(615a) An Integrated Fault Diagnosis and Safe-Parking Framework for Fault-Tolerant Control of Nonlinear Process Systems

Automated technologies have significantly improved the product quality and profitability of chemical plant operations in the past few decades. Increased automation, however, also makes the control system more vulnerable to equipment abnormalities, such as actuator (e.g., valves and pumps) and senor (e.g., thermocouples and flow meters) faults. These abnormalities can lead to safety hazards as well as economic losses if they are not properly handled. For example, the U.S. petrochemical industry loses an estimated $20 billion per year due to abnormal situations [1]. This realization has motivated significant research efforts on fault detection and isolation (FDI) and fault-tolerant control (FTC) in academic and industrial communities.

For the problem of FDI, existing results can be divided into data-based [2] and model-based [3, 4, 5] approaches. The model-based approach has been studied extensively for linear systems [6, 7, 8, 9] and nonlinear systems [10, 11, 12, 13]. In this approach, FDI is often achieved by generating residuals through the redundancies in the process model and input/output data. Under fault-free conditions, these residuals are zero, or converge to zero asymptotically. Therefore, a fault is reported when a non-zero residual is generated, or the residual breaches a user-specified threshold. Plant-model mismatches, however, exist ubiquitously in practical situations. Thus, residuals which are sensitive to faults but insensitive to uncertainties are desired.

Unknown input observers are developed in [6] to decouple the effect of disturbances on fault detection for linear systems. A fault detection filter can then be developed to make the residuals directional by using the remaining design freedom. For nonlinear systems, the problem has been studied by using uniform thresholds in [12] (and adaptive thresholds in [13]), where the fault isolation relies on the existence of a state variable which is directly and uniquely affected by the potential fault. From an algebraic viewpoint, one approach is to construct differential polynomial equations through a successive differentiation of the outputs to eliminate state variables (see [5]), which can be used to generate structured residuals for FDI. Furthermore, a geometric approach is explored in [11], where a nonlinear FDI filter is designed to solve the fundamental problem of residual generation. Recently, a feedback control law is designed to decouple the dependencies between certain process state variables to allow fault isolation using the structure of the closed-loop system (e.g., [14]). While there are several results on FDI, relatively less attention has been paid to the problem of fault diagnosis (not only isolating the fault but also estimating its magnitude), in part due to the nature of the fault-tolerant control techniques, described below.

The existing results on handling faults (subsequent to FDI) address the problem of preserving nominal operation in the presence of faults and can be broadly categorized into passive and active approaches. In the passive approach, the key idea is to design robust/reliable feedback controllers by treating faults as disturbances (e.g., [15]). In the active approach, an appropriate backup control configuration is activated without using the failed actuator (e.g., [16]). These methods, however, address the problem of continued nominal operation in the presence of faults, and therefore assume that sufficient control effort is available to preserve operation at the nominal equilibrium point. Furthermore, the reconfiguration-based approach typically assumes that upon fault occurrence, the faulty actuator can be ?removed' from the control loop and the control action is reverted to its ?nominal' value (thereby not requiring the estimation of the fault magnitude). In many practical cases, however, the failed actuator either reverts to a fail-safe position, which is a built-in position for the control actuator to prevent the occurrence of hazardous situations, or simply seizes at an arbitrary position. In these cases, it is possible that the nominal equilibrium point is no longer an equilibrium point in the presence of faults, and the fault-tolerant control approaches of [15, 16] may not remain applicable.

To handle faults that preclude the possibility of nominal operation, a safe-parking framework has recently been proposed for operating an isolated unit under state [17] and output [18] feedback control and in the context of multiple units in series [19]. More recently, it has been generalized to handle faults in switched nonlinear systems under a safe-parking and safe-switching framework [20]. The fundamental idea of safe-parking is to operate the process at an appropriately chosen temporary equilibrium (safe-park) point in the presence of faults, and then drive the process states to the nominal equilibrium point upon fault repair. The safe-parking approaches of [17, 18, 19, 20], however, assume fixed and known fail-safe positions, allowing the off-line design of the safe-parking algorithm, which does not require knowledge of the fault magnitude. The case where the actuator seizes at an arbitrary position due to such reasons as mechanical failures or loss of power requires the presence of a fault detection and diagnosis (FDD) mechanism, and a safe-parking algorithm that accounts for the fact that the actuator does not revert to the fail-safe position, invalidating the safety guarantees in [17, 18, 19, 20].

