TGNDissertationMain

Fault-Tolerant Control of Particulate Processes

Accounting for Implementation Issues

By

Trina G. Napasindayao

B.S. (De La Salle University, Philippines) 2008

Dissertation

Submitted in partial satisfaction of the requirements for the degree of

Doctor of Philosophy

in

Chemical Engineering

in the

Office of Graduate Studies

of the

University of California

Davis

Approved:

Nael H. El-Farra, Chair

Ahmet N. Palazoglu

William D. Ristenpart

Committee in Charge

2015

i

To God who makes all things possible.

Unless the LORD build the house, they labor in vain who build. (Psalm 127:1)

ii

Contents

List of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi

List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x

Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

1 Introduction 1

1.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

1.2 Background on monitoring and control of particulate processes . . . . . . . . 2

1.3 Objectives and organization of the dissertation . . . . . . . . . . . . . . . . . 6

2 Fault detection and accommodation in particulate processes with sampled

and delayed measurements 11

2.1 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2.1.1 System description . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2.1.2 Problem formulation and solution overview . . . . . . . . . . . . . . . 13

2.2 Motivating example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

2.3 Fault-free controller synthesis, analysis and implementation . . . . . . . . . . 18

2.3.1 Output feedback controller synthesis . . . . . . . . . . . . . . . . . . 19

2.3.2 Characterizing the minimum allowable sampling rate . . . . . . . . . 22

2.3.3 Application to the continuous crystallizer . . . . . . . . . . . . . . . . 25

2.4 Fault detection and accommodation . . . . . . . . . . . . . . . . . . . . . . . 28

2.4.1 Fault detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

2.4.2 Fault accommodation and compensation . . . . . . . . . . . . . . . . 29

2.4.3 Application to the continuous crystallizer . . . . . . . . . . . . . . . . 31

2.5 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

iii

3 Data-based fault identification and fault accommodation in the control of

particulate processes with sampled measurements 38

3.1 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39




3.3 Fault identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

3.3.1 Fault model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

3.3.2 Data-based fault identification . . . . . . . . . . . . . . . . . . . . . . 46

3.4 Finite-dimensional sampled-data control system . . . . . . . . . . . . . . . . 47

3.4.1 State feedback controller synthesis . . . . . . . . . . . . . . . . . . . . 47

3.4.2 Controller implementation under measurement sampling . . . . . . . 47

3.4.3 Closed-loop stability analysis . . . . . . . . . . . . . . . . . . . . . . 48

3.5 Fault-tolerant control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

3.5.1 Fault identification under partial faults . . . . . . . . . . . . . . . . . 51

3.5.2 Fault identification and accommodation . . . . . . . . . . . . . . . . 53

3.6 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

4 Model-based fault-tolerant control of uncertain particulate processes: in-

tegrating fault detection, estimation and accommodation 58

4.1 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59




4.3 Finite-dimensional sampled-data control system . . . . . . . . . . . . . . . . 65

4.3.1 State feedback controller synthesis . . . . . . . . . . . . . . . . . . . . 65

4.3.2 Implementation under measurement sampling . . . . . . . . . . . . . 65

iv

4.3.3 Fault model for continuous system . . . . . . . . . . . . . . . . . . . 66

4.4 Closed-loop stability analysis under measurement sampling . . . . . . . . . . 67

4.5 Data-driven actuator fault identification and accommodation . . . . . . . . . 69

4.5.1 Discrete fault model . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

4.5.2 Data-based fault identification . . . . . . . . . . . . . . . . . . . . . . 70

4.5.3 Fault accommodation . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

4.6 Fault tolerant control application . . . . . . . . . . . . . . . . . . . . . . . . 74

4.6.1 Fault identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

4.7 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

5 Sensor fault accommodation strategies in the control of particulate pro-

cesses with multi-rate measurements and measurement sampling 85

5.1 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86




5.3 Multi-rate sampling mechanism . . . . . . . . . . . . . . . . . . . . . . . . . 91

5.4 Finite-dimensional multi-rate sampled-data control system design . . . . . . 93

5.4.1 Output feedback controller synthesis . . . . . . . . . . . . . . . . . . 93

5.4.2 Controller implementation under multi-rate sampling . . . . . . . . . 94

5.4.3 Closed-loop stability analysis . . . . . . . . . . . . . . . . . . . . . . 94

5.5 Fault-tolerant control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

5.6 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

A Proofs of Chapter 2 104

v

List of Figures

2.1 Sampled-data control architecture. . . . . . . . . . . . . . . . . . . . . . . . 15

2.2 Timeline of measurement transmission and arrival times under measurement

sampling and delay. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

2.3 Region of stability is larger with a propagation unit (δ = 0.3). Plots (a)-(b):

Contour plot of λmax(M) with (a) and without (b) a propagation unit. . . . 26

2.4 The closed-loop system can only be stabilized with a propagation unit (δ =

0.3, τ = 0.5h, ∆ = 1h). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

2.5 Fault detection and accommodation maintains stability after a component

fault at Tf = 10h (δ = 0.3, τ = 0.5h, ∆ = 1h). Plots (a)-(d): Closed-loop

state profiles with (a)-(b) and without (c)-(d) fault detection and accommo-

dation. Plot (e): Closed-loop profiles of the manipulated input. Plot (f):

Fault detection based on the evolution of the residual. Note: Profiles in plots

(a)-(e) are in deviation variable form. Actual values are non-negative. . . . . 33

2.6 Fault accommodation using a contour plot of λmax(M) indicating the region

of stability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

2.7 Fault detection and accommodation maintains the stability of the Particle

Size Distribution (PSD) in the presence of sensor measurement noise after a

component fault at Tf = 10h (δ = 0.3, τ = 0.5h, ∆ = 1h). Plot (a): Closed-

loop PSD profile with (a) and without (b) fault detection and accommodation.

Plot (c): Closed-loop profiles of the manipulated input in deviation variable

form. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

3.1 Overview of the integrated control architecture with fault identification and

accommodation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

vi

3.2 Region of stability based on actuator health was used to determine whether

equipment repair, fault accommodation, or system reconfiguration is required

(∆ = 6min). Contour plot of λmax(N) for pole values [−1 − 2− 3− 4− 5− 6]. 51

3.3 Actual and calculated values of the fault estimation parameters (∆ = 6min).

α1: inlet concentration (c0), α2: residence time (τr). Plots (a)-(b): Simulta-

neous faults. Plots (c)-(d): Consecutive faults. . . . . . . . . . . . . . . . . . 53

3.4 Fault accommodation logic. . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

3.5 Fault identification after a potentially destabilizing fault at 10h with ∆ =

6min. α1: inlet concentration (c0), α2: residence time (τr). . . . . . . . . . . 55

3.6 Fault identification and accommodation re-establishes stability after a poten-

tially destabilizing fault. Plot (a): Region of stability based on the health

of the actuator controlling the inlet concentration (c0), α1 and the first pole

value (λ) used to find the controller design parameter K (α2 = 1). Plots (b)-

(c): Dynamic profiles of (b) inlet concentration (c0), and (c) residence time

(τr) without fault accommodation. Plots (d)-(e): Dynamic profiles of (d) inlet

concentration (c0), and (e) residence time (τr) under fault accommodation. . 56

4.1 Overview of the integrated control architecture with fault identification and

accommodation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

4.2 Fault accommodation logic with model uncertainty. . . . . . . . . . . . . . . 74

4.3 Fault accommodation logic without model uncertainty. . . . . . . . . . . . . 76

4.4 Plots (a)-(b): Region of stability is larger with a perfect model (a) com-

pared to one with model uncertainty (b). The feed concentration (c0) and

residence time (τr) are the manipulated variables (u1(t) = [u11(t) u1

2(t)]T =

[c0(t) τr(t)]T ). Contour plots of Γk(∆) plotted against different values of the

fault parameter (α11) and fault model parameter (α1

1). . . . . . . . . . . . . . 79

vii

4.5 Plots (a)-(d): Fault identification after a partial fault (α1 = 0.9) at t = 1h.

Plot (a): Dynamics of fault parameter (α1) and fault estimation parameter

(α∗

1). Plot (b): Region of stability with the estimation interval α1 = Ψ(α∗

1) =

[0.95, 1] for α1 = 1 (red line). Plots (c)-(d): Dynamics of the state (µ1)

(c) and the faulty actuator controlling the manipulated variable u11, the feed

concentration (c0) (d). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

4.6 Plots (a)-(d): Fault identification after a partial fault (α1 = 0.4) at t = 1h.

Plot (a): Dynamics of fault parameter (α1) and fault estimation parameter

(α∗

1). Plot (b): Region of stability with the estimation interval α1 = Ψ(α∗

1) =

[0.4, 0.475] for α1 = 1 (red line). Plots (c)-(d): Dynamics of the state (µ1)

(c) and the faulty actuator controlling the manipulated variable u11, the feed

concentration (c0) (d). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

4.7 Plots (a)-(b): Regions of stability used in selecting the best fault accommo-

dation strategy after a partial fault (α1 = 0.4) at t = 1h. Plot (a): Stability

region for different values of the fault parameter (α11) and the controller de-

sign parameter (p1) using the feed concentration (c0) and residence time (τr)

as the manipulated variables (α11 = 1). Plot (b): Stability region plotted

against the fault parameter (α21) and the fault model parameter (α2

1) using

the residence time (τr) as the only manipulated variable (u21). . . . . . . . . . 83

4.8 Plots (a)-(b): Dynamics of the state (µ1) (a) and the fall-back manipulated

variable u21 varying residence time (τr) (b) shows that fault accommodation

re-establishes stability after a potentially destabilizing fault. . . . . . . . . . 83

5.1 Sampling schedule of two sensors with different sampling rates. . . . . . . . . 92

5.2 Region of stability varies depending on the chosen manipulated input (δu =

0.2). Plots (a)-(b): Contour plots of λmax(N) when the manipulated variable

is (a) the inlet concentration, c0; and (b) the residence time, τ . . . . . . . . 99

viii

5.3 Region of stability varies depending on the chosen manipulated input (δu =

0.2). Contour plot of λmax(N) when the coolant temperature, Tc, is the

manipulated variable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

5.4 Closed-loop state profiles depend on the selected manipulated variable (δu =

0.2). Plots (a)-(b): Stability is reached using either (a) inlet concentration,

c0, or (b) residence time, τ , as manipulated variables (OP :∆1 = 0.002,∆2 =

0.008). Plots (c)-(d): System stabilizes when (c) inlet concentration, c0, and

not (d) residence time, τ , is the manipulated variable (f1:∆1 = 0.002,∆2 =

0.012). Plots (e)-(f): System becomes unstable by manipulating either (e)

inlet concentration, c0, or (f) residence time, τ (f2:∆1 = 0.011,∆2 = 0.008). . 103

ix

List of Tables

2.1 Process parameters and steady-state values for the continuous crystallizer. . 17

3.1 Process parameters and steady-state values for the non-isothermal continuous

crystallizer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45


crystallizer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65


crystallizer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

x

Abstract of the Dissertation

Fault-Tolerant Control of Particulate Processes

Accounting for Implementation Issues

Particulate processes comprise about 60% of commercial products. These processes are

defined by the co-presence of both a continuous and a dispersed phase. As a result, there is a

distributed characterization of the product properties. These differences across particles are

described using a particle size distribution which is an important product quality index since

controlling the shape of this distribution leads to quality control of the end product. A high-

dimensional population balance model is used to describe the particle size distribution which

makes it difficult to design control systems for these applications. There are limited studies

on fault accommodation and fault tolerant control for particulate processes. Moreover, var-

ious implementation issues arise in the design of any fault-tolerant control system. These

include model uncertainty, incomplete state measurements, measurement sampling and de-

lays. Measurement availability is constrained by inherent limitations on data collection and

the processing and transmission capabilities of the measurement sensors. In particulate

processes, sensor measurements are typically delayed and available only at discrete times.

These restrict controller implementation and process tracking which can, in turn, erode the

diagnostic capabilities of the fault-tolerant control system. Hence, it is crucial that these are

explicitly accounted for in designing the control system and in monitoring the process.

Motivated by the above considerations, this dissertation provides a unified framework

for fault-tolerant control of particulate processes with implementation issues. This frame-

work integrates fault detection/identification followed by fault accommodation wherein a

supervisor determines the best strategy for preserving closed-loop stability after a poten-

tially destabilizing fault has occurred. This strategy is based on a stability analysis on

the closed-loop system wherein the stability properties are given as functions of the control

xi

configuration, actuator gain, model uncertainty, fault parameters, and/or sampling period.

Fault accommodation is then carried out by controller reconfiguration, model update, or

actuator switching. These techniques are illustrated to be effective for a wide range of fault

scenarios using a simulated continuous crystallizer but may be generalized for particulate

processes.

xii

Acknowledgments

I am utterly grateful to my advisor, Prof. Nael H. El-Farra, for his invaluable patience and

guidance throughout my graduate studies. Thank you for believing in me and for giving me

that extra motivation when I needed it most.

I would also like to thank Prof. Ahmet N. Palazoglu and Prof. William D. Ristenpart

for taking the time to serve in my dissertation committee.

I want to acknowledge the professors that I have worked with for the many bits of wisdom

that they have imparted and for being a great source of inspiration.

I am extremely thankful for everyone in my research group who have been very obliging

and encouraging: Arthi, Sathyendra, Yulei, Ye, Zhiyuan, Xiaonan, Da, Shilpa. It is an honor

and a blessing to be counted as your cohort and friend.

I wish to thank my peers in the Chemical Engineering Department especially those with

whom I have taken some of the graduate-level coursework: Ben, Alvin, Josh, Claudia, Salem,

Pinghong, Jorgen. Our efforts have finally borne fruit. I am glad to have shared this journey

with you.

I want to express my deepest gratitude to my family who was there from the very start.

I could not have done it without all of you. Your love has kept me going. Finally, words

cannot express how thankful I am to Daniel–you came just in time.

xiii

Chapter 1

Introduction

1.1 Motivation

Chemical engineering deals with processes that convert raw materials into more valuable

products while satisfying requirements based on safety, environmental regulations, eco-

nomics, and production specifications. This is carried out by making efficient use of time,

energy, and raw materials to maximize profit by improving quality and increasing yield while

minimizing costs in the form of expenditures, environmental impact, and safety hazards. Pro-

cess Control is a discipline that focuses on the architectures, mechanisms, and algorithms

that are necessary to ensure that these severalsometimes conflictingrequirements are met.

Through Process Control, the process is steered towards desired behavior by ensuring stable

and optimum performance while suppressing the influence of external disturbances.

Particulate processes comprise about 60% of commercial products and encompass a wide

range of fields including the agricultural, chemical, food, mineral, and pharmaceutical indus-

tries. A high-dimensional model which, coupled with the complex dynamics and nonlineari-

ties in the system, makes it difficult to design fault tolerant control systems for particulate

process. Moreover, various implementation issues arise in the design of any fault-tolerant

control system. These include model uncertainty, incomplete state measurements, measure-

ment sampling and delays. These restrict controller implementation and process tracking

which can, in turn, erode the diagnostic capabilities of the fault-tolerant control system.

1

Hence, it is crucial that these are explicitly accounted for in designing the control system

and in monitoring the process. The remainder of the chapter will be on the origin and

implications of the above-mentioned topics and will provide an overview of relevant work in

this area.

1.2 Background on monitoring and control of particu-

late processes

Particulate processes are defined by the co-presence of both a continuous and a dispersed

phase. The dispersed phase is composed of particulates dispersed throughout the continuous

phase which is usually a fluid medium. As a result, there is a distributed characterization

of the product properties, such as size, morphology, porosity,etc. The physico-chemical and

mechanical properties of such materials are strongly dependent on the differences across

particles which is described using a Particle Size Distribution (PSD). For example, a nearly

mono-disperse PSD is required for titania pigments to obtain the maximum hiding power

per unit mass. In coatings, the product composition, molecular weight and PSD often

need to be within in a specific range to ensure that the material has the desired level of

film formation, film strength, and gloss. In all of these examples, the PSD provides the

critical link between the product quality indices and the process operating variables; and,

therefore, the ability to effectively manipulate the PSD is essential for our ability to control

the quality of the end products made in these processes. A high-dimensional population

balance model is used to describe the particle size distribution which is coupled with the

complex dynamics and nonlinearities in the system. Hence, such models cannot be used

directly for the synthesis of practically implementable controllers. An effort to address

these problems was initiated where a methodology for the detection and handling of control

actuator faults in particulate processes was developed based on low-order models that capture

the dominant process dynamics [1]. These results were generalized to address the problems

of fault isolation and robustness against model uncertainty [2].

2

Significant research work has been carried out on the synthesis and implementation of

feedback control systems on particulate processes. These include: the use of conventional PI

and PID controllers, nonlinear analytic model-based control, optimization-based control [3–

19]. For a more rigorous review of results in this area, refer to [20, 21]. Despite the significant

number of studies that have been carried out, there is limited research on designing and

implementing fault diagnosis and fault-tolerant control systems for particulate processes.

This problem is significant since faults are inevitable and a control system that ignores

faults, carries out an incorrect fault diagnosis, and/or improperly handles malfunctions can

negatively affect the particle size distribution and ultimately harm the end product. In

the production of specialty chemicals, for instance, the end-product utility is dependent on

stringent product specifications. Hence, control system faults may result in off-spec products

and lead to substantial production losses.

The successful design and implementation of active fault-tolerant control systems require

the integration of two basic steps. The first is fault diagnosis, and involves the detection and

identification of faults with sufficient accuracy on the basis of which remedial action can be

taken. There are several ways in which this can be done. In the subsequent chapters, fault

diagnosis is carried out by either fault detection or fault identification. Fault detection is

carried out by using residuals that are based on the dynamics of the fault-free plant. When

this threshold is breached, a fault is declared. This technique which makes use of residuals is

primarily useful for determining if a destabilizing fault has occurred but generally does not

locate the origin and magnitude of the fault. Faults that do not have negative impacts on

the stability properties of the system are left undetected but this does not have undesired

implications on the system performance since such malfunctions do not require immediate

fault accommodation. This is where fault identification comes in. Fault identification, in

contrast to fault detection, allows one to identify and isolate the source of the fault–including

those that do not lead to instability. As such, fault identification may be used in determin-

3

ing the best response or approach with regards to the fault be it equipment maintenance or

replacement, model update, or control system reconfiguration. Once the faults have been

identified, the second step in fault-tolerant control is that of fault handling which is typically

accomplished through reconfiguration of the control system structure (through switching

between redundant actuator/sensor configurations) to cancel the effects of the faults or to

attenuate them to an acceptable level. The problems of fault diagnosis and fault-tolerant

control have been studied extensively in process control literature [22–31]. However, most of

the existing methods have been developed for lumped parameter processes described by sys-

tems of ordinary differential equations (ODEs). The dynamic models of particulate processes

are typically obtained through the application of population, material and energy balances

and consist of systems of nonlinear partial integro-differential equations that describe the

evolution of the PSD, coupled with systems of nonlinear ordinary differential equations that

describe the evolution of the state variables of the continuous phase [32, 33]. Thus, the

conventional approach used for fault-tolerant control for lumped parameter systems can-

not be applied to particulate processes which are modeled by complex, infinite-dimensional

equations.

Moreover, various implementation issues arise in the design of any fault-tolerant control

system. These include model uncertainty, incomplete state measurements, measurement

sampling and delays. Typical sources of model uncertainty include unknown or partially

known time-varying process parameters, exogenous disturbances, and un-modeled dynamics

(such as fast actuator and sensor dynamics not included in the process model). It is impor-

tant to account for the plant-model mismatch since ignoring them in the controller design

may lead to severe deterioration of the nominal closed-loop performance or even to closed-

loop instability. Research on robust control of nonlinear distributed chemical processes with

uncertainty has mainly focused on transport-reaction processes described by nonlinear partial

differential equations (PDEs). In this area, important contributions include the development

4

of Lyapunov-based robust control methods for hyperbolic and parabolic PDEs [34–37]. An

alternative approach for the design of controllers for PDE systems with time-invariant un-

certain variables involves the use of adaptive control methods [38–41]. Despite this, there

is no general framework for the synthesis of practically implementable nonlinear feedback

controllers for particulate processes that allow attaining desired particle-size distributions in

the presence of significant model uncertainty.

Measurement availability is constrained by inherent limitations on data collection and

the processing and transmission capabilities of the measurement sensors. In particulate

processes, sensor measurements of the dispersed (e.g., obtained using light scattering tech-

niques) and the continuous phase variables (e.g., solute concentration) are typically delayed

and available only at discrete times. These restrict controller implementation and process

tracking which can, in turn, erode the diagnostic capabilities of the fault-tolerant control

system. Hence, it is crucial that these are explicitly accounted for in designing the control

system and in monitoring the process. Furthermore, fault-tolerant control systems have to

consider the type of fault that occurs to ensure proper handling. Faults are classified as

sensor, actuator, or component faults depending on where they appear in a process plant.

Existing methods for distributed parameter systems only considered actuator failure diagno-

sis and compensation [42–45]. Despite this, component and sensor faults are also commonly

encountered and requires the use of alternative fault accommodation techniques.

Motivated by the above considerations, this dissertation provides a unified framework

for fault-tolerant control of particulate processes with implementation issues. This frame-

work integrates fault detection/identification followed by fault accommodation wherein a

supervisor determines the best strategy for preserving closed-loop stability even after a po-

tentially destabilizing fault has occurred. This strategy is based on a stability analysis on

the closed-loop system wherein the stability properties are given as functions of the control

configuration, actuator gain, model uncertainty, fault parameters, and/or sampling period.

5

Fault accommodation is then carried out by controller reconfiguration, model update, or

actuator switching. These techniques were illustrated to be effective for a wide range of fault

scenarios–component, actuator, and sensor faults—using a simulated continuous crystallizer

example.

1.3 Objectives and organization of the dissertation

Motivated by the considerations highlighted in previous sections, the broad objectives of this

dissertation are:

• To develop an architecture that integrates monitoring and control of particulate pro-

cesses.

• To address practical implementation issues within the integrated monitoring and con-

trol architecture, such as uncertain and nonlinear process dynamics, unavailability of

complete and/or continuous state measurements, and delayed sensor measurements.

• To demonstrate the effectiveness of the developed methods using a simulated continu-

ous crystallizer.

