Decentralized Diagnosis of Event-Driven Systems for Safely Reacting to Failures

We introduce the notion of safe-codiagnosability, extending the notion of safe-diagnosability (Paoli and Lafortune, 2005) to the decentralized setting. For a system, a certain subbehavior is deemed safe (captured via a safety specification), and a further subbehavior is deemed nonfaulty (captured via a nonfault specification). Safe-codiagnosability requires that when the system executes a trace that is faulty, there exists at least one diagnoser that can detect this within bounded delay and also before the safety specification is violated. The above notion of safe-codiagnosability may also be viewed as an extension of the notion of codiagnosability (Qiu and Kumar, 2006), where the latter did not have any safety requirement. We show that safe-codiagnosability is equivalent to codiagnosability together with ldquozero-delay codiagnosabilityrdquo of ldquoboundary safe tracesrdquo. (A safe trace is a boundary safe trace if there exists a single-event extension that is unsafe.) We give an algorithm of polynomial complexity for verifying safe-codiagnosability. For a safe-codiagnosable system, the same methods as those proposed in (Qiu and Kumar, 2006) can be applied for offline synthesis of individual diagnosers, as well as for online diagnosis using them.