Supervisor Design for Minimal Event Observation in Discrete Event Systems: A Linear Programming Approach

Abstract

This paper studies the supervisory control of discrete event systems (DESs) from an event observation perspective and addresses the problem of supervisor design with minimal observation. In supervisory control, a supervisor enables or disables controllable events based on its observation of the system trajectory to guarantee controllability and nonblocking behavior with respect to a given specification, while the number of observed events critically affects the implementation complexity and cost of the control logic. Rather than minimizing the state space of the supervisor, which is the focus of classical supervisor reduction, this paper is dedicated to the minimization of observable events. Specifically, it aims to reduce the observation alphabet while preserving control equivalence with the original supremal supervisor. By analyzing the consistency of disabling decisions between event-enabled and event-disabled states, necessary and sufficient distinguishability conditions are derived and represented using Parikh vectors, which enables their formulation as linear separation constraints. In addition, event-enabled circles are introduced to capture intrinsic structural observability requirements induced by cyclic behaviors of the supervisor. These results lead to a mixed-integer linear programming (MILP) formulation that minimizes the observation alphabet while preserving control equivalence with the original supremal supervisor, together with an E-closure-based construction that synthesizes an executable event-minimal supervisor. Illustrative examples demonstrate that the proposed method can significantly reduce observation requirements even when state-minimal supervisors are already available, thereby improving implementation efficiency in resource-constrained DES applications.

1. Introduction

Discrete event systems (DESs) are dynamic systems driven by asynchronous occurrences of discrete events. In many engineered applications, the behavior of a DES is regulated by a supervisor that monitors the system evolution and issues control commands by disabling selected controllable events. Within the supervisory control theory (SCT) framework [1], a plant and its specification are commonly modeled as deterministic finite automata (DFA) and Petri Nets (PNs), and the control objective is to enforce the plant behavior to conform to the specification while ensuring nonblockingness and maximal permissiveness [2]. Under full observation, a supremal supervisor can be synthesized as an automaton derived from synchronous composition of the plant and specification models [1,2]. However, the supervisor state space typically grows on the same order as that of the product automaton, and thus suffers from the well-known state-explosion phenomenon [3,4].

Beyond synthesis complexity, the implementation and maintenance of large supervisors are further constrained by sensing and communication resources. In practical DES deployments, each observable event may correspond to a physical sensor, a communication channel, or a software interface. As systems become larger and more intricate, the cardinality of the observation alphabet becomes a dominant factor in implementation cost, reconfiguration overhead, and the feasibility of real-time supervision. Moreover, formal verification of supervisor correctness (e.g., nonblockingness and controllability) is computationally expensive for large automata [1,5], which motivates effective reduction techniques that simplify supervisor implementations without compromising the correctness of control logic.

While supervisor reduction has been extensively studied, the majority of existing approaches emphasize reducing the number of states. In contrast, minimizing the number of events that need to be observed, which corresponds to designing a supervisor with minimal observation, remains comparatively less explored. Event reduction is particularly important in large-scale industrial applications, where sensing and implementation resources are critical constraints. This paper addresses this gap by developing an optimization-based approach that directly minimizes the observation event set, while preserving control equivalence with a given supremal supervisor.

Related Work

Automaton-based SCT has been extensively investigated over the past three decades as a systematic framework for modeling and controlling DESs. Recent survey work further summarizes the major developments in supervisory control synthesis over the past decade, covering advances in algorithmic complexity, optimization-oriented formulations, and emerging application scenarios [6]. The seminal work by Ramadge and Wonham [1] establishes the foundations of SCT by formulating the supervisory control problem in terms of formal languages and automata, and by introducing the notions of controllability and nonblockingness. Under full observation, a unique supremal supervisor that is maximally permissive can be synthesized, and its construction has been well documented in the literature, and standard references such as [2].

For supervisory control under partial observation, observability becomes a central concern. Lin and Wonham [7] formally characterize observability and show that, unlike controllability, it is not closed under union, which implies that a supremal observable supervisor may not exist. This fundamental limitation has motivated extensive research on alternative admissibility conditions. Normality [1] provides a sufficient condition that guarantees the existence of a supremal solution, but often leads to overly conservative supervisors. To alleviate this conservativeness, relative observability has been proposed [8,9], which strengthens observability while remaining strictly weaker than normality and preserving union closure.

Approaches addressing structural observability, such as decentralized observability frameworks in DESs, also address partial observation issues but do not directly focus on minimizing the observation alphabet [10]. For example, Sears and Rudie [11] investigate minimal sensor activation and minimal communication in discrete-event systems, focusing on reducing sensing and communication costs while preserving decision properties of the system. Recent work by Hou examines minimization of sensor activation under control and observation delays, further extending sensor optimization to networked DESs [12]. Similarly, Yin and Lafortune formulate optimal sensor activation policies in decentralized DESs, emphasizing dynamic sensor usage under resource constraints [13,14]. These methods aim to optimize sensor deployment in DESs, particularly under resource constraints. And these developments significantly advance the theoretical foundations of partial-observation supervisory control. However, they generally assume that the observation alphabet is fixed, and the problem of how to optimally select observable events is not explicitly addressed. In contrast, the approaches presented in these works often involve complex state decomposition, information state construction, and indirect optimization, which are computationally expensive, particularly for large-scale systems. These methods typically require evaluating multiple configurations, managing interactions between multiple agents, or incorporating additional constraints. More recently, synthesis approaches under partial observation have been explored by incorporating additional observational structures, such as quiescent information, to enhance supervisory performance [15].

Parallel to observability-related studies, supervisor reduction has been an active research topic aimed at simplifying supervisor implementations while preserving control behavior. An early and influential contribution is due to Vaz and Wonham [16], where the concept of control cover is introduced. In that work, two fundamental reduction theorems and a corresponding reduction algorithm are proposed. Although the algorithm has exponential-time complexity in the worst case, its effectiveness is demonstrated by computing significant reductions for benchmark examples. In particular, the supervisors considered in [17] are reduced from 32 states to 2 states and from 24 states to 4 states, respectively, highlighting the practical potential of supervisor state reduction.

Building on this line of research, Su and Wonham [18] introduce the notion of control congruence, which provides a less restrictive and more general framework for supervisor reduction. Their work establishes a necessary and sufficient condition for control-equivalent reduction and leads to a polynomial-time reduction algorithm, thereby representing a substantial improvement in computational feasibility. Further insights into the role of information and observation in supervisor reduction are discussed in [19]. Subsequent studies extend and refine these ideas, including improved reduction algorithms under additional structural assumptions [20], and the application of reduction techniques in modular and distributed supervisory control architectures [17,21,22].

Another related research direction considers preprocessing or event-hiding strategies in combination with state reduction. For example, Malik [23] proposes to hide selected events prior to applying state-reduction algorithms, which may lead to further simplifications in certain cases. While effective in practice, such approaches are largely heuristic and do not provide explicit optimality guarantees with respect to the number of observed events. Moreover, the reduced observation alphabet is typically a by-product of the reduction process rather than the primary optimization objective. In the broader context of optimal supervisory control, recent work considers performance optimization problems, such as minimizing the average cost per cyclic task, leading to both theoretical and algorithmic advances [24].

Supervisor reduction techniques have also been extended to timed discrete-event systems. Timed automata and timed DES frameworks have been developed to capture temporal behavior [25,26]. In this context, reduced supervisors have been obtained through abstraction or modified temporal resolution [27], and state-reduction algorithms that preserve control equivalence have been proposed [28]. However, these studies primarily focus on reducing state complexity in the presence of timing constraints, while the issue of minimizing the observation alphabet remains unexplored. This is because state reduction and observation minimization address fundamentally different optimization dimensions. State reduction merges equivalent states via partition refinement algorithms, while observation minimization selects a subset of events to distinguish enabled from disabled states. The latter is a feature-selection problem that is naturally cast as mixed-integer linear programming (MILP) and cannot be reformulated within state-based reduction frameworks. Similarly, parallel work in PNs has also tackled supervisor complexity, e.g., by converting nonlinear constraints into linear ones through iterative separation to reduce structural overhead [29]. In related applications, adaptive supervisory control methods for unreliable resources in manufacturing systems also aim to preserve system behavior while reducing operational complexity [30]. In the context of dynamic control specifications, the methods with data inhibitor arcs have been developed to reconfigure supervisors without redesign [31], yet they do not address the optimization of the observation event set. Liu et al. [32] consider supervisory control under asymmetric observation and sensor deception, highlighting practical challenges related to observation reliability.

Despite the substantial progress achieved by the above works, most existing reduction techniques primarily target the number of supervisor states, whereas the observation alphabet is usually retained or modified only indirectly. In practice, however, the cost associated with observing events—such as sensing, communication, and data processing—can dominate the overall implementation complexity. This observation highlights the need for complementary approaches that explicitly address observation minimization.

Different from the existing studies that primarily address supervisor state reduction or admissibility conditions under partial observation, this paper focuses on the observation design problem for supervisory control of DESs. The objective is to determine a minimal set of observable events that preserves the disabling behavior and control equivalence of a given supremal supervisor. By directly optimizing the observation alphabet, we provide a more efficient and focused solution, eliminating the need for the complex state decomposition, information state construction, and indirect optimization commonly required by prior methods. To this end, we formulate observation selection as an optimization problem by enforcing distinguishability between conflicting control decisions under partial observation, whereas alternative approaches often rely on heuristic or combinatorial methods for sensor selection, leading to a systematic and implementable framework for minimal-observation supervisor design. The main contents and contributions of this work are summarized as follows:

• A formal observation-design framework is proposed to characterize necessary and sufficient distinguishability conditions for preserving supervisory control decisions under partial observation in DESs, based on a systematic partition of event-enabled and event-disabled states.
• The notion of event-enabled circles is defined to capture intrinsic structural observability requirements induced by cyclic behaviors of the supervisor; it is shown that such structures impose unavoidable event observability constraints independent of optimization objectives.
• A Parikh vector-based representation of event sequences is introduced, through which the observation selection problem is formulated as a mixed-integer linear programming (MILP) problem, termed the Minimal-Observation Programming (MOP), that directly minimizes the number of observed events while guaranteeing control equivalence.
• An E-closure-based construction is defined to realize an event-minimal supervisor from the optimized observation event set by removing unselected events and merging supervisor states, thereby yielding an executable supervisor realization under minimal observation.

The remaining sections of this paper are organized as follows. Section 2 reviews the basic concepts and notations of formal languages and automata. The proposed MILP-based framework for observation minimization and the associated algorithms are presented in Section 3. Section 4 provides illustrative examples and comparative discussions. We conclude the paper and outline directions for future research in Section 5.

2. Preliminaries

This section introduces the basic concepts and notations used throughout the paper. Rather than providing a comprehensive review of supervisory control theory, we focus on definitions that are directly relevant to the observation design problem studied in this work, including event projection, control equivalence, and the characterization of event-enabled and event-disabled states. These notions form the foundation for the optimization-based framework developed in Section 3.

2.1. Formal Languages and Projection

One formal approach to studying the logical behavior of a system is based on language and automaton theory in DESs. A language defined over an event set $\Sigma$ is a set of finite-length strings formed from the events in $\Sigma$.

