Fault-Adaptive Control Technology

SEC PI Meeting10/00

Fault-Adaptive Control Technology

Gabor KarsaiGautam BiswasSriram NarasimhanTal PasternakGabor PeceliGyula SimonTamas KovacshazyFeng Zhao

ISIS, Vanderbilt University

Technical University of Budapest, Hungary

Xerox PARC

SEC PI Meeting10/00

Objective

Develop and demonstrate FACT tool suiteComponents: Modeling approach Hybrid Diagnosis and Mode Identification

System Discrete Diagnosis and Mode Identification

System Dynamic Control Synthesis System Transient Management System

SEC PI Meeting10/00

Model-based Approach

ModelingEnvironment

ModelDatabase

Run-time Environment•Hybrid/Discrete Diagnostics•Controller selection•Transient management•Run-time platform (OCP)

•Design-time and run-time activities are separated

•Technology target: run-time SW

SEC PI Meeting10/00

What to model?

Plant Model

Nominal Model

Fault Model

Observation Model Control Model

What and how to observe? What and how to control? How sensors and

controllers are related?

SEC PI Meeting10/00

Run-time System Architecture

Reconfigurable Monitoring and Control System

Hybrid Observer

Hybrid Diagnostics

Failure Propagation Diagnostics

Active Model

Controller Selector

Monitor/ Controller

Library

Transient Manager

Reconfiguration Controller

Fault Detector

Tools/components are model-based

EmbeddedModels

EmbeddedModels

SEC PI Meeting10/00

Modeling language summarySystem [plant] models

Physical components and assemblies Aspects:

Structure: hierarchy and interconnectivity Bond graph: quantitative/discrete nominal behavior,

discrepancies Local failures: failure modes, discrepancies,alarms Failure propagations: causal chain of events

Failure models Fine-grain: parametric failures in terms of bond-graph parameters Large-grain: (discrete) failure modes and their functional effects

(discrepancies) Multi-modal behavior

Switched junctions in the bond graph model Discrete modes in failure propagation graphs

Component types and system instances

SEC PI Meeting10/00

Modeling language summary

Functional models Modes contain Capabilities that reference

Parameters in Components

Controller models Hierarchical signal flow blocks

TBD: Sensor/actuator interfaces Controller characterization

Conditions for using a controller architecture

SEC PI Meeting10/00

Continuous behavior is interspersed with discontinuities Discontinuities attributed to

supervisory control and reconfiguration (fast switching) modeling abstractions (parameter & time-scale)

Modeling language based on hybrid bond graphs (Jour. Franklin Inst. ‘97) Bond graphs for energy-based modeling of

continuous behavior Switching junctions model controller and

autonomous jumps systematic principles: piecewise linearization

around operating points & derive transition conditions (CDC’99, HS’00)

Plant modeling: Nominal behaviorDynamic Physical Systems

SEC PI Meeting10/00

Plant modeling: Nominal behaviorExample Hybrid system: Three tank model of a Fuel System

ON

OFF

1,2,3,5,7,8:

soffi soni

R23v

hi = level of fluid in Tank i

Hi = height of connecting pipe

V1 V5Tank 1 Tank 2 Tank 3

h1 h2 h3

H1 H2

H3H4

V2 V3 V4 V6R1 R2

Sf1 Sf2

R12v

R12n

R23n

R23v

h3 <H3

andh4<H4

R12v

C1 C2 C3

R2R12n R23n

7

h3 H3

orh4H4

ON

OFF

h1 H1

orh2H2

ON

OFF

4:

h1 <H1

andh2<H2

13 15

14

Sf1 Sf20 0 01

R1

21

22

2012

8

6

4

3

2111

1412

18

16 17

6:

59

10

11

13

15

16

17

18

23

24

6 controlled junctions (1,2,3,5,7,8)

2 autonomous junctions (4,6)

SEC PI Meeting10/00

GME Model: Three Tank System

SEC PI Meeting10/00

Application example: Fuel System Control for Fighter/Attack Aircraft

P

P

PP

PP

P PLV

LV

IV IV

BP

BP

FM

FM

P Transfer Pump

LV Level Control ValveIV Interconnect Valve

BP Boost PumpFM Flow Meter

Fuel Quantity Sensor

Left Transfer Tank

Right Transfer Tank

Left Wing Tank

Right Wing Tank

Left FeedTank

Right FeedTank

Left Engine

Right Engine

Typical Fuel System Configuration

FEED

INTER-CONNECT

TRANSFER

Problems:•Maintain fuel flow to the engines•Maintain A/C center of gravity•Affected by modes of operation: attack, cruise,take-off, and landing•Compensate for component degradations and failures

SEC PI Meeting10/00

Simplified Fuel System Schematics

PumpTransferTank

FM

Pump

WingTank

Feed Tank Pump

Load(Engine

)

Detailed Model of AC Pump

One Side Only

SEC PI Meeting10/00

Hybrid Bond Graph Model (Simplified Fuel System)

