ARTICLE IN PRESS

0967-0661/$ - se

doi:10.1016/j.co

�Correspondfax: +44116 25

E-mail addr

Control Engineering Practice 14 (2006) 897–908

www.elsevier.com/locate/conengprac

Sensor fault tolerant control using sliding mode observers

Christopher Edwardsa,�, Chee Pin Tanb

aControl and Instrumentation Research Group, Department of Engineering, University of Leicester, Leicester LE1 7RH, UKbSchool of Engineering, Monash University Malaysia, 2 Jalan Kolej, 46150 Petaling Jaya, Malaysia

Received 25 November 2003; accepted 8 May 2005

Available online 11 July 2005

Abstract

Previous work has considered the use of sliding mode observers for fault detection and isolation (FDI) in uncertain linear systems

whereby the unknown faults are reconstructed by appropriate processing of the so-called equivalent output error injection. The

paper builds on this work and considers such a scheme within the broader context of fault tolerant control. Specifically, by

correcting the faulty measurement by an estimate of the fault obtained from the sliding mode FDI scheme, good closed-loop

performance is still maintained. An example of such a scheme, which has been implemented in real-time on a laboratory dc motor

rig, is described.

r 2005 Elsevier Ltd. All rights reserved.

Keywords: Fault tolerant control; Fault detection and isolation; Sliding modes; Observers

1. Introduction

Fault tolerant control is emerging as an importanttopic of research (Blanke, Izadi-Zamanabadi, Bogh, &Lunau, 1997; Blanke, Staroswiecki, & Wu, 2001; Patton,1997; Staroswiecki & Gehin, 2001; Zhang & Jiang,2003). As automated systems become more complex, akey challenge is how to achieve (at worst) gracefuldegradation in performance in the event of a faultassociated with an actuator, sensor or componentsubsystem. Fault tolerant control systems (FTCS) canbe broadly classified into two types: passive and active(Patton, 1997). Passive FTCS are designed to maintainperformance in the presence of a select number of(possibly minor) fault scenarios without the need todetect their presence. No alteration or adaptation ismade to the control law and so these controllers may bethought of as a very specific class of robust controllers,and the faults as a certain class of disturbances orparameter uncertainties, which can be overcome by

e front matter r 2005 Elsevier Ltd. All rights reserved.

nengprac.2005.05.002

ing author. Tel.: +44116 2231303;

22619.

ess: chris.edwards@le.ac.uk (C. Edwards).

means of the robust control paradigm adopted (see, forexample, the bibliography in Patton, 1997; Zhang &Jiang, 2003). Active FTCS react to the detection of afault within the system and attempt to retain a level of,possibly degraded, performance by either selecting froma set of pre-computed fixed control laws designed apriori for just such a scenario (projection-based meth-ods), or by adjusting the controller parameters orperforming real-time identification to generate a ‘new’controller (see, for example, the bibliography in Zhang& Jiang, 2003).

This paper is concerned with the use of sliding modeideas (Edwards & Spurgeon, 1998; Utkin, 1992) for faultreconstruction and how this information may be used ina simple way to provide a fault tolerant control scheme.Recent work (Edwards, Spurgeon, & Patton, 2000; Tan& Edwards, 2003, 2003) has explored how sliding modeobservers can be used for fault estimation in uncertainlinear systems subject to additive actuator and sensorfaults. These papers argue that by appropriately scalingthe so-called equivalent output error injection signalassociated with the nonlinear output error term in theobserver, reconstruction of actuator and sensor faultscan be made. In the absence of uncertainty, in

ARTICLE IN PRESSC. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908898

simulation, these reconstructions would be perfect.In the presence of uncertainty in the model descriptionof the plant, a tractable numerical scheme is proposedin Tan and Edwards (2003) to choose the designfreedom in the observer gains and the scaling of theequivalent output error injection signal, so that theeffect of the uncertainty on the reconstruction signals isminimized. The contributions in Edwards et al. (2000);Tan and Edwards (2003, 2003) were theoretical. Morerecently, the results of implementing such schemes onlaboratory scale equipment have been presented(Edwards, Lomoro, & Tan, 2003). However, in Edwardset al. (2003), the scheme was implemented in an off-linemonitoring capacity. In this paper an observer asproposed in Tan and Edwards (2003) will be imple-mented on-line and the resulting sensor fault estimatesused in the control scheme. The objective is to showthat such schemes can be implemented in real-timeon real systems and can provide a suitably accuratereconstruction. Recently, a similar idea has beenemployed for a class of faults in an automotive enginesystem (Kim, Rizzoni, & Utkin, 2001). The resultsin Kim et al. (2001) were developed specifically forthe engine system under consideration and were testedin simulation. Here, the results are based on a moregeneric description and will be implemented in real-time.The scheme proposed here and in Kim et al. (2001)is technically neither passive nor active: the sensorfault estimate information is used to correct themeasured output signals, and so the fault detec-tion and isolation (FDI) information is used inthe controller, but not strictly in an active sense, sinceno adjustment or adaptation of the controller gainstakes place.

