Reachability for a Class of Sequential Control Problems - CiteSeerX

Reachability for a Class of Sequential Control Problems Inger Klein Dept. of Electrical Engineering, Linkoping University S-581 83 Linkoping, Sweden Email: August 30, 1993 [email protected]

REGL

AU

ERTEKNIK

OL TOM ATIC CONTR

LINKÖPING

Abstract

Of all control related problems within industry, those of sequential character are particularly common. Almost all industrial plants contain sequential parts; startup or shutdown phases are typical examples of this. Despite its importance fairly little theoretical research has been devoted to this problem. We study a subclass of sequential control problems, which we call the SAS-PUBS class. For this class of problems we give a reachability criterion. The complexity of checking if the criterion is ful lled only increases polynomially with the number of state variables.

Keywords:

Planning, Sequential Control, Reachability.

This report and others from the automatic control group in Linkoping are available by anonymous ftp on the address 130.236.24.1 (joakim.isy.liu.se). This report is contained in the compressed ps- le named ~/pub/reports/LiTH-ISY-I-1434.ps.Z.

1

1 Introduction Of all control related problems within industry, those of sequential character are particularly common. Almost all industrial plants contain sequential parts; startup or shutdown phases are typical examples of this. Despite its importance fairly little theoretical research has been devoted to this problem. Sequential control can be divided into two parts: planning and implementation. Planning is the problem of nding a plan, that is, a sequence of actions, which transforms a given initial state into a desired nal state. A plan may be implemented for example by using the graphical language GRAFCET [11], which has many similarities with Petri nets [19]. However, GRAFCET is a tool for implementing plans rather than developing plans although it can be a help in structuring the problem. From now on we will by planning mean automated development and implementation of a plan. Using a nite state model the planning problem is always solvable in principle, but when the size of the problem increases it soon gives rise to complexity problems. Hence we propose to study subclasses where we retain feasibility. In this report we study reachability for the SAS-PUBS class of planning problems which is de ned below. Sequential control can also be viewed as a sub eld of discrete event dynamical systems (DEDS). In contrast to the well-known models for dynamical systems, which can be described by dierential or dierence equations, there is not yet any unifying notation nor any unifying theory for DEDS. A considerable amount of work has been done in dierent areas to describe and analyze DEDS, and to develop controllers for DEDS. Models for DEDS have been developed based on temporal logic [23, 17], queueing theory [9], and minimax algebra [5]. A DEDS is easily described in automata theory, and work in this area has been done by Ramadge and Wonham [20], Inan and Variaya [12], Caines, Greiner and Wang [4], and others. Another way of describing DEDS is by using Communicating Sequential Processes developed by Hoare [10]. Benveniste and others [3] has developed a language which can be used to simulate DEDS. Petri nets [19] have also been used to describe and analyze DEDS. Dierent models are developed for dierent purposes, and it is probably not possible to nd a formalism which works well for all problems, so we will most likely have to develop dierent methods for dierent classes of DEDS. Our formalism, Simpli ed Action Structures is based on work by Sandewall and Ronnqvist [21] where an action, or event, is described by its pre-, post-, and prevail-conditions. We will focus on the actions instead of the states to reduce the complexity. Here we will study reachability for this special class of control problems. Reachability may be de ned in terms of the state graph [8, 17, 16]. A state x1 is reachable from some other state x2 if there is a path from x2 to x1 . We present a reachability criterion for a class of sequential control problems which we call the SAS-PUBS class. The criterion is based on the available actions and the state graph does not have to be constructed. This is an advantage since the number of states in the state graph normally is exponentially larger than the number of available actions. The organization of the report is as follows: in Section 2 we present the formalism we will use and the restrictions forming the SAS-PUBS class of planning problems are stated. A planning algorithm for SAS-PUBS planning problems is presented in Section 3. In Section 4 the reachability criterion is given. Section 5 presents a simple example and Section 6 contains the conclusions.

2 A formalism for describing the planning problem The formalism used here is a natural language for modelling the sequential parts of a plant. Let us assume that the plant is described by a state, and that the control action, or event, is chosen from a set of actions which transforms the state of the plant into a new state. An action is usually performed by a controller; it has a duration in time and it has a result, i.e., it aects the state of the plant in some way. With a controller we mean, for example, a robot or a computer. The formalism, simpli ed action structures, presented here is based on the work by Sandewall and Ronnquist [21], but somewhat simpli ed. The main advantage of using action structures instead 2

of, for example, a nite state automaton, is that it is possible to reduce the planning complexity. The number of states in the state graph is exponential in the number of state variables, and hence the complexity of a search based algorithm increases exponentially with the number of state variables. However, using action structures it is possible to construct algorithms whose complexity increases polynomially with the number of state variables at least for a restricted class of problems. It is also intuitively attractive to describe the actions and how they aect the state of the plant. We will use some concepts about relations, and the reader who is not familiar with relations and partial orders is referred to [7].

2.1 States

The state of the world is described by a number of state variables. Each state variable belongs to a given discrete, nite domain. We will concentrate on problems where the state variables are binary, but the de nitions here are given for any discrete domain.

De nition 2.1 1. M is a nite set of state variable indices. 2. Si , where i 2 M, is the domain for the ith state variable. Si must be nite.