Let $\Sigma$ be a finite set of events. Denote ${\Sigma }^{*}$ as the set of all finite strings over $\Sigma$, including the empty string $\epsilon$. A subset $L\subseteq {\Sigma }^{*}$ is called a language over $\Sigma$. The prefix closure of L is defined as

$$\overline{L}:=\{u\in {\Sigma }^{*}\mid \exists v\in {\Sigma }^{*},uv\in L\},$$

where $uv$ denotes the concatenation of two strings. A language L is said to be prefix-closed if $L=\overline{L}$.

Given two languages $L_1,L_2\subseteq {\Sigma }^{*}$, their concatenation is defined as

$$L_1{L}_2:=\{{\omega }_1{\omega }_2\in {\Sigma }^{*}\mid {\omega }_1\in L_1,{\omega }_2\in L_2\}.$$

For a subset $E\subseteq \Sigma$, the set $E^{*}$ denotes all finite strings composed of events in E, including $\epsilon$.

Example 1. 

Consider an alphabet $\Sigma =\{a,b,c\}$. A string over $\Sigma$ is a finite sequence of events, e.g., $s=abc$. Let $L_1=\{ϵ,a\}$ and $L_2=\{a,b,ab\}$. Their concatenation is $L_1{L}_2=\{ϵ·a\}\cup \{ϵ·b\}\cup \{ϵ·ab\}\cup \{a·a\}\cup \{a·b\}\cup \{a·ab\}=\{a,b,aa,ab,aab\}$. Note that the string $ab$ can be obtained in two different ways: concatenating ϵ with $ab$ or concatenating a with b. Moreover, $L_1$ is prefix-closed because $\overline{L_1}=L_1$, while $L_2$ is not prefix-closed since $ϵ\notin L_2$.

Since languages are sets, standard set operations such as union, intersection, and difference are applicable. In addition, a fundamental operation in supervisory control is the natural projection, which models partial observation of event occurrences. Let ${\Sigma }_s$ and ${\Sigma }_l$ with ${\Sigma }_s\subseteq {\Sigma }_l$ be two event sets. The natural projection

$$P:{\Sigma }_l^{*}\to {\Sigma }_s^{*}$$

is defined by

$$P\left(\epsilon \right)=\epsilon ,P\left(\sigma \right)=\left\{\begin{array}{cc}\sigma ,\hfill & \mathrm{if}\sigma \in {\Sigma }_s,\hfill \\ \epsilon ,\hfill & \mathrm{if}\sigma \in {\Sigma }_l\setminus {\Sigma }_s,\hfill \end{array}\right.$$

and extended to strings by concatenation, i.e., $P\left(s\sigma \right)=P\left(s\right)P\left(\sigma \right)$ for $s\in {\Sigma }_l^{*}$ and $\sigma \in {\Sigma }_l$.

The inverse image of a string $t\in {\Sigma }_s^{*}$ under P is given by

$$P^{-1}\left(t\right):=\{s\in {\Sigma }_l^{*}\mid P\left(s\right)=t\}.$$

Thus, the effect of P on a string is to erase all events not belonging to ${\Sigma }_s$ while preserving the relative order of the remaining events. Two strings $s,s^{\prime }\in {\Sigma }_l^{*}$ are said to be indistinguishable under P if $P\left(s\right)=P\left(s^{\prime }\right)$, denoted by $s\equiv s^{\prime }$.

Example 2. 

Consider the alphabet $\Sigma =\{a,b,c\}$ and the observable subset ${\Sigma }_o=\{a,c\}$. The natural projection $P:{\Sigma }^{*}\to {\Sigma }_o^{*}$ erases events not in ${\Sigma }_o$. For instance, $P\left(abc\right)=P\left(a\right)P\left(b\right)P\left(c\right)=a·ϵ·c=ac$. Two strings $s_1=abc$ and $s_2=ac$ are indistinguishable under P because $P\left(s_1\right)=P\left(s_2\right)=ac$. The inverse image of $t=ac$ under P is $P^{-1}\left(ac\right)=\{s\in {\Sigma }^{*}\mid P\left(s\right)=ac\}$, which includes strings such as $abc$, $acc$, $abbc$, etc.

The notion of indistinguishability induced by natural projection plays a central role in the observation design problem studied in this paper, as it directly affects the supervisor’s ability to make consistent disabling decisions based on partial observations.

2.2. Automata

In the DES community, an uncontrolled system, also referred to as a plant, is typically modeled by an automaton. Event sequences and languages provide a convenient and rigorous means to describe the behavior of a DES. These formal constructs are defined over a finite set of events, denoted by the alphabet $\Sigma$. A sequence (or string), denoted by ${\sigma }_1{\sigma }_2{\sigma }_3\dots {\sigma }_n$, is an ordered list of events from $\Sigma$. The set of all finite sequences over $\Sigma$, including the empty sequence $\epsilon$, is denoted by ${\Sigma }^{*}$ and is referred to as the Kleene closure of $\Sigma$. For two sequences $s,t\in {\Sigma }^{*}$, their concatenation is denoted by $st$, representing the ordered execution of s followed by t.

A DES can be modeled by an automaton (also called a generator or state machine)

$$G=(\Sigma ,X,\delta ,x_0,X_m),$$

where $\Sigma$ is the set of events, X is the finite state space, $\delta :X\times \Sigma \to X$ is a partial transition function, $x_0\in X$ is the initial state, and $X_m\subseteq X$ is the set of marked states. For states $x,y\in X$ and an event $\sigma \in \Sigma$, $\delta (x,\sigma )=y$ indicates that the execution of event $\sigma$ from state x leads the system to state y. If $\delta (x,\sigma )$ is undefined, then event $\sigma$ cannot occur at state x; if it is defined, we write $\delta (x,\sigma )!$. The transition function is extended to $\delta :X\times {\Sigma }^{*}\to X$ in the usual recursive manner.

The behavior of the DES G is characterized by its generated language and marked language. The generated language of G is defined as

$$L\left(G\right)=\{s\in {\Sigma }^{*}\mid \delta (x_0,s)!\},$$

which consists of all feasible event sequences starting from the initial state. The marked language of G is defined as

$$L_m\left(G\right)=\{s\in L\left(G\right)\mid \delta (x_0,s)\in X_m\},$$

representing the set of event sequences that lead the system to marked states. In SCT, the generated language captures all possible behaviors of the system, while the marked language typically represents the desired or accepted behaviors.

Given a plant represented by an automaton G and a control specification, SCT aims to compute the maximally permissive controllable language that satisfies the specification. The supervisor can also be represented by an automaton, and the controlled behavior of the system is obtained via the synchronous product of the supervisor and the plant. In this setting, the supervisor enforces control by enabling or disabling events according to observed event sequences. Since the plant dynamics are already encoded in G, the resulting supervisor may contain redundant state information inherited from the plant.

Let $G=(Q,\Sigma ,\delta ,q_0,Q_m)$ be a (nonempty) controlled DES, where the event set $\Sigma$ is partitioned into the set of controllable events ${\Sigma }_c$ and the set of uncontrollable events ${\Sigma }_u$. A control pattern is any subset of events that contains all uncontrollable events, and the set of all admissible control patterns is defined as

$$\Gamma =\{\gamma \subseteq \Sigma \mid {\Sigma }_u\subseteq \gamma \}.$$

A supervisory control for G is defined as a mapping $V:L\left(G\right)\to \Gamma$. The closed-loop system under supervision is denoted by $V/G$, and its closed behavior is the language $L(V/G)\subseteq L\left(G\right)$ defined by the following: (i) $\epsilon \in L(V/G)$; (ii) if $s\in L(V/G)$ and $s\sigma \in L\left(G\right)$ with $\sigma \in V\left(s\right)$, iff $s\sigma \in L(V/G)$; (iii) no other strings belong to $L(V/G)$. Condition (iii) ensures that the language $L(V/G)$ consists only of the event sequences allowed by the supervisor, excluding any unintended or extraneous strings. This guarantees that the closed-loop system’s behavior remains consistent with the desired control specifications. The marked behavior of the closed-loop system is given by

$$L_m(V/G)=L(V/G)\cap L_m\left(G\right).$$

While the abstract definition of a supervisor is mapping, $V:L\left(G\right)\to \Gamma$ is theoretically convenient, but it does not directly provide a concrete structure for implementation. To obtain an automaton-based representation, consider a marking nonblocking supervisory control (MNSC) V for the controlled DES G, such that $L_m(V/G)=K$ and $L(V/G)=\overline{K}$. Let $SDES$ be a DES, satisfying

$$K=L_m\left(SDES\right)\cap L_m\left(G\right),\overline{K}=L\left(SDES\right)\cap L\left(G\right).$$

(1)

In this case, $SDES$ is said to implement the supervisor V.

Example 3. 

Figure 1 illustrates a DFA $G_1=(X,\Sigma ,\delta ,x_0,X_m)$, where $X=\{1,2,3,4\}$, $\Sigma =\{a,b,d\}$, $x_0=1$, and $X_m=\left\{1\right\}$. The transition function δ is defined by $\delta (1,d)=2$, $\delta (2,a)=3$, $\delta (3,a)=1$, $\delta (3,b)=2$, and $\delta (2,b)=4$. The generated language and the marked language of $G_1$ are given by $L\left(G_1\right)=\{\epsilon ,d\}\cup \{da{\left(ba\right)}^k,da{\left(ba\right)}^{k}a,da{\left(ba\right)}^{k}b\mid k\ge 0\}$, and $L_m\left(G_1\right)=\left\{\epsilon \right\}\cup \left\{da{\left(ba\right)}^{k}a\mid k\ge 0\right\}.$ Figure 2 shows a supervisor realization $S_1$ for $G_1$, which disables the controllable event b at state 2, i.e., the transition $2\stackrel{b}{\to }4$ is forbidden. Consequently, all strings that require this transition are excluded from the closed-loop behavior. The closed-loop language is therefore $L(S_1/G_1)=\{\epsilon ,d\}\cup \left\{da{\left(ba\right)}^k,da{\left(ba\right)}^{k}a\mid k\ge 0\right\}$, and the marked closed-loop language satisfies $L_m(S_1/G_1)=L(S_1/G_1)\cap L_m\left(G_1\right)=\left\{\epsilon \right\}\cup \{da{\left(ba\right)}^{k}a\mid k\ge 0\}$.

Given a plant G and a specification automaton $SPEC$, standard software tools such as TCT [33] can be used to compute $SDES$ via $SDES=\mathrm{supcon}(G,SPEC)$, which represents the full optimal controlled behavior. However, the resulting supervisor may have a large number of states, since it incorporates both the plant structure and the control constraints required to satisfy the specification. Therefore, it is often desirable to derive a simplified supervisor that is equivalent in control action but has reduced complexity. Using TCT, a simplified supervisor $SIMSUP$ can be obtained from $SDES$ by applying state-reduction procedures, such as $SIMSUP=\mathrm{supreduce}(G,SDES,SUPDAT)$, where $SUPDAT=\mathrm{condat}(G,SDES)$.

