An H_{\infty} Cooperative Fault Recovery Control of Multi-Agent Systems

An Cooperative Fault Recovery Control of Multi-Agent Systems

Zahra Gallehdari, Nader Meskin and Khashayar Khorasani This publication was made possible by NPRP grant No. 5-045-2-017 from the Qatar National Research Fund (a member of Qatar Foundation). The statements made herein are solely the responsibility of the authors.Zahra Gallehdari and Khashayar Khorasani are with the Department of Electrical and Computer Engineering, Concordia University, Quebec, Canada and Meskin is with the Department of Electrical Engineering, Qatar University, Doha, Qatar

In this work, an performance fault recovery control problem for a team of multi-agent systems that is subject to actuator faults is studied. Our main objective is to design a distributed control reconfiguration strategy such that a) in absence of disturbances the state consensus errors either remain bounded or converge to zero asymptotically, b) in presence of actuator fault the output of the faulty system behaves exactly the same as that of the healthy system, and c) the specified performance bound is guaranteed to be minimized in presence of bounded energy disturbances. The gains of the reconfigured control laws are selected first by employing a geometric approach where a set of controllers guarantees that the output of the faulty agent imitates that of the healthy agent and the consensus achievement objectives are satisfied. Next, the remaining degrees of freedom in the selection of the control law gains are used to minimize the bound on a specified performance index. The effects of uncertainties and imperfections in the FDI module decision in correctly estimating the fault severity as well as delays in invoking the reconfigured control laws are investigated and a bound on the maximum tolerable estimation uncertainties and time delays are obtained. Our proposed distributed and cooperative control recovery approach is applied to a team of five autonomous underwater vehicles to demonstrate its capabilities and effectiveness in accomplishing the overall team requirements subject to various actuator faults, delays in invoking the recovery control, fault estimation and isolation imperfections and unreliabilities under different control recovery scenarios.

I Introduction

Utilization of unmanned vehicles (agents) in operations where human involvement is dangerous, or impossible as in deploying mobile robots for planetary surface exploration, autonomous underwater vehicles for surveying deep sea, among others, has recently received extensive interest by the research community. In addition, deployment of multiple vehicles such as spacecraft, mobile robots, or unmanned underwater vehicles instead of using a single vehicle increases the system performance and reliability, while it will ultimately reduce the cost of the overall mission.

In safety critical missions, the agents should have the capability to cope with unexpected external influences such as environmental changes or internal events such as actuator and sensor faults. If these unexpected events are not managed successfully, they can lead to the team instability or cause sever overall team performance degradations. For example, the crash of the NASA’s DART spacecraft in 2006 was due to a fault in its position sensors [6].

The development of control reconfiguration for multi-agent systems is distinct from the control design problem of healthy multi-agent systems [4, 23, 28, 21]. This is so in the sense that the former should be ideally solved on-line and use only local information given that faults occur at unknown times, have unknown patterns, and the existing fault detection and isolation (FDI) module in the team information may be available only locally, while the latter problem can be solved off-line and by potentially using the entire system information. Moreover, due to the information sharing structure of multi-agent systems, the fault tolerant control approaches that have extensively been studied in the literature for single agent systems [Yang2010, 30, 16, 22, 14] will not be directly applicable to multi-agent systems.

Recently, the control reconfiguration problem of multi-agent systems has been studied in [25, 1, 9, 10, 33, 32, 5, 27, 26, 20, 19, 13, 29]. In [25, 1], formation flight problem in a network subject to loss of effectiveness (LOE) faults is considered and in [9, 10, 33] the consensus achievement problem in faulty multi-agent systems is studied. In [25], a discrete-event supervisory module is designed to recover the faults that cannot be recovered by the agents using only local recovery solutions. In [1], a high-level performance monitoring module is designed that monitors all the agents and detects deviations of the error signals from their acceptable ranges. This module would then activate a high-level supervisor to compensate for the deviations in the performance specifications due to limitations of the low-level recovery strategy. In [32, 5, 27, 26] adaptive control approaches are employed to compensate for actuator faults and in [20, 19] control reconfiguration problem in a team of Euler Lagrange systems subject to actuator faults and environmental disturbances is studied. Finally in [13, 29], attitude synchronization problem for a team of satellites in presence of actuator faults is studied.

