Minimal Structurally Overdetermined Sets Selection for ...ceur-ws.org/Vol-1507/dx15paper10.pdf ·...

Minimal Structurally Overdetermined Sets Selection for Distributed FaultDetection

Hamed Khorasgani1 Gautam Biswas1 and Daniel Jung2

1Institute of Software Integrated Systems, Vanderbilt University, USAe-mail: {hamed.g.khorasgani,gautam.biswas}@vanderbilt.edu

2Dept. of Electrical Engineering, Linkoping University, Swedene-mail: [email protected]

AbstractThis paper discusses a distributed diagnosis ap-proach, where each subsystem diagnoser operatesindependently without a coordinator that com-bines local results and generates the correct globaldiagnosis. In addition, the distributed diagnosisalgorithm is designed to minimize communica-tion between the subsystems. A Minimal Struc-turally Overdetermined (MSO) set selection ap-proach is developed as a Binary Integer LinearProgramming (BILP) optimization problem forsubsystem diagnoser design. For cases, where acomplete global model of the system may not beavailable, we develop a heuristic approach, whereindividual subsystem diagnosers are designed in-crementally, starting with the local system MSOsand progressively extending the local set to in-clude MSOs from the immediate neighbors of thesubsystem. The inclusion of additional neighborscontinues till the MSO set ensures correct globaldiagnosis results. A multi-tank system is used todemonstrate and validate the proposed methods.

1 IntroductionThe Minimal Structurally Overdetermined (MSO) sets ap-proach has been used extensively for designing model basedfault detection and isolation (FDI) schemes for complexsystems [Krysander et al., 2008a; Krysander et al., 2008b;Svard et al., 2012]. However, for large complex systemssuch as aircraft and other transportation systems, manufac-turing processes, supply chain and distribution networks,and power generation and the power grid it is becomingimperative to develop distributed approaches to monitoringand diagnosis to overcome the need for complete globalmodels, while also addressing computational complexityand reliability problems for the diagnosers [Leger et al.,1999; Shum et al., 1988; Deb et al., 1998; Lanigan et al.,2011].

Unlike centralized approaches, distributed approaches aremore reliable because they avoid single points of failure.In addition, they can reduce the problems of noise, cor-ruption, and losses that can occur when transmitting sig-nals from individual subsystems to a centralized fault di-agnosis unit. Measurement noise and signal corruption cansignificantly affect diagnoser robustness and accuracy [Fer-rari et al., 2012]. Transmission delays not only increasedetection time, but can also affect the order of detection,

which can further affect diagnostic accuracy. Detection timeis important for the safe and reliable operation of safety-critical systems. Faster fault detection and isolation en-ables accompanying fault tolerant control units to react ina timely manner, thus reducing damage and down time ofsystems [Roychoudhury et al., 2009; Daigle et al., 2007;Duarte Jr and Nanya, 1998; Rish et al., 2005; Bregon et al.,2014]. The computational intractability of building central-ized diagnosers for the large systems is another importantreason to develop distributed solutions for FDI problems.

In this paper, we formulate the distributed minimal struc-turally overdetermined set selection as a binary integer lin-ear programming (BILP) problem [Wolsey, 1998]. The ap-proach efficiently picks a minimal number of measurementsfrom a subsystem and its neighboring subsystems to developa local diagnoser for each subsystem of the larger, complexdynamic system. We start with an efficient algorithm de-signed by [Krysander et al., 2008a] for finding minimallyoverdetermined sets of constraints to generate the minimalstructurally overdetermined (MSO) sets for designing thediagnoser. Other researchers have employed binary inte-ger programming and binary linear integer programming foroptimal sensor placement for fault detection and isolation[Sarrate et al., 2007; Rosich et al., 2009]. In this paper, weutilize BILP for distributed MSO selection to facilitate anefficient distributed diagnosis approach.

Our method is designed in a way that the subsystem di-agnosers, once designed can operate independently with nocommunication with the other subsystem diagnosers (otherthan a minimal number of shared measurements), but stillprovide globally correct diagnosis results. Unlike [Lafor-tune, 2007; Debouk et al., 2000; Indra et al., 2012] thismethod does not require the use of a centralized coordina-tor during on-line operations. Therefore, we avoid the sin-gle point-of-failure problem of centralized diagnosers. Ourmethod assumes the availability of a global system modelfrom which the set of MSOs for the system can be derived.The independent subsystem diagnosers are designed to min-imize the sharing of measurements across subsystems, thusdecreasing the cost, and increasing the reliability of theoverall system diagnosis.

However, global models of a complex system are hard toconstruct and may not be readily available. Subsystems areoften provided by different manufacturers, who are not will-ing to pass along all of the intellectual property associatedwith the subsystem to the system integrator. Therefore, toavoid the unrealistic assumption that the complete model ofthe complex system is available for subsystem diagnoser de-

Proceedings of the 26th International Workshop on Principles of Diagnosis

75

sign, we propose a second algorithm that constructs the in-dividual subsystem diagnosers without assuming the avail-ability of a global model. The modified algorithm is com-putationally more efficient, but we cannot guarantee that theshared measurements between the subsystems is minimalglobally (i.e., across the entire system).

