design and analysis of a fault isolation scheme for a class of uncertain nonlinear systems
TRANSCRIPT
Design and analysis of a fault isolation scheme for a class
of uncertain nonlinear systems
Xiaodong Zhang a, Marios M. Polycarpou b,*, Thomas Parisini c
a Department of Electrical Engineering, Wright State University, Dayton, OH 45435, USAb KIOS Research Center for Intelligent Systems and Networks, Department of Electrical and Computer Engineering,
University of Cyprus, Nicosia 1678, Cyprusc Department of Electrical, Electronic and Computer Engineering, University of Trieste, 34100 Trieste, Italy
Received 20 November 2007; accepted 4 March 2008
www.elsevier.com/locate/arcontrol
Annual Reviews in Control 32 (2008) 107–121
Available onl
ine 16 May 2008Abstract
This paper presents a unified fault isolation scheme for handling both process faults and sensor faults in a class of uncertain nonlinear systems.
The proposed fault diagnosis architecture consists of a fault detection estimator and a bank of isolation estimators, each corresponding to a
particular fault type. The design of the fault isolation decision scheme is based on the derivation of appropriate adaptive thresholds for each fault
isolation estimator. Fault isolability conditions characterizing the class of process faults and sensor faults that are isolable by the proposed scheme
are derived. A rigorous isolability analysis is presented via the use of the so-called fault mismatch functions, which are defined between pairs of
possible faults. A simulation example is used to illustrate the proposed fault isolation scheme.
# 2008 Elsevier Ltd. All rights reserved.
1. Introduction
A consequence of modern technological advances is the
creation of large-scale critical infrastructure systems, which
need to operate reliably at all times, despite the possible
occurrence of faulty behavior in some subsystems or
components. Examples of such large-scale infrastructure
systems include power generation and distribution systems,
telecommunication networks, water distribution networks, etc.
The design of fault diagnosis and accommodation schemes is a
crucial step in achieving reliable and safe operation of such
large-scale systems.
In recent years, there has been a lot of research activity in the
design and analysis of fault diagnosis and accommodation
schemes for different classes of dynamic systems (see, for
example, Basseville & Nikiforov, 1993; Blanke, Kinnaert,
Lunze, Staroswiecki, & Schrder, 2006; Chen & Patton, 1999;
Frank, 1990; Gertler, 1998; Patton, 1997; Patton, Frank, &
Clark, 1989). Considerable effort has been devoted to the
development of fault diagnosis schemes for nonlinear systems
in the framework of various kinds of assumptions and fault
scenarios (see, for instance, De Persis & Isidori, 2001; Floquet,
* Corresponding author.
E-mail address: [email protected] (M.M. Polycarpou).
1367-5788/$ – see front matter # 2008 Elsevier Ltd. All rights reserved.
doi:10.1016/j.arcontrol.2008.03.007
Barbot, Perruquetti, & Djemai, 2004; Garcia & Frank, 1997;
Hammouri, Kinnaert, & El Yaagoubi, 1999; Krishnaswami &
Rizzoni, 1997; Seliger & Frank, 1991; Wang, Huang, & Daley,
1997, and the references cited therein).
The overall fault diagnosis procedure can be investigated in
three steps: (i) fault detection is the process of determining
whether a fault has occurred or not; (ii) fault isolation deals with
the issue of determining the location/type of fault; and (iii) fault
identification provides an estimate of the magnitude or severity
of the fault. In some cases, the issues of fault isolation and fault
identification are interwoven, since they both may deal with
determining the type of fault that has occurred. Beyond fault
diagnosis, there is the problem of fault accommodation, which
deals with the design and analysis of control reconfiguration
schemes for handling the presence of faults.
In this paper, we focus on the fault isolation problem,
which is a crucial step in the design of intelligent control
and health management systems, especially for large-scale
systems. Typically, fault isolation goes into effect after a
fault is detected with the objective of determining the
location/type of the fault. The fault isolation problem has
been studied in the context of several different formulations
including: (a) determining the particular type of the fault
among a set of known (or partially known) possible fault
types (for example, a bearing may exhibit abnormal behavior
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121108
as a result of spalling, pitting, or over-rolling of debris); (b)
determining the particular faulty components among the set
of all components under consideration (for example, sensor
validation for jet engines; Yan & Goebel, 2003); (c) for
spatially distributed systems (Ferrari, Parisini, & Polycarpou,
2007), determining the physical location of the faulty
subsystem (for example, locating faulty sensors in a distri-
buted wireless sensor network monitoring a large physical
region of interest).
In previous papers (Zhang, Parisini, & Polycarpou, 2005;
Zhang, Polycarpou, & Parisini, 2001), the authors investi-
gated the nonlinear fault isolation problem in the context of
type (a) and (b), respectively. Specifically, in Zhang et al.
(2001), a fault isolation method was developed to determine
which particular process fault, among a set of possible
partially known process fault types, has occurred (in the
context of type (a) above). In Zhang et al. (2005), a sensor
fault isolation algorithm was developed with the objective to
determine the particular faulty sensor among a set of sensor
components under consideration. However, in Zhang et al.
(2005, 2001) process faults and sensor faults were considered
separately. In other words, for the process fault isolation
problem (Zhang et al., 2001), we assumed the sensors are
healthy, and for the sensor fault isolation problem (Zhang
et al., 2005), we assumed there are no process faults. In real-
world applications, both the process (including plant and
actuators) and the sensors are prone to faults. Fault isolation
methods that only consider process faults may provide an
incorrect isolation decision in the presence of sensor faults,
and vice versa. The objective of this paper is to develop a
fault isolation methodology for a class of nonlinear systems
that deals with both process faults and sensor faults in a
unified framework.
An architecture based on adaptive and learning techniques
has been presented with the aim of detecting and isolating
process faults or sensor faults (Demetriou, 1998; Farrell,
Berger, & Appleby, 1993; Polycarpou & Helmicki, 1995;
Vemuri, 2001; Wang et al., 1997; Zhang et al., 2005, 2001).
In this paper, a design methodology for fault isolation of
the considered class of process faults and sensor faults is
presented, as well as a rigorous analytical framework aimed
at characterizing the behaviors of the proposed scheme. The
analysis of the fault isolation scheme focuses on: (i)
determining adaptive thresholds for each fault isolation
estimator; and (ii) deriving isolability conditions of the
process faults and sensor faults under consideration.
The adaptive decision thresholds are derived under a worst
case scenario, such that, if a particular fault occurs, the
output estimation error of the corresponding fault isolation
estimator always remains below its threshold, therefore
avoiding the presence of false alarms. The fault isolability
condition characterizes the class of process faults and sensor
faults which are isolable by the proposed detection and
isolation scheme. This condition is investigated on the
basis of the so-called fault mismatch function, which
provides a suitable measure of the mutual ‘‘difference’’
between faults.
The paper is organized as follows. Section 2 defines the
classes of nonlinear systems and faults to be investigated. In
Section 3, the design of the proposed fault detection and
isolation (FDI) scheme is described. In Section 4 the design of
adaptive thresholds is addressed, while in Section 5 the fault
isolability analysis is carried out. In Section 6 a simulation
example is presented and Section 7 contains some concluding
remarks.
