ââDepartment of Economics, Universitat Autnoma de Barcelona, Spain. Fault Tolerant System ... such as civil aircraft (Airbus A320/330/340/380), au- tonomous .... Guide Model ... The controller (or pilot) requests some torque T(t) which must ...
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
IAC–16–D1.IP.4
An economic flavored algorithm for spacecraft subsystem management and optimization Francesco Feltrin∗ , Andrea Antonello∗ , Davide Pietrobon∗∗ , Alessandro Francesconi† ∗ Centre of Studies and Activities for Space - G. Colombo, University of Padova, Italy † Department of Industrial Engineering, University of Padova, Italy ∗∗ Department of Economics, Universitat Autnoma de Barcelona, Spain Fault Tolerant System (FTS) are often based on a highly redundant architecture. We propose a new method to exploit the extra degrees of freedom of the system to achieve secondary goals. Assuming that the system has finite resources available, an approach to minimize resource consumption without assigning an arbitrary cost function is presented. To demonstrate this approach a simple analytical model is considered: the scenario consists of a hybrid-car control allocation problem, in which the controller is able to determine whether to use an electric or thermal engine to produce a requested torque. More general but basic results are obtained after an analytical formal framework is defined. To date, the main focus of the research has been on meeting such a plethora of post failure demands. Fault tolerant control (FTC) Little interest has been directed towards pre-failure, To increase the reliability of fail critical systems fault-free behavior, which is almost exclusively solved such as nuclear power plant or military avionics, re- (in both approaches) using linear quadratic optimizadundancy has always been the most used option. A tion9 once a set of weighting parameters have been number of actuators (or effectors) higher than the chosen. A rare exception can be found in Ref.10 in degrees of freedom of the system renders traditional which, during fault free mode, wear and tear of actucontrol techniques undetermined. The algorithms ators are minimized by distributing the loads equally. that deal with redundant actuator are called Fault An extensive review of FTC approaches can be found Tolerant Controller (FTC) and they can be divided in Ref.11 . into two main categories; optimal control design and control allocation. Optimal control methods use lin- Spreading of FTC to less critical systems ear quadratic and H∞ control techniques1–3 to deal Relentless advances in microprocessors and actuawith the dynamics and the control allocation at the tor miniaturization have reduced the cost (in terms same time. In control allocation methods, the con- of mass and volume) of redundant subsystem and trol law assigns only the sum of the control inputs, fault detection networks.12 This broadens the apwhile the way to achieve this goal is defined by the peal of FT design to more cost driven applications particular control allocation algorithm chosen. Appli- such as civil aircraft (Airbus A320/330/340/380), aucations of this approach in aeronautics are presented tonomous marine drones, industrial plants13 and unin Ref.4–7 . Regardless of the approach, their main manned spacecraft. functions are the same; to control the system dur- By optimizing pre-failure behavior we can further ing pre failure, transition periods, and post failure lower the cost of adoption of FTS by reducing deconditions, with acceptable level of secondary goal sign requirements. For example, if we are able to achievement. reduce resources consumption, given a fixed mission What constitutes acceptable post-failure behavior we will be able to use smaller tanks/batteries etc and varies vastly depending on the application. For an therefore reduce system’s mass/cost. aircraft, the typical post failure requirement is to land safely without many concerns for system integrity; on Problem Definition the other hand, an industrial production plant that needs to guarantee around the clock availability8 will During fault free behavior, the number of actuabe allowed to do so only at the expense of efficiency. tors will be much higher than the degrees of freedom Introduction
IAC–16–D1.IP.4
Page 1 of 8
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
of the system, which allows for secondary goals to be pursued. To make sure that secondary goals will not interfere with the primary — dynamic controller type — goals, we will adopt a control allocation approach to divide the problem in two; a standard dynamic controller and a control allocation algorithm. The task of the standard dynamic controller is to derive the single virtual input (as if the system had no redundancy) which satisfies the requested dynamic behavior. The control allocation algorithm then has to decide how to meet such demand on a subsystem level: that is, which actuators to use and to which extent. To solve the control allocation problem while minimizing consumption, one can attribute to each actuator usage (and therefore to the resources it consumes) a cost, and then minimize the total cost. This method has been extensively treated in optimal control theory. We question the effectiveness of this approach on the basis of the subjectivity of the cost assignment process. In fact, if the resources are not homogeneous (for example one actuator uses electrical energy, while another one uses gasoline), the relative price is hard to assign. Nevertheless, different pricing strategy will lead to different results. These differences will not be in the dynamics of the system (which is fixed by the controller law) but rather in the resource levels during the mission. This leads to the intuitive idea that one set of prices will lead the system to run out of some resource before others. In an effort to quantify resource consumption, we propose to maximize the response time tr , which is defined as the time needed for the system to run out of its resources and therefore become unable to respond to the controller requests. The ability to maximize tr allows the system to run for longer periods without jeopardizing the required tasks due to the finiteness of resources.