The rest of this paper is organized as follows. The back-ground material, definitions and the running example, afour-tank system, are presented in Section 2. The distributeddiagnosis problem formulation is presented in Section 3. Al-gorithm 1 for distributed MSO set selection is described inSection 4. The heuristic modifications to Algorithm 1 giventhe global model is not available is presented in Section 5 asthe incremental algorithm. Section 6 discusses the contribu-tions of the paper in relation to previous work, and presentsthe conclusion of the paper.

2 Background

This section introduces the basic concepts associated withMSO set selection for structural diagnosis of dynamic sys-tems. The system model S is defined as follows.

Definition 1 (System model). A system model S is a four-tuple: (V , M , E, F ), where V is the set of variables, M isthe set of measurements, E is the set of equations and F isthe set of system faults.

We use a configured four tank system, shown in Fig-ure 1, as a running example throughout this paper to de-scribe the problem, and to illustrate the algorithms for dis-tributed MSO set selection. We assume each tank, and theoutlet pipe to its right, constitute a subsystem. Therefore,this system has four subsystems. Two of the subsystems,1 and 3, also have inflows into their tanks. We assume thesubsystems are disjoint, i.e., they have no overlapping com-ponents. Associated with each subsystem are a set of mea-surements that are shown as encircled variables in the figure.

1S

1y

1T

1u

1P

2y

2P

4y

3P

5y

2T

3y

3T

2u

2S

6y

4T4P

Figure 1: Running example: Four Tank System.

More generally, we assume the system, S has n pre-defined subsystems, S1, S2, ....Sn. Each subsystem modelis defined as:

Definition 2 (Subsystem model). A subsystem model of sys-tem model S, Si (1 ≤ i ≤ k) is also a four-tuple: (Vi, Mi,Ei, Fi), where Vi ⊆ V , Mi ⊆ M , Ei ⊆ E and Fi ⊆ F .Also, S1 ∪ S2 ∪ ....Sk = S.

For illustration, the first subsystem in our running exam-ple is described by the following set of equations:

e1 : p1 =1

CT1 + f1(qin1 − q1)

e2 : q1 =p1 − p2RP1 + f2

e3 : p1 =

∫p1 dt

e4 : qin1 = u1

e5 : p1 = y1e6 : q1 = y2.

(1)Therefore, E1 = {e1, e2, e3, e4, e5, e6} defines the set ofequations, V1 = {p1, p1, p2, qin1, q1} defines the set of vari-ables, M1 = {u1, y1, y2} defines the set of subsystem mea-surements, and F1 = {f1, f2} defines the set of faults asso-ciated with this subsystem model.

Similarly, the second subsystem model is defined by thefollowing equations:

e7 : p2 =1

CT2 + f3(q1 − q2)

e8 : q2 =p2 − p3RP2 + f4

e9 : p2 =

∫p2 dt

e10 : p2 = y3e11 : q2 = y4.

(2)For this subsystem the set of equations is E2 ={e7, e8, e9, e10, e11}, the set of variable is V2 = {p2, p2,p3, q1, q2}, the set of measurements is M2 = {y2, y4}, andF2 = {f3, f4} is the set of faults.

In this paper, we assume there are no overlapping com-ponents among the subsystems. However, the subsystemsmay share variables at their interface. For example, the liq-uid flowrate at outlet pipe of subsystem qi = qi′, the liquidflowrate at input to connected tank i+ 1.Definition 3 (First Order Connected Subsystems). Two sub-systems, Si and Sj are defined to be first order connected ifand only if they have at least one shared variable.

In the running example, subsystems S1 and S2 are firstorder connected and their shared variables are V1 ∩ V2 ={p2, , q1}. The two other subsystems in the running exampleare:

e12 : p3 =1

CT3(qin2 + q2 − q3)

e13 : q3 =p3 − p4RP3 + f5

e14 : p3 =

∫p3 dt

e15 : qin2 = u2

e16 : q3 = y5.

(3)

e17 : p4 =1

CT4 + f6(q3 − q4)

e18 : q4 =p4RP4

e19 : p4 =

∫p4 dt

e20 : p4 = y6.

(4)In more general terms, ith order connected subsystem

models are defined as follows.Definition 4 (ith Order Connected Subsystems). Two sub-systems, Sk and Sj are defined to be ith order connectedif and only if there exists a subsystem model Sm that is(i−1)th order connected to Sk, and is first-order connectedto Sj , or Sm is (i− 1)th order connected to Sj , and is first-order connected to Sk .


76

For example in the four tank system, S1 and S3 are sec-ond order connected because both of them are first orderconnected to S2.

