Copyright © Vanderbilt University, Technical University of Budapest, Xerox PARC Fault-Adaptive...

Copyright © Vanderbilt University, Technical University of Budapest, Xerox PARC

Fault-Adaptive Control TechnologyGabor KarsaiGautam BiswasTivadar SzemethySriram NarasimhanTal PasternakGabor PeceliGyula SimonTamas KovacshazyFeng ZhaoXenofon Koutsoukos

ISIS, Vanderbilt University

Technical University of Budapest, Hungary

Xerox PARC

http://www.isis.vanderbilt.edu/Projects/Fact/Fact.htm

SEC PI meeting May 01

OverviewReview of objective and approachModeling, diagnostics and integration

1. Hybrid modeling2. Hybrid Observer3. Hybrid Diagnostics4. Discrete Diagnostics5. Controller Modeling6. OCP Integration Plans

Transient Management in Reconfigurable SystemsModel-directed monitoring and diagnosis


Objective

Technology and tool suite for Fault-Adaptive Control

Components: Modeling approach for capturing

Hybrid and discrete models of the plant for both nominal and faulty behavior

Reconfigurable controllers Mode identification and real-time fault-diagnostics

Model-based hybrid and discrete approaches Model-based dynamic selection/synthesis of

regulatory controller structures Algorithms for mitigating reconfiguration

transients


Model-based approachFrom models to a run-time system

Open Control Platform

Run-time execution environment for hosting:•Monitoring and controller software •Hybrid and discrete diagnostics modules•Controller object library and selector•Transient manager componentUse OCP as the underlying “OS”

Reconfigurable Monitoring and Control System

Hybrid Observer

Hybrid Diagnostics

Failure Propagation Diagnostics

Active Model

Controller Selector

Monitor/ Controller

Library

Transient Manager

Reconfiguration Controller

Fault Detector Embedded

Models

EmbeddedModels

Visual modeling environment for creating:

•Hybrid bond-graph models

•Timed failure propagation graph models

•Controller models (supervisory and regulatory)


1. Modeling of the Physical SystemHybrid Bond Graphs and Failure Propagation Graphs

Propagation Attributes:•Time delay•Likelihood

Timed failure propagation graph

Hybrid bond-graph

•Components•C,R,I,Gy,Tr Sf,Se•Variables: e/f, u/x/y•Energy/Signal ports•Switched junctions


2. Hybrid ObserverAutomatic derivation of a hybrid observer from models

Hybrid Observer

B z-1 C

A

xkXk+1

ykuk

m3

m1 m2

Mode switching logic

Continuous observer

HybridBond-graph

Model

HybridBond-graph

Model

Hybrid AutomataGeneration

HybridAutomata

Model

System Generation

Resulting hybrid observer tracks the plant across continuous states and discrete (switching) modes at run-time

•Symbolic derivation of equations based on KCL/KVL•Rearrangement of equations in symbolic form to build state-space equations•Substitution of parameter valuesComplexity: O(nComp*mSwitches)


Result Automatic derivation of a hybrid observer from models

Two-tank system model (switched valves)Starting set of Equations (33 State): + ({f_d} * {R2}) - ({e_d}) = 0 (3) + ({f_e} * {R1}) - ({e_e}) = 0 (3) + ({f_a} * {R4}) - ({e_a}) = 0 (3) + ({f_b} * {C2}^(-1)) = d/dt{Tank2Level} (3) + ({f_6} * {C1}^(-1)) = d/dt{Tank1Level} (3) + ({f_b}) + ({f_a}) - ({f_7}) - ({f_5}) = 0 (4) + ({e_7}) - ({e_5}) = 0 (2) + ({e_5}) - ({Tank2Level}) = 0 (2) + ({e_7}) - ({Tank2Level}) = 0 (2) + ({Tank2Level}) - ({e_a}) = 0 (2) + ({e_5}) - ({e_a}) = 0 (2) + ({e_7}) - ({e_a}) = 0 (2) + ({Sf}) - ({f_1}) = 0 (2) + ({e_7}) + ({e_d}) - ({e_2}) = 0 (3) + ({f_2}) - ({f_7}) = 0 (2) + ({f_7}) - ({f_d}) = 0 (2) + ({f_2}) - ({f_d}) = 0 (2) + ({f_2}) + ({f_6}) + ({f_4}) + ({f_e}) - ({f_1}) = 0 (5) + ({e_2}) - ({e_1}) = 0 (2) + ({e_1}) - ({Tank1Level}) = 0 (2) + ({e_2}) - ({Tank1Level}) = 0 (2) + ({Tank1Level}) - ({e_4}) = 0 (2) + ({e_1}) - ({e_4}) = 0 (2) + ({e_2}) - ({e_4}) = 0 (2) + ({e_4}) - ({e_e}) = 0 (2) + ({Tank1Level}) - ({e_e}) = 0 (2) + ({e_1}) - ({e_e}) = 0 (2) + ({e_2}) - ({e_e}) = 0 (2) + ({f_3} * {R3}) - ({e_3}) = 0 (3) + ({e_3}) + ({e_5}) - ({e_4}) = 0 (3) + ({f_3}) - ({f_5}) = 0 (2) + ({f_5}) - ({f_4}) = 0 (2) + ({f_3}) - ({f_4}) = 0 (2)

