wait-for condition). Fourth, circular claims of tasks, such that each task holds one or more resources that are being requested by the next task(s) in the claim (the circular wait condition), will cause indefinite blockage of a system. In Automated Manufacturing Systems, the first three conditions always hold true. Orchestrators do claim exclusive control of the resources (machines/robots/conveyors) they acquire. Once acquired, a resource must complete the processing it was originally contracted for: a device cannot be forcibly stopped while processing in order to start machining for a different requestor. Last but not least, orchestrators hold resources allocated to them until (some of the) needed future (transportation) devices become available. Therefore, deadlocks can be excluded only if the circular wait condition is falsified. Three main strategies have been identified for resolving deadlock problems: prevention, detection & recovery, and avoidance. Deadlock prevention is an offline technique involving static resource allocation policies for eliminating deadlocks. Knowledge of the system state is not required to realize the control. However with this method the utilization of resources is low and production flexibility is limited. The detection and recovery technique aims at resolving blockages after they have occurred. The recovery process is assisted by special buffers reserved for breaking deadlocks. This solution enables higher resource utilization, however it should be used only when deadlock is rare and detection & recovery cost is low. Deadlock avoidance is an online method that uses look-ahead strategies and operational control of part flow to falsify the circular wait condition. Track of the current system state and possible future states is needed. This technique is considered to yield better performance from the viewpoint of resource utilization than the first two. Deadlock analysis and handling approaches seek the circular waits within models of process-resource interactions (job mix). The interactions between jobs and resources are traditionally represented through graphs (Wysk et al., 1991; Cho et al., 1995; Kim & Kim, 1997; Zhang & Judd, 2007) or Petri Nets (Banaszak & Krogh, 1990; Viswanadham et al., 1990; Wu et al., 2008): Wysk, Yang and Joshi (Wysk et al., 1991) consider the deadlock problem for direct address Flexible Manufacturing Systems (FMS) during design phase. They use a graph representation of all wait relations between the input job mix and resources. All circuits within, together with their interactions , are investigated. A circuit is considered to be a deadlock if the number of jobs occupying the nodes of the cycle is equal to the numbers of nodes and edges of the cycle. The circuits are identified through a string multiplication procedure that uses one distinct character to encode each machine/node in the graph. Circuit detection is computed only upon the introducing of a new part into the system. Cho and colleagues (Cho et al., 1995) develop graph theoretic deadlock handling procedures that are suitable for the real time control of manufacturing systems. The complete part routings of all the parts in the circuit are needed to detect impending part flow deadlocks. A system status graph is virtually updated for every part movement before the parts move physically to the next destination. The deadlock detection and resolution procedures are based on the defined notion of ‘bounded circuit’ and its derivatives for this graph. A circuit becomes a sufficient condition for part flow deadlock if the number of edges in the circuit is equal to the number of parts and machines. The circuit type and its degree of node occupation characterize both part flow deadlocks and impending part flow deadlocks. Kim (Kim & Kim, 1997) approach the deadlock avoidance problem from the graph theoretic viewpoint. Deadlock avoidance is rephrased as the problem of inserting´/deleting edges to/from the resource allocation graph while keeping it acyclic. Cycle detection on this graph is employed via a method originally developed by Belik (Belik, 1990). This technique is enriched with a resource allocation policy, effective in Automated Manufacturing Systems, to ensure superior resource utilization and productivity. Banaszak and Krogh (1990) model concurrent job flow and dynamic resource allocation in an FMS with Petri Nets. A policy to restrict transition enabling in this model is used to avoid possible deadlocks. Viswanadham, Narahari and Johnson (Viswanadham et al., 1990) describe a set of deadlock prevention policies that utilize look-ahead procedures on the reachability graph of the system. All behavioral characteristics of an FMS (including deadlocks) are captured offline, at modeling phase. The feasibility of the method for large systems is questionable as the entire state space of the system must be computed in its initial phase. Another important drawback concerns adaptability: if any change is made in the system the corresponding modifications have to be translated into the formal model. Zhang and Judd (Zhang & Judd, 2008) propose a deadlock avoidance algorithm (DAA) for FMS which allows free choices in part routing. They calculate the effective free space of circuits in the digraph model of all wait relations between the resources involved in all process plans. The presented DAA runs in polynomial time once the set of necessary circuits of the digraph is computed offline. 