ACTIVE FAULT DIAGNOSIS BY TEMPORARY DESTABILIZATION

ACTIVE FAULT DIAGNOSIS BY TEMPORARY DESTABILIZATION Jakob Stoustrup ∗ Henrik Niemann ∗∗

∗

Dept. of Control Engineering, Aalborg University, Fr. Bajers Vej 7C, DK-9220 Aalborg, Denmark, E-mail: [email protected],

∼jakob

URL: http://www.control.aau.dk/

∗∗

•

Ørsted DTU, Automation, Technical University of

Denmark, Building 326, DK-2800 Kgs. Lyngby, Denmark, E-mail: [email protected]

Abstract: An active fault diagnosis method for parametric or multiplicative faults is proposed. The method periodically adds a term to the controller that for a short period of time renders the system unstable if a fault has occurred, which facilitates c 2006 IFAC rapid fault detection. An illustrative example is given. Copyright Keywords: Active Fault Detection; Parametric Faults; Fault Destabilization

1. INTRODUCTION It can be argued that model based fault detection is a much harder task than model based control. A well-designed feedback control system has inherent robustness properties in the sense that it works well in the face of moderate disturbances, noise, and model uncertainties. In contrast, it is very dicult to insensitize a fault diagnosis system to any of these. In particular, if the detection approach is based on a 'passive' approach, i.e. only by logging the unmodied inputs and outputs, the challenge is somewhat analogous to doing system identication without test signals, or designing adaptive controllers for systems without persistent excitation. To that end, recently there has been signicant attention to so-called active fault diagnosis methods, see e.g. (Campbell et al., 2002; Campbell and Nikoukhah, 2004; Niemann, 2006; Niemann and Poulsen, 2005; Nikoukhah, 1998; Nikoukhah et al., 2000) and reference therein. In the active fault diagnosis methods, it is assumed to be admissible to superimpose the control input with a dedicated

fault diagnosis signal, which is designed to excite the faults in such a way that they become better discernible at the output. An even more radical approach is suggested in this paper. Rather than just adding a signal to the control input, an additional term is added to the controller, intended to destabilize the system temporarily in presence of a parametric fault. The rationale for this is that if the system becomes unstable, this will be apparent very quickly, no matter how much noise is present. Once the instability, and hence the fault has been detected, of course the destabilizing controller part will be removed at once. Destabilizing the system is inadmissible for many systems. Examples of systems where the method could be applied is e.g. to discover short-circuits in electrical motors, where it might be admissible to let the magnetizing currents increase shortly; a blocked air passage in a super market refrigeration system, where it could be admissible to let the air temperature drop or increase for a few minutes; or a clogging in a fermentation process, where a mass-ow can be allowed to change for some while. 563

Another approach is to apply the method as an o-line fault diagnosis approach. It will in many cases be possible to do a fault diagnosis on the system when it is out of work. This can e.g. be in connection with service of the system. It will then be possible to do the fault diagnosis in a controlled environment. In some cases, it will possible to place the system in a test bench. It is clear that this o-line approach can only be applied on systems with slowly varying parametric faults. The rest of this paper is organized as follows. A problem formulation is given in Section 2. Section 3 include some preliminary results with respect to the YJBK parameterization. The main results are given in Section 4 and an illustrative example is given in Section 5. The paper is closed with a conclusion in Section 6.

2. PROBLEM FORMULATION Consider the following state space description of a generalized 2 × 2 system, ( e = Ged d + Geu u Σ : (1) y = Gyd d + Gyu u where d ∈ Rr is a disturbance signal vector, u ∈ Rm the control input signal vector, e ∈ Rq is the external output signal vector to be controlled, and y ∈ Rp is the measurement vector. Further, let the system be controlled by a stabilizing feedback controller given by: (2)

u = K(s)y

In the cases where we want to detect, isolate and/or estimate parameter changes in the system, the faulty system can be described by:  z = Gzw w + Gzd d + Gzu u    e = Gew w + Ged d + Geu u Σf : (3)    y=G w+G d+G u yw

yd

yu

where w ∈ Rkw and z ∈ Rkz are the external input and output vectors. The connection between the external output and the external input is given by w = ∆z (4) where ∆ represent the multiplicative or parametric faults in the system. The problem of this paper is to devise a method, which can discriminate a nonzero ∆ as in (4) from the nominal situation, ∆ ≡ 0, possibly by modifying the controller K(s).