2. Problem formulation
Consider a class of nonlinear multi-input-multi-output
(MIMO) dynamic systems described by
x ¼ Axþ gðy; uÞ þ hðx; u; tÞ þ bxðt � TxÞfðy; uÞy ¼ Cxþ dðx; u; tÞ þ byðt � TyÞFuðtÞ (1)
where x2Rn is the system state vector, u2Rm is the input
vector, y2Rl is the output vector, g : Rl �Rm 7!R
n,
h : Rn �Rm �R
þ 7!Rn, f : Rl �R
m 7!Rn, and d :
Rn �R
m �Rþ 7!R
l are smooth vector fields, and ðA;CÞ is
an observable pair. The state equations
xN ¼ AxN þ gðyN; uÞyN ¼ CxN
represents the known nominal system dynamics, while the
healthy system is described by
xH ¼ AxH þ gðyH; uÞ þ hðxH; u; tÞyH ¼ CxH þ dðxH; u; tÞ:
The difference between the nominal model and the actual
(healthy) system is due to the vector fields h and d, which
represent the modeling uncertainties in the state equation and
output equation, respectively. The changes in the system
dynamics as a result of a process fault are characterized by the
term bxðt � TxÞfðy; uÞ in (1). Specifically, bxðt � TxÞ denotes
the time profile of a process fault which occurs at some
unknown time Tx, and fðy; uÞ represents the nonlinear fault
function. The changes in the system dynamics as a result of a
sensor fault are characterized by byðt � TyÞFuðtÞ in (1).
Specifically, the vector FuðtÞ represents a time-varying bias due
to a sensor fault, and the function byðt � TyÞ characterizes the
time profile of the fault, where Ty is the unknown fault
occurrence time.
In this paper, we only consider the case of abrupt (sudden)
faults (for some results on incipient faults, see Demetriou and
Polycarpou, 1998; Zhang, Polycarpou & Parisini, 2002);
therefore, bxð�Þ and byð�Þ take the form of a step function bð�Þgiven by
bðt � T0Þ ¼0; if t< T0
1; if t� T0
�
where T0 ¼ Tx for process faults, and T0 ¼ Ty for sensor faults.
Moreover, the analysis is based on the assumption that only a
single fault occurs, which is either a process fault or a sensor
fault.
X. Zhang et al. / Annual Reviews i
The class of sensor faults under consideration is
represented by FuðtÞ, where F 2Rl is the fault distribution
vector, and uðtÞ is the magnitude of the time-varying
sensor bias. Because of the single fault assumption, the
sensor fault distribution vector F has only one non-zero
entry, which represents the corresponding corrupted output
measurement. Depending on the location of the fault, the
distribution vector F belongs to a class of l possible vectors
F1;F2; . . . ;Fl, where, for any j ¼ 1; . . . ; l, only the jth
component of vector F j is different from zero. Accordingly,
the scalar u jðtÞ 2R is the magnitude of the time-varying bias
in the jth sensor.
The process fault function f under consideration is modeled
as a nonlinear function of measurable quantities y and u. It is
assumed that there are N types of possible process faults in the
fault class; specifically, fðy; uÞ belongs to a finite set of
functions given by
FP¼4ff1ðy; uÞ; . . . ;fNðy; uÞg: (2)
Each fault function f p; p ¼ 1; . . . ;N, is described by
f pðy; uÞ¼4½ðu p1 Þ
>g p
1 ðy; uÞ; . . . ; ðu pn Þ
>g pn ðy; uÞ�
>(3)
where upi ; i ¼ 1; . . . ; n, is an unknown parameter vector
assumed to belong to a known compact and convex set Q pi
(i.e., upi 2Q
pi �R
ypi ) and g p
i : Rl �R
m 7!Ry
pi is a known
smooth vector field. As discussed in Zhang et al. (2001,
2002), the process fault model described by (2) and (3) char-
acterizes a general class of nonlinear faults where the vector
field g pi represents the functional structure of the pth fault
affecting the ith state equation, while the unknown parameter
vector upi characterizes the ‘‘magnitude’’ of the fault. The
dimension y pi of each parameter vector u p
i is determined both
by the type of fault and by the specific state equation con-
sidered.
The main objective of this paper is to develop a robust fault
isolation scheme for process faults and sensor faults in
nonlinear dynamic systems modeled by (1). It is worth noting
that in addition to nonlinear systems in the form of (1), the
presented algorithm can also be applied to more general
nonlinear systems which are transformable to (1) using a local
diffeomorphism (Isidori, 1995; Marino & Tomei, 1995; Vemuri
& Polycarpou, 1997).
Throughout the paper, the following assumptions are made:
Assumption 1. The modeling uncertainties, represented by h
and d in (1), are unstructured and unknown nonlinear func-
tions of x, u, and t, but bounded by given known functionals,
i.e., 8 ðx; y; uÞ 2X � Y � U and 8 t� 0;
jhðx; u; tÞj � hðy; u; tÞ; jdðx; u; tÞj � dðy; u; tÞ; (4)
where the bounding functions hðy; u; tÞ and dðy; u; tÞ are
known and uniformly bounded in Y � U �Rþ, X �R
n is
some compact domain of interest, and U �Rm and Y �R
l
are the compact sets of admissible inputs and outputs,
respectively.
Assumption 2. The system state vector x belongs to a possibly
unknown compact set X �Rn before and after the occurrence
of a fault, that is, xðtÞ 2X , for all t� 0.
Assumption 3. The rates of change of the process fault para-
meter vector u pðtÞð p ¼ 1; . . . ;NÞ, and the sensor bias
u jðtÞ ð j ¼ 1; . . . ; lÞ, are uniformly bounded, respectively, i.e.,
for process faults, ju pðtÞj � a p, for all t� 0, where
n Control 32 (2008) 107–121 109
u p ¼ ½ðu p1 Þ
>; . . . ; ðu p
n Þ>�
>;
and a p is a known positive constant;
f
or sensor bias, ju jðtÞj � d for all t� 0, where d is a knownpositive constant.
Assumption 1 characterizes the class of modeling uncer-
tainties under consideration. The bounds on the unstructured
modeling uncertainties are needed in order to be able to
distinguish between the effects of faults and modeling
errors (Emami-Naeini, Akhter, & Rock, 1988; Zhang et al.,
2002).
Assumption 2 requires the boundedness of the state
variables before and after the occurrence of a fault. Hence,
it is assumed that the feedback control system is capable of
retaining the boundedness of the state variables even in the
presence of a fault. This is a technical assumption required for
well posedness since the fault isolation design that we consider
does not influence the closed-loop dynamics and stability. It is
important to note that the proposed fault detection and
isolation design does not depend on the structure of the
controller.
Finally, in Assumption 3 known bounds on the rates of
change of u pðtÞ and u jðtÞ are assumed. In practice, the rate
bounds a p and d can be set by exploiting some a priori
knowledge on the fault developing dynamics. In the case of a
constant fault size or bias, we simply set a p ¼ 0 or d ¼ 0.
Remark 1. It is worth noting that the above formulation
considers both process faults and sensor faults under one
unified framework. The unknown process fault magnitude is
represented by u pðtÞ, for p ¼ 1; . . . ;N, and the unknown sensor
bias magnitude is represented by u jðtÞ, for j ¼ 1; . . . ; l, respec-
tively.
3. Fault detection and isolation architecture
As shown in Fig. 1, the fault detection and isolation
architecture is based on a bank of N þ lþ 1 nonlinear adaptive
estimators, where N is the number of different nonlinear
process faults in the fault class FP, and l is the number of
sensors or output variables. One of the nonlinear adaptive
estimators is the fault detection estimator (FDE) used for
detecting the occurrence of any faults, while the remaining
N þ l nonlinear adaptive estimators are fault isolation
estimators (FIEs), which are activated for the purpose of fault
isolation only after a fault is detected.
