Showing papers on "Control reconfiguration published in 1985"

Robust stability of systems with integral control

Abstract: A number of necessary and sufficient conditions are derived, which must be satisfied by the plant d.c. gain matrix of a linear time invariant system in order for an integral controller to exist for which the closed loop system is stable. Based on these results, the robustness of integral control systems is analyzed, i.e., the family of plants is defined which are stable when controlled with the same integral controller. Conditions for actuator/sensor failure tolerance of systems with integral control are also given. Finally, parallels are drawn between the results of this paper and the bifurcation theory of nonlinear systems.

Gracefully Degradable Processor Arrays

Abstract: A new approach to the design of gracefully degradable processor arrays is discussed. Fault tolerance and graceful degradation are achieved by simultaneously reconfiguring the processor array and the algorithm in execution. Two types of algorithm reconfigurability are considered, namely, row reconfigurability (RR) and row-column reconfigurability (RCR). correspondingly, two array reconfiguration schemes are discussed, i.e., successive row elimination (SRE) and alternate row-column elimination (ARCE). It is shown that the computations of any algorithm executable in a processor array can always be (re) organized so that the resultant algorithm has the RR and/or RCR properties. Upper bounds on the increase in execution time of an algorithm due to reorganization of computations for reconfigurability are derived. Detailed analysis of performance and reliability is done for both SRE and ARCE reconfiguration schemes. These reconfiguration techniques are applicable to any processor array and suitable for VLSI technology.

Techniques for Accommodating Control Effector Failures on a Mildly Statically Unstable Airplane

Abstract: Commercial airplanes are becoming increasingly more sophisticated, placing an increasing burden on pilots to detect and resolve the exhaustive set of possible control effector failures. Automatic techniques are needed to either reconfigure an existing control law or restructure a new control law after failure. A discrete control law has been designed for the longitudinal channel of a mildly statically unstable commercial airplane, to track the glideslope during the approach to landing phase of flight. Single effector failures with time delays for failure detection and identification are analyzed for both the reconfigured and restructured control laws, and results are compared with those from previous research using a statically stable airplane. Strategies considered include reconfiguration and restructuring with new flight conditions. Validation of all cases is made using a 6 DOF nonlinear airplane simulation.

Reconfiguration Strategies for Parallel Architectures

Abstract: Communication paths between parallelarchitecture resources can be reconfigured to suit new computational structures; however, this capability places new demands on efficient architecture use. In the past decade a significant amount of research focused on the development of highly parallel architectures.' Progress in research on Very-Large-Scale-Integrated-Circuit (VLSI) and Very-High-Speed-Integrated-Circuit (VHSIC) technologies is making it feasible to consider the construction ofcomplex parallel architectures that comprise a number of processors communicating by means of a high-bandwidth interconnection network. (Two often-proposed organizations, the processor-memory and the processor-processor network, are shown in Figure 1.) By utilizing a large number of such processors, these architectures have the potential to provide enormous throughputs leading to the computation of processes previously considered impractical due to their complexity. However, the availability of multiple processors alone is not sufficient to ensure practical solutions to computationally intensive tasks. One of several modes of operation may be de-

Use of the Pseudo-Inverse for Design of a Reconfigurable Flight Control System.

Abstract: : Reconfiguration of the flight control system is achieved using generic inputs and transformation matrices for single primary control surface failure. Pseudo-inverse is used to evaluate appropriate transformation matrices. Design is tested against non-linear six degree-of-freedom model of the A-7D by simulating failure flights. System was found to provide desirable flying qualities upon reconfiguration. (Author)

Robust simplified adaptive control for a class of multivariable continuous-time systems

Abstract: This paper presents a simple and robust adaptive control algorithm for a class of multivariable continuous-time linear systems. Boundedness of all values involved in the adaptation process is guaranteed in the presence of parasitic disturbances and dynamics provided that the controlled plant is stabilizable via unknown static output feedback. The usual need of prior knowledge about the order of the plant and about the pole-excess is also eliminated. Although these techniques can be generalized and their applicability can be extended to systems that need dynamic feedback in order to achieve stability, the present algorithm has his own importance, due to its extreme simplicity of implementation that may facilitate application of adaptive control in realistic complex control systems with unknown parameters.