3. PRELIMINARIES: THE YJBK PARAMETERIZATION The method proposed in this paper is based on the primary and dual YJBK (after Youla, Jabr, Bongiorno and Kucera) parameterizations (see e.g. (Tay et al., 1997; Zhou et al., 1995)), which will be introduced shortly in this section. Let a coprime factorization of the system Gyu (s) from (1) and a stabilizing controller K(s) from (2) be given by: ˜ −1 N ˜u , Gyu = Nu M −1 = M −1 −1 ˜, K = UV = V˜ U

(5)

˜u , M ˜ , U, V, U, ˜ V˜ ∈ RH∞ Nu , M, N

where the eight matrices in (5) must satisfy the double Bezout equation given by:      ˜ I 0 V˜ −U M U = ˜u M ˜ 0 I Nu V −N (6)    ˜ M U V˜ −U = ˜u M ˜ Nu V −N

Explicit formulae for these eight transfer matrices can be found e.g. in (Zhou et al., 1995). Based on the above coprime factorization of the system Gyu (s) and the controller K(s), we can give a parameterization of all controllers that stabilize the system in terms of a stable parameter Q(s), i.e. all stabilizing controllers are given by (Tay et al., 1997): KQ = U (Q)V (Q)−1

(7)

where U (Q) = U + M Q, V (Q) = V + Nu Q, Q ∈ RH∞

or by using a left factored form: ˜ (Q) KQ = V˜ (Q)−1 U

(8)

where ˜ (Q) = U ˜ + QM ˜ , V˜ (Q) = V˜ + QN ˜u , Q ∈ RH∞ U

Using the Bezout equation, the controller given either by (7) or by (8) can be realized as a linear fractional transformation (LFT) in the parameter Q, KQ = Fl (JK , Q) (9) where JK is given by   V˜ −1 U V −1 JK = V −1 −V −1 Nu

(10)

Reorganizing the controller KQ given by (9) results in the closed loop system depicted in Figure 1. Similarly, all plants stabilized by a given controller can be described by the so-called dual YJBK 564

Sf (s) = (Gf (s)M (s) − N (s)) (V (s) − Gf (s)U (s)) d

Gyd Gyu

u

V˜ −1

+

(13) −1   ˜ (s)Gf (s) ˜ (s)Gf (s) − N ˜ (s) = V˜ (s) − U M

y






+

Let a nominal system Gyu (s) and a nominal controller K(s) with factorizations as in (5) be given. Assume that Gf is given by the parameter Sf as (11), and KQ is given by the parameter Q as (7) or (8). The closed loop system formed by Gf and KQ is stable if and only if:

Lemma 1.

Q r˜ -

+

˜ M

Fig. 1. Controller structure with parameterization

˜ U

-

+

V˜

The method proposed below relies on the following result: Let K(s) be a controller for a given plant, which internally stabilizes both the nominal model G(s) and also the model Gf (s) 6= G(s) for a faulty situation. Then there exists a modication KQ of the controller such that: Theorem 1.

+ ˜ M

y

+

K(s)

(1) K internally stabilizes G (2) Q internally stabilizes Sf

4. MAIN RESULTS

Sf (∆)

−1

(14)

We shall use the following result in the sequel (see e.g. (Tay et al., 1997)):

˜ U

˜d d r = QN

˜u N

−1

˜u N

(1) KQ internally stabilizes G (2) KQ does not internally stabilize Gf

u

Fig. 2. Plant structure with parameterization parameterization. Indeed, all plants stabilized by a controller K(s) can be described by: Gf = (N (s) + V (s)Sf (s)) (M (s) + U (s)Sf (s))−1 (11)  −1   ˜ (s) + Sf (s)U ˜ (s) ˜ (s) + Sf (s)V˜ (s) = M N

(12)

˜, M ˜ , U, ˜ V˜ are as described where N, M, U, V and N in (5) and (6), and Sf (s) is a stable, proper, rational transfer matrix. This structure is depicted in Figure 2.

