A data-driven sensor fault-tolerant control scheme based on subspace identification

We study the sensor fault estimation and accommodation problems in a data-driven  ∞ setting, leading to a data-driven sensor fault-tolerant control scheme. First, we formulate the fault estimation problem as a finite-horizon minimax  ∞ -optimization problem in a data-driven setup, whose solution yields the fault estimate. The estimated fault is then used for output compensation. This compensated output and the experimental input are used to achieve certain control objectives in a data-driven  ∞ setting. Next, the data-driven  ∞ fault estimation and control problems are solved using a sub-space predictor-based approach. Finally, the proposed algorithm is applied to the steering subsystem of the remotely operated underwater vehicle.

directly for FTC purposes. These facts motivated us to consider the sensor FTC method in a data-driven setting. To this end, we propose a new data-driven subspace predictor-based  ∞ approach for the FTC problem. We first formulate the sensor fault estimation problem in a data-driven  ∞ set up. The estimated fault is then used for output compensation. This compensated output and the experimental input are then utilized to achieve certain control objectives in an  ∞ set up. Finally, the data-driven  ∞ fault estimation and control problems are solved using a subspace identification algorithm. The subspace identification algorithm proposed in References 10,11 forecasts the future plant output by past I/O data and decreases noise effects from data. The subspace identification algorithm assumes the availability of a large set of data samples and that the data is ergodic, and that input and noise are independent. This property is used in the subspace identification to reduce the effects of noise. 10 Our proposed methodology guarantees robustness against disturbance, and it can eliminate false positive alarms of detecting disturbances instead of faults. We apply the proposed approach to a remotely operated underwater vehicle (ROUV). A data-driven subspace predictor-based  ∞ approach for the sensor FTC problem in the presence of a disturbance, to the best of authors' knowledge, is not studied before.
A data-driven residual-based fault detection scheme is proposed in Reference 12, and it is applied to a wind turbine benchmark. The residual vectors are robust to disturbances. However, in Reference 12, the focus is on fault detection problems, and the fault estimation and FTC problems are not studied therein. A data-driven sensor fault detection method is presented in Reference 13, wherein a delay between each input/output pair is considered. Residual signals are utilized to detect different kinds of faults such as bias, drift, and precision degradation based on closed-loop I/O measurements. However, in comparison with our proposed method, the method presented in Reference 13 is not robust against disturbance, and an FTC scheme is not considered. Moreover, in our proposed methodology, fault isolation can be performed by simply estimating the fault, and there is no need to generate a residual vector to isolate the fault. As a consequence, our method has a less computational burden. A data-driven cooperative FTC scheme is designed in Reference 14 for multiple quadrotors with a virtual leader. The proposed scheme is based on a reinforcement learning algorithm. However, sensor faults are not studied therein, and the proposed method is also not robust to disturbances. A data-driven FTC problem for PID systems has been discussed in Reference 15. For fault detection purposes, the I/O model is derived in the fault-free case. Then an observer-based residual generator is proposed. The variance of the residual signal is then utilized for defining a threshold for fault detection purposes. When the fault is detected, a fault-tolerant compensation control scheme based on state estimation is designed for ensuring stability and minimizing reference tracking error of the PID system. The state is estimated directly from I/O data. The proposed method is extended to time-varying plants in Reference 16. An integrated data-driven FTC scheme using the configuration of Youla parameterization is introduced in Reference 17. This FTC scheme employs two observers. One of them is a scalar diagnostic observer for fault detection and isolation (FDI) purposes, while the other is used to enhance the system's performance when the fault occurs. There are two main differences between our work and Reference 17. First, the method presented in Reference 17 is adaptive, and it does not consider disturbance. Second, in Reference 17, two residuals must be designed to achieve control