In this work, performance control reconfiguration problem in multi-agent systems subject to occurrence of three types of faults, namely, the loss of effectiveness (LOE), stuck and outage faults is studied. The proposed -based control reconfiguration strategy guarantees that the faulty agent outputs imitate those of the healthy system while the state consensus errors are either ensured to be asymptotically stable or remain bounded in absence of disturbances and the disturbance attenuation bound is minimized when the disturbances exist. Furthermore, this approach can compensate for the outage and stuck faults which cause rank deficiency and change the agent structure, whereas in the adaptive approaches it is assumed that the fault does not cause rank deficiency.

Our proposed approach is similar to the works in [33, 10], but it has the following distinctions, namely: (i) in [33] it is assumed that all the followers have access to the leader input signal while in this work we do not require this assumption, (ii) in [33] environmental disturbances have not been considered whereas in this work we do include disturbances in our analysis and design, (iii) in this work agents could be subject to simultaneous LOE, outage and stuck faults, however in [10] only a single LOE fault has been studied and in [33] only LOE and outage faults have been considered, (iv) in both [33, 10] the network topology is assumed to be indirected whereas in this work we have considered a directed network topology, and (v) in this work we ensure that the outputs of the faulty agent are exactly forced to follows those of the healthy agent and the state consensus errors remain bounded, whereas in [33, 10] the consensus problem is considered. The main motivation for enforcing outputs of the agents outputs to follow that of the leader is that in some applications like small light weight under vehicles, a small deviation in the speed can cause a big deviation in the agent position which may cause the network become disconnected or the agent becomes lost. In order to reach this objective, we formulated the problem as disturbance decoupling problem with stability and we use the Geometric approach [3] and controlled invariant subspaces to solve the problem along with linear algebra and matrix theory to address exact output following and state consensus error stability in the team as well as disturbance attenuation. To the best of our knowledge this problem has not been considered in the current literature in multi-agent systems.

In view of the above discussion, the main contributions of this work can be summarized as follows:

  1. A distributed control reconfiguration strategies for multi-agent systems subject to LOE, outage and stuck faults are proposed and developed. Towards this end, associated with each agent a novel “virtual auxiliary system” is constructed for the first time in the literature. Each agent will receive information from only the states of its associated auxiliary agent and the nearest neighboring auxiliary agents. This is in contrast with conventional cooperative schemes where each agent will be receiving the actual state information from its nearest neighboring agents. The proposed strategy guarantee an performance control reconfiguration with stability.

  2. The proposed reconfiguration control laws guarantee that the output of the faulty agent behaves the same as that of the healthy system, and moreover a specified performance index is minimized in presence of environmental disturbances.

  3. The effects of uncertainties and imperfections in the FDI module decision in correctly estimating the fault severity as well as delays in invoking the reconfigured control laws are investigated and a bound on the maximum tolerable estimation uncertainties and time delays are obtained.

  4. The proposed distributed reconfiguration control laws are capable of and designed specifically for accommodating single, concurrent and simultaneous actuator faults in multi-agent systems.

The remainder of this work is as follows. In Section II, the required background information are provided and the problem is formally defined. In Section III, the proposed reconfigured control law and the effects of uncertainties on the proposed solution are investigated. In Section IV, the proposed control laws are applied to a network of Autonomous Underwater Vehicles (AUV)s and extensive simulation results and various case studies are studied and presented. Finally, Section V concludes the paper.

Ii Background and Problem Definition

Ii-a Graph Theory

The communication network among agents can be represented by a graph. A directed graph consists of a nonempty finite set of vertices and a finite set of arcs . The -th vertex represents the -th agent and the directed edge from to is denoted as the ordered pair , which implies that agent receives information from agent . The neighbor set of the -th agent in the network is denoted by . The adjacency matrix of the graph is given by , where if , otherwise . The Laplacian matrix for the graph is defined as , where and .

Ii-B Leader-Follower Consensus Problem in a Network of Multi-Agent Systems

The main objective of the consensus problem in a leader-follower (LF) network architecture is to ensure all the team members follow the leader’s specified trajectory/states. Consider a network with follower agents that are governed by


and a leader agent that has the dynamics given by


where matrices , , , represent the agents dynamics matrices and are known, , , , and , are the agents states, outputs, control signals, and exogenous disturbance inputs. In this work, bounded energy disturbances are considered, i.e. , ( belongs to if ).