requested from the system at any time). For an open ended mission, this is clearly a good parameter to optimize for, as it allows the mission to run for a longer period. This could also be equivalent to allowing longer interval between an external intervention (i.e. refueling, maintenance, check ups etc). For missions/systems with predetermined life, such as a launch vehicle or a spacecraft, the maximization of tr may seem meaningless, as maximum life is set by design. However, being able to find the maximum time a mission can last with a finite amount of resources while meeting mission objectives is equivalent to finding the minimum amount of resources strictly necessary to accomplish the mission. Therefore, it would allows to find the minimum size of the tanks, battery or any other resource-storage component that allows the system to reach the end of the mission. In the hypothesis that both cost and mass of any generic resource storage device increases with its capacity, this allows for cheaper, lighter systems. The only case in which the use of tr is not recommended is when the system is connected to a supplier grid directly (such as a piece of equipment in a factory). In this case, the cost of the resources is typically set by external factors (the suppliers) and therefore we do not need to derive our own. Standard optimal control techniques can be used to minimize a cost function in actual currency. Guide Model Let us consider a simplified model of an hybrid car shown in Fig. 1
i Tm T Ti ˙f m
Is Response Time a fair metrics? Before we optimize for this parameter, it is worthwhile to discuss its validity. To begin with, response time is a scalar parameter. This is useful because a total order can be defined over R, and therefore, given any two option we will always be able to decide which one is more preferable. This is not true of higher dimension vector spaces, over which we will always have to define a (subjective) metric to compare two options. The candidate tr is therefore objective and based on the efficiency of the actuators (how the system works) and on the mission profile (what is IAC–16–D1.IP.4
Fig. 1: Our reference model for this chapter
The controller (or pilot) requests some torque T (t) which must me matched by the combined effort of the two engines. Assuming linear behavior and assuming we can control the actuator input, meeting instantaneous request means to satisfy Eq. 1: T (t) = α i(t) + β m ˙ f (t)
[1] Page 2 of 8
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
As both electrical power and fuel are finite resources, its resource first. With a simple integration we have the model cannot consume more than it had to begin that with, hence at any time t: Z tf Z tf Z tf Z t Z t T dt = α i(t) dt + βm ˙ f (t) dt [4] 0 0 0 i(t) dt ≤ W m ˙ f (t) dt ≤ Mtot [2] 0
0
Where W and Mtot are respectively the battery and fuel tank capacities. Response time tr is the interval after which we are no longer able to satisfy Eq. 1. The goal is to find i(t) and m ˙ f (t) to maximize tr . Inability to provide T (t) (hence reaching tr ) can be the result of two instances; either we run out of one resource, or both. For simplicity, we have normalized fuel and current consumption by their maximum value, so that i ∈ [0, 1] and m ˙ f ∈ [0, 1]. On the space i×m ˙ f , we plot the function T (i, m ˙ f ) in Fig. 2 m ˙f
m ˙f =
(1, 1)
T2
T −αi β
T1 < T2 T1
⇒
T tf = α W + β Mtot
tf =
α W + β Mtot [5] T