4. Summary This chapter provides a short introduction to the topic of formal methods in factory automation. The discussion covers the differences between two formalisms widely used in the considered application domain (Petri Nets and timed automata), and process algebras (commonly used in the field of computer science). Details are given on how formal methods are used in factory automation for verification and synthesis of process logic control and for coordination control. Pointers to relevant studies in the field are given, to provide the newcomers to the field with initial guidelines for further investigations. 5. References Aalst, Van der, W.M.P., ‘The Application of Petri nets to workflow management’ Journal of Circuits, Systems and Computers, vol.8, pp. 21-66. Abumaizar, R.J. and Svetska, J.A., ‘Rescheduling job shops under random disruptions’, International Journal of Production research, 1997, vol. 35(7), pp. 2065-2082 FactoryAutomation474 Alur, R. and Dill, D.L.(1994), A Theory of Timed Automata, Theoretical Computer Science , vol. 126, pp.183-236. Baier, C., Katoen, J P., ‘Principles of Model Checking’, MIT Press, ISBN 978-0-262-02649-9, 2008. Banaszak, Z.A., Krogh, B.H.(1990) Deadlock avoidance in Flexible Manufacturing Systems with Concurrently Competing Process Flows, IEEE Transactions on Robotics and Automation, vol. 6, no.6, 724-734. Belik, F. (1990), ‘An efficient deadlock avoidance technique’ IEEE Transactions on Computers, vol. 39, no.7, 882-888. Bergstra, J.A., and Klop, J.W.(1984),’The algebra of recursively defined processes and the algebra of regular processes’, Lecture Notes in Computer Science 172, pp.82-95. Cho, H., Kumaran, T.K., Wysk, R.A.(1995).Graph-Theoretic Deadlock Detection and Resolution for Flexible Manufacturing Systems. IEEE Transactions on Robotics and Automation, vol. 11, no.3, 413-421. Church, L.K., Uszoy, R., ‘Analysis of periodic and event-driven rescheduling policies in dynamic shops’, International Journal of Computer Integrated Manufacturing , vol. 5(3), 1992, pp. 153-163. Clarke, E.M., Grumberg, O., Peled, D.A., “Model Checking”, MIT Press, 2001, ISBN 0262032708, 9780262032704 Duffy, D. A., “Principles of Automated Theorem Proving”, John Wiley & Sons, 1991. Fanti, M.P., Zhou, M.C. (2004). Deadlock control methods in automated manufacturing systems. IEEE Transactions on Systems, Man, and Cybernetics –Part A: Systems and Humans, vol. 34, 5-22. Frey, G., Litz L., ‘Formal Methods in PLC Programming’, Proceedings of SMC, pp. 2431- 2436, October 2000,. Girault, C., and Valk, R. (2003), ‘Petri Nets for Systems Engineering,’ Springer, ISBN 3-540- 41217-4. Hoare, C.A.R, ‘Calculus of Sequential Processes’ Communications of the ACM , vol. 21, pp. 666-677. Jain, A.K, ElMaraghy, H.A., ‘Production scheduling/rescheduling in flexible manufacturing’, International Journal of Production Research, vol.35, no.1, pp.281- 309 Kim, C.O., Kim, S.S. (1997). An efficient real-time deadlock-free control algorithm for automated manufacturing systems. Int.J. Prod. Res., vol. 35, no.6, 1545-1560. Lee, D.Y., DiCesare, F., ‘Scheduling Flexible Manufacturing Systems Using Petri Nets and Heuristic Search’, IEEE Transactions on Robotics and Automation, vol. 10, no.2, April 1994, pp.123 -132 ‘Manufuture: A vision for 2020’, Report of the High Level group, November 2004, Directorate-General for Research, European Commission, Brussels, Belgium Milner, R. (1980), ‘A Calculus of Communicating Sequences’, Lecture Notes in Computer Science, vol. 92. Milner, R., Parrow, J. and Walker, D.