and fault detection objectives. In addition, for tracking purposes, a prefilter is required therein in a fault-free case. On the contrary, there is no need to design an observer, residuals, or a prefilter in our proposed method. As a result, our proposed method is computationally efficient compared with Reference 17. A recursive algorithm is proposed in Reference 18 for updating the subspace predictor's matrices. There are two main differences between our work and Reference 18. First, no disturbance is considered therein. Second, the method proposed therein neither detect nor isolate or estimate the fault, whereas our method can detect, estimate and isolate the fault(s) in the presence of disturbance. Therefore, in contrast with Reference 18, our work not only solves the FTC problem but also solves a data-driven FDI problem.
In summary, the main contributions of our article can be enlisted as: (i) Since only I/O data is required for fault estimation and FTC schemes, the method proposed in this article is well-suited to various industrial processes, which are not amenable to empirical models. (ii) In contrast with other data-driven methods, 14,17,18 to the best of the authors' knowledge, for the first time, the data-driven sensor FTC problem is formulated as an  ∞ control problem. Studying the data-driven FTC problem in an  ∞ setup offers the plausibility of considering the  2 disturbances as exogenous inputs, which guarantees that our fault estimation and FTC schemes are robust against disturbances, and eliminates false positive alarms of detecting disturbances instead of faults. (iii) Designing FTC techniques with FDI capabilities is a vital and challenging task in many practical applications. 19 It is further emphasized that designing FTC schemes with FDI capabilities becomes much more challenging in the presence of process and measurement disturbances. 20 To the best of the authors' knowledge, existing data-driven FTC techniques do not include FDI schemes. Nevertheless, some of them, References 15-17, employ a residual vector for fault detection purposes but do not provide fault isolation. Fault isolation is necessary because, in its absence, the feedback controller may compensate the effect of faults and therefore effectively hide them Reference 21. By contrast, we propose fault estimation that allows us to detect the fault and isolate it. Therefore, our data-driven FTC scheme also includes FDI capabilities, which is a significant contribution. Now, we point out that in our recent work, 22 the simultaneous fault detection and control (SFDC) problem is solved in a data-driven  ∞ setting. The main objective of the SFDC problem is to achieve specific control objectives while fulfilling some detection objectives simultaneously. However, the SFDC scheme does not have fault compensation capabilities, which is a significant problem from a practical point of view. It can be seen from [ 22, figure 5] that the SFDC approach cannot compensate the fault between samples 2000 and 2600, and the effect of the fault persists on the output. Therefore, the FTC problem studied here is different from the SFDC problem studied in Reference 22.
The method proposed in this article, nevertheless, has some limitations. First, the input signal needs to be persistently exciting. Second, our proposed method applies to linear time-invariant (LTI) systems. Therefore, to apply our algorithm, a nonlinear system must be excited to validate its linearization around an operating point. Moreover, nonlinear systems, in general, have various operating points. Therefore, the amplitude of the input signal should be small enough to ensure that it may not change a certain chosen operating point to another. Third, the subspace identification algorithm is suitable with an extensive dataset, which is no more a restriction nowadays with increasing computational resources.
This article unfolds as follows. In Section 2, the problem formulation is provided along with some preliminary results. Section 3 provides the main results. In Section 4, the proposed algorithm is applied to ROUV. Concluding remarks are given in Section 5.
The notation used in this article is standard: A T denotes the transpose of a matrix A. I denotes the identity matrix of a compatible dimension. For two symmetric matrices A and B, A ≽ B implies that A − B is a positive semidefinite matrix, and A ≻ B implies that A − B is a positive definite matrix. We denote the space of real rational, stable, and proper transfer matrices by  ∞ . The minimal state-space realization of a transfer function matrix Ω is denoted by the bold symbol . The finite-horizon  ∞ -gain from an exogenous input a to regulated output b is denoted by