The paper is organized as follows. Section 2 describesthe sliding mode observer which will be used as a basisfor the fault tolerant control scheme and outlines theavailable design freedom. Section 3 describes the dc-motor system which has been used as a demonstrator,how it has been modelled, the way faults have beeninjected and details of the specific observer design.Section 4 presents the results and makes comparisonswith some off-line analysis of the data. Finally, Section 5makes some concluding remarks.

The notation is quite standard. The symbol k � krepresents the Euclidean norm for vectors and theinduced norm for matrices. In addition, k � k1 willrepresent the H1 norm for LTI systems. The termcolðx1; x2Þ implies that the two vectors x1 and x2 arestacked to produce a new vector.

2. Preliminaries

This section introduces the preliminaries necessaryfor the work presented in this paper. Consider an

uncertain dynamical system affected by sensor faultsdescribed by

_xpðtÞ ¼ ApxpðtÞ þ BpuðtÞ, ð1Þ

yðtÞ ¼ CpxpðtÞ þNpf oðtÞ þMpxðt; y; uÞ, ð2Þ

where Ap 2 Rn�n;Bp 2 Rn�m;Cp 2 Rp�n, Np 2 Rp�r

and Mp 2 Rp�k with nXpXr. Assume that the matricesCp and Np are full row and column rank, respectively,and the function f o : Rþ ! Rr is unknown butbounded so that

kf oðtÞkpaðtÞ, (3)

where a : Rþ ! Rþ is a known function. The signalf oðtÞ represents (additive) sensor faults and Np repre-sents a distribution matrix (with columns usually formedfrom the standard basis for Rp), which indicates whichof the sensors providing measurements are prone topossible faults. The map x : Rþ � Rp � Rm ! Rk en-capsulates any uncertainty or nonlinearities present andis assumed to be unknown but bounded and subject tokxðt; y; uÞkob where the positive scalar b is known.

Remark. Whilst the assumption that only certainsensors are fault prone is a limitation, in some practicalsituations, certain sensors may be more vulnerable todamage or may be more sensitive or delicate inconstruction than others, and so such a situation isnot unrealistic.

The objective is to design a sliding mode observer(Utkin, 1992; Drakunov & Utkin, 1995; Edwards &Spurgeon, 1998) in order to reconstruct the faults f oðtÞ.As argued in Tan and Edwards (2003), an effective wayto do this is to first introduce a filter. Consider a newstate xf 2 Rp that is a filtered version of y, satisfying

_xf ðtÞ ¼ � Af xf ðtÞ þ Af CpxpðtÞ

þ Af Npf oðtÞ þ Af Mpxðt; y; uÞ, ð4Þ

where �Af 2 Rp�p is a stable matrix. Eqs. (1) and (4)

can be combined to form an augmented state-spacesystem of order nþ p given by

_xpðtÞ

_xf ðtÞ

" #¼

Ap 0

Af Cp �Af

" #|fflfflfflfflfflfflfflfflfflfflfflffl{zfflfflfflfflfflfflfflfflfflfflfflffl}

A

xpðtÞ

xf ðtÞ

" #þ

Bp

0

" #|fflffl{zfflffl}

B

uðtÞ

þ

0

Af Np

" #|fflfflfflfflffl{zfflfflfflfflffl}

F

f oðtÞ þ0

Af Mp

" #|fflfflfflfflfflffl{zfflfflfflfflfflffl}

M

xðt; y; uÞ, ð5Þ

xf ðtÞ ¼ ½0 Ip�|fflfflffl{zfflfflffl}C

xpðtÞ

xf ðtÞ

" #. (6)

Define xa 2 RðnþpÞ to be the augmented state and notethat Eqs. (5) and (6) treat the ‘sensor faults’ f o as‘actuator faults.’ By construction rankðCF Þ ¼ r.

ARTICLE IN PRESSC. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908 899

Furthermore, as shown in Tan and Edwards (2003), theinvariant zeros of ðA;F ;CÞ � lðApÞ and so if the open-loop plant is stable, the system ðA;F ;CÞ is minimumphase.1

For the uncertain system in (5) and (6), a sliding modeobserver of the form

_zðtÞ ¼ AzðtÞ þ BuðtÞ � GleyðtÞ þ Gnn (7)

will be considered. In (7), the discontinuous output errorinjection term

n ¼�rðt; y; uÞ Poey

kPoeykif eya0;

0 otherwise;

((8)

where eyðtÞ:¼CzðtÞ � yðtÞ is the output estimation errorand Po is a symmetric positive definite (s.p.d.) matrix.The matrix Gl is a traditional Luenberger observer gainused to make ðA� GlCÞ stable. The scalar function rð�Þmust be an upper bound on the uncertainty and thefaults; for details, see Tan and Edwards (2003). Edwardset al. (2000) have shown a sliding mode observer of theform (7) and (8), completely insensitive to the fault f oðtÞ,exists if and only if

(A1)

1In

has str

system

rankðCF Þ ¼ r.

