基于Multi-agent的实时系统运行故障监控研究

软件密集型装备中常常包含着许多担负监测和控制作用的嵌入式实时系统,它们常常属于安全关键或者任务关键系统(safety-critical/mission-critical system)。为了能够有效解决该类系统中的软件故障检测、诊断与修复任务,本文提出了基于Multi-agent的实时系统运行故障监控框架,旨在利用在多agent的协作构建运行故障监控系统来在系统运行当中验证系统是否满足时序逻辑描述的性质规约,并采用具体的算法进行故障定位和修复。     

A practical approach to programming with assertions

Embedded assertions have been recognized as a potentially powerful tool for automatic runtime detection of software faults during debugging, testing, maintenance and even production versions of software systems. Yet despite the richness of the notations and the maturity of the techniques and tools that have been developed for programming with assertions, assertions are a development tool that has seen little widespread use in practice. The main reasons seem to be that (1) previous assertion processing tools did not integrate easily with existing programming environments, and (2) it is not well understood what kinds of assertions are most effective at detecting software faults. This paper describes experience using an assertion processing tool that was built to address the concerns of ease-of-use and effectiveness. The tool is called APP, an Annotation PreProcessor for C programs developed in UNIX-based development environments, APP has been used in the development of a variety of software systems over the past five years. Based-on this experience, the paper presents a classification of the assertions that were most effective at detecting faults. While the assertions that are described guard against many common kinds of faults and errors, the very commonness of such faults demonstrates the need for an explicit, high-level, automatically checkable specification of required behavior. It is hoped that the classification presented in this paper will prove to be a useful first step in developing a method of programming with assertions     

Control performance‐based fault detection and fault‐tolerant control schemes for a class of nonlinear systems

The objective of this paper is to develop performance‐based fault detection (FD) and fault‐tolerant control (FTC) schemes for a class of nonlinear systems. To this end, the representation forms of nonlinear systems with faults and the controller parameterization forms are studied first with the aid of the nonlinear factorization technique. Then, based on the stable kernel representation and the stable image representation of the faulty nonlinear system, the stability performance of the closed‐loop system is addressed, respectively. The so‐called fault‐tolerant margin is defined to evaluate the system fault‐tolerant ability. On this basis, two performance‐based FD schemes are developed aiming at detecting the system performance degradation caused by system faults. Furthermore, to recover the system stability performance, two performance‐based FTC strategies are proposed based on the information provided by the FD unit. In the end, a numerical example and a case study on the three‐tank system are given to demonstrate the proposed results.     

Induction machine fault detection using clone selection programming

A clonal selection programming (CSP)-based fault detection system is developed for performing induction machine fault detection and analysis. Four feature vectors are extracted from power spectra of machine vibration signals. The extracted features are inputs of an CSP-based classifier for fault identification and classification. In this paper, the proposed CSP-based machine fault diagnostic system has been intensively tested with unbalanced electrical faults and mechanical faults operating at different rotating speeds. The proposed system is not only able to detect electrical and mechanical faults correctly, but the rules generated is also very simple and compact and is easy for people to understand, This will be proved to be extremely useful for practical industrial applications.     

A generalized fault simulator for combinational logic circuits

A generalized approach to the design of fault simulator using a library of simulation primitives is presented in this paper. A comprehensive set of simulation primitives has been developed using C programming language on the IBM PC. This library of simulation primitives has been used in realizing a fault simulator for automatic test pattern generation in combinational logic circuits. The fault simulator employs a combination of random pattern generation, concurrent fault simulation and the FAN algorithm for generating the complete set of test vectors to cover all the faults in the fault dictionary of the circuit under test. The library of simulation primitives is general enough to facilitate the development of fault simulators using any other test algorithms such as DALG or PODEM.     