Fig. 1. Architecture of the fault detection and isolation scheme.
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121110
3.1. Fault detection scheme
Based on the system model given by (1), the following FDE
is chosen:
˙x0 ¼ Ax0 þ Lðy� y0Þ þ gðy; uÞ; x0ð0Þ ¼ 0
y0 ¼ Cx0
where x0 and y0 denote the estimated state and output vectors,
respectively, and L2Rn�l is a design gain matrix. Moreover, let
e0x¼4
x� x0 denote the state estimation error. Then, for
t<min ðTx; TyÞ, we have
e0xðtÞ ¼ A0e
0xðtÞ � Ldðx; u; tÞ þ hðx; u; tÞ; (5)
where the gain L is chosen such that the matrix A0¼4ðA� LCÞ is
Hurwitz. Each component e0y j¼4y j � y0
j ; j ¼ 1; . . . ; l, of the
output estimation error is given by
e0y jðtÞ ¼ C je
0xðtÞ þ d jðx; u; tÞ; (6)
where C j is the jth row vector of matrix C, and d j is the jth
component of the measurement uncertainty d. From (5) and (6),
we have
je0y jðtÞj �
Z t
0
k j e�l jðt�tÞjhðx; u; tÞ � Ldðx; u; tÞj dt
þ jd jðxðtÞ; uðtÞ; tÞj þ k jx e�l j t (7)
where k j and l j are positive constants chosen such that
jC j eA0tj � k j e�l jt (since A0 is Hurwitz, constants k j and
l j satisfying the above inequality always exist; Ioannou &
Sun, 1995), and x is a (possibly conservative) bound for jxj,such that jxj � x, 8 x2X (by Assumption 2). It is worth
noting that, since the effect of this bound decreases expo-
nentially, the use of such a conservative bound will not
weaken significantly the performance of the fault detection
scheme. By using the bounding functions (4), from (7) we
obtain
je0y jðtÞj �
Z t
0
k j e�l jðt�tÞ½hðy; u; tÞ þ kLk � dðy; u; tÞ� dt
þ d jðyðtÞ; uðtÞ; tÞ þ k jx e�l jt: (8)
According to (8), a fault is detected when at least one
component of the modulus of the output estimation error
e0y jðtÞ exceeds its corresponding threshold e0
y jðtÞ, which is
defined as
e0y jðtÞ¼4
Z t
0
k j e�l jðt�tÞ½hðy; u; tÞ þ jLj � dðy; u; tÞ� dt
þ d jðyðtÞ; uðtÞ; tÞ þ k jx e�l jt: (9)
More precisely, the fault detection time Td is defined as the
first time instant such that je0y jðtÞj> e0
y jðtÞ, for some t� 0
and some j2f1; . . . ; lg, that is, Td¼4
inf [ lj¼1ft� 0 :
je0y jðtÞj> e0
y jðtÞg. It is worth noting that the adaptive thresholds
e0y jðtÞ given by (9) can be easily implemented using linear
filtering techniques (Zhang et al., 2002).
3.2. Fault isolation estimators and decision scheme
Now, assume that a fault is detected at some time Td;
accordingly, at t ¼ Td the fault isolation estimators are
activated. Each FIE corresponds to one potential fault type.
Specifically, among the N þ l FIEs employed in the fault
isolation scheme, N FIEs are designed based on the functional
structure of the process faults defined in (2) and (3), and the
remaining l FIEs are designed based on the functional structure
of the potential sensor faults. The following N FIEs correspond
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121 111
to process faults: for p ¼ 1; . . . ;N,
˙xp ¼ Ax p þ gðy; uÞ þ Lðy� y pÞ þV p ˙u
pþ f
pðy; u; u pÞ; x pðTdÞ ¼ 0
Vp ¼ A0V
p þ Z pðy; uÞ; V pðTdÞ ¼ 0
fp ¼ ½ðu p
1 Þ>
g p1 ðy; uÞ; . . . ; ðu p
n Þ>
g pn ðy; uÞ�
>
y p ¼ Cx p;
(10)
where up
i 2Ry
pi , for i ¼ 1; . . . ; n, is the estimate of the fault
parameter vector in the ith state equation of the pth isolation
estimator. It is noted that, according to (3), the fault
approximation model fp
is linear in the adjustable weights
up. Consequently, the gradient matrix Z p¼4@f
pðy; u; u pÞ=@u p ¼diag½ðg p
1 Þ>; . . . ; ðg p
n Þ>� does not depend on u
p.
The adaptation in the isolation estimators arises due to the
unknown parameter vector u p¼4½ðu p1 Þ
>; . . . ; ðu p
n Þ>�
>. The
adaptive law for adjusting each up
is derived using the
Lyapunov synthesis approach (see for example Ioannou & Sun,
1995), with the projection operator restricting up
to the
corresponding known set Q p (in order to guarantee stability of
the learning algorithm in the presence of modeling uncertainty
Vemuri & Polycarpou, 1997). Specifically, the learning
algorithm is chosen as follows
˙up¼ PQ pfGV p>C>e p
y g; (11)
where e py ðtÞ¼
4yðtÞ � y pðtÞ denotes the output estimation error of
the pth estimator, and G > 0 is a symmetric, positive-definite
learning rate matrix.
Analogously, the following l FIEs correspond to sensor
faults: for q ¼ N þ 1; . . . ;N þ l,
˙xq ¼ Axq þ gðy; uÞ þ Lðy� yqÞ þVq ˙u
q; xqðTdÞ ¼ 0;
Vq ¼ A0V
q � LFq; VqðTdÞ ¼ 0;
yq ¼ Cxq þ Fquq;
˙uq¼ PQqfgqðCVq þ FqÞ>eq
yg;
(12)
where eqyðtÞ¼
4yqðtÞ � yqðtÞ denotes the output estimation error,
again the projection operator P restricts the parameter estima-
tion uq
to a predefined compact and convex region Qq�R
(Vemuri & Polycarpou, 1997), and gq 2R is the learning rate.
Remark 2. The parameter estimates up
and uq
also provide
useful information for fault isolation. However, it is important
to stress that it cannot be guaranteed that, for the actual fault,
the parameter estimates up
and uq
will converge to the true
values, unless we assume persistency of excitation (Farrell &
Polycarpou, 2006; Ioannou & Sun, 1995), a condition which, in
general, is too restrictive (in this paper, we do not assume
persistency of excitation.)
The stability and learning capability of the FIEs described by
(10) and (12) have been rigorously investigated in Zhang et al.
(2005, 2001). The analytical results guarantee the boundedness
of the variables in the bank of FIEs. Moreover, it has been
shown that the ability of the isolation estimators to learn the
fault function is limited by the modeling uncertainties h and d,
the fault function approximation error, and the rate of change of
the time-varying fault parameter vector.