(A2) the invariant zeros of ðA;F ;CÞ are in C�.

Since it has been assumed that Np from (2) is fullcolumn rank, there exists an orthogonal matrix T 2

Rp�p such that

TAf Np ¼0

F o

" #,

where F o 2 Rr�r is nonsingular. The matrix T can beeasily obtained using so-called QR reduction (Strang,1988). If colðx1;x2Þ is a partition of xa with x2 2 Rp, thenthe orthogonal coordinate change

xa � ðx1;x2Þ7!ðx1;TTx2Þ � x

gives the system triple ðA;F ;CÞ in the new coordinates

A ¼A11 A12

A21 A22

" #F ¼

0

F o

" #C ¼ ½0 T �, (9)

where A11 2 Rn�n. Define A211 as the top p� r rows ofA21. By construction, the pair ðA11;A211Þ is detectableand the unobservable modes of ðA11;A211Þ are theinvariant zeros of ðA;F ;CÞ (Edwards et al., 2000). Alsofor convenience, define F 2 2 Rp�r as the bottom p rowsof F (which therefore includes F o). The uncertaintydistribution matrix M from (5), in the new coordinatesystem, has no special structure but for convenience is

fact, in the setup considered here, if p4r, the system ðA;F ;CÞictly more outputs than inputs and it would be expected that the

ðA;F ;CÞ would have no invariant zeros.

partitioned as

M ¼M1

M2

" #, (10)

where M2 2 Rp�k. In this coordinate system, an appro-priate gain Gn for the nonlinear injection term has thestructure

Gn ¼�LTT

TT

" #where L ¼ ½Lo 0� (11)

and Lo 2 Rn�ðp�rÞ. If e:¼z� x is the state estimationerror, then from (5) and (7)

_eðtÞ ¼ ðA� GlCÞeðtÞ � Ff o �Mxþ Gnn. (12)

As in Tan and Edwards (2003), define a Lyapunovmatrix for the error system in (12) to have the form

P ¼P1 P1L

LTP1 TTPoT þ LTP1L

" #40, (13)

where P1 2 Rn�n is s.p.d. Let Gl 2 RðnþpÞ�p be anymatrix which satisfies

PðA� GlCÞ þ ðA� GlCÞTPo0. (14)

For an appropriate choice of rðt; y; uÞ in (8), which mustbound the uncertainty and the supremum of aðtÞ from(3), it can be shown that an ideal sliding motion takesplace on the surface

S ¼ fe : Ce ¼ 0g

in finite time. For details, see Tan and Edwards (2003).During the ideal sliding motion (Edwards & Spur-

geon, 1998; Utkin, 1992), ey ¼ _ey ¼ 0 and the discontin-uous signal n must take on average a value tocompensate for x and f o to maintain sliding. Theaverage quantity, denoted by neq, is referred to as theequivalent output error injection term (the naturalanalogue of the concept of ‘equivalent control’ Utkin,1992). Partition the state error vector e from (12),conformably with the canonical form in (9), as colðe1; e2Þso that ey ¼ Te2. Then in the coordinate systemcolðe1; eyÞ where e1 ¼ e1 þ Le2, during the sliding mo-tion, the error system can be written as

_e1ðtÞ ¼ ðA11 þ LA21Þe1ðtÞ � ðM1 þ LM2Þxðt; y; uÞ, ð15Þ

0 ¼ TA21e1ðtÞ � TF2f o � TM2xðt; y; uÞ þ neq. ð16Þ

The signal neq can be approximated to any degree ofaccuracy, and is computable on-line as

nd ¼ �rðt; y; uÞPoey

kPoeyk þ d, (17)

where d is a small positive scalar (Edwards & Spurgeon,1998).

Consider a would-be fault reconstruction signal

f o:¼WTTnd, (18)

ARTICLE IN PRESS

fault

estimator

Controller Plantyref

+

+

^

fofo

u y

Fig. 1. Schematic of the fault implementation.

2dSPACE is the registered trademark of dSPACE GmbH.3MATLAB is the registered trademark of the Mathworks, Inc.

C. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908900

where

W :¼½W 1 F�1o � (19)

and W 1 2 Rr�ðp�rÞ represents design freedom and F o isdefined in (9). Then by straightforward manipulation of(15) and (16) it can be shown that the fault reconstruc-tion signal

f oðtÞ ¼ f oðtÞ þ GðsÞxðt; y; uÞ, (20)

where (using the notation of Zhou, Doyle, & Glover,1996) the transfer function matrix

G(s) =A11 + LoA211 M1 + LoM21

WA21 WM2

»

, (21)

where M21 represents the top p� r rows of M2. Tan andEdwards (2003) propose minimizing the effect of x onthe reconstruction f o by minimizing theL2 gain (Khalil,1992) between x and f o. Because, in this case, therelationship between the two signals is governed by the(linear) transfer function matrix GðsÞ, this is equivalentto minimizing the upper bound of the H1 norm of GðsÞ

(Zhou et al., 1996). With an appropriate change ofvariables associated with the design parameters Po, Lo

and Gl , the problem of minimizing kGðsÞk1 subject tosatisfying (13) and (14) can be cast as a well-definedconvex optimization problem and can be efficientlysolved using linear matrix inequality (LMI) methods(Boyd, Ghaoui, Feron, & Balakrishnan, 1994). Detailsof the formulae and the change of coordinates used toobtain a convex optimization problem are given in Tanand Edwards (2003).

A general configuration representing the fault tolerantcontrol scheme which will be used in this paper isshown in Fig. 1. In this particular figure, the specificoutput of the FDI component is the sensor faultestimate f o. In active fault tolerant control, theinformation from the FDI scheme would trigger anon-line reconfiguration or adaptation of the control law.In this paper, as in Kim et al. (2001) the estimated sensorfault f o will be used to correct the measured outputsignal so that y�Npf o will be the output of a ‘virtualsensor’ that will be used in the control law calculationsto generate the signal u.

3. Application to a dc motor

The work described in Section 2 will now be appliedto a small dc-motor rig, which has been used as a safeand practical demonstrator for these ideas. The objec-tive will be to control the speed of rotation of a diskattached (rigidly) to the shaft of the motor subject to aneddy current brake. Control will nominally be achievedin the fault-free case by a simple proportionalþ integral(PI) controller based on the difference between thereference signal and the measurement of angular speedfrom a tacho-generator. For the purposes of demonstra-tion, however, the measurement from the tacho-gen-erator will be assumed to be prone to faults.

3.1. Description of the motor setup

The rig which has been used in these experiments isbased around a 30W permanent magnet dc motor. Themotor is powered by a servo-amplifier which provides 24Vat 2A unregulated supply. The motor shaft is connected inline to a rotating eddy current disk brake via a flexiblecoupling and also to a tacho-generator, the latter providingthe measurement of angular speed used for feedbackpurposes. The servo amplifier also provides a voltageoutput which is directly proportional to the load current inthe armature coils. These two measurements will be used inthe fault tolerant control scheme which is proposed.

The control law and the sliding mode observer for thesystem have been implemented using dSPACE.2 Thespecific setup runs MATLAB

3 6.1 on a Windows platformwith a DS1102 card fixed in one of the expansion portsof the PC and connected directly to the interface bus.The two analogue signals from the sensors have beenconnected to the first two 16 bit A/D converters in theDSP card. The first 14 bit D/A converter output fromthe card has been connected to the servo-amplifier.

3.2. Modelling

For the purposes of observer design, an uncertainlinear model representation has been developed. Astandard (linear) description of the system has beenformed from the state variables i and w which representthe current in the armature circuit and the angularvelocity of the motor shaft, respectively. The armaturecurrent circuit is assumed to satisfy

La

diðtÞ

dtþ RaiðtÞ ¼ uðtÞ � KewðtÞ, (22)

where La and Ra represent the inductance and theresistance, respectively, and Ke represents the gainassociated with the back e.m.f. The mechanical equation

ARTICLE IN PRESSC. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908 901

governing the rotation of the shaft is taken as

JdwðtÞ

dt¼ KtiðtÞ � Kf wðtÞ, (23)

where J represents the inertia, Kt represents the motortorque constant and Kf the dynamic friction coefficientplus the effect of the eddy current brake. Rather thantrying to directly measure or estimate the parameterswithin the motor model, a system identificationapproach has been adopted. A continuous-time state-space model, with the structure of the equations given in(22) and (23), was fitted to logged data using themethodology described in Section 6 from Ljung (1995).Specific known data associated with the motor was usedas a starting point for the estimation algorithms (Ljung,1995). A nominal state-space representation of the form

_xpðtÞ ¼ ApxpðtÞ þ BpuðtÞ (24)

has been obtained in which

Ap ¼�3:6239 1049:3257

�2:7147 �216:2070

� �Bp ¼

0

445

� �, (25)

where xp ¼ colðw; iÞ. No attempt was made to explicitlyaccount for the dead-zone nonlinearity resulting fromCoulomb friction, which is known to be present in thesystem.

In the experiments which follow it is assumed thatboth states are measured. It is also assumed that thetacho-generator signal measuring shaft velocity is proneto error, but that the current sensor is reliable. In termsof the general system architecture in (1) and (2), theoutput distribution matrix

Cp ¼0:0239 0

0 1

� �(26)

which reflects a change from the SI units for the speedand current, respectively, into voltages obtained fromthe sensors. The sensor fault distribution matrix

Np ¼1

0

� �.