3. Computation of Minimal Observation

Before presenting the technical details of the observation minimization framework, it is important to clarify the distinction between the proposed approach and classical observability, normality, and relative observability. The classical concepts address a synthesis problem under a fixed observation alphabet: given a plant, a specification, and a predetermined set of observable events ${\Sigma }_o$, these properties determine whether a supervisor exists, which can achieve the control objective under partial observation. In contrast, our work touches upon a fundamentally different design and optimization problem. We start from an existing supremal supervisor $SUPER$, which is synthesized under full observation, and aim to minimize the observation alphabet while preserving its control behavior. The constraints in our formulation are therefore not derived from abstract language admissibility conditions, but directly from the structural requirements of the given supervisor $SUPER$. Specifically, they arise from the need to distinguish its t-enabled states from its t-disabled states, and from the intrinsic observability requirements imposed by its cyclic behavior. Moreover, our approach is designed to strike an optimal balance between minimizing observation cost by reducing the number of observable events and maintaining control performance by ensuring that the supervisor continues to meet its original control objectives even after reducing the observation alphabet. This shift from analysis to design, and from language properties to supervisor-specific structural constraints, constitutes the core conceptual novelty of our approach.

Previous work has been done on the reduction of the states of a supervisor. The equivalent relation between different states in the supervisor with respect to the plant is formulated. Then, the equivalent states can be combined into one state. The state reduction approach can greatly reduce the structure of the supervisor. However, it does not consider minimizing the number of events. Our experimental results show that the minimal number of states does not mean the minimal number of events. In contrast, the formulation presented in this section generalizes prior approaches to observation minimization by offering a systematic and optimal solution for selecting observable events. Unlike traditional heuristic or combinatorial methods, our approach ensures control equivalence with the original supervisor while minimizing the number of observable events through a linear programming formulation. In this section, we first formulate the computation of a minimal observation event set as a linear programming problem by characterizing the events that must be observed to preserve the control decisions of a given supervisor under partial observation, which generalizes prior approaches to observation minimization by offering a systematic and optimal solution for selecting observable events, unlike traditional heuristic or combinatorial methods. This formulation, termed Minimal-Observation Programming (MOP), is detailed in Section 3.1. Based on the resulting observation set, we then present a systematic procedure to construct an executable event-minimal supervisor that maintains the original control behavior.

3.1. Computation of the Events Need to Be Observed ${\Sigma }_V$

Before introducing the observation design problem, it is necessary to clarify the notion of equivalence between supervisors, which serves as the behavioral criterion throughout this paper. Since the objective is not to synthesize a new supervisor but to simplify the implementation of an existing one under partial observation, we require that the simplified supervisor preserves the control decisions of the original supervisor.

Definition 1 

(Control equivalence). Let $G=(Q,\Sigma ,\delta ,q_0,Q_m)$ be a plant, and $S_1= (Q_1,$$\Sigma ,{\delta }_1,q_{1,0},Q_{1,m})$ and $S_2=(Q_2,\Sigma ,{\delta }_2,q_{2,0},Q_{2,m})$ be two supervisors of G. Supervisors $S_1$ and $S_2$ are said to be control equivalent with respect to G if

$$L\left(G\right)\cap L\left(S_1\right)=L\left(G\right)\cap L\left(S_2\right),$$

(2)

$$L_m\left(G\right)\cap L_m\left(S_1\right)=L_m\left(G\right)\cap L_m\left(S_2\right).$$

(3)

Control equivalence ensures that the two supervisors impose identical restrictions on the plant behavior and generate the same marked closed-loop language, even though their internal structures, state spaces, or information patterns may differ. This notion is widely adopted in SCT and forms the basis for supervisor reduction and abstraction techniques.

In this paper, control equivalence is used as the fundamental correctness criterion for observation design. To achieve this, we focus on preserving the disabling behavior of controllable events, which leads to the notions of event-enabled and event-disabled states and the associated distinguishability requirements developed in the following sections.

For each event ${\sigma }_j\in \Sigma$, we introduce a binary decision variable $f_j\in \{0,1\}$, where $f_j=1$ indicates that ${\sigma }_j$ is included in the observation set, and $f_j=0$ otherwise. Then, an objective function can be used to minimize the number of events to be observed, as shown below:

$$min\underset{{\sigma }_j\in \Sigma }{\Sigma }{f}_j$$

(4)

The solution of $f_j$ ’s indicates a partial observation of a supervisor. Let $P:\Sigma \to {\Sigma }^{\prime }$ be a projection with ${\Sigma }^{\prime }=\{s_j\in \Sigma |f_j=1\}$. Let $SUPER$ and $SIMSUPER$ be the supervisor and the minimal observation supervisor of G, respectively. Then, the simplified supervisor $SIMSUPER$ can be considered as $SIMSUPER=P\left(SUPER\right)$. For the constraints to ensure the equivalence of the obtained supervisor, we will consider it from the viewpoint of disabling actions. Let s be a string in $L\left(SUPER\right)$. If there exists $\sigma \in \Sigma$ such that $s\sigma \in L\left(G\right)$ and $s\sigma \notin L\left(SUPER\right)$, then $\sigma$ should be disabled after s. Meanwhile, for each $s^{\prime }\in L\left(SUPER\right)$ with $s^{\prime }\sigma \in L\left(G\right)$ and $s^{\prime }\sigma \in L\left(SUPER\right)$, $\sigma$ should not be disabled after $s^{\prime }$. In this case, the supervisor must identify the two strings, i.e., $P\left(s\right)\ne P\left(s^{\prime }\right)$.

Definition 2 

(Observation distinguishability). Let $P:{\Sigma }^{*}\to {{\Sigma }^{\prime }}^{*}$ be a projection. Two strings $s,s^{\prime }\in {\Sigma }^{*}$ are said to be distinguishable under P if $P\left(s\right)\ne P\left(s^{\prime }\right)$.

Observation distinguishability provides the basic mechanism for ensuring that different control decisions remain separable after projection.

Let $G=(Q,\Sigma ,\delta ,q_0,Q_m)$ be a DES and $SUPER$ the supervisor of G. At the initial state $q_0$, once $s(s\in L(SUPER\left)\right)$ occurs, the system reaches a new state q. If $st\in L\left(G\right)$ and $st\in L\left(SUPER\right)$, t is enabled at state q. Then q is called a t-enabled state. Otherwise, q is called a t-disabled state.

Definition 3 

(Event-enabled (disabled) states). Given a plant $G=(Q,\Sigma ,\delta ,$$q_0,Q_m)$ and a supervisor $SUPER=(Q_S,{\Sigma }_S,{\delta }_S,q_S^0,Q_S^m)$ with ${\Sigma }_S\subseteq \Sigma$, for an event $t\in \Sigma$, we define the following:

• The set of t-enabled states, denoted by $Q_{E_t}$, as $Q_{E_t}=\{q\in Q|\delta (q_0,s)=q\wedge st\in L\left(G\right)\wedge st\in L\left(SUPER\right)\}$;
• The set of t-disabled states (enabled in the plant and disabled by the supervisor), denoted by $Q_{D_t}$, as $Q_{D_t}=\{q\in Q|\delta (q_0,s)=q\wedge st\in L\left(G\right)\wedge st\notin L\left(SUPER\right)\}$.

Example 4. 

Consider the plant $G_1$ and the supervisor $S_1$ introduced above, where $S_1$ disables event b at state 2 of $G_1$. Let $t=b$. By Definition 3, event b is enabled at state 3 both in the plant and under the supervisor, while it is enabled in the plant but disabled by the supervisor at state 2. Therefore, the sets of b-enabled and b-disabled states are given by $Q_{E_b}=\left\{3\right\}$ and $Q_{D_b}=\left\{2\right\}$.

Based on Definition 3, Algorithm 1 provides a computational procedure to enumerate the sets $Q_{E_t}$ and $Q_{D_t}$ for each controllable event t.

Algorithm 1 Computation of the set of t-enabled states $Q_{E_t}$ and the set of t-disabled states $Q_{D_t}$.

1: Input: A DES $G=(Q,\Sigma ,\delta ,q_0,Q_m)$, a supervisor $SUPER=(Q_S,{\Sigma }_S,{\delta }_S,q_S^0,Q_S^m)$, and an event t. 2: Output: Set of t-enabled states $Q_{E_t}$ and the set of t-disabled states $Q_{D_t}$. 3: $Q_{E_t}:=\varnothing ,Q_{D_t}:=\varnothing$; 4: $\delta (q_0,s)=q,(s\in \Sigma )$; 5: for each event $t_i\in \Sigma$ do 6:    if $st\in L\left(G\right)\wedge st\in L\left(SUPER\right)$ then 7:       $Q_{E_t}:=Q_{E_t}\cup \left\{q\right\}$; 8:    else 9:       $Q_{D_t}:=Q_{D_t}\cup \left\{q\right\}$; 10:   end if 11: end for

While control equivalence characterizes behavioral equivalence at the language level, it does not directly lend itself to computational verification under partial observation. To bridge this gap, we introduce the notion of decision consistency, which captures an event-wise sufficient condition for preserving control equivalence.

Definition 4 

(Decision consistency). Let $SUPER$ be a supervisor of G and P be a projection. The supervisor $SIMSUPER=P\left(SUPER\right)$ is said to be decision-consistent with $SUPER$ if for all $s,s^{\prime }\in L\left(SUPER\right)$, for all $t\in {\Sigma }_c$,

$$st\in L\left(G\right)\cap L\left(SUPER\right)\wedge s^{\prime }t\in L\left(G\right)\setminus L\left(SUPER\right)\Rightarrow P\left(s\right)\ne P\left(s^{\prime }\right).$$

The following theorem characterizes a necessary condition implied by Definition 4 in terms of distinguishability between t-enabled and t-disabled states.

Theorem 1. 

Let $t\in {\Sigma }_c$, $q_e\in Q_{E_t}$, and $q_d\in Q_{D_t}$. Let $s_e,s_d\in {\Sigma }^{*}$ be two strings such that $\delta (q_0,s_e)=q_e$ and $\delta (q_0,s_d)=q_d$. If $SIMSUPER=P\left(SUPER\right)$ is decision-consistent with $SUPER$, then $P\left(s_e\right)\ne P\left(s_d\right)$.

Proof. 

Assume, for contradiction, that $P\left(s_e\right)=P\left(s_d\right)$. By definition, $q_e\in Q_{E_t}$ implies $s_{e}t\in L\left(G\right)\cap L\left(SUPER\right)$, and $q_d\in Q_{D_t}$ implies $s_{d}t\in L\left(G\right)\setminus L\left(SUPER\right)$. Since $SIMSUPER$ is decision-consistent with $SUPER$, by Definition 4 we have $P\left(s_e\right)\ne P\left(s_d\right)$. This contradicts the assumption $P\left(s_e\right)=P\left(s_d\right)$, i.e., $P\left(s_e\right)\ne P\left(s_d\right)$ holds.    □

For each state $q_i\in Q_{E_{t_i}}$, let $\sigma \left(q_i\right)=\{s\in {\Sigma }^{*}\mid \delta (q_0,s)=q_i\}$ be the set of event sequences reaching $q_i$ from the initial state. Each such sequence s is represented by its Parikh vector $\pi \left(s\right)\in {\mathbb{N}}^m$, whose components count the occurrences of events in $\Sigma$ along s. Applying the observation projection yields a vector representation associated with $q_i$, denoted by $E_{t_i}$. Similarly, each state $q_i\in Q_{D_{t_i}}$ is associated with a vector $D_{t_i}$ constructed in the same manner. In other words, $E_t$ and $D_t$ are the concrete realizations of the sets $Q_{E_t}$ and $Q_{D_t}$, representing the actual event-enabled and event-disabled states in the system, respectively.

In addition to pairwise distinguishability between enabled and disabled states, cyclic structures in the supervisor impose intrinsic observability requirements.