Now let us consider the pth process fault, where
p ¼ 1; . . . ;N, and the qth sensor fault, where
q ¼ N þ 1; . . . ;N þ l, in a unified framework. Then, we have
N þ l faults in the augmented fault class. More specifically, for
s ¼ 1; . . . ;N þ l, fault s is a process fault, if 1 � s � N, and
fault s is a sensor fault, if N þ 1 � s � N þ l.The fault isolation decision scheme is based on the
following intuitive principle: for s ¼ 1; . . . ;N þ l, if fault s
occurs at time T0 and is detected at time Td, then a set of
adaptive threshold functions fmsjðtÞ; j ¼ 1; . . . ; lg can be
designed for the sth isolation estimator, such that the jth
component of its output estimation error satisfies
jesy jðtÞj � ms
jðtÞ, for all t> Td. Consequently, for each
s ¼ 1; . . . ;N, such a set of adaptive thresholds fmsjðtÞ; j ¼
1; . . . ; lg can be associated with the output estimation of the sth
isolation estimator. In the fault isolation procedure, if for a
particular isolation estimator s, there exists some
j2f1; . . . ; lg, such that the jth component of its output
estimation error satisfies jesy jðtÞj>ms
jðtÞ for some finite time
t> Td, then the possibility of the occurrence of fault s can be
excluded. Based on this intuitive idea, the following fault
isolation decision scheme is devised:
Fault Isolation Decision Scheme: If , for each
r2f1; . . . ;N þ lgnfsg, there exist some finite time tr > Td
and some j2f1; . . . ; lg, such that jery jðtrÞj>mr
jðtrÞ, then the
occurrence of fault s is concluded.
Remark 3. Compared with other adaptive multiple model
based fault diagnosis schemes (see, for example, Boskovic
& Mehra, 1999; Korbicz, Koscielny, Kowalczuk, & Cholewa,
2008; Menke & Maybeck, 1995; Witczak, 2007), the FDI
scheme presented in this paper considers a class of nonlinear
systems in the presence of unstructured modeling uncertainty.
The robustness and fault sensitivity are enhanced by appro-
priately designed adaptive thresholds. Moreover, within the
fault isolation framework, in fault diagnosis literature one can
find several types of observer schemes, including the dedicated
observer scheme (DOS) (Clark, 1978) and the generalized
observer scheme (GOS) (Frank, 1990; Patton et al., 1989).
As can be seen from the fault isolation decision scheme
described above, our method falls within the GOS architectural
framework.
In the next section, we will derive the threshold msðtÞassociated with each isolation estimator.
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121112
4. Adaptive thresholds for fault isolation
The threshold functions msjðtÞ clearly play a significant
role in the proposed fault isolation scheme. The following
lemma provides a bounding function for the output
estimation of the sth isolation estimator in the case that
fault s occurs.
Lemma 1. Suppose that fault s, occurring at time t ¼ T0,
is detected at time t ¼ Td, where s ¼ 1; . . . ;N þ l. Then,
for all t� Td , the jth component of the output estimation
error of the sth isolation estimator satisfies the following
inequality:
jesy jðtÞj � k j
Z t
Td
e�l jðt�tÞ½hðyðtÞ; uðtÞ; tÞ þ rskVsk
þ kLkdðyðtÞ; uðtÞ; tÞ� dt þ d jðy; u; tÞ
þ j�sðtÞjjusðtÞj þ k jx e�l jðt�TdÞ; (13)
where usðtÞ¼4 u
sðtÞ � usðtÞ is the parameter estimation error and
�s¼4 C jVs; if 1 � s � N
C jVs þ Fs
j; if N < s � N þ l
�(14)
and
rs¼4 as; if 1 � s � Nd; if N < s � N þ l
:
�(15)
Proof. Denote the state estimation error of the sth isolation
estimator by esxðtÞ¼
4xðtÞ � xsðtÞ, for s ¼ 1; . . . ;N þ l. The proof
consists of two parts.
Part I: In the presence of a process fault p, p ¼ 1; . . . ;N, (or
equivalently, fault s with 1 � s � N), by using (1), the system
dynamics for t> Tx is given by
x ¼ Axþ gðy; uÞ þ hðx; u; tÞ þ f pðy; uÞy ¼ Cxþ dðx; u; tÞ (16)
Using (16) and (10), after some simple algebraic manipula-
tion, we obtain
e px ðtÞ ¼ A0e
px ðtÞ þ hðx; u; tÞ � Ldðx; u; ;tÞ � Z pu
p �V p ˙up:
By using Z p ¼ Vp � A0V
p, we have
e px ðtÞ ¼ A0e
px ðtÞ þ hðx; u; tÞ � Ldðx; u; ;tÞ �V p ˙u
p
� ðV p � A0VpÞu p
¼ A0ðe px ðtÞ þV pu
pÞ þ hðx; u; tÞ � Ldðx; u; ;tÞ
� d
dtðV pu
pÞ �V pup
By letting e px ðtÞ¼
4e p
x ðtÞ þV pup, the above equation can be
rewritten as
˙epx ðtÞ ¼ A0e
px ðtÞ þ hðx; u; tÞ � Ldðx; u; tÞ �V pu
p: (17)
By defining e py jðtÞ¼4y jðtÞ � y p
j ðtÞ and using (16) and (10), we
have:
e py jðtÞ ¼ C je
px ðtÞ þ d jðx; u; tÞ
¼ C jðe px ðtÞ �V pu
pÞ þ d jðx; u; tÞ (18)
Now based on (17), (18), (14), and (15), as well as
Assumptions 1 and 3, it can be easily shown that
je py jðtÞj � k j
Z t
Td
e�l jðt�tÞ½hðyðtÞ; uðtÞ; tÞ þ a pkV pk
þ kLkdðyðtÞ; uðtÞ; tÞ� dt þ d jðy; u; tÞ
þ jC jVpjju pðtÞj þ k jx e�l jðt�TdÞ: (19)
Part II: In the presence of a sensor fault q, q ¼ 1; . . . ; l, (or
equivalently, fault s with N < s � N þ l), by using (1), the
system dynamics for t> Ty are given by
x ¼ Axþ gðy; uÞ þ hðx; u; tÞy ¼ Cxþ dðx; u; tÞ þ FquqðtÞ (20)
The dynamics of the output estimation error of the qth FIE
described by (12) has been investigated in Zhang et al. (2005):
jeqy jðtÞj � jC jV
q þ Fqj jju
qðtÞj þ k jx e�l jðt�TdÞ
þ k j
Z t
Td
e�l jðt�tÞ½hðyðtÞ; uðtÞ; tÞ þ djVqj
þ kLkdðyðtÞ; uðtÞ; tÞ� dt þ d jðy; u; tÞ: (21)
Now the proof of (13) easily follows from (14), (15), (19), and
(21). &
Although Lemma 21 provides an upper bound on the output
estimation error of the sth estimator, the right-hand side of (13)
cannot be directly used as a threshold function for fault isolation
because usðtÞ is not available. However, as the estimate u
s
belongs to the known compact set Qs, we have jus � usðtÞj �
ksðtÞ for a suitable ksðtÞ depending on the geometric properties of
set Qs (see Zhang et al., 2001, 2002). Hence, based on the above
discussions, the following threshold function is chosen:
jmsjðtÞj � k j
Z t
Td
e�l jðt�tÞ½hðyðtÞ; uðtÞ; tÞ þ rskVsk
þ kLkdðyðtÞ; uðtÞ; tÞ� dt þ d jðy; u; tÞ
þ j�sðtÞjjksðtÞj þ k jx e�l jðt�TdÞ: (22)
Remark 4. The threshold described by (22) represents an
adaptive threshold, which has obvious advantages over a fixed
threshold in terms of fault sensitivity and robustness (Chen and
Patton, 1999). Note that this adaptive threshold can be easily
implemented on-line using linear filtering techniques.
Remark 5. The adaptive threshold function described by (22)
is influenced by several sources of uncertainty entering the
fault isolability problem, such as modeling uncertainty h,
measurement errors d and parametric uncertainty ks. Intuitively,
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121 113
the smaller the uncertainty (resulting in a smaller threshold
msjðtÞ, the easier the task of isolating the faults. On the other
hand, as clarified in the next section, the capability to isolate a
fault depends not only on msjðtÞ, but also on the degree that the
faults are ‘‘different’’ from each other.
