An Cooperative Fault Recovery Control of MultiAgent Systems
Abstract
In this work, an performance fault recovery control problem for a team of multiagent systems that is subject to actuator faults is studied. Our main objective is to design a distributed control reconfiguration strategy such that a) in absence of disturbances the state consensus errors either remain bounded or converge to zero asymptotically, b) in presence of actuator fault the output of the faulty system behaves exactly the same as that of the healthy system, and c) the specified performance bound is guaranteed to be minimized in presence of bounded energy disturbances. The gains of the reconfigured control laws are selected first by employing a geometric approach where a set of controllers guarantees that the output of the faulty agent imitates that of the healthy agent and the consensus achievement objectives are satisfied. Next, the remaining degrees of freedom in the selection of the control law gains are used to minimize the bound on a specified performance index. The effects of uncertainties and imperfections in the FDI module decision in correctly estimating the fault severity as well as delays in invoking the reconfigured control laws are investigated and a bound on the maximum tolerable estimation uncertainties and time delays are obtained. Our proposed distributed and cooperative control recovery approach is applied to a team of five autonomous underwater vehicles to demonstrate its capabilities and effectiveness in accomplishing the overall team requirements subject to various actuator faults, delays in invoking the recovery control, fault estimation and isolation imperfections and unreliabilities under different control recovery scenarios.
I Introduction
Utilization of unmanned vehicles (agents) in operations where human involvement is dangerous, or impossible as in deploying mobile robots for planetary surface exploration, autonomous underwater vehicles for surveying deep sea, among others, has recently received extensive interest by the research community. In addition, deployment of multiple vehicles such as spacecraft, mobile robots, or unmanned underwater vehicles instead of using a single vehicle increases the system performance and reliability, while it will ultimately reduce the cost of the overall mission.
In safety critical missions, the agents should have the capability to cope with unexpected external influences such as environmental changes or internal events such as actuator and sensor faults. If these unexpected events are not managed successfully, they can lead to the team instability or cause sever overall team performance degradations. For example, the crash of the NASA’s DART spacecraft in 2006 was due to a fault in its position sensors [6].
The development of control reconfiguration for multiagent systems is distinct from the control design problem of healthy multiagent systems [4, 23, 28, 21]. This is so in the sense that the former should be ideally solved online and use only local information given that faults occur at unknown times, have unknown patterns, and the existing fault detection and isolation (FDI) module in the team information may be available only locally, while the latter problem can be solved offline and by potentially using the entire system information. Moreover, due to the information sharing structure of multiagent systems, the fault tolerant control approaches that have extensively been studied in the literature for single agent systems [Yang2010, 30, 16, 22, 14] will not be directly applicable to multiagent systems.
Recently, the control reconfiguration problem of multiagent systems has been studied in [25, 1, 9, 10, 33, 32, 5, 27, 26, 20, 19, 13, 29]. In [25, 1], formation flight problem in a network subject to loss of effectiveness (LOE) faults is considered and in [9, 10, 33] the consensus achievement problem in faulty multiagent systems is studied. In [25], a discreteevent supervisory module is designed to recover the faults that cannot be recovered by the agents using only local recovery solutions. In [1], a highlevel performance monitoring module is designed that monitors all the agents and detects deviations of the error signals from their acceptable ranges. This module would then activate a highlevel supervisor to compensate for the deviations in the performance specifications due to limitations of the lowlevel recovery strategy. In [32, 5, 27, 26] adaptive control approaches are employed to compensate for actuator faults and in [20, 19] control reconfiguration problem in a team of Euler Lagrange systems subject to actuator faults and environmental disturbances is studied. Finally in [13, 29], attitude synchronization problem for a team of satellites in presence of actuator faults is studied.
In this work, performance control reconfiguration problem in multiagent systems subject to occurrence of three types of faults, namely, the loss of effectiveness (LOE), stuck and outage faults is studied. The proposed based control reconfiguration strategy guarantees that the faulty agent outputs imitate those of the healthy system while the state consensus errors are either ensured to be asymptotically stable or remain bounded in absence of disturbances and the disturbance attenuation bound is minimized when the disturbances exist. Furthermore, this approach can compensate for the outage and stuck faults which cause rank deficiency and change the agent structure, whereas in the adaptive approaches it is assumed that the fault does not cause rank deficiency.
