ABSTRACTION DES TRAJECTOIRES DUN SYSTEME CONTINU EN AUTOMATES

TEMPORISES

ABSTRACTION OF CONTINUOUS SYSTEM TRAJECTORIES INTO TIMED AUTOMATA

Arnaud HLIAS1,2,*, Franois GUERRIN1 and Jean-Philippe STEYER2

1
CIRAD, Gdor team, Station de la Bretagne, BP 20, 97408 Saint-Denis, Reunion Island,
France, guerrin@cirad.fr
2
INRA, Laboratory of environmental biotechnology, av. des tangs, 11100 Narbonne,
France, steyer@ensam.inra.fr

Rsum: Cet article traite de la reprsentation de la dynamique dun systme continu par
un formalisme vnements discrets et temps continu, des fins danalyse de systme.
Le systme continu est dabord approxim laide dintervalles numriques, puis traduit
dans le formalisme des automates temporiss grce lintroduction de seuils
partitionnant les domaines de valeurs des variables dtat. La dtection des
franchissements de seuil est caractrise par deux instants correspondant la date au plus
tt et la date au plus tard de franchissement. Cette approche est brivement illustre sur
un procd pilote de traitement deaux uses de 1 m3.

Mots cls: Approximation de modle, Systme discret, Systme continu, Intervalles,

Seuils, Automates, Traitement des dchets.

Abstract: This paper deals with the representation of continuous system dynamics into a
continuous-time discrete-event formalism to the end of system analysis. The continuous
system is first approximated by using numerical intervals and then translated into the
timed automata formalism thanks to with the introduction of thresholds partitioning the
state variables domains. The detection of thresholds crossing is characterised by two
time instants corresponding respectively to the earliest and latest crossing dates. This
approach is briefly illustrated on a 1 m3 wastewater treatment pilot plant.

Keywords: Model approximation, Discrete system, Continuous system, Intervals,

Thresholds, Automata, Waste treatment.

1. INTRODUCTION based on a timed discrete-event representation

A classical approach to analyse the interaction
between continuous and discrete elements within a
system is to represent it with a unique formalism. In
the Qualitative reasoning and Hybrid dynamical
system communities, this problem was often
addressed. However, Struss (2002) underlined three
main difficulties: (i) explosion in the number of
discrete states , (ii) rounding errors of intermediate
variables and (iii) thresholds detection. Moreover,
time is not often clearly represented. This study is
*
Current authors address: INRA, Food Process Engineering and Microbiology Laboratory, BP 01, 78850 Thiverval-Grignon, France,
arnaud.helias@grignon.inra.fr.
similar to those developed by Henzinger et al.
(1998), Kowalewski et al. (1999), Lunze (1999),
Supavatanakul et al. (2003); however it differs from
several points:
as the continuous system dynamics is assumed to
be partially known, the resulting imprecision is
represented by numerical intervals bounding both
initial states and input variables values;
thresholds, partitioning the state-variable domains
according to expert knowledge are used as a basis
of the state space discretisation;
 to avoid combinatorial explosion, timed automata Continuous system
are purposely built to answer specific questions,
according to some initial state and the properties We consider a non-linear piecewise continuous
to be checked. system described by an ordinary differential equation
The paper is organised as follows. After a brief recall (ODE) system such as:
on timed automata, one of the most widespread timed
discrete formalism, the continuous system under = f ( , )
(1)
study is described in Section 2. The discretisation (t0 ) = 0
procedure is then detailed in Section 3 and illustrated
by an application example in Section 4. Finally, this where n
, with a n-dimensional state
approach is briefly discussed in Section 5 and
conclusions are drawn in Section 6. space, = g ( p, t ) , m , with a m-
dimensional input space, and p P a parameter. It is
2. SYSTEM FORMAL DESCRIPTION assumed that we have only a partial knowledge of
both the initial state ( t0 ) and the input variables
Timed automata
values that can be estimated by:
Introduced by Alur and Dill (1994), a timed i, i (t0 ) i (t0 ) i+ (t0 ) (2)
automaton is composed by a finite state machine and j , t ,
j (t ) j (t ) (t )
+
j (3)
the expression of continuous time. This formalism
allows timed constraints to be introduced using
with i {1,..., n} , j {1,..., m} , (i , i+ ) i2 and
variables named clocks.
( j , j+ ) j2 ( i and j ).
Clock. x X , with X a finite set, is a clock whose
value grows linearly with time (i.e., Uncertainty representation. We define < and >
x ( t + ) = x ( t ) + with a positive time lapse and according to the influence of the interval bounds on
xs derivative always equal to 1). the derivatives values (taking k = {1,..., m} \{ j} ):
Clock constraint. A clock constraint is an atomic
f i ( , k , j ) fi ( , ) f i ( , k , j+ ) <j = j , j> = j+
constraint conjunction. Taking x and y two clocks, (4)
c a constant and # a symbol relation from the f i ( , k , j ) fi ( , ) f i ( , k , j+ ) <j = j+ , j> = j