2 Each domain is extended with the values unde ned (ui ) and contradictory (ki ). The unde ned value can be interpreted as `don't care'. The contradictory value is added for technical reasons only. A state s is called a partial state if the unde ned or contradictory value is allowed, and it is called a total state if no state variable has the unde ned or the contradictory value. This may seem counterintuitive at this stage, but the reason will be clear in the future. We will often write only a state when it is clear from the context whether it is a total state or not, or if this distinction is unimportant. The ith state variable for the state s is denoted si . The function dim(s) picks out the indices for the state variables in s whose values are not unde ned. If a state variable does not have the unde ned value we say that it is de ned.

De nition 2.2 1. SQi+ = Si [ fui ; ki g where i 2 M is theQextended domain for the ith state variable. S = + + i2M Si is the total state space. S = i2M Si is the partial state space. 2. si for s 2 S and i 2 M is the value of the ith state variable. 3. A state s 2 S + is consistent if si = 6 ki for all i 2 M. 4. The function dim : S + ! 2M is de ned such that for s 2 S + , dim(s) is the set of all state variable indices i 2 M such that si = 6 ui . 5. If i 2 dim(s) then i is de ned for s.

2

We de ne a re exive partial order vi on each extended domain Si+ . The unde ned value ui is less than any other value, and the contradictory value ki is greater than any other value. All values in the set Si are mutually incomparable, i.e., they are not related unless they are equal. The order can be interpreted as re ecting information content, and is extended to partial states in the obvious way. A partial order can be de ned in two ways. We follow the de nition given in [15]. By a partial order we mean a relation which is irre exive, antisymmetric and transitive, and by a re exive partial order we mean a relation which is re exive, antisymmetric and transitive.

3

De nition 2.3 1. vi is a re exive partial order on Si+ de ned as 8x; x0 2 Si+ (x vi x0 , x = ui _ x = x0 _ x0 = ki ) hSi+ ; vi i forms a at lattice for each i. 2. v is a re exive partial order on S + de ned as 8s; s0 2 S + (s v s0 , 8i 2 M (si vi s0i )) 2

This de nes a lattice over the partial state space S + and t and u de ne the usual lattice operators join and meet, see for example [7]. If s v s0 then s0 is more informed than s. This means that if a state variable is de ned in s then s0 must have the same value (or the contradictory value) for this state variable, and s0 may assign a value to a state variable which is unde ned in s. Thus a total state s 2 S is more informed than a partial state s0 2 S + if the state variables which are de ned in s0 have the same value in s. In the following we will usually drop the subscripts on ui , ki and vi and write u, k and v instead. The domain will be clear from the context.

2.2 Action types and actions

Examples of actions could be MoveWorkpiece, where a robot moves a workpiece from a workstation to storage, OpenValve1 where a valve called Valve1 is opened and ReadInputChannel, where a computer reads an input channel. An action is formally described by two concepts: an action label and an action type. The action type can be interpreted as a generic action description, and the action label is simply used to distinguish between dierent actions of the same type. Consequently, an action having a unique label is a particular instantiation of an action type and can only occur once. Yet, several actions of the same action type can of course occur but then with dierent labels. Consider, for example, the action type MoveWorkpiece where a robot moves a workpiece from the work-station to storage. Now, suppose this should be done several times, that is, the robot should, for some reason, move the workpiece from the work-station to storage several times. To distinguish between the dierent instantiations of the action type MoveWorkpiece we put a unique label on each action, i.e., we put a `name' on every instantiation of the generic action. An action type is de ned by its pre-, post- and prevail-condition. The pre-condition speci es what must hold when the action starts, the post-condition what holds when the action ends, and the prevail-condition what must be true during the execution of the action. Notice that the state variables in the prevail-condition are not aected by the action. Consider, for example, the action type OpenValve1 where a valve called Valve1 is opened. Suppose that in order to open Valve1 we require that a valve called Valve2 is already open to avoid over ow. Here, the pre-condition is that Valve1 is closed, and the post-condition that it is open. Thus the pre- and post-conditions describe what is changed by the action. An action of type OpenValve1 can only be started when Valve1 is closed (the pre-condition is ful lled) and when Valve2 is open. Consequently there is a condition which must be ful lled while the action is performed, but is not aected by the action. This is the prevail-condition (Valve2 is open). Formally the pre-, post- and prevail-conditions are functions as de ned below.

De nition 2.4 1. H is a set of action types. 2. b : H ! S + gives the pre-condition of an action type. 3. e : H ! S + gives the post-condition of an action type. 4

4. f : H ! S + gives the prevail-condition of an action type.

2

The following axioms must hold for the pre-, post- and prevail-conditions. Axiom 2.5 states that the conditions must be consistent, i.e., no state variable can have the contradictory value. Axioms 2.6 and 2.7 assert that the same state variables are de ned in the pre- and post-condition, and that for each de ned state variable the values are dierent. The state variables which are de ned in the pre- and post-conditions cannot be de ned in the prevail-condition, and this is guaranteed by Axiom 2.8. Finally Axiom 2.9 excludes the theoretical possibility of having two dierent action types with exactly the same pre-, post- and prevail-conditions. Axiom 2.5 The states b(h), e(h) and f (h) are consistent for all h 2 H. Axiom 2.6 8h 2 H (dim(b(h)) = dim(e(h))) Axiom 2.7 8h 2 H; 8i 2 dim(b(h)) (b(h)i 6= e(h)i ) Axiom 2.8 8h 2 H (dim(b(h)) \ dim(f (h)) = ;)

Axiom 2.9

8h; h0 2 H (b(h) = b(h0 ) ^ e(h) = e(h0 ) ^ f (h) = f (h0 ) ) h = h0 )

We have thus de ned an action type, a sort of generic action. The next step is to de ne a set of action labels. An action is then constructed from an unique action label and an action type. An action can be thought of as an implementation of its action type. The functions label and type pick out respectively the label and type of an action. We let the action inherit the properties of the action type.

