LAUSR

Abstract Fault-tolerant controllers keep system operation safe and mitigate the effects of a system malfunction, while the notion of safe fault-tolerant control is also concerned with not driving the system into an unsafe post-fault situation. In this paper, we present a special kind of diagnoser, called Active Diagnoser Controller (ADC), and show how it can be used in an active fault-tolerant supervision architecture for Discrete Event Systems. In addition to performing fault diagnosis, in two situations the ADC acts as a controller: (i) intervening in control actions, with the inclusion of events in the set of events disabled by the supervisor, whenever it is enough to ensure safe controllability; and (ii) switching from the nominal supervisor to a post-fault supervisor when the fault is diagnosed. We also present an example illustrating how the ADC can be applied in a decentralized architecture.