(1989), ‘A Calculus of Mobile Processes - Part I,’ LFCS Report 89-85. University of Edinburgh. Murata, T., ‘Petri nets: Properties, analysis and applications’, Proceedings of the IEEE, vol.77, no. 4, pp. 541-580, April 1989. D. Ouelhadj and S. Petrovic (2008), ‘A survey of dynamic scheduling in manufacturing systems’, Journal of Scheduling Panwalkar, S.S., Iskander, W., ‘A survey of scheduling rules’, Operations Research , vol. 25, no.1, Jan Feb. 1977, pp. 45-61 Philippou, A. and Sokolsky O. (2008), ‘Process-Algebraic Analysis of Timing and Schedulability Properties’, Handbook of Real-Time and Embedded Systems Rajendran, C. and Holthaus, O., ‘A comparative study of dispatching rules in dynamic flow shops and job shops’, European Journal of Operational Research, 116 (1), 156-170 Shukla, C.S., Chen, F.F., ‘The state of the art in intelligent real-time FMS control: a comprehensive survey’, Journal of Intelligent Manufacturing , 1996, vol. 7, pp. 441- 455 Stoop, P.P.M., Weirs, V.C.S., The complexity of scheduling in practice, International Journal of Operations and Production Management, vol. 16(10), pp.37-53. UPPAAL, www.uppaal.com Viswanadham, N., Narahari, Y., Johnson, T.L. (1990). Deadlock prevention and deadlock avoidance in Flexible Manufacturing Systems using Petri Net models. IEEE Transactions on Robotics and Automation, vol. 6, no.6, 713-723. Wang, C., Ghenniwa, H., Shen, W., ‘Real time distributed shop floor scheduling using an agent-based service-oriented architecture’, International Journal of Production Research, vol. 46(9), pp. 2433-2452 Wu, N., Zhou M.C., Li, Z.W. (2008). Resource-oriented Petri Net for deadlock avoidance in Flexible Assembly Systems. IEEE Transactions on Systems, Man, and Cybernetics – Part A: Systems and Humans, vol. 38, no.1, 56-68. Wysk, R.A., Yang, N.S., Joshi, S. (1991). Detection of Deadlocks in Flexible Manufacturing Cells. IEEE Transactions on Robotics and Automation, vol. 7, no.6, 853-859. Zhang, W., Judd, R.P. (2007). Deadlock avoidance algorithm for flexible manufacturing systems by calculating effective free space of circuits. Int.J. Prod. Res., vol. 46, no.13, 3441-3457. Zhou, M.,(1995) Petri Nets in Flexible and Agile Automation, Kluwer Academic Publishers Zhou, M., Jeng, M.D., ‘Modeling, Analysis, Simulation, Scheduling and Control of Semiconductor Manufacturing Systems: A Petri Net Approach’, IEEE Transactions on Semiconductor Manufacturing , vol.11, no. 3, August 1998, pp.333-357. Zhou, M., Venkatesh, K.: Modeling , Simulation and Control of Flexible Manufacturing Systems – A Petri Net Approach, World Scientific Publishing , 1999. FormalMethodsinFactoryAutomation 475 Alur, R. and Dill, D.L.(1994), A Theory of Timed Automata, Theoretical Computer Science , vol. 126, pp.183-236. Baier, C., Katoen, J P., ‘Principles of Model Checking’, MIT Press, ISBN 978-0-262-02649-9, 2008. Banaszak, Z.A., Krogh, B.H.(1990) Deadlock avoidance in Flexible Manufacturing Systems with Concurrently Competing Process Flows, IEEE Transactions on Robotics and Automation, vol. 6, no.6, 724-734. Belik, F. (1990), ‘An efficient deadlock avoidance technique’ IEEE Transactions on Computers, vol. 39, no.7, 882-888. Bergstra, J.A., and Klop, J.W.(1984),’The algebra of recursively defined processes and the algebra of regular processes’, Lecture Notes in Computer Science 172, pp.82-95. Cho, H., Kumaran, T.K., Wysk, R.A.(1995).Graph-Theoretic Deadlock Detection and Resolution for Flexible Manufacturing Systems. IEEE Transactions on Robotics and Automation, vol. 11, no.3, 413-421. Church, L.K., Uszoy, R., ‘Analysis of periodic and event-driven rescheduling policies in dynamic shops’, International Journal of Computer Integrated Manufacturing , vol. 5(3), 1992, pp. 153-163. Clarke, E.M., Grumberg, O., Peled, D.A., “Model Checking”, MIT Press, 2001, ISBN 0262032708, 9780262032704 Duffy, D. A., “Principles of Automated Theorem Proving”, John Wiley & Sons, 1991. Fanti, M.P., Zhou, M.C. (2004). Deadlock control methods in automated manufacturing systems. IEEE Transactions on Systems, Man, and Cybernetics –Part A: Systems and Humans, vol. 34, 5-22. Frey, G., Litz L., ‘Formal Methods in PLC Programming’, Proceedings of SMC, pp. 2431- 2436, October 2000,. Girault, C., and Valk, R. (2003), ‘Petri Nets for Systems Engineering,’ Springer, ISBN 3-540- 41217-4. Hoare, C.A.R, ‘Calculus of Sequential Processes’ Communications of the ACM , vol. 21, pp. 666-677. Jain, A.K, ElMaraghy, H.A., ‘Production scheduling/rescheduling in flexible manufacturing’, International Journal of Production Research, vol.35, no.1, pp.281- 309 Kim, C.O., Kim, S.S. (1997). An efficient real-time deadlock-free control algorithm for automated manufacturing systems. Int.J. Prod. Res., vol. 35, no.6, 1545-1560. Lee, D.Y., DiCesare, F., ‘Scheduling Flexible Manufacturing Systems Using Petri Nets and Heuristic Search’, IEEE Transactions on Robotics and Automation, vol. 10, no.2, April 1994, pp.123 -132 ‘Manufuture: A vision for 2020’, Report of the High Level group, November 2004, Directorate-General for Research, European Commission, Brussels, Belgium Milner, R. (1980), ‘A Calculus of Communicating Sequences’, Lecture Notes in Computer Science, vol. 92. Milner, R., Parrow, J. and Walker, D.