AN EXAMPLE OF FLATNESS BASED FAULT TOLERANT ... - CiteSeerX

AN EXAMPLE OF FLATNESS BASED FAULT TOLERANT CONTROL USING ALGEBRAIC DERIVATIVE ESTIMATION P.Mai ∗ , C.Join ∗∗ , J.Reger ∗

∗

Institute of Automation and Control (EIT 8.1), Universit¨ at der Bundeswehr M¨ unchen, Werner-Heisenberg-Weg 39, 85579 Neubiberg, Germany (e-mail: [email protected], [email protected]) ∗∗ CRAN UMR 7039 CNRS - Nancy Universit´e & ALIEN - INRIA project (e-mail: [email protected])

Abstract: A new method of fault tolerant control is proposed which is based on the differential flatness of the system. A recently presented algebraic derivative estimation method that is robust with respect to noise is used for estimating actuator faults. This fast estimation permits an accommodation of the control to the fault. Additionally taking into account control saturations, an online adaptation of the reference trajectory is investigated. Keywords: Fault tolerant control, derivative estimation, control saturation, actuator fault accommodation, trajectory replanning.

1. INTRODUCTION

Model-based fault diagnosis has been of increasing concern in the last years (see for example (Chen, 1999; De Persis and Isidori, 2001; Gertler, 1998; Frank, 1990; Staroswiecki and ComtetVarga, 2001)). This paper is the first of a series of papers in which we focus on the problem known as Fundamental Problem of Residual Generation (FPRG), firstly introduced by (Jones, 1973; Willsky, 1976), which aims at fault detection and isolation (FDI) in the case of multiple faults. Regarding FPRG based on linear system models, an abundant literature is available, see (White and Speyer, 1987; Massoumnia, 1989) to highlight but a few of the approaches. An alternative, more recent approach is based on algebraic tools (Fliess et al., 2004) that provide a residual generation scheme without the need of synthesizing any filters and/or observers.

Diagnosis in the context of nonlinear systems is still in its infancy, but of fundamental interest since nonlinear methods are able to largely extend the domain of FDI applications—see for example (Chen, 1999; De Persis and Isidori, 2001; Gertler, 1998; Join, 2002; Join et al., 2003). In ((Fliess et al., 2005)) encouraging results were obtained in the field of fault tolerant control applying innovative algebraic methods. Usually, in order to minimize the effect of a fault on the control activity, the control law is modified by taking into account the result of the fault diagnosis procedure. Generally, this leads to an additive control action, see for instance ((Lunze et al., 2001; Theilliol et al., 2002)). However, the saturation limits of the control signal are always present in practice and may require a change of the reference trajectory in order to sustain a successful fault accommodation scheme (Tarbouriech and Garcia, 1997; Kapila and Grigoriadis, 2002). This particular aspect is one of the main contributions in this work.

In this paper, our ideas are illustrated on a simple first order linear system. The subsequent extension of the concepts to nonlinear MIMO systems does not represent any difficulty, respective works are about to be published by the authors. This paper is organized as follows: Firstly, flatnessbased control and the method of algebraic derivative estimation are shortly recalled. Afterwards, the system model and its control are explained in Sections 4 and 5. The paper’s main contributions are given in Sections 6 and 7 where the ideas of fault accommodation and of trajectory replanning are proposed. Section 8 is devoted to the description of some forthcoming works.

2. DIFFERENTIAL FLATNESS We recall basic notions from Fliess et al. (Fliess et al., 1995). According to these lines, an n-th order single input single output system x˙ = f (x, u)

(1)

n

with state x ∈ R and input u ∈ R is (differentially) flat if there exists a scalar, potentially ficticious output y = φ(x) ,

(2)

called flat output, that allows to differentially parameterize the state and the input as per x = ψx (y, y, ˙ . . . , y (n−1) ) , u = ψu (y, y, ˙ ...,y

(n)

).