set {<, , =, , >} , the set ( X ) of the atomic From (4) we can rewrite (1) as the double ODE
system:
constraints is defined by the grammar
= f ( , < )
:= x # c | x y # c | 1 2 . These constraints are
(t0 ) = 0

possibly associated to the locations or edges of the
automaton. (5)
+ = f ( + , > )
Timed automaton. A timed automaton G is defined
+ (t0 ) = 0+
by a 6-tuple ( S, P, X, E, A , Inv ) with:
S a finite set of locations with s0S the initial With the property t , i, i (t ) i (t ) i+ (t ) , Eq.
location; (5) can approximate the system (1) by introducing
P a mapping which associates to each s S , a uncertainty on the initial state (Eq. (2)) and the
set of atomic propositions valid at this location; system inputs (Eq. (3)) if the cooperativity property
X a finite set of clocks; is verified on the systems dynamics (Smith 1995).
E a finite set of labels; Cooperativity simply states that the off-diagonal
A S E ( X ) 2 X S a finite set of edges; elements of the Jacobian matrix of a dynamic system
are positive or equal to zero (additional details can be
each edge a is a 5-tuple ( s, e, , , s ) with s S found in Gouz et al., (2000) or Moor and Raisch
the start location and s S the destination (2002)).
location, ( X ) a clock constraint named
guard that must be satisfied to trigger the discrete Threshold
transition and X the clock subset to be
To represent the continuous system dynamics in a
reinitialised during the transition;
discrete formalism, the first step is to discretise the
Inv ( s ) : S ( X ) a mapping that associates to
state space. For this, each i s domain is partitioned
each location a timed constraint , named according to thresholds into a finite number of
invariant. The system can remain in the same intervals that can be considered as qualitative states.
location as long as the invariant is true. Thresholds are defined from expert knowledge; e.g.,
a stock level can be qualified as insufficient,
low, medium, high and critical. Li denotes min and max being approximated on (cf. the
the ordered set of thresholds in the ith dimension, that clock constraint definition), the system trajectory
is, with i { 1,...,n } and i : between two thresholds w and v is represented within
the time window [ min , max ] . This window can be
( Li , < ) = { li ,0 ,..., li ,i } (7) modelled in the timed automata formalism as follows
(cf. Fig. 1):
The continuous state space is divided according to s1 and s2 are two locations with associated labels
the i thresholds by the mapping: " w " and " v " respectively,
i
x is a clock,
DX : { 1,..., 1 } ... { 1,..., i } (8) x max is the invariant of s1,
( s1 , , x min , , s2 ) is the edge.
with the assumption that i li ,0 , li ,i , i . A
rectangular partition is thus obtained. i
i+ i
v s1 s2
3. DISCRETE APPROXIMATION x min
"w" "v"
The idea is (i) not to consider as discrete states the x max
cells partitioning the state space themselves but, w
rather, the cells faces and (ii) determine the state
transitions from the simulation output of the + t
continuous system within each cell as was done by Fig. 1. Timed automaton for describing a systems
Kowalewski et al., 1999. These authors defined a trajectory from thresholds w to v with an increasing
grid on each cells face and simulated all the trend.
trajectories from or bounded to each grid-point. In
comparison, our approach depends upon each
considered initial state and focuses on handling Generalisation
uncertainty by propagating the interval , +
For sake of clarity, the index i is omitted in notations
within the cells by simulating Eq. (5). for all the variables in the following sections.
Applying the above described approach to the lower
bound of Eq. (5) in the ith dimension allows one to
Trajectories within a cell obtain , the ordered set of time instants when
Thresholds crossing. Let be the time-point when crosses the thresholds and , the ordered set of
the system (1) reaches v, a threshold value defined in threshold crossings:
the ith dimension, i.e., i ( ) = v, v . Because i is
estimated by the interval i , i+ , the time window ( , ) = {