Comments analysis and programming errors

Software validation is treated as the problem of detecting errors that programmers make during the software development process. This includes fault detection, in which the focus is on techniques for detecting the occurrence of local errors that result in well-defined classes of program statement faults. It also includes detecting other kinds of errors, such as decomposition errors. The main focus of the work is on a decomposition-error analysis technique called comments analysis. In this technique, errors are detected by analyzing special classes of program comments. Comments analysis has been applied to a variety of systems, including a data-processing program and an avionics real-time program. The use of comments analysis for sequential and concurrent systems is discussed, and the basic features of comments analysis tools are summarized. The relationship of comments analysis to other techniques, such as event sequence analysis, is discussed, and the differences between it and earlier work are explained     

Integrated fault detection and control for two‐dimensional Markovian jump systems

This paper is concerned with the problem of integrated fault detection and control for a class of two‐dimensional (2D) discrete‐time Markovian jump systems. The mathematical model of 2D Markovian jump systems is established upon the well‐known Roesser model, and a faults detection filter/controller is proposed to detect faults and meet some control specifications simultaneously. In this strategy, it takes into account both the fault detection objective and the control objective simultaneously through certain performance levels. The integrated design problem is then formulated as a multi‐objective optimization problem, which is nonconvex in essence. Furthermore, a two‐step algorithm is developed to solve this nonconvex problem. Sufficient conditions for existence of the desired fault detection filter/controller are established in terms of LMIs. A numerical example is used to demonstrate the effectiveness of the proposed method.     

Prioritizing test cases for early detection of refactoring faults

Refactoring edits are error‐prone, requiring cost‐effective testing. Regression test suites are often used as a safety net for decreasing the chances of behavioural changes. Because of the high costs related to handling massive test suites, prioritization techniques can be applied to reorder test case execution, fostering early fault detection. However, traditional prioritization techniques are not specifically designed for detecting refactoring‐related faults. This article proposes refactoring‐based approach (RBA), a refactoring‐aware strategy for prioritizing regression test cases. RBA reorders an existing test sequence, using a set of proposed refactoring fault models that define the refactoring's impact on program methods. Refactoring‐based approach's evaluation shows that it promotes early detection of refactoring faults and outperforms well‐known prioritization techniques in 71% of the cases. Moreover, it prioritizes fault‐revealing test cases close to one another in 73% of the cases, which can be useful for fault localization. Those findings show that RBA can considerably improve prioritization of test cases during perfective evolution, both by increasing fault‐detection rates as well as by helping to pinpoint defects introduced by an incorrect refactoring. Copyright © 2016 John Wiley & Sons, Ltd.     

一种中间件服务容错配置管理方法

提出一种基于运行时刻软件体系结构的容错管理方法,支持开发者和管理员针对不同中间件服务失效定制合适的故障检测和修复机制.首先,运行时刻软件体系结构自动构造构件依赖视图和错误传播①视图,为理解和分析整个系统的可靠性提供全局视图;然后,操作运行时刻软件体系结构配置容错机制;最后利用AOP技术将容错机制插装到中间件中,使其具备指定的容错能力.上述过程在一个可视化工具的辅助下半自动实施,并在J2EE中间件上得到验证.     

Implementing atomic actions in Ada 95

Atomic actions are an important dynamic structuring technique that aid the construction of fault-tolerant concurrent systems. Although they were developed some years ago, none of the well-known commercially-available programming languages directly support their use. This paper summarizes software fault tolerance techniques for concurrent systems, evaluates the Ada 95 programming language from the perspective of its support for software fault tolerance, and shows how Ada 95 can be used to implement software fault tolerance techniques. In particular, it shows how packages, protected objects, requeue, exceptions, asynchronous transfer of control, tagged types, and controlled types can be used as building blocks from which to construct atomic actions with forward and backward error recovery, which are resilient to deserter tasks and task abortion     

