Table Of ContentN93-25968
An Architecture for Object-Oriented Intelligent
Control of Power Systems in Space
Sven G. Holmquist, Prakash Jayaram, and Ben H. Jansen
Department of Electrical Engineering
University of Houston, Houston, TX
A control system for autonomous distribution and control of electrical power during space
missions is being developed. This system should free the astronauts from localizing faults
and reconfiguring loads if problems with the power distribution and generation components
occur.
The control system uses an object-oriented simulation model of the power system and first-
principle knowledge to detect, identify, and isolate faults. Each power system component
is represented as a separate object with knowledge of its normal behavior. The reasoning
process takes place at three different levels of abstraction: the Physical Component Model
(PCM) level, the Electrical Equivalent Model (EEM) level, and the Functional System Model
(FSM) level, with the PCM the lowest level of abstraction and the FSM the highest. At the
EEM level the power system components are reasoned about as their electrical equivalents,
e.g, a resistive load is thought of as a resistor. However, at the PCM level detailed knowledge
about the component's specific characteristics is taken into account. The FSM level models
the system at the subsystem level, a level appropriate for reconfiguration and scheduling.
The control system operates in two modes, a reactive and a proactive mode, simultaneously.
In the reactive mode the control system receives :measurement data from the power system
and compares these values with values determined through simulation to detect the existence
of a fault. The nature of the fault is then identified through a model-based reasoning process
using mainly the EEM. Compound component models are constructed at the EEM level and
used in the fault identification process. In the proactive mode the reasoning takes place at
the PCM level. Individual components determine their future health status using a physical
model and measured historical data. In case changes in the health status seem imminent the
component warns the control system about its impending failure. The fault isolation process
uses the FSM level for its reasoning base.
1 Introduction
made fast, often without the help of experienced
control room operators, and often relying on in-
Complete information.
Failure to provide a reliable, uninterrupted sup- Knowledge-based (or intelligent) control sys-
ply of electrical power under all circumstances tems have the ability to make decisions, and
may doom space missions. In case of impend- the capability to learn, and therefore seem ide-
ing or actual failures, decisions will have to be ally suited for the operation of complex systems
made about rescheduling load demand and/or such as electric power plants and distribution
reconfiguring the power generation and distri- systems. However, practical applications of in-
bution system. These decisions will have to be
75
PRE_O6"i'3 PT_i_E BLANK F'.OT FILMED
telligent controllers are rare, and appear to be approach models the causal and functional re-
based on control strategies that use prewired lationships by inheritance and message passing
solutions to a collection of potential problems, mechanisms, and the part-of or component hi-
and/or use a supervisory planning approach to erarchy [7]. Furthermore, objects are complete
failure recovery. As a consequence, these sys- functional units that lend themselves to paral-
tems have no way to deal with unanticipated, lel implementations more easily than rule-based
or multiple simultaneously occurring faults, and approaches, which is important for real-time ap-
they have little or no capability to adapt to plications.
changing environments or to learn from past ex-
A fairly small number of applications of
periences.
object-oriented programming techniques for the
We are working on overcoming these afore- intelligent control of power systems have been
mentioned limitations by developing an intelli- published [1, 2, 6, 9], with the prototypical sys-
gent control system that uses quantitative and tem for event diagnosis and operation planning
qualitative system models based on an object- described in [3] being most closely related to
oriented representation of the components of our own work. However, it is unclear how much
the physical system to be controlled. The this system relies on reasoning from first prin-
object-oriented representation decentralizes in- ciples (if it uses that concept at all), nor does it
telligence by equipping each component with seem to have progressed bcyond its first proto-
knowledge about how to detect its impending type state. Notwithstanding this criticism, [3]
failure, and how to act in case of failure. This clearly shows that object-oriented, model-based
reduces the time required to detect faults when methods are indeed advantageous for problems
compare d to an approach relying on a single in control. The theory of model-based reason-
central fault detector. Furthermore, the object- ing is explained by Kuipers [5]. Model-based
oriented representation can be implemented in systems are especially useful in the diagnosis of
a parallel computer, leading to even shorter re- multiple faults as shown in [4]. Also, it is argued
sponse times. The intelligent controller will use in [4] that diagnosing faults at multiple levels
these models to explore the "optimal" control of abstraction, starting with the most abstract
actions to modify the system performance or level ' and examining the less :abstract levels
operation. Also, by equipping the model com- only when there is reason to suspect it, makes
ponents with knowledge about their behavior the generation of candidate solutions more effi-
(e.g., a resistor will "know" how its temperature cient.