As a result, tf is clearly independent on our choice of both i(t) and m ˙ f (t). Hence, since in this instance the way we distribute control has no influence, any price vector chosen would lead to the same tf . Similar results can be obtained for time variable T (t), with an upper bound T1 , if we substitute T = T¯ (with T¯ being the average value over tr ). Partial redundancy: T1 ≤ T ≤ T2 Again, we start with T (t) = T constant; the precedent case still applies with only minor modifications. The order in which we deplete the resources is the only discriminant. Assume the electric engine is unable to provide the torque T > T1 on its own. If we consume all fuel first, we will not be able to use the electrical energy stored in the battery. Therefore, to achieve maximum tr , we first use both engines, ensuring to deplete the battery before the fuel. From that point on, we use only the internal combustion engine:
i Fig. 2: Iso-Torque (T (i, m ˙ f ) = const.) curves
i1 , m ˙ f1 =
T − αi1 β
i2 = 0, m ˙ f2 =
T β
�Z t1 � Z tf We can identify two notable values for the outT · tf = α i1 dt + i2 dt + ... [6] put T . If the requested torque T is below a cer0 t1 �Z t1 � Z tf tain level (T ≤ T1 ) we only need one actuator to ··· + β m ˙ f 1 dt + m ˙ f 2 dt [7] meet the required T . For values above this threshold 0 t1 (T1 ≤ T ≤ T2 ) we need to use the combustion engine, either alone or with the electric one. For values The case in which T (t) varies with time can also be T ≥ T2 we have to use both systems at all times. obtained; any function i(t) implies a fuel consumption The discriminants in the 3 cases are given by function T (t) − α i(t) T1 = min {α, β} T2 = max {α, β} [3] m ˙ f (t) = β It is clear then that, if we run out of fuel, every re- which yields the same tf . The only condition is that quest T above T1 will not be feasible, and the system we consume all electric energy before we run out of will become non-responsive even if the battery is fully fuel: charged. We will now study each case. Z ti t ≤ t where t : i(t) dt = W and i m i Complete redundancy: T (t) < T 1
We begin by assuming T (t) to be constant. Since both engines can meet requirements independently of each other, it doesn’t matter which is going to deplete IAC–16–D1.IP.4
0
Z tm :
tm
m ˙ f (t) dt = Mtot 0
Page 3 of 8
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
Cooperative redundancy: T2 ≤ T ≤ Tmax Since neither engine can supply the requested torque on its own, they can not be run independently of one another. As soon as we run out of one resource, our system will become unresponsive. If the request T is constant in time, we initially assume i(t) and m ˙ f (t) to be constant as well. We will verify this hypothesis later. We can write: Z ti Mtot W tm = ˙ [8] i dt = Ah ⇒ ti = ˙ i m ˙f 0 And tr = min {ti , tm }. Since i and m ˙ f are linked by the required torque, we can write both depletion times as a function of i ti (i) =
W ; i
tm (i) =
Mtot β T − αi
We may not always be able to exploit this condition: if the two curves intersect within the operational level domain (case T = Ta in Fig. 4), we are able to produce the right torque and achieve the condition of maximum tr . The analytical condition for this to happen are the following i=
m ˙f
T α+
β k
Ta
≤1
and
Tb
m ˙f =
i ≤1 k
(1, 1)
[9]
plotting ti (i) and tm (i), we get: m ˙f = Battery lasts longer
[11]
i k
Tank lasts longer
t i ti
Fig. 4: Required torque and maximum tr strategy.