j ( j ) = l } (13)

within which crossing the v threshold may occur can ( , ) = {

j j = ( j ) } (14)
be described by and + such that
i ( ) = i+ ( + ) = v . From Eq. (5), the following with j = 1,..., J , ( )
J = card T = card ( ) and
implications can then be set:
{ 1,..., } . In the following, the mapping that
( ( ) > 0 ) ( ( ) > 0 )
i

i
+ + +
< (9)
associates min or max to each j according to the
( ( ) < 0 ) ( ( ) < 0)
i

i
+ + +
> (10) sign of the derivative is denoted A :

Timed automaton representation. Let ( )

min if j < 0
min = min( , + ) , max = max( , + ) and F the A : j (15)
mapping that associates a label to each threshold

( )
max if j > 0
crossing:
A similar approach can be used on the upper bound
" v " if min =
+
to obtain + , + and associated labels by the
F (v) (12)
" v " if min =

mapping A + .

with the symbols and denoting threshold

crossing with increasing and decreasing trends Building the timed automaton associated to the
respectively. systems trajectory in the ith dimension

From Eqs. (13-15), the following sets can be defined:

 B, the ordered set of time instants when occur state of the continuous system.
threshold crossings by and + with label min P, a mapping that associates a proposition to each
element of S denoting which threshold is crossed
( k B = 1,..., K B , K B = card ( B ) = card ( D ) ):
and the trend (with and with P ( s0 ) l0 ):

( B, ) = {b A (b ) = }
kB

kB min
(16)

(S ( d ) s ) ( d
kB k kB ) (
=l d kB = l )
{b A (b ) = }
kB
+
+ kB min

(S ( d ) s ) ( d
kB k kB =l ) (d kB = + )l

(21)
P ( sk ) :
C, the ordered set of time instants when occur


(S ( ) s ) (

0, k

k

0,k
)
=l l

threshold crossings by and + with label max

( kC = 1,..., K C , K C = card ( C ) ):

(S ( ) s ) (


0, k

k

0, k

=l ) l

Forward edges. Edges that can reach a new location

(C, ) = { ckC A (ckC ) = max } (17)
at the earliest time point min are named Forward
edges. Let sn , n K B , a location corresponding to a
{
ckC + A + (ckC ) = max } threshold crossing with increasing trend, and its
associated proposition l . The preceding location can
D, the ordered set of threshold crossings reflect the following cases (cf. Fig. 2):
associated to the elements of B: a) crossing a lower threshold with increasing trend,
b) crossing the same threshold with decreasing
( D, ) = {d (b ) = d }
kB

kB kB
(18)
trend,
c) the initial state whenever no threshold has already
{d (b ) = d }
kB
+ +
kB kB been crossed and (i) the threshold is within the
initial state interval, or (ii) the initial state interval
lies below the threshold.
0 , the set of threshold crossings with The same reasoning can be made the other way
decreasing trends at the initial time around about threshold crossing with a decreasing
( k = 1,..., K , K = card ( ) ):
0
trend (i.e. about a location with a proposition l ).

