Analysis and Control for Resilience of Discrete Event Systems

This paper presents an ontological framework that permits formal representations of process control systems, including elements of the process being controlled and the control system itself. A fault diagnosis algorithm based on the ontological model is also presented. The algorithm can identify traditional process elements as well as control system elements (e.g., IP network and SCADA protocol) as fault sources. When these elements are identified as a likely fault source, the possibility exists that the process fault is induced by a cyber intrusion. A laboratory-scale distillation column is used to illustrate the model and the algorithm. Coupled with a well-defined statistical process model, this fault diagnosis approach provides cyber security enhanced fault diagnosis information to plant operators and can help identify that a cyber attack is underway before a major process failure is experienced.KeywordsProcess control systemssecurityconceptual modelingontology

This chapter deals with the fault diagnosis issues for a Gas Turbine, GT, of a Combined Cycle Power Plant, CCPP, considering diverse fault scenarios. The essential and more critical component in the plant self is the gas turbine, because it comprises complex dynamical subsystems which can fail due to faults in sensors, actuators and components and relies heavily on the control system affecting the reliability, availability and maintainability of the power plant. This issue motivated this research work oriented to design a diagnosis system by software for gas turbines of electric power plants. The key for a faults diagnosis system is the discrepancy between expected and actual behavior and this can be identified, on real time only if redundant information between the process variables is available (Frank, 1990). Artificial Intelligence and Control communities have developed methods to generate symptoms or signals by software, called residuals, which reflect the discrepancies in faults conditions Venkatasubramanian et al. (2003a), Venkatasubramanian et al. (2003c), Venkatasubramanian et al. (2003d). However previous to the residual generators design it is necessary and essential to determine which data requirements are required to solve a specific fault diagnosis issue. To analyze under which conditions faults in sensors and actuators of a GT can be detected and isolated, the structural properties of the model are used here. The redundancy of the structure is studied using graph tools for the subsystems of the GT considering the available measurements. A non-linear complex dynamic model of the GT given by 37 algebraic and differential equations is considered to identify the required redundancy degrees for diverse fault scenarios of the units without numerical values. As result of the generic analysis, 10 relations are obtained which allow to detect faults in all components of the gas turbine unit. The rotors mechanical coupling to gas turbine unit for one side and the electric generator unit for the other side, is identified as a subsystem in which faults are undetectable and then, a diagnosis system for this subsystem is not feasible. This means, the standard instrumentation of the GT restricts its performance from safety and integrity point of view. On the base of this result and using the redundant graph concept (Verde & Mina, 2008), it is suggested here to add a sensor to increase the redundance and consequently to improve the fault detectability of the turbogenerator in the presence of mechanical and sensors faults. This is the main contribution of the work. The implementation of redundant graphs with specific simulated data of a GT validates this statement.

The increasing integration of grid-forming inverters (GFMIs) in modern power systems introduces new challenges for voltage regulation under adversarial cyber intrusions. This paper proposes a resilient secondary voltage control strategy for GFMIs leveraging deep learning techniques to detect and mitigate the effects of sensor and actuator attacks. Input-output feedback linearization is applied to the nonlinear GFMI dynamics, yielding a second-order model. Cyber intrusions are modeled as additive malicious signals corrupting sensor measurements and control commands transmitted over communication networks. A resilient distributed deep learning-based control is integrated within the control loop to estimate anomalies, enabling adaptive compensation of attack signals. The proposed approach enhances system robustness and maintains voltage stability despite sophisticated cyber threats. Simulation results on the IEEE 33-bus test system validate the effectiveness of the proposed control method in maintaining voltage regulation and enhancing system resilience under diverse cyber intrusion scenarios.