will rise in response to the voltage and current
applied to it), and with memory (e.g., a record
of its temperature for the last hour or so), proac-
2 Architecture of the pow-
tire autonomous control can be achieved, even
with incomplete sensor data. er system simulator and
Expert systems have been applied to the controller.
power engineering area before (see [10] for a
review), but few such system are beyond the
demonstration phase, and all were developed for Our work is based on a multi-level model of
large-scale, interconnected systems. The most the system, with intelligence built in at each
promising approaches involve the use of object- level in the sense that each component can rea-
oriented techniques because an object-oriented son about its real-world state, as opposed to
a higher level intelligence that reasons about
76
PHYSICAL SYSTEM
J_
COMMANDS SENSOR DATA
CONTROL SYSTEM _
Scheduling and _ I/O-INTERFACE Fault Detection I
Fault ,si;tion _ and ,deification I
....._--....._,_,:..:;_---::._,...:-;_-.-:- ,_.,
' " .o I "11'
.o I" "'" "°1 ',
:,,
I
INTELLIGENT MODELING SYSTEM
Figure 1: Overview of the architecture o/the model-based, object-oriented control system.
all the "dumb" lower level objects. Also, the straction, one finds the Electrical Equivalent
object-oriented design we follow is intended Model (EEM). The latter is a representation of
to support concurrency with only a minimal the physical system in terms of power sources,
amount of knowledge being exchanged. impedances, and switches. The Functional Sub-
systems Model (FSM) is the most abstract of
all, and represents the system in the form of
a reduced network in which sub-nets are rep-
2.1 General System Descrip-
resented by single functional blocks. An ex-
tion.
ample of the PCM, EEM, and FSM of a sim-
ple physical system, consisting of a generator,
A diagram of the control system is presented
switches, resistive loads (a light bulb and an
in Figure 1. At its core is a model of the sys-
electric heater) is shown in Figure 2. The elec-
tem to be controlled. This model represents the
tric heater consists of a fan, i.e., a motor (M1)
physical system under normal operating condi-
and a resistive heating element (L2); and the
tions, and is referred to as the Ha simulator.
light bulb is denoted by L3.
At least three versions of H0 exist, represent-
ing the physical system at various level of ab- Each of the three models is an object-oriented
straction. First, there is the Physical Compo- representation of the actual system. That is,
nents Model (PCM), containing physically re- components are represented as data structures
alistic models of the components of the sys- referred to as objects. The latter consist of at-
tem to be controlled. At the next level of ab- tributes relating to properties of the component
7?
_w_/_l _S Wires
w
FSM EEM PCM
Figure 2: An example of a Physical Component Model (right), its Electrical Equivalent Model
(middle), and its Functional Subsystems Model (left).
being represented, and attribute-values specify- system. The PCM and the EEM work in tan-
ing the values of these properties and/or proce- dem, using the knowledge embedded in them, to
dures that can be used to compute these values. detect potential faults. Once faults have been
detected (see Section 2.2 below for an explana-
The topological relationships between com-
tion of thefault detecti()n process), additional
ponents in the PCM, EEM, and FSM are spec-
versions of the PCM, EEM and F_dM are au-
ified by attributes describing the connections
tomatically generated, representing models of
between the present component and others in
the physical system modified in such a way as
the network. Expected voltages at nodes and
to account for the hypothesized cause of the
currents through branches in the EEM are com-
fault. For example, H1 and/-/2 may be gener-
puted using the VIsolver. The VIsolver is an
ated in case two explanations for the fault are
object that solves for the currents and volt-
possible. Competing hypotheses are eliminated
ages of the power system using the modified
on the basis of comparing future sensor data
nodal formulation [8]. The solution is based on
with predicted values, and/or heuristic reason-
Kirchhoff's current and voltage laws in a ma-
ing. Once the fault has been determined (iden-
trix form with special considerations taken to
tified) remedial action is taken to return the
reduce the size of the matrices but at the same
system to a non-faulty state through reconfigu-
time keeping it general. This method can be
ration of loads and sources.