Our proposed approach is similar to the works in [33, 10], but it has the following distinctions, namely: (i) in [33] it is assumed that all the followers have access to the leader input signal while in this work we do not require this assumption, (ii) in [33] environmental disturbances have not been considered whereas in this work we do include disturbances in our analysis and design, (iii) in this work agents could be subject to simultaneous LOE, outage and stuck faults, however in [10] only a single LOE fault has been studied and in [33] only LOE and outage faults have been considered, (iv) in both [33, 10] the network topology is assumed to be indirected whereas in this work we have considered a directed network topology, and (v) in this work we ensure that the outputs of the faulty agent are exactly forced to follows those of the healthy agent and the state consensus errors remain bounded, whereas in [33, 10] the consensus problem is considered. The main motivation for enforcing outputs of the agents outputs to follow that of the leader is that in some applications like small light weight under vehicles, a small deviation in the speed can cause a big deviation in the agent position which may cause the network become disconnected or the agent becomes lost. In order to reach this objective, we formulated the problem as disturbance decoupling problem with stability and we use the Geometric approach [3] and controlled invariant subspaces to solve the problem along with linear algebra and matrix theory to address exact output following and state consensus error stability in the team as well as disturbance attenuation. To the best of our knowledge this problem has not been considered in the current literature in multiagent systems.
In view of the above discussion, the main contributions of this work can be summarized as follows:

A distributed control reconfiguration strategies for multiagent systems subject to LOE, outage and stuck faults are proposed and developed. Towards this end, associated with each agent a novel “virtual auxiliary system” is constructed for the first time in the literature. Each agent will receive information from only the states of its associated auxiliary agent and the nearest neighboring auxiliary agents. This is in contrast with conventional cooperative schemes where each agent will be receiving the actual state information from its nearest neighboring agents. The proposed strategy guarantee an performance control reconfiguration with stability.

The proposed reconfiguration control laws guarantee that the output of the faulty agent behaves the same as that of the healthy system, and moreover a specified performance index is minimized in presence of environmental disturbances.

The effects of uncertainties and imperfections in the FDI module decision in correctly estimating the fault severity as well as delays in invoking the reconfigured control laws are investigated and a bound on the maximum tolerable estimation uncertainties and time delays are obtained.

The proposed distributed reconfiguration control laws are capable of and designed specifically for accommodating single, concurrent and simultaneous actuator faults in multiagent systems.
The remainder of this work is as follows. In Section II, the required background information are provided and the problem is formally defined. In Section III, the proposed reconfigured control law and the effects of uncertainties on the proposed solution are investigated. In Section IV, the proposed control laws are applied to a network of Autonomous Underwater Vehicles (AUV)s and extensive simulation results and various case studies are studied and presented. Finally, Section V concludes the paper.
Ii Background and Problem Definition
Iia Graph Theory
The communication network among agents can be represented by a graph. A directed graph consists of a nonempty finite set of vertices and a finite set of arcs . The th vertex represents the th agent and the directed edge from to is denoted as the ordered pair , which implies that agent receives information from agent . The neighbor set of the th agent in the network is denoted by . The adjacency matrix of the graph is given by , where if , otherwise . The Laplacian matrix for the graph is defined as , where and .
IiB LeaderFollower Consensus Problem in a Network of MultiAgent Systems
The main objective of the consensus problem in a leaderfollower (LF) network architecture is to ensure all the team members follow the leader’s specified trajectory/states. Consider a network with follower agents that are governed by
(1)  
and a leader agent that has the dynamics given by
(2)  
where matrices , , , represent the agents dynamics matrices and are known, , , , and , are the agents states, outputs, control signals, and exogenous disturbance inputs. In this work, bounded energy disturbances are considered, i.e. , ( belongs to if ).
In the architecture considered in this paper, certain and a very few of the followers, that are designated as pinned agents, are communicating with the leader and receive data from it directly. The other followers are not in communication with the leader and exchange information only with their own nearest neighbor follower agents. On the other word, each agent only communicate with its neighbors and at least one agent is a neighbour of the leader. The consensus error signal for the th follower is now defined by
(3) 
where if agent is a pinned agent or is directly communicating with the leader and is zero otherwise. When there are no environmental disturbances, i.e. , , the team reaches a consensus if converges to origin asymptotically as . However, when there exist environmental disturbances, cannot converge to origin, although it should remain in a bounded region around the origin. We refer and designate both of these cases as achieving consensus through out this paper.