(1989), ‘A Calculus of Mobile Processes - Part I,’ LFCS Report 89-85. University of Edinburgh. Murata, T., ‘Petri nets: Properties, analysis and applications’, Proceedings of the IEEE, vol.77, no. 4, pp. 541-580, April 1989. D. Ouelhadj and S. Petrovic (2008), ‘A survey of dynamic scheduling in manufacturing systems’, Journal of Scheduling Panwalkar, S.S., Iskander, W., ‘A survey of scheduling rules’, Operations Research , vol. 25, no.1, Jan Feb. 1977, pp. 45-61 Philippou, A. and Sokolsky O. (2008), ‘Process-Algebraic Analysis of Timing and Schedulability Properties’, Handbook of Real-Time and Embedded Systems Rajendran, C. and Holthaus, O., ‘A comparative study of dispatching rules in dynamic flow shops and job shops’, European Journal of Operational Research, 116 (1), 156-170 Shukla, C.S., Chen, F.F., ‘The state of the art in intelligent real-time FMS control: a comprehensive survey’, Journal of Intelligent Manufacturing , 1996, vol. 7, pp. 441- 455 Stoop, P.P.M., Weirs, V.C.S., The complexity of scheduling in practice, International Journal of Operations and Production Management, vol. 16(10), pp.37-53. UPPAAL, www.uppaal.com Viswanadham, N., Narahari, Y., Johnson, T.L. (1990). Deadlock prevention and deadlock avoidance in Flexible Manufacturing Systems using Petri Net models. IEEE Transactions on Robotics and Automation, vol. 6, no.6, 713-723. Wang, C., Ghenniwa, H., Shen, W., ‘Real time distributed shop floor scheduling using an agent-based service-oriented architecture’, International Journal of Production Research, vol. 46(9), pp. 2433-2452 Wu, N., Zhou M.C., Li, Z.W. (2008). Resource-oriented Petri Net for deadlock avoidance in Flexible Assembly Systems. IEEE Transactions on Systems, Man, and Cybernetics – Part A: Systems and Humans, vol. 38, no.1, 56-68. Wysk, R.A., Yang, N.S., Joshi, S. (1991). Detection of Deadlocks in Flexible Manufacturing Cells. IEEE Transactions on Robotics and Automation, vol. 7, no.6, 853-859. Zhang, W., Judd, R.P. (2007). Deadlock avoidance algorithm for flexible manufacturing systems by calculating effective free space of circuits. Int.J. Prod. Res., vol. 46, no.13, 3441-3457. Zhou, M.,(1995) Petri Nets in Flexible and Agile Automation, Kluwer Academic Publishers Zhou, M., Jeng, M.D., ‘Modeling, Analysis, Simulation, Scheduling and Control of Semiconductor Manufacturing Systems: A Petri Net Approach’, IEEE Transactions on Semiconductor Manufacturing , vol.11, no. 3, August 1998, pp.333-357. Zhou, M., Venkatesh, K.: Modeling , Simulation and Control of Flexible Manufacturing Systems – A Petri Net Approach, World Scientific Publishing , 1999. FactoryAutomation476 AdaptiveImplementationofDiscreteEventControl SystemsbasedonSequentialFunctionCharts 477 AdaptiveImplementationof Discrete EventControlSystems based on SequentialFunctionCharts RamónPiedrataandJoséLuisVillarroel X Adaptive Implementation of Discrete Event Control Systems based on Sequential Function Charts Ramón Piedrafita and José Luis Villarroel Department of Computer Science and Systems Engineering, University of Zaragoza Spain 1. Introduction The discrete-event system (DES) is a class of dynamic systems whose behaviour is governed by discrete events and they state occupy a discrete symbolic-valued state at each time instant. These discrete events occur asynchronously and instantaneously at discrete instants of time and lead to a change of the state. Between event occurrences, the state of DES is unaffected. The DES behaviour is described by the sequence of events that occur and the sequence of states. Examples of DES abound in the industrial world as automated manufacturing systems, monitoring and control systems, supervisory systems; in building automation; in control of aircraft systems, railway systems…(Cassandras 1993). An example of a discrete event system is the classic programmable logic controller (PLC) controlling a sequential machine. The PLC acts as a discrete event control system (DECS). The DECS acts through the outputs over the actuators of the machines, and receives information of the state of the machines or events that happen in them through sensors. In the design of a DECS is neccesary to specify its dynamic behaviour, that is, the form of generating its outputs in response to the inputs. This specification can be carried out in different forms and will be a model of the desired behaviour of the system. There may be various desired behaviours for the same machine if the actions to be performed are different. The specification for the desired behaviour can be performed using the formalism of Petri nets. The technology translation can be done in a PLC in Sequential Function Chart language (SFC). Programmable Logic Controllers are extensively used in the control of production systems and their use is, at the present, widespread in most industrial sectors. The