5. Fault isolability analysis
For our purpose, a fault is said to be isolable if the fault
isolation scheme is able to reach a correct decision in finite
time. Intuitively, faults are isolable if they are mutually different
according to a certain measure quantifying the difference in the
effects that different faults have on measurable outputs and on
the estimated quantities in the isolation scheme. In this respect,
we introduce the fault mismatch function between the sth fault
and the rth fault:
hsrj ðtÞ¼
4�sus ��r u
r; r; s ¼ 1; . . . ;N þ l; r 6¼ s (23)
where �s and �r, defined in (14), represent respectively the
functional structure of fault s and fault r related to the jth output
variable, y j.
Remark 6. The fault mismatch function hsrj ðtÞ is related to
both the structural difference between the faults (i.e., �s and
�r) and the properties of the isolation scheme (i.e., the
estimates ur). However, as described in Section 3.2, the fault
isolation estimators are designed based on the structure of the
faults (i.e., Z p and Fq). Moreover, the adaptive thresholds are
designed in such a way that faults can not be isolated unless
their structures are sufficiently different (see Zhang et al.,
2005, 2001, 2002). Therefore, the structural difference
between the faults has a predominant effect on the isolability
properties than the actual behavior of the estimates ur
pro-
vided by the FIEs.
The following theorem characterizes (in a non-closed form)
the class of isolable faults.
Theorem 1. Consider the fault isolation scheme described by
(10)–(12) and (22). Suppose that Assumptions 1–3 hold and
x1
x2
x3
x4
2664
3775 ¼
0 1 0 0�k
Jl
�Fl
Jl
k
Jl0
0 0 0 1k
Jm0
�k
Jm
�Fm
Jm
266664
377775
x1
x2
x3
x4
2664
3775þ
0�mgl
Jlsin x1
0u
Jm
266664
377775þ
0
h
0
0
26643775þ bxðt � TxÞfxðy; uÞ
y ¼1 0 0 0
0 0 1 0
0 0 0 1
24
35
x1
x2
x3
x4
2664
3775þ
0
0
d3
24
35þ byðt � TyÞFu
that a fault s, s ¼ 1; . . . ;N þ l, occurring at time t ¼ T0 is
detected at time t ¼ Td. Then fault s is isolable if , for each
r2f1; . . . ;N þ lgnfsg, there exist some time tr > Td and some
j2f1; . . . ; lg, such that the fault mismatch function hsrj ðtrÞ
satisfies the following inequality:
jhsrj ðtrÞj> j�rjkrðtrÞ þ 2d jðyðtrÞ; uðtrÞ; trÞ
þ jZ tr
Td
C j eA0ðtr�tÞðhðx; u; tÞ � Ldðx; u; tÞ �VsusÞ dtj
þ k j
Z tr
Td
e�l jðtr�tÞ½hðy; u; tÞ þ rrkVrk þ kLkdðy; u; tÞ� dt
þ 2k jx e�l jðtr�TdÞ:
(24)
Proof. See Appendix A. &
Remark 7. It is worth noting that, by replacing the
unknown quantities hðxðtÞ; uðtÞ; tÞ and dðxðtÞ; uðtÞ; tÞ in
the right-hand side of inequality (24) with their bounds
hðyðtÞ; uðtÞ; tÞ and dðyðtÞ; uðtÞ; tÞ, respectively, a more
practical version of condition (24) can be obtained. Moreover,
such a condition can be checked by suitable numerical tech-
niques.
6. Simulation results
Consider a single-link robotic arm with a revolute elastic
joint rotating in a vertical plane whose motion equations are
Jlq1 þ Flq1 þ kðq1 � q2Þ þ mgl sin q1 ¼ 0
Jmq2 þ Fmq2 � kðq1 � q2Þ ¼ u
where q1 and q2 are the link displacement and the rotor
displacement, respectively. The link inertia Jl, motor rotor
inertia Jm, elastic constant k, link mass m, gravity constant
g, center of mass l, and viscous friction coefficients Fl and Fm
are positive constant parameters. The control u is the torque
delivered by the motor.
By choosing x1 ¼ q1, x2 ¼ q1, x3 ¼ q2, x4 ¼ q2, and
assuming that x1, x3, and x4 are available for measurement,
the above model can be rewritten in state space form as
It is worth noting that the effects of modeling uncertainty,
process faults, and sensor faults have been included in the
above model. More specifically, the modeling uncertainty h in
Fig. 3. The case of an actuator fault (i.e., process fault #1): the three residual components (solid line) and their corresponding thresholds associated with the FIE for
process fault #1.
Fig. 2. The case of an actuator fault (i.e., process fault #1): selected residual (solid line) and its threshold associated with the FDE, FIE for sensor fault #1, FIE for
sensor fault #2, and FIE for process fault #2.
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121114
Fig. 5. The case of a process fault resulting in a reduction of link mass (i.e., process fault #2): the three residual components (solid line) and their corresponding
thresholds associated with the FIE for process fault #2.
Fig. 4. The case of a process fault resulting in a reduction of link mass (i.e., process fault #2): selected residual (solid line) and its threshold associated with the FDE,
FIE for sensor fault #1, FIE for sensor fault #2, and FIE for process fault #1.
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121 115
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121116
the state equation is assumed to be to up to 5% error in the mass
of the link. In other words, h ¼ 0:05ðmgl=JlÞsin y1. The
unknown modeling uncertainty in the output equation is
assumed to be d3 ¼ 0:01sin ð10tÞ, which leads to d3 ¼ 0:01.
In this example, we consider the following four types of
faults, including two process faults and two sensor faults:
Actuator fault. We consider a simple multiplicative actuator
Fi
pr
fault by letting u ¼ uþ u1u, where u is the nominal control
input in the non-fault case and u1 2 ½�1 0� is the parameter
characterizing the magnitude of the fault. Note that the case
u1 ¼ 0 represents the normal operation condition (no fault),
while u1 ¼ �1 corresponds to the complete failure of the
actuator. Therefore, the actuator fault can be described by
f ¼ f1¼4½0 0 0 u1g1ðuÞ�>, where g1ðuÞ ¼ ð1=JmÞu and
u1 2 ½�1; 0�. It is worth noting that in this paper the process
faults under consideration include faults in both the plant and
the actuators.
A
process fault which results in a reduction in the mass of link.Then the fault function is in the form of f ¼ f2¼4½0 u2g2ðyÞ 0 0�>, where g2ðyÞ ¼ �ð1=JlÞmgl sin ðyÞand u2 2 ½�1; 0� represents the percentage of change in the
mass.
A
bias in the sensor measuring y2 represented by F ¼ F2 ¼½0 1 0�> and u2 ½0; 0:2�.g. 6. The case of a sensor fault in y2 (i.e., sensor fault #1): selected residual (solid
ocess fault #1, and FIE for process fault #2.