Data transmission arrangement including a reconfiguration facility

Abstract: The construction of an arrangement for data transmission between a number of interconnection units should be realized so that, after a disturbance, an extensive reconfiguration of the arrangement is possible, so that all interconnection units which still communicate via a connection are interconnected by means of transmission paths which merely follow a different course in comparison with the non-disturbed state. In accordance with the invention each interconnection unit is provided with a device for generating synchronization information and in the case of a disturbance, appearing as a breakdown of the normal data stream, all interconnection units enter a test state in which test information is transmitted and possibly received test information is returned via all connections. Consequently, in each interconnection unit it can be autonomously decided which data paths are to be interconnected. In the case of at least three data connections per interconnection unit, different configurations are feasible which enable a complete reconfiguration to be realized also in the case of multiple disturbed connections between the interconnection units.

A Microcomputer-Based Fault-Tolerant Control System for Industrial Applications

Abstract: The concept and development of a fault-tolerant control system and the results of its real-time application using commercial microprocessors are presented. The system incorporates (via recursive filtering) on-line detection and reconfiguration of faulty equipment, sensor calibration, and information display within a structure that relies on alternatively configured regulators for plant control under different operational modes; these regulators are designed on the basis of analytically derived control laws and using a rule-based heuristic approach. Each critical input signal is a weighted average of all valid measurements of the appropriate plant variable where the weighting matrix is adaptively updated as a function of a posteriori probabilities of failure of these redundant measurements. Since the weight of a degraded measurement is smoothly reduced, eventual isolation of this fault does not cause an abrupt change in the estimate of the measured variable, and therefore, the feedback control system remains ``bumpless.'' The automated system has been shown to be tolerant of equipment failure(s), sensor degradation and noise, and certain types of process malfunctions, disturbances, and uncertainties by experimentation at the MIT nuclear research reactor.

A quantitative inherent reconfiguration theory for a class of systems

Abstract: In aircraft flight control, most control surfaces are in pairs (elevators, ailerons, canards etc.), with each pair normally controlled as a single unit. If a surface fails, the usual approach is to attempt explicit identification and switch-in of compensation prepared for that contingency. In this paper each surface is separately controlled, permitting ‘inherent reconfiguration’, wherein the design is a priori made such that despite one or several simultaneous surface failures, the system still satisfies the original performance tolerance (of course over a smaller dynamic range), with the same original fixed compensation. Inherent reconfiguration is a natural extension of quantitative feedback theory (QFT), wherein the system design is tuned to the plant uncertainty set 𝒫 ={P}, and to the acceptable system output set,. In QFT one designs a priori so that the system output is in  for all P in 𝒫 Surface failures simply enlarge the set 𝒫. The transparency of QFT enables the designer to readily see the extr...

Post-Failure Reconfiguration of CSP Programs

Abstract: In this paper a technique called process merging is introduced. This technique allows the merging of two communicating sequential processes into a new single process. Thus, this technique can be used to reconfigure a distributed program after a faulty processing element has been detected. The technique is most applicable to dedicated multiple microprocessor systems where the need for continuous operation is critical. A process merging algorithm which operates on distributed programs using the CSP notation is presented in detail and its operation is discussed. In order to illustrate the merging technique, the algorithm's behavior is demonstrated using two classical distributed programs: the Bounded Buffer, Producer, Consumer program and the Dining Philosophers program. Finally, the merging technique is examined with respect to its demands on overall system operation and overhead. This examinatiQn leads to suggestions for future research.

Fault diagnosis and automatic reconfiguration for a ring subsystem

Abstract: A ring subsystem has been developed for a full-scale high performance heterogeneous computer network. The design goals and the implementation issues of the automatic reconfiguration of the ring subsystem are presented. Particular emphasis is laid upon reliability improvement techniques, based on duplication of the ring subsystem components, and the automatic reconfiguration algorithm, which determines network configuration when faults occur.