De nition 2.10 1. L is an in nite set of action labels. 2. A set A  L  H is a set of actions i no two distinct elements in A have identical rst components. 3. If A is a set of actions we de ne two functions: label : A ! L and type : A ! H such that if hl; hi 2 A then label(hl; hi) = l and type(hl; hi) = h. 4. If A is a set of actions then we also extend the functions b, e and f such that b(a) = b(type(a)), e(a) = e(type(a)) and f (a) = f (type(a)).

2

There can thus be several actions of the same type, and the unique label is used to distinguish between them. Thus we can talk about a particular instantiation of an action type, and not just about any instantiation of the considered action type. We end this section by giving the intuitively clear de nition of when an action aects a state variable.

De nition 2.11

1. An action type h 2 H aects the ith state variable where i 2 M i i 2 dim(b(h)). 2. If  H is a set of action types and i 2 M, then the set i denotes the set of all h 2 such that h aects the ith state variable. 3. An action a aects the ith state variable where i 2 M i type(a) aects the ith state variable. 4. If A is a set of actions and i 2 M, then the set Ai denotes the set of all a 2 A such that a aects the ith state variable.

2

5

2.3 Planning

In this section we will formally de ne the concept of a plan, and state the planning problem. A plan is a sequence of actions which transforms a given initial state of the world xo into a desired nal state x? . Another way to describe a plan is to say that it is a set of actions and an ordering on the actions de ning the execution order. Actions may alsoabe performed in parallel. First we de ne the relation 7?! on a set of actions. If s 7?! s0 then there is an arrow in the state graph from vertex s to vertex s0 , i.e., the state s can be transformed into the state s0 by ; 0 performing the action a. If s 7? ! s then there is a path in the state graph from vertex s to 0 vertex s . The total state s can be transformed into the total state s0 by performing the actions in the set in the order given by . Since  is a total order on , this is just a sequence of actions in a particular order. The formal de nition is given below. De nition 2.12 Assuming that s; s0 2 S , a is an action,  L  H is a nite set of actions and  is a total order on1 we de ne the relation 7?! in the following way: 1. s 7?a! s0 i (a) b(a) t f (a) v s, (b) e(a) t f (a) v s0 and (c) 8i 62 dim(b(a) t f (a)) (si = s0i ) ; 0 2. s 7?;! s i s = s0 ; 0 3. s 7? ! s i (a) a 2 , (b) there is no a0 2 such that a0 a and (c) 9s00 2 S (s 7?a! s00 and s00 ?f 7?!ag; s0 )

2

The relation 7?! can now be used to give a formal de nition of a linear (or a non-linear) plan from an initial state xo to a nal state x? , a goal state. In the following we will use xo for the initial state, and x? for the nal state unless otherwise speci ed. A linear plan is a totally ordered set of actions, that is, a sequence of actions. For a non-linear plan the ordering can be a partial order, i.e., the execution order is not fully speci ed. The persistence handling is the same as the STRIPS assumption in [6], namely that nothing changes unless explicitly shown in the pre- and post-condition. De nition 2.13 Assuming that A  L  H is a set of actions,   A  A and xo ; x? 2 S we make the following de nitions: ; ? 1. hA; i is a linear plan from xo to x? i  is a total order on A and xo 7?A! x 2. hA; i is a non-linear plan from xo to x? i  is a partial order on A and hA;  i is a linear plan for any total order  on A such that   .

2 When it is clear from the context wether a plan is linear or not, or when this distinction is of no importance we simply call it a plan. The planning problem can now be stated as follows. 1 We will often abuse both this condition and the condition in De nition 2.13 requiring that    by using a relation containing elements not in  . In all such cases we will implicitly understand the restriction of the relation to the set  . 6

De nition 2.14 The planning problem is formulated as follows: Given a set of action types H, a total state space S , an initial state xo 2 S and a nal state x? 2 S nd a plan hA; i from xo

to x? . 2 We say that a plan is minimal if there is no plan from the given initial state to the desired nal state containing fewer actions.

2.4 The SAS-PUBS class of planning problems

In this section we will give a name to the class of planning problems de ned so far, and we will de ne some concepts for planning problems. These concepts will be used to de ne the class of planning problems we focus on, the SAS-PUBS class. The class of planning problems de ned so far is called the SAS class, where SAS stands for Simpli ed Action Structures: De nition 2.15 The class of planning problems with M, Si; i 2 M and H as de ned in Section 2 and with no further restrictions is referred to as the SAS class. A system consisting of a state space S and a set of action types H which belongs to the SAS class will be denoted hS ; Hi. 2 We make the obvious de nition of a binary domain. De nition 2.16 The domain Si , where i 2 M, is binary i jSi j = 2. 2 The following de nitions are restrictions on the set of action types. An action type is unary if it aects a single state variable. That a set of action types is post-unique means that no two dierent action types can change a particular state variable to the same value: De nition 2.17 An action type h 2 H is unary i dim(b(h)) is a singleton, i.e., the action type changes only one state variable. A set of action types H is unary if all actions in H are unary. 2

De nition 2.18 A set of action types H is post-unique i 8h; h0 2 H (9i 2 M (e(h)i = e(h0 )i =6 ui ) h = h0 )) i.e., no two distinct action types in H can change a particular state variable to the same value.