In this paper, we use MSO sets [Krysander et al., 2008b]as the primary conceptual approach for fault detection andisolation. The formal definitions of Structurally Overdeter-mined (SO) and MSO sets are:Definition 5. (Structural Overdetermined Set) Consider aset of equations and its associated variables, measurements,and faults: (E, V,M,F ). This set of equations is struc-turally overdetermined (SO) if the cardinality of the set {E}is greater than the cardinality of set {V }, i.e. |E| > |V |.Definition 6. (Minimal Structurally Overdetermined Set)A set of over determined equations is minimal structurallyoverdetermined (MSO) if it has no subset of structurallyoverdetermined equations.

Consider subsystem S1 of the four tank system in equa-tion (1). Using the software developed by [Krysanderet al., 2008a], we can compute the only minimal struc-turally overdetermined set in this subsystem as MSO11 =(E11, V11,M11, F11), where E11 = {e1, e3, e4, e5, e6},V11 = {p1, p1, qin1, q1}, M11 = {u1, y1, y2} and F11 ={f1}. For the sake of brevity and simplification we simplysay a specific equation, variable, measurement, or fault is amember of a MSO in the rest of the paper. For example, wesay f1 ∈MSO11.

MSOs represent the redundancies in the system and canform the basis for fault detection and isolation. Global andLocal fault detectability are defined as:Definition 7. (Globally detectable fault) A fault f ∈ F isglobally detectable in system S if there is a minimal struc-turally overdetermined set MSOi in the system, such that f∈MSOi.Definition 8. (Locally detectable fault) A fault f ∈ Fi is lo-cally detectable in subsystem Si if there is a minimal struc-turally overdetermined set MSOi in the subsystem that f ∈MSOi.

Consider Definition 8 and equation (1). Fault f1 is lo-cally detectable because f1 ∈ MSO11 but f2 is not lo-cally detectable since there is no MSO in this subsystemthat includes f2. To detect f2 locally, the diagnosis subsys-tem needs to include additional measurements. Global andLocal fault isolability are defined as:Definition 9. (Globally isolable fault) A fault fi ∈ F isglobally isolable from fault fj ∈ F if there exists a mini-mal structurally overdetermined set MSOi in the system S,such that fi ∈MSOi and fj 6∈MSOi .Definition 10. (Locally isolable fault) A fault fi ∈ Fi islocally isolable from fault fj ∈ F if there exists a mini-mal structurally overdetermined set MSOi in subsystem Si,such that fi ∈MSOi and fj 6∈MSOi .

Note that if a fault fi is locally detectable in a subsys-tem Si, it is globally detectable too, and if a fault fi is lo-cally isolable from a fault fj , it is globally isolable from fjas well. The problem of MSO selection is presented as abinary integer linear programming (BILP) problem in thispaper. BILP is a special case of the integer linear program-ming problem (ILP), where the unknowns to be solved forare binary variables.1

1See definition in Wikipedia: https://en.wikipedia.org/wiki/Integer_programming.

Definition 11. (Binary integer linear programming problem(BILP)) A Binary integer linear programming problem is aspecial case of an integer linear programming (ILP) opti-mization problem in which some or all the unknown vari-ables to be solved for are required to be binary, and theconstraints in the problem and the objective function, likeILP, are linear.

The mathematical formulation of BILP is as follows.

min cTx

Ax ≤ b

∃xb ⊂ x

∀xk ∈ xb ⇒ xk ∈ {0, 1},

(5)

where vector c is the cost weights and matrix A and vectorb define linear constraints, x represents the variables, andxb represents the binary variables [Wolsey and Nemhauser,2014].

3 Problem FormulationDesigning a set of distributed diagnosers that together havethe same diagnosability as a centralized diagnoser is the fo-cus of our work in this paper. In the ideal case, each sub-system includes sufficient redundancies, such that its setof MSOs is sufficient to detect and isolate all of its faults,Fi uniquely and unambiguously. In that case, we can as-sociate an independent diagnoser Di with each subsystemSi; 1 ≤ i ≤ k, and each diagnoser operates with no cen-tralized control, and no exchange of information with otherdiagnosers. If the independence among diagnosers does nothold, then the subsystems need to communicate some oftheir measurements to other subsystems to detect and iso-late the faults. To address this problem in an efficient way,we derive an integrated approach to select a set of MSOs foreach subsystem that guarantee full diagnosability and mini-mum exchange of measurements among subsystems.

Given subsystems, Si; 1 ≤ i ≤ k, with a set of local faultcandidates, Fi, such that

⋃i=1

kFi = F . We may need to

augment each subsystem with additional measurements thatare typically acquired from the (nearest) neighbors of thesubsystem, such that all of the faults associated with the ex-tended model of this subsystem are detectable and isolable.In the worst case, all of the measurements from another sub-system may have to be included to make the current subsys-tem diagnosable. When such a situation occurs, we say thetwo subsystems are merged and represented by a commondiagnoser, therefore, the total number of independent dis-tributed diagnosers may be less than k.