Replicated distributed programs (fault tolerance, communication protocols, operating systems, remote procedure call, computer networks)

Abstract: This dissertation presents a new software architecture for fault-tolerant distributed programs. This new architecture allows replication to be added transparently and flexibly to existing programs. Tuning the availability of a replicated program becomes a programming-in-the-large problem that a programmer need address only after the individual modules have been written and verified. The increasing reliance that people place on computer systems makes it essential that those systems remain available. The low cost of computer hardware and the high cost of computer software make replicated distributed programs an attractive solution to the problem of providing fault-tolerant operation. A troupe is a set of replicas of a module, executing on machines that have independent failure modes. Troupes are the building blocks of replicated distributed programs and the key to achieving high availability. Individual members of a troupe do not communicate among themselves, and are unaware of one another's existence; this property is what distinguishes troupes from other software architectures for fault tolerance. Replicated procedure call is introduced to handle the many-to-many pattern of communication between troupes. Replicated procedure call is an elegant and powerful way of expressing many distributed algorithms. The semantics of replicated procedure call can be summarized as exactly-one execution at all replicas. An implementation of troupes and replicated procedure call is described. Experiments were conducted to measure the performance of this implementation; an analysis of the results of these experiments is presented. The problem of concurrency control for troupes is examined, and algorithms for replicated atomic transactions are presented as a solution. Binding and reconfiguration mechanisms for replicated distributed programs are described, and the problem of when to replace failed troupe members is analyzed. Several issues relating to programming languages and environments for reliable distributed applications are discussed. Integration of the replication mechanisms into current programming languages is accomplished by means of stub compilers. Four stub compilers are examined, and some lessons learned from them are presented. A language for specifying troupe configurations is described, and the design of a configuration manager, a programming-in-the-large tool for configuring replicated distributed programs, is presented.

Digital Control with Computer Interruptions

Abstract: The paper analyzes centralized digital control systems in which feedback loops are closed through a digital computer which generates the control law. Intermittent computer interruptions result in the deterioration of control quality and may even render the system unstable. A criterion that guarantees asymptotic stability under any admissible interruption pattern is presented in the paper.

Dynamics and control of a Shuttle-attached antenna experiment

Abstract: Study results obtained to date identify the requirements for a large space system flight experiment. This paper considers the dynamics and control of an offset feed wrap-rib antenna attached to the Shuttle for such an experiment. Results reported in this paper are primarily based on the analysis and simulation of the combined Shuttle and antenna flexible dynamics model, and the Shuttle Vernier Reaction Control Subsystem. These results establish the technical feasibility of the Shuttle attached antenna flight experiment. Static and dynamic disturbances examined do not cause significant dynamic interactions to the experiment. Shuttle Vernier jets can be used for control purpose or as controlled excitation sources for experiment. Interface between the Shuttle and the antenna can be rigid or actively decoupled depending on the experiment objective. Key large space systems control technologies such as distributed sensing and actuation, system identification, figure estimation and control, and control for slew or reconfiguration can be validated with the experiment configuration described in this paper.

Microprocessor-Based Architecture for a Modular Process Protection Upgrade System

Abstract: The Westinghouse Process Protection Upgrade System (Eagle 21TM) is a functional replacement for the existing analog process protection equipment used to monitor nuclear generating stations and actuate the reactor trip and engineering safeguards systems as required. However, the Eagle 21TM system does more than merely replace the existing analog hardware; it exploits the power of a functionally decentralized architecture with multiple independent microprocessorbased subsystems to increase plant availablity, reduce test time, reduce reconfiguration time, and increase the amount of information available to the operator and to new diagnostic systems. The architecture of the system is described and the major benefits are highlighted.