2

Thus post-unique means that two action types cannot have even partly the same result. The easiest way to understand what post-unique means is probably to give an example where the set of action types is not post-unique. One type of non-post-unique set of action types is when there are dierent action types which partly give the same result. An example is given by the following. We want to design an assembly line with two work-stations, where dierent manipulations are done. The workpieces have to pass both stations, but it does not matter in which order the workpieces are sent to the work-stations, and hence we do not want to x the order before the planning starts. This problem contains, for example, the action types move from storage to work?station1 and move from work?station2 to 1. The post-conditions to both action types are the same, the workpiece is at work-station 1, and the condition above is not ful lled. The de nition of a single-valued set of action types is very restrictive. De nition 2.19 A set H of action types is single-valued i th2H f (h) is consistent, i.e. there are no two distinct actions in H having dierent but de ned prevail-conditions for the same state variable. 2 This means that if the set of action types is single-valued and there is, for example, an action type whose prevail-condition is that a certain valve is open, there is no action type whose prevailcondition is that this particular valve is closed. The class of planning problems where the state variable domains are binary and the set of action types is unary and post-unique is likely to include some interesting problems, for example process plants where some uid is transported in 7

pipes. In such a plant the typical action types would be to open or close a speci c valve. Other examples are actuator motors that are on or o. However, we are aware of the fact that many problems of practical interest are excluded when adding the condition that the set of action types H should be single-valued. We have thus made the de nitions needed to specify the class of planning problems we will concentrate on, namely the SAS-PUBS (Post unique, Unary, Binary, Single-valued) class. De nition 2.20 A SAS system hS ; Hi is in the SAS-PUBS class i Si is binary for all i 2 M and H is post-unique, unary and single-valued. 2

3 Planning for SAS-PUBS planning problems In [2, 13, 14] we presented a planning algorithm for nding minimal (in the number of actions) plans for SAS-PUBS planning problems. The algorithm nds a set of actions
and a partial order 
on the set
full lling the speci cation in De nitions 3.1 and 3.2 below.

De nition 3.1 Given a SAS-PUBS system hS ; Hi and two states xo; x? 2 S , the set
(xo ; x? ) of necessary and sucient actions for a plan from xo to x? is recursively de ned as follows:

1. A = fhg(h); hi j h 2 Hg where g : H ! L is an arbitrary injection. 2. (a) For each i 2 M such that xoi 6= x?i there is exactly one action a 2 A such that b(a)i = xoi , e(a)i = x?i and a 2 P0 . No other actions belong to P0 . (b) T0 = P0 (c) A0 = A ? P0 3. For k  0: (a) For each a 2 Pk and for each i 2 M if f (a)i 6vi xoi and there is no a0 2 Tk such that e(a0 )i = f (a)i then there are two actions a1 ; a2 2 Ak such that b(a1 )i = xoi , e(a1 )i = f (a)i = b(a2 )i , e(a2 )i = x?i and a1 ; a2 2 Pk+1 . No other actions belong to Pk+1 . (b) Tk+1 = Tk [ Pk+1 (c) Ak+1 = Ak ? Pk+1 o ? ~ 4. P~ = [1 k=1 Pk and
(x ; x ) = P0 [ P

2

The set P0 is the set of primarily necessary actions and the set P~ is the set of secondarily necessary actions. The union of these two sets is the set
(xo ; x? ) which is the set of necessary actions. The execution order is given by the relation precedes. The relation precedes is constructed from two relations: enables and disables. Given a set of actions A suppose a1 ; a2 2 A. Then informally the de nition of the relation A is given by the following:  If a1 `enables' a2 then a1 provides some part of the prevail-condition for a2 .  If a2 `disables' a1 then a2 destroys some part of the prevail-condition for a1 . In both these cases a1 should be performed before a2 . Putting these two relations together and taking the transitive closure gives the relation A . The formal de nition is given for both actions and action types in De nition 3.2. 8

De nition 3.2 Suppose  is a set of actions or action types, then the relation  on  is de ned

as:

1. 8a; a0 2  (a  a0 , 9i 2 M (e(a)i = f (a0 )i 6= u)) (`enables') 2. 8a; a0 2  (a a0 , 9i 2 M (f (a)i = b(a0 )i 6= u)) (inverse `disables') 3.  =  [  4.  = + = [jk
=1j i

2

Here + means the transitive closure of the relation  . Taking the transitive closure of a relation is the same as making a relation transitive, and in the relation graph it corresponds to the vertices which can be reached in any number of steps. In Appendix A an algorithm is given which nds a plan h
; 
i according to the speci cations in De nitions 3.1 and 3.2. The algorithm nds a plan if and only if any plan exists, and the complexity increases polynomially with the number of action types.

Theorem 3.3 Suppose hS ; Hi belongs to the SAS-PUBS class and xo ; x? 2 S . Then
(xo ; x? ) according to De nition 3.1 exists and h
(xo ; x? ); 
i, where 
is de ned in De nition 3.2, is a minimal plan i there is a plan. There exists an algorithm which nds h
(xo ; x? ); 
i in polynomial time i there is a plan and otherwise it fails.

2 2

Proof: The proof can be found in [2, 13]. Note that when writing h
(xo ; x? ); 
i it is implicit that 
is a partial order. Thus a plan from xo to x? exists if and only if
(xo ; x? ) exists and 
is a partial order.

4 Reachability for planning problems in the SAS-PUBS class In this section we de ne reachability and give a reachability criterion for the SAS-PUBS class of planning problems. Reachability may be de ned in terms of the state graph [8, 16, 17]. A state x0 is reachable from some other state x if there is a path in the state graph from x to x0 . The formal de nition of reachability is given in De nition 4.1.