Definition 5  

(Supervisor circle and Event-enabled circle). Given a supremal supervisor $S=(Q^S,{\Sigma }^S,{\delta }^S,q_0^S,Q_m^S)$,

1. 

A supervisor circle is a tuple $C=(Q^C,{\Sigma }^C,{\delta }^C)$, where:

• $Q^C\subseteq Q^S$ is a nonempty set of supervisor states,
• ${\Sigma }^C\subseteq {\Sigma }^S$ is a set of events,
• ${\delta }^C:Q^C\times {\Sigma }^C\to Q^C$ is a partial transition function such that the directed graph $(Q^C,{\delta }^C)$ contains at least one directed cycle, i.e., there exist states $q_1,\dots ,q_k\in Q^C(k\ge 1)$ and events ${\sigma }_1,\dots ,{\sigma }_k\in {\Sigma }^C$ such that ${\delta }^C(q_i,{\sigma }_i)=q_{i+1}(i=1,\dots ,k-1)$ and ${\delta }^C(q_k,{\sigma }_k)=q_1$.

2. 

Let $C=(Q^C,{\Sigma }^C,{\delta }^C)$ be a supervisor circle. If $t\in {\Sigma }^C$ and for every state $q\in Q^C$, event t is enabled at q in S (i.e., $q\in Q_{E_t}$), then C is called a t-enabled circle, denoted by $C_t$. The set of all t-enabled circles is denoted by ${\mathcal{C}}_t$.

Example 5. 

Consider the supervisor $S_1$ introduced above. With respect to event a, there exist two a-enabled supervisor circles. The first one is given by $C_1=(Q^{C_1},{\Sigma }^{C_1},{\delta }^{C_1})$ with $Q^{C_1}=\{2,3\}$, where the cycle $2\stackrel{a}{\to }3\stackrel{b}{\to }2$ is contained in $S_1$, and event a is enabled at both states. The second one is given by $C_2=(Q^{C_2},{\Sigma }^{C_2},{\delta }^{C_2})$ with $Q^{C_2}=\{1,2,3\}$, where the cycle $1\stackrel{d}{\to }2\stackrel{a}{\to }3\stackrel{a}{\to }1$ is contained in $S_1$, and event a is enabled at all states in $Q^{C_2}$. Hence, ${\mathcal{C}}_a=\{C_1,C_2\}$. With respect to event b, the circle $C_1$ is not b-enabled since b is disabled at state 2, and the circle $C_2$ is not b-enabled since $b\notin {\Sigma }^{C_2}$. Therefore, there is no b-enabled circle in $S_1$, i.e., ${\mathcal{C}}_b=\varnothing$.

Event-enabled circles capture cyclic behaviors in which different event sequences reach the same supervisor state while differing only by internal loops, thereby imposing intrinsic observability requirements under partial observation.

Given an event t, consider a t-enabled circle $C_t=(Q^C,{\Sigma }^C,{\delta }^C)$ defined in Definition 5. By definition, for any state $q\in Q^C$, there exists a string $s\in L\left(SUPER\right)$ such that ${\delta }^S(q_0^S,s)=q$, ${\delta }^S(q,t)!$, and ${\delta }^S(q,tw)=q$ for some $w\in {\Sigma }^{*}$. Hence, two strings s and $s^{\prime }=stw$ reach the same supervisor state but differ by the occurrence of the events along the t-enabled circle.

Theorem 2. 

Let $C_t=(Q^C,{\Sigma }^C,{\delta }^C)$ be a t-enabled circle of $SUPER$ and P a projection. If $SIMSUPER=P\left(SUPER\right)$ is decision-consistent, then ${\sum }_{{\sigma }_j\in {\Sigma }^C}{f}_j\ge 1$, where $f_j\in \{0,1\}$.

Proof. 

The proof relies on the concept of decision consistency (Definition 4) under projection P. The key idea is to ensure that control-decision-inconsistent states are distinguishable under partial observation, which is the core of the event-enabled circles concept.

By Definition 5, we consider two states s and $s^{\prime }$ in $L\left(SUPER\right)$ such that $s^{\prime }=s·w$ for some $w\in {\left({\Sigma }^C\right)}^{*}$, and both states lead to the same supervisor state $q\in Q^C$. If ${\sum }_{{\sigma }_j\in {\Sigma }^C}{f}_j=0$, it implies that the projection $P\left(s\right)=P\left(s^{\prime }\right)$, i.e., all events in ${\Sigma }^C$ are erased. This results in a loss of distinguishability, which contradicts the decision consistency requirement of the reduced supervisor.

For decision consistency (Definition 4), the supervisor must distinguish between any state s and $s^{\prime }$, where t is enabled after s but disabled after $s^{\prime }$. The circle structure can introduce ambiguity if subsequent controllable events behave differently along the circle, resulting in indistinguishability of states.

Thus, to ensure that decision consistency is maintained under projection P, at least one event in ${\Sigma }^C$ must be observed. This leads to the inequality

$$\sum _{{\sigma }_j\in {\Sigma }^C}{f}_j\ge 1,$$

which ensures that the necessary observability condition is met to preserve control equivalence.    □

To guarantee the equivalence between the original supervisor $SUPER$ and the simplified supervisor $SIMSUPER=P\left(SUPER\right)$ under partial observation, the two event sequences associated with an enabled and a disabled state must remain distinguishable after projection. To transform this distinguishability requirement into linear constraints, the Parikh vector representation introduced above is combined with the binary observation vector $f={[f_1,\dots ,f_m]}^T$. Specifically, for an event sequence s, the projected representation is given by $P\pi \left(s\right)=\pi \left(s\right)·f$. Then this condition is equivalent to $\pi \left(tw\right)·f\ne 0$. In this step, $s=\sigma \left(q_i\right)$ represents the event sequence associated with state $q_i$. The projection function P is applied to the result of $\pi \left(s\right)$, where $\pi$ maps event sequences to their corresponding observable sequences. This projection ensures that we are working with observable events in the system, which is critical for maintaining decision consistency under partial observation. The resulting $V_i$ is the projected event sequence corresponding to state $q_i$.

Lemma 1. 

If $\pi \left(P\left(s_1\right)\right)\ne \pi \left(P\left(s_2\right)\right)$, then $s_1$ and $s_2$ are distinguishable by projection, i.e., $P\left(s_1\sigma \right)\ne P\left(s_2\sigma \right)$ for some event σ; otherwise, if $\pi \left(P\left(s_1\right)\right)=\pi \left(P\left(s_2\right)\right)$, they may not be distinguishable by projection.

Proof. 

If $\pi \left(P\left(s_1\right)\right)\ne \pi \left(P\left(s_2\right)\right)$, it means that the frequencies of at least one event in $s_1$ and $s_2$ differ. Since the projection function P is based on these frequencies, the projections of $s_1$ and $s_2$ onto the observation set must differ, which implies that there exists an observable event $\sigma$ such that $P\left(s_1\sigma \right)\ne P\left(s_2\sigma \right)$, meaning that $s_1$ and $s_2$ are distinguishable by projection. On the other hand, if $\pi \left(P\left(s_1\right)\right)=\pi \left(P\left(s_2\right)\right)$, the two sequences have identical event frequencies, but Parikh vectors do not account for the order of events. Therefore, even though the frequencies are the same, $s_1$ and $s_2$ could still differ in their event sequence order and produce the same projection for all observable events. In this case, $P\left(s_1\sigma \right)=P\left(s_2\sigma \right)$ for all $\sigma$, and thus they may not be distinguishable by projection.    □

In a general DES, if the Parikh vectors of two strings are different, the strings must be distinct. Specifically, if $\pi \left(P\left(s_1\right)\right)\ne \pi \left(P\left(s_2\right)\right)$, we have $s_1\ne s_2$, as the Parikh vector captures the frequency of events, and a difference in frequencies implies that the event sequences differ structurally. However, it is important to note that the difference in event sequences does not necessarily indicate that the states reached by the sequences are different. In certain cases, two distinct event sequences can lead to the same control state, particularly in the context of event reduction and projection.

Thus, we present Lemma  1 as a sufficient condition in our projection-based event simplification method. The projection ensures that $Q_{E_t}$ and $Q_{D_t}$ can be distinguished, which ultimately maintains control consistency and guarantees control equivalence. This approach allows for the reduction of the event set while preserving the necessary control behavior of the system.

Since $\pi \left(tw\right)$ has nonzero components only on the events contained in the circle, the above condition can be expressed as the following linear constraint:

$$\sum _{{\sigma }_j\in {\Sigma }^C}{f}_j\ge 1.$$

Therefore, at least one event belonging to the t-enabled circle must be observed in order to preserve the disabling behavior of the supervisor under partial observation.

To preserve the control behavior of the optimal supervisor, the enabling and disabling conditions for each controllable event $t_i$ must be mutually exclusive. That is, the sets of $t_i$-enabled and $t_i$-disabled state representations must satisfy

$$E_{t_i}\cap D_{t_i}=\varnothing .$$

This condition ensures that an event $t_i$ is never disabled at any state where it should be enabled, and vice versa.

Let $e\in E_{t_i}$ and $d\in D_{t_i}$ be the vector representations of a $t_i$-enabled state and a $t_i$-disabled state, respectively. The nonintersection condition $e\ne d$ is equivalently expressed as the requirement that their projected values under the observation vector $f={[f_1,f_2,\dots ,f_m]}^T$ be different, i.e.,

$$e·f\ne d·f$$

(5)

The pair of inequalities enforces $e·f\ne d·f$ for any $t_i$-enabled and $t_i$-disabled state representations, thereby guaranteeing that $E_{t_i}\cap D_{t_i}=\varnothing$ under the chosen observation pattern. Consequently, the enabling and disabling decisions for event $t_i$ are preserved after projection.

Theorem 3. 

Let $E_t$ and $D_t$ be the sets of vectors constructed from $Q_{E_t}$ and $Q_{D_t}$, respectively. Then the projection P preserves the decision consistency of $SUPER$ with respect to event t iff $e·f\ne d·f$ for all $e\in E_t$ and $d\in D_t$.

Proof. 

The proof is divided into two parts.

1.

Assume $e·f\ne d·f$ for all $e\in E_t$ and $d\in D_t$. Consider any $s,s^{\prime }\in L\left(SUPER\right)$ such that $st\in L\left(G\right)\cap L\left(SUPER\right)$ and $s^{\prime }t\in L\left(G\right)\setminus L\left(SUPER\right)$. Let $q=\delta (q_0,s)$ and $q^{\prime }=\delta (q_0,s^{\prime })$. Then one has $q\in Q_{E_i}$ and $q^{\prime }\in Q_{D_i}$. By construction, there exist vectors $e\in E_t$ and $d\in D_t$ with $e=P\pi \left(s\right)$ and $d=P\pi \left(s^{\prime }\right)$. Since $e·f\ne d·f$, we have $P\pi \left(s\right)\ne P\pi \left(s^{\prime }\right)$, implying $P\left(s\right)\ne P\left(s^{\prime }\right)$. Thus, $SIMSUPER=P\left(SUPER\right)$ satisfies Definition 4 for event t, i.e., it is decision-consistent.

2.