Finally we've 2 state eqns: - ({Tank2Level} * {R4}^(-1) * {C2}^(-1)) = d/dt{Tank2Level} (4) + ({C1}^(-1) * {Sf}) - ({C1}^(-1) * {Tank1Level} * {R1}^(-1)) = d/dt{Tank1Level} (5)And 2 output eqns: + ({Tank2Level}) = {Tank2Level} (1) + ({Tank1Level}) = {Tank1Level} (1)


Result Hybrid observer tracking the plant


3. Hybrid DiagnosticsModeling with Hybrid Bond Graphs

Three-tank system

Tank2C2

R3R6

Tank1

C1 Tank3C3

R4R2

R1R5

Sf1Sf2

- Valve

C – Tank Capacity

R – Pipe Resistance

Sf – Flow Source

Sf1

R4R3

C1 C2 C3

R6R1 R5

7

13 15

14

Sf20 0 0

R2

21

22

2012

8

6

4

3

2111

12

18

16 17

5

9

10

11

13

15

16

17

18

23

24

Hybrid Bond Graph Automata for the Switched Junctions

: Control signal that turnsjunction on and off

ON

OFF

1,2,3,5,7,8:

soffisoni

h3 <H3and

h4<H4

h3 H3orh4H4

ON

OFF

6:

Inflow and pipe flowscontrolled by valves +Autonomous Transitions:System can be in 256 configs.

Switched Junctions –can be turned onon and off off by control signalsgenerated by automata


Hybrid Diagnosis issues• Track Hybrid System Behavior, Fault Detection• Isolate not only the fault but also the mode it occurred in

Back track to identify mode and fault (Roll Back)Fault may not be detected in the mode it occurred because of

Time delay in effects of fault Measured variables not affected until later mode

After identifying mode and fault, we need to predict behavior under fault conditions which is complicated by the fact that the quantitative value of fault parameter is not known (Faster than real time Roll Forward + Online Estimation)Intractable problem in general –

How can controller model and controller signals be employed to control the intractability ?


Controller model

•Externally specified•Modeled as timed FSM•Transitions in FSM time-triggered or function of internal variables of plant•Used in Tracking, hypotheses generation and refinement

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10

t1 : if Time = T1 then Open Source 1 t2 : if h1 > H_upper_pipe_1 then Close Source 1t3 : if Time = T2 then Open R3, Close Source 1 t4 : if Time = T2 Open R3t5 : if h2 > H_upper_pipe_2 then Close R3

t6 : if Time =T3 then Close R3, Open R4 t7 : if Time = T3 Close R3t8 : if Time = T4 then Close R4, Open Source 2

t9 : if Time = T5 then Close Source 2, Open R6t10 : if Time = T6 then Open R4t11 : if Time = T7 then open R2

t10

t11

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10




t10

t11


Fault Isolation with Hybrid Models

Hypothesis Generation

(Back Propagation)

Candidate Set<fault,mode>

Qualitative Hypotheses Refinement

Forward Prop + Prog Monitoring

Quick Roll Forward

Quantitative Models(State Space or I/O

Past ModeTrajectory

Modemi

Temporal Causal Graphs (TCGs)

RefinedCandidate Set

<fault,mode>current mode

Quantitative Hypotheses Refinement

Parameter Estimation

From Hybrid Bond

Graphs

RefinedCandidate Set

<fault,mode>current mode

Observations

Signal to SymbolGenerator


Qualitative Hypotheses Generation (Roll Back)Fault Hypothesis: <parameter,mode>

• Presence of fault invalidates the tracked mode trajectory

• To identify mode in which fault occurred we could consider all modes that are candidates for previous mode and hypothesize faults in those modes and so on

