Joint feedback control and fault diagnosis disambiguation

This paper proposes a model-based diagnosis approach to detect and isolate intermittent faults in complex systems that operate under feedback control. The feedback control attempts to compensate for model uncertainties and deviations from nominal behavior, but these uncertainties are crucial for accurate fault diagnosis. We focus on faults that are observable only in a particular region of the state space, which is rarely reached in nominal behavior. To address this, we present an approach that considers both control requirements and diagnosis uncertainty in an optimization problem similar to model-predictive control. We compute perturbations on control signals that forces the system to reach states where faults are detectable. We apply our approach to a quadrotor system under motion feedback control, demonstrating the effectiveness of our method. Our approach has the potential to improve the resilience of complex systems by quickly detecting and recovering from disruptive events.


INTRODUCTION
The resilience of complex systems depends on the ability to quickly detect, respond to, and recover from disruptive events, such as faults.Therefore, developing effective fault diagnosis algorithms for systems under feedback control is crucial.However, diagnosing faults in such systems can be challenging, particularly when dealing with intermittent faults that are difficult to accurately diagnose due to feedback control actions.In this paper, we propose an approach that addresses this issue by applying diagnosis algorithms to a system under feedback control to detect and isolate faults while satisfying control-related requirements.
The control and diagnosis algorithms operate on opposing sides of the system.Feedback control aims to eliminate deviations from nominal behavior by compensating for model Ion Matei et al.This is an open-access article distributed under the terms of the Creative Commons Attribution 3.0 United States License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
uncertainties.However, these uncertainties are at the core of accurate diagnosis as they indicate the presence of faults.Therefore, we focus on diagnosing faults that are observable only when the system is in a particular region of the state space, which is rarely reached in nominal behavior.To achieve this, we utilize a model-based diagnosis (MBD) approach, which has a long history in the artificial intelligence (de Kleer, Mackworth, & Reiter, 1992) and control fields (Gertler, 1998), (Isermann, 2005), (Patton, Frank, & Clark, 2000).Traditional MBD approaches in the control community include filters such as Kalman (Kalman, 1960) and particle filters (Gordon, Salmond, & Smith, 1993;Arulampalam, Maskell, & Gordon, 2002)) or optimization-based techniques that estimate parameters whose deviation from nominal values indicate the presence of a fault.
We introduced in (Matei, Zhenirovskyy, de Kleer, & Goebel, 2022) an approach to improving diagnostic certainty by generating control inputs to disambiguate faults in a fuel system.However, that approach did not consider control objectives and focused solely on diagnosis.In this paper, we take a step further by considering a system under feedback control and aim to determine small changes applied to the control signals generated by control algorithms that achieve two objectives: (i) keeping the system in a desired region of the state space and (ii) reducing diagnosis uncertainty.Our approach is similar to model-predictive control (MPC) (Garcia, Prett, & Morari, 1989), which solves an optimization problem to determine control inputs over a time horizon.In our case, the objective function in the MPC algorithm is geared towards minimizing diagnosis uncertainty while control requirements are implemented through optimization constraints.The uncertainty minimization objective is defined in terms of similarity functions among observations corresponding to the ambiguous fault modes.By minimizing the similarity among these observations, we reduce the information theoretic entropy function applied to a random variable defining the fault mode, thus we reduce the uncertainty.
To showcase our method, we applied it to a quadrotor sys-tem, which is controlled by a PD cascade feedback control scheme.The quadrotor system is nonlinear, and nominal control inputs must be changed carefully due to safety constraints.
Notations: We use bold letters to denote vectors.To represent discrete time dependency, we use the notation x(t k ) = x k , for time instants t k .A sequence of variables over time, i.e., a time series, {x k } K k=0 is denoted by x 0:K .We denote the probability distribution function (p.d.f.) of a random variable X by f X (x).We represent the conditional p.d.f. of X|Y by f X|Y (x|y).When there is no loss of clarity, we omit the subscript notation of f X|Y (x|y), that is, we will use f (x|y).We denote by N (µ, Σ) the multivariate Gaussian distribution with mean µ and covariance matrix Σ.
Paper structure: In Section 2, we present the system model and introduce the diagnosis problem.In Section 3, we describe an optimization-based approach for diagnosing faults that estimates fault parameters using the system model.In Section 4, we discuss our approach for disambiguating diagnoses using an optimal control approach, followed by showcasing the application of our approach on a quadrotor system that has intermittent faults in its rotors.