Each MSO is sensitive to a set of faults and, therefore canbe used to detect them and isolate them from the other faultsin the system. For each subsystem Si, our goal is to find aminimal set of MSOs that provide maximum detectabilityand isolability to that subsystem. A set of MSOs is mini-mal if there is no subset of MSOs that provides the samedetectability and isolability. To achieve distributed fault di-agnosis, we also want each subsystem to use the minimumnumber of measurements from the other subsystems. Inother words, we want to minimize communication or theamount of data (measurements) to be transmitted betweenthe subsystems. More formally, the problem for designing adiagnoser for a particular subsystem Si can be described asfollows:


77

ConsiderMSO = {MSO1,MSO2, . . . ,MSOr} as theset of possible MSOs for the subsystem Si. We need to de-velop an algorithm to select a minimal subset ofMSO thatguarantees maximal structural detectability and isolabilityfor faults Fi associated with the subsystem, and include aminimum number of measurements from the other subsys-tems in the system to assure the equivalence of local andglobal diagnosability , i.e.,

∀Si; 1 ≤ i ≤ k

Select MSOSi ⊂MSOs.t. min

Mo⊆M|Mo|

Di(Mi ∪Mo) = Di(M),

Ii(Mi ∪Mo) = Ii(M),

(6)

where Mo represents the set of measurement we need tocommunicate to the subsystem Si along with the set of mea-surements, Mi associated with the subsystem Si. M repre-sents the set of all measurements in the system. For a givenset of measurements, X , Di(X) represents the set of de-tectable faults in Fi, and Ii(X) represents the set of isolablefaults in Fi from the system faults, F .

In the next section we formulate the problem as a BILPproblem. Formulating the problem as a BILP, enables us touse a number of well-developed tools like branch and boundalgorithms [Land and Doig, 1960] and branch and cut al-gorithms [Mitchell, 2002] to solve the problem. However,much like integer linear programming, the general BILP so-lution is exponential.

4 MSOs Selection for Distributed FaultDetection Using Global Model

In this section, we present our algorithm to select a mini-mal set of residuals for each subsystem of a system whoseglobal model is available as a set of equations. In the nextsection, we modify this algorithm to make it applicable tomuch larger systems, where a compiled global model is notavailable.

For the situation in which the global model is known,M in equation (6) is the set of all system measurements.Assume we have l measurements in the system: M ={m1,m2, ...,ml}. The measurements imply redundanciesin the system model that form the basis for generatingMSOs. Let us assume we can generate r MSOs givenM : MSO = {MSO1,MSO2, . . . ,MSOr}. Our goalis to design an algorithm that selects MSOi ⊆ MSO ina way that we add a minimum number of measurementsMo ⊆M,Mi∩Mo = ∅, i.e., measurements from the systemnot belonging to subsystem i, to a subsystem to make all itsfaults globally diagnosable. Note that this is equivalent tothe set covering problem and, therefore, any algorithm forfinding the minimal measurements is exponential, in gen-eral. In the past, we have adopted heuristic search methodsfor solving this problem. Our approach for designing sub-system diagnosers used the Temporal Causal Graph (TCG)approach [Roychoudhury et al., 2009]. In this paper, we for-mulate the search for minimal sensors as a BILP problem.The general formulation of BILP is presented in (5), andthere are several tools available for solving this problem.2

2For example, see http://www.mathworks.com/help/optim/ug/

To formulate the problem (6) as a BILP problem we de-fine a binary variable x(k): 1 ≤ k ≤ l, for measurementmk in the system as follows:

x(k) =

{1 if mk ∈Mi ∪Mo

0 if mk /∈Mi ∪Mo,(7)

where Mo is the answer to problem (6). We also definex(k + l): 1 ≤ k ≤ r, for MSO MSOk in the system asfollows.

x(k + l) =

{1 if MSOk ∈MSOi

0 if MSOk /∈MSOi.(8)

To minimize the number of measurements from the othersubsystems, we develop the following cost function c as:

c(k) =

{0 if mk ∈Mi

1 if mk ∈M\Mi

0 if l < k ≤ l + r,(9)

where l is the number system measurements and r is thenumber of MSOs in the system. Using the algorithm pro-posed in [Krysander et al., 2008a] 165 MSOs are generatedfor the running example, the four tank system. Since thereare 8 measurements in the system c is a vector with 173 el-ements for this example.

Consider subsystem Si with local faults Fi and the set ofsystem faults, F . Each local fault fj ∈ Fi has to be lo-cally detectable. Given definition 8, we can guarantee localdetectability of all the faults fj ∈ Fi with the followingconstraints in the optimization problem (5).

A(j, k) =

{0 if k < l−1 if fj ∈MSOk−l0 otherwise.