De nition 4.1 Given a SAS system hS ; Hi let x; x0 2 S be any states. Then the pair (x; x0 ) is reachable i there exists a plan hA; i from x to x0 such that for all a 2 A type(a) 2 H. If all pairs (x; x0 ) where x; x0 2 S are reachable then hS ; Hi is reachable. 2 Note that the order between x and x0 is important. That (x; x0 ) is reachable does not imply that (x0 ; x) is reachable. Reachability as we de ne it here is a very strong concept. We require that there is a path in the state graph from x to x0 for every pair x; x0 2 S . In graph theory this is called that the state graph is strongly connected, see for example [18]. There exists algorithms for deciding in O(k) time if a graph is strongly connected, where k is the number of nodes in the graph. For SAS-PUBS systems the state variables are binary and hence the number of nodes in the state graph is 2n where n is the number of state variables. Thus the complexity of existing algorithms increases exponentially with the number of state variables. However, for the SAS-PUBS class of planning problems we can nd a criterion whose complexity increases polynomially with the number of state variables, i.e., O(nk ). The reachability criterion is based on the relation precedes () de ned in 3.2 and originally used for nding minimal plans for SAS-PUBS planning problems [2, 13, 14]. Here we consider this relation de ned for sets of action types. A SAS-PUBS system is reachable if there is no 9

`missing' action and the relation  on the set of action types is a partial order. In any minimal plan containing the two actions a1 and a2 if a1 a2 then a1 should be performed before a2 . Using this we can develop a reachability criterion. The system is reachable, i.e., there is a path between any two states in the state graph, if the relation  is a partial order and there is no `missing' action. More speci cally, the criterion says that the system hS ; Hi is reachable if and only if the relation H is a partial order and jHj = 2n where n = jMj, i.e., n is the number of state variables. This is stated in Theorem 4.6 and the proof is based on four lemmas. Lemma 4.2 proves that hS ; Hi cannot be reachable if jHj < 2n. In Lemma 4.3 we show that if jHj = 2n then the set of necessary and sucient actions
(x; x0 ) as de nied in De nition 3.1 exists for any states x; x0 2 S . Lemma 4.4 shows that hS ; Hi is reachable if jHj = 2n and H is a partial order and Lemma 4.5 shows the opposite, i.e., if H is not a partial order then hS ; Hi is not reachable. Lemma 4.2 Suppose hS ; Hi belongs to the SAS-PUBS class. If jHj < 2n then there exists two states x; x0 2 S s.t. there is no plan from x to x0 , i.e., hS ; Hi is not reachable. 2 Proof: Suppose jHj < 2n. Becuase of unaryness and binaryness there must exist x0 2 S and i 2 M s.t. there is no action type h 2 H s.t. e(h)i = x0i . Let x 2 S be any state s.t. xi 6= x0i . Then obviously there is no action transforming xi into x0i and hence there can be no plan from x to x0 . 2

Lemma 4.3 Suppose hS ; Hi belongs to the SAS-PUBS class, and that jHj = 2n. Then the set of necessary and sucient actions
(x; x0 ) de ned in De nition 3.1 exists for any states x; x0 2 S .

2

Proof: The set of action types H is unary and post-unique, and thus there must be exactly two action types in H aecting each state variable, i.e., 8i 2 M jHi j = 2. Because of post-uniqueness and binaryness we must have that if Hi = fh1; h2 g then b(h1 )i = e(h2 )i and b(h2 )i = e(h1 )i . This means that for any state variable xi with any value we can always nd an action a s.t. type(a) 2 H and e(a)i = xi . Hence the set
(x; x0 ) de ned in De nition 3.1 exists. 2 Lemma 4.4 Suppose hS ; Hi belongs to the SAS-PUBS class, that jHj = 2n and that H as de ned in De nition 3.2 is a partial order. Then hS ; Hi is reachable. 2 Proof: Let x; x0 2 S be any states. We want to show that there is a plan from x to x0 .

According to Theorem 3.3 there is a plan from x to x0 if and only if the set of necessary and sucient actions
(x; x0 ) exists and the relation 
as de ned in De nition 3.2 is a partial order. It follows from Lemma 4.3 that the set
(x; x0 ) exists. It only remains to show that 
is a partial order. By de nition 
is transitive, so we only need to show that it is anti-symmetric. Let A be a set of actions containing one action of each type in H. Then for all a1 ; a2 2 A we get that a1 A a2 if and only if type(a1 )H type(a2). This follows immedeately from De nition 3.2. Hence A is a partial order if and only if H is a partial order. Obviously 
 A . Suppose 
is not anti-symmetric. Then there exists a1 ; a2 2
s.t. a1 
a2 and a2 
a1 . But 
 A gives that a1 A a2 and a2 A a1 which is a contradiction because A is a partial order. Hence 
is a partial order and there exists a plan from x to x0 . 2 Lemma 4.5 Suppose hS ; Hi belongs to the SAS-PUBS class, jHj = 2n and H is not a partial order. Then hS ; Hi is not reachable. 2 Proof: We show that if H is not a partial order it is always possible to nd states x; x0 2 S s.t. there is no plan from x to x0 . According to Theorem 3.3 a plan from x to x0 exists if and only if the set
(x; x0 ) de ned in De nition 3.1 exists and the relation 
as de ned in De nition 3.2 is a partial order. It follows from Lemma 4.3 that the set
(x; x0 ) exists for any states x; x0 2 S because jHj = 2n. Thus we must show that if H is not a partial order there exists states x; x0 2 S s.t. 
is not a partial order. The relation 
is transitive by de nition, so we must show that it is not anti-symmetric. Also H is transitive by de nition and thus if it is not a partial order it is not anti-symmetric. 10