One of the major challenges of diagnosing rotor symmetry faults in induction machines (IMs) is severe modulation of fault and supply frequency components. In particular, existing techniques are not able to identify fault components in the case of low slips. In this article, this problem is tackled by proposing a novel approach. First, a new use of singular spectrum analysis (SSA), as a powerful spectrum analyzer, is introduced for fault detection. Our idea is to treat the stator current signature of the wound rotor IM as a time series. In this approach, the current signature is decomposed into several eigenvalue spectra (rather than frequency spectra) to find a subspace where the fault component is recognizable. Subsequently, the fault component is detected using some data-driven filters constructed with the knowledge about characteristics of supply and fault components. Then, an inexpensive peak localization procedure is applied to the power spectrum of the fault component to identify the exact frequency of the fault. The fault detection and localization methods are then combined in a recursive regime to further improve the diagnosis’ performance particularly at high rotor speeds and small rotor faults. The proposed approach is data-driven and is directly applied to the raw signal with no suppression or filtration of the frequency harmonics with a low computational complexity. The numerical results obtained with real data at several rotation speeds and fault severities unveil the effectiveness and real-time feature of the proposed approach.

This paper presents a novel hybrid fault diagnosis approach to detect and estimate component faults in general nonlinear systems with full-state measurement. Unlike most existing fault diagnosis techniques, the proposed solution provides an integrated framework to simultaneously detect, isolate, and estimate the severity of faults in system components. The proposed solution consists of a bank of adaptive Neural Parameter Estimators (NPE) where each NPE in the bank is designed based on a separate parameterized fault model. Each NPE in the bank estimates its corresponding unknown Fault Parameter (FP) that is further used for fault detection and estimation purposes. Fast convergence and simple isolation policy are among the characteristic features of our proposed solution. Static neural network architecture and simple weight adaptation laws also make the proposed technique appropriate for real-time implementations. Simulation results reveal the effectiveness of the developed scheme in detecting, isolating and estimating faults in components of reaction wheel actuators of a 3-axis stabilized satellite even in presence of satellite disturbances.

Sensor fault diagnosis in a chemical process via RBF neural networks

Signal processing methods are widely used in fault diagnosis and are known for their strong interpretability. Among them, signal adaptive decomposition algorithms are used to extract the features of fault signals. As an effective adaptive decomposition algorithm, difference mode decomposition divides the signals into three components using spectrum weighting. However, it can only separate mixed fault components and is not suitable for multi-class fault diagnosis tasks. This paper presents a successive difference mode decomposition method. The reference component and concerned components (fault features) are defined based on the differences in faults. Then, the filters corresponding to different components are obtained through iterative convex optimization at each layer. Finally, using these filters, signals are decomposed into multiple fault components corresponding to different fault sources. Furthermore, the white noise replacement module is proposed to solve the gradient vanishing problem introduced by successive decompositions. Also, an updatable online learning framework is proposed for the incremental demand scenario, providing data efficiency and interpretability. The effectiveness of this method is validated on real datasets.

In this paper, an interacting multiple-model (IMM) based fault detection, diagnosis and reconfigurable control approach for discrete-time stochastic systems is proposed. Fault detection and diagnosis (FDD) is carried out using the IMM estimator. The linear quadratic regulator (LQR) and an eigenstructure assignment (EA) techniques have been used for nominal and reconfigurable control laws design, respectively. To achieve zero steady-state tracking error, a set of feedforward control gains is also designed using an input weighting approach. The paper has considered not only actuator and sensor faults, but also system component faults. To achieve fast and reliable fault detection, diagnosis and controller reconfiguration, new fault diagnosis and reconfiguration mechanisms have been proposed using appropriate combination of the information provided by the mode probabilities from the IMM algorithm and an index related to the closed-loop system performance. The proposed approach is evaluated using an aircraft example in the presence of system component, actuator and sensor faults.

Inverter-fed induction motors (IMs) contain a serious of current harmonics, which become severer under stator and rotor faults. The resultant fault components in the currents affect the monitoring of the motor status. With this background, the fault components in the electromagnetic torque under stator faults considering harmonics are derived in this paper, and the fault components in current harmonics under rotor faults are analyzed. More importantly, the monitoring based on the fault characteristics (both in the torque and current) is proposed to provide reliable stator and rotor fault diagnosis. Specifically, the fault components induced by stator faults in the electromagnetic torque are discussed in this paper, and then, fault components are characterized in the torque spectrum to identify stator faults. To achieve so, a full-order flux observer is adopted to calculate the torque. On the other hand, under rotor faults, the sidebands caused by time and space harmonics in the current are analyzed and exploited to recognize rotor faults, being the motor current signature analysis (MCSA). Experimental tests are performed on an inverter-fed 2.2 kW/380 V/50 Hz IM, which verifies the analysis and the effectiveness of the proposed fault diagnosis methods of inverter-fed IMs.