Assume that $SIMSUPER$ is decision-consistent for event t, but (for contradiction) there exist $e\in E_t$ and $d\in D_t$ such that $e·f=d·f$. Let $s,s^{\prime }\in L\left(SUPER\right)$ correspond to e and d, respectively, with $\delta (q_0,s)=q\in Q_{E_i}$ and $\delta (q_0,s^{\prime })=q^{\prime }\in Q_{D_i}$. Then $P\pi \left(s\right)=e·f=d·f=P\pi \left(s^{\prime }\right)$, implying $P\left(s\right)=P\left(s^{\prime }\right)$. However, since q is t-enabled and $q^{\prime }$ is t-disabled, we have $st\in L\left(G\right)\cap L\left(SUPER\right)$ and $s^{\prime }t\in L\left(G\right)\setminus L\left(SUPER\right)$. By Definition 4, decision consistency requires $P\left(s\right)\ne P\left(s^{\prime }\right)$, which contradicts $P\left(s\right)=P\left(s^{\prime }\right)$. Hence, $e·f\ne d·f$ must hold for all such pairs.

   □

This theorem establishes that the pairwise distinguishability of t-enabled and t-disabled state representations (encoded by $e·f\ne d·f$) is both necessary and sufficient for preserving decision consistency under partial observation.

For condition (5), we now introduce a pair of inequalities to guarantee that for each $e\in E_{t_i}$ and $d\in D_{t_i}$, their projections are distinguishable:

$$\left\{\begin{array}{c}e·f\ge d·f+1\hfill \\ e·f\le d·f-1\hfill \end{array}\right.$$

(6)

To incorporate this disjunctive condition into a linear programming framework, a binary auxiliary variable $y_{e,d}\in \{0,1\}$ is introduced, and the above inequality is reformulated using a standard Big-Q linearization as

$$\left\{\begin{array}{c}e·f\ge d·f+1-Q·y_{e,d}\hfill \\ e·f\le d·f-1+Q·(1-y_{e,d})\hfill \end{array}\right.$$

(7)

for all $e\in E_{t_i}$ and $d\in D_{t_i}$, where $Q > 0$ is a sufficiently large constant (Big-Q parameter). The Big-Q linearization technique is used here to convert the disjunctive condition into a linear form by introducing a binary variable $y_{e,d}$. The large constant Q ensures that the disjunction is satisfied when $y_{e,d}=1$ and enforces the inequality when $y_{e,d}=0$, thus maintaining the correct control decision consistency.

Based on the preceding analysis, we now formalize the observation minimization problem as a Mixed-Integer Linear Programming (MILP) problem, which is termed the Minimal-Observation Programming (MOP) problem:

$$\begin{array}{cc}\hfill \underset{f,y_{e,d}}{min}& \sum _{j=1}^{|\Sigma |}{f}_j\hfill \\ \hfill \mathrm{subject}\mathrm{to}& e·f\ge d·f+1-Q·y_{e,d},\hfill \end{array}$$

(8)

$$\begin{array}{cc}\hfill & \forall e\in E_t,\forall d\in D_t,\forall t\in {\Sigma }_c\hfill \\ \hfill & e·f\le d·f-1+Q·(1-y_{e,d}),\hfill \end{array}$$

(9)

$$\begin{array}{cc}\hfill & \forall e\in E_t,\forall d\in D_t,\forall t\in {\Sigma }_c\hfill \end{array}$$

(10)

$$\begin{array}{cc}\hfill & \sum _{{\sigma }_j\in {\Sigma }^C}{f}_j\ge 1,\forall t\in {\Sigma }_c,\forall C\in {\mathcal{C}}_t\hfill \end{array}$$

(11)

$$\begin{array}{cc}\hfill & f_j\in \{0,1\},j=1,\dots ,|\Sigma |\hfill \end{array}$$

(12)

$$\begin{array}{cc}\hfill & y_{e,d}\in \{0,1\},\forall e\in E_t,\forall d\in D_t,\forall t\in {\Sigma }_c\hfill \end{array}$$

(13)

where $Q>0$ is a sufficiently large constant (Big-Q parameter). The optimal solution $f^{*}={[f_1^{*},\dots ,f_{|\Sigma |}^{*}]}^T$ directly defines the minimal observation event set ${\Sigma }_V=\{{\sigma }_j\in \Sigma \mid f_j^{*}=1\}$.

Theorem 4. 

Let $\Sigma$ be the event set of a DES. The Minimal-Observation Programming (MOP) problem defined by (8)–(13) always has a feasible solution.

Proof. 

Choose $f_j=1$ for all $j=1,\dots ,|\Sigma |$ and any $y\in \{0,1\}$. Under this choice, the projection P becomes the identity map. For any $e\in E_t$ and $d\in D_t$, we have $e·f={\sum }_j{e}_j$ and $d·f={\sum }_j{d}_j$. Since $E_t$ and $D_t$ are constructed to be disjoint with distinct vector representations, $e·f\ne d·f$ holds. A sufficiently large constant Q ensures that the big-Q constraints (9)–(10) are satisfied for a suitable choice of $y_{e,d}$ (e.g., $y_{e,d}=0$ when $e·f>d·f$). Moreover, for any t-enabled circle $C_t$, ${\sum }_{{\sigma }_j\in {\Sigma }^C}{f}_j=\left|{\Sigma }^C\right|\ge 1$, which satisfies (11). Thus, $f=1$ satisfies all constraints and is a feasible solution to the MOP problem.    □

Thus, the MOP problem is always solvable, providing a sound mathematical foundation for the subsequent computation of the minimal observation event set. The MOP formulation provides a complete mathematical characterization of the observation minimization problem. Its solution yields the minimal set of events that must be observed to preserve the supervisor’s disabling decisions under partial observation.

We now establish that solving the MOP problem indeed guarantees control equivalence between the original supervisor and the projected supervisor obtained from the minimal observation set.

In the MOP framework, the computational complexity is primarily determined by the number of variables and constraints. The main variables are $f_j$, binary variables for each event in the observation set $\Sigma$, leading to $|\Sigma |$ variables. Additionally, for each pair of e and d vectors (representing t-enabled and t-disabled states, respectively), a binary variable $y_{e,d}$ is introduced, resulting in ${\displaystyle \sum _{t\in {\Sigma }_c}}|E_t|·|D_t|$ variables. Therefore, the total number of variables is approximately $|\Sigma |+{\displaystyle \sum _{t\in {\Sigma }_c}}|E_t|·|D_t|$. The constraints include linear constraints for each $y_{e,d}$ variable, i.e., Equations (9) and (10), leading to $2\times {\displaystyle \sum _{t\in {\Sigma }_c}}|E_t|·|D_t|$ constraints, and additional decision consistency and structural observability constraints for each t-enabled circle, i.e., Equation (11), add another ${\displaystyle \sum _{t\in {\Sigma }_c}}|{\mathcal{C}}_t|$ constraints. As a result, the total number of constraints is $2\times {\displaystyle \sum _{t\in {\Sigma }_c}}|E_t|·|D_t|+|{\mathcal{C}}_t|$.

Since the problem is formulated as an MILP, it is inherently NP-hard. This complexity arises from the combinatorial nature of the decision variables and the constraints involved in selecting the minimal observation set while preserving control equivalence. As the size of the event set $|\Sigma |$ grows, both the number of variables and constraints increase quadratically, resulting in exponential growth in computational effort. Consequently, the MOP problem belongs to the NP-hard class, indicating that it cannot be solved optimally in polynomial time in the input size.

Theorem 5. 

Let $G=(Q,\Sigma ,\delta ,q_0,Q_m)$ be a plant and $\mathit{SUPER}$ be a (nonblocking) supervisor of G. Let $f^{*}$ be an optimal solution to the MOP problem, define the projection $P:{\Sigma }^{*}\to {\Sigma }_V^{*}$ with ${\Sigma }_V=\{{\sigma }_j\mid f_j^{*}=1\}$, and let $\mathit{SIMSUPER}:=P\left(\mathit{SUPER}\right)$. Assume that for every controllable event $t\in {\Sigma }_c$, the sets $E_t$ and $D_t$ are constructed such that each t-enabled and t-disabled reachable state of $\mathit{SUPER}$ is represented by at least one event sequence. Then $\mathit{SIMSUPER}$ is control equivalent to $\mathit{SUPER}$ with respect to G.

Proof. 

We will show that $SIMSUPER$ preserves the disabling behavior of $SUPER$ for all controllable events, which implies control equivalence. The key step is to clarify the role of representation completeness in ensuring that all reachable states, whether t-enabled or t-disabled, are represented in the corresponding vector sets $E_t$ and $D_t$, respectively.

Consider any reachable event sequence $s\in L\left(G\right)$. If $s\notin L\left(SUPER\right)$, then both $SUPER$ and $SIMSUPER$ reject s, and no control decision is involved. Hence, consider $s\in L\left(SUPER\right)$ and any controllable event $t\in {\Sigma }_c$ such that $st\in L\left(G\right)$, we have two cases.

• Case 1: If $st\in L\left(SUPER\right)$, then t is enabled by $SUPER$ after s, and the state reached by s belongs to $Q_{E_t}$.
• Case 2: If $st\notin L\left(SUPER\right)$, then the reached state belongs to $Q_{D_t}$.

By the assumption stated in the theorem, for every $t\in {\Sigma }_c$, the sets $E_t$ and $D_t$ are constructed such that each t-enabled and t-disabled reachable state of $SUPER$ is represented by at least one event sequence. This ensures representation completeness, meaning that every state is adequately represented by an event sequence in either $E_t$ or $D_t$.

Hence, for the first case, the event sequence s is represented by some vector $e\in E_t$, and for the second case, the event sequence s is represented by some vector $d\in D_t$.

To demonstrate control equivalence, suppose, for contradiction, that $SIMSUPER$ makes a different control decision from $SUPER$ for event t after some observation. Then there must exist two event sequences $s_e,s_d\in L\left(SUPER\right)$ that are indistinguishable under P, i.e., $P\left(s_e\right)=P\left(s_d\right)$, such that t is enabled after $s_e$ but disabled after $s_d$ in $SUPER$.

Let $e\in E_t$ and $d\in D_t$ be the corresponding vectors. Since $P\left(s_e\right)=P\left(s_d\right)$, we have $e·f=d·f$, which contradicts condition (5).

Therefore, no such conflicting pair of event sequences exists, and $SIMSUPER$ issues the same enabling and disabling decisions as $SUPER$ for all controllable events. It follows that

$$L\left(G\right)\cap L\left(SIMSUPER\right)=L\left(G\right)\cap L\left(SUPER\right),$$

$$L_m\left(G\right)\cap L_m\left(SIMSUPER\right)=L_m\left(G\right)\cap L_m\left(SUPER\right),$$

and hence, $SIMSUPER$ is control equivalent to $SUPER$ with respect to G.    □

Based on the MOP formulation, Algorithm 2 provides a systematic procedure for computing the minimal observation event set ${\Sigma }_V$ that preserves the control behavior of the original supervisor under partial observation.

Algorithm 2 Computation of the events to be observed ${\Sigma }_V$.