Based on the above representation for the network, the aim is that all follower agents follow the leader agent trajectory. Accordingly, we partition the network Laplacian matrix defined in Subsection IIA, as , , , where is a vector and represents the leader’s links to the followers and is an matrix and specifies the followers’ connections. This will help us to discuss the effects of the leader agent and follower agents to reach the entire team objectives.
IiC The Types and Description of the Actuator Faults
Before formally defining the three fault types that are considered in this work, we let denote the matrix of input channels of the healthy agent, where denotes the th column of the matrix , denote the matrix of the faulty agent with a fault in only the th input channel, and denote the matrix of the faulty agent subject to several concurrent faulty channels.
Loss of Effectiveness (LOE) Fault:
For the LOE fault, only a percentage of the generated control effort is available to the agent for actuation, therefore the dynamics of the th faulty agent after the occurrence of a fault at is modelled according to
(4)  
where denotes the state of the faulty agent, , , for , represents the fault effectiveness of the th channel of the th agent, if the th actuator is faulty, and if it is healthy.
Outage Fault: If the th actuator of the th agent is completely lost at the time , then we have for , where . The dynamics of the th agent with an outage fault in its th actuator can be represented by
(5)  
where .
Stuck Fault: If at the time the th actuator of the th agent freezes at a certain value and does not respond to subsequent commands, the fault is then designated as the stuck fault. The dynamics of the th faulty agent under this fault type can be modelled as
(6)  
where , and for all denotes the value of the stuck command.
We are now in a position to state the following assumptions.
Assumption 1.
(a) The network graph is directed and has a spanning tree, and (b) The leader control input is bounded and the upper bound is known.
Assumption 2.
(a) The agents are stabilizable and remain stabilizable even after the fault occurrence.
(b) Each agent is equipped with a local FDI module which detects with possible delays and correctly isolates the fault in the agent and also estimates the severity of the fault with possible errors in the case of the LOE or stuck faults.
Regarding the above assumptions the following clarifications are in order. First, the Assumptions 1(a) and 2(a) are quite common for consensus achievement and fault recovery control design problems, respectively. Second, it is quite necessary that in most practical applications one considers a leader whose states are ensured to be bounded. Moreover, in practical scenarios the actuators are quite well understood and described and their maximum deliverable control effort and bound they can tolerate are readily available and known. Therefore Assumptions 1(b) is also not restrictive. Furthermore, in Subsection IIIB we analyze the system behavior for situations where either Assumption 2(c) does not hold or the estimated fault severities by the FDI module are not accurate. We obtain the maximum uncertainty bound that our proposed approaches can tolerate. However, as stated in Assumption 2(b), we require the correct actuator location as well as the type of the fault for guaranteeing that our proposed reconfigured control laws will yield the desired design specifications and requirements. The Scenario in Section IV does demonstrate the consequences of violating this assumption.
As far as Assumption 2(c) is concerned, it should be noted that this assumption is indeed quite realistic for the following observations and justications. The transient time that any cooperative or consensusbased controller takes to settle down and the overall team objectives are satisfied is among one of the design consideration and specification for the controller selection. In most practical consensus achievement scenarios dealing with a healthy team, the transient time associated with the agent response is ensured to be settled down in a very small fraction of the entire mission time, and in most cases the healthy transient time takes a few seconds to minutes to die out. Therefore, it is quite realistic and indeed practical that during this very short and initial operation of the system, the agents are assumed to be fault free. In other words, we will not initiate the mission with agents that are faulty from the outset. It is highly unlikely that during the very first few moments after the initiation of the mission a fault occurs in the agents. For all the above explanations and observations we believe that Assumption 2(c) is meaningful and quite realistic.
IiD Notations and Preliminaries
For a vector we define , (Euclidean norm ) and norm as , , . The signal is also represented as . The function is defined as
(7) 
For the vector the notation denotes a diagonal matrix that has diagonal entries ’s. The notations , and denote an identity matrix of dimension , a unity vector with all its entries as one, and a zero matrix of dimension , respectively. For a matrix , the notation () or () implies that is a positive definite (positive semidefinite) or a negative definite (negative semidefinite) matrix. For a matrix , its norm is defined by
The term () denotes the generalized left (right) inverse of the matrix . The terms , and denote the th eigenvalue, the smallest, and the largest eigenvalues of the matrix , respectively. For the matrix , , , , denote the th singular value, the minimum singular value, and the largest singular value of . The notations and denote the image and the kernel of .