In this letter we study a resilient supervisory control design problem in discrete-event systems. Consider that there are certain unsafe states in the system that must be prevented from entering, and this can be ensured by a supervisor disabling certain controllable events. Also consider that the system is subject to actuator attacks from intruders: some controllable events disabled by a supervisor may be re-enabled by an intruder. Our purpose is to address a challenging scenario where the controllable events that are vulnerable to attacks are <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">indefinite</i> , i.e., any controllable event can be attacked. Associating to each unsafe state with a required <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">safety level</i> (a positive integer), our aim of this letter is to design a resilient supervisor such that for every unsafe state <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$q$ </tex-math></inline-formula> , if the number of actuator attacks is no greater than the safety level of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$q$ </tex-math></inline-formula> , then the controlled system is guaranteed to avoid entering <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$q$ </tex-math></inline-formula> . We first encode the behavior of the system under attack into an automaton called the <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">resiliency automaton</i> . We then show that the resilient supervisor synthesis problem may be cast into a supervisory control problem in the resiliency automaton. Hence, a maximally permissive resilient supervisor can be obtained by using the Ramadge-Wonham supervisory control paradigm. To the best of our knowledge, this is the first result on supervisory control design against indefinite actuator attacks in discrete-event systems.

A novel fault diagnosis and self-calibration method for air-handling units using Bayesian Inference and virtual sensing

A challenging problem in aircraft engine health management (EHM) system development is to detect and isolate faults in system components (i.e., compressor, turbine), actuators, and sensors. Existing nonlinear EHM methods often deal with component faults, actuator faults, and sensor faults separately, which may potentially lead to incorrect diagnostic decisions and unnecessary maintenance. Therefore, it would be ideal to address sensor faults, actuator faults, and components faults under one unified framework. This paper presents a systematic and unified nonlinear adaptive framework for detecting and isolating sensor faults, actuator faults, and component faults for aircraft engines. The fault detection and isolation (FDI) architecture consists of a parallel bank of nonlinear adaptive estimators. Adaptive thresholds are appropriately designed such that, in the presence of a particular fault, all components of the residual generated by the adaptive estimator corresponding to the actual fault type remain below their thresholds. If the faults are sufficiently different, then at least one component of the residual generated by each remaining adaptive estimator should exceed its threshold. Therefore, based on the specific response of the residuals, sensor faults, actuator faults, and component faults can be isolated. The effectiveness of the approach was evaluated using the NASA C-MAPSS turbofan engine model, and simulation results are presented.

A new approach to quantitative and credible diagnosis for multiple faults of components and sensors

Fault diagnosis is of critical importance to the safety of power electronic devices in DC microgrids. To detect and isolate different component faults in DC microgrids, this paper introduces a comprehensive protection scheme using reduced-order unknown input observers (ROUIOs). As opposed to conventional protection strategies, the proposed method provides a centralized fault detection and isolation (FDI) solution for DC microgrids that covers multiple faults occurring in different components in a unified process. Moreover, it reduces the complexity of observer model and relaxes the requirements of measurement signals compared with existing observer-based FDI methods for DC microgrids. To this end, the state-space model of a multi-terminal DC microgrid with different faults is first established. On this basis, a bank of ROUIOs are designed with the aim of classifying different component faults in the system. At last, the performance of the proposed FDI method is verified through numerical simulations with MATLAB/Simulink and hardware tests. Test results show that the proposed method can accurately detect and isolate different component faults in DC microgrids in a short response time of 1 ms.

According to the aircraft maintenance status, a new method is given to diagnosis the fault component in aircraft avionics system board. TCAS data processor board is taken as a example. By analyzing the relationship between fault sources and fault phenomenon and using data fusion technology, the bottom positioning of the fault components are realized. Combing the practical fault data from airlines with the components characteristics, the fault possibility of the components can be concluded. In this way, a possibility rank can be generated After that, the upper fault positioning is used to make sure of the fault components by fault reasoning and to test components status in possible fault components list.