(10)

Note that l is the number of measurements in the system.By considering b(j) = −1 for 1 ≤ j ≤ g, where g is thenumber of faults in Fi, we make sure that we have selectedat least one MSO to detect each fault.

To address isolability requirement we follow the sameprocedure. To isolate fj ∈ Fi from any other fault in sys-tem, i.e., fh ∈ F we need to have:

A(j + g, k) =

{0 k < l−1 fj ∈MSOk−l, fh /∈MSOk−l0 otherwise.

(11)Setting b(j) = −1 for g < j ≤ g ∗h, where h is the numberof faults in the system, h = |F |, we make sure that thereis at least one MSO to isolate each of the subsystem faultsfrom the other faults in the system.

In addition to the constraints that guarantee maximum de-tectability and isolability for the distributed diagnosis sys-tem, we need a set of constraints that capture the relation-ship between the measurements and MSOs in the distributeddiagnosis system. Using a MSO is equivalent to using themeasurements that are included in the MSO, and we needto include this in the optimization problem. For exam-ple, consider MSO11, it has three measurements M11 ={u1, y1, y2}. Using MSO11 in a local diagnosis subsystemmeans we need to communicate these measurement streamsto that subsystem to achieve global diagnosability for the

mixed-integer-linear-programming-algorithms.html in the MatlabTMlinear integer programming toolbox.


78

faults that belong to that subsystem. The following equa-tion represents this constraint.

− x(1)− x(2)− x(3) + |M1|x(7) ≤ 0, (12)

where |M1| = 3 is the cardinality number of M1 and x(1),x(2), x(3) and x(7) are binary variables that are 1 if we useu1, y1, y2 and MSO11 in the diagnosis system and are zerootherwise. This constraint implies that if we use MSO1:x(7) = 1, its associated measurements are used by the sub-system too: x(1) = x(2) = x(3) = 1.

Equation (13) represents these set of constraints in A ma-trix.

A(j + g ∗ h, k) ={ −1 if mk ∈MSOj

|Mj | if k = j + |M |0 otherwise,

(13)where |Mj | is the cardinality number of set of measure-ments in MSOj and |M | is the cardinality number of setof all the measurements in the system. Setting b(j) = 0 forg ∗ h < j ≤ g ∗ h + n, where n is the number of MSOsin the system. The optimization problem takes into accountthe relationship between measurements and MSOs. For therunning example we generated 165 MSOs, there are also 3measurements in the subsystem 1, and 8 measurements forthe entire system. Similarly, subsystem 1 has two faults ofinterest, and the goal is to be able to isolate them from any ofthe 6 faults in the complete system. Therefore, to solve theoptimization problem (5) for subsystem 1, matrix A has 177rows (equal to the number of constraints: 2 constraints toguarantee the local detectability of f1 and f2, 10 constraintsto guarantee the local isolability of f1 and f2 from the otherfaults, and 165 constraints to capture the relationship be-tween the MSOs and the measurements) and 173 columns(equal to the number of binary variables: 8 for the measure-ments and 165 for the MSOs) and b is a vector with 177elements (equal to the number of constraints).

Table 1 shows the set of measurements that we need toadd for each of the subsystem diagnosers to achieve max-imum possible detectability and isolability using our pro-posed algorithm. To find the optimum measurements, wesolved the optimization problem (5) for each subsystem.

Table 1: Set of augmented measurements to each subsystemmodel

Subsystem Set of augmented measurementsS1 y3S2 u2, y2, y6S3 y4, y6S4 y5

Considering the expanded measurement set the schematicof the four tank system with the four distributed diagnosersis shown in Figure 2. The figure shows the complete setof measurements required by the four subsystem diagnosersto achieve global detectability and isolability for the set offaults they contain. For example subsystem 1 includes threemeasurements M1 = {u1, y1, y2}, and to achieve global di-agnosability for its faults, y3 must be communicated to itsdiagnoser from subsystem 2. Subsystem 2 is the only sub-system that shares a variable with a second order connected

subsystem, all the other subsystems only need to communi-cate with their first order connected subsystems. Note thatcommunicated measurements typically will incur additionalcost and may lower reliability of the system diagnoser. Butkeeping them to a minimum (see results in Table 1) reducesthat cost and uncertainty, while maintaining global diagnos-ability.

1S

1y

1T

1u

1P

2y

2P

4y

3P

5y3y

3T

2u

2S

6y

4T

4P

2T

Figure 2: Distributed diagnosis subsystems.

A common way to validate a distributed fault detectionand isolation approach is to compare the result with themaximum global detectability and isolability. Adopting theexoneration assumption, Table 2 shows the detectability andisolability performance of the centralized approach. An Xin the table shows that the fault in the row and the fault inthe column are not isolable from each other. An X in thefirst column (NF) means the fault in the corresponding rowis not isolable from NF (No Fault) or simply it is not de-tectable. Table 2 shows that with a centralized approach wecan detect and isolate all the faults.