A
bias in the sensor measuring y3 represented by F ¼ F3 ¼½0 0 1�> and u2 ½0; 0:2�.Based on the fault diagnosis scheme presented in Sections
3 and 4, a fault detection estimator and four fault isolation
estimators are constructed. The simulations are performed
with the following robot parameters (in SI units): k ¼ 2,
Fm ¼ 1, Fl ¼ 0:5, Jm ¼ 1, Jl ¼ 2, m ¼ 4, g ¼ 9:8, and
l ¼ 0:5. The initial conditions of the plant are chosen to
be xð0Þ ¼ 0 and the input to the system is given by
u ¼ 2 sin ð2tÞ. The modeling uncertainty on the state equation
is h ¼ ð�0:04=JlÞmglsin x1, and the modeling uncertainty d3
in the output equation is defined above. Moreover, we set the
observer gain matrix L ¼ ½�3:35 0 0; �1:3925 � 1
0; 0 � 1:5 � 1; �2 2 � 1:1�, so that the poles
of the matrix A0 are located at �2:1, �1:5, �1:7, and �1:9,
respectively. Consequently, the constants k1 ¼ 1, l1 ¼ 1:2,
k2 ¼ 1, l2 ¼ 1:4, k3 ¼ 1, l3 ¼ 1:9. The learning rate of the
adaptive algorithm is set to 5.
Figs. 2 and 3 show the simulation results when an actuator
fault, with u1 ¼ �0:6, occurs at Tx ¼ 5 s. Specifically, selected
residuals (solid line) generated by the FDE, the FIE for sensor
fault #1, the FIE for sensor fault #2, and the FIE for process
fault #2, are shown in Fig. 2. As can be seen, the fault is
line) and its threshold associated with the FDE, FIE for sensor fault #2, FIE for
Fig. 8. The case of a sensor fault in y3 (i.e., sensor fault #2): selected residual (solid line) and its threshold associated with the FDE, FIE for sensor fault #1, FIE for
process fault #1, and FIE for process fault #2.
Fig. 7. The case of a sensor fault in y2 (i.e., sensor fault #1): the three residual components (solid line) and their corresponding thresholds associated with the FIE for
sensor fault #1.
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121 117
Fig. 9. The case of a sensor fault in y3 (i.e., sensor fault #2): the three residual components (solid line) and their corresponding thresholds associated with the FIE for
sensor fault #2.
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121118
detected almost immediately at approximately Td ¼ 5:38 s. At
that time, the four isolation estimators are activated. It can be
seen that at least one of the residual components generated by
each unmatched FIE, including the FIES for sensor fault #1,
sensor fault #2, and process fault #2, exceeds its threshold
(shown in the top right figure and the two figures at the bottom
in Fig. 2, respectively), while all three residual components
generated by the FIE for the actuator fault always remain below
their thresholds (shown in Fig. 3), thus indicating the presence
of an actuator fault (or process fault 1 as defined).
Analogously, Figs. 4 and 5 show the simulation results when
a process fault resulting in a reduction of link mass, with
u2 ¼ �0:6, occurs at Tx ¼ 5 s. The case of a sensor fault in y2,
with u ¼ 0:15 and Ty ¼ 5 s is reported in Figs. 6 and 7. The
fourth case of a sensor fault in y3, with u ¼ 0:15 and Ty ¼ 5 s is
illustrated in Figs. 8 and 9. In each of these cases, the fault is
successfully detected and isolated.
7. Concluding remarks
In this paper, the design and analysis of a unified fault isolation
method for process faults and sensor faults for a class of nonlinear
uncertain systems has been presented. Analytical results regar-
ding adaptive thresholds for fault isolation and fault isolability
conditions are established. Future research work will involve the
consideration of a larger class of nonlinear systems. Another
direction of future research is to investigate the fault isolation
problem for distributed systems in the context of type (c).
Acknowledgments
This work was supported in part by the Research Challenge
Program of Wright State University, the Research Promotion
Foundation of Cyprus and the Italian Ministry for University
and Research.
Appendix A. Proof of Theorem 1
The state estimation error and output estimation error
associated with the rth fault isolation estimator is
erxðtÞ¼
4xðtÞ � xrðtÞ, and er
yðtÞ¼4
yðtÞ � yrðtÞ, respectively. Based
on the values of s and r, the proof consists of the following
four parts.
Part I: The isolability of a process fault s from another
process faults r, where 1 � s � N, and r 2f1; . . . ;Ngnfsg. In
this case, the dynamics of the system is given by (16), and the
dynamics of FIE r is described by (10). Therefore, the output
estimation error eryðtÞ is
eryðtÞ ¼ Cer
xðtÞ þ dðx; u; tÞ:
The dynamics of the state estimation error erxðtÞ is described
by
erxðtÞ ¼ Aer
xðtÞ � LeryðtÞ þ hðx; u; tÞ þ Zsus � Zr u
r �Vr ˙ur
¼ A0erxðtÞ � Ldðx; u; tÞ þ hðx; u; tÞ þ Zsus � Zr u
r �Vr ˙ur
(A.1)
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121 119
Substituting Zs ¼ Vs � A0V
s and Zr ¼ Vr � A0V
r into
(A.1), we obtain:
erxðtÞ ¼ A0ðer
xðtÞ �Vsus þVr urÞ � Ldðx; u; tÞ þ hðx; u; tÞ
þ d
dtðVsus �Vr u
rÞ �Vsus
By letting erxðtÞ¼
4er
xðtÞ �Vsus þVr ur, we have:
˙erxðtÞ ¼ A0e
rxðtÞ þ hðxðtÞ; uðtÞ; tÞ � LdðxðtÞ; uðtÞ; tÞ �Vsu
s
(A.2)
By defining the jth component of the output estimation
error as
ery jðtÞ¼4y jðtÞ � yr
jðtÞ; (A.3)
and using (16) and (10), we have:
ery jðtÞ ¼ C je
rxðtÞ þ d jðx; u; tÞ ¼ C jðer
xðtÞ þVsus �Vr urÞ þ d j
(A.4)
By using (14) and (23), we can see that in this case
the fault mismatch function hsrj ðtÞ is given by hsr
j ðtÞ¼ C jðVsus �Vr u
rÞ:Therefore, (A.4) can be rewritten as
follows
ery jðtÞ ¼ C je
rxðtÞ þ hsr
j ðtÞ þ d jðx; u; tÞ: (A.5)
By applying the triangle inequality, we have
jery jðtÞj � jhsr
j ðtÞj � jC jerxðtÞj � jd jðx; u; tÞj: (A.6)
Using (A.2) and again the triangle inequality, we
obtain
jery jðtÞj � jhsr
j ðtÞj � k jx e�l jðt�TdÞ
�����Z t
Td
C jeA0ðt�tÞð�Ldðx; u; tÞ �Vsu
s þ hðx; u; tÞÞ dt
����� jd jðx; u; tÞj
(A.7)
Now taking into account the corresponding adaptive
threshold mrjðtÞ given by (22), we can immediately conclude
that, if condition (24) is satisfied at tr, we obtain
jery jðtrÞj>mr
jðtrÞ, which implies that the possibility of the
occurrence of fault r can be excluded at time t ¼ tr. Note that
the special case of us ¼ 0 was considered in Zhang et al.
(2001).
Part II: The isolability of a process fault s from a
sensor fault r, where 1 � s � N, and r 2fN þ 1; . . . ;N þ lg.In this case, the dynamics of the system is given by
(16), and the dynamics of FIE r is described by (12).