Graceful degradation in algorithm-based fault tolerantmultiprocessor systems

Algorithm-based fault tolerance (ABFT) is a technique which improves the reliability of a multiprocessor system by providing concurrent error detection and fault location capability to it. It encodes data at the system level and modifies the algorithm to operate on the encoded data in order to expose both transient and permanent faults in any processor. Work done till now in this area takes care of only the fault detection and location part of the problem. However, if spare processors are not available, then after a faulty processor has been located, the work initially assigned to it has to be mapped to some nonfaulty processors in the system in such a way that the fault tolerance capability of the system is still maintained with as small a degradation in performance as possible. In this paper, we propose an integrated deterministic solution to the above problem which combines concurrent error detection and fault location with graceful degradation. There exists no previous deterministic ABFT method for the design of general t-fault locating systems, even for the case of t=1. We propose a general method for designing one-fault locating/s-fault detecting systems. We use an extended model for representing ABFT systems. This model considers the processors computing the checks to be a part of the ABFT system, so that faults in the check computing processors can also be detected and located using a simple diagnosis algorithm, and the checks can be mapped to other nonfaulty processors in the system     

Adaptive fault tolerant control for a class of uncertain fractional‐order systems based on disturbance observer

In this paper, a class of fractional‐order nonlinear systems are considered in the presence of actuator faults. A novel fault tolerant control scheme based on disturbance observer has been presented, where the actuator faults are considered as the system disturbance and can be approximated by the proposed disturbance observer. The developed fault tolerant control guarantees the convergence of the closed‐loop system and the output tracking performance. Finally, a simulation example is presented to verify the effectiveness of the new method.     

Fault‐tolerant reference generation for model predictive control with active diagnosis of elevator jamming faults

This paper focuses on the longitudinal control of an Airbus passenger aircraft in the presence of elevator jamming faults. In particular, in this paper, we address permanent and temporary actuator jamming faults using a novel reconfigurable fault‐tolerant predictive control design. Due to their different consequences on the available control authority and fault duration, the above 2 actuator jamming faults need to be distinguished so that appropriate control reconfigurations can be adopted accordingly. Their similarity in symptoms, however, prevents an effective discrimination of the root cause of the jamming when using only a passive fault‐diagnosis approach. Hence, we propose the use of model predictive control (MPC) as a fault‐tolerant controller to actively help the fault‐detection (FD) unit discriminate between a permanent and a temporary jamming fault, while ensuring the performance of the aircraft. The MPC controller and the FD unit closely interact during the detection and diagnosis phases. In particular, every time a fault is detected, the FD module commands the MPC controller to perform a predefined sequence of reconfigurations to diagnose the root cause of the fault. An artificial reference signal that accounts for changes in the actuator operative ranges is used to guide the system through this sequence of reconfigurations. Our strategy is demonstrated on an Airbus passenger aircraft simulator.     

Framework of a multitasking C++ based programming environment MCPE

Development of integrated programming environments has faced two problems: response degression, with an incresing execution delay when more tools have been included in an environment, and poor extensibility, with difficulties in adding new tools to an environment. Framework of a multitasking C++ based programming environment MCPE has been presented here for solving these problems. MCPE contains several concurrent tasks (processes): one of them is interacting with the user and the others are simultaneously doing their jobs. Process scheduling and concurrency control in MCPE have been carefully designed: response time is then reduced, and unnecessary computations are avoided. An event-driven serving model providing flexible task communications eases the addition of tools. Shared data stores have been defined as monitor types with no nested monitor calls in preventing deadlock. Consistency among the tasks has also been assured. A prototype has also been presented to show feasibility.     

Fault detection and accommodation via neural network and variable structure control

This paper proposes a novel idea that classifies faults into two different kinds: serious faults and small faults, and treats them with different strategies respectively. A kind of artificial neural network (ANN) is proposed for detecting serious faults, and variable structure (VS) model-following control is constructed for accommodating small faults. The proposed framework takes both advantages of qualitative way and quantitative way of fault detection and accommodation. Moreover, the uncertainty case is investigated and the VS controller is modified. Simulation results of a remotely piloted aircraft with control actuator failures illustrate the performance of the developed algorithm.     