Sfn

TF 0 131

1

Im1

2

RR1

Im2

MGY

a

45

67

8

Bond Graph Fragment: AC Pump

PumpBG Fragment

0

1Imp2

RRp3

CCW

PumpBG Fragment 10

Imp1

RRp1

CCTR

RRp2

0

1R

Rp4

RRp4

RRLoad1

Imp3

CCF

PumpBG Fragment

0 1

Controlled JunctionLevel Control Valve

Fuel System BG: one side

(valves – controlled junctions not shown)

SEC PI Meeting10/00

Plant modeling: Nominal behaviorUsing the Hybrid Bond-Graph

HybridBond-graph

Model

HybridBond-graph

Model

Hybrid AutomataGeneration

HybridAutomata

Model

Hybrid Observer

B z-1 C

A

xk

Xk+1

yk

uk

m3

m1 m2

Mode switching logic

Continuous observer

System Generation

SEC PI Meeting10/00

Plant modeling: Nominal behaviorImplementation of the hybrid observer

EmbeddedHybrid

Bond-graphModel

EmbeddedHybrid

Bond-graphModel

Generate CurrentState-Space Model

(A,B,C,D)

RecalculateExtended Kalman Filter

Extended Kalman FilterExtended

Kalman Filter

uk,yk Xk

Calculate: transition conditions,

next states

On-line Hybrid Observer

Mode change

Detector

Not necessary to pre-calculate all the modes, only the immediate follow-up modes are needed.

High-level Mode

(Switch settings)

Implement continuous +

switching behavior

SEC PI Meeting10/00

Plant modeling: Nominal behaviorHybrid Observer: Tracking tank levels through mode changes

Mode 1: 0 t 10: Filling tanks v1, v3, & v4 open, v2, v5, & v6: closed

Mode 2: 10 t 20: Draining tanksv2, v3, v4, & v6 open, v1, & v5: closed

Mode 3: 20 t : Tank 3 isolatedv3 open, all others: closed

h1

h2

h3

: actual measurement

: predicted measurement

V1 V5Tank 1 Tank 2 Tank 3

h1 h2 h3

H1 H2

H3H4

V2 V3 V4 V6R1 R2

Sf1 Sf2

R12v

R12n

R23n

R23v

SEC PI Meeting10/00

fh’

u

Observer and mode detector

Planty

r

ŷ

Fault detection[Binary decision]

mi

u = input vector, y = measured output vector, ŷ = predicted output using plant model, r = y – ŷ, residual vector, r= derived residuals mi = current mode, fh = fault hypotheses

Hybrid models

Diagnosis models

hypothesis

generation

hypothesis

refinement

progressive monitoring

Fault Isolation

-NominalParameters

FaultParameters

Symbol generation

fh

FDI for Continuous Dynamic Systems Hybrid Scheme

ParameterEstimation

SEC PI Meeting10/00

Diagnosis results

Measured variables e10 and f3 under fault conditions

.3

. 010

f

eactual

- - 3

- 0 01012

f

eR

- - 3

- - 0102

f

eC

- 03

01023

f

eR

- - 3

- 0 0101

f

eC

- 03

- -103

f

eC

- 0 03

- - 010

f

eRb

3

. 010

f

eactual

- - 3

- 0 01012

f

eR

- - 3

- 0 0101

f

eC

3

. 10

f

eactual

- - 3

- 0 01012

f

eR

- - 3

- 0 0101

f

eC

- - 3

- - 0102

f

eC

Qualitative diagnosis results

Step 0 Step 1 Step 2

For more details: see (i) Mosterman and Biswas, IEEE SMC’99

& (ii) Manders, Narasimhan, Biswas, & Mosterman, Safeprocess 2000.

SEC PI Meeting10/00

G en erate P aram eter izedS ta te E q u ation M od e l

P aram eter E st im ation(S y stem IDm eth o d s)

D ecis io nP roced u re

FDI for Continuous Dynamic Systems

Quantitative Analysis: Fault Refinement,Degradations

True Fault (C1) Other hypothesis (R12)

fh

fh’

Multiple Fault Observers

SEC PI Meeting10/00

Discrete Fault ModelsTimed Failure Propagation Graph

Failure Mode

Discrepancy

D +Alarm

Sensor

Time Interval

SEC PI Meeting10/00

Discrete Fault ModelsGraphical Representation in GME

Propagation Attributes:•Time delay•Likelihood

SEC PI Meeting10/00

Discrete Fault ModelsResearch Issues: Managing complexity in models

Locality: Some phenomenon are not local (e.g. fire in the

engine) or are a composite of local phenomena To provide useful information the diagnosis must

trace failures to individual components Failure Modes are attributes of components

Hierarchy For scalability it is important that the model

accommodates diagnosis with different resolution An FPG at one level will often incorporate Failure

Modes of components at a lower level

SEC PI Meeting10/00

Discrete Fault ModelsResearch Issues: Semantics of models

Failure Mode: A condition of a component, which manifests in

abnormal behavior. Structural defect: parameter deviation Failure modeled as “input”