The rest of the dissertation is organized as follows:

Chapter 2 synthesizes a model-based framework for component fault detection and accom-

modation in particulate processes described by population balance equations with discretely-

sampled and delayed measurements. Model reduction techniques are used to derive a finite-

dimensional system that captures the dominant dynamics of the particulate process. An

observer-based output feedback controller is then designed using this system to stabilize the

fault-free process. To compensate for the discrete measurements, an inter-sample model

predictor is included within the control system to provide the observer with process output

estimates when sensor measurements are unavailable. The model state is then updated when

measurements are received at discrete times. To compensate for the measurement delay, the

6

control system includes a propagation unit that estimates the current output from the out-

dated measurements using the low-order model together with the past values of the control

input. Estimates from the propagation unit are used to update the inter-sample model pre-

dictor which, together with the controller, generates the control signal for the process. For

fault detection, the current plant behavior is compared with the ideal fault-free behavior.

Significant discrepancies between the two indicate that there is a fault in the system. To

characterize the ideal behavior, the minimum allowable sampling rate for fault-free stability

is obtained by formulating the closed-loop system as a combined discrete-continuous system.

It is explicitly characterized in terms of the plant-model mismatch, the controller and ob-

server design parameters, and the measurement delay. The fault-free closed-loop behavior

from this analysis was used to derive rules for fault detection and accommodation. The state

observer serves as a fault detection filter by comparing its output with the current plant out-

put estimates generated by the propagation unit at each sampling time. The discrepancy

is used as a residual and compared with a time-varying alarm threshold from the stability

analysis to detect faults. Faults are accommodated by adjusting the controller and observer

design parameters to preserve closed-loop stability and minimize performance deterioration.

In Chapter 2, fault detection is carried out by designing a fault-free time-varying alarm

threshold offline and later comparing this with values of the residual for the entire duration

of the process. This scheme for fault detection is stability-based, leaving small malfunctions

undetected when these do not lead to instability. In designing this threshold, there are

competing design requirements that need to be considered–there is the need to tighten the

threshold for timely fault detection; however, an extremely tight bound may result in false

alarms. It is also assumed that a fault identification scheme was already in place which was

able to determine the nature and location of the fault. This is needed in devising an appro-

priate response for fault accommodation. After each fault, a new alarm threshold has to be

used since the system will have different stability properties after the fault accommodation.

7

Chapter 3 develops a fault identification methodology that allows for immediate detec-

tion of actuator faults and/or malfunctions while determining its location and magnitude.

Another advantage of the proposed scheme is that it may still be used for fault identification

even after the fault accommodation has taken place. This allows for timely fault detection

right after a fault has been accommodated. This is an advantage over the previous detection

schemes where a new alarm threshold has to be calculated after every fault accommodation.

This recalculation of a new alarm threshold may result in a delay in fault detection preceding

a fault. Timely or even instantaneous fault identification is crucial even for faults that do

not immediately result in unstable behavior since these malfunctions may later on result in

poor plant performance or even instability. In addition, this timely detection will also allow

for systematic scheduling of plant maintenance and equipment repair or replacement.

In Chapter 3, we develop a model-based framework for fault-tolerant control of sampled-

data particulate processes under sensor faults under state feedback and a data-based fault

identification mechanism. These particulate processes are described by complex population

balance equations. Model reduction techniques are, therefore, applied to derive a finite-

dimensional model used in designing a stabilizing sample-and-hold state feedback controller.

This controller uses past values of the state measurements in between sampling times. The

controller is then updated once measurements are received at discrete times. Stability analy-

sis is then carried out to obtain an explicit characterization of the behavior of the system as a

function of the controller design parameters, update time, and actuator health. This scheme

shall be used in determining the appropriate post-fault response once a fault is detected.

Fault identification is achieved out by solving a data-based moving horizon optimization

problem. Data from the fault identification is used in the fault accommodation which in-

volves modifying the controller design parameter based on the stability plots generated from

the stability analysis.

8

The timely fault identification from Chapter 3 allows for systematic scheduling of plant

maintenance and equipment repair or replacement; however, this identification strategy was

constructed based on a perfect plant model. This assumption is unrealistic since model

uncertainties are always present and could lead to inaccurate diagnosis of actuator status. In

addition, the system is controlled using a sample-and-hold model because of the measurement

sampling. This approach is simplistic and may lead to limited control capabilities especially

for large sampling periods. Thus, Chapter 4 aims to generalize techniques in Chapter 3 by

introducing an inter-sampling state estimator while accounting for model uncertainties.

In Chapter 4, we propose a model-based framework for fault-tolerant control of sampled-

data particulate processes with model uncertainty and actuator faults using state feedback

and a data-based fault identification mechanism. Model reduction techniques were applied

to derive a finite-dimensional model used in designing a state feedback controller. This

controller used inter-sample state estimates in between sampling times. The inter-sample

state estimator is updated when sensor readings are received. Through stability analysis,

an explicit characterization of the behavior of the system is obtained as a function of the

controller design parameters, update time, model uncertainty, and actuator health. These

findings are used for fault accommodation. Fault identification is carried out by solving

a data-based moving horizon optimization problem. The fault is then accommodated by

either modifying the fault model parameter matrix in the inter-sample state estimator or

the controller design parameter based on the stability analysis for all values within the

estimation interval.

Chapter 5 presents a model-based framework for fault-tolerant control of multi-rate

sampled-data particulate processes under sensor faults. These particulate processes are de-

scribed by complex population balance equations. Model reduction techniques are, therefore,

applied to derive a finite-dimensional model used in designing a stabilizing observer-based

output feedback controller. To compensate for the discrete measurements, an inter-sample

9

model predictor provided the observer with process output estimates. The model states

were updated when measurements were received at discrete times. For fault tolerance, the

stabilizing output sampling rates are calculated and explicitly characterized in terms of the

plant-model mismatch, controller and observer design parameters, and the manipulated in-

put. Conditions from the closed-loop stability analysis were used to obtain a region of

stability for a given manipulated input. These regions are plotted as a function of the sam-

pling period of the outputs and are used in predicting the behavior of the system under a

certain set of operating conditions. The plots are then used in determining the appropriate

scheme for fault tolerance. Passive fault-tolerance is achieved by selecting a manipulated

input based on its robustness to a particular type of fault using knowledge of the nature of

future sensor faults. Active fault tolerance is attained by: returning to the original operating

point by reverting to a back-up sensor with the same sampling period as the faulty one, by

switching to a different sensor with a sampling period that shifted the operating point back

into the region of stability, or choosing a different manipulated variable such that the new

operating point was within the new stability region.

Finally, the proposed fault-tolerant control frameworks in all chapters are illustrated

using a simulated model of a continuous crystallizer but may be generalized for particulate

processes modeled by partial-integro differential equations.

10

Chapter 2

Fault detection and accommodation

in particulate processes with sampled

and delayed measurements

In this chapter, a model-based framework is developed for component fault detection and

accommodation in particulate processes with discretely-sampled and delayed measurements.

An observer-based output feedback controller is initially designed based on a suitable reduced-

order model that captures the dominant process dynamics. The controller includes an inter-

sample model predictor that compensates for measurement intermittency, and a propagation

unit that compensates for the delays. The inter-sample model predictor provides the observer

with process output estimates between sensor measurements, and the model states are up-

dated using current output estimates obtained from the propagation unit. The fault-free

stability properties are characterized in terms of model accuracy, sampling rate and delay

size, and is used to derive appropriate rules for fault detection and accommodation. The

difference between the output estimates from the state observer and the propagation unit is

compared against a time-varying alarm threshold for fault detection. Once the threshold is

breached, controller design parameters are adjusted to preserve closed-loop stability.

The rest of the chapter is organized as follows: The class of systems is described in

Section 2.1, followed by the problem formulation and solution overview. In Section 2.2, the

11

continuous crystallizer is first introduced as a representative example of a particulate process

which will be used to illustrate the proposed control scheme. This is then reduced to a low-

order Moments Model. In Section 2.3, a controller is designed for the system with sampled

and delayed measurements in the absence of faults. This fault-free closed-loop behavior is

used to derive appropriate rules that are used for fault detection and accommodation in

Section 2.4. Some concluding remarks are then given in Section 2.5. The results of this

chapter were first published in [46].

2.1 Preliminaries

2.1.1 System description

We focus on spatially homogeneous particulate processes with simultaneous particle growth,

nucleation, agglomeration and breakage, and consider the case of a single internal particle

coordinate–the particle size. Applying a population balance to the particle phase, as well

as material and energy balances to the continuous phase, we obtain the following general

nonlinear system of partial integro-differential equations:

∂n

∂t= −

∂(G(z, r) · n)

∂r+ wn(n, z, r), n(0, t) = b(z(t)) (2.1)

z = f(z) + g(z)u+ Az

∫ rmax

0

q(n, z, r)dr (2.2)

where n(r, t) ∈ L2[0, rmax) is the particle size distribution function which is assumed to be a

continuous and sufficiently smooth function of its arguments (L2[0, rmax) denotes a Hilbert

space of continuous functions defined on the interval [0, rmax)), r ∈ [0, rmax) is the particle

size (rmax is the maximum particle size, which may be infinity), t is the time, z ∈ Rn is

the vector of state variables that describe properties of the continuous phase (e.g., solute

concentration, temperature and pH in a crystallizer), u ∈ R is the manipulated input, (2.1)

is the population balance where G(z, r) is the particle growth rate from condensation, and

12

wn(n, z, r) accounts for the net rate of introduction of new particles into the system, i.e., it

includes all the means by which particles appear or disappear within the system including

particle agglomeration, breakage, nucleation, feed, and removal. The z-subsystem of (2.2) is

derived from material and energy balances in the continuous phase. In this subsystem, f(z),

g(z), q(n, z, r) are smooth nonlinear vector functions and Az is a constant matrix. The term

containing the integral represents mass and heat transfer from the continuous phase to all

the particles in the population.

To express the desired control objectives, such as regulation of the total number of

particles, mean particle size, temperature, pH, etc., we define the controlled outputs as:

yι(t) = hι

(∫ rmax

0cκ(r)n(r, t)dr, z

), ι = 1, · · · , m where hι(·) is a smooth nonlinear function

of its arguments and cκ(r) is a known smooth function of r which depends on the desired

performance specifications. For simplicity, we will consider that the controlled outputs are

available as online measurements.

2.1.2 Problem formulation and solution overview

The control objective is to stabilize the process at some desired equilibrium state in the

presence of component faults using discretely-sampled and delayed measurements of the

output. The problems under consideration therefore include: fault-free process regulation us-

ing discretely-sampled and delayed measurements, timely detection of the component faults,

fault compensation to maintain the desired stability and performance characteristics through

fault accommodation. To address these problems, we consider the following methodology:

• Model reduction: Initially use model reduction techniques to derive a finite-dimensional

model that captures the dominant dynamics of the infinite-dimensional system describ-

ing the continuous crystallizer.

• Controller synthesis: Use the reduced-order model to design an observer-based output

feedback controller that regulates the process states at the desired steady-state in the

13

absence of faults. To compensate for the lack of continuous measurements, an inter-

sample model predictor is included within the control system to provide the observer

with an estimate of the output when measurements are not available from the sensors.

To compensate for the measurement delay, we incorporate within the control system a

propagation unit that uses the process model and the past values of the control input

to estimate the current process output from the delayed measurements.

• Analysis: Obtain an explicit characterization of the minimum allowable sampling rate

that guarantees stability and residual convergence in the absence of faults in terms of

the model accuracy, the delay size, and the controller and observer design parameters.

• Monitoring: Use the state observer as a fault detection filter by comparing its output

with that of the process at the times that the measurements are available and using

the discrepancy as a residual. Derive a time-varying alarm threshold for the residual

based on its fault-free behavior.

• Fault accommodation: Derive a fault accommodation logic that determines the set of

feasible values for the controller and observer design parameters that can be used to

preserve closed-loop stability and minimize performance deterioration under a given

measurement sampling rate and delay time.

Figure 2.1 is a schematic diagram showing the different components of the control system

design that compensates for measurement sampling and delays. In the structure, a model is

embedded which estimates plant outputs when measurements are unavailable. To compen-

sate for delays, a propagation unit is also included which estimates the current output at

sampling times. The values from the propagation unit are used to reset the model output

once the delayed sensor measurements are received. Model estimates, in turn, are utilized

by the state observer which estimates the state measurements which are used by the model-

based output feedback controller to generate the appropriate control action to be applied to

the plant.

14

SensorActuator

)( τ−ty

)(ˆ ty

u

Plant

Model

Measurement

Reset

Local Control System

Cxy

fuBAxdt

dxc

=

++=

F

State Observer

)ˆ(ˆˆ ηηη CyLuBAdt

d−++=

η

Cwy

uBwAdt

dw

=

+=

ˆ

ˆˆ

wCy

uBwAdt

wd

=

+= ˆˆ

Propagation

)(ty

Figure 2.1. Sampled-data control architecture.

2.2 Motivating example

A well-mixed isothermal continuous crystallizer, a spatially homogeneous particulate process,

is used throughout the paper to illustrate the design and implementation of model-based fault

detection and accommodation. Crystallization is widely used in producing fertilizer, proteins,

and pesticides. Particulate processes are characterized by the co-presence of a continuous

and dispersed phase. The dispersed phase is described by a particle size distribution whose

shape influences the product properties and ease of product separation. Hence, a population

balance on the dispersed phase coupled with a mass balance for the continuous phase is

necessary to accurately describe, analyze, and control particulate processes. Under the

assumptions of constant volume, mixed suspension, nucleation of crystals of infinitesimal

15

size, mixed product removal, and a single internal particle coordinate–the particle size; a

dynamic crystallizer model can be derived:

∂n

∂t= k1(cs − c)

∂n

∂r−

n

τr+ δ(r − 0)ǫk2e

(−k3

(c/cs−1)2

)

dc

dt=

(c0 − ρ)

ǫτr+

(ρ− c)

τr+

(ρ− c)

ǫ

dǫ

dt

(2.3)

where n(r, t) is the number of crystals of radius r ∈ [0,∞) at time t per unit volume of

suspension; τr is the residence time; c is the solute concentration in the crystallizer; ρ is the

particle density; ǫ = 1−∫∞

0n(r, t)π 4

3r3dr is the volume of liquid per unit volume of suspen-

sion; cs is the concentration of solute at saturation; c0 is the concentration of solute entering

the crystallizer; k1, k2 and k3 are constants; and δ(r−0) is the standard Dirac function. The

term containing the Dirac function accounts for the nucleation of crystals of infinitesimal size

while the first term in the population balance represents the particle growth rate. The crys-

tallizer exhibits highly oscillatory behavior due to the relative nonlinearity of the nucleation

rate as compared to the growth rate. This results in process dynamics that are characterized

by an unstable steady-state surrounded by a stable periodic orbit. The control objective is

to suppress the oscillatory behavior of the crystallizer in the presence of component faults.

This is carried out by stabilizing it at an unstable steady-state that corresponds to a desired

crystal size distribution by manipulating the solute feed concentration. Measurements of the

crystal concentration in the continuous crystallizer are collected at discrete sampling times

with a delay time of τ and sent to the controller where the control action is calculated and

then sent to the actuator to affect the desired change in the process state.

Through method of moments, a fifth-order ordinary differential equation system is derived

to describe the temporal evolution of the first four moments of the crystal size distribution

and the solute concentration. Using dimensionless variables, the reduced-order model can

be cast in the following form:

16

˙x0 = −x0 + (1− x3)Da e

(−F

y2c

)

˙xdm = −xdm + ycxdm−1, i = 1, 2, 3

˙yc =1− yc − (α− yc)ycx2

1− x3+

u

1− x3

(2.4)

where xdm, dm = 0, 1, 2, 3, are the dimensionless moments of the crystal size distribution;

yc is the dimensionless concentration of the solute in the crystallizer; u is the dimensionless

concentration of the solute in the feed stream; F = 0.1021, α = 7.187, and Da = 2719

are the dimensionless constants computed from the process parameters [7]. At these values

and at the nominal steady-state operating condition of us = 0, the global phase portrait of

the system of (2.4) has a unique unstable equilibrium point at [xs0 xs

1 xs2 xs

3 ysc ] =

[46.73 6.62 0.94 0.13 0.14], which is surrounded by a stable limit cycle. Only

measurements of the crystal concentration, x0, are considered to be available online. These

can be obtained, for example, via light scattering techniques.

Table 2.1. Process parameters and steady-state values for the continuous crystallizer.

ρ = 1770 kg/m3 k1 = 0.05065e(−EgR·TI

)

cso = 1100 kg/m3 k2 = 7.958e(−EbR·TI

)

cs = 991.7125 kg/m3 k3 = 0.001217

τr = 1h σ = k1τ(cso − cs)

Eg = 2.2 kJ/mol Da = 8πσ3k2e(−EbR·TI

)τ

Eb = 0.00001 kJ/mol F =k3c

2s

(co − cs)2

R = 0.008314 kJ/mol ·K α =ρ− csco − cs

TI = 318K

For simplicity, we consider the problem on the basis of the linearization of the process

around the desired steady state. The linearized process model takes the form:

17

x(t) = Ax(t) +Bu(t)

y(t) = Cx(t)(2.5)

where x is the vector of state variables, u is the manipulated input, and y is the measured

output vector. The state vector is defined by x = [x0 x1 x2 x3 yc] = [x0 − xs0 x1 −

xs1 x2 − xs

2 x3 − xs3 yc − ysc ]

T , where the superscript denotes the steady-state value;

and A, B, and C are constant matrices given by:

A =

−1 0 0 −Da e−F

(ysc)2 2FDa(1−xs

3)

(ysc)3 e

−F

(ysc)2

ysc −1 0 0 xs0

0 ysc −1 0 xs1

0 0 ysc −1 xs2

0 0 −ysc(α−ysc)1−xs

3

1−ysc−xs2y

sc(α−ysc)

(1−xs3)

2

−1−αxs2+2xs

2ysc

1−xs3

(2.6)

B =[0 0 0 0 1

1−xs3

]T, C = [1 0 0 0 0] (2.7)

Over the next two sections we describe how the control strategy is tailored to explicitly

account for the effects of measurement sampling, measurement delays, and component faults.

We begin with the design and analysis of the fault-free control system. The results will serve

as the basis for tackling the fault detection and fault accommodation problems in the later

sections.

2.3 Fault-free controller synthesis, analysis and imple-

mentation

The objective of this section is to design an output feedback controller that enforces closed-

loop stability in the absence of faults using sampled and delayed output measurements. The

second objective is to characterize the minimum allowable sampling rate necessary for closed-

loop stability. The design and analysis of the fault-free control system will serve as the basis

for tackling the fault detection and fault accommodation problems in the next sections.

18

2.3.1 Output feedback controller synthesis

We consider an observer-based output feedback controller of the form:

u(t) = Fη(t)

η(t) = Aη(t) + Bu(t) + L(y(t)− Cη(t))(2.8)

where F is the feedback gain; η is the state of an observer that generates estimates of x using

y; A and B are constant matrices that represent models of A and B, respectively; L is the

observer gain. In general, A 6= A and B 6= B to allow for plant-model mismatch. When the

output measurements are transmitted continuously without delay, and in the special case

that A = A, B = B, a necessary and sufficient condition for the stability of the closed-loop

system of (2.5)-(2.8) (with fc ≡ 0) is to have the eigenvalues of both A + BF and A− LC

in the left half of the complex plane.

When the output measurements are delayed and sampled discretely, the observer in (2.8)

cannot be implemented directly. To compensate for the lack of continuous measurements,

a dynamic model of the process of (2.5) is embedded to provide the observer with an esti-

mate of the measured output when sensor measurements are unavailable. The state of the

model is then updated when the actual output measurements are received. The computa-

tional capabilities of modern control systems justifies and supports the computational load

associated with this approach (e.g., solving the model equations and performing the control

calculations). Specifically, we consider an inter-sample model predictor of the form:

w1(t) = A11w1(t) + A12w2(t) + B1u(t)

w2(t) = A21w1(t) + A22w2(t) + B2u(t)

(2.9)

where w = [w1 w2]T , w1 := y is an estimate of the process output (e.g., the crystal concen-

tration) and w2 is a vector of the remaining unmeasured process states, A =

A11 A12

A21 A22

,

19

B = [BT1 BT

2 ]T . The model output is updated when the output measurements are transmit-

ted and received by the controller at discrete times. In addition to measurement sampling,

we also consider the case when the measurements are delayed. For a constant delay time τ

and a sampling period ∆, the sensor output that the controller receives at times tj = j∆ is

the output value sampled τ hours earlier, i.e., y(j∆ − τ). To compensate for the measure-

ment delay, a propagation unit is embedded in the control system which uses the process

model and the past values of the control input to calculate current output estimates from

the delayed measurements. This is then used to update the inter-sample model predictor

which, together with the controller, generates the process control signal. The propagation

unit can be described by:

˙w1(t) = A11w1(t) + A12w2(t) + B1u(t)

˙w2(t) = A21w1(t) + A22w2(t) + B2u(t)

y(t) = w1(t)

y(tj+1 − τ) = y(tj+1 − τ)

(2.10)

where w = [w1 w2]T , w1 := y is an estimate of the current process output calculated from

the delayed output measurement y, w2 is the estimate of the current value of unmeasured

process states, tj is the j-th sampling instance, and ∆ := tj+1 − tj is the sampling period.

With the aid of the inter-sample model predictor and the propagation unit, the output

feedback controller can be implemented as follows:

20

u(t) = Fη(t)

η(t) = Aη(t) + Bu(t) + L(y(t)− Cη(t))

w1(t) = A11w1(t) + A12w2(t) + B1u(t)

w2(t) = A21w1(t) + A22w2(t) + B2u(t), t ∈ (tj , tj+1]

y(t) = w1(t)

˙w1(t) = A11w1(t) + A12w2(t) + B1u(t)

˙w2(t) = A21w1(t) + A22w2(t) + B2u(t), t ∈ (tj+1 − τ, tj+1]

y(t) = w1(t)

y(tj+1 − τ) = y(tj+1 − τ)

y(tj) = y(tj), j = 0, 1, 2, · · ·

(2.11)

The mechanism of how the propagation unit and inter-sample model predictor are reset

at the respective transmission and arrival times is shown in Fig.2.2. Note that only the

output of the model is re-set using current output estimates generated by the propagation

unit. This is calculated from the delayed measurements received at each sampling time.

Furthermore, the choice of A11 = O, A12 = O, B1 = O; corresponds to the special case of

sample-and-hold where the last available measurement is kept between consecutive sampling

times until the next one is available.

Note that unlike state feedback, the control action in (2.8) depends on the state of the

observer and not that of the inter-sample model predictor. Under this formulation, the

control action is a function of the observer state which is continuous. This scheme was

selected to prevent jumps in the value of the manipulated variable whenever the state of the

inter-sample model predictor is reset. Such behavior is undesired since it requires an almost

instantaneous action from the actuator which is typically subject to input rate constraints.