Motivated by the above considerations, in this work we address the problem of designing an integrated fault diagnosis and safe-parking framework to handle actuator faults in nonlinear process systems. First, we propose a model-based fault diagnosis scheme that can not only identify the failed actuator, but also estimate the fault magnitude. In particular, a fault is isolated by comparing the estimates of the actuator outputs with the prescribed control inputs. Then, the safe-parking framework developed previously (to handle faults that cause the actuators to revert to known fixed values) for fault-tolerant control is extended to handle actuators seizing at arbitrary values. The ability of estimating the output of the faulty actuator allows the off-line design of the safe-parking framework. The on-line estimate of the fault magnitude is used to choose a safe-park point robust with respect to the discrepancy between the value of the failed actuator position and the corresponding design value. The efficacy of the integrated fault diagnosis and safe-parking framework is demonstrated through a chemical reactor example.

References

[1] I. Nimmo. Adequately address abnormal operations. Chem. Eng. Prog., 91:36?45, 1995.

[2] V. Venkatasubramanian, R. Rengaswamy, S. N. Kavuri, and K. Yin. A review of process fault detection and diagnosis Part III: Process history based methods. Comp. Chem. Eng., 27:327?346, 2003.

[3] P. M. Frank. Fault diagnosis in dynamic systems using analytical and knowledge-based redundancy: A survey and some new results. Automatica, 26:459?474, 1990.

[4] V. Venkatasubramanian, R. Rengaswamy, K. Yin, and S. N. Kavuri. A review of process fault detection and diagnosis Part I: Quantitative model-based methods. Comp. Chem. Eng., 27:293?311, 2003.

[5] J. Bokor and Z. Szabo. Fault detection and isolation in nonlinear systems. Annu. Rev. Contr., 33:113?123, 2009.

[6] J. Chen, R. J. Patton, and H.-Y. Zhang. Design of unknown input observers and robust fault detection filters. Int. J. Contr., 63:85?105, 1996.

[7] F. Hamelin and D. Sauter. Robust fault detection in uncertain dynamic systems. Automatica, 36:1747?1754, 2000.

[8] W. Chen and M. Saif. Adaptive actuator fault detection, isolation and accommodation in uncertain systems. Int. J. Contr., 80:45?63, 2007.

[9] S. X. Ding, P. Zhang, A. Naik, E. L. Ding, and B. Huang. Subspace method aided data-driven design of fault detection and isolation systems. J. Proc. Contr., 19:1496?1510, 2009.

[10] M. Staroswiecki and G. Comtet-Varga. Analytical redundancy relations for fault detection and isolation in algebraic dynamic systems. Automatica, 37:687?699, 2001.

[11] C. De Persis and A. Isidori. A geometric approach to nonlinear fault detection and isolation. IEEE Trans. Automat. Contr., 46:853?865, 2001.

[12] P. Mhaskar, C. McFall, A. Gani, P. D. Christofides, and J. F. Davis. Isolation and handling of actuator faults in nonlinear systems. Automatica, 44:53?62, 2008.

[13] X. Zhang, M. M. Polycarpou, and T. Parisini. Fault diagnosis of a class of nonlinear uncertain systems with Lipschitz nonlinearities using adaptive estimation. Automatica, 46:290?299, 2010.

[14] B. J. Ohran, D. Munoz de la Pena, J. F. Davis, and P. D. Christofides. Enhancing data-based fault isolation through nonlinear control. AIChE J., 54:223?241, 2008.

[15] Z. D.Wang, B. Huang, and H. Unbehauen. Robust reliable control for a class of uncertain nonlinear state-delayed systems. Automatica, 35:955?963, 1999.

[16] P. Mhaskar. Robust model predictive control design for fault-tolerant control of process systems. Ind. & Eng. Chem. Res., 45:8565?8574, 2006.

[17] R. Gandhi and P. Mhaskar. Safe-parking of nonlinear process systems. Comp. & Chem. Eng., 32:2113?2122, 2008.

[18] M. Mahmood, R. Gandhi, and P. Mhaskar. Safe-parking of nonlinear process systems: Handling uncertainty and unavailability of measurements. Chem. Eng. Sci., 63:5434?5446, 2008.

[19] R. Gandhi and P. Mhaskar. A safe-parking framework for plant-wide fault-tolerant control. Chem. Eng. Sci., 64:3060?3071, 2009.

[20] M. Du and P. Mhaskar. Uniting safe-parking and reconfiguration-based approaches for fault-tolerant control of switched nonlinear systems. In Proceedings of the 2010 American Control Conference, pages 2829?2834, Baltimore, MD, 2010.