1: Input: Set of t-enabled states $Q_{E_t}$, the set of t-disabled states $Q_{D_t}$, and the set of t-enabled circles ${\mathcal{C}}_t=\{C_t=(Q^C,{\Sigma }^C,{\delta }^C)\}$; 2: Output: Observation event set ${\Sigma }_V$. 3: $E_t:=\varnothing ,D_t:=\varnothing$; 4: $\sigma \left(q_i\right):=\{s\in {\Sigma }^{*}\mid \delta (q_0,s)=q_i\}$; 5: for each state $q_i\in Q$ do 6:    $\pi \left(\sigma \left(q_i\right)\right)\in {\mathbb{N}}^m$; 7:    $V_i:=P\pi \left(\sigma \left(q_i\right)\right)$; 8:    if $q_i\in Q_{E_t}$ then 9:        $E_t:=E_t\cup \left\{V_i\right\}$; 10:    else if $q_i\in Q_{D_t}$ then 11:       $D_t:=D_t\cup \left\{V_i\right\}$; 12:    end if 13: end for 14: Formulate MOP and solve it; 15: Let $f^{*}$ be the optimal solution; 16: ${\Sigma }_V:=\{{\sigma }_j\in \Sigma \mid f_j^{*}=1\}$; 17: return ${\Sigma }_V$.

Algorithm 2 provides a systematic procedure for computing a minimal observation set that preserves the control behavior of the original supervisor under partial observation. Each reachable supervisor state is first associated with a representative event sequence and encoded by its Parikh vector. After projection, these representations are grouped into the sets $E_t$ and $D_t$, corresponding to t-enabled and t-disabled states, respectively, thereby capturing all observable information relevant to the control decision for event t. The pairwise separation constraints in the MOP formulation, defined by inequalities (9) and (10), ensure that no t-enabled and t-disabled event sequences become indistinguishable under the chosen projection, which guarantees decision consistency. In addition, circle-induced structural constraints, expressed by inequality (11), incorporate observability requirements imposed by t-enabled circles, ensuring that cyclic behaviors do not eliminate necessary distinctions after projection. Together, these constraints define a MOP formulation whose solution yields the observation set ${\Sigma }_V$, which is minimal in cardinality and guarantees control equivalence with the original supervisor.

From a computational standpoint, the effort of Algorithm 2 is dominated by the construction of the vector sets $E_t$ and $D_t$ and by the number of linear constraints generated. For a fixed controllable event t, let $|E_t|$ and $|D_t|$ denote the cardinalities of the vector sets constructed from t-enabled and t-disabled states, respectively. The number of pairwise separation constraints grows proportionally to $|E_t|·|D_t|$, while each t-enabled circle introduces one circle-induced structural constraint. As both $|E_t|$ and $|D_t|$ increase, the number of constraints increases quadratically, impacting the overall complexity of the MILP formulation. Since both quantities are derived from the reachable state space of the supervisor, the resulting MOP problem has finite size and polynomial (in the size of the supervisor) many variables and constraints. Consequently, the MOP problem can be solved using standard mixed-integer linear programming (MILP) solvers.

In practical applications, the MOP approach provides substantial benefits by minimizing the number of observable events, which leads to significant savings in observation time and improved system efficiency, particularly for large-scale systems. This optimization of sensing requirements does not come at the cost of control performance; the supervisor retains its ability to achieve the desired control objectives while ensuring behavioral correctness. By efficiently balancing resource usage and control accuracy, the MOP approach offers both computational efficiency and practical effectiveness, making it a highly valuable tool for supervisory control in real-world scenarios.

3.2. Construction of the Event-Minimal Supervisor

This subsection constructs an event-minimal supervisor based on the minimal observation set ${\Sigma }_V$ obtained in Section 3.1. The objective is to derive an explicit automaton realization that observes only the events in ${\Sigma }_V$ while preserving the control behavior of the original supremal supervisor. The construction is achieved by removing non-observed events and merging supervisor states that become indistinguishable after event removal.

Let $S=(Q_S,{\Sigma }_S,{\delta }_S,q_S^0,Q_S^m)$ be the supremal supervisor synthesized under full observation. Given the minimal observation set ${\Sigma }_V$ computed by Algorithm 2, define the set of removed events as $E:={\Sigma }_S\setminus {\Sigma }_V$. The events in E are not directly observed in the reduced supervisor, while events in ${\Sigma }_V$ remain observable.

To obtain a valid supervisor realization under the reduced observation alphabet, the effect of removing the events in E on the supervisor state structure must be taken into account. For this purpose, we introduce the notion of E-closure.

Definition 6 

(E-closure [2]). Given an automaton $A=(Q,\Sigma ,\delta ,q_0,Q_m)$ and a set of events $E\subseteq \Sigma$, the E-closure of a state set $X\subseteq Q$ is defined as ${\mathrm{cl}}_E\left(X\right)=\{q^{\prime }\in Q\mid \exists q\in X,\exists s\in E^{*},\delta (q,s)=q^{\prime }\}.$ In particular, for a single state $q\in Q$, ${\mathrm{cl}}_E\left(\left\{q\right\}\right)=\{q^{\prime }\in Q\mid \exists s\in E^{*},\delta (q,s)=q^{\prime }\}.$

The E-closure characterizes the reachability among supervisor states induced solely by the removed events. By aggregating states with identical E-closures and retaining only transitions labeled by events in ${\Sigma }_V$, a reduced supervisor can be constructed, which preserves the observable behavior of S. The detailed construction is given in Algorithm 3.

In Algorithm 3, several important steps are involved in constructing the event-minimal supervisor. First, the algorithm defines the reduced set of events ${\Sigma }_{\pi }$ as the minimal observation set ${\Sigma }_V$, which ensures that only the events necessary to preserve the observable behavior of the original supervisor are retained. The set of states in the reduced supervisor is represented by $Q_{\pi }$. Initially, $Q_{\pi }$ is empty, and the algorithm gradually builds it by merging states based on their E-closure. Specifically, $Q^{\prime }$ is used to denote states that might be modified or combined during the construction. When applying the E-closure operation, which groups mutually reachable states under the event sequences consisting only of removed events, new sets of merged states are formed. These new sets are referred to as $Q^{\prime \prime }$ and are added to $Q_{\pi }$, representing the reduced states after merging based on the E-closure. The transition function ${\delta }_{\pi }$ is then defined for the new supervisor, with each transition based on the reduced event set ${\Sigma }_{\pi }$. This merging process, ensured by the E-closure, guarantees that the observable control behavior is preserved while reducing the state space.

Algorithm 3 Construction of the event-minimal supervisor from ${\Sigma }_V$.

1: Input: $G=(Q,\Sigma ,\delta ,q_0,Q_m)$, $S=(Q_S,{\Sigma }_S,{\delta }_S,q_S^0,Q_S^m)$, minimal observation set ${\Sigma }_V$. 2: Output: ${\pi }_E\left(S\right)=(Q_{\pi },{\Sigma }_{\pi },{\delta }_{\pi },q_{\pi }^0,Q_{\pi }^m)$. 3: $E:={\Sigma }_S\setminus {\Sigma }_V$,    ${\Sigma }_{\pi }:={\Sigma }_V$; 4: $Q_{\pi }:=\varnothing ,Q_{\pi }^m:=\varnothing$; 5: ${\mathrm{cl}}_E\left(\left\{q\right\}\right):=\{q^{\prime }\in Q_S\mid \exists s\in E^{*},{\delta }_S(q,s)=q^{\prime }\}$; 6: $q_{\pi }^0:={\mathrm{cl}}_E\left(\left\{q_S^0\right\}\right)$; 7: $Q_{\pi }:=Q_{\pi }\cup \left\{q_{\pi }^0\right\}$; 8: for each $Q^{\prime }\in Q_{\pi }$ and each $\sigma \in {\Sigma }_{\pi }$ do 9:     $Q^{″}:={\mathrm{cl}}_E\left(\{{\delta }_S(q,\sigma )\mid q\in Q_S,{\delta }_S(q,\sigma )!\}\right)$; 10:    ${\delta }_{\pi }(Q^{\prime },\sigma ):=Q^{″}$; 11:    $Q_{\pi }:=Q_{\pi }\cup \left\{Q^{″}\right\}$; 12: end for 13: $Q_{\pi }^m:=\{Q^{\prime }\in Q_{\pi }\mid Q^{\prime }\cap Q_S^m\ne \varnothing \}$; 14: return ${\pi }_E\left(S\right)=(Q_{\pi },{\Sigma }_{\pi },{\delta }_{\pi },q_{\pi }^0,Q_{\pi }^m)$.

Algorithm 3 constructs an event-minimal supervisor by removing all events not contained in the minimal observation set ${\Sigma }_V$ and merging supervisor states via E-closure. Specifically, the reduced event set is fixed to ${\Sigma }_V$, and the states that are mutually reachable through event sequences consisting only of removed events are grouped into a single state in the constructed automaton. This closure-based merging preserves the observable behavior of the original supremal supervisor under the selected observation structure. Moreover, since ${\Sigma }_V$ is computed by Algorithm 2 to preserve decision consistency (and thus control equivalence) for all controllable events, the merging induced by E-closure does not introduce any conflicting control decisions. Consequently, the supervisor ${\pi }_E\left(S\right)$ obtained by Algorithm 3 is control equivalent to the original supervisor while observing only the events in ${\Sigma }_V$.

From a computational perspective, the cost of Algorithm 3 is dominated by the number of reachable E-closures and the construction of the transition relation over ${\Sigma }_V$. In the worst case, computing the E-closure for each macrostate and each event in ${\Sigma }_V$ via reachability search yields a complexity of $O(m^2·n^2)$, where m is the number of supervisor states and n is the total number of events. Each state in $Q_{\pi }$ corresponds to an E-closure of a subset of $Q_S$, and the total number of reachable closures is finite since it is bounded by the reachable state space of the original supervisor. For each constructed state and each event in ${\Sigma }_V$, one transition is generated by computing an E-closure, which can be implemented by a standard reachability search restricted to events in E. Therefore, the construction complexity is polynomial in the size of the original supervisor (in terms of states and transitions), and it does not require solving any additional optimization problems beyond the MILP used to compute ${\Sigma }_V$. This makes the overall framework computationally tractable for practical supervisory control applications. In comparison, the algorithm proposed by Su and Wonham in [18] computes a reduced supervisor with a complexity of $O\left(m^4\right)$. This contrasts with our approach, where the computational complexity primarily depends on the number of pairwise separation constraints and the size of the t-enabled circles, which scales differently and can offer advantages in scalability for large systems.

4. Illustrative Examples

This section provides some experimental results for the application of the proposed approach.

4.1. Example 1

Using the example G taken from [18], we compare the results computed by the proposed approach. A supervisor $SUPER$ for the plant G with ${\Sigma }_c=\{\alpha ,\beta \}$ and ${\Sigma }_{uc}=\{\delta ,\gamma \}$ shown in Figure 3, is a supremal supervisor for G, shown in Figure 4. We can find a proper supervisor $SUPER$ by the TCT procedure supcon when G and $SPEC$ are known, i.e., SUPER = supcon(G,SPEC). The proposed reduction method supreduce utilizes heuristic search to find a suitable congruence relation within the state set of SUPER. The syntax for computing a simplefied supervisor SIMSUP from SUPER is SUPDAT = condat(G,SUPER), SIMSUP = supreduce(G,SUPER,SUPDAT). SIMSUP1, SIMSUP2, and SIMSUP3, as shown in Figure 4 are different simplified supervisors obtained by the method of state reduction, which have the minimal number of states. We have ${\Sigma }_{SUPER}={\Sigma }_{SIMSUP1}={\Sigma }_{SIMSUP2}={\Sigma }_{SIMSUP3}=\{\alpha ,\beta ,\delta \}$, and the number of events contained in the event set is 3.