21

t0 t1- t1 t2t2-

)y(t)(ty 11

)(ty)(ty 11)(ty)(ty 22

)y(t)(ty 22

Transmission time:

Propagation unit reset

Arrival time:

Inter-sample model reset

Figure 2.2. Timeline of measurement transmission and arrival times under measurementsampling and delay.

2.3.2 Characterizing the minimum allowable sampling rate

To simplify the analysis, we focus on the typical case when the sampling period and the delay

time are constant (or at least bounded; extensions to the case of time-varying sampling

periods and delay times are possible and the subject of other research work). We also

consider that the sampling period is greater than the delay time (∆ > τ). To characterize

the maximum allowable sampling period or the minimum sampling rate between the sensors

and the controller; the model estimation error is defined as e(t) = y(t)− y(t) = w1(t)−w1(t),

where e is the difference between the output of the model and the estimate of the current

process output generated by the propagation unit. Similarly, the propagation estimation

error is e(t) = y(t) − y(t) = w1(t) − Cx(t), where e represents the difference between the

estimate of the current output and the actual current output of the process. After defining

the augmented state vector χ =[xT ηT wT

2 eT wT2 eT

]T, the augmented system can be

formulated as a combined discrete-continuous system of the general form:

22

χ(t) = Λoχ(t), t ∈ (tj , tj+1)

e(tj) = e(tj+1 − τ) = 0, j = 0, 1, 2, · · · ,(2.12)

where

Λo =

A BF O O O O

LC A+ BF − LC O L O L

A21C B2F A22 A21 O O

A11C − CA B1F − CBF A12 A11 O O

A21C B2F O A21 A22 A21

O O −A12 O A12 A11

(2.13)

is a constant matrix. Note that while the process state x, the observer state η, the prop-

agation estimate of the unmeasured states w2, and the model predictor state of the un-

measured states w2 all evolve continuously over time, the error e is re-set to zero at each

transmission instance, tj, since the output of the model is updated every ∆ seconds using

the estimate of the current output measurement, and the error e is re-set to zero at tj+1 − τ

since the estimate of the current output is updated using the actual output measurement

at that time. It can be shown from Proposition A.1 in Appendix A that the system de-

scribed by (2.12) has the following solution for j = 0, 1, 2, · · · with the initial condition

χ(t0) =[xT (t0) ηT (t0) wT

2 (t0) 0 wT2 (t0) 0

]T:= χ0 [47, 48]:

χ(t) =

eΛo(t−tj )M jχ0, t ∈ [tj , tj+1 − τ)

eΛo(t−tj+1+τ)IτeΛo(∆−τ)M jχ0, t ∈ [tj+1 − τ, tj+1)

(2.14)

with ∆ := tj+1 − tj and M := IoeΛoτIτe

Λo(∆−τ),

23

Io =

Ip×p O O O O O

O Ip×p O O O O

O O I(p−q)×(p−q) O O O

O O O Iq×q O O

O O O O I(p−q)×(p−q) O

O O O O O O

(2.15)

Iτ=

Ip×p O O O O O

O Ip×p O O O O


O O O O O O


O O O Iq×q O Iq×q

(2.16)

where I is the identity matrix. Based on (2.14), it can be shown that for the stability of

the fault-free sampled-data closed-loop plant, it is necessary and sufficient to have all the

eigenvalues of the matrix M strictly inside the unit circle (see Theorem A.1 in Appendix A).

The augmented system satisfies a bound of the following form:

‖χ(t)‖ ≤ α‖χ0‖e−β(t−t0) (2.17)

for some constants α > 1 and β > 0, if and only if λmax(M) < 1, where λmax(M) is the

maximum eigenvalue magnitude of the matrix M .

It can be seen from the structure of Λo in (2.13) that the minimum stabilizing sampling

rate is dependent on the accuracy of the inter-sample model predictor, the delay time, and the

controller and observer design parameters. This dependence can be used to systematically

investigate the tradeoffs that exist between these various factors in influencing closed-loop

stability. It can also be shown that the requirement on the spectral radius of the test matrix

24

M to be strictly less than unity is not only sufficient but also necessary to guarantee closed-

loop stability. Note that while the above analysis was carried out for the case when the delay

time is smaller than the sampling period, a similar analysis can be applied to the case when

the sampling period is less than the delay time (∆ < τ). In the latter case, however, multiple

propagation units are required to account for every instance of measurement transmission

that occurs within each subinterval. In addition, because the update pattern within each

subinterval is different for the two cases, the structure of the stability test matrix M will

differ which, in turn, affects the stability criterion. This results in a larger augmented system

depending on the relative size of the delay time and the sampling period. Despite these

differences, a general analysis may be carried out for both cases wherein the repeating pattern

is determined and the stability analysis is carried out for each subinterval. In addition, these

results may also be extended for more general cases involving multiple measurement outputs

that are sampled at different rates and will be the subject of future research work.

It should also be noted that the ideas of using a process model and a propagation unit

to compensate for the lack of continuous measurements and the delay, respectively, are

inspired by the results obtained in the context of networked control systems [47, 48]. In

these works, however, the sensor-controller communication is limited due to the presence

of a bandwidth-limited network, while here it is limited by the constraints on the sensor

sampling rate. Furthermore, the control architecture presented here differs in that: (a) the

controller, observer, propagation unit, and model are all co-located on the controller side,

(b) the control action is calculated using the observer state (and not the model state), and

(c) the model is used only by the observer, and its output is reset by the estimate of the

current process output at the sampling times.

2.3.3 Application to the continuous crystallizer

An output feedback controller of the form (2.8) is designed to stabilize the continuous crys-

tallizer in the absence of faults where the controller and observer gains are chosen such that

25

the poles of A − BF and A − LC are at (−1.001, −2.001, −3.001, −4.001, −2.5). We

consider the case of parametric uncertainty in the dimensionless constant F in (2.4) to in-

vestigate the effect of model uncertainty on the stability of the sampled-data system. This

results from the dependence of F on k3 based on the following relation: F = k3c2s

(c0−cs)2 . There

is uncertainty in the actual value of k3 which is determined experimentally. Model uncer-

tainty is computed as δ =k3−km3

k3where k3 is the actual value and km

3 is the value used in the

model. Any other source of model uncertainty can be considered and analyzed in a similar

fashion.

1

11

11

1

2

2

2

2

Sampling period, (hr)

Dela

y tim

e,

(h

r)

0 0.5 1 1.50

0.5

1 1

1

1

1

2

2

2

2 1

1


Dela

y tim

e,

(h

r)

0 0.5 1 1.50

0.5

1

(a)

1

11

11

1

2

2

2

2


Dela

y tim

e,

(h

r)

0 0.5 1 1.50

0.5

1

(b)

Figure 2.3. Region of stability is larger with a propagation unit (δ = 0.3). Plots (a)-(b):Contour plot of λmax(M) with (a) and without (b) a propagation unit.

It was previously shown that λmax(M) < 1 is the necessary and sufficient condition for

fault-free closed-loop plant stability. A contour plot is used to show how λmax(M) varies

depending on the delay time τ and sampling period ∆ (Fig. 2.3). Since the contour lines

signify different values of λmax(M), then the area enclosed by the unit contour lines denotes

the stability region of the linearized plant. Given the delay time, the minimum allowable

sampling rate or maximum sampling period corresponds to values along the unit contour

lines that bound the stability region. As expected, the range of values of the sampling period

that lead to stable behavior shrinks as the delay time is increased. For comparison, a contour

plot is also generated for a similar system without the aid of a propagation unit (Fig. 2.3(b)).

26

0 5 10 15-40

-20

0

20

40

60

Time (hr)

Cry

sta

l concentr

ation,

x0

With propagation unitWithout propagation unit

0 5 10 15-40

-20

0

20

40

60

Time (hr)

Cry

sta

l concentr

ation,

x0


(a)0 10 20 30

-10

-5

0

5

10

15

Time (hr)

Tota

l part

icle

siz

e,

x1


(b)

0 5 10 15 20 25

-0.1

-0.05

0

0.05

0.1

0.15

Time (hr)

Solu

te c

oncentr

ation,

yc


(c)0 5 10 15 20

-0.4

-0.2

0

0.2

0.4

0.6

Time (hr)

Feed c

oncentr

ation,

u


(d)

Figure 2.4. The closed-loop system can only be stabilized with a propagation unit (δ =0.3, τ = 0.5h, ∆ = 1h).

In this second case, the inter-sample model predictor is updated at each sampling instance

using the delayed output measurements, instead of the current output estimates generated

by the propagation unit. The stability region is larger when a propagation unit is used.

This indicates that accounting for the measurement delays increases the range of values

for the delay time and sampling period that will still lead to stability in the system. In

addition to the previously mentioned assumptions on the sampling period and delay time,

we consider the case when both values are known. This is not generally the case in actual

practice; however, knowing that the operating point is within a given range that lies inside

the stability region will suffice for practical applications (Fig. 2.3).

The operating point selected is inside the stability region predicted by Fig. 2.3(a) but

27

outside the stability region in Fig. 2.3(b). These findings are confirmed by the closed-loop

evolution of the states and manipulated input at a delay time of τ = 0.5h and sampling

period of ∆ = 1h (Fig. 2.4). It is evident from this example that the process can only be

stabilized at the desired steady-state when the control system is operated with the aid of a

propagation unit.

2.4 Fault detection and accommodation

In this section, the fault-free closed-loop behavior characterized in the previous section is

used to derive appropriate rules for fault detection and accommodation. The idea is to use

the state observer in (2.11) as a fault detection filter and to compare its output with the

actual output of the system when measurements are available to ascertain the health status

of the process.

2.4.1 Fault detection

Consider the closed-loop system of (2.5) and (2.11) with no component fault (fc ≡ 0), and

consider the augmented system of (2.12)-(2.13) where the sampling period is chosen such

that λmax(M) < 1. The residual defined by rd = ‖y − Cη‖ can then be shown to satisfy a

time-varying bound of the following form for all t ≥ t0:

rd(t) ≤ α‖χ0‖e−β(t−t0) (2.18)

where α = 2‖C‖α and β = β. This bound can be obtained directly from the fact that

‖x(t)‖ ≤ ‖χ(t)‖, ‖η(t)‖ ≤ ‖χ(t)‖, and the fact that χ(t) satisfies (2.17) in the absence of

faults. Thus, for a sampling rate that is stabilizing in the absence of faults, the bound in

(2.18) can be used as a time-varying alarm threshold. A fault is declared when the residual

breaches this threshold, i.e.,

rd(Td) > α‖χ0‖e−β(Td−t0) =⇒ fc(Td) 6= 0 (2.19)

for some Td > 0. Note, however, that even though η is available continuously, the residual

can only be evaluated discretely regardless of when the fault actually occurs (i.e., faults

28

can be detected only at tj + τ, j = 0, 1, 2, · · · ). This is because the output measurements

are sent discretely at each sampling instance and are received τ hours after transmission.

Detection delays can be minimized by proper tuning of the controller and observer design

parameters and appropriate selection of the constants α and β such that the alarm threshold

is sufficiently tight. In principle, one could calculate appropriate values of α and β from the

proof but this would result in conservative figures that are not restrictive enough. To prevent

detection delays, the fault-free closed-loop behavior may be simulated and values of α and β

are obtained based on the profile generated. However, detection delays can only be minimized

to some extent since their values are ultimately constrained by the feasible sampling rate

and the delay time of the measurement sensors. While it is desirable to minimize detection

delays, there should be an appropriate balance in the selection of the alarm threshold such

that it is tight enough to detect faults without resulting in false alarms.

It should be noted that the above fault detection scheme can be used for fault detection

for incipient and abrupt faults and other faults that influence the evolution of the process

state.

2.4.2 Fault accommodation and compensation

Once a fault is detected, corrective action needs to be taken to compensate thereby main-

taining closed-loop stability and ensuring fault-tolerance. Using the known values for the

model parameters, sampling period, and delay time; stabilizing feedback and observer gains

are selected. This is based on the necessary and sufficient condition for stability where

λmax(M) < 1 has to be satisfied. The matrix M in (2.14) depends on Λo which, in turn,

is a function of the feedback and observer gains as shown in (2.13). This is the basis for

the fault accommodation logic which involves adjusting the controller and observer design

parameters. Hence, this ensures that the control system remains stabilizing in the presence

of faults for the given sampling period and delay time.

The implementation of the fault accommodation logic requires a characterization of the

29

regions of stability which does not necessitate a graphical depiction. Note that this region

of stability is based on the stability condition for fault-free sampled-data closed loop plant

that all the eigenvalues of the matrix M be strictly inside the unit circle. Contour plots

of the region of stability may be generated for illustrative purposes to enhance clarity with

regards to the fault accommodation technique; however, the construction of such plots is not

required for the implementation of the fault accommodation logic. All that is needed is the

calculation of matrix M . Such contour plots are possible in the case of a single component

fault but become more involved in the case of multiple component faults. Nonetheless, the

same principle applies wherein the stability is determined based on the eigenvalues of the

matrix M .

The same logic is also applicable when multiple consecutive faults take place. This

control architecture makes use of a stability-based fault-detection scheme which does not

handle faults that are not severe or destabilizing, as in the case when multiple faults offset

each other. Such faults do not necessitate fault accommodation since they do not affect

stability. Prior to fault detection, the fault time and nature of the fault is unknown. The

dynamics of the fault should propagate through the filter until it violates the alarm threshold.

When multiple destabilizing faults occur at different times, fault accommodation is handled

the same way. This is best understood when the resolution time exceeds the time required

for fault detection. On the other hand, multiple simultaneous faults or faults that are not

sufficiently temporally resolved become indistinguishable from each other and are treated

as a single fault. In both cases, fault accommodation is carried out as soon as the fault

registers in the filter. Note that a new alarm threshold needs to be obtained following each

fault accommodation event to detect possible faults in the new design. This is carried out

since the residual depends on the nominal fault-free behavior of the system as shown in

(2.18). This behavior is, in turn, affected by the controller and observer design parameters

which were modified following fault accommodation.

30

The fault accommodation strategy is event-based and triggered only when an abnormality

is detected through the alarm threshold. Since the architecture makes use of a single residual,

it is not possible to detect different faults at different times. A breach in the alarm threshold

could be caused by a single fault or the combined effect of several faults. For the second

case, one can only distinguish among the faults once the fault isolation is carried out. Upon

fault detection, the fault isolation scheme assumed to be in place determines the nature

and location of the fault. Fault accommodation is then carried out after determining the

appropriate parametric values that satisfy the stability condition given the new operating

point. Once the threshold is exceeded, the fault detection filter is unable to detect succeeding

faults and a new residual has to be put in place.

2.4.3 Application to the continuous crystallizer

To illustrate the fault detection and handling capabilities of the fault-tolerant control system,

the continuous crystallizer is initialized at a residence time of τr = 1h. Since the controller

and observer gain values are calculated by first specifying the desired location for the poles

of A+BF and A−LC, the gain values may be controlled indirectly by changing the location

of one of these poles. The variable closed-loop poles for both gains are chosen to be initially

at λ = −2.5. The sampling period is set to ∆ = 1h with a time delay of τ = 0.5h. An

inter-sample model predictor is used to estimate the evolution of the states between sampling

instances. The fault-free residual behavior along with results from (2.18) are used to derive

the following time-varying bound on the residual rd(t) ≤ 13e−0.08(t−t0). This serves as an

alarm threshold for fault detection. Alarm thresholds need not be time-varying; however,

this feature ensures timely recovery from faults by minimizing detection delays. The shape

of the alarm threshold in (Fig. 2.5(f)) is based on the desired fault-free dynamic behavior of

the augmented system in (2.3) which should decay exponentially thereby leading to stability.

A fault is modeled by introducing a malfunction in the mechanism responsible for regu-

lating the flow rate τr at Tf = 10h. This leads to a change in the residence time. This event

31

is modeled as a component or parametric fault since it leads to a change in the values of

the process parameter, Da as follows: Da = 8πσ3k2τr where σ = k1τr(c0 − cs). Note that

this is different from an actuator fault since it does not affect the feed concentration—the

manipulated input of the control loop of interest. As such, this fault cannot be handled

through controller reconfiguration since switching to a different actuator or choosing a dif-

ferent manipulated input will not address the source of the fault. In fact, in this specific

example, controller reconfiguration is not possible since the feed concentration is the only

variable that is manipulated.

The fault causes a 10% increase in the residence time, τr, shifting it from 1h to 1.1h.

Since the fault is modeled by a change in the residence time and fault accommodation is

carried out by modifying the pole values, the stability region needs to be characterized based

on these two variables. This is carried out using the condition for fault-free closed-loop plant

stability, λmax(M) < 1, and the fact that M is a function of the residence time and pole

values. The matrix M is related to Λ0 based on (2.13) which, in turn, is affected by the

pole values as shown in (2.14). Using this relationship, a contour plot is created describing

how the maximum eigenvalue magnitude of the matrix M , λmax(M), changes depending on

the residence time and pole values (Fig. 2.6). This plot, which shows the stability region

bounded by the unit contour lines, is instrumental in the fault accommodation process once

a fault is declared. The operating point corresponding to a residence time, τr, of 1h and a

closed-loop pole value, λ, of −2.5 was initially within the stability region (Fig. 2.6). The new

process condition resulting from the parametric fault pushes the operating point outside the

region bounded by the unit contour line (i.e., τr = 1.1h, λ = −2.5). A pole value, λ, of −2.5

at a residence time, τr, of 1h satisfies the condition for fault-free closed-loop plant stability,

λmax(M) < 1, and is, therefore, expected to be stabilizing; while the same pole value at the

new residence time results in instability since the maximum eigenvalue magnitude of the

matrix M exceeds one, λmax(M) > 1 (Fig. 2.6).

32

0 10 20 30 40 50

-20

0

20

40

Time (hr)

Cry

sta

l concentr

ation,

x0

(a)0 5 10 15 20

-0.04

-0.02

0

0.02

Time (hr)

Solu

te c

oncentr

ation,

yc

(b)

0 10 20 30

-10

-5

0

5

10

Time (hr)

Cry

sta

l concentr

ation,

x0

(c)0 10 20 30

-0.04

-0.03

-0.02

-0.01

0

0.01

0.02

Time (hr)

Solu

te c

oncentr

ation,

yc

(d)

0 5 10 15 20 25

-0.3

-0.2

-0.1

0

0.1

0.2

Time (hr)

Feed c

oncentr

ation,

u

With SwitchingWithout Switching

(e)0 5 10 15

0

5

10

15

Time (hr)

Resid

ual, r

d(t

)

With SwitchingWithout SwitchingThreshold

Fault detectiont = 12 hr

(f)

Figure 2.5. Fault detection and accommodation maintains stability after a componentfault at Tf = 10h (δ = 0.3, τ = 0.5h, ∆ = 1h). Plots (a)-(d): Closed-loop state profileswith (a)-(b) and without (c)-(d) fault detection and accommodation. Plot (e): Closed-loop profiles of the manipulated input. Plot (f): Fault detection based on the evolution ofthe residual. Note: Profiles in plots (a)-(e) are in deviation variable form. Actual valuesare non-negative.

33

1

1

1

1

11

2

2

2

Controller/Observer pole,

Resid

ence t

ime,

r

-3 -2 -1 00.9

1

1.1

1.2

1.3

Fault occurrence

Fault accommodation

r = 1

= -2.5

r = 1.1

= -0.5

Figure 2.6. Fault accommodation using a contour plot of λmax(M) indicating the regionof stability.

The fault is detected at Td = 12h when it causes the residual to breach the time-varying

alarm threshold (Fig. 2.5(f)). In this particular example, α = 13 and β = 0.08 using the

techniques in Section 2.4. There are several existing studies on fault detection and isolation

mechanisms which are used to determine the source and magnitude of a fault in a given

system [27, 49]. In this example, a fault estimation scheme is assumed to be available and

is used to approximate the nature and size of the fault. This information is then utilized

to estimate the change in the values of the process parameter Da and, in turn, the new

residence time. The control system then modifies the faulty controller design settings based

on the calculated value so that it does not disturb future process operation. This is achieved

by selecting a point with a stabilizing closed-loop pole value of λ = −0.5 corresponding to

the new residence time. This new operating point (λ = −0.5, τr = 1.1h) now lies within the

stability region (Fig. 2.6). Any arbitrary pole value may be selected as long as it is within

the unit contour lines for a residence time of τr = 1.1h. Changing the pole values alters the

controller and observer design parameters and moves the new operating point into the stable

34

region. The closed-loop profiles confirm the predicted behavior and show how fault detection

and accommodation prevents the instability that would have resulted from the component

fault (Fig. 2.5).

The efficacy of the sampled-data controller coupled with the fault detection and accom-

modation scheme was also evaluated by applying the results to the nonlinear crystallizer of

(2.3), where the behavior of the particle size distribution was simulated using finite differ-

ences with 4000 temporal discretization points and 100 spatial discretization points (Fig. 2.7).

Grid-independence was ensured after obtaining identical results from higher order discretiza-

tion. The simulations were carried out in the presence of ±1% sensor measurement noise to

account for non-ideal behavior in actual conditions. It is shown that the system stabilizes

after a component fault occurs at Tf = 10h. In this case, the measurement noise results in

an additional delay in the fault detection which occurs at Td = 13h instead of at Td = 12h

(Fig. 2.7). Note that, following the fault accommodation, a new alarm threshold has to be

used to detect possible future faults.

In cases where fault accommodation cannot satisfy the stability requirement, the problem

can be addressed either by control reconfiguration (i.e., switching to a different manipulated

input) or by switching to an alternative set of sensors or actuators that have the required

sampling period and delay time. In extreme situations when all measures fail and the control

system cannot recover from the fault, the fault diagnosis information must be reported to

a higher-level supervisor which acts to ensure a graceful shutdown of the faulty process.

Another option would involve utilizing a safe-parking approach to steer the process to a

different operating point while the actuator is being repaired [49].

2.5 Conclusions

A model-based framework for fault detection and accommodation for particulate processes

subject to discretely-sampled and delayed measurements was presented. The control sys-

tem included an inter-sample model predictor and a propagation unit to account for the

35

01

23

0

20

400

0.2

0.4

Particle size, r (mm)Time (hr)

Pa

rtic

le S

ize

Dis

trib

utio

n, n

(r,t)

(a)0

12

3

0

20

400

0.2

0.4

Particle size, r (mm)Time (hr)

Pa

rtic

le S

ize

Dis

trib

utio

n,

n(r

,t)

(b)

0 5 10 15 20 25

-0.3

-0.2

-0.1

0

0.1

0.2

Time (hr)

Feed c

oncentr

ation,

u

With SwitchingWithout Switching

(c)

Figure 2.7. Fault detection and accommodation maintains the stability of the ParticleSize Distribution (PSD) in the presence of sensor measurement noise after a componentfault at Tf = 10h (δ = 0.3, τ = 0.5h, ∆ = 1h). Plot (a): Closed-loop PSD profile with(a) and without (b) fault detection and accommodation. Plot (c): Closed-loop profiles ofthe manipulated input in deviation variable form.