If Eq. 11 is verified, both resources can be used at the same rate. Therefore k is constant in time tm as well and the solutions to the system above are i time invariant, which verifies our initial hypothesis (i(t), m ˙ f (t) are indeed constant). Fig. 3: Depletion time as a function of i Note that this results holds whenever we satisfy the equation m ˙ f = ki . Hence, since we are moving on the equi-consumption line, fuel and current will be Clearly, to maximize tr we impose ti = tm ∗ . consumed at the same rate, which ensures maximum Hence: tr , even with variable levels of T . WT Mtot T i= m ˙f = [10] Mtot β + W α Mtot β + W α If the conditions in Eq. 11 are not verified (case of T = Tb , Fig. 4), we need to find a compromise. To The ratio of i to m ˙ f is the relative value of the two maximize tr , we want to get as close as possible to the resources, needed to achieve maximum response time. equal consumption line. To measure this distance, we can identify a family of lines parallel to the optimum, ci i M k= = = cm m ˙f Mtot 1 m ˙ f = i+C C∈R In the space i × m ˙ f , the line m ˙ f = k1 i is the relationk ship that yields maximum response time, for a given, constant T . which naturally generate the cost function C : R2 → ∗ Note that, for the way we have constructed this model, the R two engine can only cooperate. They can not be detrimental to 1 [12] C=m ˙f− i each other (i.e. one can not break while the other accelerates). k IAC–16–D1.IP.4
Page 4 of 8
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
m ˙f
(1, 1)
T (t) T2 T1
Complementary redundancy
Partial redundancy
T Complete redundancy C=1
t Fig. 6: Generic torque T (t)
C=0
C = −1
i
Fig. 5: Required torque and cost function.
If we study the sign of C
C:
˙f− m
1 k
i≥0
for
m˙ f k ≥ i
m ˙f−
1 k
i≤0
for
m˙ f k ≤ i
We get
m ˙fk≥i
⇔
ti ≥ tm
Positive values of C will deplete the fuel tank before the battery and viceversa. In this instance, minimizing the absolute value of C will maximize tr . This might seem to hint at the objective definition price vector p = (1, −k −1 ), however, if we are not on the iso-consumption line, the parameter k will not be constant, and the price would have to be dynamic to maximize tr . Assume that C > 0 (as the case C = 1 in Fig. 5); as we consume more fuel than electric energy, the ratio k = MW increases, hence the slope of the isotot consumption line decreases. As time progresses the ideal condition is pushed further and further from our best case possibility. If we start outside the isoconsumption line, we will consume more of one resource or the other, hence modifying the value of k. In this instance then, the price vector p~ would not be fixed, and therefore a particularly convoluted way to maximize response time.
General case: T (t) Finally, we can address the problem of a generic T (t). IAC–16–D1.IP.4
As we have seen before, whenever T (t) < T1 (complete redundancy), the choice of i and m ˙ f does not affect tr . Any choice will allow for the same response time. This is a key observation, because it gives us the possibility of action. Our choices in this region will not affect our response time in this region but will still modify k. Clearly, the origin will always belong to the equiconsumption line; for sufficiently low level of output then, we will always be able to operate on this line. If we do so, we have seen that the value k will not change. If we operate outside of this line, either because we have to (there is no other possibility, as T (t0 ) > T2 ) or because we decide to (if T (t0 ) < T2 we are still free to chose the combination of i to m ˙ f ) we will consume resources unevenly. Assume for example that we decide to consume more current than fuel; we will deplete the battery more than the fuel and the ratio k = MW will decrease. Hence, by deciding the tot operation level, we can modify the slope of the equiconsumption line. This possibility creates a new degree of freedom, which allows us to devise a general strategy. It is clear that, among all of the possible k, the best one is k = 1, because it allows us to respond with maximum torque (Tmax = α+β), while remaining on the equi-consumption line. Any function T (t) will be met and tr will be maximized. To achieve k = 1, we have to have the same amount of current and fuel, which due to our normalization, means that the two amounts need to be able to produce the same torque output. If this is the preferred condition, it is clear that given any resource level W(t), Mtot (t), we will always try to consume more of the most abundant resource. This is a viable option only when T (t) < T2 = max(α, β). We have therefore a simple algorithm that maximizes response life. Page 5 of 8