For this system G, the set of t-enabled states $Q_{E_t}$ and the set of t-disabled states $Q_{D_t}$ can be obtained by Algorithm 1. For the event $\alpha$, we have $Q_{E_{\alpha }}=\{q_1,q_2\}$ and $Q_{D_{\alpha }}=\left\{q_3\right\}$. Representative event sequences from the initial state $q_1$ are chosen as $\sigma \left(q_1\right)=\epsilon$, $\sigma \left(q_2\right)=\alpha$, and $\sigma \left(q_3\right)=\beta$. Under the Parikh vector construction with event order $[\alpha ,\beta ,\delta ,\gamma ]$, the corresponding projected vectors are $P\pi \left(\epsilon \right)=0$, $P\pi \left(\alpha \right)={[V_1,0,0,0]}^T$, and $P\pi \left(\beta \right)={[0,V_2,0,0]}^T$. Their corresponding Parikh vectors and projected vectors are summarized in

Table 1. Representative strings and Parikh vectors in Example 1.

State	$\mathit{\sigma }\mathbf{\left(}\mathit{q}\mathbf{\right)}$	$\mathit{\pi }\mathbf{\left(}\mathit{\sigma }\mathbf{\right(}\mathit{q}\mathbf{\left)}\mathbf{\right)}$	$\mathit{P}\mathit{\pi }\mathbf{\left(}\mathit{\sigma }\mathbf{\right(}\mathit{q}\mathbf{\left)}\mathbf{\right)}$
$q_1$	$\epsilon$	${[0,0,0,0]}^T$	0
$q_2$	$\alpha$	${[1,0,0,0]}^T$	${[V_1,0,0,0]}^T$
$q_3$	$\beta$	${[0,1,0,0]}^T$	${[0,V_2,0,0]}^T$

.

To guarantee decision consistency for event $\alpha$, the sets $E_{\alpha }$ and $D_{\alpha }$ must be disjoint. By selecting $e=P\pi \left(\epsilon \right)$ from $Q_{E_{\alpha }}$ and $d=P\pi \left(\beta \right)$ from $Q_{D_{\alpha }}$, the Big-Q constraints in (7) reduce to

$$0\ge f_{\beta }+1-Q{y}_{e,d},0\le f_{\beta }-1+Q(1-y_{e,d}),$$

which implies $f_{\beta }\ge 1$. Hence, event $\beta$ must be observed.

Similarly, for event $\beta$, choosing $e=P\pi \left(\epsilon \right)$ from $Q_{E_{\beta }}$ and $d=P\pi \left(\alpha \right)$ from $Q_{D_{\beta }}$ yields

$$0\ge f_{\alpha }+1-Q{y}_{e,d},0\le f_{\alpha }-1+Q(1-y_{e,d}),$$

which requires $f_{\alpha }\ge 1$. Therefore, event $\alpha$ must also be observed.

Minimizing the objective function ${\sum }_{\sigma \in \Sigma }{f}_{\sigma }$ subject to the above constraints leads to the optimal solution ${\Sigma }_V=\{\alpha ,\beta \}$. Consequently, events $\delta$ and $\gamma$ are not required to be observed.

Given ${\Sigma }_V=\{\alpha ,\beta \}$, Algorithm 3 is applied to construct the event-minimal supervisor. Since the event set of $SUPER$ is ${\Sigma }_S=\{\alpha ,\beta ,\delta \}$, the removed event set is $E=\left\{\delta \right\}$. From Figure 4, the supervisor contains the transition $q_4\stackrel{\delta }{\to }{q}_1$, and thus the E-closure of state $\left\{q_4\right\}$ is ${\mathrm{cl}}_E\left(\left\{q_4\right\}\right)=\{q_1,q_4\}$. The E-closures of states $\left\{q_1\right\}$, $\left\{q_2\right\}$, and $\left\{q_3\right\}$ remain unchanged.

Starting from the initial state $q_{\pi }^0={\mathrm{cl}}_E\left(\left\{q_1\right\}\right)=\left\{q_1\right\}$, Algorithm 3 yields the reachable state set $Q_{\pi }=\left\{\left\{q_1\right\},\left\{q_2\right\},\left\{q_3\right\},\{q_1,q_4\}\right\}$. The resulting supervisor contains four states, and only the observable events $\alpha$ and $\beta$, and the obtained event-minimal supervisor $MINSUP$ is shown in Figure 5.

As illustrated in Figure 4, the supervisors with a minimal number of states can be constructed for the same plant. However, state minimization alone does not explicitly consider the number of observable events. In contrast, the proposed linear programming approach directly optimizes the observation event set and yields a supervisor that requires only two events, $\alpha$ and $\beta$. This example demonstrates that the proposed MOP method can effectively synthesize supervisors with minimal event sets while preserving control equivalence, which highlights its advantage when observation cost is a primary concern.

4.2. Example 2

In the system $P^{\prime }$ shown in Figure 6, which has the supremal supervisor $S^{\prime }$ depicted in Figure 7 and its minimal-state supervisor $SIMSU{P}^{\prime }$ depicted in Figure 8, we can obtain the set of t-enabled states $Q_{E_t}$ and the set of t-disabled states $Q_{D_t}$. For event $t_1$, the sets of $t_1$-enabled $Q_{E_{t_1}}$, and $t_1$-disabled states $Q_{D_{t_1}}$ can be obtained by Algorithm 1, respectively. We have $Q_{E_{t_1}}=\{q_0,q_4,q_9,q_{16}\}$ and $Q_{D_{t_1}}=\{q_2,q_5,q_{10}\}$. For each $q_i\in Q_{E_{t_1}}$, we first need to find the sequence of events from $q_0$ to $q_i$.

Moreover, we have $\sigma \left(q_0\right)=\epsilon$, $\sigma \left(q_4\right)=t_1{t}_2$, $\sigma \left(q_9\right)=t_1{t}_2{t}_3$ and $\sigma \left(q_{16}\right)=t_1{t}_2{t}_3{t}_1{t}_2$. Next, we can find the vectors that represent the number of occurrences of $t_i$ in s as shown in the fourth column of

Table 2. Representative event sequences and corresponding vectors for event $t_1$ in Figure 6.

Set	State q	$\mathit{\sigma }\left(\mathit{q}\right)$	$\mathit{\pi }\left(\mathit{\sigma }\right)$	Projected Vector $\mathit{P}\mathit{\pi }\left(\mathit{\sigma }\right)$
$Q_{E_{t_1}}$	$q_0$	$\epsilon$	${\left[00000000\right]}^T$	$e_{11}=0$
	$q_4$	$t_1{t}_2$	${\left[11000000\right]}^T$	$e_{12}={\left[V_1{V}_{2}000000\right]}^T$
	$q_9$	$t_1{t}_2{t}_3$	${\left[11100000\right]}^T$	$e_{13}={\left[V_1{V}_2{V}_{3}00000\right]}^T$
	$q_{16}$	$t_1{t}_2{t}_3{t}_1{t}_2$	${\left[22100000\right]}^T$	$e_{14}={\left[2V_{1}2V_2{V}_{3}00000\right]}^T$
$Q_{D_{t_1}}$	$q_2$	$t_5$	${\left[00001000\right]}^T$	$d_{11}={\left[0000V_{5}000\right]}^T$
	$q_5$	$t_5{t}_6$	${\left[00001100\right]}^T$	$d_{12}={\left[0000V_5{V}_{6}00\right]}^T$
	$q_{10}$	$t_5{t}_6{t}_5$	${\left[00002100\right]}^T$	$d_{13}={\left[00002V_5{V}_{6}00\right]}^T$

. Then the vectors $e_i(e_i\in E_{t_1})$ can be obtained by $(E_{t_1}=P\pi \left(t\right))$, corresponding to all $t_1$-enabled states $q_i$, which is $e_{11}=0$, $e_{12}={[V_1,V_2,0,0,0,0,0,0]}^T$, $e_{13}={[V_1,V_2,V_3,0,0,0,0,0]}^T$, and $e_{14}={[2V_1,2V_2,V_3,0,0,0,0,0]}^T$. So we have $E_{t_1}=\{e_{11},e_{12},e_{13},e_{14}\}$.

Similarly, we can also obtain some vectors $d_i(d_i\in D_{t_i})$ for each t-disabled state $q_i\in D_{t_i}$ in the same way, for instance, $D_{t_1}=\{d_{11},d_{12},d_{13}\}$, as shown in Table 2.

In the same way, we can obtain $E_{t_3}=\{e_{31},e_{32}\}$ with $e_{31}={[V_1,V_2,0,0,0,0,0,0]}^T$, $e_{32}={[2V_1,2V_2,V_3,0,0,0,0,0]}^T$, $D_{t_3}=\varnothing$, $E_{t_5}=\{e_{51},e_{52},e_{53},e_{54}\}$ with $e_{51}=0$, $e_{52}={[0,0,0,0,V_5,V_6,0,0]}^T$, $e_{53}={[0,0,0,0,V_5,V_6,V_7,0]}^T$, $e_{54}={[0,0,0,0,2V_5,2V_6,V_7,0]}^T$, $D_{t_5}=\{d_{51},d_{52},d_{53}\}$ with $d_{51}={[V_1,0,0,0,0,0,0,0]}^T$, $d_{52}={[V_1,V_2,0,0,0,0,0,0]}^T$, and $d_{53}={[2V_1,V_2,0,0,0,0,0,0]}^T$. As a result, we have $E_{t_7}=\{e_{71},e_{72}\}$ with $d_{71}=[0,0,$$0,0,V_5,V_6{,0,0]}^T$, $d_{72}={[0,0,0,0,2V_5,V_6,0,0]}^T$, and $D_{t_7}=\varnothing$, as shown in

Table 3. Representative event sequences and corresponding vectors for events $t_5$, $t_3$, and $t_7$ in Figure 6.

Set	State q	$\mathit{\sigma }\left(\mathit{q}\right)$	$\mathit{\pi }\left(\mathit{\sigma }\right)$	Projected Vector $\mathit{P}\mathit{\pi }\left(\mathit{\sigma }\right)$
$Q_{E_{t_5}}$	$q_0$	$\epsilon$	${\left[00000000\right]}^T$	$e_{51}=0$
	$q_4$	$t_5{t}_6$	${\left[00001100\right]}^T$	$e_{52}={\left[0000V_5{V}_{6}00\right]}^T$
	$q_9$	$t_5{t}_6{t}_7$	${\left[00001110\right]}^T$	$e_{53}={\left[0000V_5{V}_6{V}_{7}0\right]}^T$
	$q_{16}$	$t_5{t}_6{t}_7{t}_5{t}_6$	${\left[00002210\right]}^T$	$e_{54}={\left[00002V_{5}2V_6{V}_{7}0\right]}^T$
$Q_{D_{t_5}}$	$q_2$	$t_1$	${\left[10000000\right]}^T$	$d_{51}={\left[V_{1}0000000\right]}^T$
	$q_5$	$t_1{t}_2$	${\left[11000000\right]}^T$	$d_{52}={\left[V_1{V}_{2}000000\right]}^T$
	$q_{10}$	$t_1{t}_2{t}_1$	${\left[21000000\right]}^T$	$d_{53}={\left[2V_1{V}_{2}000000\right]}^T$
$Q_{E_{t_3}}$	$q_4$	$t_1{t}_2$	${\left[11000000\right]}^T$	$e_{31}={\left[V_1{V}_{2}000000\right]}^T$
	$q_{16}$	$t_1{t}_2{t}_3{t}_1{t}_2$	${\left[22100000\right]}^T$	$e_{32}={\left[2V_{1}2V_2{V}_{3}00000\right]}^T$
$Q_{E_{t_7}}$	$q_{10}$	$t_5{t}_6$	${\left[00001100\right]}^T$	$e_{71}={\left[0000V_5{V}_{6}00\right]}^T$
	$q_{15}$	$t_5{t}_6{t}_5$	${\left[00002100\right]}^T$	$e_{72}={\left[00002V_5{V}_{6}00\right]}^T$

.