36

effects of the measurement sampling and delays. By formulating the closed-loop system as a

combined discrete-continuous system, an explicit characterization of the fault-free behavior

was obtained and used to derive rules for fault detection and accommodation. The results

were illustrated using a continuous crystallizer example. Due to the closure of the moments

of the crystal size distribution in this example, the reduced-order moments model used for

controller design captured the exact crystallizer dynamics. This implies that the closed-loop

stability analysis and the fault detection and accommodation logic, derived on the basis

of the reduced-order model, can be applied directly to the infinite-dimensional system. In

general, when the reduced-order model only captures the approximate process dynamics,

modifications in the fault detection alarm thresholds and fault accommodation logic are

necessary to account for approximation errors when the finite-dimensional control system is

implemented. These modifications can be obtained using regular perturbation techniques

[1].

37

Chapter 3

Data-based fault identification and

fault accommodation in the control of

particulate processes with sampled

measurements

This chapter deals with the problem of fault identification and accommodation in particu-

late processes with discretely sampled measurements. The methodology involves reducing

the infinite-dimensional equation describing the particulate process to a finite-dimensional

model that captures the dominant dynamics of the system. A state feedback controller is

designed based on the reduced-order model. A zero-order hold, inter-sample model pre-

dictor is used to compensate for the measurement intermittency. This model is updated

at each sampling time once actual measurements are available. The location and magni-

tude of actuator faults are calculated at each sampling time by solving a moving-horizon

least-squares parameter estimation scheme online. The closed-loop stability properties of

the discrete-continuous system is explicitly characterized in terms of the sampling period,

controller design parameters, and actuator effectiveness (absence or extent of malfunction).

These are used in the fault accommodation approach which is critical in maintaining stability

after a fault occurs in the system. The ability of the proposed methodology to identify and

38

handle simultaneous and consecutive, as well as full and partial, faults are illustrated using

a non-isothermal continuous crystallizer.

The rest of the chapter is organized as follows: In Section 3.3, the model for fault identi-

fication is introduced wherein fault parameters are defined for each actuator in the system.

The next step in Section 3.4 is defining a state feedback controller under measurement sam-

pling whose stability properties are analyzed and characterized as a function of the controller

design parameters, sampling time, and the fault parameters of individual actuators. These

stability properties are utilized in Section 3.5 using a simulated model of a non-isothermal

continuous crystallizer. The data-based fault identification and fault accommodation struc-

ture was found to be effective in maintaining stability even when subject to various types of

fault scenarios. The results of this chapter were first presented in [50].

3.1 Preliminaries







∂n

∂t= −

∂(G(z, r) · n)

∂r+ wn(n, z, r), n(0, t) = b(z(t)) (3.1)


∫ rmax

0

q(n, z, r)dr (3.2)




39














yι(t) = hι

(∫ rmax

0cκ(r)n(r, t)dr, z






The control objective is to formulate a unified framework for data-based fault identifica-

tion and accommodation that will enforce closed-loop stability under actuator faults using

sampled state measurements. The problems under consideration include: process regula-

tion using discretely-sampled measurements in the absence of faults, timely isolation and

identification of actuator faults, and fault accommodation to maintain the desired stabil-

ity and performance characteristics. To address these problems, we consider the following

methodology:

• Model reduction: Initially use model reduction techniques to derive a finite-dimensional

40

model that captures the dominant dynamics of the infinite-dimensional system describ-

ing the continuous crystallizer.

• Controller synthesis: Design a model-based feedback controller that stabilizes the pro-

cess states at the desired steady-state in the absence of faults. To compensate for the

lack of continuous measurements, a zero-order hold model is used wherein past state

measurements are held until the next sampling period when new state measurements

are available.

• Analysis: Obtain an explicit characterization of the minimum allowable sampling rate

that guarantees stability and residual convergence in the absence of faults in terms

of the sampling period, fault parameter/s for each actuator, and the controller design

parameter.

• Fault identification: Obtain estimates of the fault parameter via moving horizon es-

timation by comparing state estimates generated by a discrete model to the set of

previous state data.

• Fault accommodation: Derive a fault accommodation logic to preserve closed-loop

stability and minimize performance deterioration for the given sampling period and

fault parameters. The supervisor then determines the appropriate accommodation

strategy: no action, controller reconfiguration, or actuator switching.

Figure 3.1 is a schematic depiction of the different layers in the hierarchical structure for

fault identification and accommodation. This architecture shows the main components in

the design: controller, process, fault identifier, supervisor. At each sampling time, the fault

identifier updates its set of data with the current sensor measurement and uses it to calculate

estimates of the fault parameter. This information is sent to the supervisor which determines

the appropriate control action. The next sections provide a detailed description of the design

and implementation of the proposed hybrid monitoring structure.

41

Particulate Process

Sensors

Fault Identifier

Continous-time

model

Controller

Actuators

Fault

accommodation

strategy

Supervisor

Discrete-time

model

Optimization

problem

Data storage

u

xi

x(tj)

Figure 3.1. Overview of the integrated control architecture with fault identification andaccommodation.


A well-mixed non-isothermal continuous crystallizer is used throughout the paper to illus-

trate the design and implementation of model-based fault detection and accommodation.

Particulate processes are characterized by the co-presence of a continuous and dispersed

phase. The dispersed phase is described by a particle size distribution whose shape influ-

ences the product properties and ease of product separation. Hence, a population balance

on the dispersed phase coupled with a mass balance for the continuous phase is necessary

to accurately describe, analyze, and control particulate processes. Under the assumptions of

spatial homogeneity, constant volume, mixed suspension, nucleation of crystals of infinitesi-

mal size, mixed product removal, and a single internal particle coordinate—the particle size

(r); a dynamic crystallizer model can be derived:

42

∂n

∂t= k1(cs − c)

∂n

∂r−

n


(−k3

(c/cs−1)2

)

dc

dt=

(c0 − ρ)

ǫτr+

(ρ− c)

τr+

(ρ− c)

ǫ

dǫ

dt

dT

dt=

ρcHc

ρCp

dǫ

dt−

UAc

ρCpV(T − Tc) +

(T0 − T )

τr

(3.3)

where n(r, t) is the number of crystals of radius r ∈ [0,∞) at time t per unit volume

of suspension; τr is the residence time; c is the solute concentration in the crystallizer; ρ

is the particle density; ǫ = 1 −∫

∞

0n(r, t)π 4

3r3dr is the volume of liquid per unit volume

of suspension; cs = −3T 2 + 38T + 964.9 is the concentration of the solute at saturation

computed using T = T−273333−273

; c0 is the concentration of solute entering the crystallizer; k1,

k2 and k3 are constants; and δ(r − 0) is the standard Dirac function. The term containing

the Dirac function accounts for the nucleation of crystals of infinitesimal size while the

first term in the population balance represents the particle growth rate. The crystallizer

exhibits highly oscillatory behavior due to the relative nonlinearity of the nucleation rate as

compared to the growth rate. This results in process dynamics characterized by an unstable

steady-state surrounded by a stable periodic orbit. The control objective is to suppress the

oscillatory behavior of the crystallizer in the presence of actuator faults. This is carried

out by stabilizing it at an unstable steady-state that corresponds to a desired particle size

distribution by manipulating the solute feed concentration (c0) and residence time (τr).

Through method of moments, a sixth-order ordinary differential equation system was

derived to describe the temporal evolution of the first four moments of the particle size

distribution, the solute concentration, and the temperature (see [7] for a detailed derivation).

The reduced-order model can be cast in the following form:

43

dµ0

dt=

−µ0

τr+

(1−

4

3πµ3

)k2e

−k3

( ccs

−1)2

e−EbRT

dµv

dt=

−µv

τr+ vµv−1k1(c− cs)e

−EgRT , v = 1, 2, 3

dc

dt=

c0 − c− 4πk1e−EgRT τr(c− cs)µ2(ρ− c)

τr(1− 4

3πµ3

)

dT

dt= −

ρHc

ρCp

dµ3

dt−

UAc

ρCpV(T − Tc) +

(T0 − T )

τr

(3.4)

The global phase portrait of the system of (3.4) has a unique unstable equilibrium point

surrounded by a stable limit cycle at xs = [µs0 µs

1 µs2 µs

3 cs T s]T =

[0.0047 0.0020 0.0017 0.0022 992.95 298.31]T . Sampled measurements of

the moments (µ0, µ1, µ2, µ3), the solute concentration (c), and temperature (T ) are used

to control the process. These state measurements are collected discretely and sent to the

controller where the control action is calculated and then sent to the actuator to effect the

desired change in the process state.



x(t) = Ax(t) +Bu(t) (3.5)

where x(t) is the vector of state variables; u is the manipulated input; A and B are constant

matrices given by: A=∂f

∂x

∣∣∣∣(xs,us)

, B=∂f

∂u

∣∣∣∣(xs,us)

where us denotes the steady state values

for the available manipulated inputs. The state vector is expressed as a deviation variable,

x(t) = χ(t)− xs, where χ(t) = [µ0(t) µ1(t) µ2(t) µ3(t) c(t) T (t)]T .

Table 3.1 gives the process parameters and steady state values used in the simulated

crystallizer example. Over the next sections, we describe the control architecture and fault

identification scheme.

44

Table 3.1. Process parameters and steady-state values for the non-isothermal continuouscrystallizer.

ρc = 1770 kg/m3 ρCp = 3000 J/m3 ·K

cso = 1000 kg/m3 Hc = −50 J/kg

τr = 1h U = 1800W/K ·m2

Eg = 1 kJ/mol Ac = 0.25m2

Eb = 0.00001 kJ/mol V = 0.01m3

T sc = 298K T s

o = 303K

R = 0.008314 kJ/mol ·K

k1 = 0.05064mm ·m3/kg · h k1 = k1e(−EgR·T

)

k2 = 7.957 (mm3 · h)−1 k2 = k2e(−EbR·T

)

k3 = 0.001217 k3 = k3

3.3 Fault identification

3.3.1 Fault model

To model the fault, the reduced, linearized system dynamics is written in the following form:

x(t) = Ax(t) +Bkαkuk(t) (3.6)

where x(t) is the vector of state variables; u is the manipulated input. The state vector is a de-

viation variable, x(t) = χ(t)− xs, where χ(t) = [µ0(t) µ1(t) µ2(t) µ3(t) c(t) T (t)]T ;

and A and Bk are constant matrices given by: A =∂f

∂x

∣∣∣∣(xs,us)

, Bk =∂f

∂uk

∣∣∣∣(xs,uk,s)

where

uk,s denotes the steady state values for the available manipulated inputs, k is the active

control configuration and m is the total number of actuators. For fault identification,

αk = diag{αk1, · · · , α

km} is a diagonal matrix that is used to account for the presence of

actuator faults or malfunctions in the system. Each of the diagonal elements in αk char-

acterizes the local health status of the individual actuators. In the illustrative example in

45

Section 3.5, α1 represents the health of the actuator used to vary the inlet concentration (c0)

while αk2 is for the actuator used to adjust the residence time (τr). The elements of the fault

matrix αk take values between zero and one where zero denotes total actuator failure while

one denotes the fault-free state of the fault parameter in l-th actuator wherein αkl (t) ∈ [0, 1].

In the absence of faults, αk = I where I is the identity matrix.

The continuous equation in (3.6) is converted into discrete form in order to more read-

ily compare these discrete estimates to the historical input and state measurements. The

modified system takes the form:

x[j + 1] = Ax[j] + Bαu[j], j ∈ {0, 1, · · · } (3.7)

where A = eA∆, B = A−1(eA∆ − I)B, ∆ = τj+1 − τj is the update period which represents

the time interval between discrete consecutive measurements, and j is the update instance.

3.3.2 Data-based fault identification

Data-based fault identification involves estimating the value of the fault parameter matrix

α and comparing this against the values generated by the fault model in (3.7). This is

done using historical data of the state measurements and the manipulated input. The cost

function is:

J(ζj , α) =

j−NI+1∑

p=j

(∥∥∥x[p + 1]− Ax[p]− Bαu[p]∥∥∥2)

(3.8)

where ζj = {(x[j − p], u[j − p])|p = 1, 2, · · · , NI} denotes the past NI historical data of

the state measurements and the manipulated inputs for each jth sampling instance. Using

a large value for NI results in higher accuracy for calculated values obtained for the fault

estimation matrix α; however, this may also result in a high computational load as well as

discontinuities in the values of α particularly right after a fault has occurred since the pool

of I/O data used in the calculations will involve data both before and after the fault. This

46

parameter should therefore be selected appropriately.

Using the cost function in (3.8), finite-horizon least squares optimization problem was

then developed as follows:

minα

J(ζj, α)

s.t. 0 ≤ α1,2 ≤ 1

Note that the calculated values of the fault matrix α may slightly differ from the actual

values α particularly at the onset of the fault.

3.4 Finite-dimensional sampled-data control system

3.4.1 State feedback controller synthesis

The control system design involved first synthesizing a state feedback controller that sta-

bilizes the finite-dimensional system when the sensors continuously transmit data to the

controller. We considered the following discrete controller for simplicity:

u(t) = Kx(t), t ∈ [τj , τj+1) (3.9)

The controller gain K is chosen to ensure that the eigenvalues of A + BK lie in the open

left half of the complex plane.

3.4.2 Controller implementation under measurement sampling

The implementation of the controller of (3.9) requires continuous availability of the sensor

measurements. Due to measurement sampling, the controller cannot be directly implemented

since the output measurements are only available at discrete time instances. To compen-

sate for the unavailability of continuous measurements, sample-and-hold scheme is used to

provide the controller with estimates of the states when measurements are not available.

At each sampling time, the corresponding values of the measured states are instantaneously

transmitted to the controller and are used to update the corresponding model states. The

model-based state feedback controller is implemented as follows:

47

u(t) = Kx(t), t ∈ [τj , τj+1)

˙x(t) = 0, t ∈ [τj , τj+1)

x(τj) = x(τj), j ∈ {0, 1, · · · }

(3.10)

where x is a model used in generating the discrete control by utilizing previously held state

values x(τj) until the next state measurement x(τj+1) is available, j denotes each sampling

instance, and τj are the update times when values of the state are collected.

3.4.3 Closed-loop stability analysis

To investigate the stability properties of the finite-dimensional sampled-data closed-loop

system, we first define the model estimation error as e = x(t) − x(t), where e represents

the difference between the model output given in (3.10) and the actual measured state.

Then, defining the augmented state vector ξ(t) = [x(t) x(t) e(t)]T , the finite-dimensional

sampled-data closed-loop system is formulated as a switched system and written in the form:

ξ(t) = Fξ(t), t ∈ [τj , τj+1)

e(τj) = 0, j ∈ {0, 1, · · · }(3.11)

where F is a matrix defined as:

F =

A+BαK −BαK

A+BαK −BαK

, (3.12)

The following proposition characterizes the sampled-data closed-loop system behavior in

terms of the sampling rate, the controller design parameters, and the actuator health.

Proposition 3.1. The augmented closed-loop system described by (3.11)-(3.12), subject to the

initial condition ξ(0) = [x(τ0) x(τ0) e(τ0)]T := ξ0, has a response of the form:

ξ(t) = eF (t−τj)N jξ0 (3.13)

for t ∈ [τj , τj+1), ∀ j ∈ {0, · · · }, where N is given by:

N = IseF∆ (3.14)

48

where Is = diag{I, O} is a diagonal matrix that accounts for the model update at each trans-

mission time which also resets the estimation error e to zero. The null matrix O accounts

for this update.

Based on (3.13)-(3.14), the following proposition provides a necessary and sufficient con-

dition for stability of the finite-dimensional sampled-data closed-loop system.

Proposition 3.2. Consider the sampled-data closed-loop system, (3.10), and the augmented

system of (3.11)-(3.12) whose solution is given by (3.13)-(3.14). Then the zeros solution,

ξ = [x x e]T = [0 0 0]T , is exponentially stable if and only if r(N(∆)) < 1.

Remark 3.1. An examination of the structure of N in (3.14) indicates that its spectral radius

is dependent on the sampling period, ∆, and F (which, in turn, depends on the actuator

health and the controller gain). All these factors are tied together through the stability con-

dition of Proposition 3.2 which can, therefore, be used to examine and quantify the various

interdependencies between these factors. For instance, if the sampling rate of a particular

sensor is fixed by some performance requirement, one can determine the level of actuator

malfunction that the system can still handle without leading to instability.

Remark 3.2. The requirement that the spectral radius of N be strictly less than one ensures

stability by limiting the growth of the closed-loop state within each update period ∆ as the

measurement sampling is repeatedly executed over time.

3.5 Fault-tolerant control

A non-isothermal continuous crystallizer example is selected to illustrate the proposed fault-

tolerant scheme. Discrete measurements of the moments of the particle size distribution (µ0,

µ1, µ2, µ3), concentration (c), and temperature (T ), are used to control the system. The

inter-sample state estimator is used to estimate values of the states using held values of past

49

state measurements when actual sensor measurements are unavailable. A sampling period

of ∆ = 6min is chosen.

The system is controlled by simultaneously manipulating the inlet solute concentra-

tion (c0), and residence time (τr). The stability regions are obtained using the condition

λmax(N) < 1 derived from the closed-loop stability analysis of the test matrix N in (3.14)

(Fig. 3.2). These stability conditions are obtained as an explicit function of the controller

gain (K), sampling period (∆), and the fault parameter matrix (α).

These regions are plotted as a function of the health status of the actuators–with α1

corresponding to the manipulated inlet concentration (c0) and α2 to that of the residence

time (τr). These are obtained for a sampling period of ∆ = 6min. The blue area enclosed by

the unit contour line shows the region where the process is stable since λmax(N) < 1, while the

pink region denotes process conditions that lead to instability where λmax(N) > 1. Such plots

are useful in predicting the behavior of the process and in determining the appropriate fault-

tolerant response once a fault is identified. A partial malfunction in any of the actuators could

possibly occur such that the operating point is shifted somewhere within the stability region.

This will result in behavior that is not detrimental to process performance and product

quality which does not warrant immediate fault accommodation or control reconfiguration.

Based on this knowledge, the plant supervisor is then able to strategically prioritize which

specific control loop or plant equipment requires maintenance or replacement through this

stability-based closed-loop analysis. For the case where there are more variables to consider

(e.g., a larger number of manipulated variables), instead of a two-dimensional contour plot,

a look-up table with values of the spectral radius of N for varying magnitudes of the process

parameters may be generated offline and then used in the event of a process malfunction in

determining whether a fault warrants an immediate response.

Among the highlights of the data-based fault identification scheme proposed in this chap-

ter is the added capability of identifying partial malfunctions that do not result in system

50

0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

1

1

α2

α1

Figure 3.2. Region of stability based on actuator health was used to determine whetherequipment repair, fault accommodation, or system reconfiguration is required (∆ =6min). Contour plot of λmax(N) for pole values [−1− 2− 3− 4− 5− 6].

instability. Past studies made use of stability-based alarm threshold and are only able to

detect faults resulting in instability. This is approach is proactive in dealing with malfunc-

tions as opposed to reactive schemes where action is triggered only when there is threat of

instability. Machine repair carried out at an early stage may prove to be less costly and

time-consuming as opposed to the urgent repairs or fault accommodation following a more

severe and destabilizing malfunction.

The next subsection illustrates the simulation results of the fault identification for a

system with partial faults that do not lead to instability.

3.5.1 Fault identification under partial faults

For both the simultaneous and continuous faults shown below, the controller gain (K) is

calculated by specifying the location of the poles of A + BK at [−1 − 2 − 3 − 4 − 5 −

6]. Fault identification is carried out by comparing the past 10 data points of the state

measurements and manipulated input, NI = 10, to the discrete model generated in (3.7) by

51

solving the optimization problem in (3.3.2). Actuator faults in both manipulated variables

are investigated and the simulation is carried out under a sampling period of 6min.

The first case involves a simultaneous fault that occurred after 10h where α1 = 0.8 and

α2 = 0.5 where the actuator handling the inlet concentration becomes 20% effective while

the other actuator used in varying the residence time (τr) suffers 50% loss in performance

(Fig. 3.2a-b). The second case involves a consecutive fault occurring after 5h followed by

another one at 10h. The first fault causes an 90% step change in the performance of the

actuator responsible for adjusting the residence time (τr) while the second fault is a gradual

one that causes a linear decline in the control action of the actuator manipulating the inlet

concentration (c0) (Fig. 3.2c-d).

In both cases, the fault identification scheme is shown to be effective and capable of

almost instantaneously locating and quantifying the fault as soon as it happens. However,

jumps in the calculated values of the fault estimation parameters are occasionally observed

right after a fault has taken place. These jumps are visible even in the plot of a fault

estimation parameter that was not directly affected by the fault. This behavior is due to

sudden disruptions in the data points used in the data-based identification method which

included values of the state and the manipulated variable before and after the fault. This

is why the optimization horizon (NI) has to be properly selected—small values result in

inaccuracies in the fault identification while large values lead to sharp jumps or prolonged

settling time. Due to this behavior, plant response should be suspended until the fault

identification scheme settles to a final value. These sharp discontinuities; however, may

provide insight with regards to the health status of a neighboring actuator. In the case of

the consecutive faults, two separate faults were introduced at 10h and 15h. A plot of the

fault estimation parameter devoted to the actuator responsible for manipulating the inlet

concentration (c0) revealed a step change at 10h owing to a malfunction in that actuator;

however, it also revealed a spike at exactly 15h which is when another malfunction affected a

52

neighboring actuator (Fig. 3.3a). Based on that plot alone, one can infer that a malfunction

has occurred within the system.

0 20 40 60 800

0.2

0.4

0.6

0.8

1

Time (h)

α1

Actual valueComputed value

(a)0 20 40 60 80

0

0.2

0.4

0.6

0.8

1

Time (h)

α2


(b)

0 10 20 30 400

0.2

0.4

0.6

0.8

1

Time (h)

α1


(c)0 10 20 30 40

0.5

0.6

0.7

0.8

0.9

1

Time (h)

α2


(d)

Figure 3.3. Actual and calculated values of the fault estimation parameters (∆ = 6min).α1: inlet concentration (c0), α2: residence time (τr). Plots (a)-(b): Simultaneous faults.Plots (c)-(d): Consecutive faults.