PROBLEM STATEMENT
The scope of our analysis is to investigate parametric faults, where each fault mode is characterized by a scalar parameter.We define a set of fault parameters F = {f 1 , f 2 , . . ., f N }, where N is an integer number.Under normal operating conditions, each fault parameter f i has a nominal value fi , and the parameter vectors are assumed to remain close to these nominal values.
To diagnose the health of the system, we use MBD.Our approach involves analyzing a closed-loop system consisting of a nonlinear model of the system and a controller that computes the inputs to the system.More precisely, the system can be represented as follows: where x, u, p, and y represent the state, input, fault parameter, and output vectors, respectively.We assume that the control inputs are generated by a map C, which utilizes the output measurements to guide the system towards a final state x f .The output measurements are affected by independent and identically distributed (i.i.d.) additive noise, which we denote by v.We assume that this noise follows a Gaussian distribution, with a zero mean and a covariance matrix of Σ v .
We define a set of fault parameters F = {f 1 , f 2 , . . ., f N }, where N is an integer number.We assume that each fault pa-rameter f i has a nominal value fi , and in normal conditions, the parameter vectors remain close to these nominal values.
We use the single fault scenario, i.e., no two faults became active at the same time.The fault event is defined by where ε i is a positive scalar.
The scalar ε i depends on the measurement noise and the sensitivity of the behavior of the system to changes in parameter p i .The fault magnitude is determined by estimating the value of the system parameter p i .Given a sequence of input and output measurements over the time horizon τ , the diagnosis problem consists of computing the conditional probability P(|p i − pi | > ε i |y 0:τ , u 0:τ ), for all i together with the estimation of the parameter p i .An ambiguous diagnosis appears when there exist a least two faults i and j so that meaning that their probability is roughly the same, impeding a clear decision on what fault is the root cause of the observed anomalous behavior.
To illustrate our approach to fault detection and disambiguation, we consider a quadrotor system model (Bouabdallah & Siegwart, 2007), whose state variables are the positions and angles, and the linear and angular velocities.The model was derived by considering various physical effects such as rolling, pitching and yawing moments, and rotor dynamics.We assume that the perturbations from hover flight are small.Thus, the transformation matrix between the rate of change of the orientation angles ( φ, θ, ψ) and the body angular velocities can be considered as unity matrix.The state space representation is given by where ϕ, θ and ψ are the pitch, roll and yaw angles, and the tuple x, y, z is the position of the quadrotor in the 3-d space.The variables u x and u y are expressed as functions of the angles, i.e., u x = cos ϕ sin θ cos ψ + sin ϕ sin ψ, and u y = cos ϕ sin θ sin ψ − sin ϕ cos ψ The inputs to the system are linear combinations of the (scaled) angular velocities generated by the rotors: In controlling quadrotors, the typical approach involves three cascading stages: altitude, position, and attitude control.
To simplify the process, we utilize PD-based control strategies.However, for those interested in PID-based control schemes, we refer readers to (Bouabdallah & Siegwart, 2007).Given a set of desired linear position and velocities (x r , y r , z r , ẋr , ẏr , żr ), a PD controller for setting the quadrotor at altitude z r is where z e = z − z r , and k l 3 , d l 3 being the proportional and derivative coefficients of the controller.The motion in the (x, y) plan is determined by changing the angles of the quadrotor.For example, first we use PD controllers to compute quantities used to set the angles: where x e = x − x r , y e = y − y r .These quantities are used to set the pitch and roll reference angles: φr = α x sin(ψ) − α y cos(ψ), θr = α x cos(ψ) − α y sin(ψ).The last step is to determine inputs for tracking the reference angles: with ϕ e = ϕ − φr , θ e = θ − θr and ψ e = ψ − ψ r , where ψ r is the yaw reference angle.We tuned the parameters of the controller so that the quadrotor is able to reach a hovering position (0,0,2) from an initial hovering position of (1,1,0) in less than 2 seconds.We assume that in the nominal case, the angular velocities of the rotors are upper bounded, i.e., Ω i ≤ Ω 2 max , where Ω max = 1000rad/s.As such, the control inputs U i are bounded as follows: max .The numerical, model parameters are given by L=0.3 m, r=0.1 m, m=1.2 kg, and g=9.81 m s 2 .In addition, we have the following parameter definitions: and b = 2.5 × 10 −5 .The controller parameters are given by k 1 displays the 3D trajectory of the quadrotor while un-Table 1. Controller parameters der feedback control.The task involved moving the quadrotor from its initial hovering position of (1,1,0) to the final hovering position of (0,0,2).
To model intermittent faults in the rotors, we assume that the maximum velocity the rotor can generate decreases, and is expressed by Ω i ≤ p i Ω 2 max , where p i ∈ [0, 1] represents the fault parameters we aim to estimate.Under nominal conditions, the fault parameters have a value of 1.Previous research has studied various types of rotor faults; for instance, (Guzmán-Rabasa et al., 2019) considers additive rotor faults, while (Avram, 2016) assumes multiplicative rotor fault models.
Our focus on intermittent rotor faults is due to their challenging nature: these faults only become noticeable when the rotors need to operate at their maximum angular velocity, making them harder to detect and isolate.It is worth noting that reaching the upper limit of maximum velocities may not be necessary, depending on the mission requirements for the quadrotor.