Suppose H is not anti-symmetric. Then there must be a loop in the relation graph s.t. the action types in this loop is directly related to each other, i.e., there exists h1 ; h2 ; : : : ; hk 2 H s.t. h1 h2 ; h2 h3 ; : : : ; hk?1 hk ; hk h1 (1) where  is as in De nition 3.2. For simplicity we will here drop the subscripts on H , H and H and instead write , and . Suppose  is de ned according to both and  in De nition 3.2 in some order, that is, the two cases where  =  the hole time or  = the hole time is excluded. Then there exists l s.t. hl?1 hl and hl hl+1 , 1  l  k. According to the de nition it follows that there exist i 2 M such that f (hl?1 )i = b(hl )i 6= u and e(hl )i = f (hl+1 )i 6= u. But then u 6= f (hl?1 )i 6= f (hl+1 )i 6= u which is a contradiction because H is single-valued. Thus either  =  for every  above, or  = for every  above. We get two cases depending on whether or not there exists two action types in the loop which aects the same state variable. 1. Suppose there exists two action types h1 ; h2 2 H in such a loop which aects the same state variable, i.e., Hi = fh1; h2 g for some i 2 M. Then by renaming the action types in (1) we get:

h1 1 ; 1 2 ; : : : ; k h2 ; h2  1 ; 1  2 ; : : : ; l?1  l ; l h1 where  =  or  = . We get two cases depending on if  =  or  = . (a) Suppose  = . From De nition 3.2 it follows that (2) f (h1 )i1 = b(1 )i1 ; : : : ; f (k )ik+1 = b(h2 )ik+1 ; f (h2)ik+2 = b( 1 )ik+2 ; : : : ; f ( l )ik+l+1 = b(h1 )ik+l+1 (3) where no state variable equals u. Because H is unary and Hi = fh1 ; h2 g we get i = ik+1 = ik+l+1 . Post-uniqueness and binary state variables give b(h1 )i 6= b(h2 )i and hence u 6= f (k )i 6= f ( l )i 6= u which is a contradiction because H is single-valued. (b) Suppose  = . From De nition 3.2 it follows that (4) e(h1 )i1 = f (1 )i1 ; : : : ; e(k )ik+1 = f (h2 )ik+1 ; e(h2 )ik+2 = f ( 1 )ik+2 ; : : : ; e( l )ik+l+1 = f (h1 )ik+l+1 (5) where no state variable equals u. Because H is unary and Hi = fh1 ; h2 g we get i = i1 = ik+2 . Post-uniqueness gives e(h1 )i 6= e(h2 )i and hence u 6= f (1 )i 6= f ( 1 )i 6= u

which is a contradiction because H is single-valued. 2. Suppose h1 ; h2 ; : : : ; hk in equation 1 all aect dierent state variables. As before we get two cases depending on if  =  or  = . (a) Suppose  = . We get f (h1 )i1 = b(h2 )i1 ; f (h2 )i2 = b(h3 )i2 ; : : : ; f (hk )ik = b(h1 )ik where no state variable equals u. Let x 2 S be any state s.t. b(h1 ) t b(h2 ) t : : : t b(hk ) v x and x0 2 S any state s.t. e(h1 ) t e(h2 ) t : : : t e(hk ) v x0 . Since all the actions aect dierent state variables such states must exist. Because H is post-unique there exists actions a1 ; a2 ; : : : ; ak 2
(x; x0 ) such that type(al ) = hl for l = 1; : : : ; k according to De nition 3.1. Obviously we get a loop in 
, i.e., it is not anti-symmetric and hence not a partial order. (b) Suppose  = . We get e(h1 )i1 = f (h2 )i1 ; e(h2 )i2 = f (h3 )i2 ; : : : ; e(hk )ik = f (h1 )ik where no state variable equals u. Let x; x0 2 S be de ned as above. Then it follows from the same argument that 
is not anti-symmetric and hence not a partial order. 11

Thus there exists states x; x0 2 S s.t. there is no plan from x to x0 and hence hS ; Hi is not reachable. We can now state our main theorem giving us a reachability criterion.

2

Theorem 4.6 Suppose hS ; Hi belongs to the SAS-PUBS class. Then hS ; Hi is reachable if and only if jHj = 2n and H as de ned in De nition 3.2 is a partial order. 2 Proof: Follows immedeately from Lemmas 4.2, 4.4 and 4.5. 2 Checking if a SAS-PUBS system hS ; Hi is reachable can obviously be done using part of the

algorithm for nding minimal plans. The algorithm in Appendix A is modi ed in the following way: the computation of the set of necessary and sucient actions
(xo ; x? ) should be left out, the set of action types H should be considered instead of the set of actions
(xo ; x? ) when constructing the ordering relation, and a test on the number of elements in H should be added. The algorithm is given in Appendix B and an informal description is given below.

if jHj 6= 2
n then the system is not reachable else fComputation of g for all action types a1 ; a2 2 H do

if a1 'enables' a2 then a1 a2 if a2 'disables' a1 then a1 a2 endfor  = + fCompute the transitive closureg if  is a partial order then the system is reachable

else the system is not reachable endif endif

It is now easy to show that the reachability criterion can be checked in polynomial time. This is stated in Theorem 4.7.