Therefore, the output estimation error eryðtÞ is given
by
eryðtÞ ¼ Cer
xðtÞ þ dðx; u; tÞ � Fr ur:
The dynamics of the state estimation error erxðtÞ is described
by
erxðtÞ ¼ Aer
xðtÞ � LeryðtÞ þ hðx; u; tÞ þ Zsus �Vr ˙u
r
¼ A0erxðtÞ þ hðx; u; tÞ � Ldðx; u; tÞ þ LFr u
r þ Zsus
�Vr ˙ur
(A.8)
By substituting LFr ¼ �Vr þ A0V
r and Zs ¼ Vs � A0V
s
into (A.8), and by means of some simple algebra (along the
same reasoning reported in the proof of Part I), we have
˙erxðtÞ ¼ A0e
rxðtÞ þ hðxðtÞ; uðtÞ; tÞ �Vsu
s � LdðxðtÞ; uðtÞ; tÞ(A.9)
where erxðtÞ¼
4er
xðtÞ �Vsus þVr ur. By using (16) and (12), we
can see that the output estimation error ery jðtÞ, defined in (A.3),
is given by
ery jðtÞ ¼ C je
rxðtÞ þ d jðx; u; tÞ � Fr
j ur
¼ C jðerxðtÞ þVsus �Vr u
rÞ þ d jðx; u; tÞ � Frj u
r
¼ C jerxðtÞ þ ðC jV
sus � ðC jVr þ Fr
jÞurÞ þ d jðx; u; tÞ:
(A.10)
By using (14) and (23), we can see that in this case the fault
mismatch function hsrj ðtÞ is given by
hsrj ðtÞ ¼ C jV
sus � ðC jVr þ Fr
jÞur:
Therefore, (34) can be rewritten in the same form as (A.5),
where erxðtÞ is given by (A.9).
Now the proof of Theorem 1 for this case easily follows by
using the same reasoning method as reported in Part I of the
proof.
Part III: The isolability of a sensor fault s from a process
fault r, where N þ 1 � s � N þ l, and r2f1; . . . ;Ng. In this
case, the dynamics of the system is given by (20), and the
dynamics of FIE r is described by (10). Therefore, the output
estimation error eryðtÞ is given by
eryðtÞ ¼ Cer
xðtÞ þ dðx; u; tÞ þ Fsus:
Thedynamics of the state estimation errorerxðtÞ is described by
erxðtÞ ¼ Aer
xðtÞ � LeryðtÞ þ hðx; u; tÞ � Zr u
r �Vr ˙ur
¼ A0erxðtÞ þ hðx; u; tÞ � Ldðx; u; tÞ � LFsus � Zr u
r
�Vr ˙ur
(A.11)
By substituting LFs ¼ �Vs þ A0V
s and Zr ¼ Vr � A0V
r
into (35), and by means of some simple algebra (along the same
reasoning reported in the proof of Part 1), we have
˙erxðtÞ ¼ A0e
rxðtÞ þ hðxðtÞ; uðtÞ; tÞ �Vsu
s � LdðxðtÞ; uðtÞ; tÞ(A.12)
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121120
where erxðtÞ¼
4er
xðtÞ �Vsus þVr ur. By using (20) and (10), we
can see that the output estimation error ery jðtÞ, defined in (A.3),
is given by
ery jðtÞ ¼ C je
rxðtÞ þ d jðx; u; tÞ þ Fs
jus
¼ C jðerxðtÞ þVsus �Vr u
rÞ þ d jðx; u; tÞ þ Fsju
s
¼ C jerxðtÞ þ ððC jV
s þ FsjÞus � C jV
r urÞ þ d jðx; u; tÞ:
(A.13)
By using (14) and (23), we can see that in this case the fault
mismatch function hsrj ðtÞ is given by
hsrj ðtÞ ¼ ðC jV
s þ FsjÞus � C jV
r ur:
Therefore, (A.13) can be rewritten in the same form as (A.5),
where erxðtÞ is given by (A.12).
Now the proof of Theorem 1 for this case easily follows by
using the same reasoning method as reported in Part I of the
proof.
Part IV: The isolability of a sensor fault s from another
sensor fault r, where N þ 1 � s � N þ l and
r 2fN þ 1; . . . ;N þ lgnfsg. In this case, the dynamics of the
system is given by (20), and the dynamics of FIE r are described
by (12). Therefore, the output estimation error eryðtÞ is given by
eryðtÞ ¼ Cer
xðtÞ þ dðx; u; tÞ þ Fsus � Fr ur:
The dynamics of the output estimation error of this case have
been analyzed in Theorem 1 of (Zhang et al., 2005).
Specifically, the following result was proved:
jery jðtÞj � jhsr
j ðtÞj � d jðy; u; tÞ � jC j eA0ðt�TdÞjx
� jZ t
Td
C j eA0ðt�tÞðhðx; u; tÞ � Ldðx; u; tÞ �VsusÞ dtj:
where
hsrj ðtÞ ¼ ðC jV
s þ FsjÞus � ðC jV
r þ FrjÞu
r; (A.14)
Clearly, the fault mismatch function hsrj ðtÞ follows the defini-
tion in (23) and (14), and, again, the proof easily follows.
Based on the analysis of the above four cases, it can be
concluded that, if condition (24) is satisfied at tr, for each
r 2f1; . . . ;N þ lg=fsg, then fault s is isolable.
References
Basseville, M., & Nikiforov, I. V. (1993). Detection of abrupt changes: Theory
and applications. New York: Prentice Hall.
Blanke, M., Kinnaert, M., Lunze, J., Staroswiecki, M., & Schrder, J. (2006).
Diagnosis and fault-tolerant control. Berlin/New York: Springer.
Boskovic, J. D., & Mehra, R. K. (1999). Stable multiple model adaptive flight
control for accommodation of a large class of control effect failures. Proc. of
the 1999 American Control Conference (pp. 1920–1924).
Chen, J., & Patton, R. J. (1999). Robust model-based fault diagnosis for
dynamic systems. London: Kluwer Academic Publishers.
Clark, R. N. (1978). Instrument fault detection. IEEE Transactions on Aero-
space and Electronic Systems, 14, 456–465.
Demetriou, M. A. (1998). Robust adaptive techniques for sensor fault detection
and diagnosis. Proc. of the IEEE Conference on Decision and Control (pp.
1143–1148).
Demetriou, M. A., & Polycarpou, M. M. (1998). Incipient fault diagnosis of
dynamical systems using on–line approximators. IEEE Transactions on
Automatic Control, 43(11), 1612–1617.
De Persis, C., & Isidori, A. (2001). A geometric approach to nonlinear fault
detection and isolation. IEEE Transactions on Automatic Control, 46, 853–
865.
Emami-Naeini, A., Akhter, M. M., & Rock, S. M. (1988). Effect of model
uncertainty on failure detection: the threshold selector. IEEE Transactions
on Automatic Control, 33, 1106–1115.
Farrell, J. A., Berger, T., & Appleby, B. D. (1993). Using learning techniques to
accommodate unanticipated faults. IEEE Control Systems Magazine, 13,
40–49.
Farrell, J., & Polycarpou, M. M. (2006). Adaptive approximation based control.
Hoboken, NJ: J Wiley.
Ferrari, R., Parisini, T., & Polycarpou, M. M. (2007). Distributed fault diagnosis
with overlapping decompositions and consensus filters. Proc. 2007 Amer-
ican Control Conference (pp. 693–698).
Floquet, T., Barbot, J. P., Perruquetti, W., & Djemai, M. (2004). On the robust
fault detection via a sliding mode disturbance observer. International
Journal of Control, 77(7), 622–629.
Frank, P. M. (1990). Fault diagnosis in dynamic systems using analytical and
knowledge-based redundancy—A survey and some new results. Automa-
tica, 26, 459–474.
Garcia, E. A., & Frank, P. M. (1997). Deterministic nonlinear observer-based
approaches to fault diagnosis: A survey. IFAC Control Engineering Prac-
tice, 5, 663–670.
