Active fault tolerant control of discrete event systems using online diagnostics

The aim of this paper is to deal with the problem of fault tolerant control in the framework of discrete event systems modeled as automata. A fault tolerant controller is a controller able to satisfy control specifications both in nominal operation and after the occurrence of a fault. This task is solved by means of a parameterized controller that is suitably updated on the basis of the information provided by online diagnostics: the supervisor actively reacts to the detection of a malfunctioning component in order to eventually meet degraded control specifications. Starting from an appropriate model of the system, we recall the notion of safe diagnosability as a necessary step in order to achieve fault tolerant control. We then introduce two new notions: (i) “safe controllability”, which represents the capability, after the occurrence of a fault, of steering the system away from forbidden zones and (ii) “active fault tolerant system”, which is the property of safely continuing operation after faults. Finally, we show how the problem can be solved using a general control architecture based on the use of special kind of diagnoser, called “diagnosing controller”, which is used to safely detect faults and to switch between the nominal control policy and a bank of reconfigured control policies. A simple example is used to illustrate the new notions and the control architecture introduced in the paper.