Development of an Expert System for Representing Procedural Knowledge

Abstract: A high level of automation is of paramount importance in most space operations. It is critical for unmanned missions and greatly increases the effectiveness of manned missions. However, although many functions can be automated by using advanced engineering techniques, others require complex reasoning, sensing, and manipulatory capabilities that go beyond this technology. Automation of fault diagnosis and malfunction handling is a case in point. The military have long been interested in this problem, and have developed automatic test equipment to aid in the maintenance of complex military hardware. These systems are all based on conventional software and engineering techniques. However, the effectiveness of such test equipment is severely limited. The equipment is inflexible and unresponsive to the skill level of the technicians using it. The diagnostic procedures cannot be matched to the exigencies of the current situation nor can they cope with reconfiguration or modification of the items under test. The diagnosis cannot be guided by useful advice from technicians and, when a fault cannot be isolated, no explanation is given as to the cause of failure. Because these systems perform a prescribed sequence of tests, they cannot utilize knowledge of a particular situation to focus attention on more likely trouble spots. Consequently, real-time performance is highly unsatisfactory. Furthermore, the cost of developing test software is substantial and time to maturation is excessive. Significant advances in artificial intelligence (AI) have recently led to the development of powerful and flexible reasoning systems, known as expert or knowledge-based systems. We have devised a powerful and theoretically sound scheme for representing and reasoning about procedural knowledge.

A reconfigurable systolic primitive processor for signal processing

Abstract: Recent developments in the area of logarithmic number systems have demonstrated that when properly configured, floating point precision can be achieved at fixed point speeds. To overcome the 12-bit historical address space limit of high speed lookup memory devices, a new Adaptive Radix Processor is proposed and an error analysis is performed. Interconnecting a number of identical ARPs, fast and compact DSP systems can be designed operating on a low error budget over a large dynamic range. Examples are presented using a "shared memory design. Finally, due to identical processors used in the designs reconfiguration can be used to fully utilize the available hardware and/or introduce a degree of fault tolerance.

Characterization of failure handling in fault-tolerant multiprocessor systems

Abstract: Traditional reliability-related models for fault-tolerant systems are used to predict system reliability, availability, computation capacity, or performability. They lack the capacity to treat in detail the handling and the consequences of failure. Also, there is insufficient attention paid to the fact that a system crash could follow any mishandling of failure. Failure handling consists of three major steps: error detection, system reconfiguration, and computation recovery. These steps must be considered together as a single package, not as separate entities as in the traditional analyses. Such an integration can be extended to develop design aids for fault-tolerant computers. The dissertation begins with the modeling of fault/error detection mechanisms which are designed to identify faulty units. When fault latency and/or error latency exist, the system may suffer from the propagation of errors and the accumulation of extant faults which will seriously reduce the fault-tolerant capability. Several detection models are developed so that we can study the effect of detection mechanisms on the subsequent error handling and overall system reliability. Upon detection of a faulty unit, the system should reconfigure itself into an optimal configuration so that the total reward to be achieved from the subsequent executions may be maximized. Finally, the contaminated processes have to be recovered. The strategies of error recovery employed will depend on the detection mechanisms and the redundancy available. Several recovery methods, especially retry and rollback, are analyzed. The recovery overheads are evaluated, providing an index of the capabilities of the detection and reconfiguration mechanisms.

Local Reconfiguration of Management Trees in Large Networks.

Abstract: The operational environments of sensor networks will alter over time, often due to hazardous conditions or fluctuating resource availability; however this important characteristic of sensor networks has yet to be fully addressed by current middleware solutions. In this article, we present a reflective middleware solution for co-ordinated dynamic reconfiguration of middleware behaviour across nodes in a sensor network. We evaluate this approach in a real-world case study; firstly, we demonstrate how dynamic reconfiguration optimises the performance and resource consumption of a sensor application, and secondly we illustrate that the costs of reconfiguration are not prohibitive in this domain.

Integrated analysis of error detection and recovery

Abstract: An integrated modeling and analysis of error detection and recovery is presented. When fault latency and/or error latency exist, the system may suffer from multiple faults or error propagations which seriously deteriorate the fault-tolerant capability. Several detection models that enable analysis of the effect of detection mechanisms on the subsequent error handling operations and the overall system reliability were developed. Following detection of the faulty unit and reconfiguration of the system, the contaminated processes or tasks have to be recovered. The strategies of error recovery employed depend on the detection mechanisms and the available redundancy. Several recovery methods including the rollback recovery are considered. The recovery overhead is evaluated as an index of the capabilities of the detection and reconfiguration mechanisms.