3.5.2 Fault identification and accommodation

Fig. 3.4 is a schematic diagram of the fault accommodation logic embedded within the

control architecture. It shows the various responses to a fault depending on whether it

results in instability within the system. If it is not a destabilizing fault, the fault location

and magnitude is noted for upcoming repair or replacement but no immediate action is made

since the system is still stable. If the fault was found to lead to instability, the controller is

reconfigured or the system switches to a different or back-up actuator. The idea is to restore

stability in spite of the fault while avoiding the introduction of disruptions in normal process

53

:

1

1

0

k

l

Set

l

i

*

:Solve

)(

1)(

*

?

l

k

l

k h

)(

1)(

*

?

K

hk

:

2

1k

l

Set

l

1ii*

:

KK

Update

Y

N

Y

N

Fault

Identification

Fault

Accommodation

Figure 3.4. Fault accommodation logic.

operation.

To illustrate the fault accommodation capabilities of the control architecture, a destabi-

lizing fault was introduced after 10h of operation, causing the actuator controlling the inlet

concentration (c0) to drop its effectiveness from 100% to 45%. Initially, the fault-free system

has a controller gain K such that the poles of A + BK are at [-9.5 -2 -3 -4 -5 -6] under a

sampling period of ∆ = 6min. A fault occurs and the system identifies both the location

(α1) and magnitude of the fault (Fig. 3.5). Using the original parameter values and the

new faulty condition, the spectral radius of N is calculated and the fault is determined to be

destabilizing. The new operating point is now inside the pink unstable region (Fig. 3.6a). To

avoid instability, fault accommodation is carried out using the plot of the region of stability

(Fig. 3.6a). The x-axis in the plot is based on the first pole location which is the only pole

that was modified in order to vary the controller gain. The controller gain (K) is adjusted

by shifting the location of the poles of A + BK to [−6.4 − 2 − 3 − 4 − 5 − 6]. This shifted

54

the operating point into the stable region once again. The simulation plots of the dynamics

of the manipulated variables demonstrate the destabilizing effect of the fault in the absence

of fault accommodation. These undesired effects are avoided through fault identification

and fault accommodation which was able to re-establish stability even after a potentially

disruptive fault.

0 10 20 30 40 500

0.2

0.4

0.6

0.8

1

Time (h)

α1


(a)0 10 20 30 40 50

0.5

0.6

0.7

0.8

0.9

1

Time (h)

α2


(b)

Figure 3.5. Fault identification after a potentially destabilizing fault at 10h with ∆ =6min. α1: inlet concentration (c0), α2: residence time (τr).

3.6 Conclusions

This chapter dealt with the design and analysis of a system with sampled state measurements

to demonstrate a fault-tolerant control strategy for particulate processes which included a

data-based fault identification scheme and a fault accommodation set-up that handles desta-

bilizing faults. Fault-tolerance is important since faults or even non-destabilizing malfunc-

tions can lead to process instability and/or inferior product quality. This fault identification

scheme provides a timely technique for a fault-tolerant system that is able to readily deal

with faults and malfunctions right after they are detected. This may be carried out by

scheduling system maintenance, fault accommodation, or system reconfiguration. To en-

sure robustness against faults, a stability region was constructed to analyze the stability

properties of the system as a function of the controller design parameter (K), sampling

time (∆), and actuator health (α). After a fault was detected, this stability region was

55

−10 −9.5 −9 −8.5 −8 −7.5 −7 −6.5 −6

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

11

1

1

Pole value, λ

α1

Faultoccurrence

Fault identificationand accommodation

λ = −9.5α

1=1

λ = −6.4α

1=0.45

λ = −9.5α

1=0.45

(a)

0 20 40

994

996

998

1000

1002

Time (h)

Fe

ed

co

nce

ntr

atio

n,

c o (

kg/m

m3)

(b)0 20 40

298.28

298.3

298.32

298.34

298.36

298.38

Time (h)

Te

mp

era

ture

, T

(K

)

(c)

0 20 40

998.5

999

999.5

1000

Time (h)

Fe

ed

co

nce

ntr

atio

n,

c o (

kg/m

m3)

(d)0 20 40

298.31

298.32

298.33

298.34

Time (h)

Te

mp

era

ture

, T

(K

)

(e)

Figure 3.6. Fault identification and accommodation re-establishes stability after a poten-tially destabilizing fault. Plot (a): Region of stability based on the health of the actuatorcontrolling the inlet concentration (c0), α1 and the first pole value (λ) used to find thecontroller design parameter K (α2 = 1). Plots (b)-(c): Dynamic profiles of (b) inlet con-centration (c0), and (c) residence time (τr) without fault accommodation. Plots (d)-(e):Dynamic profiles of (d) inlet concentration (c0), and (e) residence time (τr) under faultaccommodation. 56

used to determine the appropriate control action which may involve: fault accommodation

by switching to a different controller gain (K), varying the sampling time (∆), or simply

scheduling future equipment maintenance or repair when the minor malfunction is not found

to be destabilizing. A future expansion in this area will include accounting for the case when

only output measurements are available instead of full state measurements. This is a more

realistic case since the measurements of the concentration (c) and temperature (T ) are more

readily available when compared to the moments of the particle size distribution (µ0, µ1, µ2,

µ3).

57

Chapter 4

Model-based fault-tolerant control of

uncertain particulate processes:

integrating fault detection, estimation

and accommodation

This chapter is on fault identification and accommodation in particulate processes with

discretely-sampled measurements and plant-model mismatch. This is done by designing a

state feedback controller based on a reduced-order model describing the dominant dynamics

of the infinite-dimensional system. While measurements are unavailable, a model generates

state estimates which are updated each sampling time. A moving-horizon least-squares pa-

rameter optimization is utilized for online actuator fault identification using historical data.

The closed-loop stability properties of the discrete-continuous system is used in fault accom-

modation by updating parameters in the model and/or the controller. This is illustrated

using a non-isothermal continuous crystallizer.

This chapter is structured accordingly: Section 4.1.2 contains the problem formulation

and solution overview which is followed by the design of finite-dimensional sampled-data

control system in Section 4.3. This system is then subjected to a closed-loop stability analysis

under measurement sampling in Section 4.4. Results from this analysis are then used in

58

Section 4.5 to derive strategies for data-driven fault identification and accommodation. These

techniques are applied to a simulated non-isothermal continuous crystallizer in Section 4.6

and some concluding remarks are discussed in Section 4.7. Findings in this chapter were

first presented in [51].

4.1 Preliminaries







∂n

∂t= −

∂(G(z, r) · n)

∂r+ wn(n, z, r), n(0, t) = b(z(t)) (4.1)


∫ rmax

0

q(n, z, r)dr (4.2)











59







yι(t) = hι

(∫ rmax

0cκ(r)n(r, t)dr, z






The control objective is to stabilize the process at some desired equilibrium state in the pres-

ence of actuator faults using discretely-sampled state measurements. The problems under

consideration include: fault-free process regulation using discretely-sampled measurements,

timely identification and isolation of the actuator faults in the presence of model uncertainty,

fault compensation to maintain the desired stability and performance characteristics through

fault accommodation. To address these problems, we consider the following methodology:

• Model reduction: Derive a finite-dimensional model through model reduction tech-

niques. This reduced-order model captures the dominant dynamics of the infinite-

dimensional system describing the continuous crystallizer.

• Controller synthesis: Use the reduced-order model to synthesize a model-based state

feedback controller that regulates the process states at the desired steady-state in the

absence of faults. To account for measurement sampling, the controller calculates the

control action based on state estimates generated by a model.

• Analysis: Obtain an explicit characterization of the maximum allowable sampling pe-

60

riod that guarantees fault-free stability and residual convergence. This stability condi-

tion is given in terms of the model accuracy, the sampling period, the fault estimation

parameter/s in the model, and the controller design parameters.

• Fault identification: Derive a strategy for data-based fault identification using moving

horizon estimation wherein an optimization problem is solved at each sampling time

to calculate estimates of the fault parameter/s in each actuator. Use bounds on the

model uncertainty to obtain a confidence interval for each fault parameter.

• Fault accommodation: Formulate a fault accommodation logic that determines the

appropriate fault accommodation strategy in response to a fault based on the confi-

dence intervals obtained for each fault parameter following fault identification. Possible

responses to a fault include: no action, model update, controller reconfiguration, or

actuator switching. The goal is to preserve stability and plant performance while

introducing minimal process interference.

Figure 4.1 is a schematic depiction of the different layers in the hierarchical structure

for fault identification and accommodation. This architecture shows the main components

in the design: controller, process, fault identifier, supervisor. At each sampling time, the

fault identifier updates its set of data with the current sensor measurement and uses it to

calculate estimates of the fault parameter. This information is sent to the supervisor which

determines the appropriate control action. The next sections provide a detailed description

of the design and implementation of the proposed structure.


A well-mixed non-isothermal continuous crystallizer is used throughout the paper. The

model-based fault detection and accommodation framework is designed and implemented on

this system but is also applicable to other processes modeled by infinite-dimensional partial

integro-differential equations.

61

Particulate Process

Sensors

Fault Identifier

Continous-time

model

Controller

Actuators

Fault

accommodation

strategy

Supervisor

Discrete-time

model

Optimization

problem

Data storage

u

xi

x(tj)

Figure 4.1. Overview of the integrated control architecture with fault identification andaccommodation.


phase. The continuous phase is the fluid phase which surrounds the distributed, dispersed

phase. The dispersed phase is described by a particle size distribution whose shape reflects

some property of the end-product which we would like to control. Due to the combined

presence of the two phases in this system, apart from the mass balance for the continuous

phase, it is necessary to include a population balance on the dispersed phase. Under the as-

sumptions of spatial homogeneity, constant volume, mixed suspension, nucleation of crystals

of infinitesimal size, mixed product removal, and a single internal particle coordinate—the

particle size (r); a dynamic crystallizer model can be derived:

62

∂n

∂t= k1(cs − c)

∂n

∂r−

n


(−k3

(c/cs−1)2

)

dc

dt=

(c0 − ρ)

ǫτr+

(ρ− c)

τr+

(ρ− c)

ǫ

dǫ

dt

dT

dt=

ρcHc

ρCp

dǫ

dt−

UAc

ρCpV(T − Tc) +

(T0 − T )

τr

(4.3)

where n(r, t) is the number of crystals of radius r ∈ [0,∞) at time t per unit volume of

suspension; τr is the residence time; c is the solute concentration in the crystallizer; ρ


∞

0n(r, t)π 4




; c0 is the concentration of solute entering the crystallizer; k1,

k2 and k3 are constants; and δ(r − 0) is the standard Dirac function. The term containing

the Dirac function accounts for the nucleation of crystals of infinitesimal size while the first

term in the population balance represents the particle growth rate. The process dynamics

is characterized by an unstable steady-state surrounded by a stable periodic orbit. This

results from the highly oscillatory behavior exhibited by the crystallizer due to the relative

nonlinearity of the nucleation rate as compared to the growth rate. The control objective

is to suppress this oscillatory behavior in the presence of actuator faults by stabilization

at an unstable steady-state that corresponds to the desired particle size distribution by

manipulating the solute feed concentration (c0) and/or residence time (τr).

Through method of moments, a sixth-order ordinary differential equation system is de-

rived to describe the temporal evolution of the first four moments of the particle size dis-

tribution, solute concentration, and temperature (see [7] for a detailed derivation). The

reduced-order model can be cast in the following form:

63

dµ0

dt=

−µ0

τr+

(1−

4

3πµ3

)k2e

−k3

( ccs

−1)2

e−EbRT

dµv

dt=

−µv


−EgRT , v = 1, 2, 3

dc

dt=


τr(1− 4

3πµ3

)

dT

dt= −

ρHc

ρCp

dµ3

dt−

UAc

ρCpV(T − Tc) +

(T0 − T )

τr

(4.4)


surrounded by a stable limit cycle at:

xs = [µs0 µs

1 µs2 µs

3 cs T s]T

= [0.0047 0.0020 0.0017 0.0022 992.95 298.31]T(4.5)

Sampled measurements of the moments (µ0, µ1, µ2, µ3), solute concentration (c), and tem-

perature (T ) are the manipulated variables used to control the process. These state measure-

ments are collected discretely and sent to the controller where the control action is calculated

and finally sent to the actuator.



x(t) = Ax(t) +Bkuk(t) (4.6)

where t ∈ [0,∞) is the time; x(t) is the vector of state variables; uk(t) = [uk1(t) · · · uk

m(t)]T

is the vector of manipulated inputs in deviation variable form, m is the number of ma-

nipulated inputs, k is a discrete variable denoting the active control actuator configu-

ration. The state vector is expressed as a deviation variable, x(t) = χ(t) − xs, where

χ(t) = [µ0(t) µ1(t) µ2(t) µ3(t) c(t) T (t)]T ; and A and Bk are constant matrices given by:

A=∂f

∂x

∣∣∣∣(xs,uk

s )

, Bk =∂f

∂uk

∣∣∣∣(xs,uk

s )

where uks denotes the steady state values for the available

manipulated inputs in the k-th control configuration. Throughout the paper, we use the

norm notations | · | and ‖·‖ to represent the standard Euclidean norm and the L2 norm,

64

respectively. Furthermore, the notation x(τ−k ) will be used to denote the limit limt→τ−kx(t).

Table 4.1 gives the process parameters and steady state values used in the simulated crys-

tallizer example.


ρc = 1770 kg/m3 ρCp = 3000 J/m3 ·K

cso = 1000 kg/m3 Hc = −50 J/kg

τr = 1h U = 1800W/K ·m2


Eb = 0.00001 kJ/mol V = 0.01m3

T sc = 298K T s

o = 303K

R = 0.008314 kJ/mol ·K

k1 = 0.05064mm ·m3/kg · h k1 = k1e(−EgR·T

)

k2 = 7.957 (mm3 · h)−1 k2 = k2e(−EbR·T

)

k3 = 0.001217 k3 = k3

4.3 Finite-dimensional sampled-data control system

4.3.1 State feedback controller synthesis

The control system design involves first synthesizing a state feedback controller that stabilizes

the finite-dimensional system when the sensors continuously transmit data to the controller.

We consider the following discrete controller for simplicity:

uk(t) = Kx(t), t ∈ [τj , τj+1) (4.7)

4.3.2 Implementation under measurement sampling

The implementation of the controller of (4.7) requires continuous availability of the sensor

measurements. Due to measurement sampling, the controller cannot be directly implemented

65

since the output measurements are only available at discrete time instances. To compensate

for the unavailability of continuous measurements, an inter-sample state estimator is used in

the control design. At each sampling time, the corresponding values of the measured states

are instantaneously transmitted to the controller and are used to update the corresponding

model states. The model-based state feedback controller is implemented as follows:

uk(t) = Kx(t), t ∈ [τj , τj+1)

˙x(t) = Ax(t) + Bkuk(t), t ∈ [τj , τj+1)

x(τj) = x(τj), j ∈ {0, 1, · · · }

(4.8)

where x is the vector of estimated state variables which is used in generating the inter-sample

control by utilizing model estimates of the state x(τj) until the next state measurement

x(τj+1) is available, j denotes each sampling instance, and τj are the update times when

values of the state are collected. The A and Bk matrices in the linearized plant model

are approximated by the constant matrices A and Bk. Note that, in general, A 6= A and

Bk 6= Bk to account for plant-model mismatch. The model uncertainty can be explicitly

represented by ∆A and ∆Bk such that A = A+∆A and Bk = Bk +∆Bk.

It is assumed that the model-based state feedback controller of the above form enforces

closed-loop stability when sensor readings are unavailable such that the origin of the closed-

loop model satisfies:

‖x(t)‖ ≤ γ‖x(τ0)‖e−ϕ(t−τ0) (4.9)

where γ ≥ 1 and ϕ > 0.

4.3.3 Fault model for continuous system

To model the fault, the reduced, linearized system dynamics is written in the following form:

x(t) = Ax(t) +Bkαkuk(t)

˙x(t) = Ax(t) + Bkαkuk(t)(4.10)

where αk = diag{αk1, · · · , α

km} is a diagonal fault parameter matrix that accounts for the

presence of actuator faults or malfunctions in the system. Each of the diagonal elements

66

in the fault parameter matrix (αk) characterizes the local health status of the individual

actuators, where m is the total number of actuators in the k-th configuration. The entries

of the fault matrix (αk) take values between zero and one where zero denotes total actuator

failure while one denotes the fault-free state. In the absence of faults, αk = I where I is the

identity matrix. The diagonal fault model parameter matrix αk = diag{αk1, · · · , α

km} is used

by the model to account for the faults that occur in the plant. Entries of this matrix are

decision variables generated from the fault identification and accommodation scheme which

will be discussed in later sections. The controller gain (K) is chosen to ensure that the

eigenvalues of A+ BkαkK lie in the open left half of the complex plane.

4.4 Closed-loop stability analysis under measurement

sampling

To simplify the analysis, we consider the case when the update period is constant and equal

for all the sensors, i.e., all the state measurements are available to the controller every ∆

hours. Defining the model estimation error as e(t) = x(t) − x(t), the overall closed-loop

system can be formulated as a discrete-continuous system:

x(t) = (A−∆A)(t) + (Bk −∆Bk)αkuk(t)

˙x(t) = Ax(t) + Bkαkuk(t)

e(τj) = 0, j = 0, 1, 2, · · ·

(4.11)

By analyzing the obtained discrete-continuous system, the following theorem is obtained

which provides a sufficient condition for stability of the networked closed-loop finite-dimensional

system in terms of the update period, model uncertainty, and controller design parameters.

Theorem 4.1. Consider the closed-loop system of (4.6) subject to the control and update law

of (4.8), if ∆ is chosen such that:

Γk(∆) := γ

(e−ϕ∆ +

LA

ϕ+ LBk

(eLA∆ − e−ϕ∆)

)< 1 (4.12)

67

then the networked closed-loop states satisfy:

‖x(τ−j+1)‖ < ‖x(τj)‖, ∀j = 0, 1, 2, · · · (4.13)

where LA = ‖A − A‖ and LBk = [‖Bk‖‖αk − αk‖ + ‖∆Bk‖‖αk‖]‖K‖. Furthermore,

limj→∞‖x(t)‖ = 0.

Proof. From the definition of the error e(t), we have e(t) = ˙x(t)− x(t). Substituting for ˙x(t)

and x(t) from (4.10) yields:

e(t) = (A−A)e(t) + [Bk(αk − αk) + ∆Bkαk]uk(t) (4.14)

Solving the above equation, we have, for t ∈ [τj , τj+1):

e(t) = e(τj) +

∫ t

τj

(A− A)e(τ)dτ

+

∫ t

τj

[Bk(αk − αk) + ∆Bkαk]Kx(τ )dτ

(4.15)

Taking the norm on both sides and using e(τj) = 0:

‖e(t)‖ ≤ ‖A− A‖

∫ t

τj

‖e(τ)‖dτ + [‖Bk‖‖αk − αk‖

+‖∆Bk‖‖αk‖]‖K‖

∫ t

τj

‖x(τ)‖dτ

:= LA

∫ t

τj

‖e(τ )‖dτ + LBk

∫ t

τj

‖x(τ)‖dτ

(4.16)

where LA = ‖A− A‖ and LBk = [‖Bk‖‖αk − αk‖+ ‖∆Bk‖‖αk‖]‖K‖. Substituting for ‖x‖

in (4.9):

‖e(t)‖ ≤LBkγ

ϕ‖x(τj)‖(1− e−ϕ(t−τj ))

+LA

∫ t

τj

‖e(τ)‖dτ(4.17)

Applying Gronwall-Bellman inequality for t ∈ [τj , τj+1):

‖e(t)‖ ≤ ‖x(τj)‖LBkγ

ϕ+ LA

(eLA(t−τj ) − e−ϕ(t−τj ))

:= ‖x(τj)‖ Ξk(t− τj)

(4.18)

68

From the above inequality, we note that the estimation error will be zero if ∆ is zero.

With this bound on model estimation error and the bound on model state given in (4.9),

a bound on the state of the system of (4.6) using the triangular inequality is obtained

‖x(t)‖ ≤ ‖x(t)‖+ ‖e(t)‖ and we can show that, for t ∈ [τj , τj+1):

‖x(t)‖ ≤ ‖x(τj)‖Γk(t− τj) (4.19)

where Γk(∆) = γe−ϕ∆ + Ξk(∆). This implies that the closed-loop state remains bounded

between update times, i.e.,

‖x(t)‖ ≤ µ‖x(τj)‖ (4.20)

where µ is the maxima of the continuous function Γk(·) over the interval [0,∆]. Using (4.19)

to calculate ‖x(τ−j+1)‖, we finally obtain:

‖x(τ−j+1)‖ − ‖x(τj)‖ ≤ (Γk(∆)− 1)‖x(τj)‖ (4.21)

Clearly, if Γk(∆) < 1, then ‖x(τ−j+1)‖ − ‖x(τj)‖ < 0 and (4.13) holds which implies that

limj→∞‖x(τj)‖ = 0. Substituting this estimation into (4.20), we finally have limj→∞‖x(t)‖ =

0.

Remark 4.1. It can be seen from (4.12) and the definition of LA and LBk that the given

bound on the minimum stabilizing communication rate is dependent on the degree of plant-

model mismatch and the controller design parameters. The stability condition can therefore

be used to explicitly characterize the relationship between these various factors.

4.5 Data-driven actuator fault identification and ac-

commodation

4.5.1 Discrete fault model

The continuous equation in (4.10) is converted into a discrete form to compare discrete

estimates to the historical input and state measurements. The modified system takes the

69

form:

x[j + 1] = Adx[j] +Bkdα

kuk[j]

x[j + 1] = Adx[j] + Bkd α

kuk[j](4.22)

subject to the update law:

x[j] = x[j], j ∈ {0, 1, · · · } (4.23)

where x[j] = x(τj) is the vector of discrete process states, x[j] = x(τj) is the vector of

discrete state estimates, and uk[j] = uk(τj) the vector of discrete input data. The update

period ∆ = τj+1 − τj is the time interval between discrete consecutive measurements, j is

the update instance, and Ad, Bkd , Ad and Bk

d are discrete versions of the constant matrices

A, Bk, A, and Bk; respectively.

4.5.2 Data-based fault identification

Fault identification involves estimating the value of the fault parameter matrix αk using past

state measurements and manipulated inputs. These values are fitted to the fault model in

(4.22) using the cost function:

J(ζj, α∗) =

j−NI+1∑

p=j

(∥∥∥x[p + 1]− Adx[p]− Bkdα

∗uk[p]∥∥∥2)

(4.24)

where ζj = {(x[j − p], uk[j − p])|p = 1, 2, · · · , NI} denotes the past NI historical data of

the state measurements and the manipulated inputs for each jth sampling instance. Using

a large value for NI results in higher accuracy for calculated values obtained for the fault

estimation matrix α∗. However, this may also result in a high computational load as well as

discontinuities in the values of α∗ particularly right after a fault has occurred since the pool

of I/O data used in the calculations will involve conflicting data taken both before and after

the fault. This parameter should therefore be selected appropriately. Note that the fault

identification scheme makes use of the constant matrices, Ad and Bkd , from the inter-sample

model since plant dynamics are not fully known by the system in actual applications.