Theorem 4.7 There exists an algorithm for checking the criteria given in 4.6 whose complexity increases polynomially with the number of state variables.

Proof: Obvious from Theorem 3.3.

2 2

5 Example In this section we apply the reachability criterion to a simple example which is later modi ed in two ways to illustrate what happens if the criterion given in Theorem 4.6 does not hold.

Example 5.1 The problem is to build a Lego car from two parts: a top and a chassis, see Figure 1. This is a much simpli ed version of a Lego car factory used in undergraduate laboratory sessions at our department [22]. We de ne two state variables such that for any state x 2 S , the state x is interpreted as:



0 if the chassis is not at the work-station 1  if the chassis is at the work-station 0 if there is no top on the chassis x2 = 1 if there is a top on the chassis

x1 =

12

  { {  



A A

  { {  

-





A A

Figure 1: The Lego car factory.

Obviously the chassis must be at the work-station when putting a top on the chassis. There are four action types in H, and these are de ned together with their pre-, post-, and prevail-conditions in table 1. action type (h) move to work ?station move from work ?station put on top take o top

b(h) (0; u) (1; u) (u; 0) (u; 1)

e(h) (1; u) (0; u) (u; 1) (u; 0)

f(h) (u; u) (u; u) (1; u) (1; u)

Table 1: De nition of the action types for the example. The problem is clearly in the SAS-PUBS class. We see immediately that jHj = 4 = 2
n so the rst part of the criterion given in Theorem 4.6 is ful lled. The relation H is given in Figure 2. We see that H is a partial order, and it follows from Theorem 4.6 that the system is reachable. move to work-station

*   H HH j

put on top take o top

HH j H *  

move from work-station

Figure 2: The relation `precedes' (H ) on the set H for the Lego car example. The state graph is given in Figure 3 and as expected there is a path from any state x to any state x0 . (0; 0)  - (1; 0)  - (1; 1)  - (0; 1) Figure 3: The state graph for the Lego car example.

Example 5.2 To illustrate what happens when the criterion in De nition 4.1 is not satis ed we modify Example 5.1. Suppose S is as in Example 5.1 but that the action type take o top is removed from the set H. This action does not exist in the real Lego car factory, but was added here to make the system reachable. Thus H =fmove to work-station, move from work-station, put on topg where the action types are de ned according to Table 1. The problem is still in the SAS-PUBS class but now jHj = 3 < 2
n = 4 and hence the system is not reachable according to Theorem 4.6. We see that if x2 = 1 we cannot change its value because of the 'missing' action type. Example 5.3 Let us modify Example 5.1 in yet another way. Suppose S and H is as de ned in Example 5.1, but that the prevail-condition for the action type move to work ?station is modi ed so that f (move to work ?station ) = (u; 1). The system is still in the SAS-PUBS class. The rst 13

move to work-station

*       HH j H

put on top take o top

HH j H *  

move from work-station

Figure 4: The relation `precedes' (H ) on the set H for the modi ed Lego car example. part of the criterion in Theorem 4.6 is satis ed according to Example 5.1. For the second part we get the relation H as in Figure 4. We see that H is not anti-symmetric and hence it is not a partial order so the system is not reachable according to Theorem 4.6. In Figure 5 the state graph for this modi cation is given. It is easily seen that starting in the state x = (0; 0) it is not possible to perform any action. (0; 0) 

(1; 0)  - (1; 1)  - (0; 1)

Figure 5: The state graph for the modi ed Lego car example.

6 Conclusions We have presented a reachability criterion for planning problems in the SAS-PUBS class. The complexity of checking this criterion increase polynomially with the number of state variables. Even if the SAS-PUBS class can be said to contain only simple planning problems, it is important to develop theoretical results and thereby formally characterize what makes a planning problem simple.

References [1] S. Baase. Computer Algorithms:Introduction and Analysis. Addison Wesley, Reading, Massachusetts, 1988. [2] C. Backstrom and I. Klein. Planning in polynomial time: the SAS-PUBS class. Computational Intelligence, 7:181{197, August 1991. [3] A. Benveniste and P. Le Guernic. Hybrid dynamical systems theory and the signal language. IEEE Transactions on Automatic Control, 35:535{546, 1990. [4] P. E. Caines, R. Greiner, and S. Wang. Classical and logic-based dynamic observers for nite automata. IMA Journal of Mathematical Control & Information, 8:45{80, 1991. [5] G. Cohen, D.Dubois, J. P. Quadrat, and M. Viot. A linear-system-theoretic view of discreteevent processes and its use for performance evaluation in manufacturing. IEEE Transactions on Automatic Control, AC-30(3):210{220, 1985. [6] R. E. Fikes and N. J. Nilsson. Strips: A new approach to the application of theorem proving to problem solving. Arti cial Intelligence, 2:189{208, 1971. [7] A. Gill. Applied Algebra for the Computer Sciences. Prentice Hall, Englewood Clis, New Jersey, 1976. [8] C. Golaszewski and P. J. Ramadge. The complexity of some reachability problems for a system on a nite group. Systems & Control Letters, 12:431{435, 1989. 14