数字电路并发差错检测的新概念

并发差错检测是提高数字电路与系统可信的重要技术。文中建立了一种基于并发差错检测电路的结构模型。它由实现电路基本功能的基本功能模块和实现电路并发差错检测功能的检测器部分联所构成;提出了表征基于部分自校验概念的并发差错检测机制的一组新概念：精简强故障保险、精简强变量分离、精简强自校验、ｋ－容错精简强故障保险、ｋ－容错精简强变量分离和ｋ－容错精简强自校验,并研究了数字电路并发差错检测的主要概念之间的关系     

Fault detection and accommodation via. neural network and variable structure control

This paper proposes a novel idea that classifies faults into two different kinds： serious faults and small faults, and treats them with different strategies respectively. A kind of artificial neural network （ANN） is proposed for detecting serious faults, and variable structure （VS） model-following control is constructed for accommodating small faults. The proposed framework takes both advantages of qualitative way and quantitative way of fault detection and accommodation. Moreover, the uncertainty case is investigated and the VS controller is modified. Simulation results of a remotely piloted aircraft with control actuator failures illustrate the performance of the developed algorithm.     

Integrated fault detection and control for LPV systems

This paper studies the integrated fault detection and control problem for linear parameter‐varying systems. A parameter‐dependent detector/controller is designed to generate two signals: residual and control signals that are used to detect faults and simultaneously meet some control objectives. The low‐frequency faults and certain finite‐frequency disturbances are considered. With the aid of the newly developed linearization techniques, the design methods are presented in terms of solutions to a set of linear matrix inequalities. A numerical example is given to illustrate the effectiveness of the proposed methods. Copyright © 2008 John Wiley & Sons, Ltd.     

Sensor and actuator fault diagnosis of systems with discrete inputs and outputs

The paper describes a method for detecting and identifying faults that occur in the sensors or in the actuators of dynamical systems with discrete-valued inputs and outputs. The model used in the diagnosis is a stochastic automaton. The generalized observer scheme (GOS), which has been proposed for systems with continuous-variable inputs and outputs some years ago, are developed for discrete systems. This scheme solves the diagnostic problem as an observation problem, which is set up here for discrete-event systems. As the system under consideration is described by a stochastic automaton rather than a differential equation, the mathematical background and the diagnostic algorithms obtained are completely different from the well-known observers developed for continuous-variable systems. The GOS is extended here by a fault detection module to cope with plant faults that are different from actuator or sensor faults. The diagnostic algorithm consists of two steps, the first detecting the existence of a fault and the second isolating possible sensor or actuator faults or identifying plant faults. The results are applied to quantized systems whose discrete inputs and outputs result from a quantization of the continuous-variable input and output signals. Experimental results illustrate the proposed diagnostic method.     

Sensor‐fault tolerance using robust MPC with set‐based state estimation and active fault isolation

In this paper, a sensor fault‐tolerant control scheme using robust model predictive control (MPC) and set‐theoretic fault detection and isolation (FDI) is proposed. The robust MPC controller is used to control the plant in the presence of process disturbances and measurement noises while implementing a mechanism to tolerate faults. In the proposed scheme, fault detection (FD) is passive based on interval observers, while fault isolation (FI) is active by means of MPC and set manipulations. The basic idea is that for a healthy or faulty mode, one can construct the corresponding output set. The size and location of the output set can be manipulated by adjusting the size and center of the set of plant inputs. Furthermore, the inputs can be adjusted on‐line by changing the input‐constraint set of the MPC controller. In this way, one can design an input set able to separate all output sets corresponding to all considered healthy and faulty modes from each other. Consequently, all the considered healthy and faulty modes can be isolated after detecting a mode changing while preserving feasibility of MPC controller. As a case study, an electric circuit is used to illustrate the effectiveness of the proposed scheme. Copyright © 2016 John Wiley & Sons, Ltd.