70

Using the cost function in (4.24), a finite-horizon least squares optimization problem is

developed:

minα∗

J(ζj, α∗) (4.25)

s.t. 0 ≤ α∗

1,2,··· ,m ≤ 1

Note that calculated values of the fault estimation matrix α∗ may slightly differ from the

actual values αk even without model uncertainty at the onset of the fault.

Due to the discrepancy between the model and process (i.e., A 6= A and Bk 6= Bk leads to

Ad 6= Ad and Bkdα

k 6= Bkd α

k), the optimal solution α∗ of the optimization problem of (4.25)

is not exactly the same as the actual fault parameter αk. However, Ψ(α∗), an estimation

interval of αk dependent on α∗ may be obtained. This result provides an estimate of the size

of the fault and can be used for fault detection. For a given update period ∆ that satisfies

the stability condition of (4.12), a fault on the l-th actuator can be detected at Td when the

upper bound of Ψ(α∗

l ) is less than 1; since, in that situation, we can easily obtain a fault

parameter such that αkl < 1.

Remark 4.2. Compared with the fault detection approach in [52], the fault identification

method proposed in this section is not only capable of determining the presence of a fault,

but is also useful in locating faulty actuators. This fault isolation mechanism is very useful

especially when several actuators are used in control.

Remark 4.3. When the continuous model of (4.6) is exactly the same as that of the process

in (4.8) (e.g., A = A and Bk = Bk), it is easy to show that the discrete model and the

process take the same form (e.g., Ad = Ad and Bkd (·) = Bk

d(·)) and the optimization problem

of (4.25) used for fault identification can be reduced as:

minα∗

NI−1∑

p=0

‖(Bkdα

k −Bkdα

∗)uk‖2 (4.26)

71

As we can see from the above formulation, α∗ = αk is always an optimal solution. Therefore,

if a perfect model is used for both control and fault identification, the estimation interval of

αkl collapses to a single point which is the same as the value of the actual fault parameter of

the process, αkl . In this case, we declare that a fault takes place at the l-th actuator when

α∗

l < 1, and the extent of the fault is determined as αk = α∗.

4.5.3 Fault accommodation

Following the detection of a fault in the operating control configuration, we need to deter-

mine whether corrective action (e.g., updating αk using α∗ or using a new feedback gain K∗)

is required to preserve closed-loop stability. When the partial fault is not significant enough

to impair the stability properties of the process, switching to a new control configuration is

not necessary. Considering this situation, we develop a stability-based fault accommodation

logic which is formulated in Algorithm 3.1. The key idea is to maintain the current control

configuration if all the elements of Ψ(α∗

l ); l = 1, · · · , m satisfy the stability condition of

(4.12), otherwise, the system should switch to a new control configuration which guarantees

the stability of the closed-loop system. Fig. 4.2-4.3 are schematic diagrams of the fault ac-

commodation logic embedded within the control architecture with and without plant-model

mismatch.

Remark 4.4. Besides considering the stability requirement to compensate for the destabi-

lizing effect of the actuator fault, it is possible to incorporate performance criteria in the

accommodation logic to determine the optimal solution between all stabilizing backup con-

trol configurations. Also note that Algorithm 3.1 not only considers the case of a single

fault, but also can be applied in the case of multiple and simultaneous faults. In this case,

the solution of the optimization problem of (4.25) also determines which of the actuators is

faulty. The fault may be accommodated following the similar approach in Algorithm 3.1, by

72

Algorithm 3.1

1. Choose ∆ that satisfies (4.12) and set αk = αk = 1, j = 0

2. Solve (4.25) for α∗ and estimate Ψ(α∗

l ) for each α∗

l , l = 1, · · · , m

3. If for any ϑl ∈ Ψ(α∗

l ), (4.12) is violated with αkl = ϑl

4. If for all ωl ∈ Ψ(α∗

l ), α∗

l satisfies (4.12) with αkl = ωl and αk

l = α∗

l

5. Update αkl using α∗

l at next transmission time and GOTO step 12

6. Else if any K∗ satisfies (4.12)

7. Update K using K∗ at next transmission time and GOTO step 12

8. Else

9. Replace l-th actuator with a new actuator that satisfies (4.12), set αkl = αk

l = 1

at next transmission time and GOTO step 12

10. End if

11. Else

12. Implement the next sequence j = j + 1 and GOTO step 2

13. End if

73

updating all α∗

l associated with the faulty actuators or by using a new feedback gain.

Remark 4.5. As mentioned in Remark 4.3, when a perfect model is implemented for control

and fault identification (e.g., ∆A = 0 and ∆Bk = 0), the estimation interval of αkl , Ψ(α∗

l )

will shrink to a point, α∗

l . In this case, the fault accommodation logic will be modified as in

Algorithm 3.2.

Remark 4.6. The algorithms differ in steps 2-4. In a perfect model, the fault identification

and accommodation policy is simplified, since the stability condition (4.12) only needs to be

satisfied for a specific point α∗

l , instead of all values in the estimation interval Ψ(α∗

l ).

0

1

1ˆ

1

:

0

1

1

1

i

l

Set

k

l

k

l

ˆk

l

k

l

)(

:

*

*

l

Solve

)*

l((

*

))(

,(

1)(

*

?

ll

l

k

l

k h

)*

l((l

,l( k

l

l

1?

(k

))(

ˆ

,(

1)(

*

*

?

ll

l

k

l

l

k

l

k h

)*

l((l

*

lˆk

l

l( k

l

l

1?

k

)(

1)(

*

?

K

hk

K

1?

(k

1ˆ

1

2

:

1

1

2

k

l

k

l

l

Set

ˆk

l

k

l

11ii*

ˆ

:

l

k

l

Update

*

lˆk

l*

:

KK

Update

K

Y

N

Y Y

N N

Fault

Identification Fault Accommodation

Figure 4.2. Fault accommodation logic with model uncertainty.

4.6 Fault tolerant control application

A non-isothermal continuous crystallizer is selected to illustrate the proposed fault-tolerant

scheme. Discrete measurements of the moments of the particle size distribution (µ0, µ1, µ2,

74

Algorithm 3.2

1. Choose ∆ that satisfies (4.12) and set αk = αk = 1, j = 0

2. Solve (4.25) for α∗

3. If for any α∗

l , (4.12) is violated with αkl = α∗

l

4. If for any α∗

l , α∗

l satisfies (4.12) with αkl = αk

l = α∗

l

5. Update αkl using α∗

l at next transmission time and GOTO step 12

6. Else if any K∗ satisfies (4.12)

7. Update K using K∗ at next transmission time and GOTO step 12

8. Else

9. Replace l-th actuator with a new actuator that satisfies (4.12), set αkl = αk

l = 1

at next transmission time and GOTO step 12

10. End if

11. Else

12. Implement the next sequence j = j + 1 and GOTO step 2

13. End if

75

:

1

1

0

k

l

Set

l

i

*

:Solve

)(

1)(

*

?

l

k

l

k h

)(

1)(

*

?

K

hk

:

2

1k

l

Set

l

1ii*

:

KK

Update

Y

N

Y

N

Fault

Identification

Fault

Accommodation

Figure 4.3. Fault accommodation logic without model uncertainty.

µ3), concentration (c), and temperature (T ), are used to control the system. The system is

controlled by simultaneously manipulating the inlet solute concentration (c0), and residence

time (τr). The inter-sample state estimator is used to estimate values of the states when

sensor measurements are unavailable. Simulations are performed under a sampling period

(∆) of 0.1h.

The stability regions are obtained using the condition Γk(∆) < 1 which is derived from

the closed-loop stability analysis of the discrete-continuous system in (4.12) (Fig. 4.4). These

stability conditions are obtained as an explicit function of the controller gain (K), sampling

period (∆), and the fault parameter matrix (αk), plant model mismatch (∆A, ∆B), and

control configuration (Bk, Bk).

Each of the diagonal elements in the fault matrix (α) characterizes the local health status

of the individual actuators. In the initial control configuration (k = 1), two actuators are

utilized for control: α1 represents the health of the actuator related to the first manipulated

76

variable (u11) used to vary the inlet concentration (c0) and α2 is for the other actuator used to

adjust the second manipulated variable (u12), the residence time (τr). The regions of stability

are plotted as a function of the health status of the first actuator (α1) against the fault

model parameter (α1). The blue area enclosed by the unit contour line shows the region

where the process is guaranteed to be stable since Γk(∆) < 1. These two contour plots are

useful when there is a single fault in the actuator controlling the inlet concentration since

these are generated by setting the fault parameters of other actuators equal to one thereby

signifying their fault-free status. Similar plots may be generated for other conditions. Such

plots are useful in predicting the behavior of the process and in determining the appropriate

fault-tolerant response once a fault is identified. A partial malfunction in any of the actuators

could possibly occur such that the operating point is shifted somewhere within the stability

region. Such faults are not detrimental to process performance and product quality and;

therefore, do not warrant immediate fault accommodation or control reconfiguration. Based

on this knowledge, the plant supervisor is then able to strategically prioritize which specific

control loop or plant equipment requires maintenance or replacement through this stability-

based closed-loop analysis. In cases where there are more variables to consider (e.g., a larger

number of manipulated variables), instead of a two-dimensional contour plot, a look-up table

with values of Γk(∆) for varying magnitudes of the process parameters may be generated

offline and then used to judge if an identified fault requires urgent attention.

Among the highlights of the data-based fault identification scheme proposed in this chap-

ter is the added capability of identifying partial malfunctions that do not result in system

instability. This is an improvement over past studies which utilize a stability-based alarm

threshold and is; therefore, a more proactive approach to malfunctions as opposed to the

reactive method wherein action is triggered only when there is a threat of instability. This

allows for timely machine repair which may prove to be less costly and time-consuming

compared to the urgent repairs or equipment replacement following a severe destabilizing

77

malfunction.

This chapter proposes a general approach for data-based fault identification which is

applicable to systems where model uncertainties are present. Previous studies were carried

out with the assumption that a perfect model of the system was in place. This simplifies

the fault identification scheme but does not represent actual plant conditions where model

inaccuracies are commonplace and may have drastic effects on the stability of the closed-loop

system. The contour plots of the region of stability for different systems with and without

plant-model mismatch show that uncertainties can significantly limit the range of parameters

under which a system is still stabilizable (Fig. 4.4). When there is a perfect model, the system

is more tolerant to differences in values of α1 and α1 and is still closed-loop stable under

severe malfunctions.

In the hypothetical fault scenario, model uncertainty results in inaccurate values for the

k3 parameter, an experimentally determined constant that influences the growth rate of

particles in the continuous crystallizer in (4.3). Both regions of stability take the form of a

diagonal figure that is symmetric on the α1 = α1 axis. This is reasonable since, in the best

case scenario, the fault model parameter α1 should be equal to the actual fault parameter

α1.

4.6.1 Fault identification

For both the simultaneous and continuous faults introduced, the controller gain (K) is cal-

culated by specifying the location of the poles of A+ BkαkK at [−1 − 2 − 3 − 4 − 5 − 6].

Fault identification is carried out by solving for the fault estimation matrix (α∗) in the op-

timization problem in (4.25). This is done by comparing the past 20 data points (NI = 20)

of the state measurements and manipulated input to values generated by the discrete model

in (4.22). Actuator faults in the manipulated variable responsible for controlling the inlet

solute concentration (c0) are investigated and the simulation is carried out under a sampling

period (∆) of 0.1h. All faults are introduced after 1h of operation.

78

0.2 0.4 0.6 0.8 1

0.2

0.4

0.6

0.8

1

1

1

1 1

1

1F

au

lt p

ara

me

ter

Fault model parameter (a)0.2 0.4 0.6 0.8 1

0.2

0.4

0.6

0.8

1 1

1

1

1

1

Fa

ult

pa

ram

ete

r

Fault model parameter (b)

Figure 4.4. Plots (a)-(b): Region of stability is larger with a perfect model (a) comparedto one with model uncertainty (b). The feed concentration (c0) and residence time (τr)are the manipulated variables (u1(t) = [u11(t) u12(t)]

T = [c0(t) τr(t)]T ). Contour plots

of Γk(∆) plotted against different values of the fault parameter (α11) and fault model

parameter (α11).

In both cases, the fault identification scheme is shown to be effective in quantifying and

almost instantaneously locating faults—limited primarily by the measurement sampling.

However, jumps in the calculated values of the fault estimation parameters are occasionally

observed right after a fault. This is attributed to sudden disruptions in the data points used in

the data-based identification method which includes values of the state and the manipulated

variable before and after the fault occurred. This is why the optimization horizon (NI) has

to be properly selected—small values result in inaccuracies in the fault identification while

large values lead to sharp jumps or prolonged settling time. Hence, the selection of the

appropriate fault accommodation strategy should be suspended until the fault identification

scheme settles to a final value for the fault estimation parameter.

The first case involves a malfunction wherein the actuator controlling the feed concen-

tration (c0), the first manipulated variable (u11), becomes 90% effective (α1 = 0.9) while the

other actuator used in varying the residence time (τr) remains fault-free (α2 = 1) (Fig.4.5a).

Prior to the fault, the fault parameters (α1, α2) and fault model parameters (α1, α2) for all

the actuators are equal to one. The fault is almost immediately identified and is reflected

by changes in the calculated values of the fault estimation parameter (α∗

1) which eventually

79

settles to a final value of 0.8246. The offset in the fault magnitude (α1) and the fault es-

timation (α∗

1) is due to the model uncertainty. Since there is a plant-model mismatch, the

estimated values of the fault are unreliable but yield some information about the range of

possible values of the fault parameter: α1 = Ψ(α∗

1) = [0.95, 1] (Fig. 4.5b). The red vertical

line in Fig. 4.5b indicates the estimation interval for the fault parameter. In the absence of

model uncertainty, this line will shrink to a point in the stability region. An examination

of the region of stability shows that this range of values for α1 is still within the region of

stability at the original value of the fault model parameter α1 = 1. Hence, the fault will not

result in system instability and plant operations may resume without having to modify the

fault model parameter α1. This is verified by the dynamics of the total particle size (µ1)

and inlet solute concentration (c0) which reveal that the fault does not significantly disrupt

plant performance and the states eventually settle to their steady state values (Fig. 4.5c-d).

In the second scenario, a fault causes a 40% drop in the performance of u11, the actuator

modifying the feed concentration (c0); this time leading to plant instability. The fault param-

eter matrix then shifts from α = diag{α1, α2} = diag{1, 1} to α = diag{0.4, 1} (Fig.4.6a).

The fault identification scheme is able to estimate the fault at α∗

1 = 0.3675 which is used to de-

termine the range of possible fault parameter values in the system: α1 = Ψ(α∗

1) = [0.4, 0.475]

(Fig. 4.6a-b). From the contour plot, one can observe that for α∗

1 = 0.3675, there are values

of the fault parameter (α1) that fall outside the stability region for all values of the fault

model parameter (α1) (Fig. 4.6b). There is, therefore, no guarantee of closed-loop stability

for this fault. Plots of the evolution of the state and the faulty manipulated input reveal that

the plant eventually becomes unstable (Fig.4.6c-d). To avoid plant instability, the supervisor

must then determine the best approach for fault accommodation.

Since there is no stabilizing α1 value for α1 = 0.4, the next alternative is to search

for a stabilizing K∗ value when α1 = 0.4 and α1 = 1 (Fig. 4.7a). The stability region is

then plotted as a function of the fault parameter (α1) and the control design parameter.

80

0 5 100.75

0.8

0.85

0.9

0.95

1

1.05

Time (h)

Fa

ult

Ide

ntif

ica

tion

α1

α1*

(a)0.2 0.4 0.6 0.8 1

0.2

0.4

0.6

0.8

1

1

11

1

Fa

ult

pa

ram

ete

r


0 5 10

1.85

1.9

1.95

2

x 10−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(c)0 5 10

988

990

992

994

996

998

1000

Time (h)

Fe

ed

co

nce

ntr

atio

n,

c o (

kg/m

m3)

(d)

Figure 4.5. Plots (a)-(d): Fault identification after a partial fault (α1 = 0.9) at t = 1h.Plot (a): Dynamics of fault parameter (α1) and fault estimation parameter (α∗

1). Plot(b): Region of stability with the estimation interval α1 = Ψ(α∗

1) = [0.95, 1] for α1 = 1 (redline). Plots (c)-(d): Dynamics of the state (µ1) (c) and the faulty actuator controllingthe manipulated variable u11, the feed concentration (c0) (d).

Recall that the feedback gain K is selected using pole placement such that the poles of the

system A + BkαK are at p = [λ p2 p3 p4 p5] = [−1 −2 −3 −4 −5 −6]. The

first pole value (λ) is selected as the control design parameter used to adjust K for fault

accommodation. The stability region generated reveals that there is no stabilizing feedback

gain (K∗) when α1 = 0.4 and α1 = 1. The next option is reverting to a different control

configuration that does not use the faulty actuator responsible for controlling u11, the feed

concentration (c0). The residence time (τr), the second manipulated variable in the original

control configuration (u12), becomes the sole manipulated variable (u2

1) in the second control

configuration. This causes a change in the stability properties of the system (Fig. 4.7b).

81

0 5 10

0.4

0.6

0.8

1

Time (h)

Fa

ult

Ide

ntif

ica

tion

α1

α1*

(a)0.2 0.4 0.6 0.8 1

0.2

0.4

0.6

0.8

1

1

11

1

Fa

ult

pa

ram

ete

r


0 5 10 15 20 250.5

1

1.5

2

2.5x 10−3

Time (h)

To

tal p

art

icle

siz

e, µ

1 (

mm

−2)

(c)0 10 20 30

600

700

800

900

1000

1100

Time (h)

Fe

ed

co

nce

ntr

atio

n,

c o (

kg/m

m3)

(d)

Figure 4.6. Plots (a)-(d): Fault identification after a partial fault (α1 = 0.4) at t = 1h.Plot (a): Dynamics of fault parameter (α1) and fault estimation parameter (α∗

1). Plot (b):Region of stability with the estimation interval α1 = Ψ(α∗

1) = [0.4, 0.475] for α1 = 1 (redline). Plots (c)-(d): Dynamics of the state (µ1) (c) and the faulty actuator controllingthe manipulated variable u11, the feed concentration (c0) (d).

Thus, through fault accommodation, the system is able to maintain system stability after a

potentially destabilizing fault (Fig. 4.8).

Note that the regions of stability are not only useful in determining the appropriate

control action once a fault has occurred but may also provide insight in selecting the best

control design parameters for fault-tolerance. The stability region plotted against values of

the fault parameter (α1) and the controller design parameter (λ) reveal that the stability

region is less robust to faults for small values of (λ) when the fault model parameter (α1) is

equal to one. This is the basis for initializing the controller gain K using λ = −1 (Fig. 4.7a).

82

−10 −8 −6 −4 −20.8

0.85

0.9

0.95

1

1

11

1

1

α1

Pole value, λ (a)0.2 0.4 0.6 0.8 1

0.2

0.4

0.6

0.8

11

1

1

1

1

1

Fa

ult

pa

ram

ete

r


Figure 4.7. Plots (a)-(b): Regions of stability used in selecting the best fault accommo-dation strategy after a partial fault (α1 = 0.4) at t = 1h. Plot (a): Stability region fordifferent values of the fault parameter (α1

1) and the controller design parameter (p1) usingthe feed concentration (c0) and residence time (τr) as the manipulated variables (α1

1 = 1).Plot (b): Stability region plotted against the fault parameter (α2

1) and the fault modelparameter (α2

1) using the residence time (τr) as the only manipulated variable (u21).

0 5 10

1.9

1.95

2

x 10−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(a)0 5 10

0.4

0.6

0.8

1

Time (h)

Re

sid

en

ce t

ime

, τ r (

h−

1)

(b)

Figure 4.8. Plots (a)-(b): Dynamics of the state (µ1) (a) and the fall-back manipulatedvariable u21 varying residence time (τr) (b) shows that fault accommodation re-establishesstability after a potentially destabilizing fault.

83

4.7 Conclusions

A unified framework was presented for fault identification and accommodation for particu-

late processes modeled by high-dimensional equations with nonlinearities and complex dy-

namics. These techniques were applied taking into account practical implementation issues

such as model uncertainty and measurement sampling. The model-based feedback control

architecture included a model-based feedback controller that made use of state estimates

when measurements are not available, a fault identifier that generated estimates of the fault

parameter while accounting for plant-model mismatch, and a supervisor that determines

the appropriate fault accommodation strategy in response to a fault that could potentially

destabilize the system. Possible fault strategies included: model update, control parameter

adjustment, actuator switching. The idea is to determine the appropriate fault accommo-

dation strategy based on the worst case behavior predicted by the stability properties of

the confidence interval generated for the fault parameter estimates in the fault identification

procedure. These were derived from the stability analysis of the closed-loop sampled-data

system wherein stability was explicitly characterized as a function of the sampling period,

fault parameter/s, and controller design parameter. These techniques were applied to a simu-

lated continuous crystallizer model. Two fault scenarios were introduced in the system. The

first case was a partial malfunction that did not lead to instability and did not necessitate

immediate action. The second was a potentially destabilizing fault. It was found that fault

accommodation structure in place was able to identify both faults and was able maintain

stability and avert undesired process behavior for the case of the potentially destabilizing

fault.

84

Chapter 5

Sensor fault accommodation strategies

in the control of particulate processes

with multi-rate measurements and

measurement sampling

This chapter focuses on the problem of handling sensor faults in particulate processes with

multiple outputs sampled at different sampling rates. This is carried out by reducing the

infinite-dimensional equation describing the particulate process to a finite-dimensional model

that captured the dominant dynamics of the system. This reduced-order model is used to

design an observer-based output feedback controller. An inter-sample model predictor is

utilized to compensate for the measurement intermittency by providing state estimates. The

model predictor is updated once the output measurements were available. The combined

discrete-continuous system is explicitly characterized in terms of a feasible combination of

output sampling rates that will lead to stability. This condition is based on the model

accuracy as well as the controller and observer design parameters. Appropriate rules for

passive and active fault tolerant control are derived based on this stability analysis. These

techniques are illustrated using a simulated model of a non-isothermal continuous crystallizer

to show how faults and failures in the sensors may be handled through the careful selection

85

of a stabilizing controller or sensor.