• To avoid the blow up we assume that the controller model is correct

Lemma:Lemma: The fault must have occurred in one of the modes in the tracked mode trajectory. The fault must have occurred in one of the modes in the tracked mode trajectory. Hence sufficient to go back through the tracked mode trajectoryHence sufficient to go back through the tracked mode trajectory

Time Line

Mode

1Mode 2

Mode 3

Mode 4

Mode

5

Mode 6

Mode 7

Fault Occurs

Fault Detected

Tracked TrajectoryActual Trajectory

T1 T2 T3 T4

T5 T6

Backprop: applied across multiple modes in saved mode trajectory


Qualitative Hypothesis Generation

Example

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10




t10

t11

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10




t10

t11

• Fault (C2-) occurs at time 20 (controller state 9) but the fault detected at time 21 (controller state 10)

• We back propagate through the tracked mode trajectory (M10, M9, M8, …) to identify hypotheses in each of the tracked modes

• This generates the candidates <M10, C3- R6+ R4+ C2- R2- C1- R1+> <M9 C3- R6+ R4+ C2-> <M8 C2- R4+>. As can be seen this includes a number of spurious fault candidates.


Hypothesis Generation: Diagnosability & Measurement Selection

When to stop back tracking ?

• Determined by diagnosability studies

• Select measurements that ensure that fault is detected within k modes from which it occurs

• This is a NP-Complete problem even for a continuous system

• Can reduce complexity by assuming specific controller model for measurement selection


Hypotheses Refinement Example

The qualitative signatures of each of the candidates generated by back propagation is shown in the following table (candidates in mode 9 and 10)Hypothesized faults in mode 9Fault Tank 3 Height Tank 1 OutflowC2- 0-+ 0+-C3- -+- 00+R4+ 0-+ 00+R6+ -+- 000

Prune candidates: All candidates that predict a discontinuous change in the measured variables can be eliminated (if a discontinuous change had occurred the fault detection unit would have flagged it).

We are left with candidates <M9 C2-,R4+> and <M10 C2-,R4+>.

Hypothesized faults in mode 10Fault Tank 3 Height Tank 1 OutflowC1- 00- +-+C2- 0-+ 0+-C3- -+- 00+R1+ 000 +-+R2- 00- 0-+R4+ 0-+ 00+R6+ -+- 000


Qualitative Hypotheses Refinement (Very Fast Roll Forward)• To perform qualitative analysis we need to start analyzing from current mode

• Presence of fault invalidates current mode trajectory

• Since quantitative value of fault parameter is unknown we cannot uniquely identify the current mode

• Controller model tells us what controlled transitions occurred but autonomous transitions cannot be predicted definitely because quantitative fault parameter value is not known.

• Hence multiple candidates for current mode and analysis needs to be done in each of these modes

Hypothesized fault mode

Known Controlled TransitionHypothesized Autonomous

Transition

Possible current modes

Hypothesized intermediate modes


Quantitative Hypotheses Refinement

• For each fault, generate State Space Equation model with all but faulty parameter value substituted

• Use system identification techniques to estimate parameter value

• Estimate only one parameter instead of all parameters

• Check for zero error convergence


Extended Parameter Estimation

• If controlled mode change occurs, continue parameter estimation in new mode using parameter estimate from previous mode as initial value

• Use parameter estimates to predict autonomous mode changes and continue parameter estimation

1

1

3

2

1

1111111111

5242524232223222

3121312111

3

2

1

0

0

1

111110

11111111

011111

.

.

.

fC

h

h

h

RCRCRCRCRC

RCRCRCRCRCRCRCRC

RCRCRCRCRC

h

h

h


Example 1:Parameter Estimation

True fault hypothesis: convergence to 0error in prediction

Other fault hypothesis: divergence oferror in prediction.