{ ( )}
i i

) (
0 = 0,k | 0,k L < 0,k < +

i
+
i

+
i i
{ )}
v
| (

0, k

0, k L ) (
= 0,k ) (
0 (19) v

{ | ( L ) ( ) ( 0 )}
w

0, k

0, k
+
= 0,k +

t0 min t t0 min t
0 the set of threshold crossings with an a) b)
increasing trend at the initial time i i
+ +
i i i
( k = 1,..., K , K = card ( ) ):
0

i v

{ ( ) ( )}
v
0 = 0, k | 0, k L < 0, k < +
w
{ | ( L ) ( =

0, k4

0, k4 ) ( 0)} (20)
0, k

t0 t0 min
t t

{ | ( L ) ( = ) ( 0)}
+ + c.i) c.ii)
0, k 0, k 0, k

Fig. 2. Different cases of threshold crossing with
Clock set. The clock set is a singleton since the increasing trend.
automaton is obtained from only one simulation of Based on this, a set of locations can be obtained
the continuous model. which satisfy one of these conditions. The preceding
Location set. Let us denote: location is the element to which is associated the
S , a mapping that associates a location s to each nearest min of the min of sn . Formally, a1, the
element of D, 0 and 0 . From S , one gets forward edge of sn is defined by the 5-tuple
S = {sk }k =1,..., K s0 with K = K B + K + K
and s0, the location corresponding to the initial
( s m , , , , s n ) with := x bn 1. Let the ordered Xi is a singleton composed of the clock xi,
set S S , the union of the different cases described Ei, the set of labels, is an empty set,
by the Fig. 2: A i = A1,i A 2,i is the set of edges,
Invi is a mapping that associates the invariants to

( S1 , ) =
n ({ (
P ( s ) = l s P ( s ) = l
k k )} 1 ) (23)
the locations.

({ ( )}
P ( sn ) = l sk P ( sk ) = l +1

) 4. EXAMPLE: APPROXIMATION OF A

) { ( )}
WASTEWATER ANAEROBIC DIGESTION
(
P (s ) = l s P (s ) = l
n k k MODEL
(S , ) =
(24)
(P ( s ) = l ) {s (P ( s ) = l )}
2

n k k To briefly illustrate this approach, the procedure

previously described is used on an anaerobic
(
( ) ) ( s = S ( ) ) {s }
S3 = sn = S 0, k3 n

0 , k4 0
(25) digestion process. A more complete description of

( )
s = S ( d ) (P ( s ) = l ) this example can be found in Hlias et al., (2004).
n k1 n
The aim is to predict possible dysfunctions of a

( l < ( t ) ( t ) l ) {s }
+ wastewater treatment plant by a discrete
S =
1 0 0 0 (26) approximation of a biological reaction model in front
( s = S ( d ) ) (P ( s ) = l )
4

n k1 n of expert partial knowledge of the systems

( l < ( t ) ( t ) l ) {s }
+ dynamics. Anaerobic digestion is a biological process
0 0 +1 0
used for carbon removal from wastewater. The
( S, ) = S1 S2 S3 S4 (27) principle is to transform organic matter into biogas
(i.e., that is a methane (CH4) and carbon dioxide
with k = 1,..., n 1 (i.e., only reachable locations (CO2) mixture) in absence of oxygen. This complex
before sn are taken). The preceding location sm S process can be modelled in two steps: the acidogenic
and methanogenic phases. A simplified version of the
is the latest that could be reached. The set of mass balance analytical model of our process
locations of S forward edges is named A1 . (Bernard et al. , 2001) is used:

A similar approach can be used about the latest time S1 = D ( S1in S1 ) k1 1 X 1

points (i.e., threshold crossing at max ) to determine
S2 = D ( S 2in S 2 ) + k 2 1 X 1 k3 2 X 2
the locations invariants. Moreover, when a location (28)
has no next location, a Backward edge is defined. Z = D ( Z in Z )
Figure 3 shows this case: the system crosses a C
= D ( Cin C ) + k4 1 X 1 + k P 2 X 2
threshold successively twice, and the edge with guard
PCO2
x = v+2 is a backward edge. Doing this, the Inv with k P = k5 k6 . S1, S2, Z, and C are the
PT PCO2
mapping, that associates the invariants to the
organic matter concentration, the volatile fatty acids
locations, and A 2 , the set of backward edges, are
concentration, the total alkalinity and the total
defined. A complete description of this approach can inorganic carbon, respectively. k1 to k6 are the yield
be found in Hlias, (2003). coefficients for the reactions and 1 and 2 are the
i i+ x v+ "v2"
growth rates of the bacterial biomass X1 according to
i
3

S1 (in the acidogenic phase) and bacterial biomass X2

v "0" according to S2 (in the methanogenic phase)
x v+
x v 1 respectively. These growth rates are assumed to
1

"v1" S
follow a Monod-type kinetics, i.e. = max
x v+ S + KS
t 0 v+ v+ v+ v t x = v+ 2

with max the maximum bacterial growth rate and

2
1 2 3 1

Fig. 3. Backward edge example.