This chapter is structured accordingly: The problem formulation and solution overview

is given in Section 5.1.2. Some preliminary analysis and definition of terms are introduced in

Section 5.3 to facilitate the analysis of the multi-rate sampling mechanism. In Section 5.4,

the finite-dimensional multi-rate sampled-data control system is designed and subjected to

a closed-loop stability analysis. These techniques are applied to a simulated non-isothermal

continuous crystallizer in Section 5.5 wherein different scenarios were introduced to the sys-

tem to demonstrate the passive and active fault accommodation capabilities of the proposed

framework. Some final remarks are given in Section 5.6. Findings in this chapter were first

presented in [53].

5.1 Preliminaries







∂n

∂t= −

∂(G(z, r) · n)

∂r+ wn(n, z, r), n(0, t) = b(z(t)) (5.1)


∫ rmax

0

q(n, z, r)dr (5.2)





86













yι(t) = hι

(∫ rmax

0cκ(r)n(r, t)dr, z






The control objective is process stabilization at the desired equilibrium state in the pres-

ence of sensor faults using discretely-sampled state measurements. The problems under

consideration include: fault-free process regulation using discretely-sampled measurements,

passive and/or active sensor fault accommodation strategies to maintain the desired stability

and performance characteristics. We consider the following methodology to address these

problems:

• Model reduction: Derive a finite-dimensional model through model reduction. This

reduced-order model captures the dominant dynamics of the infinite-dimensional sys-

tem describing the continuous crystallizer which is used as an illustrative example to

87

represent particulate processes.

• Sampling mechanism: Characterize the multi-rate sampling mechanism to simplify the

presentation and analysis of results. This is done by defining the Shortest Time Unit

(STU) and Basic Time Unit (BTU) based on the sampling period of the different

sensors.

• Controller synthesis: Design an observer-based output feedback controller based on

the reduced-order model. The observer is used to generate state estimates from the

output measurements. A low order model of the system is used in the controller to

account for the measurement sampling. This model is updated at each sampling time.

• Analysis: Obtain an explicit characterization of the maximum allowable sampling pe-

riod that guarantees fault-free stability and residual convergence. This stability con-

dition is given in terms of the sampling period, the control configuration based on the

active manipulated input, and the controller and observer design parameters.

• Fault accommodation: Formulate a fault accommodation logic that determines the

appropriate fault accommodation strategy in response to a fault that changes the

sensor sampling period. Results from the closed-loop stability analysis are useful in

predicting the behavior of the process and in selecting an appropriate manipulated

variable when the model uncertainty and sampling periods for the output are known.

Thus, passive fault accommodation ensures that the system is robust to the most

probable fault within the system. Active fault accommodation is utilized when selecting

an appropriate sensor sampling period that will maintain stability after a potentially

destabilizing fault has already taken place.


A well-mixed non-isothermal continuous crystallizer is used throughout the paper to illus-

trate the design and implementation of model-based fault detection and accommodation.

88


phase. The dispersed phase is described by a particle size distribution whose shape influ-

ences the product properties and ease of product separation. Hence, a population balance

on the dispersed phase coupled with a mass balance for the continuous phase is necessary

to accurately describe, analyze, and control particulate processes. Under the assumptions of

spatial homogeneity, constant volume, mixed suspension, nucleation of crystals of infinitesi-

mal size, mixed product removal, and a single internal particle coordinate–the particle size

(r); a dynamic crystallizer model can be derived:

∂n

∂t= k1(cs − c)

∂n

∂r−

n


−k3

( ccs

−1)2

dc

dt=

(c0 − ρ)

ǫτr+

(ρ− c)

τr+

(ρ− c)

ǫ

dǫ

dt

dT

dt=

ρcHc

ρCp

dǫ

dt−

UAc

ρCpV(T − Tc) +

(T0 − T )

τr

(5.3)

where n(r, t) is the number of crystals of radius r ∈ [0,∞) at time t per unit volume

of suspension; τr is the residence time; c is the solute concentration in the crystallizer; ρ


∞

0n(r, t)π 4




; c0 is the concentration of solute entering the crystallizer; k1 and

k2 are temperature-dependent variables; k3 is a constant; and δ(r− 0) is the standard Dirac

function. The term containing the Dirac function accounts for the nucleation of crystals of

infinitesimal size while the first term in the population balance represents the particle growth

rate. The crystallizer exhibits highly oscillatory behavior due to the relative nonlinearity of

the nucleation rate as compared to the growth rate. This results in process dynamics that is

characterized by an unstable steady-state surrounded by a stable periodic orbit. The control

objective is to suppress the oscillatory behavior of the crystallizer in the presence of sensor

faults. This is carried out by stabilizing it at an unstable steady-state that corresponds to a

89

desired crystal size distribution by manipulating the solute feed concentration (c0), residence

time (τr), or coolant temperature (Tc). Measurements of the solute concentration (c) and the

temperature (T ) in the continuous crystallizer are collected discretely at different sampling

times and sent to the controller where the control action is calculated and then sent to the

actuator to effect the desired change in the process state.

Through method of moments, a sixth-order ordinary differential equation system is de-

rived to describe the temporal evolution of the first four moments of the crystal size dis-

tribution, the solute concentration, and the temperature (see [7] for a detailed derivation).

The reduced-order model can be cast in the following form:

dµ0

dt=

−µ0

τr+

(1−

4

3πµ3

)k2e

−k3

( ccs

−1)2

e−EbRT

dµv

dt=

−µv


−EgRT , v = 1, 2, 3

dc

dt=


τr(1− 4

3πµ3

)

dT

dt= −

ρcHc

ρCp

dµ3

dt−

UAc

ρCpV(T − Tc) +

(T0 − T )

τr

(5.4)


surrounded by a stable limit cycle at xs = [µs0 µs

1 µs2 µs

3 cs T s]T =

[0.0047 0.0020 0.0017 0.0022 992.95 298.31]T . Multi-rate sampled measurements

of the solute concentration (c) and temperature (T ) are used to control the process.



x(t) = Ax(t) +Blul(t), y(t) = Cx(t) (5.5)

where x(t) = [x1(t) x2(t)]T is the vector of state variables; x2(t) := y(t) is the measured out-

put vector; ul, l ∈ {1, 2, 3}, is the active manipulated input. The state vector is in deviation

variable form, x(t) = χ(t) − xs, where χ(t) = [µ0(t) µ1(t) µ2(t) µ3(t) c(t) T (t)]T ;

90

and A, Bl, and C are constant matrices given by:

A =∂f

∂x

∣∣∣∣(xs,us)

=

A11 A12

A21 A22

, Bl =

∂f

∂ul

∣∣∣∣(xs,us)

= [BTl,1 BT

l,2]T , and C =

0 0 0 0 1 0

0 0 0 0 0 1

,

where us denotes the steady state values for the available manipulated inputs. Table 5.1 gives

the process parameters and steady state values used in the simulated crystallizer example.

Over the next two sections, we describe how the control strategy is tailored to explicitly

account for the effects of multi-rate measurement sampling.


ρc = 1770 kg/m3 ρCp = 3000 J/m3 ·K

cso = 1000 kg/m3 Hc = −50 J/kg

τr = 1h U = 1800W/K ·m2


Eb = 0.00001 kJ/mol V = 0.01m3

T sc = 298K T s

o = 303K

R = 0.008314 kJ/mol ·K

k1 = 0.05065mm ·m3/kg · h k1 = k1e(−EgR·T

)

k2 = 7.958 (mm3 · h)−1 k2 = k2e(−EbR·T

)

k3 = 0.001217 k3 = k3

5.3 Multi-rate sampling mechanism

Before designing and analyzing the control system with multiple measurement sampling

rates, the time units (or intervals) in the multi-rate sampling mechanism are defined to

simplify the presentation and analysis of the results. We first define the sampling periods

for the different sensors as ∆1 = δ1τ , · · · , ∆m = δmτ , where δ1, · · · , δm are some positive

91

integers. The following time units are obtained:

• Shortest time unit (STU): τs = gcd(δ1, δ2, · · · , δm)τ , where gcd(·) represents the great-

est common divisor.

• Basic time unit (BTU): τB = lcm(δ1, δ2, · · · , δm)τ , where lcm(·) represents the least

common multiple.

Using these two time units to analyze the multi-rate measurement sampling logic, output

measurements may be collected and transmitted at a certain τkj = (kN + j)τs, where τj is

a possible sampling time (PST), k ∈ {0, 1, · · · }, j ∈ {0, 1, · · · ,M − 1}, and M = τB/τs.

This order of sensor transmissions is repeated in a periodic fashion for each τB wherein all

sensors are activated in the same patten in each t ∈ [τkj , τk+1j ). Specifically, only at any τk0 ,

k ∈ {0, 1, 2, · · · }, will all the sensors be activated concurrently. It should also be noted that

the sensors can measure the outputs only at a PST; however, for some τkj , not all the sensors

are necessarily active. To indicate the sensor sampling status, we define a binary function

ς(i, j) to show whether the i-th sensor is active or dormant at each PST τkj :

ς(i, j) =

1, if j is divisible by δi

0, otherwise(5.6)

where ς(i, j) = 1 if the i-th sensor transmits a measurement, while ς(i, j) = 0 if the i-th

sensor is dormant.

0

0

1

0

2

0

3

0

4

0

5

0

0

1

s

1

2

B

× × × ×

×××

s1

s2

……t

Figure 5.1. Sampling schedule of two sensors with different sampling rates.

92

To illustrate the utility of this time unit system, consider a simple example involving two

sensors with different sampling periods, ∆1 = 0.2 and ∆2 = 0.3. Based on the time unit

notions introduced above, δ1 = 2, δ2 = 3, τ = 0.1, and thus the STU is τs = 0.1 while the

BTU is τB = 0.6. Based on this, the PSTs are τkj = 0.1(6k+ j) = 0.1i, for j ∈ {0, 1, · · · , 5},

k ∈ {0, 1, · · · }, i = 6k + j. Comparing this result with the actual sampling times, it can

be seen that the set of actual sampling times is a subset of the set of PSTs. This is the

conclusion after investigating the sampling status at the first six PSTs in Fig.5.1. At t = 0,

both sensors transmit their measurements to the controller; at t = 0.1 and t = 0.5, none

were active. Then at t = 0.2 and t = 0.4 only the first sensor is active, and at t = 0.3, sensor

2 is the only one that takes an output measurement. This sampling pattern will be repeated

over each τB = 0.6 for all future times. This is only a specific example. Since the magnitude

of the time units depend on the sampling periods of the sensors, each process will have a

unique periodic transmission schedule.

5.4 Finite-dimensional multi-rate sampled-data control

system design

5.4.1 Output feedback controller synthesis

The control system design involves first synthesizing an output feedback controller that

stabilizes the finite-dimensional system when the sensors continuously transmit data to the

controller. We consider an observer-based feedback controller:

ul(t) = Kη(t)

η(t) = Aη(t) + Blul(t) + L(y(t)− Cη(t))(5.7)

where η denotes the estimate of x, and A =

A11 A12

A21 A22

and Bl = [BT

l,1 BTl,2]

T are

approximate models of A and Bl. Note that, in general, A 6= A and Bl 6= Bl to allow for

possible model uncertainty. The controller (K) and observer gains (L) are chosen to ensure

that the eigenvalues of A+ BlK and A− LC lie in the open left half of the complex plane.

93

5.4.2 Controller implementation under multi-rate sampling

The implementation of the controller of (5.7) requires continuous availability of all the mea-

sured outputs (y) from the sensors. The observer cannot be directly implemented since the

output measurements are only partly available at discrete time instances due to multi-rate

sampling. To compensate for the unavailability of continuous measurements, a low-order

model of the system is included in the controller to provide the observer with estimates of

the measured outputs when they are not available. In this case, however, not all the sensors

send their measurements at a given time; instead, different sensors may transmit their data

at different rates. When one or more sensors are active at a possible sampling time, the cor-

responding values of the measured outputs are assumed to be instantaneously transmitted

to the controller and are used to update the corresponding model outputs and the model

states. The model-based output feedback controller is then implemented as follows:

ul(t) = Kη(t), t ∈ [τkj , τkj+1)

ω(t) = Aω(t) + Blul(t), y(t) = Cω(t)

η(t) = Aη(t) + Blul(t) + L(y(t)− Cη(t))

yi(τkj ) = yi(τkj ), ∀ ς(i, j) = 1

i ∈ {1, 2, · · · , m}, j ∈ {0, 1, · · · ,M − 1}

(5.8)

where ω = [ω1(t) ω2(t)]T is the vector of model states which provides an estimate of x,

ω2(t) := y is the model output which provides an estimate of y, yi denotes the i-th element

of y and yi represents the actual measured output of the i-th sensor.

5.4.3 Closed-loop stability analysis

To investigate the stability properties of the finite-dimensional sampled-data closed-loop

system, we first define the model estimation error as ei(t) = yi(t)−yi(t), for i ∈ {1, 2, · · · , m},

where ei represents the difference between the i-th model output given in (5.8) and the actual

measured i-th output. Then, introducing the error vector e(t) = [e1(t) e2(t) · · · em(t)]T and

defining the augmented state vector ξ(t) = [x(t) η(t) ω1(t) e(t)]T , the finite-dimensional

94

sampled-data closed-loop system is formulated as a switched system and written in the form:

ξ(t) = Fξ(t), t ∈ [τkj , τkj+1)

ei(τkj ) = 0, ∀ ς(i, j) = 1

i ∈ {1, 2, · · · , m}, j ∈ {0, 1, · · · ,M − 1}

(5.9)

where F is a matrix defined as:

F =

A BlK O O

LC D O L

A12C Bl,1K A11 A12

A22C −A21I O A21 A22

, (5.10)

D = A+ BK − LC, A22 = A22 −A22, and I = [I O] such that x1 = Ix where I is the iden-

tity matrix. The following proposition characterizes the multi-rate sampled-data closed-loop

system behavior in terms of the different sampling rates, the controller and observer design

parameters, and the model uncertainty.

Proposition 5.1. The augmented closed-loop system described by (5.9)-(5.10), subject to the

initial condition ξ(0) = [x(τ 00 ) η(τ00 ) ω1(τ

00 ) e(τ

00 )]

T := ξ0, has a response of the form:

ξ(t) = eF (t−τkj )RjNkξ0 (5.11)

for t ∈ [τkj , τkj+1), ∀ j ∈ {0, · · · ,M − 1}, k ∈ {0, 1, · · · }, where

Rj = Πjµ=1I

j−µ+1s eFτs, for j ≥ 1

R0 = diag{I, I, I}

Ijs = diag{I, I, I − Sj}

Sj = diag{ς(1, j), ς(2, j), · · · , ς(m, j)},

(5.12)

and N is given by:

N = I0s eFτsRM−1 (5.13)

95

Based on (5.11)-(5.13), the following proposition provides a necessary and sufficient condi-

tion for stability of the finite-dimensional sampled-data closed-loop system.

Proposition 5.2. Consider the sampled-data closed-loop system, (5.8), and the augmented

system of (5.9)-(5.10) whose solution is given by (5.11))-(5.13). Then the zeros solution,

ξ = [x η e]T = [0 0 0]T , is exponentially stable if and only if r(N(∆1, · · · ,∆m)) < 1.

Remark 5.1. An examination of the structure of N in (5.13) indicates that its spectral radius

is dependent on the sampling periods, ∆j , j ∈ {1, · · · , m}, and F (which, in turn, depends

on the choice of the model and the controller and observer gains). All these factors are tied

together through the stability condition of Proposition 5.2 which can, therefore, be used to

examine and quantify the various interdependencies between these factors. For instance, if

the sampling rate of a particular sensor is fixed by some performance requirement, one can

determine the minimum allowable sampling rates of other sensors.

Remark 5.2. The requirement that the spectral radius of N be strictly less than one ensures

stability by limiting the growth of the closed-loop state within each basic time unit of size

τB as the measurement sampling is repeatedly executed over time.

5.5 Fault-tolerant control

A non-isothermal continuous crystallizer example is selected to illustrate the proposed fault-

tolerant scheme. Discrete measurements of the concentration (c) and temperature (T ), which

are available at different sampling rates, were used to control the system. The inter-sample

model predictor is used to estimate values of the states as well as the output when sensor

measurements are unavailable. To account for plant-model mismatch, the model is designed

with an uncertainty of δu = 0.2 for the parameters kw, w = 1, 2, 3 where kw = kw(1 + δu) is

96

the approximate value used in the plant model.

The controller gain (K) is calculated by specifying the location of the poles of A+ BlK

at [−1 − 2 − 3 − 4 − 5 − 6] while the observer gain (L) is chosen such that the poles

of A + LC are at [−10 − 11 − 12 − 13 − 14 − 15]. The system is controlled using one of

three possible manipulated inputs: inlet solute concentration (c0), coolant temperature (Tc),

residence time (τ). The stability regions are obtained for all possible manipulated variables

using the condition λmax(N) < 1 which is derived from the closed-loop stability analysis

of the test matrix N in (5.13) (Fig. 5.2-5.3). These regions, plotted as a function of the

sampling period for concentration (c) and temperature (T ), differ significantly depending on

the selected manipulated input. The yellow area enclosed by the unit contour line shows the

region where the process is unstable since λmax(N) > 1. Such plots are useful in predicting

the behavior of the process and in selecting an appropriate manipulated variable when the

model uncertainty and sampling periods for the output are known. Several conclusions may

be derived from a close inspection of the contour plots generated. In this particular example,

comparing the stability regions for the two cases when the coolant temperature (Tc) and inlet

solute concentration (c0) is manipulated, it is evident that the stability region for the first

case falls within the second (Fig. 5.2a, Fig. 5.3). For this reason, the discussion on fault-

tolerant control will focus on the use of the inlet solute concentration (c0) and residence time

(τ) as manipulated variables. In addition, it is observed that the contour plots generated

when the concentration (c0) and residence time (τ) are manipulated indicate an almost

anti-correlation. This behavior may be utilized in actuator reconfiguration wherein actuator

switching is carried out to maintain stability when a back-up actuator is unavailable.

The initial operating point (OP), set at a sampling period of ∆1 = 0.002h for the con-

centration sensor and ∆2 = 0.008h for the temperature sensor, is stable when either the

inlet solute concentration (c0) or residence time (τ) is chosen as the manipulated variable.

Both configurations are within the regions of stability for the two manipulated inputs and

97

thereby satisfy the condition obtained from the closed-loop stability analysis (Fig. 5.2). This

is further verified by simulations showing the dynamic behavior of the total particle size

(Fig. 5.4a-b).

Although either may be used to control the crystallizer, robustness to faults in the output

sensor is another criterion for selecting the best manipulated input. For instance, close

inspection of the two different regions of stability indicates that the process will be more

robust to faults in the concentration sensor when the residence time (τ) is chosen as the

manipulated variable (Fig. 5.2). This is because this configuration has a wider range of

possible sampling periods for the concentration sensor (∆2 < 1h) that will lead to process

stability at fast sampling rates for the temperature sensor (∆2 < 0.010h) (Fig. 5.2b). In

contrast, manipulating the inlet solute concentration (c0) results in greater tolerance for

faults in the temperature sensor and, therefore, larger sampling periods (Fig. 5.2a).

Two scenarios are used in the discussion to show that fault tolerance is achieved when the

operating point lies within the region of stability which, in turn, is a function of the active

manipulated variable, the initial operating conditions, and the magnitude and direction of

the fault (i.e., a change in the sensor sampling period). In these examples, faults are modeled

by introducing a malfunction in one of the sensors resulting in a larger sampling period in

either the concentration (c) or temperature (T ) sensor. Different schemes are then proposed

on how to best deal with each malfunction so as to maintain stability.

In the first case, a malfunction occurs in the temperature sensor that shifts its sampling

period from ∆2 = 0.008h to ∆2 = 0.012h (f1). This pushes the operating point (OP:

∆1 = 0.002h, ∆2 = 0.008h) to a different location (f1: ∆1 = 0.002h, ∆2 = 0.012h) in

the stability regions (Fig. 5.2). The new point is still within the region of stability when

the inlet solute concentration (c0) is manipulated (Fig. 5.2a). This is not the case when the

residence time (τ) is chosen as the manipulated variable (Fig. 5.2b). Closed-loop simulations

of the dynamics of the system under the different manipulated inputs are in agreement with

98

1

1

1Con

cent

ratio

n sa

mpl

ing

perio

d,

1 (h)

Temperature sampling period, 2 (h)

5 10 15

x 10-3

2

4

6

8

10

12

14

16

x 10-3

OP:1=0.002,

2=0.008

f1 :

1=0.002,

2=0.012

f2 :

1=0.011,

2=0.008

f2

f1

(a)

1

1

1

Con

cent

ratio

n sa

mpl

ing

perio

d,

1 (h)


5 10 15

x 10-3

2

4

6

8

10

12

14

16

x 10-3

f2

f1

OP:1=0.002,

2=0.008

f1 :

1=0.002,

2=0.012

f2 :

1=0.011,

2=0.008

(b)

Figure 5.2. Region of stability varies depending on the chosen manipulated input (δu =0.2). Plots (a)-(b): Contour plots of λmax(N) when the manipulated variable is (a) theinlet concentration, c0; and (b) the residence time, τ

99

1

1

1

1

1

1Con

cent

ratio

n sa

mpl

ing

perio

d,

1 (h)


5 10 15

x 10-3

2

4

6

8

10

12

14

16

x 10-3

(c)

Figure 5.3. Region of stability varies depending on the chosen manipulated input (δu =0.2). Contour plot of λmax(N) when the coolant temperature, Tc, is the manipulatedvariable.

these predictions (Fig. 5.4a-d). When the process is initially operating using the inlet solute

concentration (c0) as the manipulated variable, the system is still stabilizable even after the

fault took place. In fact, a comparison of closed-loop state profiles show that the system

stabilizes much faster at the new operating point (Fig. 5.4a,c). This shows how carefully

selecting the manipulated input results in passive fault tolerance. Furthermore, the fault

occurrence pushes the process into an operating point that now lies within the stability

region when the coolant temperature (Tc) is chosen as the manipulated input (Fig. 5.3). The

coolant temperature (Tc) may then be used as a back-up actuator in case of a malfunction in

the actuator manipulating the inlet solute concentration (c0). However, to maintain stability

after the fault when manipulating the residence time (τ); the process has to either revert to

a redundant temperature sensor with the original sampling period of ∆2 = 0.008h or switch

to an actuator that manipulates the inlet solute concentration (c0) or coolant temperature

(Tc).