(3) (4)

An important consequence of the parametrization given in (4) is that once having chosen a nominal desired reference trajectory y ? for the flat output this output determines the necessary nominal control u? , that is u? = ψu (y ? , y˙ ? , . . . , y ? (n) )

(5)

which is a feature we are going to exploit in the subsequent paragraphs.

and involves standard rules from operational calculus, only. Differentiating both sides α times with respect to the operator s and premultiplying with 1/sν , ν ≥ 0, yields N
1 dα 1 dα X N −i (i) N +1 s s y (s) = yN (ti ) N sν dsα sν dsα i=0 (8) The choice of α, for example α = 0, . . . , N , generates a triangular system of linear equations for determining the values of the derivatives. Hence, these quantities are linearly identifiable. In addition, so as to remove all time derivatives wrt. yN (t) we need to choose ν ≥ N + 1.

For simplicity, we may refrain from exposing further steps of resolving this system of linear equations. By setting N = 1 and ν = 3 we obtain the following formulae for y˙ N (ti ) Z Twin 6 (2σ − Twin )y(ti − σ)dσ (9) y˙ 1 (ti ) = − 3 Twin 0 where Twin is an arbitrary window time. In the following paragraphs, it turns out that we will not have to estimate higher order derivatives than the first one. Of course other choices of N and ν are possible. Thanks to the noise attenuating effect of the integration in (9), this expression can quite effectively be used to get a quasiinstantaneous estimation of the first derivative of a noisy signal y(t) whenever Twin is chosen small enough with the consequence that such a linear approximation of y(t) is valid. Hence, for getting a valid estimate at any instant of time t the numeric implementation of equation (9) is realized via a sliding window approach. In this case, Twin has to be chosen as a compromise between two influences: the larger Twin the better the noise attenuation will be, on the contrary, the less valid the polynomial approximation of y(t), which inherently depends on the approximation order N and puts a limit on Twin to some upper bound. Applications and details are given in (Fliess et al., 2004; Fliess et al., 2005a).

3. ALGEBRAIC DERIVATIVE ESTIMATION Consider a real-valued polynomial function in time N (j) X yN (ti ) yN (t) = (t − ti )j (6) j! j=0 of degree N , t ≥ ti , which may be considered as an N -th order approximation of a time signal y(t). We may derive yN (t) at least (N + 1)times with respect to time to obtain zero. Using usual operational calculus notation, this may be rephrased in the operator domain, which reads sN +1 YN (s) =

N X i=0

(i)

sN −i yN (ti )

(7)

4. MODEL PRESENTATION In this paper, our ideas are demonstrated resorting to a first order LTI SISO system whose transfer function is given by G(s) =

1 , 1 − Ts

(10)

where T > 0 is the known system time constant. Due to the pole at s = T1 the system is unstable. The corresponding differential equation with input u(t) and output y(t) is given by y(t) ˙ =

1 (y(t) − u(t)) . T

(11)

In order to include a command saturation function and an additive actuator fault fa (t) which enters into the model after the saturation block, we introduce the so called free control signal u0 (t) which we interpret as the desired control input before the saturation block. Thus, u(t) = satS (u0 (t)) + fa (t),

(12)

where satS (x) denotes the saturation function parametrized by the saturation limit S,  x≥S  S for x for −S < x < S satS (x) = (13)  −S for x ≤ −S We assume that the actuator faults only occur in a steplike form, thus fa (t) = Fa σ(t − Ta ),

(14)

where σ(t) denotes the unit step function, Ta corresponds to the time instant when the fault occurs and Fa defines its amplitude. By limiting the analysis to steplike faults the eventual adaptation of the reference trajectory can be based on the estimated amplitude Fˆa of fa (t) which then represents a constant offset of u(t) for t > Ta . To give a realistic picture of our setting, we added equally distributed white measurement noise in all simulations, denoted by n(t), onto the output signal. Also, an unknown initial condition x(t = 0) = x0 should be admitted. Thus, the state space description of the system is x(t) ˙ = T1 (x(t) − u(t)) , x(0) = x0 y(t) = x(t) + n(t).