Theorem 1.
Fact 1.
For any two matrices and and a positive scaler we have
IiE Problem Definition
In this work, our main goal and objective is to design a state feedback reconfigurable or recovery control strategy in a directed network of multiagent systems that seek consensus in presence of three types of actuator faults and environmental disturbances. Suppose the th agent becomes faulty and its first actuators are subject to the outage fault, to actuators are subject to the stuck fault, while the remaining actuators are either subject to the LOE fault or are healthy. Using equations (4)(6) the model of th faulty agent that is subject to three types of actuator faults can be expressed as
(9)  
where , , , , , , denotes the th actuator effectiveness and fault severity factor, , , .
Considering the structure of the control law and the matrix , it follows that only the actuators to are available to be reconfigured. Therefore, to proceed with our proposed control recovery strategy the model (9) is rewritten as follows
(10)  
The main objective of the control reconfiguration or control recovery is to design and select such that the state consensus errors either remain bounded and , for , when , , and the environmental disturbances are attenuated for , where , , and is defined as in equation (1).
To develop our proposed reconfiguration control laws, a virtual auxiliary system associated with each agent is now introduced as follows
(11)  
where , and denote the state of the auxiliary system corresponding to the th agent, its control and output signals, respectively. Furthermore, the disagreement error for each auxiliary system is also defined as
(12) 
The auxiliary system that is defined in (11) is “virtual” and is not subject to actuator faults or disturbances, and hence it can be used as the reference model for designing the reconfigured control laws of the actual system (1) once it is subjected to actuator faults.
The performance index corresponding to the th healthy agent (1) and the th faulty agent (10) is now defined according to
(13)  
(14) 
where , and and represent the disturbance attenuation bounds. Based on the above definitions, the team performance index is now defined by . Under the control laws , , the performance index bound for the healthy team is attenuated if , . Furthermore, the performance index for the th faulty agent is attenuated if , , . It should be noted that the performance indices (13) and (14) are not and cannot be calculated directly as the disturbance is unknown and the aim of the proposed approach is to minimize the performance indices without directly calculating them.
We are now in a position to formally state the problem that we consider in this work.
Definition 1.
(a) The state consensus performance control problem for the healthy team is solved if in absence of disturbances, the agents follow the leader states and consensus errors converge to zero asymptotically, and in presence of disturbances, the prescribed performance bound for the healthy team is attenuated, i.e. .
(b) Under Assumptions 1 and 2, the performance control reconfiguration problem with stability is solved if in absence of disturbances the state consensus errors remain bounded
while the output of the faulty agent behaves the same as those of the healthy system outputs, and in presence of disturbances the disturbance attenuation bound is minimized and .
Iii Performance Cooperative and Distributed Control Reconfiguration Strategy
In this section, our proposed reconfigurable control law is introduced and developed. Since each agent only shares its information with its nearest neighbors, the reconfiguration control strategy also employs the same information as well as the agent’s FDI module information.
Consider the dynamics of the th faulty agent is given by (10). As defined above , with denoting the th faulty agent state and defined in (11), we let to denote the deviation of the output of the faulty agent from its associated auxiliary agent output. Then, the dynamics associated with can be obtained as
(15) 
Moreover, the faulty agent consensus error is defined as
(16) 
Lemma 1.
The faulty agent consensus error (16) is stable if and are asymptotically stable and is stabilized.
Proof. From the auxiliary error dynamics (15), one can express the state consensus error dynamics for the th faulty agent that is denoted by according to
Therefore if the control law can be reconfigured such that is stabilized then it follows that will be stable. This completes the proof of the lemma. ∎
The above lemma shows that stability of the faulty agent’s consensus error can be guaranteed by reconfiguring the control law such that is stable. This implies that one can transform the control reconfiguration problem to that of the stabilization problem. Consequently, in the next two subsections we consider the problem of stabilizing . However, as seen from (15), the dynamics of depends on the control of the healthy agents. Hence, before presenting our proposed control reconfiguration strategy, the control law for the healthy team (where it is assumed without loss of any generality that all the agents are healthy) is presented below.