used on networks containing voltage and cur-
rent sources, impedances, conductances, ideal
two-ports, and switches. Historical data, in-
2.2 Fault Detection
tended for use in the proactive mode, for each
component is stored in history attributes. Sen-
sors placed at strategic positions in the phys- Faults may be present if discrepancies between
ical system (in our case, the physical system sensor values and expected values are found in
is a software simulation as well) provide mea- the EEM, or if a component in the PCM antici-
surements of voltages and currents in the power pates impending failure (on the basis of knowl-
edge about the behavior of its physical equiva-
?8
lent, and the historical data available). In other the appropriate commands have been issued to
words, the system works in both a reactive and the power system.
a proactive mode simultaneously.
As an example of reactive operation, consider
2.3 Fault Identification
the system shown in Figure 2. Assume that
voltages and current measurements are avail-
able at the output of the generator (V1), the Once the existence of a fault has been detected
input to the heater (R1 and R2), and the input the location of the fault must be determined. A
of the light bulb (R3). Assume that the mea- small change in a single component value can
sured voltage and current at the heater sud- cause many sensors to indicate the existence
denly drops. The voltage at the light bulb of a fault. To determine which component has
will also change slightly, and the current at the caused the fault (in the reactive mode), branch
source will decrease. Therefore there is a dis- currents and node voltages are computed us-
crepancy between measured sensor values and ing the measured data, and each component's
simulated sensor values and a fault is detected. impedance value is computed based on the cur-
It is not obvious from the measurements which rent running through it and the voltage across
component is faulty. However, by reasoning us- it. The EEM component compares its calcu-
ing knowledge of the fault models for each com- lated impedance with its "known" impedance
ponent and their health status it is possible to and if there is a difference, then the compo-
narrow down the number of possibilities and, nent is suspected of having caused the fault.
eventually, the fault can be identified and iso- All components have a health status attribute
lated through simulation (see Section 2.3 for de- which is determined by the PCM and veri-
tails). fied by the EEM. The PCM determines the
health status using heuristics, historical data,
An example of proactive fault detection is the
and physical knowledge of the component. Hy-
following: Assume that M1 in the PCM finds
potheses regarding possible faults are gener-
that its real-world counterpart is about to over-
ated, based on the component's health status
heat due to a continuous overload beyond its
and impedance discrepancy using the compo-
rating. The M1 object then immediately sig-
nent's fault-model, supplied by the PCM.
nals its impending fault state to its equivalent
counterpart (R1) in the EEM and tells R1 that The aforementioned approach will work if
the current needs to be reduced. The control the environment is sensor-rich, i.e., there are
system formulates strategies to reduce the cur- enough sensors in the network to calculate the
rent through R1, using the knowledge encapsu- impedance of all components. However, if the
lated in it (in this case the only possibility is environment is sensor-sparse, i.e., there are rel-
switching off the motor). It is clear that hy- atively few sensors in the network, then a strat-
pothesis selection needs to be based taking into egy will be followed that converts the sensor-
account the importance of the various subsys- sparse environment into a virtual sensor-rich
tems in accomplishing the mission objectives. environment. This approach is based on the
The components in the FSM have knowledge concept of compound component models. The
about these aspects, and this knowledge is used latter are formed by combining components
to determine which of the reconfigured systems connected in series, parallel, or in a bridge con-
best meets future objectives, and the H/, that figuration to a single compound component.