Gertler, J. J. (1998). Fault detection and diagnosis in engineering systems. New
York: Marcel Dekker.
Hammouri, H., Kinnaert, M., & El Yaagoubi, E. H. (1999). Oberver-based
approach to fault detection and isolation for nonlinear systems. IEEE
Transactions on Automatic Control, 44(10), 1879–1884.
Ioannou, P. A., & Sun, J. (1995). Robust adaptive control. Englewood Cliffs, NJ:
Prentice Hall.
Isidori, A. (1995). Nonlinear control systems. Berlin, Germany: Springer-
Verlag.
Korbicz, J., Koscielny, J. M., Kowalczuk, Z., & Cholewa, W. (2008). Fault
diagnosis. Models, artifical intelligence, applications. Berlin: Springer.
Krishnaswami, V., & Rizzoni, G. (1997). Robust residual generation for
nonlinear system fault detection and isolation. Proc. IFAC Symp. on
Fault Detection, Supervision and Safety for Technical Processes (pp.
163–168) .
Marino, R., & Tomei, P. (1995). Nonlinear control design. Englewood Cliffs,
NJ: Prentice Hall.
Menke, T., & Maybeck, P. S. (1995). Sensor/actuator failure detection in the
Vista F-16 by multiple model adaptive estimation. IEEE Transactions on
Aerospace and Electronic Systems 31(4).
Patton, R. J. (1997). Fault-tolerant control: the 1997 situation (survey). Proc.
IFAC Symp. on Fault Detection, Supervision and Safety for Technical
Processes (pp. 1029–1052).
Patton, R. J., Frank, P. M., & Clark, R. N. (1989). Fault diagnosis in dynamic
systems: Theory and applications. Englewood Cliffs, NJ: Prentice Hall.
Polycarpou, M. M., & Helmicki, A. J. (1995). Automated fault detection and
accommodation: A learning system approach. IEEE Transactions on Sys-
tems, Man and Cybernetics, 25(11), 1447–1458.
Seliger, R., & Frank, P. M. (1991). Robust component fault detection and
isolation in nonlinear dynamic systems using nonlinear unknown input
observers. Proc. IFAC Symp. on Fault Detection, Supervision and Safety for
Technical Processes (pp. 313–318).
Vemuri, A. T., & Polycarpou, M. M. (1997). Robust nonlinear fault
diagnosis in input-output systems. International Journal of Control,
68, 343–360.
Vemuri, A. T. (2001). Sensor bias fault diagnosis in a class of nonlinear systems.
IEEE Transactions on Automatic Control, 46, 949–953.
Wang, H., Huang, Z. J., & Daley, S. (1997). On the use of adaptive updating
rules for actuator and sensor fault diagnosis. Automatica, 33, 217–225.
X. Zhang et al. / Annual Reviews in Control 32 (2008) 107–121 121
Witczak, M. (2007). Modelling and estimation strategies for fault diagnosis of
non-linear systems. Lecture notes in control and information sciences.
Berlin: Springer.
Yan, X., & Edwards, C. (2007). Nonlinear robust fault resconstruction and
estimation using a sliding mode observer. Automatica, 43, 1605–1614.
Yan, W., & Goebel, K. (2003). Sensor validation and fusion for gas turbine
vibration monitoring. Proc. of SPIE—The International Society for Optical
Engineering, 5107 (pp. 106–117).
Zhang, X., Parisini, T., & Polycarpou, M. M. (2005). Sensor bias fault isolation
in a class of nonlinear systems. IEEE Transactions on Automatic Control,
50(47), 370–376.
Zhang, X., Polycarpou, M. M., & Parisini, T. (2001). Robust fault isolation of a
class of nonlinear input-output systems. International Journal of Control,
74, 1295–1310.
Zhang, X., Polycarpou, M. M., & Parisini, T. (2002). A robust detection and
isolation scheme for abrupt and incipient faults in nonlinear systems. IEEE
Transactions on Automatic Control, 576–593.
Xiaodong Zhang received the B.S. degree from Huazhong University of
Science and Technology, Wuhan, China, the M.S. degree from Shanghai Jiao
Tong University, Shanghai, China, and the Ph.D. degree from University of
Cincinnati, Cincinnati, OH, USA, all in electrical engineering, in 1994, 1997
and 2002, respectively. From 2002 to 2005, he was a Sr. Research Engineer at
Intelligent Automation Inc., Rockville, MD, USA. In 2005, he joined General
Motors Research and Development Center, Warren, MI, USA, as a senior
researcher, and in 2007, he joined Wright State University, Dayton, OH, USA,
as an assistant professor. His research interests include intelligent control
systems, fault diagnosis and prognosis, fault-tolerant control, cooperative
and distributed control.
Marios M. Polycarpou received the B.A. degree in computer science and the
B.Sc. degree in electrical engineering, both from Rice University, Houston, TX,
USA in 1987, and the M.S. and Ph.D. degrees in electrical engineering from the
University of Southern California, Los Angeles, in 1989 and 1992, respectively.
In 1992, he joined the University of Cincinnati, Cincinnati, OH, where he
became a professor of electrical and computer engineering and computer
science. In 2001, he was the first faculty to join the newly established
Department of Electrical and Computer Engineering, University of Cyprus,
Nicosia, Cyprus, where he is currently professor and Director of the KIOS
Center for Intelligent Systems and Networks. His current research interests
include intelligent systems and control, adaptive and cooperative control
systems, computational intelligence, fault diagnosis, and distributed agents.
He is the author or co-author of more than 175 articles published in refereed
journals, edited books and refereed conference proceedings, and one textbook,
published by Wiley in 2006. He is also the holder of three patents. Prof.
Polycarpou is currently the Editor-in-Chief of the IEEE Transactions on Neural
Networks. He served as the Chair of the Technical Committee on Intelligent
Control, IEEE Control Systems Society (2003–2005) and as Vice President,
Conferences, of the IEEE Computational Intelligence Society (2002–2003). He
is currently a member of the Board of Governors of the IEEE Control Systems
Society, and an AdCom member of the IEEE Computational Intelligence
Society. Prof. Polycarpou is a Fellow of IEEE.
Thomas Parisini received the ‘‘Laurea’’ degree (Cum Laude and printing
honours) from the University of Genoa in 1988 and the Ph.D. degree in
Electronic Engineering and Computer Science in 1993. In 2001 he was
appointed full professor and Danieli Endowed Chair of Automation Engineer-
ing at the University of Trieste. Thomas Parisini is the Chair of the Conference
Editorial Board and an elected member of the Board of Governors of the IEEE
Control Systems Society. Moreover, he is a member of the European Control
Association council. He was a Distinguished Lecturer of the IEEE Control
Systems Society. He is the co-recipient of the 2004 Outstanding Paper Award of
the IEEE Transactions on Neural Networks. Thomas Parisini is currently
serving as an Associate Editor of the International Journal of Control, and
as Subject Editor of the International Journal of Robust and Nonlinear Control
and served as Associate Editor of Automatica, of the IEEE Transactions on
Automatic Control, and of the IEEE Transactions on Neural Networks. He is the
Program Chair of the 47th IEEE Conf. on Decision and Control to be held in
Cancun, MX, in 2008 and has been appointed as General Co-Chair of the 2013
IEEE Conf. on Decision and Control. His research interests include neural-
network approximations for optimal control and filtering problems, fault
diagnosis for nonlinear systems, hybrid control systems and control of dis-
tributed systems. Thomas Parisini is a Distinguished Member of the IEEE.