combination of the PLCs intelligence with the development of sensors and actuators, ever more specialized, allows a greater number of processes to be automated. These devices offer a series of advantages that meet some of the most important manufacturing industry requirements in recent years, such as low cost, capacity to control complex systems, flexibility (they can be quickly and easily re-programmed), reduced downtime and easier programming, and reliable and robust components ensuring their operation for a long time. 24 FactoryAutomation478 The reaction time of a PLC is a fundamental matter in discrete event control systems. The PLC reads the inputs, executes the SFC and writes the output in a cyclic or periodic manner. In this chapter, we are interested in the execution time of algorithms that make the SFC of a control application evolve. We will show that the reaction time of a PLC depends greatly on the SFC structure, on the events sequence and also on the algorithm that executes the SFC. With the objective of minimizing the reaction time, we decided to design a Supervisor controller, which we have called the Execution Time Controller (ETC). The aim of the ETC is to determine in real time which algorithm executes the SFC the fastest and to change the execution algorithm when necessary. We propose to adapt the classical implementation techniques of Petri nets to execute SFCs. Thus, we have developed execution algorithms derived, on the one hand, from the Deferred Transit and the Immediate Transit SFC evolution models and, on the other hand, from Petri net implementation techniques (Brute Force, Enabled Transitions and Representing Places). The organization of this chapter is as follows. Section 2 is devoted to Discrete Event Systems, and Section 3 to Sequential Function Charts. Section 4 shows several implementation techniques of the SFC whose execution time is analyzed in Section 5. In Section 6 we present the Execution Time Controller. In Section 7 the technique is evaluated. The section describes the tests run to evaluate the estimation techniques and the working of the ETC in real time. Finally, in Section 8, we present the main conclusions. 2. Discrete Event Control Systems An example of a discrete events system is the classic PLC controlling a sequential machine. The PLC acts as a discrete event control system (DECS) (see Fig. 1). The DECS acts on the machines by sending output signals to the actuators and receives information about the state of the machines or events occurring in them through sensors. The DECS receives input signals not only from the machine sensors, but also from the commands of the control panel, from supervision systems and even from other DECS. An output signal can be a signal sent to an actuator to act on a physical process, to increase a variable or to send a message. The main function of discrete event control systems is to govern the workings of a machine in such a way that the desired behaviour is achieved. This is based on the coordination between the information received and the actions ordered to be carried out. A machine carries out the action ordered by the control system until the system decides that the action has been completed at which point it orders the machine to cease the action. In order that the control system can decide to end the action, it needs to obtain information indicating that the action should finish. This information can come from the sensors placed in the machine. With this information, the control system knows that it must execute an evolution. It has to pass from the state in which it performs the action to the subsequent state which could be one of many (perform another action, await material, etc.). An approach to the design of a DECS involves specifying its dynamic behaviour, in other words the way it generates its outputs in response to the inputs. This specification can be carried out in various ways and will be a model of the desired functioning of the system. The same machine may have different ways of functioning if the actions to be performed are different. The specification of the desired behaviour can be carried out using formalisms such as Petri nets. The technology translation can be done in a PLC using the Sequential Function Chart language (see Fig. 2). actuators preactuators sensors outputs inputs Human Machine interface Start Stop Discrete Event Control System Programmable Logic Controller Fig. 1. Discrete Event Control System 3. Sequential Function Charts In 1975, one of the working groups of the now defunct AFCET (Asociation Francaise pour la Cibernétique Economique et Technique), the Logic Systems group, decided to establish a commission for the standardization of the representation of logic controller