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
Response time maximizing Algorithm
system will always have to consume resources and will never be able to increase them. This assumption 1: if k 6= 1 then is justified by the fact that, in most cases, subsystems 2: if T (t) ≥ T2 then do not exhibit symmetrical behaviour; a combustion 3: Minimize |C| engine does not produce gasoline when a torque is 4: else 5: Consume most abundant resource to k → 1 applied, and an electric engine has not the same proprieties when used as a motor or a generator. In the 6: end if ~ resources space Rm , our position I(t) is the list of 7: else T (t) the amount of each resource available while the in8: m ˙ f = i ⇒ i(t) = α+β ~ stantaneous consumption vector d Φ(t) moves us in 9: end if this space. Always consuming resources means that ~ 2 ) � I(t ~ 1 ) for t1 < t2 . I(t Then we have that every component of T~ has to be Note that greater or equal to 0 at any time. This is expressed 1. This algorithm does not require prior knowledge by the � partial order of T (t) as it operates on an instantaneous fash� ion. i = 1, 2, ...n Ti (t) ≥ 0 ⇔ ~0 � T~ (t) ∀t ∈ R+ [15] ∀t ∈ R+ 2. It may lead to non continuous functions for i(t) and m ˙ f (t); some adjustments can be made to To use response time effectively, we need to review address this, but they will shorten response time. its definition. Intuitively, response time is the time interval from an arbitrarily set starting point to the last Analytical Results instant in which the system is able to meet demand. In the previous section we enforced the simplifying It is clear, however, that if the request is constantly assumption of T~ (t) constant. This has proven useful ~0, any algorithm is able to meet demand indefinitely. in introducing intuitive concepts and guidelines for Hence, whenever there is an interval [t , t ] in which 1 2 the general approach. Furthermore, no consideration ~ T (t) = ~0, ambiguity arises. To avoid this, we simwas given to generalization to multi a dimensional ply request to pause our time counter if the system output. We will now consider a system with n desired undergoes a period of hibernation. To achieve this, outputs, and m actuators with multiple outputs using we cut out the inactive periods of the original request each one of the resources. The system’s behavior is function so that represented by ~ T~ = B Φ [13] if T~ (t0 ) = ~0 , ∃δ ∈ R+ such that ∀ |ε| < δ T~ (t+ε) 6= ~0, [16] Where T~ ∈ Rn is the request vector, B ∈ Rn×m is
the system matrix (which maps the resources to the requests according to each actuator efficiency) and ~ ∈ Rm is the consumption vector, which is how we Φ command the system. As we are dealing with redundant systems, we have that n < m. Therefore, to satisfy Eq. 13 we can add to any solution Φ~0 a linear combination of the m − n vectors V~i in the null space of B
To give an intuitive understanding on how we should strive to move in the resource space, observe that our model behaves (from Eq. 13) in a somewhat conservative fashion. A unit of a given resource can be transformed into a fixed (as linear with its quantity) and time constant amount of output. This means that the same unit resource will be converted into the same amount of output regardless of the requested output or the timing at which the conversion m−n X occurs. This would mean that how and when we use ~ ~ ~ Φ = Φ0 + αi Vi [14] a given resource won’t affect how much output we i=1 can obtain. The problem of control allocation is therefore to chose Therefore, using more resources will yield more ~ to both satisfy Eq. 13 and maxi- output; since the output is a given, strictly positive the appropriate Φ mize response time. function, this means longer response time. However, In order to set up a formal framework, we begin using more resources is a rather loosely defined conby defining the request vector T~ (t) ∈ Rn . We as- cept at this point, since we do not have a total order sume that, to meet each scalar requirement Ti , the defined over the resource space Rm . However, if we IAC–16–D1.IP.4
Page 6 of 8
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
consume all available resources, we are sure to have used more resources than in any other feasible case. By proving all of the hypotheticals above, we obtain a first fundamental result; to maximize response time, we need to reach the origin of the resource space (that is, consume all the resources). Some questions arise naturally; is it always possible to reach the origin and therefore maximize response time? Can we prove that it doesn’t matter how we move in the resource space (conservative behavior)? We will start from the latter question.