K S the half-saturation constant. Finally, PT is the
From (16-27), the continuous system dynamics in the total pressure in the reactor, PCO2 is the partial
ith dimension is approximated by the timed pressure of CO2, D is the dilution rate according to
automaton Gi = ( Si , Pi , Xi , Ei , A i , Inv i ) where: input flow and S1in , S 2in , Z in and Cin the different
S i = s ki { } ki =1,..., Ki
s0,i is a set of locations, influent concentrations. Because of a relation holding
between PT and PCO2 , the cooperativity property
Pi is a mapping that determines, for each location,
the threshold crossing and its trend, holds in this model. Thus, intervals bounding influent
and biomass concentrations can be used to handle
imprecision, following the approach described in
1
If the location is an initial state threshold crossing, then Section 2.. This model is run with parameters
the guard is of the form x = t0 . measured on an anaerobic digestion pilot plant
(Steyer et al., 2002).
The inputs of the process (i.e., influent
concentrations) and the initial state are thus
represented by intervals. Qualitative states resulting
from expert knowledge (e.g., S2 can be assigned
labels normal, high or critical) also available
are used in this approach. The plant operation is
apprehended on a short time period (a few days) by
combining information on different variables. For
example, an important organic overload (i.e.
dysfunction due to an inhibition of the reaction by S2)
can be associated to a low Z value and a high S2
value according to thresholds specifically set in these
variables domains. To check the possible occurrence
of this situation, we use the model-checking tool on
the obtained timed automaton. This approach has
been used to check about fifteen operating states
during a four days period (Hlias et al., 2004). The
complete abstraction procedure (system simulation,
threshold crossing detection, timed automata
creation), with 11 thresholds defined on 4 variable
domains, takes less than ten seconds on a personal
computer with a CPU running at 1.7 GHz. This
procedure has been implemented by combining the
Matlab environment and the Kronos model-checker
(Yovine, 1997). The resulting automaton is
composed of 24 locations and 66 edges.
5. DISCUSSION
The final size of the automaton is set according to the
systems dimension, the number of thresholds and
the crossing number. Consequently, this approach is
inappropriate when:
the system oscillates around a threshold value,
a large number of thresholds are defined.
The idea is not to create an automaton to check all
the possible properties of the continuous system but,
rather, to create the automaton specifically suited to
check a given property according to purposely
defined thresholds.
Whereas in the classical definition of timed automata
the clock constraints compare the clock values using
rational numbers, integers must be used in the
Kronos model-checker. Consequently, in our
approach, the threshold crossing time values must be
rounded. Thus, if the time unit used in the model is
not carefully chosen according to the system
dynamics, some additional imprecision may be
introduced.
6. CONCLUSION
This paper has described a procedure aimed at
representing a continuous systems dynamics as a
timed automaton, where:
some elements (inputs, initial state) are estimated
by intervals, which comes down to reformulate
the system as extremal ODE systems (upper and
lower bounds and + approximating the real
dynamics),
dynamical envelopes stemming from the
simulation of this extremal ODE systems are
translated into the timed automata formalism
(discrete model with continuous time) according
to expert defined thresholds on the state
variables domain.
The principal characteristics of this approach are:
taking threshold crossings themselves as
qualitative discrete states (disregarding the
interval between two consecutive thresholds);
defining the discrete state transitions from the
piecewise simulation of the extremal ODE
systems within consecutive thresholds;
starting the procedure from (i) an initial state, (ii)
imprecise values of inputs and (iii) threshold
definitions, all defined in accordance to the
property to be checked in order to reduce the state
explosion.
This approach was briefly illustrated on an anaerobic
digestion model. The timed discrete-event
representation makes model-checking possible to
check properties of the continuous systems
dynamics. An interesting extension would be to
couple this representation to the discrete part of a
wastewater treatment process in order to check
properties on mixed continuous and discrete
elements.
ACKNOWLEDGEMENTS
This work was partially supported by the Rgion
Runion and the European Social Fund.
A first version of this paper was published at IFAC
Workshop on Discrete Event Systems, WODES'04,
22-24 September 2004.
REFERENCES
R. Alur and Dill D. (1994). The theory of timed
automata. Theor. Comp. Sc.. 126: pp. 183-235.
O. Bernard, Hadj-Sadok Z., Dochain D., Genovesi A.
and Steyer J.-P. (2001). Dynamical model
development and parameter identification for
anaerobic wastewater treatment process. Biotech.
and Bioengineering. 75(4): pp. 424-438.
J.L. Gouz, Rapaport A. and Hadj-Sadok M.Z.
(2000). Interval observers for uncertain
biological systems. Ecological Modelling.
133(1-2): pp. 45-56.
A. Hlias (2003). Agrgation/abstraction de modles
pour l'analyse et l'organisation de rseaux de
flux : application la gestion des effluents
d'levage la Runion. PhD thesis. ENSAM.
Montpellier (France). 224 p.
A. Hlias, Guerrin F. and Steyer J.-P. (2004).
Abstracting continuous system behaviours into
timed automata: application to diagnosis of an
anaerobic digestion process. In Proc. DX-2004
15th International Workshop on Principles of
 Diagnosis. Carcassonne (France).
T.A. Henzinger, Ho P.-H. and Wong-Toi H. (1998).
Algorithmic Analysis of Nonlinear Hybrid
Systems. IEEE Trans. on Automatic Control.
43(4): pp. 540-554.
S. Kowalewski, Engell S., Pruig J. and Stursberg O.
(1999). Verification of logic controller for
continuous plants using timed condition/event-
system models. Automatica. 35(3): pp. 505-518.
T., Moor, and Raisch, J. (2002). Abstraction based
supervisory controller synthesis for high order
monotone continuous systems. LNCIS 279: pp.
247-265.
J. Lunze (1999). A timed discrete-event abstraction
of the continuous variable systems. International
Journal of Control, 72(13), pp. 1147-1164.
H.L. Smith (1995). Monotone dynamical systems: An
introduction to the theory of competitive and
cooperative systems. Mathematical Surveys and
Monographs. 41. 174 p.
J.-P. Steyer, Bouvier J.-C., Conte T., Gras P. and
Sousbie P. (2002). Evaluation of a four year
experience with a fully instrumented anaerobic
digestion process. Water Science and
Technology. 45(4-5): pp. 495-502.
P. Struss (2002). Automated Abstraction of
Numerical Simulation Models - Theory and
Practical Experience. in Model Based Systems
and Qualitative Reasoning for Intelligent
Tutoring Systems. San Sebastian (Spain). pp.
161-168.
P. Supavatanakul, Falkenberg C. and Lunze J.
(2003). Identification of timed discrete event
models for diagnosis. In Proc. DX-2003 14th
International Workshop on Principles of
Diagnosis. Washington DC (USA).
S. Yovine (1997). Kronos: A verification tool for
real-Time Systems. Journal of Software Tools
for Technology Transfer. 1(1-2): pp. 123-133.