MODEL-BASED DIAGNOSIS
To test the effects of the nominal and perturbed control signals on diagnosis, we utilize an optimization-based approach to estimate the fault parameters.The optimization problem takes a time series of output measurements (e.g., position, angles, and linear and angular velocities) over a time horizon τ , denoted as y 0:τ , and estimates a fault parameter for a single fault scenario.The formal description of the optimization problem is given by where y k are the measurements at times t k and ŷi k are the predicted outputs when the system is in fault mode i.To generate estimates of the fault parameters pj for j ̸ = i, we solve such optimization problems for each fault mode.To determine which fault is active, we compute empirical probabilities using the formula: Here, ŷi k is obtained by simulating the model for a 5 seconds time interval, with the fault parameter pi while setting the remaining fault parameters to their nominal values.These empirical probabilities serve as proxies for the conditional probability density functions, given by: The proxies become the probability density function f (p i |y 0:τ ) when the prior distributions of the fault parameters are uniform.
We do not emphasize the choice of diagnosis algorithms since our focus is on the content of the output measurements that lead to a diagnosis.Filtering-based methods such as particle filters (Arulampalam et al., 2002) or various versions of the Kalman filter (McElhoe, 1966;Julier & Uhlmann, 1997), where the fault parameters are transformed into state variables, are appropriate for estimating the fault parameters.Qualitative diagnosis algorithms, such as analytical redundant relations (ARRs) (Staroswiecki, 2000;Staroswiecki & Comtet-Varga, 2001), can also be used, although they have to be coupled with fault magnitude estimation algorithms.These have the advantage that they do not require fault models, but they typically need more sensors to generate an unambiguous diagnosis solution.We speed up the diagnosis algorithm, by solving the optimization problems corresponding each fault hypothesis using parallel processes.
To show what a diagnosis algorithm would produce when using nominal control inputs, only we created a scenario where we sequentially injected faults to each of the four rotors.We considered a 60% loss of maximum squared angular velocity and perfect measurements.The output data is based on moving the quadrotor from an initial position of (1,1,0) to a final position of (0,0,2).Figure 2 shows the trajectories for the state variables and the control inputs when the first rotor is faulty.The diagnosis results are presented in Table 2.It can be observed that under all fault scenarios, the diagnosis is inaccurate and ambiguous when the trajectories are generated by the nominal controller.This is due to the insufficient exertion of the controller, which fails to push the system to the regime where the maximum velocity limitation becomes evident and observable.Using a PID controller instead of a PD controller would not help either, since the actuation degradation cannot be supplemented by the integral term of the controller.