which we need to keep away the free control command u0 (t) and the reference command u? (t), clearly, accounting for measurement noise, unknown initial conditions, and robustness to small actuator faults. Thanks to the flatness property of the system (flat output y) the trajectory planning is straightforward. Since x0 is unknown and will necessarily lead to different control activity u0 (t) 6= u? (t) whenever x0 6= 0, it is a good policy to calculate right after system initialization when x0 is measured whether the saturation will be hit later on, potentially, suggesting a replanning of the trajectory. This notion is considered in Section 7. Let y ? (t) be the reference trajectory that we would like to track. In this case, we would like to drive the system from the origin to a stationary final regime yf > 0, starting at time t0 and arriving at tf . An appropriate reference trajectory is given by a B´ezier polynomial of degree three, which is defined by 2  3 !  t − t0 t − t0 ? , (16) −2 y (t) = yf 3 ∆T ∆T for t0 ≤ t ≤ tf , y ? (t) ≡ 0 for t < t0 and y ? (t) ≡ yf for t > tf . The transfer time ∆T is given by ∆T = tf − t0 . The nominal control signal u? (t) is given by the differential parametrization of the system, that is u? (t) = y ? (t) − T y˙ ? (t).

(15)

5. FLATNESS-BASED CONTROL AND OFF-LINE TRAJECTORY PLANNING In the theoretical analysis of this section, dealing with flatness-based control and off-line trajectory planning, we neglect the effects of noise. These effects will be included in the subsequent simulations. In the following paragraphs, the flatnessbased off-line trajectory planning of the system is carried out taking into account saturation limitations. Based on this result the closed-loop error dynamics is specified.

5.1 Flatness based offline trajectory planning The instability of the system here entails the necessity of feedback control. Since the cutting of u0 (t) by the saturation function renders the system nonlinear, which is clearly undesired because of instability problems, we require that the nominal control signal, denoted by u? (t), should remain within the interval [−S + , S − ], when the trajectory is planned off-line. Here  denotes a security margin about the saturation limits from

(17)

In order to comply with the saturation limitation, the maximum and minimum values of u? (t), denoted by u?max and u?min are decisive. Moreover, the corresponding time instants, tmax and tmin , are important. Short calculations using Cardano’s formula show that u?max = yf and tmax = tf , while tmin is given by √ ∆T ∆T 2 + 4 tmin = + t0 + 1 − (18) 2 2 and

√ √ 8 + ∆T 3 − 4 ∆T 2 + 4 − ∆T 2 ∆T 2 + 4 umin = yf . 2∆T 3 (19) Since umin → 0 for ∆T → ∞, expression (19) can be used to determine the minimum value for ∆T , denoted by ∆Tmin , such that u? (t) ∈ [−S + , S − ], once yf is fixed.

5.2 Specifying the error dynamics Let e(t) = y(t) − y ? (t) define the tracking error. If we define the control law to be Z t 0 ? u (t) = u (t) + KP · e + KI e(σ)dσ (20) 0