C2C2--

R4R4++


4. Discrete Diagnostics

Maps:Ancestor : Alarms -> Alarms - maps alarms to their ancestor alarmsDescendant: Alarms -> Failure Modes - maps alarms to their descendant failure modesInitialization: Hypothesis FailureModes – initialized to empty set AlreadyRinging Alarms – initialized to empty set MissingUpstream Alarms – initialized to empty set Hypothesis refinement algorithm 1. NewFailureModes = Descendant(NewAlarms) – Hypothesis 2. Add NewFailureModes with rank of zero 3. Hypothesis := Hypothesis NewFailureModes; 4. NewMissingUpstream := Descendant-1(Hypothesis) Ancestors(NewAlarms)

[MissingUpsream – AlreadyRinging] 5. MissingUpstreeam := MissingUpstreeam NewMissingUpstream 6. AlreadyRinging := AlreadyRinging NewAlarms 7. PromotedFailureModes := Descendant(NewAlarms) –Descendant(NewMissingUpstream) 8. Promote rank of failure modes in PromotedFailureModes

New BDD-based algorithm: Scores hypotheses based on missing alarms


5. Modeling ControllersCML: A Controller Modeling Language

Two layers: Regulatory (sampled data) Supervisory (discrete switching)

Supervisory logic: Discrete control Fault accommodation logic Reconfiguration/switching strategies

REGULATORY

CONTROLLERS

DISCRETE SENSOR VALUES

SAMPLED SENSOR VALUES

DISCRETE ACTUATOR SIGNALS

SAMPLED ACTUATOR SIGNALS

SUPERVISORY CONTROLLER

sampled data values, events

data values for parameters, discrete control signals, actions

OPERATOR GUI

(OPTIONAL) FAULT

DIAGNOSTICS

diagnostic events


Modeling ControllersCML: A Controller Modeling Language

Software models:• Controllers •Architectures


6. OCP Integration plan

OCP

M

Model-based component

Algorithmic (C++) component

OCP Wrapper

M

Hybrid Observer Discrete Diagnostics

OCP Wrapper

M

OCP Wrapper

M

Hybrid Diagnostics Active Model

OCP Wrapper

M

Controller

Controller

Controller

Reconfig Mgr

OCP Wrapper

M

Controller


Current plans

Finish implementation of the OCP hybrid and discrete diagnostic reasonerDevelop OCP supervisory/regulatory controller infrastructure based on CMLDesign Active Model component Integrate TUB work on transient managementWork fuel system example with Boeing

Copyright © Vanderbilt University, Technical University of Budapest, Xerox PARC

Technical University of BudapestXerox PARC


Backup slides


Hybrid Diagnosis Step 1: Tracking System Behavior -- Observer

Issues: Can we pre-compile models for all modes of hybrid automata How do we ensure mode change detection is sufficiently precise?

HybridBond-graph

Model

Generate CurrentState-Space Model

(A,B,C,D)

Kalman Filteruk,yk Xk

Calculate: transition conditions, next modes and modelsMode change

Detector

System Mode (Switch settings)

RecalculateKalman Filter Coeffs.

ControllerModel


Temporal Causal Graphs (TCG)

• Automatically derived from Bond graph

• One TCG for each mode

• Captures causal and temporal relations between variables in the system

• Faults in the system represented by parameters on edges in the TCG

f6=

=

e4

e6

1

-1 =

-1 =

=

-1

1 = 1e2

e3

e8

f3

e7e5 f5

f4

f7f1 f2

1R2

1R1

dt1C1 dt1

C2

e9f9f10f11e11

e12 f12

e10 f8

1R6

1R4

dt1C3=

=

=

=

-1

-111

-1f13

1

f6=

=

e4

e6

1

-1 =

-1 =

=

-1

1 = 1e2

e3

e8

f3

e7e5 f5

f4

f7f1 f2

1R2

1R1

dt1C1 dt1

C2

e9f9f10f11e11

e12 f12

e10 f8

1R6

1R4

dt1C3=

=

=

=

-1

-111

-1f13

1

e -> effort = Pressure

f -> flow = Fluid Flow rate

1, = -> directly proportional

-1 -> inversely proportional

dt -> time delayed relation


Example 2: Observer considers a spurious mode

In this case the observer considers an additional mode (3)

The faults hypothesized in this spurious mode get dropped during the fault isolation process

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10




t10

t11

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10




t10

t11


Example 3:Observer skips a mode

A fault (C1-) is introduced in mode 2

Height in Tank 1 shown in figure 1 (which is not measured) indicates that an autonomous transition occurs due to the jump in the height but our observer does not consider this mode since the fault is not detected until a later mode

The back propagation however identifies candidates in mode 2 and fault isolation is able to isolate the true fault

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10




t10

t11

1 2 5

4

3

6 7

8t1

t2

t3t4

t7

t8

t9

t5

t6

9

10




t10

t11

Date post:	31-Dec-2015
Category:	Documents
Upload:	cassandra-welch
View:	217 times
Download:	0 times

Copyright © Vanderbilt University, Technical University of Budapest, Xerox PARC Fault-Adaptive...

Documents