Z
t0f
⇒
T (t)dt = 0
[20]
tf
Since T (t) � ~0, we would have to conclude T~ (t) = ~0, ∀t ∈ [tf , t0f ] which is against the definition of T~ , as given in Eq. 16. � It is now interesting to prove that the response time tf is indeed the tr we can strive for. Theorem 2
Rt ~ If tf , defined as tf ∈ R+ such that 0 f Φ(t)dt = I~0 Theorem 1 ~ for a Φ(t) that satisfies T~ (t) exists, then given any t1 Let T~ (t) : R+ → Rn+ be a known demand func~ and Φ(t) that answers to the same T~ (t), ~ tion, B ∈ Rn×m the system matrix and Φ(t) : R+ → Z t1 Rm an instantaneous management function that sat~ Φ(t)dt = I~1 � I~0 ⇔ t1 < tf [21] isfies demand, or: 0
~ T~ (t) = B Φ(t) ∀t ∈ R+
[17]
Proof: Since we have to meet constraints, we ~ ∈ R+ × Rm the vector of available Then, calling I(t) have that: resources at time t, if exists tf such that, Z t1 Z t1 Z tf Z t ~ ~ T~ (t)dt Φ(t)dt = B I1 = B ~ ~ ~ ~ Φ(t)dt � I(0) and Φ(t)dt = I(0) ∀t ∈ [0, tf ) 0 0 0
0
[18] tf is unique.
Z B 0
tf
~ Φ(t)dt = B I~0 =
Z
tf
T~ (t)dt
0
This results tells us that the way we use the re- it is intuitive that if B I~1 � B I~0 then: ~ sources, or which Φ(t) we choose, does not matter. Z t1 Z tf As long as we use all resources, we will achieve the ~ (t)dt � T T~ (t)dt ⇔ t1 < tf same response time tf . 0 0 ~ Proof: Since Φ(t) has to meet demand and we since we assumed that T~ (t) � ~0. Then we only need assume tf exists, we can integrate Eq. 17 from 0 to to prove that: tf : I~1 � I~0 ⇒ B I~1 � B I~0 [22] Z tf Z tf Z tf ~ ~ ~ T~ (t)dt = B Φ(t)dt =B Φ(t)dt = B I(0) Since B, being a non square matrix, is not invert0 0 0 ible, let us verify Eq. 22 for the generic i-th row. We Z tf have that: ~ ⇒ T~ (t)dt = BI(0) [19] 0
~ This is clearly independent of our choice of Φ(t). As0 sume that tf is not unique and it exists tf ∈ R+ \{tf } that satisfies Eq. 18. Then, using equation Eq. 19: Z
t0f
T~ (t)dt = B
Z
0
t0f
~ ~ Φ(t)dt = BI(0) =
Z
0
tf
T~ (t)dt
0
Assume t0f > tf : Z 0
t0f
T~ (t)dt =
Z 0
IAC–16–D1.IP.4
tf
T~ (t)dt +
Z
t0f
tf
T~ (t)dt =
Z 0
tf
T~ (t)dt
Bi1 I11 + · · · + Bim I1m < Bi1 I01 + · · · + Bim I0m Bi1 (I11 − I0m ) + . . . Bim (I1m − I0m ) < 0 under the condition that I1,j < I0,j for j = 1, . . . , m, this is evidently true and the proof is complete. � Since the initial amount of resources I0 is the biggest quantity we can hope to consume, once we use it (and therefore arrive at the origin of the resource space) we have obtained the longest Page 7 of 8
c 2016 by the authors. All rights reserved. 67th International Astronautical Congress, Guadalajara, Mexico. Copyright
response time. From the proof of the Theorem 1, we can also obtain a condition for the existence of tf . If tf doesn’t exists, then it is not possible to end all resources at the same time. This will lead to some unusable left~ f ) different from the oriovers, or a final position I(t gin. It is also intuitive that the time between any two reachable points is a function only of the starting and ending point in the resource space. Conclusions
[2] P. Dorato, V. Cerone, and C. Abdallah, Linearquadratic control: an introduction. Simon & Schuster, 1994. [3] K. Zhou, J. C. Doyle, K. Glover, et al., Robust and optimal control, vol. 40. Prentice hall New Jersey, 1996. [4] W. C. Durham, “Constrained control allocation,” Journal of Guidance, Control, and Dynamics, vol. 16, no. 4, pp. 717–725, 1993. [5] R. J. Adams, J. M. Buffington, and S. S. Banda, “Design of nonlinear control laws for high-angleof-attack flight,” Journal of Guidance, Control, and Dynamics, vol. 17, no. 4, pp. 737–746, 1994.