The signal xð�Þ in (1) and (2) represents an additive‘unknown input’ and is meant to encapsulate the plantmodel/mismatch. The distribution matrix Mp, however,is assumed to be known. The identification approachdoes not generate the matrix Mp and so it needs to beestimated separately. The value of Mp is important sincethe sub-blocks M1 and M2 play an important role in thetransfer function GðsÞ from (21), and hence in theoptimization procedure to obtain the observer gains.The requirement of obtaining an appropriate value forMp is a well-known problem in the application of robustFDI methodologies which rely on knowledge of thedirections associated with the unknown inputs (Chen &Patton, 1999). One of the most practical approaches toestimate the distribution matrix Mp is the one proposedin Patton and Chen (1993). The approach described in

Patton and Chen (1993) involves estimating in the firstinstance the quantity Mpx, i.e. the discrepancies betweenthe output of the plant and the model. Then, essentially,principal component analysis is used to obtain thedistribution matrix Mp (Patton & Chen, 1993). Asinusoidal input has been injected into both the modeland the motor rig and Fig. 2 shows the discrepancy ineach output between the model and the measured datain terms of voltage. In SI units, this corresponds to anactual discrepancy of approximately �0:05A for thecurrent and �2 rad=s for the measured speed. In thisexample, a suitable pragmatic choice for the distributionmatrix has been found to be

Mp ¼1

1

� �since both error signals in Fig. 2 are visually similar.This has proved to be sufficiently accurate for thisexample. A complete model of the motor system hasnow been obtained in the form of (1) and (2) with all thematrices known. It can be verified that both assump-tions A1 and A2 are satisfied and therefore the approachdescribed in Section 2 can now be employed.

3.3. Observer design

The observer design involves the introduction of anoutput filter. After some design iteration, a value of Af ¼

30I2 was selected. This choice of Af results in numericallywell-conditioned solutions for Gl and Po. This isespecially important when implementing the observer inreal-time using a fixed time-step integration routine (asdiscussed later in Section 4). The only remaining user-defined parameter is a weight used in the optimization toreflect a trade-off in the state-error tracking performanceof the full order observer and the impact of measurementnoise (this parameter is represented as D1 2 Rp�p in Tan& Edwards (2003)). Here, the parameter has been chosenas the identity matrix. Once the parameters Af and D1

have been specified, the algorithm described in Tan andEdwards (2003) yields the following optimal design gainsfor the observer in (7) and (8):

Gl ¼

�0:0586 �0:0591

0:0054 0:0055

17:5769 17:4085

17:4085 17:5690

2666664

3777775

and

Gn ¼

0:0000 �0:0034

0:0000 0:0003

1:0000 0:0000

0:0000 1:0000

2666664

3777775.

ARTICLE IN PRESS

0 10 20 30 40 50 60 70 80 90 100-0.1

-0.05

0

0.05

0.1

Time, sec

Mod

ellin

g er

ror

(cur

rent

), v

olts

0 10 20 30 40 50 60 70 80 90 100-0.1

-0.05

0

0.05

0.1

Mod

ellin

g er

ror

(spe

ed),

vol

ts

Fig. 2. Plant model mismatch in each state-space channel.

C. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908902

The s.p.d. matrix which scales the output error in thenonlinear injection term (8) is

Po ¼3:0545 �3:0266

�3:0266 3:0559

� �.

The scaling of the equivalent output error injection signalto produce the reconstruction in (18) is

W ¼ ½0:0333 � 0:0333�.

The H1 norm of the transfer function matrix GðsÞ in(21) is 5:9126� 10�4. In the implementation resultswhich follow, the discontinuous injection gain from (8)is r ¼ 4:0 and the smoothing parameter from (17) isd ¼ 0:0001. From a theoretical standpoint, the gain rmust be large enough to bound the uncertainty and thefault signals, whilst ideally the term d should be small.The literature associated with the choice of smoothingcoefficient d in the unit vector approximation has beenmainly associated with chatter avoidance in controlschemes and its impact on the robustness of the closed-loop system (Burton & Zinober, 1986; Davies &Spurgeon, 1993; deJager, 1992). Here, the objective is

different because the emphasis is on the choice of d andits impact on the quality of the reconstruction. Generallyspeaking lower values of d can be considered in thisobserver problem than would be used in the controllercase where chattering of the control signal is a key issue.It is argued in Edwards and Spurgeon (1998) that as aresult of using the sigmoidally approximation (17) aboundary layer of size 20d is introduced (in the scalarcase). This quantity, plus the gain Gl , will determine theaccuracy of the estimate f o. In the boundary layer, anapproximation to (16), allowing for the fact that eya0(but ignoring uncertainty), is given by