accomplishes this, becomes the new H0 after Compound components can be part of other
compound components. The location of the
79
availablevolt-metersandcurrent-metersguides the EEM of the motor unchanged. In a simi-
the formation of compoundmodelssothat in larmanner/-/2wouldreplacethemotor EEMby
the (reduced) environment the impedanceof animpedancereflectingitsmostprevalentfault
eachcompoundcomponentcanbedetermined. state,i.e,ashortinthemotor coil. Thevoltages
In other words, the reducednetwork becomes andcurrentspredictedby eachof the compet-
virtually sensor-richwith respectto the com- ingcomponentsarecomparedto the measured
poundcomponents.Theimpedanceandhealth data, which will lead eventually to the elimi-
status of the compoundcomponentsis calcu- nation of all but onehypothesis. This process
lated basedon the impedance,the health sta- can be refinedby utilizing the conceptof the
tus, and the interconnectionof the individual component's "health status". The latter can
componentsthat makeup the compoundcom- be usedto determinethe orderin which com-
ponent. The fault identification processcan ponentsshouldbehypothesizedasfaulty. For
then function in a similar fashion in both a example,thefact that acomponenthasbeenin
sensor-richand a sensor-sparseenvironment. servicefor closeto its expectedlife span,gives
Of course,fault localizationcanthen onlypin- it a poor health status andthus it will behy-
point a compoundcomponentasthe sourceof pothesizedasfaulty prior tocomponentswith a
the trouble. However,usingthe fault models, goodhealthstatus. The systemwill keeptrack
heuristics,andhistoricaldataaboutthecompo- of which componentsfail, andunder what cir-
nentsmakingup thecompoundcomponentcan cumstances.This "failure log" is fundamental
beusedin areasoningprocessto moreprecisely to thelearningcapabilitiesofthesystem,which
identify the fault location. will cometo "recognize"previouslyencountered
failure modes.
To illustrate the reasoningprocess,consider
the casewhere a fault hasbeenlocalizedto a
compoundcomponentconsistingoftwoparallel
resistiveloads.Supposethat oneoftheloadsis 3 Design and implementa-
amotor, andthe other a heater. Faultsoccur-
tion of the power system
ringin thesecomponentswill reflectthemselves
aschangesin the component'simpedance(e.g., simulator and controller.
a short will causea virtually zeroimpedance).
Further,assumethat onlythevoltageacrossthe
loadsandthetotal current, but not thecurrents We are currently in the process of implement-
through eachload,areknown. In sucha case, ing the previously outlined architecture. The
it will be impossibleto determinewhich load NeXT computer has been chosen as the im-
is faulty basedon the availablemeasurements plementation platform. The NeXT supports
alone.However,usingfault-modelssuppliedby Objective-C and has extensive graphical inter-
the PCM, coupledwith the assumptionthat a face capabilities.
singlefault is considerablymore likely to oc-
The power system simulator has been de-
cur than amultiple fault, oneormorehypothe-
signed and implemented. A graphics-based tool
sescan be generated. For example,the PCM
has been developed to interactively configure
"knows" that a heater'smost commonfailure
the power system to be simulated. A panel
modeisbreakageofthe heaterelement,causing
with icons, representing components typically
the impedanceto go to infinity. Thereforethe
encountered in a power system, is presented,
H1 hypothesis would replace the EEM of the ....
and the user can "click-and-drag" these icons in
heater by an infinite impedance, while leaving the desired position in the power system win-
8o
dow. The specificationsfor eachcomponent The control systemis capableof issuingcom-
areenteredby changingthe attribute values,in mandsregardingswitch settings to the power
aninspectorwindow, for the component. The system.The controlsystemis capableofform-
resulting power system can simulate voltage ingcompoundmodelsof componentsin series,
sources,switches,and resistiveloads. Weare parallel,andbridgeconfigurations.
onlyconsideringdirect currentsat the present,
but a generalizationto alternating currentsis
kept in mind. 4 Future developments.