specifications. In August 1977 a commission comprising 12 academics and researchers and 12 representatives of companies such as EDF, CEA, Merlin-Gerín, and Telemecanique signed the final report. In brief, the group was looking for a model for the representation and specification of the functioning of systems controlled by logic controllers, through automatisms. The specification model only describes the desired behaviour, without detailing the technology with which the real implementation is effected. The model was named Grafcet (David 1995) and is recognised by standard IEC-848 (IEC 1988). Similar to Grafcet, the Sequential Function Chart (SFC) are standardized in IEC 61131 (ISO/IEC 2001) where is defined as one of the main PLC programming languages. A SFC program is organized into a set of steps and transitions connected by direct links. Associated with each step is a set of actions, and with each transition a transition predicate. AdaptiveImplementationofDiscreteEventControl SystemsbasedonSequentialFunctionCharts 479 The reaction time of a PLC is a fundamental matter in discrete event control systems. The PLC reads the inputs, executes the SFC and writes the output in a cyclic or periodic manner. In this chapter, we are interested in the execution time of algorithms that make the SFC of a control application evolve. We will show that the reaction time of a PLC depends greatly on the SFC structure, on the events sequence and also on the algorithm that executes the SFC. With the objective of minimizing the reaction time, we decided to design a Supervisor controller, which we have called the Execution Time Controller (ETC). The aim of the ETC is to determine in real time which algorithm executes the SFC the fastest and to change the execution algorithm when necessary. We propose to adapt the classical implementation techniques of Petri nets to execute SFCs. Thus, we have developed execution algorithms derived, on the one hand, from the Deferred Transit and the Immediate Transit SFC evolution models and, on the other hand, from Petri net implementation techniques (Brute Force, Enabled Transitions and Representing Places). The organization of this chapter is as follows. Section 2 is devoted to Discrete Event Systems, and Section 3 to Sequential Function Charts. Section 4 shows several implementation techniques of the SFC whose execution time is analyzed in Section 5. In Section 6 we present the Execution Time Controller. In Section 7 the technique is evaluated. The section describes the tests run to evaluate the estimation techniques and the working of the ETC in real time. Finally, in Section 8, we present the main conclusions. 2. Discrete Event Control Systems An example of a discrete events system is the classic PLC controlling a sequential machine. The PLC acts as a discrete event control system (DECS) (see Fig. 1). The DECS acts on the machines by sending output signals to the actuators and receives information about the state of the machines or events occurring in them through sensors. The DECS receives input signals not only from the machine sensors, but also from the commands of the control panel, from supervision systems and even from other DECS. An output signal can be a signal sent to an actuator to act on a physical process, to increase a variable or to send a message. The main function of discrete event control systems is to govern the workings of a machine in such a way that the desired behaviour is achieved. This is based on the coordination between the information received and the actions ordered to be carried out. A machine carries out the action ordered by the control system until the system decides that the action has been completed at which point it orders the machine to cease the action. In order that the control system can decide to end the action, it needs to obtain information indicating that the action should finish. This information can come from the sensors placed in the machine. With this information, the control system knows that it must execute an evolution. It has to pass from the state in which it performs the action to the subsequent state which could be one of many (perform another action, await material, etc.). An approach to the design of a DECS involves specifying its dynamic behaviour, in other words the way it generates its outputs in response to the inputs. This specification can be carried out in various ways and will be a model of the desired functioning of the system. The same machine may have different ways of functioning if the actions to be performed are different. The specification of the desired behaviour can be carried out using formalisms such as Petri nets. The technology translation can be done in a PLC using the Sequential Function Chart language (see Fig. 