We now have the first indication on how to optimize tr in a general case, which is by moving towards the origin of the resource space. Note that this was [6] J. C. Virnig and D. S. Bodden, “Multivariable also what we were unknowingly doing from the first control allocation and control law conditioning example; consuming both resources at the same time when control effectors limit(stovl aircraft),” in so to deplete them both. AIAA Guidance, Navigation and Control ConThe more general cases, however, especially the probference, Scottsdale, AZ, pp. 572–582, 1994. lem of whether it is possible or not to reach the ori[7] R. H. Shertzer, D. J. Zimpfer, and P. D. Brown, gin, R seems to require a prior knowledge of the integral ~ “Control allocation for the next generation of enT (t)dt. For sufficiently long periods or sufficiently try vehicles,” in AIAA guidance, navigation, and regular T~ (t), an average estimate might be enough. control conference and exhibit, p. 4849, 2002. It is worth noticing that the idea of pointing the instantaneous consumption vector towards the origin [8] J. Jin, S. Ko, and C.-K. Ryoo, “Fault tolerant of the resource space has an intuitive rationalization. control for satellites with four reaction wheels,” Imagine the resource space as the strictly positive Control Engineering Practice, vol. 16, no. 10, portion of R3 space; if we are close to one of its sides, pp. 1250–1258, 2008. it means that we have a relatively low quantity of a aRd and S. T. Glad, “Resolving acgiven resource. From this point, in order to reach [9] O. H¨aRkeg˚ tuator redundancy—optimal control vs. control the origin, we will move almost parallel to this side. allocation,” Automatica, vol. 41, no. 1, pp. 137– Hence we will consume very little of this resource, 144, 2005. which means that our response-time maximization strategy values it much more than the other resource [10] A. Chamseddine, D. Theilliol, I. Sadeghzadeh, under analysis. Not unlike economical intuition, a reY. Zhang, and P. Weber, “Optimal reliability source that is relatively scarce is more valuable than design for over-actuated systems based on the one that is relatively abundant. mit rule: Application to an octocopter heliThe word relative here constitutes the core of the copter testbed,” Reliability Engineering & Sysproblem, and can be quantified only through the matem Safety, vol. 132, pp. 196–206, 2014. trix B and the request T~ , which enclose the physics [11] Y. Zhang and J. Jiang, “Bibliographical reof the problem. view on reconfigurable fault-tolerant control sysAll this can be applied to a fairly vast range of tems,” Annual reviews in control, vol. 32, no. 2, problems, under the assumptions we made. Relaxing pp. 229–252, 2008. some of the more demanding assumptions, especially linear behaviour and strictly positive consumption, [12] Tortora, “Fault-accomodation with intelligent will greatly improve the usefulness of this approach. sensors,” Automatica, vol. 39, no. 7, pp. 1227– 1233, 2003. References [13] M. Morari and J. H. Lee, “Model predictive con[1] H. Kwakernaak and R. Sivan, Linear optimal trol: past, present and future,” Computers & control systems, vol. 1. Wiley-interscience New Chemical Engineering, vol. 23, no. 4, pp. 667– York, 1972. 682, 1999. IAC–16–D1.IP.4
Page 8 of 8