0 � TðA22 � Gl;2ÞTTeyðtÞ þ TA21e1ðtÞ � TF2f oðtÞ þ neq,

where Gl;2 is a matrix comprising the last p rows of Gl . Inthe absence of uncertainty e1ðtÞ ! 0 and thus TðA22 �

Gl;2ÞTTey is a reflection of the accuracy which will be

achieved in implementation and provides a threshold onthe size of the fault that could be detected. The on-lineperformance will be further reduced by the fact that afixed time-step integration routine must be employed for

ARTICLE IN PRESSC. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908 903

the real-time implementation. The final choice of thesmoothing coefficient has been arrived at following off-line testing with a fixed time-step integration routine toensure this value presents no difficulty to the integrationroutines (too small a value will register as a ‘disconti-nuity’ and cause numerical problems).

3.4. Implementation

The dSPACE setup has been used to implement a(simple) speed feedback controller and the sliding modeobserver used to monitor the system. The dSPACEsetup allows easy and repeatable realization of therequired faults without the need to directly affect thehardware. The fault has been implemented at a ‘soft-ware level’ as shown in Fig. 3:

For control purposes, a simple PI controller has beendesigned using only the measured angular velocity w.The input voltage to the motor amplifier is given byu ¼ KðsÞðwr � wÞ where

KðsÞ ¼ðsþ 15Þ

2s(27)

and the reference speed signal is wr. This controller willbe used to provide a benchmark performance level forthe fault-free closed-loop system. The objective will beto recover the performance of this controller in thepresence of sensor faults.

^

ControllerA/D D/A

fo

fo

from

sensor

to

motor+

+

y u

Fig. 3. Schematic of the fault implementation.

0 20 40 60 8 -200

-150

-100

-50

Time

refe

renc

e sp

eed,

rad

/s

Fig. 4. Speed refe

Remark. The approach that is used to recoverthe performance in the presence of sensor faults isindependent of the controller law and could be ‘retro-fitted’ to any output feedback controller driven by theerror signal between the measured speed w and thereference wr.

4. Results

In the experiments, the reference signal wr comprises aseries of steps driving the angular speed from approxi-mately 80 to 160 rad/s and back as shown in Fig. 4.

4.1. Real-time results

The control law described in (27) provides thenominal performance in the fault free case. A typicalresponse to one of the step changes in reference speed isgiven in Fig. 5.

In these experiments the sampling interval used is0.001 s. The nominal PI controller gives a rise time ofapproximately 0.15 s to a step change input and so thesampling interval gives approximately 150 sample pointsduring the transient response. As argued by Astrom andWittenmark (1984), this represents an adequate sam-pling time from a control theory perspective. For thecontroller in (27), the rms value of the speed trackingerror over the 160 s profile in Fig. 4 is 2.1415 rad/s. Thiswill be used as the benchmark performance which thesliding mode scheme will attempt to recover in thepresence of a sensor fault.

In the following experiments (unless otherwise stated)the speed sensor signal which is used in the controlleron-line calculations has been corrupted by a symmetricsaw-tooth signal of amplitude 0.5V which in SI unitscorresponds to a peak error of 20.9440 rad/s (Fig. 6).

0 100 120 140 160

, sec

rence signal.

ARTICLE IN PRESS

0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 -80

-60

-40

-20

0

mot

or s

peed

, rad

/s

Time, sec

Fig. 5. Nominal PI performance.

0 20 40 60 80 100 120 140 160-1

-0.5

0

0.5

1

Time, sec

Sen

sor

faul

t sig

nal f

o, v

olts

Fig. 6. Sensor fault signal.

C. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908904

This models a slow drift error in the sensor. As such itrepresents a difficult to detect incipient fault (Chen &Patton, 1999) which is typically used to test the efficacyof FDI/FTC schemes (Chen & Patton, 1999; Gobbo,Napolitano, Famouri, & Innocenti, 2001; Patton,Frank, & Clark, 1989). If the nominal PI controller isused in the presence of this speed sensor fault, whilst themeasured output appears to track the reference signal,the actual tracking error is shown in Fig. 7. Thiscorresponds to a rms tracking error of 12.5584 rad/s andsignificantly degraded performance.

The fault tolerant control scheme as described inFig. 3 has been implemented to attempt to recover thefault-free performance in the presence of the sensor faultin Fig. 6. Fig. 8 is concerned with the on-line slidingmode observer response and represents a plot of keyðtÞk

versus time.This quantity is indicative of whether a sliding motion

is taking place (and also in this situation of course, the

accuracy with which the output of the observer tracksthe measured speed and current signals). As a result ofthe fixed step integration, a reduction in the predictedtolerance of 0.002 can be observed in Fig. 8. Fig. 9represents the reconstruction signal f o compared with,in this case, the known fault signal f o from Fig. 6. Avery good reconstruction is obtained.