Consider the LTI system described by
where x ∈ R n , u ∈ R n u , y ∈ R n y , and d ∈ R n d denote the state, the input, the output, and the disturbance, respectively. The sensor fault is denoted by f ∈ R n f , and it is assumed to be unknown. The process and measurement noises are denoted by e ∈ R n and ∈ R n y , respectively. These noise sequences are assumed to be normally distributed and white. Moreover, it is assumed that they are statistically independent of the input and the initial condition. A, B, B, C, D, and D represent constant and unknown matrices of appropriate dimensions. We refer system G as a fault-free or healthy system if f ≡ 0. The pair (A, B) is assumed to be stabilizable and the pair (C, A) is assumed to be detectable. Defining the exogenous input w ∈ R n u +n d +n f as F I G U R E 1 Schematic of a sensor fault-tolerant control system the inputs u, d, and f in system G can be expressed as A general schematic of the FTC system is given in Figure 1.
The purpose of fault estimation problem is to obtain an estimatef ∈ R n f fulfilling some prespecified fault detection objectives. This objective can be captured by the detection performance measure where f = Ω f f . The diagonal proper stable transfer function matrix Ω f captures frequency information of the fault f. 23 Given the input and output data from the healthy plant and > 0, the data-driven sensor fault estimator problem in an  ∞ set up is to selectf such that ||T zw || ∞ ≤ .
Note that the estimated faultf is considered as a virtual control input in the formulated  ∞ set up, so its magnitude should be limited. Therefore, the performance measure ẑf is defined in order to achieve reasonable control effort for the virtual control signalf and is given by where the transfer function matrix Ω̂f is assumed to be proper and stable. Then we can define the unified performance measure z for detection purposes as We can now formulate the fault estimation problem as a minimax  ∞ -optimization problem in a data-driven setup as follows: Problem 1. Let the input and output data of the healthy plant (i.e., plant G with f ≡ 0) and > 0 is available. Compute the fault estimatef such that where the cost function J is defined by where denotes the finite-horizon length. The estimated faultf is then used to generate a corrected output y −f to compensate the effect of the sensor fault f on the faulty output y.
The fault-tolerant controller can now be obtained by solving a data-driven  ∞ control design problem: given the input data and corrected output and c > 0, determine the control sequence u such that the ||T z c r || ∞ ≤ c , where r ∈ R n y is the reference signal. Solving this control problem results in a controller that achieves some predefined control objectives. We now introduce a performance measure z c for control purposes as where Ω r and Ω u are appropriate proper stable transfer function matrices.
We can now formulate the sensor FTC problem as a minimax  ∞ -optimization problem in a data-driven setup as follows: Problem 2. Given input data and the corrected output data and c > 0, find the control u such that where the cost function J c is defined by Here, i c denotes the finite-horizon length.
The solutions of the Problems 1 and 2 are discussed in Section 3. These solutions are based on a subspace predictor proposed in References 10,11. We next provide an overview of the subspace predictor-based design methodology.