In the architecture considered in this paper, certain and a very few of the followers, that are designated as pinned agents, are communicating with the leader and receive data from it directly. The other followers are not in communication with the leader and exchange information only with their own nearest neighbor follower agents. On the other word, each agent only communicate with its neighbors and at least one agent is a neighbour of the leader. The consensus error signal for the -th follower is now defined by


where if agent is a pinned agent or is directly communicating with the leader and is zero otherwise. When there are no environmental disturbances, i.e. , , the team reaches a consensus if converges to origin asymptotically as . However, when there exist environmental disturbances, cannot converge to origin, although it should remain in a bounded region around the origin. We refer and designate both of these cases as achieving consensus through out this paper.

Based on the above representation for the network, the aim is that all follower agents follow the leader agent trajectory. Accordingly, we partition the network Laplacian matrix defined in Subsection II-A, as , , , where is a vector and represents the leader’s links to the followers and is an matrix and specifies the followers’ connections. This will help us to discuss the effects of the leader agent and follower agents to reach the entire team objectives.

Ii-C The Types and Description of the Actuator Faults

Before formally defining the three fault types that are considered in this work, we let denote the matrix of input channels of the healthy agent, where denotes the -th column of the matrix , denote the matrix of the faulty agent with a fault in only the -th input channel, and denote the matrix of the faulty agent subject to several concurrent faulty channels.
Loss of Effectiveness (LOE) Fault: For the LOE fault, only a percentage of the generated control effort is available to the agent for actuation, therefore the dynamics of the -th faulty agent after the occurrence of a fault at is modelled according to


where denotes the state of the faulty agent, , , for , represents the fault effectiveness of the -th channel of the -th agent, if the -th actuator is faulty, and if it is healthy.

Outage Fault: If the -th actuator of the -th agent is completely lost at the time , then we have for , where . The dynamics of the -th agent with an outage fault in its -th actuator can be represented by


where .

Stuck Fault: If at the time the -th actuator of the -th agent freezes at a certain value and does not respond to subsequent commands, the fault is then designated as the stuck fault. The dynamics of the -th faulty agent under this fault type can be modelled as


where , and for all denotes the value of the stuck command.

We are now in a position to state the following assumptions.

Assumption 1.

(a) The network graph is directed and has a spanning tree, and (b) The leader control input is bounded and the upper bound is known.

Assumption 2.

(a) The agents are stabilizable and remain stabilizable even after the fault occurrence.
(b) Each agent is equipped with a local FDI module which detects with possible delays and correctly isolates the fault in the agent and also estimates the severity of the fault with possible errors in the case of the LOE or stuck faults.

Regarding the above assumptions the following clarifications are in order. First, the Assumptions 1-(a) and 2-(a) are quite common for consensus achievement and fault recovery control design problems, respectively. Second, it is quite necessary that in most practical applications one considers a leader whose states are ensured to be bounded. Moreover, in practical scenarios the actuators are quite well understood and described and their maximum deliverable control effort and bound they can tolerate are readily available and known. Therefore Assumptions 1-(b) is also not restrictive. Furthermore, in Subsection III-B we analyze the system behavior for situations where either Assumption 2-(c) does not hold or the estimated fault severities by the FDI module are not accurate. We obtain the maximum uncertainty bound that our proposed approaches can tolerate. However, as stated in Assumption 2-(b), we require the correct actuator location as well as the type of the fault for guaranteeing that our proposed reconfigured control laws will yield the desired design specifications and requirements. The Scenario in Section IV does demonstrate the consequences of violating this assumption.

As far as Assumption 2-(c) is concerned, it should be noted that this assumption is indeed quite realistic for the following observations and justications. The transient time that any cooperative or consensus-based controller takes to settle down and the overall team objectives are satisfied is among one of the design consideration and specification for the controller selection. In most practical consensus achievement scenarios dealing with a healthy team, the transient time associated with the agent response is ensured to be settled down in a very small fraction of the entire mission time, and in most cases the healthy transient time takes a few seconds to minutes to die out. Therefore, it is quite realistic and indeed practical that during this very short and initial operation of the system, the agents are assumed to be fault free. In other words, we will not initiate the mission with agents that are faulty from the outset. It is highly unlikely that during the very first few moments after the initiation of the mission a fault occurs in the agents. For all the above explanations and observations we believe that Assumption 2-(c) is meaningful and quite realistic.