Auto Reconfiguration of Reaction Wheels in IRS

Abstract: The Indian remote sensing satellite (IRS) employs four reaction wheels for attitude control. The fourth, a skew wheel, provides redundancy to the failure of any of the orthogonal wheels. To avoid attitude loss before the redundant skew wheel takes over due to failure of any of the orthogonal wheels, an automatic reconfiguration scheme has been developed and implemented through a microprocessor. The details of reconfiguration logic and the computer simulation results are presented.

Transparent contention buses can improve architectures

Abstract: Advanced avionic architectures are becoming increasingly complex in their needs for internal communications. Larger numbers of computers and other electronic devices are used, each exchanging more data at higher rates. Simultaneously, there are demands to make avionic systems more robust and fault tolerant. All of the electronic systems on aircraft now require interconnection, including mission management, sensor management, flight controls, secure-data, and aircraft utility systems. Each system has unique requirements; yet, for the most efficient system, all of them must communicate to exchange command and status data. These new system demands require modifications in the total system architecture, and particularly in the communications structure. This paper discusses some of the unique architectural aspects of the integration of new systems on aircraft. The paper also describes a data channel approach that meets the diverse and unique requirements of modern avionics. The approach is called "Token Passing with Transparent Contention" and combines a token passing approach for normal operation with a transparent contention approach to handle power-up and bus reconfiguration. The protocol can be used equally well with coaxial cable, fiber optics, or mixed media systems. It provides true distributed control and easily and rapidly overcomes problems due to lost tokens or newly added terminals. Further, it allows a single bus to be dynamically divided into independently operating subnets and supports their smooth re-integration into a single network. Architecture Requirements Advanced aircraft are required to support increasingly stringent mission demands. Aircraft are required to deliver their weapons more precisely and with shorter reaction times. This precise and timely delivery is required while the aircraft is maneuvering and/or after reduced available time for target recognition, location, and identification. For maximum total force effectiveness, each aircraft is required to maintain coordination with other friendly forces and to take advantage of information that can be gathered from enemy forces. To obtain maximum mission effectiveness, each aircraft must also be highly reliable and provide high capability for mission completion regardless of the failure of equipments. Once on the ground, the aircraft must be easily fixed, requiring a minimum of ground support. All of this must be provided within reasonable costs and with minimum weight and power requirements to allow procurement of large numbers of aircraft that can accomplish long range missions. The increasing mission demands require avionic system architectural changes. Figure 1 graphically illustrates some of the Air Force Wright Aeronautical Laboratories' (AFWAL) programs that are designed to provide these necessary improvements in avionics. As shown, the required changes are pervasive, affecting software, pilot-vehicle interfaces, and hardware throughout the system. The new architectures and technologies involve increasingly high levels of integration in the core system. Functions that will be added include artificial intelligence, reconfiguration managerrent, and self-testlbuilt-in-testlintegrated-maintenance. Further, the new architectures must extend into the front end of the system, addressing high-speed converters and processors, active aperture antennae, generic front-end designs, and adaptive multifunction antennae. These new approaches will require standardization and integrity management in more system elements, including defensive systems, flight control systems, propulsion systems, power systems, and communication systems. PAVE PILLAR: URR, INEWS, IIRA, IRST, 1750, CSP, AAAM, --Next Step in Avionics Evolution A V I O N I C SYSTEM INCLUDING

Prevention of Loss of Control in Chemical Plants under Computer Control

Abstract: As the use of direct computer control in chemical plants increases, loss of control due to computer failure becomes a major concern. A fault tolerant computer control system is constructed and tested using a heat exchanger network. Redundancy and diversity are created both in hardware and software. Tolerance to sensor failure is created by control system reconfiguration. With reassignment of control duties, computer failure cause process upsets similar to temporary process disturbances. The magnitude and duration of upsets are closely related to the takeover time of the substitute computer.