and assume that u0 (t) ∈ [−S, S] is valid, the error dynamics under occurrence of a steplike actuator fault is given by Z Fa KP − 1 KI t e(σ)dσ = − ·σ(t−Ta ) e(t)+ ˙ e(t)+ T T 0 T (21) which after differentiation yields KI Fa KP − 1 e(t) ˙ + · e(t) = − · δ(t − Ta ) . e¨(t) + T T T (22) For a choice of KP > 1, KI > 0 the tracking error will converge to zero asymptotically. Thus the control law (20) ensures asymptotically stable tracking even in the case of unknown steplike actuator faults; of course a known fact. Furthermore, the solution of (22) in the fault free case is important for the later retracking issue. If we
2 P −1 = KTI , it is given by choose K2T     KP − 1 e(t) = e(T0 ) + e(T ˙ 0) + e(T0 ) (t − T0 ) 2T KP − 1 (t − T0 )), × exp(− 2T (23) where T0 > 0 is any instant at which the first initial condition e(T0 ) = y(T0 ) − y ? (T0 ) can be measured, whereas the second initial condition e(T ˙ 0 ) = y(T ˙ 0 ) − y˙ ? (T0 ) has to be computed with the help of the derivative estimation technique explained in Section 3 since y(t) is a noisy measurement signal from which derivatives cannot be obtained directly. The utility of the derivative estimation method is crucial in this respect. Then, still assuming u0 (t) ∈ [−S, S], u0 (t) can be calculated using the control law (20) which permits to verify whether the assumption u0 (t) ∈ [−S, S] was valid or whether the saturation will be hit later under the current system conditions.

u0acc (t) = u? (t) + KP · e + KI

Z

t

e(σ)dσ − fˆa (t).

0

(25) With this policy, the effect of the actuator fault is compensated very fast and in a very direct way. A comparison of control law (20) and (25) is given in Figure 1. It shows how fast the output regains track when the control law is actively accommodated to the fault. The efficiency of the fault estimation is shown in Figure 2 which contains a plot of the actuator fault versus its estimation. The estimation fˆa (t) in (24) was smoothened by a first order low pass filter with time constant equal to 0.1 sec—note the smoothened edge of the fault estimate. The saturation limit was ignored, for it will be dealt with in the next section. Also, the initial condition was set to zero. Measurement noise was chosen to be equally distributed between -0.01 and 0.01. The system time constant was set to T = 1 sec. Figure 3 shows the reference control command u? (t) together with the actual control signals when the accommodation is not applied (u0 (t)) or applied (u0acc (t)), respectively. The offset to u? (t) of the actual control signals clearly corresponds to the amplitude of fa (t). As can be seen in the figure, the accommodating strategy leads to a control signal that actually needs less negative amplitude in order to control the system, which is due to the integrator within the control law and the fact that by the accommodation scheme the tracking error is driven to zero much faster.

The presented control scheme is already robust to small steplike actuator faults. In the next section, we present a fault estimation and control accommodation scheme by means of which the effect of the fault can be reduced much faster, as the subsequent simulations will show. 6. FAULT IDENTIFICATION AND ACCOMMODATION In this chapter, we present how the derivative estimation scheme can be used for identifying the actuator fault. This estimation is then used for an accommodation of the control law to the fault. In fact, from (11) and (12) an estimate fˆa (t) of fa (t) is given by: ˆ˙ fˆa (t) = y(t) − satS (u0 (t)) − T y(t), (24) ˆ˙ where y(t) is the estimate of y(t). ˙ It is now natural to modify the control law (20) so as to accommodate it to the actuator fault:

Fig. 1. Comparison of nominal output trajectory y ? (t), output signal when no accommodation is applied (y(t)), and accommodated output yacc (t).

7. DYNAMIC TRAJECTORY REPLANNING We now introduce the idea of a dynamic replanning of trajectories. This might become desirable whenever the control signal is limited by the saturation block or whenever we can predict that it will be limited by the saturation block in the

Check whether u0 (t) ∈ [−S + , S − ]. If not, modify the trajectory. (3) Fault occurrence at t = Ta . When a fault occurs and Fˆa has been properly estimated after the duration of Test check numerically whether the accommodating control signal uacc , which now has to be calculated with (23), where t0 = Ta +Test and (25), lies within [−S + , S − ]. If this is not the case, modify the trajectory.

Fig. 2. Actuator fault and its estimation.