The second scenario involves a malfunction in the concentration sensor wherein its sam-

pling period is driven from ∆1 = 0.002h to ∆1 = 0.011h (f2). This moves the operating point

100

(OP: ∆1 = 0.002h, ∆2 = 0.008h) to a different location (f2: ∆1 = 0.011h, ∆2 = 0.008h)

(Fig. 5.2). This new point is still within the region of stability when the crystallizer is ma-

nipulated using the residence time (τ) and unstable otherwise (Fig. 5.4e-f). In the event of

a malfunction in the mechanism used to manipulate the residence time (τ), there is no other

option but active reconfiguration which may be carried out by either reverting to a back-up

sensor to return to the initial operating point or switching to a different set of outputs that

will move the operating point into a region of stability. Actuator reconfiguration may only

be carried out by switching to a redundant actuator that manipulates the residence time

(τ) since the new operating point is within the region of instability when the inlet solute

concentration (c0) or coolant temperature (Tc) is manipulated.

For the case where the process is initially controlled using the inlet solute concentra-

tion (c0), the fault may be dealt with a number of ways: by switching to an actuator that

manipulates the residence time (τ), returning to the original operating point using a redun-

dant sensor, or using a different sensor with a different sampling period such that operating

conditions are within a stable region. The last strategy is carried out by either selecting a

temperature sensor with a larger sampling period or a concentration sensor with a faster

sampling rate (Fig. 5.2b).

The contrast between the first and second scenarios indicates that a priori knowledge

of the nature of future faults provides insight as to which manipulated input will be more

robust to faults. An examination of the regions of stability indicates that the process is more

robust to faults in the concentration sensor when the residence time (τ) is selected as the

manipulated variable. If faults in the concentration sensor are projected to occur, then it

would be wise to control the process by varying the residence time (τ) (Fig. 5.2b). If large

faults in the temperature sensor are more likely to occur, then it is better to manipulate the

inlet solute concentration (c0) to make the process more robust to such faults (Fig. 5.2a).

The same logic may be used with regard to knowledge of the sensors that are available

101

for process monitoring. For instance, if temperature sensors with fast sampling rates are

available, then it is better to manipulate the residence time (τ) while slow sampling rates

for the temperature sensor work best when the inlet solute concentration (c0) or coolant

temperature (Tc) is manipulated.

5.6 Conclusions

This chapter dealt with the design and analysis of a system with multi-rate output mea-

surements to demonstrate passive and active fault-tolerant control strategies for particulate

processes under measurement sampling. Fault-tolerance is important since faults can lead

to process instability and/or inferior product quality. Fault tolerant control was carried out

using passive and active strategies. Passive fault-tolerance may be used as an additional

criterion to ensure that the system is robust to the faults that are most likely to occur in

the system. This is achieved, for instance, by selecting the manipulated variable when all

other variables are known. Active fault-tolerant control was carried out by sensor or actuator

reconfiguration or by switching to a back-up sensor or actuator. To achieve these objectives,

a unified framework for model-based fault-tolerant control was derived. This framework

involves an observer-based output feedback controller that compensates for measurement

sampling using a dynamic model that estimates the output measurements when they are

unavailable. The stability properties of this controller are used to explicitly characterize

the maximum stabilizing sampling periods for the sensors in the system. These properties

are finally utilized to select the appropriate fault accommodation strategy under multi-rate

sampling to ensure that the process is robust to faults.

102

0 5 10 15 20

1.6

1.8

2

2.2

x 10−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(a)0 10 20 30 40

2

2.01

2.02

2.03

x 10−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(b)

0 5 10

1.6

1.7

1.8

1.9

2

2.1x 10

−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(c)0 10 20 30 40 50

1.98

2

2.02

2.04x 10

−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(d)

0 1 2 3

1

2

3

4

x 10−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(e)0 10 20 30

2

2.01

2.02

2.03

x 10−3

Time (h)

Tot

al p

artic

le s

ize,

µ1 (

mm

−2 )

(f)

Figure 5.4. Closed-loop state profiles depend on the selected manipulated variable(δu = 0.2). Plots (a)-(b): Stability is reached using either (a) inlet concentration, c0,or (b) residence time, τ , as manipulated variables (OP :∆1 = 0.002,∆2 = 0.008). Plots(c)-(d): System stabilizes when (c) inlet concentration, c0, and not (d) residence time,τ , is the manipulated variable (f1:∆1 = 0.002,∆2 = 0.012). Plots (e)-(f): System be-comes unstable by manipulating either (e) inlet concentration, c0, or (f) residence time,τ (f2:∆1 = 0.011,∆2 = 0.008).

103

Appendix A

Proofs of Chapter 2

In order to derive precise conditions for closed-loop stability in terms of the sampling pe-

riod and the delay time, the closed-loop response must be expressed as a function of these

parameters in the absence of faults. The following proposition provides the needed charac-

terization.

Proposition A.1. Consider the system described by (2.12)-(2.13) with the initial condition

χ(t0) =[xT (t0) ηT (t0) wT

2 (t0) 0 wT2 (t0) 0

]T:= χ0. Then:

(a) For t ∈ [tj , tj+1 − τ), j = 0, 1, 2, · · · ; the closed-loop system response is given by:

χ(t) = eΛo(t−tj ) (M)j χ0 (A.1)

(b) For t ∈ [tj+1 − τ, tj+1), j = 0, 1, 2, · · · ; the closed-loop system response is given by:

χ(t) = eΛo(t−tj+1+τ)IτeΛo(∆−τ) (M)j χ0 (A.2)

where ∆ := tj+1 − tj, M := IoeΛoτIτe

Λo(∆−τ),

104

Io =

Ip×p O O O O O

O Ip×p O O O O


O O O Iq×q O O


O O O O O O

, (A.3)

Iτ=

Ip×p O O O O O

O Ip×p O O O O


O O O O O O


O O O Iq×q O Iq×q

, (A.4)

and I is the identity matrix.

Proof. First, we have from (2.12) that at times t = tj only the error e(t) is reset to zero.

This can be represented by writing χ(tj) = Ioχ(t−

j ), where Io is given in (A.3). While at

times t = tj+1 − τ only the error e(t) is reset to zero, and this can be represented by writing

χ(tj+1−τ) = Iτχ((tj+1−τ)−), where Iτ is given in (A.4), since at that time e = y−y = e+ e.

Then on the interval t ∈ [tj , tj+1 − τ), j = 0, 1, 2, · · · ; the system response is given by:

χ(t) = eΛo(t−tj )χ(tj) = eΛo(t−tj )Ioχ(t−

j ) (A.5)

while on the interval t ∈ [tj+1 − τ, tj+1), the system response is given by:

χ(t) = eΛo(t−tj+1+τ)χ(tj+1 − τ)

= eΛo(t−tj+1+τ)Iτχ((tj+1 − τ)−)(A.6)

Using (A.5) to calculate χ((tj+1 − τ)−) we get:

105

χ(t) = eΛo(t−tj+1+τ)IτeΛo(∆−τ)Ioχ(t

−

j ) (A.7)

which can be used to write:

χ(t) = eΛo(t−tj+1+τ)IτeΛo(∆−τ)

[Ioe

ΛoτIτeΛo(∆−τ)

]Ioχ(t

−

j−1)

...

= eΛo(t−tj+1+τ)IτeΛo(∆−τ)

[Ioe


]jχ(t0)

= eΛo(t−tj+1+τ)IτeΛo(∆−τ)(M)jχ0, t ∈ [tj+1 − τ, tj+1), j = 0, 1, 2, · · ·

In the same way, we obtain from (A.5) that:

χ(t) = eΛo(t−tj)[Ioe


]Ioχ(t

−

j−1)

...

= eΛo(t−tj)[Ioe


]jχ(t0)

= eΛo(t−tj)(M)jχ0, t ∈ [tj , tj+1 − τ)

This completes the proof of the proposition.

Having characterized the fault-free closed-loop response in terms of the sampling period

and the size of the delay, the main result of this section will now be presented. The following

theorem provides a condition for the stability of the sampled-data closed-loop system in the

absence of faults.

Theorem A.1. Referring to the system of (2.12)-(2.13) with initial condition χ(t0) = χ0; the

zero solution, χ =[xT ηT wT

2 eT wT2 eT

]T= [0 0 0 0 0 0]T , is globally exponentially stable

if the eigenvalues of the matrix M := IoeΛoτIτe

Λo(∆−τ) are strictly inside the unit circle.

Proof. Evaluating the norm of the response of the closed-loop system described in Proposi-

tion 1, we have from (A.2) that for t ∈ [tj+1 − τ, tj+1), j = 0, 1, 2, · · · :

‖χ(t)‖ ≤ ‖eΛo(t−tj+1+τ)‖‖Iτ‖‖eΛo(∆−τ)‖‖(M)j‖‖χ0‖

Since ‖Iτ‖‖eΛo(∆−τ)‖ is a positive constant, we can write:

106

‖χ(t)‖ ≤ k1‖eΛo(t−tj+1+τ)‖ · ‖(M)j‖ · ‖χ0‖ (A.8)

where k1 = ‖Iτ‖‖eΛo(∆−τ)‖. Analyzing the first term on the right hand side of (A.8):

‖eΛo(t−tj+1+τ)‖ ≤

∞∑

i=0

‖1

i!(Λo)

i(t− tj+1 + τ)i‖

=∞∑

i=0

1

i!(t− tj+1 + τ)i(σ)i

= eσ(t−tj+1+τ) ≤ eστ := k2

(A.9)

where σ is the largest singular value of Λo. In general, this term can always be bounded

since the time difference t− tj+1+ τ is always smaller than τ . In other words, even if Λo has

eigenvalues with positive real parts, ‖eΛo(t−tj+1+τ)‖ can only grow a certain amount, and this

growth is independent of j. The second term on the right hand side of (A.8) is bounded if

and only if all the eigenvalues of M lie inside the unit circle, i.e.,:

‖(M)j‖ ≤ αe−βj = αeβe−βtj+1−t0

∆

for some α,β > 0, where we have used the fact that j =tj−t0∆

to establish the equality. Since

t ∈ [tj+1 − τ, tj+1) and tj+1 > t:

‖(M)j‖ < αeβe−βt−t0∆ := αeβe−β(t−t0) (A.10)

where β = β/∆ > 0. Combining (A.8) with (A.9) and (A.10), the following bound is

obtained:

‖χ(t)‖ ≤ k1k2αeβ‖χ0‖e

−β(t−t0), t ∈ [tj+1 − τ, tj+1) (A.11)

In a similar fashion, one can show that on the interval t ∈ [tj , tj+1 − τ), j = 0, 1, 2, · · · ;

the closed-loop response satisfies a bound of the form ‖χ(t)‖ ≤ k3αβe ‖χ0‖e

−β(t−t0), where

k3 := eσ(∆−τ) > 0. This, together with (A.11), implies that the origin of the networked

closed-loop system is globally exponentially stable, and the augmented system satisfies a

bound of the following form:

‖χ(t)‖ ≤ α‖χ0‖e−β(t−t0) (A.12)

where α = max{k1k2αeβ, k3αe

β}. This completes the proof of the theorem.

107

Remark A.1. It can be seen from the structure of Λo in (2.13) that the minimum stabilizing

sampling rate is dependent on the accuracy of the inter-sample model predictor, the delay

time, as well as the controller and observer design parameters. This dependence can be used

to systematically explore the tradeoffs that exist between these various factors. It can also

be shown that the requirement on the spectral radius of the test matrix M to be strictly less

than one is not only sufficient but also necessary to guarantee closed-loop stability.

Remark A.2. The ideas of using a process model and a propagation unit to compensate for

the lack of continuous measurements and the delay, respectively, are inspired by the results

obtained in the context of networked control systems [47, 48]. In these works, however,

the sensor-controller communication was limited due to the presence of the network, while

here it is limited by the sensor sampling constraints. Furthermore, the control architecture

presented here differs in that: (a) the controller, observer, propagation unit, and model are

all co-located, (b) the control action is calculated using the observer state, and (c) the model

is used only by the observer, and its output is reset by the estimate of the current process

output at the sampling times.

108

Bibliography

[1] N. H. El-Farra and A. Giridhar, “Detection and management of actuator faults in con-trolled particulate processes using population balance models,” Chemical EngineeringScience, vol. 63, no. 5, pp. 1185 – 1204, 2008.

[2] A. Giridhar and N. H. El-Farra, “A unified framework for detection, isolation and com-pensation of actuator faults in uncertain particulate processes,” Chemical EngineeringScience, vol. 64, no. 12, pp. 2963 – 2977, 2009.

[3] J. Dimitratos, G. Elicabe, and C. Georgakis, “Control of emulsion polymerization reac-tors,” AIChE J., vol. 40, pp. 1993–2021, 1994.

[4] D. Semino and W. H. Ray, “Control of systems described by population balanceequations-II. emulsion polymerization with constrained control action,” Chemical En-gineering Science, vol. 50, pp. 1825–1839, 1995.

[5] M. J. Kurtz, G.-Y. Zhu, A. Zamamiri, M. A. Henson, and M. A. Hjortso, “Controlof oscillating microbial cultures described by population balance models,” Ind. Eng.Chem. Res., vol. 37, pp. 4059–4070, 1998.

[6] T. Chiu and P. Christofides, “Robust control of particulate processes using uncertainpopulation balances,” AIChE J., vol. 46, pp. 266–280, 2000.

[7] ——, “Nonlinear control of particulate processes,” AIChE J., vol. 45, pp. 1279–1297,1999.

[8] N. H. El-Farra, T. Chiu, and P. D. Christofides, “Analysis and control of particulateprocesses with input constraints,” AIChE J., vol. 47, pp. 1849–1865, 2001.

[9] N. V. Mantzaris and P. Daoutidis, “Cell population balance modeling and control incontinuous bioreactors,” J. Process Contr., vol. 14, pp. 775–784, 2004.

[10] S. M. Miller and J. B. Rawlings, “Model identification and control strategies for batchcooling crystallizers,” AIChE J., vol. 40, pp. 1312–1327, 1994.

[11] W. Xie, S. Rohani, and A. Phoenix, “Dynamic modeling and operation of a seededbatch cooling crystallizer,” Chem. Eng. Comm., vol. 187, pp. 229–249, 2001.

[12] D. L. Ma and D. K. T. R. D. Braatz, “Optimal control and simulation of multidimen-sional crystallization processes,” Comp. & Chem. Eng., vol. 26, pp. 1103–1116, 2002.

[13] F. J. Doyle, M. Soroush, and C. Cordeiro, “Control of product quality in polymerizationprocesses,” in Rawlings, J. B. et al. (Eds.), AIChE Symposium Series: Proceedings of6th International Conference on Chemical Process Control, Phoenix, AZ, 2002, pp. 290–306.

109

[14] M. J. Park, M. T. Dokucu, and F. J. Doyle, “Regulation of the emulsion particle sizedistribution to an optimal trajectory using partial least squares model-based predictivecontrol,” Ind. Eng. Chem. Res., vol. 43, pp. 7227–7237, 2004.

[15] D. Shi, N. H. El-Farra, M. Li, P. Mhaskar, and P. D. Christofides, “Predictive controlof particle size distribution in particulate processes,” Chem. Eng. Sci., vol. 61, pp.268–281, 2006.

[16] Q. Hu, S. Rohani, D. Wang, and A. Jutan, “Optimal control of a batch cooling seededcrystallizer,” Powder Technology, vol. 156, no. 2-3, pp. 170–176, 2005.

[17] F. J. Doyle, C. A. Harrison, and T. J. Crowley, “Hybrid model-based approach to batch-to-batch control of particle size distribution in emulsion polymerization,” Computers &Chemical Engineering, vol. 27, no. 8-9, pp. 1153–1163, 2003.

[18] J. Du and B. Ydstie, “Modeling and control of particulate processes and application topoly-silicon production,” Chemical Engineering Science, vol. 67, no. 1, pp. 120– 130,2012.

[19] P. D. Christofides, N. El-Farra, M. Li, and P. Mhaskar, “Model-based control of partic-ulate processes,” Chemical Engineering Science, vol. 63, no. 5, pp. 1156 – 1172, 2008.

[20] P. D. Christofides, Model-Based Control of Particulate Processes. Netherlands: KluwerAcademic Publishers, 209 pages, 2002.

[21] P. Larsen, D. Patience, and J. Rawlings, “Industrial crystallization process control,”Control Systems, IEEE, vol. 26, no. 4, pp. 70–80, aug. 2006.

[22] D. M. Himmelblau, Fault Detection and Diagnosis in Chemical and Petrochemical Pro-cesses. New York: Elsevier Scientific Pub., 1978.

[23] M. Basila, G. Stefanek, and A. Cinar, “A model-object based supervisory expert systemfor fault tolerant chemical reactor control,” Comput. Chem. Eng., vol. 14, pp. 551–560,1990.

[24] P. M. Frank, “Fault diagnosis in dynamic systems using analytical and knowledge-basedredundancy – a survey and some new results,” Automatica, vol. 26, pp. 459–474, 1990.

[25] C. DePersis and A. Isidori, “A geometric approach to nonlinear fault detection andisolation,” IEEE Trans. Autom. Control, vol. 46, pp. 853–865, 2001.

[26] S. Simani, C. Fantuzzi, and R. Patton, Model-based Fault Diagnosis in Dynamic SystemsUsing Identification Techniques. London: Springer, 2003.

[27] M. Blanke, M. Kinnaert, J. Lunze, and M. Staroswiecki, Diagnosis and Fault-TolerantControl. Berlin-Heidelberg: Springer, 2003.

[28] L. Cheng, E. Kwok, and B. Huang, “Closed-loop fault detection using local approach,”Can. J. Chem. Eng., vol. 81, pp. 1101–1108, 2003.

110

[29] N. Mehranbod, M. Soroush, and C. Panjapornpon, “A method of sensor fault detectionand identification,” J. Proc. Contr., vol. 15, pp. 321–339, 2005.

[30] P. D. Christofides and N. H. El-Farra, Control of Nonlinear and Hybrid Process Systems:Designs for Uncertainty, Constraints and Time-Delays. Berlin/Heidelberg: Springer-Verlag, 2005.

[31] J. A. Romagnoli, F. Doymaz, and A. Palazoglu, “A strategy for detection and isolationof sensor failures and process upsets,” Chemometrics and Intelligent Laboratory Systems,vol. 55, pp. 109–123, 2001.

[32] H. M. Hulburt and S. Katz, “Some problems in particle technology: A statistical me-chanical formulation,” Chem. Eng. Sci., vol. 19, pp. 555–574, 1964.

[33] D. Ramkrishna, “The status of population balances,” Rev. Chem. Eng., vol. 3, pp.49–95, 1985.

[34] P. D. Christofides and P. Daoutidis, “Robust control of hyperbolic PDE systems,” Chem.Eng. Sci., vol. 53, pp. 85–105, 1998.

[35] P. D. Christofides, “Robust control of nonlinear processes,” in Proc. Conf. on Dynamicsand Control of Process Systems-5, Corfu, Greece, 1998, pp. 477–483.

[36] B. E. Ydstie and P. V. Krishnan, “From thermodynamics to a macroscopic theory forprocess control,” in AIChE Ann. Mtg., paper 228a, San Francisco, CA, 1994.

[37] B. E. Ydstie and A. A. Alonso, “Process systems and passivity via the Clausius-Planckinequality,” Syst. Control Lett., vol. 30, pp. 253–264, 1997.

[38] C. I. Byrnes, “Adaptive stabilization of infinite dimensional linear systems,” in 26thIEEE Conf. on Decision and Control, Los Angeles, CA, 1987, p. 1435.

[39] J. T. Wen and M. J. Balas, “Robust adaptive control in Hilbert space,” J. Math. Anal.Appl., vol. 143, pp. 1–26, 1989.

[40] M. A. Demetriou, “Model reference adaptive control of slowly time-varying parabolicsystems,” in Proc. 33rd IEEE Conf. on Decision and Control, Orlando, FL, 1994, pp.775–780.

[41] M. J. Balas, “Finite-dimensional direct adaptive control for discrete-time infinite-dimensional linear systems,” J. Math. Anal. Appl., vol. 196, pp. 153–171, 1995.

[42] N. H. El-Farra and S. Ghantasala, “Actuator fault isolation and reconfiguration intransport-reaction processes,” AIChE J., vol. 53, pp. 1518–1537, 2007.

[43] A. Armaou and M. Demetriou, “Robust detection and accommodation of incipientcomponent faults in nonlinear distributed processes,” AIChE J., vol. 54, pp. 2651–2662,2008.

111

[44] S. Ghantasala and N. H. El-Farra, “Robust actuator fault isolation and managementin constrained uncertain parabolic PDE systems,” Automatica, vol. 45, pp. 2368–2373,2009.

[45] M. Mahmood and P. Mhaskar, “Safe-parking framework for fault-tolerant control oftransport-reaction processes,” Ind. Eng. Chem. Res., vol. 49, no. 9, pp. 4285–4296,2010.

[46] T. Napasindayao and N. H. El-Farra, “Fault detection and accommodation in partic-ulate processes with sampled and delayed measurements,” Industrial & EngineeringChemistry Research, vol. 52, no. 35, pp. 12 490–12 499, 2013.

[47] L. A. Montestruque and P. J. Antsaklis, “On the model-based control of networkedsystems,” Automatica, vol. 39, pp. 1837–1843, 2003.

[48] Y. Sun and N. H. El-Farra, “Quasi-decentralized model-based networked control ofprocess systems,” Comp. & Chem. Eng., vol. 32, pp. 2016–2029, 2008.

[49] M. Du, J. Nease, and P. Mhaskar, “An integrated fault diagnosis and safe-parkingframework for fault-tolerant control of nonlinear systems,” International Journal ofRobust and Nonlinear Control, vol. 22, no. 1, pp. 105–122, 2012.

[50] T. Napasindayao and N. H. El-Farra, “Data-based fault identification and accommo-dation in the control of sampled-data particulate processes,” in Proceedings of 11thIFAC International Symposium on Dynamics and Control of Process Systems, submit-ted, Cape Town, South Africa, 2014.

[51] ——, “Model-based fault-tolerant control of uncertain particulate processes: Integrat-ing fault detection, estimation and accommodation,” in Proceedings of 9th Interna-tional Symposium on Advanced Control of Chemical Processes, submitted, Whistler,BC, Canada, 2014.

[52] ——, “Fault detection and accommodation in particulate processes with delayed, sam-pled measurements,” in Preprints of the 8th IFAC Symposium on Advanced Controlof Chemical Processes. Furama Riverfront, Singapore: International Federation ofAutomatic Control, July 2012, pp. 172–177.

[53] ——, “Sensor fault accommodation strategies in multi-rate sampled-data control of par-ticulate processes,” in Proceedings of 10th IFAC International Symposium on Dynamicsand Control of Process Systems, Cape Town, South Africa, 2013.

112

Documents

TGNDissertationMain