[9] Y. C. Ho and C. Cassandras. A new approach to the analysis of discrete event systems. Automatica, 19(2):189{208, 1983. [10] C. A. R. Hoare. Communicating Sequential Processes. Prentice Hall, Englewood Clis, New Jersey, 1985. [11] IEC. Preparation of function charts for control systems - IEC 848. Technical Report 848:1988, IEC, Geneve, 1988. [12] K. Inan and P. Variaya. Finitely recursive process models for discrete event systems. IEEE Transactions on Automatic Control, 33(7):626{639, 1988. [13] I. Klein. Planning for a class of sequential control problems. Licentiate thesis 234, Department of Electrical Engineering, Linkoping, May 1990. [14] I. Klein and C. Backstrom. On the planning problem in sequential control. In Proceedings of the 30th Conference on Decision and Control, pages 1819{1823, Brighton,England, 1991. IEEE. [15] E. Mendelson. Introduction to Mathematical Logic. Wadsworth & Brooks, Monterey, California, 1987. [16] T. Murata. Petri nets: Properties, analysis and applications. Proceedings of the IEEE, 77:541{580, 1989. [17] J. S. Ostro. Temporal Logic for Real-Time Systems. Research Studies Press Ltd, Taunton, Somerset, England, 1989. [18] C. H. Papadimitriou and K. Steiglitz. Combinatorial Optimization Algorithms and Complexity. Prentice Hall, Englewood Clis, New Jersey, 1982. [19] J. L. Peterson. Petri Net Theory and the Modeling of Systems. Prentice Hall, Englewood Clis, N. J., 1981. [20] P. J. Ramadge and W. M. Wonham. Supervisory control of a class of discrete event processes. SIAM J. Control and Optimization, 25(1):206{230, 1987. [21] E. Sandewall and R. Ronnquist. A representation of action structures. In Proceedings of the Fifth National Conference on Arti cial Intelligence (AAAI-86), pages 89{97, Philadelphia, Pennsylvania, August 1986. Morgan Kaufman. [22] J-E Stromberg. Styrning av lego-bilfabrik. Technical report, Department of Electrical Engineering, Linkoping University, Linkoping, Sweden, 1991. Manual for control laboratory session. [23] J. G. Thistle and W. M. Wonham. Control problems in a temporal logic framework. Int. J. Control, 44(4):943{976, 1986.

A Algorithm for nding minimal plans Here we give an algorithm for nding minimal plans according to the speci cations in De nition 3.1 and De nition 3.2. First we de ne some functions and procedures used in the algorithm.

De nition A.1 We assume that the following functions and procedures are available: Insert(a,A) Inserts the action a into the set A. Find(A,i,x) Searches the set A for an action a such that b(a)i = x. Returns a if found, otherwise returns nil.

15

R nd(A,i,x) Like Find, but also removes a from A if it is found. Warshall(M) M is a Boolean matrix representing a relation . Returns a Boolean matrix representing the transitive closure of . Uses Warshalls algorithm see, for example, [1].

2 The algorithm is now given by the following. Algorithm A.1 [Plan]

Input: A, a set containing one action for each action type in H, and xo and x? , the initial and nal states respectively. Output:
a set of actions, and H a partial order on
.

1 Procedure Plan(A :set of actions; xo ; x? :state); 2 var 3 i :state variable index; 4 a; a0 ; a1 ; a2 :action; 5 P; P 0 ;
:set of actions; 6 r :Boolean matrix; 7 8 begin 9
:= ;; 10 P := ;; 11 12 for i 2 M do 13 if xoi 6= x?i then 14 a :=R nd(A; i; xoi); 15 if a 6= nil then Insert(a; P );Insert(a;
) 16 else fail 17 end fif g 18 endfif g 19 endfforg; 20 21 while P 6= ; do 22 P 0 := ;; 23 for a 2 P do 24 for i 2 M do 25 if f (a)i 6v xoi then 26 a0 :=Find(
; i; xoi ); 27 if a0 = nil then 28 a1 :=R nd(A; i; xoi ); 29 a2 :=R nd(A; i; f (a)i ); 30 if a1 = nil or a2 = nil or e(a1)i 6= f (a)i or 31 e(a2 )i 6= x?i then fail 32 else Insert(a1; P 0);Insert(a2 ; P 0 ); 33 Insert(a1 ;
);Insert(a2 ;
) 34 endfif g 35 endfif g 36 endfif g 37 endfforg 38 endfforg; 39 P := P 0 40 endfwhile g; 16

41 42 r := `j
j  j
j zero matrix'; 43 44 for a 2
do 45 for a0 2
do 46 for i 2 M do 47 if e(a)i = f (a0)i then r(a; a0 ) := 1 end; 48 if b(a0 )i = f (a)i then r(a; a0 ) := 1 end 49 endfforg 50 endfforg 51 endfforg; 52 53 H := Warshall(r) 54 if H is not a partial order then fail 55 return h
; H i 56 end fPlang

2

B Algorithm for checking reachability Here we present an algorithm according for checking the reachability criterion given in 4.6. The algorithm builds heavily on the algorithm in Appendix A for nding minimal plans for SAS-PUBS planning problems. The function Warshall is de ned in De nition A.1. Algorithm B.1 [Reachability] Input: H, a set of action types. Output: H, a partial order on H. 1 Procedure CheckReachability(H); 2 var 3 i :state variable index; 4 h; h0 :action type; 5 r :Boolean matrix; 6 7 begin 8 9 if jHj 6= 2
jMj then fail 10 r := `jHj  jHj zero matrix'; 11 12 for h 2 H do 13 for h0 2 H do 14 for i 2 M do 15 if e(h)i = f (h0 )i then r(h; h0) := 1 end; 16 if b(h0)i = f (h)i then r(h; h0 ) := 1 end 17 endfforg 18 endfforg 19 endfforg; 20 21 H := Warshall(r) 22 if H is not a partial order then fail 23 return H 24 end fCheckReachabilityg

2

17