In this work, the following general control law structure is utilized,
(17) 
which is the generalization of the one developed in [15] and is given by
(18) 
Remark 1.
The main challenge in developing the reconfigurable control law in multiagent system as compared to that in single agent is that in single agent control recovery the agent is redesigned its control law to maintain its stability. However, in multiagent system the agent should redesign its control law such that the entire team remains stable and loosing one agent can cause a disconnected network and failing the entire mission. The main difficulty in the design which is not the case in single agent is that each agent only share information with its nearest neighbours and communication channels are limited, so that the design should be performed using only local information.
The followings comments summarize the main characteristics of the control law (17) :
(1) In the control law (17) an agent employs and communicates only the auxiliary states that are unaffected by both disturbances and faults. In contrast in standard consensus control schemes such as (18) the actual states are employed and communicated from the nearest neighbor agents. Hence, the utilization of (17) avoids the propagation of the adverse effects of the disturbances and faults through out the team of multiagent systems. This along with the degrees of freedom in designing the control recovery laws allow us to manage the th faulty agent by only reconfiguring the control law of the faulty agent, and moreover it also provides us with the capability to recover simultaneous faults in multiple agents.
(2) The gain is designed such that the states of the th agent follow the states of its associated auxiliary agent, while the gain is designed such that the states of the auxiliary agents reach a consensus and follow the leader state. ^{1}^{1}1The states are virtual; however, since depends on the leader state, also depends on the leader state (which is available to only a very few follower agents in the network). Therefore, should be communicated between the neighboring agents.
(3) Each agent receives only the auxiliary agents states in its nearest neighbor set as opposed to their actual states that is conventionally required in standard multiagent consensus approaches.
(4) The control law (17) is shown subsequently to solve the consensus problem in a directed network topology that is subject to environmental disturbances, whereas the control law (18) solves the consensus problem in disturbance free environment and where the network topology is assumed to be undirected. The procedure for selecting and designing the gains of the control law (17) is provided in Theorem 2. Moreover, the structure of the proposed control law of this agent are provided in Figures 1 and 2.
Theorem 2.
The control law solves the performance state consensus problem in a team of follower agents whose dynamics are given by (1) and the leader dynamics that is given by (2), if and are selected as follows:
where is defined as in (12), , , , is defined as in (7), , , and finally the positive definite matrix is the solution to
and and are solutions to
where denotes the number of pinned agents, is the desired disturbance attenuation bound, , and ’s are the solutions to the inequalities
where denotes the upper bound of the leader control signal, i.e., for all .
Proof. The team reaches a consensus if . This goal is also achieved if agents’ controls are designed such that () and () for . This implies that the consensus achievement problem can be restated as the problem of asymptotically stabilizing and simultaneously.
In the following, first we discuss the stability criterion and disturbances attenuation for and in Parts A and B, respectively and then in Part C, we derive the conditions that satisfy the requirements for both Parts A and B that in fact solve the performance state consensus.
Part A: From (11) and (12), the dynamics of can be obtained as
(19) 
where , , , , . Let us select as , then the system (19) becomes
where and . Since the sgn function is discontinuous, in order to conduct the stability analysis of the system (LABEL:augmented_error_auxiliary), it is replaced with its differential inclusion (for more details refer to [24, 2]) representation as follows
where the operator is defined as in [24, 2] to investigate its Filipov solutions. Now, we require to define the Lyapunov function candidate to study the stability properties of the error dynamics system. For this purpose, let us select , as a Lyapunov function candidate for the system (LABEL:augmented_error_auxiliary_1), where . Also, let , so that the setvalued derivative of along the trajectories of the system (LABEL:augmented_error_auxiliary_1) is given by
Let , , and . Since is a scaler, , and one has
(23) 
Then by using the Holder’s inequality
(24)  
where is the th element of and we use the fact that . On the other hand, can be written as
(25) 
where
Let , then three cases can be considered depending on the value of as follows:
i) , then .
ii) , then . Since and , it follows that
and if , are designed such that , then
(26) 
iii) , then and . Therefore,
Again if , are designed such that, , then
(27) 
Let