Ii-D Notations and Preliminaries

For a vector we define , (Euclidean norm ) and norm as , , . The signal is also represented as . The function is defined as


For the vector the notation denotes a diagonal matrix that has diagonal entries ’s. The notations , and denote an identity matrix of dimension , a unity vector with all its entries as one, and a zero matrix of dimension , respectively. For a matrix , the notation () or () implies that is a positive definite (positive semi-definite) or a negative definite (negative semi-definite) matrix. For a matrix , its -norm is defined by

The term () denotes the generalized left (right) inverse of the matrix . The terms , and denote the -th eigenvalue, the smallest, and the largest eigenvalues of the matrix , respectively. For the matrix , , , , denote the -th singular value, the minimum singular value, and the largest singular value of . The notations and denote the image and the kernel of .

Theorem 1.

[31] Consider the system


where is Hurwitz stable and is the state vector. The system (8) is stable if

for all and , where is the solution to

Fact 1.

For any two matrices and and a positive scaler we have

Ii-E Problem Definition

In this work, our main goal and objective is to design a state feedback reconfigurable or recovery control strategy in a directed network of multi-agent systems that seek consensus in presence of three types of actuator faults and environmental disturbances. Suppose the -th agent becomes faulty and its first actuators are subject to the outage fault, to actuators are subject to the stuck fault, while the remaining actuators are either subject to the LOE fault or are healthy. Using equations (4)-(6) the model of -th faulty agent that is subject to three types of actuator faults can be expressed as


where , , , , , , denotes the -th actuator effectiveness and fault severity factor, , , .

Considering the structure of the control law and the matrix , it follows that only the actuators to are available to be reconfigured. Therefore, to proceed with our proposed control recovery strategy the model (9) is rewritten as follows


The main objective of the control reconfiguration or control recovery is to design and select such that the state consensus errors either remain bounded and , for , when , , and the environmental disturbances are attenuated for , where , , and is defined as in equation (1).

To develop our proposed reconfiguration control laws, a virtual auxiliary system associated with each agent is now introduced as follows


where , and denote the state of the auxiliary system corresponding to the -th agent, its control and output signals, respectively. Furthermore, the disagreement error for each auxiliary system is also defined as


The auxiliary system that is defined in (11) is “virtual” and is not subject to actuator faults or disturbances, and hence it can be used as the reference model for designing the reconfigured control laws of the actual system (1) once it is subjected to actuator faults.

The performance index corresponding to the -th healthy agent (1) and the -th faulty agent (10) is now defined according to


where , and and represent the disturbance attenuation bounds. Based on the above definitions, the team performance index is now defined by . Under the control laws , , the performance index bound for the healthy team is attenuated if , . Furthermore, the performance index for the -th faulty agent is attenuated if , , . It should be noted that the performance indices (13) and (14) are not and cannot be calculated directly as the disturbance is unknown and the aim of the proposed approach is to minimize the performance indices without directly calculating them.

We are now in a position to formally state the problem that we consider in this work.

Definition 1.

(a) The state consensus performance control problem for the healthy team is solved if in absence of disturbances, the agents follow the leader states and consensus errors converge to zero asymptotically, and in presence of disturbances, the prescribed performance bound for the healthy team is attenuated, i.e. .
(b) Under Assumptions 1 and 2, the performance control reconfiguration problem with stability is solved if in absence of disturbances the state consensus errors remain bounded while the output of the faulty agent behaves the same as those of the healthy system outputs, and in presence of disturbances the disturbance attenuation bound is minimized and .

Iii Performance Cooperative and Distributed Control Reconfiguration Strategy

In this section, our proposed reconfigurable control law is introduced and developed. Since each agent only shares its information with its nearest neighbors, the reconfiguration control strategy also employs the same information as well as the agent’s FDI module information.

Consider the dynamics of the -th faulty agent is given by (10). As defined above , with denoting the -th faulty agent state and defined in (11), we let to denote the deviation of the output of the faulty agent from its associated auxiliary agent output. Then, the dynamics associated with can be obtained as


Moreover, the faulty agent consensus error is defined as

Lemma 1.

The faulty agent consensus error (16) is stable if and are asymptotically stable and is stabilized.