In principal, the trajectory can be modified in two ways. Firstly, the arrival time tf can be enlarged which will require a smaller negative amplitude of the control signal and should be applied when u0 (t) < −S or uacc (t) < −S for some t > Ta +Test . Secondly, the stationary regime yf can be reduced. The latter leads to a smaller maximum value of the control signal yf , in the stationary case. This adaptation is adequate whenever u0 (t) > S or uacc (t) > S for some t > Ta + Test . Of course, it might as well arise the case that a fault is so large that instability cannot be prevented. For example, if |Fa | > S, then it will not be possible to attain any steady state, since the saturation of u0 (t) leads to |u(t) − Fa | > 0.

Fig. 3. Comparison of nominal control signal u? (t), control signal when no accommodation is applied (u0 (t)), and accommodated control signal u0acc (t). future. Thanks to the flatness property of the system, the evolution of the control signal can be calculated at any moment, under the assumption that the saturation is not hit. It is important to note that the presence of a constant actuator fault Fa to which we would like to accommodate the control law (25) leads to a shift of the nonaccommodating control signal by −Fa . In fact, it is always sufficient to consider control law (25) since we have no knowledge of the presence of a fault. Only in the fault free case Fˆa will be very little. Let Test be the duration that is needed for obtaining a good fault estimate and Tdiff be the duration to get a good estimation of the first derivative with the derivative estimation method. Under the assumption to be fault-free in the initial time interval t ∈ [0, Tdiff ], we propose the following strategy (1) Off-line. Choose y ? (t) such that u? (t) ∈ [−S + , S − ]. (2) t = Tdiff . A good estimate for y˙ is available. Calculate u0 (t) with equations (22) and (20).

Fig. 4. Output signal y(t) after dynamic trajectory adaption for avoiding saturation of control signal. In Figure 4, the extension of the arrival time is demonstrated. This was done in order to accommodate the control law to an actuator fault fa (t) = 0.7σ(t − 1.5 sec), which would have led to a saturation S = 1 hit without accommodation. The effect of postponing the arrival onto the nominal control signal is shown in Figure 5 where it can be seen how the minimum of the nominal control signal grows through adaptation. Measurement noise was set to a maximum amplitude of 0.01. In Figure 6, the stationary regime of the reference trajectory was changed from 0.7 to 0.5 because the actuator fault fa (t) = −0.2σ(t − 2) was injected. In this case, the control signal would have crossed the security margin of 0.1 to the upper saturation

limit, which was assumed to be S = 1 here. The effect on the reference control signal is shown in Figure 7 where it should be noted that the equivalence of u0acc (t) and the original reference trajectory u? (t) in the stationary regime is due to the fact that u0acc (t) is shifted by the amplitude of the actuator fault above its adapted nominal control signal u?adapt (t). Finally, in Figure 8 an example of an unstable output dynamics is shown when no trajectory adaptation is applied. The actuator fault was equal to fa (t) = −0.3σ(t − 2 sec). An adaptation of the stationary value clearly would have preserved the system stability in this case.

Fig. 5. u? (t): original nominal control signal; u?adapt (t): nominal control signal after dynamic trajectory adaptation; u0acc (t): fault accommodating control signal.

Fig. 8. Example of unstable output dynamics (y(t)) when no trajectory adaptation is applied and the free control command u0 (t) hits the saturation.

Fig. 6. Original reference trajectory y ? (t) and output signal y(t), which was tracked to a lower stationary regime.

Fig.

7. u? (t): original nominal control signal; u?adapt (t): nominal control signal after dynamic trajectory adaptation; u0m athrmacc(t): fault accommodating control signal.

8. CONCLUSIONS This presented work shows that new concepts of Fault Tolerant Control can efficiently be based on the concept of differential flatness. Employing an algebraic derivative estimation technique for identifying the actuator fault, it is possible to predict, perhaps for the first time, whether the original reference trajectory can still be tracked under given control saturations. If need be, an online replanning of the reference trajectory is carried out. The diagnosis method proposed in this paper, which dealt with an unstable linear SISO system, may be extended to the nonlinear case with no difficulty. Therefore, nonlinear systems will be in our focus in the future.