FAULT DISAMBIGUATION
In this section, we present our methodology for designing perturbations on control inputs that lead to unambiguous diagnostic solutions.Specifically, we first formulate an optimal control problem to compute these perturbations.Then, we apply this formulation to the use case of a quadrotor.

Control perturbation design
Our goal is to design controller input perturbations that generate output measurements with sufficient information for accurate fault diagnosis.To achieve this, we formulate an optimal control problem that, when applied to a set of ambiguous fault modes, determines a set of input perturbations capable of producing output measurements that are as dissimilar as possible.
To measure the similarity between two output measurement vectors, we define a similarity metric.Let i be the index of a fault mode, p i be the fault parameters that describe this mode, and y i (k) represent the outputs measured in this fault mode at time t k .The similarity between the outputs of the system in two fault modes i and j is defined as s The cumulated similarity among outputs in all fault modes is given by S = i>j s i,j .To reduce the variance between similarities when designing the input perturbations, we introduce the quantity D = i,j̸ =l,m |s i,j − s l,m | as a regularization function.Our objective is to minimize S + λD, where λ is a regularization parameter.When designing the perturbations, we ensure that they do not adversely affect the system's mission.For instance, if the objective is to reach a final position, we impose this constraint when learning the perturbations.The fault parameters p i impose constraints on the values that the control input can take under fault mode i, constraints which  we denote by U i .We also add state constraints to ensure that the system remains within a safe set of states, denoted by X .
With these definitions, we can formulate the optimal control problem that computes the disambiguating input perturbations: where i is the fault index, u i is the vector of controls generated by the PD controllers when the quadrotor is in fault mode i.
The perturbation vector δu = [δu 1 , δu 2 , δu 3 , δu 4 ] must be valid for all fault modes and, therefore, its values must satisfy the constraint u i + δu ∈ U i for all i.To account for multiple fault modes, we create duplicates of the system model, and the complexity of the optimization problem increases as the number of fault modes considered jointly increases.Although CasADi (J. A. E. Andersson, Gillis, Horn, Rawlings, & Diehl, 2019) is a valid option for solving the optimization problem, we have chosen to use a gradient-free optimization algorithm and a Function Mockup Unit (FMU) (Blochwitz et al., 2011) representation of the closed-loop system.We simulate the FMU with the control perturbations as inputs and instanti-ate it with the set of fault parameters p i to generate various fault modes.Gradient-free algorithms enables us to use nondifferentiable operators such as min or max, to impose constraints on the input and state vector.The FMU simulations were done using the pyfmi Python package (C.Andersson, Akesson, & Fuhrer, 2016), and the numerical optimizations were executed using Powell algorithm from Python scipy's optimization package.
We model the input perturbations as a piecewise linear function with a hyperparameter that controls the number of change points over the time horizon, allowing us to manage the number of optimization parameters.
To enforce safety state constraints and final state constraints, we add terms to the cost function.For example, the term where µ is a large positive scalar, dist is a distance operator, and ε is a small positive scalar, enforces the necessary constraints.The resulting input perturbations can be used to diagnose the system before executing a mission.However, if too many fault modes are considered at once, learning the control input perturbations may fail since we over-constrain the perturbations.Therefore, a better approach is to limit the number of jointly considered fault modes, learn perturbations for groups of joint fault modes, and apply them sequentially for each such groups.