Subspace predictor-based design
The main purpose of a subspace predictor is extrapolation of future plant I/O behaviour from past I/O data to solve Problems 1 and 2. The subspace predictor design methodology is described as follows: Let , , and represent present, past and future time indices, respectively. If we are given with the future inputs {⃗ u} + −1 and the past data Λ [ ], then the subspace predictor design problem is to determine Υ w , Υ u to estimate the future output where i is the horizon of prediction and Suppose that the input-output data from the following fault-free system without disturbance is available as follows: In order to determine Υ w , Υ u , we arrange (12) in the form of the following Hankel matrices: where j = N − 2 + 1. We aim at finding a predictor that optimizes the j prediction problems simultaneously in the least squares sense. The solution can be obtained by minimizing the following norm: For finding Υ w and Υ u , the QR decomposition can be employed as follows. First, the following QR-decomposition is computed: In the subspace predictor design methodology presented above, the disturbance effect is not considered, but in this article, we assume that the data is collected from the system affected by disturbance. Then, an estimate of future output can be modified as Note that we do not explicitly require to determine Υ d because the effect of Υ d { ⃗ d} + −1 can be attenuated by tuning a certain transfer function matrix, which will be explained in the following section.

MAIN RESULTS
This section proposes a solution to the estimation and control problems, that is, Problems 1 and 2, respectively, based on the subspace predictor-based algorithm introduced in Section 2.1. Figure 2 shows the setup for data-driven  ∞ fault estimator. The future output estimate y h in Figure 2 is generated by the subspace prediction algorithm using the input and output data from the healthy system, whereas the signalf in Figure 2 is generated by the fault estimator unit by minimizing the combined detection measure z. To this end, the transfer function matrices Ω f , Ω̂f , and Ω d are assigned to represent the fault estimation objectives. Ω d is usually a low pass filter. By tuning Ω d , the effect of disturbance, modeled by Υ d D on fault estimatef , is attenuated. The transfer function matrix Ω̂f is usually a diagonal matrix used for tuning the amplitude of the estimated fault. Larger Ω̂f leads to a smaller amplitude for the estimated fault and vice versa. The transfer function matrices Ω d , Ω f , and Ω̂f can be written in the following minimal realization state-space form: As shown in Figure 3, the output of fault estimator unit, that is,f is used to correct the system's output. The corrected output y −f , and the input u are then used by controller unit to generate the signal u in order to satisfy control objectives by minimizing z c . To this end, the transfer function matrices Ω r and Ω u are assigned. Ω r is usually a low pass filter. On the other hand, Ω u is usually chosen a high pass filter. The transfer function matrices Ω r and Ω u have following minimal realization state space form: Gathering the I/O data from (7)- (19), we arrive at

F I G U R E 3 Data-driven controller
Letting the subscript j denote f , d,f , r, and u, Γ j 's in Equations (22)-(25) are given as , and the lower triangular Toeplitz matrix H d in (22) are given as Let us define where  u is a diagonal matrix with  1 elements on its original diameter.
The following lemma will be useful in proving our main results.
. (28) Note that (28) can be written as Now we are ready to provide our main results.  (4), is given bŷ provided that Proof. Let the input and output data from the unknown healthy plant (i.e., plant G with f ≡ 0) and y h extrapolated by a subspace predictor, are available. Substituting (23) and (24) into (3) yields Substituting (32) into (5) results in where stands for f , d, andf . Therefore, the Problem 1 boils down to where Proof. Let the input and output data from the unknown faulty plant G and the fault estimatef from Theorem 1 are available. Substituting (25) and (26) into (6) yields Substituting (39) into (8) results in where where stands for r, u. It should be noted that Next u opt can be written as (36) using (29). The sufficient optimality condition demands that m eigenvalues of the Hessian matrix must be positive and remaining n y i eigenvalues must be negative. 11 Using Schur decomposition, the Hessian can be written as For maximization over r and minimization over u, m eigenvalues of the matrix must be positive, and the remaining n y eigenvalues must be negative. Since M 3 ≻ 0, and M 3 ∈ R n u ×n u , therefore, The proof is complete. ▪ The Algorithm 1 sums up the suggested methodology for data-driven  ∞ sensor FTC system.

Algorithm 1. Data-driven  ∞ Sensor FTC Design
Gather the input and output data from the fault-free system G. Construct Hankel matrices U , Y , U , Y as in (13). Construct Λ as in (14). Calculate Υ w and Υ u using (16). Select the transfer function matrix Ω j (j symbolizes f , d,f , r, u).