Proof. From the auxiliary error dynamics (15), one can express the state consensus error dynamics for the -th faulty agent that is denoted by according to

Therefore if the control law can be reconfigured such that is stabilized then it follows that will be stable. This completes the proof of the lemma. ∎

The above lemma shows that stability of the faulty agent’s consensus error can be guaranteed by reconfiguring the control law such that is stable. This implies that one can transform the control reconfiguration problem to that of the stabilization problem. Consequently, in the next two subsections we consider the problem of stabilizing . However, as seen from (15), the dynamics of depends on the control of the healthy agents. Hence, before presenting our proposed control reconfiguration strategy, the control law for the healthy team (where it is assumed without loss of any generality that all the agents are healthy) is presented below.

In this work, the following general control law structure is utilized,


which is the generalization of the one developed in [15] and is given by


where , and and are given by (12) and (3), respectively.

Remark 1.

The main challenge in developing the reconfigurable control law in multi-agent system as compared to that in single agent is that in single agent control recovery the agent is redesigned its control law to maintain its stability. However, in multi-agent system the agent should redesign its control law such that the entire team remains stable and loosing one agent can cause a disconnected network and failing the entire mission. The main difficulty in the design which is not the case in single agent is that each agent only share information with its nearest neighbours and communication channels are limited, so that the design should be performed using only local information.

The followings comments summarize the main characteristics of the control law (17) :

(1) In the control law (17) an agent employs and communicates only the auxiliary states that are unaffected by both disturbances and faults. In contrast in standard consensus control schemes such as (18) the actual states are employed and communicated from the nearest neighbor agents. Hence, the utilization of (17) avoids the propagation of the adverse effects of the disturbances and faults through out the team of multi-agent systems. This along with the degrees of freedom in designing the control recovery laws allow us to manage the -th faulty agent by only reconfiguring the control law of the faulty agent, and moreover it also provides us with the capability to recover simultaneous faults in multiple agents.

(2) The gain is designed such that the states of the -th agent follow the states of its associated auxiliary agent, while the gain is designed such that the states of the auxiliary agents reach a consensus and follow the leader state. 111The states are virtual; however, since depends on the leader state, also depends on the leader state (which is available to only a very few follower agents in the network). Therefore, should be communicated between the neighboring agents.

(3) Each agent receives only the auxiliary agents states in its nearest neighbor set as opposed to their actual states that is conventionally required in standard multi-agent consensus approaches.

(4) The control law (17) is shown subsequently to solve the consensus problem in a directed network topology that is subject to environmental disturbances, whereas the control law (18) solves the consensus problem in disturbance free environment and where the network topology is assumed to be undirected. The procedure for selecting and designing the gains of the control law (17) is provided in Theorem 2. Moreover, the structure of the proposed control law of this agent are provided in Figures 1 and 2.

Theorem 2.

The control law solves the performance state consensus problem in a team of follower agents whose dynamics are given by (1) and the leader dynamics that is given by (2), if and are selected as follows:

where is defined as in (12), , , , is defined as in (7), , , and finally the positive definite matrix is the solution to

and and are solutions to

where denotes the number of pinned agents, is the desired disturbance attenuation bound, , and ’s are the solutions to the inequalities

where denotes the upper bound of the leader control signal, i.e., for all .

Proof. The team reaches a consensus if . This goal is also achieved if agents’ controls are designed such that () and () for . This implies that the consensus achievement problem can be re-stated as the problem of asymptotically stabilizing and simultaneously.

In the following, first we discuss the stability criterion and disturbances attenuation for and in Parts A and B, respectively and then in Part C, we derive the conditions that satisfy the requirements for both Parts A and B that in fact solve the performance state consensus.

Part A: From (11) and (12), the dynamics of can be obtained as


where , , , , . Let us select as , then the system (19) becomes

where and . Since the sgn function is discontinuous, in order to conduct the stability analysis of the system (LABEL:augmented_error_auxiliary), it is replaced with its differential inclusion (for more details refer to [24, 2]) representation as follows

where the operator is defined as in [24, 2] to investigate its Filipov solutions. Now, we require to define the Lyapunov function candidate to study the stability properties of the error dynamics system. For this purpose, let us select , as a Lyapunov function candidate for the system (LABEL:augmented_error_auxiliary_1), where . Also, let , so that the set-valued derivative of along the trajectories of the system (LABEL:augmented_error_auxiliary_1) is given by

Let , , and . Since is a scaler, , and one has


Then by using the Holder’s inequality


where is the -th element of and we use the fact that . On the other hand, can be written as



Let , then three cases can be considered depending on the value of as follows:
i) , then .
ii) , then . Since and , it follows that

and if , are designed such that , then


iii) , then and . Therefore,

Again if , are designed such that, , then