A schematicdiagramof the powersystemis
shownonthe screenin a powersystemsimula-
At present, a component library is being built
tor windowwith the componentvaluesandcur-
for commonly used electric power components,
rents andvoltagesdisplayednext to eachcom-
including DC-motors, generators, circuit break-
ponent. The powersystem'svoltagesandcur-
ers. These components, with their embedded
rentsarecalculatedby thesimulator'sVIsolver.
knowledge, form an important part of the fault
The VIsolverisanobjectthat solvesforbranch
detection system.
currentsandnodevoltagesfor anyelectricnet-
work including powersystemsusingthe nodal The current speeds of execution of the system
admittance matrix. The solution is basedon suggest that parallel implementation is necessi-
Kirchhoff's current andvoltage lawsin a ma- tated in order to achieve real-time implemen-
trix form with specialconsiderationstaken to tation. Though we lack the hardware for such
reducethe sizeof the matricesbut atthe same an implementation, a successful attempt has al-
time keepingit general. ready been made at executing the various tasks
in the program concurrently on the same pro-
Changesin switch settings, load resistance,
cessor using separate threads. We expect to im-
and sourcevoltagescan be madethrough an
plement the final system with a fair amount of
eventqueueor by clicking on the component
distributed processing over a network of NeXT
in the schematicdrawing ofthe powersystem.
computers, so that each task will have its own
Theeventqueueiseditableandisusedto insert
processor, with the goal of achieving significant
faults into the powersystem. The powersys-
speed-ups.
tem's voltagesand currents are automatically
recalculatedwhen the powersystemsimulator
receivesaneventoraswitchpositionischanged
Acknowledgements
by clicking on the switch with the mouse.The
eventsare sentto the powersystemoneafter
the other in orderofoccurrencein time.
This worked has been sponsored by grants from
"NASA/Johnson Space Center, and the Energy
A control systemthat readsdata from the
Laboratory of the University of Houston.
powersystemsimulator hasbeenimplemented.
It ispossibleto setwhichvoltagesandcurrents
the control systemcanreceivefrom the power
References
systemby inserting volt-meters and current-
metersat the desiredpositionsin the network.
The datais displayedin aseparatecontrolsys-
[1] Gholdston, E. W., Janik, D. F., and New-
tem window containing the samediagram as
ton, K. A. (1989). Hybrid approach to
shownin the powersystemsimulator window.
space power control utilizing expert sys-
81
tems and numerical techniques.Proceed- [7]Levitt, R.E., and Dym, C.L. (1991).
ings of the Intersociety Energy Conversion Knowledge Based Systems in Engineering.
Engineering Conference, Piscataway, NJ: New York: McGraw-Hill.
IEEE-Press, 177-182.
[8]
Vlach, J., and Singhol, K. (1983). Com-
[2] Kao, C.Y., and Morris, W.S. (1989). puter Methods for Circuit Analysis and De-
Spacelab life sciences-1 electrical diagnos- sign. New York: Van Nostrand Reinhold
tics expert system. Telematics and Infor- Company.
matics, 6, 201-220.
[9]
Walls, B. (1989). Starr: An expert system
[3] Keronen, J.J. (1989). An expert system for failure diagnosis in a space based power
prototype for event diagnosis and real-time system. Proceedings of the Intersociety En-
operation planning in power system con- ergy Conversion Engineering Conference,
trol. IEEE Transactions on Power Sys- Piscataway, NJ: IEEE-Press, 303-306.
tems, 4, 544-550.
[10] Zhang, Z.Z. , Hope, G.S., and Malik, O.P.
[4] de Kleer, J., and Williams, B.C. (1987). (1989). Expert systems in electrical power
Diagnosing multiple faults. Artificial Intel- systems - A bibliographic survey. IEEE
ligence, 32, 97-130. Transactions on Power Systems, _, 1355-
1361.
[5] Kuipers, n. (1986). Qualitative simulation.
Artificial Intelligence, 29, 289-338.
[6] Lee, S.J., Yoon, S.H., Yoon, M.C., and
Jang, J.K. (1990). Expert system for pro-
tective relay setting of transm[ssi0n sys-
tems. IEEE Transactions on Power Deliv-
ery, 5, 1202-1208.
82