For any parametric fault, there exists a unique dual YJBK parameter, (Niemann, 2003). In Table 1, Sf has been calculated for a number of dierent types of parametric or multiplicative faults. An explicit formula for Sf is:

Proof : Since K stabilizes Gf , Gf can be written in the form (11) with a dual YJBK parameter Sf . Introducing also a primary YJBK parameter Q in the controller KQ as in (7) or (8), stability of the closed loop between Gf and KQ is equivalent to stability of a closed loop interconnection between Sf and Q.

By a standard root locus argument, it is always possible to choose a stable of value of Q such that Q itself is stable, and such that Q renders Sf unstable. This can be done by introducing a number of right half plane zeros in Q and increasing the gain of Q until the poles of the closed loop crosses the imaginary axis on their way to the RHP zeros. With this construction, KQ renders G stable since Q is stable, and it renders Gf unstable, since the feedback interconnection of Q and Sf is unstable.

Based on this result, the fault diagnosis algorithm can now be formulated. 565

Fault description,

Gyu (∆)

The dual YJBK parameter,

Sf (∆)

Gyu (∆) = (I + ∆)Gyu

˜ ∆(I − N U ˜ ∆)−1 N Sf (∆) = M

Gyu (∆) = Gyu (I + ∆)

˜ ∆(I − U N ˜ ∆)−1 M Sf (∆) = N

Gyu (∆) = Gyu + ∆

˜ ∆(I − U M ˜ ∆)−1 M Sf (∆) = M

Gyu (∆) = Gyu (I + ∆)−1

˜ ∆(I + M V˜ ∆)−1 M Sf (∆) = −N

Gyu (∆) = (I + ∆)−1 Gyu

˜ ˜ ∆)−1 N Sf (∆) = −M∆(I +VM

Gyu (∆) = Gyu (I + ∆Gyu )−1

˜ ∆(I + N V˜ ∆)−1 N Sf (∆) = −N

Gyu (∆) = (N + ∆N )(M + ∆M )−1

˜ M ˜ Sf (∆) = −N

˜ + ∆ ˜ )−1 (N ˜ + ∆ ˜) Gyu (∆) = (M M N

Sf (∆) =




∆   M ∆N



M I + (V −U ) ∆ ∆N

 −1

U I + ( ∆M ˜ ∆N ˜) V

−1



M ( ∆M ˜ ∆N ˜ ) −N



Table 1. The connection between dierent system parametric or multiplicative faults in terms of ∆ and the dual YJBK parameter Sf . . Let a system with nominal model G(s) and faulty model Gf (s) be given, and let a controller K(s) that stabilizes both be given.

Algorithm 1

Step 1. Compute Sf , e.g. by using (13) Step 2. Find Q as any stable transfer function

that destabilizes Sf (see e.g. the constructive proof of Theorem 1) Step 3. Compute KQ by (7) or (8) Step 4. Switch periodically between K and KQ as frequently as required (see below) Step 5. Detect if unstable trajectories are found during the duty cycle of KQ

Note, that it is assumed that K stabilizes also the faulty system. The reason for this is that otherwise there would be no reason to destabilize the system by another controller! The phrase 'as often as required' in Step 4 should be taken to mean the following: (1) the switching period should be determined as a trade-o between the cost of postponing the detection of the fault and the cost of running the non-nominal controller KQ (2) the duty cycle of the switch to KQ should be determined by the noise level, i.e. how long an unstable transient is need to detect the fault with sucient certainty The switching controller approach has been applied in (Stoustrup and Niemann, 2004) in connection with fault tolerant control. Here, it has been shown that it is possible to stabilize a faulty system by switching between a number of controllers. Allow that some of the single controllers will destabilize the closed loop system, it is possible to get a stable closed loop system by switching between the controllers.

This is only admissible, if some detuning of the controller can be allowed permanently. Fault isolation is also possible by using a number of Q's, where every single is designed with respect to a single fault. 5. EXAMPLE We consider a system with the transfer function: 1 1 = G(s) = s+p s+1 with the parameter p has the nominal value p = 1. A parametric fault is considered, which increases the parameter by 10% when it occurs, i.e. 1 1 = Gf (s) = s + pf s + 1.1 For this system, a nominal controller is considered, which assigns poles in {−2, −3}. With a positive feedback convention, such a controller has a transfer function given by: 2 K(s) = − s+4 Figure 3 shows a simulation with this controller, where above mentioned fault occurs at t = 27 sec. The system is driven by a reference of 1 and Gaussian noise with σ = 0.1. The occurence of the fault is hardly discernible. A doubly coprime factorization of the plant and the given controller is: G(s) = N (s)M −1 (s) ,

K(s) = U (s)V −1 (s) ,

where N (s) =

As an alternative KQ can be run all the time, replacing K (please, see the example of Section 5).