Using the sliding mode estimation scheme, Fig. 10shows the extent to which the actual speed tracks thereference signal wr (which can be calculated in thissituation because the exact value of the fault is known).It can be seen that now very good tracking is stillmaintained despite the presence of the fault (Figs. 10and 11). The rms speed tracking error is now 2.8869 rad/s.This is not as good as the nominal performance but issignificantly better than in the unaccommodated casein Fig. 7. For interest, the measured output is shown inFig. 12. Obviously, apparently poor tracking is beingdemonstrated here because of the influence of the faults.

ARTICLE IN PRESS

0 20 40 60 80 100 120 140 1600

0.02

0.04

0.06

0.08

0.1

norm

of e

y, v

olts

Time, sec

Fig. 8. Output estimation error.

0 20 40 60 80 100 120 140 160-1

-0.5

0

0.5

1

Time, sec

Sen

sor

faul

t rec

onst

ruct

ion,

vol

ts

Fig. 9. Reconstruction of the fault signal.

0 20 40 60 80 100 120 140 160-200

-150

-100

-50

Time, sec

actu

al m

otor

spe

ed, r

ad/s

Fig. 7. Real motor speed tracking error (no correction).

C. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908 905

ARTICLE IN PRESS

0 20 40 60 80 100 120 140 160-200

-150

-100

-50

Time, sec

real

mot

or s

peed

, rad

/s

Fig. 10. Real motor speed and reference.

0 20 40 60 80 100 120 140 160-15

-10

-5

0

5

10

15

Time, sec

real

spe

ed tr

acki

ng e

rror

, rad

/s

Fig. 11. Real motor speed tracking error.

0 20 40 60 80 100 120 140 160-200

-150

-100

-50

Time, sec

mea

sure

d m

otor

spe

ed, r

ad/s

Fig. 12. Measured motor speed.

C. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908906

ARTICLE IN PRESS

0 20 40 60 80 100 120 140 160-40

-20

0

20

40

time, sec

sens

or fa

ult r

econ

stru

ctio

n, r

ad/s

Fig. 13. Sensor fault reconstruction (with a fault on current).

C. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908 907

4.2. Remarks

The nonlinear term in the observer prevents explicitanalytical integration to generate an exact expression forthe discrete time system suitable for implementation inreal-time. Numerical integration methods must there-fore be employed. The sampling rate and the type ofintegration routines used to implement the observer willobviously be limited by the hardware. For this reason,the on-line integration routines are forced to be fixedtime-step in nature. In this particular case a fifth order‘ode5 Dormand-Prince’ routine has been used. Forsimulation purposes, off-line, a variable time-steproutine would be chosen which is suitable for the ‘stiffsystem’ resulting from the nonlinear term in the observerwhich effectively has high gain characteristics. Becauseof the ‘stiff’ nature of the observer system, low-orderintegration Euler methods are known to encounterdifficulties (Butcher, 2003), hence the choice of a high-order integration routine.

The results in this paper have been based on thepretext that a certain subset of the measurements (in thiscase the armature current) are reliable whilst othermeasurements (in this case the speed sensor) are faultprone. A fault on the current sensor would invalidate allthe analysis presented here, and the reconstruction f o

obtained from the sliding mode scheme would beinaccurate. To demonstrate this, in the followingexperiment, a fault has been introduced into the currentsensor. Again this takes the form of a saw-tooth wave—this time of amplitude equivalent to 0.25A. No speedsensor fault is present, however, a speed sensor faultestimate f o is produced by the sliding mode observer asshown in Fig. 13. This of course would significantlydegrade the performance of the controller. However, itis possible to design an FDI scheme (using any robustmethod of choice), utilizing only the armature currentmeasurement, to independently flag the onset of a

current sensor fault and thus isolate the situation inwhich the proposed fault tolerant scheme is not valid.The signal in Fig. 13 does, however, indicate thepresence of a fault but does not by itself provide faultisolation.

In the present scheme the sensor correction signal f o isa permanent feature. This is deliberate since the focus ofthis work is to demonstrate that sliding mode estimationcan be implemented on-line and reconstructions of theunknown fault signals can be made with sufficientfidelity to maintain good tracking performance. How-ever, since the fault estimates are not perfect, the effectof the reconstruction error will affect the nominalperformance of the controller even when the sensor isoperating perfectly. On-going research is exploring howbest to use the fault estimation signal to trigger anintelligent switch to the ‘virtual sensor’ situation onlywhen faults are present.

5. Conclusion

In this paper some recent results concerning the use ofsliding mode observers for reconstruction of sensorfaults have been implemented for the first time in a faulttolerant control context. As such, this work representsone of the first published studies of sliding modeobservers implemented in real-time for FDI. Anestimate of the sensor fault, obtained from an on-linesliding mode FDI scheme, has been used to correct themeasured output from the sensor. This ‘virtual sensor’has been used in the control algorithm to form theoutput tracking error signal which is processed togenerate the control signal. This idea has been im-plemented successfully on a dc-motor rig which waschosen as a demonstrator. The scheme is not specific tosuch a system and is applicable to a reasonably wideclass of engineering systems which can, at least in an

ARTICLE IN PRESSC. Edwards, C.P. Tan / Control Engineering Practice 14 (2006) 897–908908

operating region of interest, be adequately representedby an uncertain linear system.