Results for the quadrotor use case
In Section 3, we showed that the diagnosis algorithm under nominal control fails to produce the correct diagnosis in a single fault scenario where all fault modes have the same magnitude.Therefore, at a minimum we can determine disambiguation input perturbation for rotor faults with the same fault magnitude.We discretize the fault magnitude domain [0, 1] and generate perturbation inputs for each discrete fault magnitude.We specifically generate perturbations for the fault magnitudes 0.4, 0.5, 0.6, 0.7, 0.8, 0.9, and for each of these values, we consider 4 fault modes that correspond to a loss in the maximum angular velocity that each rotor can achieve.
Let p represent the fault magnitude, and let p 1 = (p, 1, 1, 1), p 2 = (1, p, 1, 1), p 3 = (1, 1, p, 1), and p 4 = (1, 1, 1, p) be the fault parameters used to instantiate the system model.Each vector of fault parameters induces a constraint set for the inputs.For instance, for p 1 , the control inputs must sat- max .Similar inequalities can be determined by the remaining fault parameter vectors.The quadrotor mission is to move from a hovering initial position (1,1,0) to a hovering final position (0,0,2) in under 4 seconds.Here, hovering implies that the angles, linear and angular velocities are zero.The state safe set is defined by the cylinder (x − 1) 2 + (y − 1) 2 ≤ 4 and 0 ≤ z ≤ 3. We limit the number of change points for the perturbations δu i to 20 points, resulting in a total of 4 × 20 optimization variables.
We present the results of the optimization for two cases: p = 0.4 and p = 0.9.Figures 3, 4, 5, and 6 show the perturbation inputs and simulated outputs under the four fault modes for the two considered fault magnitudes.It is evident that for p = 0.4, the differences in outputs for the four fault modes are distinct, whereas this is not the case for p = 0.9.This is expected since the effects of the fault modes at this fault magnitude level are not significant.Moreover, the main differences are in the x, y positions and angles, while the z direction remains unaffected across all fault modes.It is important to recall that U 1 controls the altitude z and is upper-bounded by b(p + 3)Ω 2 max , while U 2 and U 3 are upper-bounded by bpΩ 2 max , but not simultaneously.These two inputs control the angles and thus the position in the x, y plane.Consequently, U 2 and U 3 are much more sensitive to the fault effects.

CONCLUSIONS
This paper addresses the challenge of ambiguous fault diagnosis in the presence of intermittent faults where sensor measurements do not provide sufficient information to compute fault probabilities with high certainty.Specifically, we focused on the problem of actuator faults and proposed an optimal control approach to disambiguate diagnosis solutions.We considered systems under feedback control and designed perturbations on the control inputs generated by the feedback control loop to reduce the similarity between measurements in ambiguous fault modes.To increase simulation efficiency, we used gradient-free algorithms with functional mock-up units (FMUs) as computational model representations.We ensured that the optimization formulation did not affect the primary control objective and that the system remained in a safe set of states.To control the complexity of the optimization problem, we limited the number of change points of the perturbations.Our approach was demonstrated on a quadrotor example, and we showed that by using disambiguation perturbations together with control inputs generated by the motion control algorithm, we could isolate faults with high probability and accurately estimate their magnitude.These results demonstrate the effectiveness and applicability of our approach for addressing ambiguous fault diagnosis in practical systems.

Figure 2 .
Figure 2. Trajectories of the state variables and the control inputs for p 1 =0.4,and p 2 = p 3 = p 4 = 1.

Figure 4 .
Figure 4. Simulated outputs under single fault rotor scenarios under the effect of the input perturbations for fault magnitude p = 0.4.

Figure 7 .
Figure 7. Quadrotor trajectory trace when rotor 1 loses 60% of the maximum velocity it can develop: the effects of the perturbation inputs.

Table 2 .
Diagnosis results under nominal control