1 , s+2

M (s) =

U (s) = −

566

s+1 , s+2

2 , s+2

V (s) =

s+4 s+2

KQ (s)

3.5

−1

= (U (s) + M (s)Q(s)) (V (s) + N (s)Q(s)) 254.5s + 257 =− 2 s + 9.8s − 236.4

3

System output

2.5

2

1.5

1

0.5

0 0

5

10

15 t [sec]

20

30

25

A simulation with the Q parameter switched in permanently, i.e. both through the nominal and the faulty situation is shown in Figure 4. The system remains stable, whenever the system assumes it nominal value, but turns unstable immediately, when the fault occurs, which can be detected very rapidly. The inputs for the simulation in Figure 4 were the same as in the simulation shown in Figure 3.

Fig. 3. Simulation of system with nominal controller. The fault occurence is indicated with the vertical line.

A method has been proposed for active detection of parametric faults. The method requires that it is admissible to render the system unstable for a short period of time.

3.5

3

System output

2.5

2

1.5

1

0.5

0 0

6. CONCLUSIONS

5

10

15 t [sec]

20

30

25

Fig. 4. Simulation of system with fault destabilizing controller. The fault occurence is indicated with the vertical line. The Sf (s) parameter of the dual YJBK parameterization for the faulty model can now be found as: Sf (s) −1

= (Gf (s)M (s) − N (s)) (V (s) − Gf (s)U (s)) 0.1 =− 2 s + 5.1s + 6.4

A primary YJBK parameter Q(s) which assigns poles of the closed loop between Sf (s) and Q(s) in {0.1 , −6 , −5 , −3} is given by: 252.5s + 750.5 Q(s) = − 2 s + 8.8s + 10.32 Thus, this Q(s) is indeed a stable transfer function that destabilizes the Q − Sf loop. The fault can now be diagnosed by switching in this Q(s) in the structure shown in Figure 1. During the diagnosis period, the resulting controller becomes:

The method can be implemented both as a periodic switching between a nominal and an active fault diagnosing controller. Alternatively, the method can be implemented as a permanent modication of the controller. The advantage of the former method is that the detuning of the controller only take place in short time intervals. The advantage of the latter method is that it facilitates very rapid fault detection.

REFERENCES Campbell, S.L. and R. Nikoukhah (2004).

Aux-

. Princeton University Press. Princeton, NJ, USA. Campbell, S.L., K.G. Horton and R. Nikoukhah (2002). Auxiliary signal design for rapid multi-model identication using optimization. Automatica 38, 13131325. Niemann, H.H. (2003). Dual Youla parameterization. IEE Proceedings - Control Theory and Applications 150(5), 493497. Niemann, H.H. (2006). A setup for active fault diagnosis. IEEE Transactions on Automatic Control pp. 000000. to appear. Niemann, H.H. and N.K. Poulsen (2005). Active fault diagnosis in closed-loop systems. In: Proceedings of the IFAC World Congress. Prague, Czech Republic. Nikoukhah, R. (1998). Guaranteed active failure detection and isolation for linear dynamical systems. Automatica 34(11), 13451358. Nikoukhah, R., S.L. Campbell and F. Delebecque (2000). Detection signal design for failure detection: a robust approach. International iliary

567

signal

design

for

failure

detection

Journal of Adaptive Control and Signal Processing 14, 701724. Stoustrup, J. and H.H. Niemann (2004). Fault tolerant control for unstable systems: A linear time varying approach. In: Proceedings of the American Control Conference. Boston, MA, USA. pp. 17941799. Tay, T.T., I.M.Y. Mareels and J.B. Moore (1997). High performance control. Birkhäuser. Zhou, K., J.C. Doyle and K. Glover (1995). Robust and optimal control. Prentice Hall.

568