Discrepancy: An abnormal change in system state

Transition into abnormal state Normal state, but abnormal transition

Fault Propagation: Ordering of events Where an event is a region in the extended system state space

Input x State x Next State

SEC PI Meeting10/00

Discrete Fault ModelsResearch Issues: Expressing Constraints and

Interactions Incompatibility

When symptoms (or causes) can not co-occur (stuck_open stuck_closed)

Additivity When the combination of effects produces an extra

effect (primary and backup fail)

Cancellation When effects negate, decrease, or mask each other

SEC PI Meeting10/00

Discrete Fault ModelsResearch Issues: TFPG, FSM and Diagnostics

A model of a system as a timed (non-deterministic) Finite State Automata provides sufficient information to draw the full TFPGDiagnosis can be performed using a partial TFPG model of the system

SEC PI Meeting10/00

Discrete Fault ModelsResearch Issues: Implementing the Discrete Diagnostics

Extended Relational Algebra Relational Algebra is used in databases to

manipulate relations Extended Relational Algebra allows nested relations This allows to model logical constraints involving

arbitrary logical expressions

Role Discrete fault models as FSM-s The complex state transition function of FSM-s can

be represented using the Extended Relational Algebra and OBDD-s as the physical data structure

SEC PI Meeting10/00

Component Digraph

A link represents the fact that the faulty operation of the source component results in the faulty operation of the destination componentA Transition Event represents the cause and nature of the change: <triggering event, current state, next state>Failure Propagation Graph links each transition event to its immediate successor. Only failure trajectories are represented

Discrete Fault ModelsRelating an FPG to FSM

FlowController

Flow SensorPipeValve

V

FC

FS P

SEC PI Meeting10/00

Discrete Fault ModelsRelating an FPG to FSM: Example

Controller

FlowIndicator

PressureSensor

SC

VC VO

VE, VD

VE

F1 F1

VD VD

C2

C1 C3

C4

VE

VD

PE

PD

Pump

Controller

Valve

POFF PON

PD PE

PD

PE

FON

F2F2

SEC PI Meeting10/00

Discrete Fault ModelsRelating an FPG to FSM: Composed FSM

1 = (C1,nf,np)

2 = (C2,nf,np)

3 = (C3,f,pp) 4 = (C4,nf,np)

3 = (C3,nf,pp)

1 = (C1,nf,pp)

2 = (C2,f,pp) 4 = (C4,f,pp)

2 = (C2,nf,pp)

4 = (C4,nf,pp)

SEC PI Meeting10/00

10,11 11,12

1,5

{pp}{pp}

{nf}

{F1}

4,8

{nf}

{F1}

3,7

{nf,pp}

{F1}

7,8

{nf}

6,7

{nf,pp}

9,13

{F1}

{nf,pp}

12,16

{nf,pp}

{F1}11,15

{nf,pp}

{F1}

1,9

{nf,pp}

{F2}

2,10

{pp}

{F2}

6,14

{pp}

{F2}

8,16

{nf,pp}

{F2}

{nf}

2,6

{F1}

7,15

{nf,pp}

{F2}

{pp}

4,12

{F2}

3,11

{pp}

{F2}

9,10

{pp}

10,14

{pp}

{F1}

{F2}

5,13

{nf,pp}

15,16

{nf,pp}

13,14{pp}

5,6

{nf}

14,15

{nf,pp}

Discrete Fault ModelsRelating an FPG to FSM: FPG

SEC PI Meeting10/00

Discrete Fault Models Diagnosis using Extended Relational Models

Contents of the hypothesis set: State (Which nodes are we “in”) Failure modes (Which got us “here”)

All combinationsPreviously

HypothesizedSet of Alarm

Instances

RingingAlarms

Next HypothesizedSet of Alarm

Instances

PreviouslyHypothesizedSet of Failure

Modes

Any Set of Failure Modes

Set of Failure Mode

Instances

SEC PI Meeting10/00

Discrete Fault Models Summary

Extended Relational Models offer a general formalism to express causality relations between failures and their symptoms, as well as constraints, interactions and compositionExtended Relational Models can also represent ordering of transition events in a dynamic systemFailure Propagation Graphs have been disambiguated by redefining them with a precise mapping to the Extended Relational Model

See MSc thesis of Tal Pasternak on ISIS website

SEC PI Meeting10/00

Transient Management

SEC PI Meeting10/00

Data processing for FD

SEC PI Meeting10/00

Towards an OCP implementation:Model-based software generation

Software models:• Controllers • Datatypes• Architectures

SEC PI Meeting10/00

PlansVanderbilt/ISIS Improve modeling language Finish implementing Hybrid Diagnostics Develop controller selection component Fuel system example Integration with OCP

Technical University of Budapest Transient management techniques Controller examples

Xerox/PARC Data processing for fault detection

Documents

Fault-Adaptive Control Technology