APPLICATION TO ROUV
In this section, we provide a practical application of our proposed algorithm to a ROUV. The ROUV has recently been a benchmark system for studying fault detection and control design; see  In ROUV, faults can occur in the depth sensor, ground speed sonar, altitude and frontal sonar, global positioning system, vision system, baseline acoustic, compass, current meter, and vision system. 28 A fault-tolerant scheme is strongly motivated to safely recover the compromised ROUV because no choice is available for turning off the power or applying some braking mechanism in case of a fault.
Next, we apply our Algorithm 1 to the steering subsystem of an ROUV. The discretized parameters of the steering control subsystem, taken from Reference 26, are given by where x = [ , r, , r ] T , u = rd , y = ; is the absolute position in Y plane, r is the angular velocity in Z plane, is the orientation with respect to Z plane, r and rd are the actual and demanded deflection of the rudder in degrees, respectively. The I/O measurement data is obtained from the fault free systems (i.e., system (43) with f ≡ 0) with sampling rate 100 Hz, i = 30, and N = 1059. We choose the transfer function matrices as , Ω f = 11 (0.6s + 10) , , Ω u = 0.1s + 0.05 5s + 250 , which are discretized when applying Algorithm 4.1. Figure 4(A) shows that the fault f happens between the samples 2000 and 2600, and the disturbance, d, occurs between the samples 1000 and 1300. Equation (31) is satisfied for ≥ 0.2. Therefore, we choose = 0.7 to achieve the fault detection objectives. Equation (37) is satisfied for c ≥ 0.5. Therefore, we choose c = 0.8 is to achieve control objectives. We choose a step function as a reference input. Figure 4(B) shows the fault estimate. As shown in Figure 4(B), the estimated fault is in good agreement with the fault that occurred.  Figure 5(B) shows the output of our proposed FTC system. It is evident from Figure 5(B) that the effect of disturbance and fault on the output is almost eliminated and good reference input tracking is obtained.
In Figure 6(A), the tracking performance and robustness of the FTC system against fault and disturbance are demonstrated. As evident from Figure 6(A), the error is approximately equal to zero most of the time; its amount is limited when the fault and disturbance occur. Figure 6(B) shows the control effort. It can be observed in Figure 6(B) that the control effort is reasonable. Figure 7 shows the effect of choosing Ω d on the output of our proposed FTC system. In this figure, the output of the FTC system is plotted for three different choices of Ω d , that is, Ω d1 = 10 (0.1s+100) , Ω d2 = 1 (s+1) , Ω d3 = 10 (10s+1) . As shown in Figure 7, Ω d can be tuned effectively to reduce the effect of disturbances on the output.
Model-based fault estimation and accommodation of ROUV subject to sensor faults have been studied in Reference 26. However, the complex modeling process poses difficulty in accurately determining the system parameters, or finding them may be expensive. By contrast, our method is data-driven and it does not require information about the system parameters. Moreover, our application also covers reference tracking and reasonable control effort that were not considered in Reference 26. It can also be observed from [ 22, figure 5] that between samples 2000 and 2600, the SFDC approach based on subspace identification proposed in our recent work is not tolerant to faults. However, it can be seen from Figure 5(B) that the effect of fault is eliminated. Therefore, the FTC problem proposed here is robust against sensor faults.

F I G U R E 7
The effect of Ω d on the fault-tolerant control system output Note that our method is based on the subspace identification algorithm, which requires a large set of data samples. It also requires the data to be ergodic, and input and noise to be independent to remove the effects of noise; as evident from Figures 4(B), 5(B), and 6(A) that the effect of noise is attenuated on the estimated fault, the FTC output, and tracking error, effectively. Fortunately, in modern practical systems, a large amount of data is usually available due to increasing computational resources, so obtaining a large dataset is not a hurdle. For applying our algorithm to practical applications, it is also required that the input signal is persistently exciting.

CONCLUDING REMARKS
The article proposes a data-driven sensor FTC system using linear subspace predictors. The sensor fault estimation problem is formulated in an  ∞ setting, where the fault estimate is considered a virtual control input. The subspace predictor estimates the healthy plant output from experimental I/O data to solve the fault estimation problem. The sensor fault estimate is then used to generate a corrected output for FTC purposes. The FTC output is obtained using the corrected output and satisfying some control objective in an  ∞ based control setup.
Since the data-driven FTC problem is formulated as an  ∞ control problem, the proposed fault estimation and FTC schemes guarantee robustness against disturbances, and they can eliminate false positive alarms of detecting disturbances instead of faults. The proposed method has less overall complexity than other data-driven methods because it does not require generating a residual for fault detection and provides a simpler algorithm that is easy to implement. Therefore, our proposed method is better suited for practical applications in terms of implementation and robustness guarantees.
The methodology proposed in this article, nevertheless, has some limitations. First, the input signal needs to be persistently exciting. Second, the proposed method applies only to LTI systems. Therefore, a nonlinear system must be excited so that its linearization is valid around an operating point, and the amplitude of the input signal should be small enough to ensure that it may not change a certain chosen operating point to another.
We plan to extend the proposed data-driven FTC problem to cover the actuator and component faults. Extending the proposed method for nonlinear systems also seems an interesting future research direction to explore. We also aim at formulating the data-driven fault estimation and fault-tolerant problems in a mixed  2 ∕ ∞ setting to guarantee robustness against both disturbance and noise.

CONFLICT OF INTEREST
The authors declare that they have no conflicts of interest to this work.

DATA AVAILABILITY STATEMENT
No data is available.