Table 2: Fault isolability table for running example usingcentralized approach

NF f1 f2 f3 f4 f5 f6f1 Xf2 Xf3 Xf4 Xf5 Xf6 X

However, Table 3 shows that using the original subsys-tems for distributed diagnosis does not provide the same re-sults as the centralized global diagnoser.

Table 3: Fault isolability table for running example usingdistributed approach for the original subsystems

NF f1 f2 f3 f4 f5 f6f1 Xf2 X X X X X Xf3 X X X X X Xf4 X X X X X Xf5 X X X X X Xf6 X X X X X X

In fact, only f1 can be detected and isolated from theother faults. Using the augmented subsystems in Table 1


79

Table 4: Fault isolability table for running example usingdistributed approach for the augmented subsystems


(Figure 2) we achieve the same performance as the globaldiagnoser as shown in Table 4.

This demonstrates that the distributed approach canachieve the same performance with the centralized approachfor fault detection and isolation in the running example. Ingeneral, the worst case scenario for a system with stronglyconnected subsystems (i.e., all subsystems are connected toeach other) will typically require a large number of mea-surements from other subsystems to be communicated toeach subsystem diagnoser. In those situations, subsystemdiagnosers just get rid of the single point of failure, but eachsubsystem diagnoser may require a large number of mea-surements to be communicated to it from all of the othersubsystems.

In our case study, the four tank system model included165 MSOs, which means for each subsystem there was 2165different MSO candidate sets. This creates a very largesearch space (in general the search space is exponential inthe number of MSOs, and generating all MSOs is in itselfan exponential problem. This justifies the formulation of theproblem as a BILP problem that provides efficient tools, likethe bintprog function in MatlabTM(see earlier footnote), tosolve it. However, given the exponential nature of the solu-tion, this method will not scale up for larger systems, evenif the subsystem diagnoser design is performed off-line. Inaddition to the computational complexity, the availability ofglobal models for large, complex systems is unlikely be-cause of the issues discussed in Section 1. To overcome thisproblem, we sacrifice minimality of the solution to some ex-tent, and propose an incremental algorithm for designing thesubsystem diagnosers.

5 MSOs Selection for Distributed FaultDetection Using Neighboring Subsystems

The proposed approach in the previous section used theglobal model of the system to generate the residuals, andthen derived the subsystem diagnosers using the BILP al-gorithm run on the global MSO set. In this section, weachieve global diagnosability of a subsystem diagnoser byincrementally adding a minimum number of measurementsfrom the neighbors of this subsystem till the global diagnos-ability property is established. The algorithm starts with theset of equations for the subsystem whose diagnoser is beingdesigned, and if global diagnosability is not achieved usingthis model, it expands to include equation sets that corre-spond to the models of its immediate neighbors. If globaldiagnosability is achieved, the algorithm terminates, oth-erwise the algorithm expands to use the next higher orderof neighbors and repeats the search for minimal MSOs toachieve complete diagnosability. The process of includingsuccessively higher order neighbors is shown in Figure 3.

In the worst case, this process continues, till the completeset of system equations are required to generate all possi-ble MSOs, and establish global diagnosability for the sub-system. Therefore, it is guaranteed that the method has thesame diagnosability performance as the best centralized di-agnoser for the same set of measurements. Algorithm 1 de-

mS

jS

kS

oS

nS

pS

qS

wS

lS

sS

tS

vS

rS

First order connected subsystems

Second order

connected subsystems

iS

Figure 3: Expanding the search environment to the higherorder connected subsystems.

scribes the algorithm for our proposed method.

Algorithm 1 Incremental Algorithm1: for each Si ∈ S do2: SS = Si

3: j = 04: while Di(SS) 6= Di(S) or Ii(SS) 6= Ii(S) do5: j = j + 16: SS =SS ∪ (jth order connected subsystems of Si)

7: Generate all the MSOs for SS8: Use equation (9) to compute cost function for SS9: Use equations (10), (11), and (13) to generate A

matrix for SS10: Generate vector b for SS11: Use bintprog(c, A, b) to solve the problem and

compute Di(SS) and Ii(SS)

Consider the running example. To design the diagno-sis system for the first subsystem, we start with its set ofequations and we can only generate one MSO which is notenough to detect subsystem faults and isolate them from thesystem faults. We then augment the subsystem model withthe model from its nearest neighbor subsystem 2, and gen-erate the set of MSOs for the augmented model. The totalnumber of MSOs for the augmented subsystem (Subsystem1 + subsystem 2) is 11 which leads to 211 MSO set can-didates which is much smaller than 2165 candidates. Solv-ing the optimization problem presented in this section givesthe same result with the global method for this subsystem,but the computation time is reduced significantly. Usingthe same approach for every subsystem, the set of measure-ments that we need to transfer to each subsystem of the run-ning example are presented in Table 5.