2). actuators preactuators sensors outputs inputs Human Machine interface Start Stop Discrete Event Control System Programmable Logic Controller Fig. 1. Discrete Event Control System 3. Sequential Function Charts In 1975, one of the working groups of the now defunct AFCET (Asociation Francaise pour la Cibernétique Economique et Technique), the Logic Systems group, decided to establish a commission for the standardization of the representation of logic controller specifications. In August 1977 a commission comprising 12 academics and researchers and 12 representatives of companies such as EDF, CEA, Merlin-Gerín, and Telemecanique signed the final report. In brief, the group was looking for a model for the representation and specification of the functioning of systems controlled by logic controllers, through automatisms. The specification model only describes the desired behaviour, without detailing the technology with which the real implementation is effected. The model was named Grafcet (David 1995) and is recognised by standard IEC-848 (IEC 1988). Similar to Grafcet, the Sequential Function Chart (SFC) are standardized in IEC 61131 (ISO/IEC 2001) where is defined as one of the main PLC programming languages. A SFC program is organized into a set of steps and transitions connected by direct links. Associated with each step is a set of actions, and with each transition a transition predicate. FactoryAutomation480 Fig. 2. PLC programming in Sequential Function Chart The SFCs are binary Petri nets with an interpretation for the control of industrial systems (Silva 1985)  Immediate actions are associated with the deactivation and activation of the steps (e.g., control signal changes, code execution).  Level control signals are associated with active steps.  Predicates are associated with transitions, as are additional preconditions for the firing of enabled transitions. Predicates are functions of system inputs or internal variables. We take as an example the SFC shown in Fig. 3. The initial step (Automatic_star) is drawn with a double rectangle. The two output transitions of the initial step ( move_piece and NOT move_piece) are in conflict. The default priority rule for solving a conflict is a left to right precedence. The standard does not require a priority relation between transitions or that the transitions predicates are in mutual exclusion. When all the input steps of a transition are active and the transition predicate or condition is true, the transition is fired, the input steps are deactivated and the output steps are activated. In the example of the Fig. 3: if the step named handgotoup is active and the transition hand_up is true, the step handgotoup is deactivated and the step named handgotopiece is activated. Actions can be programmed in a step. The type of programmed action is defined by the action qualifier. For example, a type N action is executed in all the cycles in which the step is active. The S, SD, SL, and SD actions are activated when the step in which they are programmed is activated, stored in an action buffer and from this point on are independent of the state of the step. They can only be deactivated by a type R action. Time limited actions can be programmed with type L or D qualifiers. There are also impulse type actions such as type P that are executed only when the step is activated. han dgotob ac k han d_bac k cyli nderheadou t cyli nderheadou t.tmaxEr r han dgotod own han d_down closehand closehand.tmaxer r handgotoup hand_u p handgotopiece hand_forward handgotodown2 closecla w handgotoup2 han d_down thread.tmaxer r han d_u p han dgotoback2 han d_bac k Automatic_end A utomatic_mode. x NOT move_piec e move_piec e A utomatic_ sta r A utomatic_ con A uto matic_con.tmaxer r NOT loa de r Automatic_star A utomatic_x. x A utomatic_ x lo ade r Automatic_end closeclaw.tma xer r thread Fig. 3. Sequential Function Chart example Table 1 shows the actions that can be programmed in a SCF. In a PLC cycle, the following must be executed:  Actions which depend on the state of a step: action qualifiers N, L, D, P, P0, P1.  The step in which is programmed the storage of the stored actions (S, SL, SD, DS) and their cancellation (R).  the stored actions (S, SL, SD, DS) The action types and qualifiers are the standard ones of the IEC 61131 (ISO/IEC 2001). Qualifier Description N Non-stored, executes while step is active. L Limited, executes only a limited time while step is active. D Delayed, starts executing after the step has been active. S Stored, starts executing when the step is activated until reset. R Reset stored action. SL Stored and limited SD Stored and delayed DS Delayed and stored P Pulse, executes when the step is activated. P1 Pulse, positive flank, executes once when the step is activated. P0 Pulse, negative flank, executes once when the step is deactivated. Table 1. SFC actions. [...]