Based on Algorithm 1, the sets of $t_i$-enabled and $t_i$-disabled states are computed for each controllable event. For event $t_1$, the representative event sequences, the corresponding states, and their Parikh and projected vectors are summarized in Table 2. Similarly, the representative vectors for events $t_5$, $t_3$, and $t_7$ are summarized in Table 3.

We first consider event $t_1$. From Table 2, the initial state $q_0$ is $t_1$-enabled and is represented by the projected vector $e_{11}=0$, while state $q_2$ is $t_1$-disabled and is represented by $d_{11}={\left[0000V_{5}000\right]}^T$. To preserve decision consistency, these two representations must be distinguishable, i.e., $e_{11}\ne d_{11}$. Applying the Big-Q separation constraints in Algorithm 2 yields

$$0\ge V_5·f_5+1-Q{y}_{e,d},$$

$$0\le V_5·f_5-1+Q(1-y_{e,d}),$$

which implies $f_5\ge 1$ (hence $t_5$ must be observed). Moreover, the state inequality $q_0\ne q_2$ is also consistent with the event-enabled circle interpretation: in Figure 6, there exists a return structure that makes the two event sequences distinguishable only through the occurrence of events $\{t_6,t_7,t_8\}$ along the corresponding circle segment; therefore, the circle-induced observability constraint further requires

$$f_6+f_7+f_8\ge 1,$$

i.e., at least one event on this circle segment must be observed to prevent the two sequences from becoming indistinguishable under projection.

Then, to ensure $d_{11}\ne e_{12}$, we consider the vector $e_{12}={[V_1,V_2,0,0,0,0,0,0]}^T$ corresponding to state $q_4$, which is reached by the event sequence $\sigma \left(q_4\right)=t_1{t}_2$. Applying the separation constraints in (7) yields:

$$V_5·f_5\ge V_1·f_1+V_2·f_2+1-Q·y_{e,d},$$

$$V_5·f_5\le V_1·f_1+V_2·f_2-1+Q·(1-y_{e,d}).$$

Equivalently (noting $f_j\in \{0,1\}$), feasibility requires that the two projected representations should not coincide, which yields the necessary condition

$$f_1+f_2+f_5\ge 1.$$

Combining the above constraints, the computation for $t_1$ therefore enforces the key requirements $f_5\ge 1$ (from $q_0$ vs. $q_2$), $f_6+f_7+f_8\ge 1$ (from the corresponding event-enabled circle), and $f_1+f_2+f_5\ge 1$ (from $q_4$ vs. $q_2$), which together guarantee that $t_1$ is not disabled at any $t_1$-enabled state in Figure 7.

Next, we apply the same procedure to event $t_5$. From the constructed sets, we have $E_{t_5}=\{e_{51},e_{52},e_{53},e_{54}\}$ and $D_{t_5}=\{d_{51},d_{52},d_{53}\}$, where $e_{51}=0$ corresponds to the initial state $q_0$ reached by $\sigma \left(q_0\right)=\epsilon$, and $d_{51}={[V_1,0,0,0,0,0,0,0]}^T$ corresponds to a representative $t_5$-disabled state reached by an event sequence containing $t_1$ (as listed in Table 2). To guarantee that $t_5$ is not disabled at any $t_5$-enabled state, we enforce $e_{51}\ne d_{51}$ by the Big-Q separation constraints with $y_{e,d}\in \{0,1\}$:

$$e·f\ge d·f+1-Q·y_{e,d},e·f\le d·f-1+Q·(1-y_{e,d}).$$

Substituting $e_{51}=0$ and $d_{51}={[V_1,0,0,0,0,0,0,0]}^T$ yields

$$0\ge V_1·f_1+1-Q·y_{e,d},0\le V_1·f_1-1+Q·(1-y_{e,d}),$$

which implies $f_1\ge 1$; hence, event $t_1$ must be observed. Then, considering the pair $e_{52}=[0,$$0,0,0,V_5,V_6{,0,0]}^T$ and $d_{52}={[V_1,V_2,0,0,0,0,0,0]}^T$ (corresponding to representative states in $Q_{E_{t_5}}$ and $Q_{D_{t_5}}$, respectively), the separation constraints become

$$V_5·f_5+V_6·f_6\ge V_1·f_1+V_2·f_2+1-Q·y_{e,d},$$

$$V_5·f_5+V_6·f_6\le V_1·f_1+V_2·f_2-1+Q·(1-y_{e,d}),$$

which enforces that the projected representations of the event sequences leading to the corresponding $t_5$-enabled and $t_5$-disabled states cannot coincide. In particular, feasibility should be that at least one of the events appearing in these two sequences should be observed, yielding the necessary condition $f_1+f_2+f_5+f_6\ge 1$. Together with the previously obtained constraint $f_5\ge 1$ from the $t_1$ computation, the above inequalities confirm that observing $t_1$ is essential for preserving the supervisor’s disabling behavior with respect to event $t_5$.

Next, we incorporate the constraints induced by event-enabled circles in Figure 6, which further restrict the feasible observation patterns beyond those obtained from the separation conditions for $t_1$ and $t_5$. In the lower branch, the transition $q_{10}\stackrel{t_7}{\to }{q}_{15}$ followed by the uncontrollable return $q_{15}\stackrel{t_{81}}{\to }{q}_2$ forms a $t_7$-enabled circle. According to Definition 5, to preserve distinguishability between the event sequences that differ by the occurrence of this circle, at least one event on the circle must be observed. Since uncontrollable events are not selectable for observation in this example, the circle-induced observability requirement reduces to

$$f_7\ge 1,$$

i.e., event $t_7$ must be observed.

Then, in the upper branch of Figure 6, another event-enabled circle is formed by the sequence $q_0\stackrel{t_1}{\to }{q}_1\stackrel{t_{21}}{\to }{q}_4\stackrel{t_3}{\to }{q}_9\stackrel{t_{41}}{\to }{q}_0$. This cycle is $t_3$-enabled and differentiates the event sequence reaching $q_9$ from the sequence that returns directly to $q_0$ through the uncontrollable event $t_{41}$. To ensure that these two event sequences remain distinguishable under projection, at least one event on this circle must be observed. Since $t_{21}$ and $t_{41}$ are uncontrollable, this requirement implies

$$f_3\ge 1,$$

and hence event $t_3$ must be observed.

Finally, combining the constraints obtained from the separation conditions for events $t_1$ and $t_5$ (namely, $f_5\ge 1$ and $f_1\ge 1$) with the observability requirements induced by the event-enabled circles (i.e., $f_7\ge 1$ and $f_3\ge 1$), we conclude that any feasible observation pattern must include the events $\{t_1,t_3,t_5,t_7\}$. Therefore, minimizing the objective function $min{\sum }_{j=1}^m{f}_j$ yields the optimal observation event set

$${\Sigma }_V=\{t_j\in \Sigma \mid f_j=1\}=\{t_1,t_3,t_5,t_7\}.$$

This event set is minimal in cardinality and guarantees that the projected supervisor preserves the disabling decisions of the original supremal supervisor for all controllable events.

Given the minimal observation event set ${\Sigma }_V=\{t_1,t_3,t_5,t_7\}$, Algorithm 3 is applied to construct the event-minimal supervisor for this example. Specifically, all events not contained in ${\Sigma }_V$ are removed from the supervisor, and supervisor states are merged through E-closure to obtain an executable realization over ${\Sigma }_V$. The resulting supervisor, denoted by $MINSU{P}^{\prime }$, observes only the four events in ${\Sigma }_V$ and is shown in Figure 9. Compared with the state-minimal supervisor, $MINSU{P}^{\prime }$ achieves a significant reduction in the number of observed events while preserving control equivalence with the original supremal supervisor.

The effectiveness of the proposed method is demonstrated through two representative examples. In the first example, the proposed formulation identified the minimal observation set $\{\alpha ,\beta \}$ for a supervisor that had already been reduced to a minimal number of states by existing state-reduction techniques. In the second example, the method further shows its capability to handle more complex structures involving multiple controllable events and event-enabled circles, yielding a minimal observation set $\{t_1,t_3,t_5,t_7\}$. These examples collectively illustrate that state reduction and event reduction address fundamentally different design objectives: while state reduction minimizes the memory complexity of the supervisor, the proposed approach minimizes the sensing and observation requirements. As a result, the two approaches are complementary, and event reduction can achieve additional implementation efficiency even when state-minimal supervisors are already available.

The examples presented in this section illustrate how our approach optimizes the observation alphabet, resulting in a significant reduction in the number of observable events. As a consequence, the number of states involved in the supervisory control also decreases, leading to a simplified state space. This reduction in both observable events and states directly contributes to a decrease in the number of sensors required for effective monitoring. Furthermore, by minimizing the complexity of the observation process, the overall control logic becomes more streamlined and efficient. This simplification makes our method particularly beneficial for applications in large-scale systems, distributed control systems, autonomous vehicles, and smart manufacturing, where reducing sensor deployment and computational complexity is crucial without sacrificing performance or control objectives.

5. Conclusions and Future Work

In this paper, we developed a Minimal-Observation Programming framework for the design of supervisors with minimal observation in DES. Built upon automata theory and SCT, the proposed approach formulates event observation selection as an optimization problem that minimizes the number of observed events while preserving control equivalence with the original supremal supervisor. The formulation systematically generates separation and structure-induced constraints to guarantee decision consistency under partial observation. As demonstrated by the illustrative examples, the proposed Minimal-Observation Programming framework achieves a significant reduction in observation requirements without compromising control performance. Based on the optimal observation event set, Algorithm 3 constructs an event-minimal supervisor through event removal and E-closure-based state merging, yielding an executable realization of the optimized solution.

In future work, we will investigate the minimal implementation cost for supervisory control of DESs by extending the proposed minimal observability framework. In particular, observation costs, sensing constraints, and nonuniform event weights will be incorporated into the optimization formulation. This will enable us to model sensing cost more explicitly, incorporating factors such as hardware, communication, and computational costs into the optimization process. A promising direction is to integrate the proposed mixed-integer linear programming-based event-minimization approach with Petri net models, which offer a natural representation of concurrency, resource sharing, and structural constraints in systems such as manufacturing cells and automated workflows. By combining the observation-minimization framework with structural analysis techniques from Petri nets (e.g., siphon control or monitor-place synthesis), one could co-optimize both the observation alphabet and the supervisor’s structural complexity, leading to more compact and resource-efficient implementations. From a practical perspective, this line of research aims to provide a systematic and cost-aware design methodology for supervisory control systems, with the potential to reduce both hardware and software complexity in large-scale industrial applications, including automated manufacturing systems, intelligent transportation networks, and smart grid management, where observation and implementation resources are critical constraints.