REFERENCES M. Fliess, C. Join, M. Mboup, H. Sira-Ram´ırez, 2004, Compression diff´erentielle de transitoires bruit´es, C.R. Acad. Sci. Paris Ser. I, 339, 821-826.

M. Fliess, C. Join, M. Mboup, H. Sira-Ram´ırez, 2005a, Analyse et repr´esentation de signaux transitoires: application ` a la compression, au d´ebruitage et ` a la d´etection de ruptures, Actes Coll. GRETSI, Louvain-la-Neuve. M. Fliess, C. Join, H. Sira-Ram´ırez, 2005, Closedloop fault-tolerant control for uncertain nonlinear systems, in Control and Observer Design for Nonlinear Finite and Infinite Dimensional Systems, T. Meurer, K. Graichen, E.D. Gilles (Eds), Lect. Notes Control Informat. Sci. 322, Springer, Berlin, pp. 217-233. M. Fliess, C. Join, H. Sira-Ram´ırez, 2004, Robust residual generation for linear fault diagnosis: an algebraic setting with examples, Internat. J. Control, 77, 1223-1242. M. Fliess, J. L´evine, P. Martin, P. Rouchon, 1995, Flatness and defect of non-linear systems: introductory theory and examples, Internat. J. Control, 61, 1327 – 1361. P.M. Frank, 1990, Fault diagnosis in dynamic systems using analytical and knowledge-based redundancy a survey and some new results, Automatica, 26, 459-474. J. Chen, R. Patton, 1999, Robust ModelBased Fault Diagnosis for Dynamic Systems, Kluwer, Boston. C. De Persis, A. Isidori, 2001, A geometric approach to nonlinear fault detection and isolation, IEEE Trans. Automatic Control, 46, 853-865. J. Gertler, 1998, Fault Detection and Diagnosis in Engineering Systems, Marcel Dekker, New York. C. Join, 2002, Diagnostic des syst`emes non lin´eaires - Contribution aux m´ethodes de d´ecouplage, Th`ese, Universit´e Henri Poincar´e, Nancy. C. Join, J.-C. Ponsart, D. Sauter, 2003, Diagnostic des syst`emes non lin´eaires - Contribution aux m´ethodes de d´ecouplage, J. Europ. Syst`emes Automatis´es, 37, 1323-1328. H. Jones, 1973, Failure detection in linear systems, PhD thesis, Massachusette Institute of Technologiy. Departement of Aeronautics and Astronautics, Cambridge, MA. V. Kapila and K.M. Grigoriadis, 2002, Actuator Saturation Control, (Eds), Marcel Dekker, Inc., New York (USA). J. Lunze, J. Askari-Marnani, A. Cela, P.M. Frank, A.L. Gehin, T. Marku, L. Rato, M. Staroswiecki, Three-tank control reconfiguration, in Control of Complex Systems, K.J. Astr¨om, D. Blanke, A. Isidori, W. Schaufelberger, R. Sanz (Eds), Springer, Berlin, 2001, pp. 241-283. M. Massoumnia, G. Verghese, A. Willsky, 1989, Failure detection and identification, IEEE Trans. Automatic Control, 34, 316-321.

M. Staroswiecki, G. Comtet-Varga, 2001, Analytic redundancy for fault detection and isolation in algebraic dynamic system, Automatica, 37, 687-699. S. Tarbouriech and G. Garcia, 1997, Control of Uncertain Systems with Bounded Inputs, (Eds), Lect. Notes Control Informat. Sci. 227, Springer, Berlin. D. Theilliol, H. Noura, J.-C. Ponsart, 2002, Fault diagnosis and accommodation of a three-tank system based on analytical redundancy, ISA Transactions, 41. J.E. White, J.L. Speyer, 1987, Detection filters design : spectral theory and algorithms, IEEE Trans. Signal Process., 32, 593-603. A. S. Willsky, 1976, A survey of design methods for failure detection in dynamic systems, Automatica, 12, 601-611.