... PN transitions, observing marking evolution rules, i.e., it plays the “token game” An implementation is composed of a control part and an operational part The control part corresponds to the structure, marking and evolution rules of the PN On the other hand, the operational part is the set of actions and/or codes of the application, associated with the PN elements According to different criteria, a... Systems Technology 3(3): 253-268 500 Factory Automation Garcia, F J & J L Villarroel (1999) Translating time Petri net structures into Ada 95 statements Reliable Software Technologies - Ada-Europe' 99 Berlin, SpringerVerlag Berlin 1622: 158-169 Hellgren, A., M Fabian, et al (2005) "On the execution of sequential function charts." Control Engineering Practice 13( 10): 1283-1293 IEC ( 1988) Preparation... Systems publication 848 ISO/IEC (2001) "International standard IEC 6 1131 -3 (2nd ed.) Programmable logic controllers Part 3 ISO/IEC (final draft) ." Klein, S., G Frey, et al (2003) PLC Programming with Signal Interpreted Petri Nets ICATPN 2003, Eindhoven, Srpinger Verlag Lewis, R W (1998) "Programming industrial control systems using IEC 1131 -3." IEEE control engineering series 50 Peng, S S & M C Zhou (... is the search and insertion in lists The time cost of such operations depends directly on the size of the lists Therefore, it is stated in the algorithms where it carries out such operations 484 Factory Automation The basic treatment cycle of a SFC interpreter consists of three phases: (1) Enabling Test, (2) Transition firings (with two sub-phases: start and end), and (3) Lists update The Enabling... Technique Program 2 presents the basic treatment cycle of the coordinator for the SRP technique This treatment cycle is also illustrated in Fig 5 loop forever Executeactionswithfallingedge(); 486 Factory Automation Executeactiveactions(); while elements in ARSL do Rstep = next_element (ARSL); Transitionsrepr = Rstep.transitionsrep; // enabling test while T in Transitionsrepr do if enabled (T) and predicate(T)... Treatment lists containing all the active steps  Enabled Transitions List (ETL) Treatment lists containing the transitions with their input steps active and with their predicate condition true 488 Factory Automation This treatment cycle is also illustrated in Fig 6 The search of the Active Steps is carried out in DTEVM at the start of each cycle, in the function computeactivesteps The execution time... in lists The presented techniques frequently use this type of operation, especially in the real time building of formation lists and in the final phase of updating lists The execution time of 490 Factory Automation such operations depends directly on the size of the lists There are techniques that abound in the use of search and insertion list operations, such as Representing Places In other techniques... alternate_alg Compute I(k) If I(k)>(ExTcalculated(running_alg)/2) then Change algorithm Initialize data structures I(k-1)=0 End if Wait for next period(); end loop Program 4 Execution Time Controller 492 Factory Automation 6.1 Times measuring The Tenabl, Tfiring, TinsertStep and Tinserttran times are measured in an offline execution test For this purpose, the required measurement instrumentation is incorporated... representing place, two possible solutions are adopted:  A first option is that the algorithm runs over all the transitions represented by a marked representing place, estimating their enabling 494 Factory Automation When the SRP algorithm finds an enabled transition it fires it, and the rest of represented transitions are not verified for enabling An approximation is carried out considering enabled... that we present is over a concurrent SFC compound of 10 sequential SFCs (see Fig 9 c and d) and illustrates that the SRP algorithm is the best in this experiment (Piedrafita & Villarroel 2007) 496 Factory Automation Fig 9.c, shows the Real Time execution of The Execution Time Controller (ETC), the Real Time estimation of the same algorithm (SRP), and the Real Time estimation of one alternative algorithm( . complete part routings of all the parts in the circuit are needed to detect impending part flow deadlocks. A system status graph is virtually updated for every part movement before the parts move. complete part routings of all the parts in the circuit are needed to detect impending part flow deadlocks. A system status graph is virtually updated for every part movement before the parts move. composed of a control part and an operational part. The control part corresponds to the structure, marking and evolution rules of the PN. On the other hand, the operational part is the set of