Figure 4 shows that for the four tank case study, all thesubsystems share variables with their first order connectedsubsystems. This provides a practical advantage to this al-


80

Table 5: Set of augmented measurements to each subsystemmodel

Subsystem Set of augmented measurementsS1 y3S2 u2, y2, y5S3 y4, y6S4 y5

gorithm because usually the subsystems with shared vari-ables are physically closer to each other (corresponding toour definition of nearest neighbors) and, therefore, we donot need to transfer data over long distances, which, as dis-cussed earlier, can be costly and error-prone.

1S

1y

1T

1u

1P

2y

2P

4y

3P

5y3y

3T

2u

2S

6y

4T

4P

2T

Figure 4: Distributed diagnosis subsystems using incremen-tal algorithm.

Table 6 shows that this distributed diagnosis system pro-vides the same diagnosability performance as the central-ized diagnosis method.

Table 6: Fault isolability table for running example usingthe incremental algorithm


The proposed algorithm provides the maximum possibledetectability and isolability that can be achieved. The ad-vantage of this algorithm is that not only we do not need aglobal model for detecting and isolating the faults, but alsowe do not use the global model in the design process of thesupervisory system. This makes the approach suitable forlarge, complex systems, such as aircraft and power plantswhere the global systems models are likely to be unavail-able or unknown.

6 Discussion and ConclusionsA distributed approach to the problem of fault detection andisolation is presented in this paper. We proposed two al-gorithms for MSOs selection for the distributed diagnosis.The proposed algorithms provide the maximum possible de-tectability and isolability that can be achieved for a sys-tem given a set of measurements. The first algorithm alsoguarantees that the subsystems share the minimum number

of measurements, implying that we minimize the commu-nication of measurement streams across subsystems of theglobal system. This is important because sending the datato other subsystems is costly in large scale systems. On theother hand, the second algorithm does not need to use theglobal model in the design process of the supervisory sys-tem . This makes the algorithm more practical, specially forthe complex systems. However, the second algorithm doesnot guarantee that the number of shared variables among thesubsystems are globally minimum.

Unlike previous work, such as [Bregon et al., 2014;Daigle et al., 2007] this method directly works with MSOsgenerated from subsystem and system equations, and there-fore, does not need to use the temporal response and eventordering in the diagnosis, all of which are derived proper-ties, and, therefore, require additional computation. Using apurely structural approach, reduces the overall diagnosabil-ity of the system for the given set of measurements. How-ever, it also reduces the number of assumptions we need tomake about the fault characteristics, order of events in thediagnoses subsystems (which can be error-prone), and wedot have to analyze in detail the subsystem dynamics.

Moreover, in the incremental algorithm we do not needto have the full global model to design the individual sub-system diagnosers. This is an important practical contribu-tion of this paper in comparison to our previous work (e.g.,[Roychoudhury et al., 2009]). Requiring the global modelmay render the approach to be impractical for the large-scalecomplex systems, such as aircraft and power plants wherethe global systems models are likely to be unavailable orunknown.

Finally, in the proposed methods, we generate the MSOsfirst to design our subsystem diagnosers. The total num-ber of MSOs is exponential in terms of the system measure-ments. This increases the computational cost of the prob-lem. To make our diagnoser derivation process more effi-cient, we used BILP framework. On the other hand, havingall the MSOs beforehand, makes robustness analysis [Kho-rasgani et al., 2014a; Khorasgani et al., 2014b] possible forrobust distributed MSOs selection. In future work, we willconsider noise and uncertainty in the system and will ex-tend the proposed method to robust distributed fault detec-tion and isolation.

References[Bregon et al., 2014] Anibal Bregon, Matthew Daigle, In-

dranil Roychoudhury, Gautam Biswas, Xenofon Kout-soukos, and Belarmino Pulido. An event-based dis-tributed diagnosis framework using structural model de-composition. Artificial Intelligence, 210:1–35, 2014.

[Daigle et al., 2007] M. J. Daigle, X. D. Koutsoukos, andG. Biswas. Distributed diagnosis in formations of mo-bile robots. Robotics, IEEE Transactions, 23(2):353–369, 2007.

[Deb et al., 1998] S. Deb, A. Mathur, P. K. Willett, andK. R. Pattipati. Decentralized real-time monitoring anddiagnosis. In Systems, Man, and Cybernetics. IEEE In-ternational Conference, 3:2998–3003, 1998.

[Debouk et al., 2000] R. Debouk, S. Lafortune, andD. Teneketzis. Coordinated decentralized protocols forfailure diagnosis of discrete event systems. Discrete


81

Event Dynamic System: Theory and Applications,10(1-2):33–86, 2000.

[Duarte Jr and Nanya, 1998] E. P Duarte Jr and T. Nanya.A hierarchical adaptive distributed system-level diagno-sis algorithm. Computers, IEEE Transactions, 47(1):34–45, 1998.