References

Astrom, K., & Wittenmark, B. (1984). Computer controlled systems:

Theory and design. Englewood Cliffs, NJ: Prentice-Hall.

Blanke, M., Izadi-Zamanabadi, R., Bogh, S., & Lunau, C. (1997).

Fault tolerant control systems—a holistic view. Control Engineer-

ing Practice, 5, 693–702.

Blanke, M., Staroswiecki, M., & Wu, N. (2001). Concepts and

methods in fault-tolerant control. Proceedings of the American

control conference (pp. 2606–2020). Arlington.

Boyd, S., Ghaoui, L. E., Feron, E., & Balakrishnan, V. (1994). Linear

matrix inequalities in systems and control theory. Philadelphia:

SIAM.

Burton, J., & Zinober, A. (1986). Continuous approximation of

variable structure control. International Journal of Systems Science,

17, 876–885.

Butcher, J. (2003). Numerical methods for ordinary differential

equations. Chichester: Wiley.

Chen, J., & Patton, R. (1999). Robust model-based fault diagnosis for

dynamic systems. Dordrecht: Kluwer Academic Publishers.

Davies, R., & Spurgeon, S. (1993). Robust implementation of sliding

mode control schemes. International Journal of System Science, 24,

733–743.

deJager, B. (1992). Comparison of methods to eliminate chattering and

avoid steady state errors in sliding mode digital control. Proceed-

ings of the IEEE VSC and Lyapunov workshop (pp. 37–42).

Sheffield.

Drakunov, S., & Utkin, V. (1995). Sliding mode observers: Tutorial.

Proceedings of the 34th IEEE conference of decision and control (pp.

3376–3378).

Edwards, C., Lomoro, J., & Tan, C. (2003). Implementation of a

sliding mode observer for robust reconstruction of faults in a crane

system. Proceedings of the IFAC Symposium SAFEPROCESS 03,

Washington.

Edwards, C., & Spurgeon, S. (1998). Sliding mode control: Theory and

applications. London: Taylor & Francis.

Edwards, C., Spurgeon, S., & Patton, R. (2000). Sliding mode

observers for fault detection. Automatica, 36, 541–553.

Gobbo, D. D., Napolitano, M., Famouri, P., & Innocenti, M. (2001).

Experimental application of extended Kalman filtering for sensor

validation. IEEE Transactions on Control Systems Technology, 9,

376–380.

Khalil, H. (1992). Nonlinear systems. Englewood Cliffs, NJ: Prentice-

Hall.

Kim, Y., Rizzoni, G., & Utkin, V. (2001). Developing a fault tolerant

power train system by integrating the design of control and

diagnostics. International Journal of Robust and Nonlinear Control,

11, 1095–1114.

Ljung, L. (1995). System identification toolbox: for use with Matlab.

The Mathsworks, Inc.

Patton, R. (1997a). Fault tolerant control: The 1997 situation.

Proceedings of the IFAC Symposium—Safeprocess ’97 (pp.

1035–1055).

Patton, R. (1997). Robustness in model-based fault diagnosis: The

1997 situation. IFAC Annual Reviews, 21, 101–121.

Patton, R., & Chen, J. (1993). Optimal unknown input distribution

matrix selection for robust fault diagnosis. Automatica, 29,

837–841.

Patton, R., Frank, P., & Clark, R. (1989). Fault diagnosis in dynamic

systems: Theory and application. New York: Prentice-Hall.

Staroswiecki, M., & Gehin, A.-L. (2001). From control to supervision.

Annual Reviews in Control, 21, 1–11.

Strang, G. (1988). Linear algebra and its applications. London:

Harcourt Brace Jovanovich.

Tan, C., & Edwards, C. (2003). Sliding mode observers for

detection and reconstruction of sensor faults. Automatica 38,

1815–1821.

Tan, C., & Edwards, C. (2003). Sliding mode observers for robust

detection and reconstruction of actuator and sensor faults.

International Journal of Robust and Nonlinear Control, 13, 443–463.

Utkin, V. (1992). Sliding modes in control optimization. Berlin:

Springer.

Zhang, Y., & Jiang, J. (2003). Bibliographical review on reconfigurable

fault tolerant control systems. Proceedings of the IFAC Symposium

SAFEPROCESS 03 (pp. 265–276). Washington.

Zhou, K., Doyle, J., & Glover, K. (1996). Robust and optimal control.

Englewood Cliffs, NJ: Prentice-Hall.