[Ferrari et al., 2012] Riccardo MG Ferrari, ThomasParisini, and Marios M Polycarpou. Distributed faultdetection and isolation of large-scale discrete-timenonlinear systems: An adaptive approximation ap-proach. Automatic Control, IEEE Transactions on,57(2):275–290, 2012.

[Indra et al., 2012] Saurabh Indra, L. Trave-Massuyes, andElodie Chanthery. Decentralized diagnosis with isola-tion on request for spacecraft. Proceedings of the 8thIFAC Symposium on Fault Detection, Supervision andSafety for Technical Processes (Safeprocess), MexicoCity, 2012.

[Khorasgani et al., 2014a] Hamed Khorasgani, Daniel E.Jung, Gautam Biswas, Erik Frisk, and Mattias Krysander.Off-line robust residual selection using sensitivity analy-sis. International Workshop on Principles of Diagnosis(DX-14), Graz, Austria, 2014.

[Khorasgani et al., 2014b] Hamed Khorasgani, Daniel E.Jung, Gautam Biswas, Erik Frisk, and Mattias Krysander.Robust residual selection for fault detection. Decisionand Control (CDC), IEEE 53rd Annual Conference on,2014.

[Krysander et al., 2008a] Mattias Krysander, Jan Åslund,and Mattias Nyberg. An efficient algorithm for findingminimal overconstrained subsystems for model based di-agnosis. IEEE Transactions on Systems, Man, and Cy-bernetics, Part A: Systems and Humans, 38(1), 2008.

[Krysander et al., 2008b] Mattias Krysander, Jan Aslund,and Mattias Nyberg. An efficient algorithm for findingminimal overconstrained subsystems for model-based di-agnosis. Systems, Man and Cybernetics, Part A: Sys-tems and Humans, IEEE Transactions on, 38(1):197–206, 2008.

[Lafortune, 2007] S. Lafortune. On decentralized and dis-tributed control of partially-observed discrete event sys-tems. in advances in control theory and applications.Springer Berlin Heidelberg, pages 171–184, 2007.

[Land and Doig, 1960] A. H. Land and A. G. Doig. An au-tomatic method of solving discrete programming prob-lems. Econometrica: Journal of the Econometric Soci-ety, pages 497–520, 1960.

[Lanigan et al., 2011] Patrick E. Lanigan, Soila Kavulya,and Priya Narasimhan. Diagnosis in automotive systems:A survey. Technical Report CMU-PDL-11-110, CarnegieMellon University PDL, 2011.

[Leger et al., 1999] J. B. Leger, B. Iung, A. Ferro De Beca,and J. Pinoteau. An innovative approach for new dis-tributed maintenance system: application to hydro powerplants of the remafex project. Computers in industry,38(2):131–148, 1999.

[Mitchell, 2002] John E. Mitchell. Branch-and-cut algo-rithms for combinatorial optimization problems. Hand-book of applied optimization, pages 65–77, 2002.

[Rish et al., 2005] I. Rish, M. Brodie, S. Ma, N. Odintsova,A. Beygelzimer, G. Grabarnik, and K Hernandez. Adap-tive diagnosis in distributed systems. Neural Networks,IEEE Transactions, 16(5):1088–1109, 2005.

[Rosich et al., 2009] Albert Rosich, Ramon Sarrate, andFatiha Nejjari. Optimal sensor placement for fdi usingbinary integer programming. International Workshop onPrinciples of Diagnosis, 2009.

[Roychoudhury et al., 2009] Indranil Roychoudhury, Gau-tam Biswas, and Xenofon Koutsoukos. Designing dis-tributed diagnosers for complex continuous systems. Au-tomation Science and Engineering, IEEE Transactionson, 6(2):277–290, 2009.

[Sarrate et al., 2007] Ramon Sarrate, Puig Vicenc, EscobetTeresa, and Rosich Albert. Optimal sensor placement formodel-based fault detection and isolation. pages 2584–2589. 46th IEEE Conference In Decision and Control,2007.

[Shum et al., 1988] S. K. Shum, J. F. Davis, W. F.Punch III, and B. Chandrasekaran. An expert sys-tem approach to malfunction diagnosis in chemicalplants. Computers and chemical engineering, 12(1):27–36, 1988.

[Svard et al., 2012] C. Svard, M. Nyberg, and J. Stoustrup.Automated design of an fdi system for the wind turbinebenchmark. JCSE Journal of Control Science and Engi-neering, 2012.

[Wolsey and Nemhauser, 2014] Laurence A. Wolsey andGeorge L Nemhauser. Integer and combinatorial opti-mization. John Wiley and Sons, 2014.

[Wolsey, 1998] Laurence A. Wolsey. Integer programming,volume 42. Wiley, New York, 1998.


82

Minimal Structurally Overdetermined Sets Selection for ...ceur-ws.org/Vol-1507/dx15paper10.pdf ·...

Documents

Transcript of Minimal Structurally Overdetermined Sets Selection for ...ceur-ws.org/Vol-1507/dx15paper10.pdf ·...