Page 1

Complete Fault Diagnosis Of Uncertain

Polynomial Systems

Philipp Rumschinski∗Jan Richter∗∗Anton Savchenko∗

Steffen Borchers∗Jan Lunze∗∗∗Rolf Findeisen∗,1

∗Institute of Automation Engineering, Otto-von-Guericke Universit¨ at

Magdeburg, Germany

∗∗Siemens AG, Industry Sector, Gleiwitzer Str. 555, 90475

Nuremberg, Germany

∗∗∗Institute of Automation and Computer Control, Ruhr-Universit¨ at

Bochum, Germany

Abstract: The increase in complexity in process control goes along with an increasing need for

complete and guaranteed fault diagnosis. In this contribution, we propose a set-based method for

complete fault diagnosis for polynomial systems. It is based on a reformulation of the diagnosis

problem as a nonlinear feasibility problem, which is subsequently relaxed into a semidefinite

program. This is done by exploiting the polynomial/rational structure of the discrete-time model

equations. We assume the measurements of the output and the input to be available as uncertain,

but bounded convex sets. The applicability of the method is demonstrated considering a two-

tank system subject to multiple faults.

1. INTRODUCTION

Fault diagnosis methods aim at deciding whether a fault

has occurred or not, given some measured information.

The result of the diagnosis is then either used for mon-

itoring purposes only, or to inform a subsequent control

re-adjustment step. Introductions to the most common ap-

proaches for fault diagnosis are provided by books Blanke

et al. [2006], Ding [2008], Gertler [1998], Isermann [2006].

In literature fault diagnosis is subdivided in methods rely-

ing on the analysis of signals (signal-based) and methods

incorporating a model of the considered process (model-

based). The latter methods are often founded on consis-

tency tests. Here the measurement data is compared with

the ability of a system model to reproduce exactly those

measurements Blanke et al. [2006] or on consistency tests

based on identified system parameters Isermann [2006].

In both cases the goal is to determine the set of models

consistent with the measurements (fault candidates). As-

suming that for all faults a corresponding model is known

(closed-world assumption), a fault diagnosis algorithm is

said to be complete if the true fault is never excluded from

the set of fault candidates. Every complete consistency-

based fault diagnosis method, starting from an initial fault

candidate set, seeks to iteratively exclude fault scenarios

that are inconsistent with the observations. If only one

fault remains, it is uniquely diagnosed. In general, it is

not possible to uniquely distinguish between all faults due

to some overlap in the input-output behavior of the corre-

sponding models. However, it is clear that if two behaviors

belonging to these fault scenarios differ from another, then

there exists an input-sequence that permits distinction

between them (active fault diagnosis). This dependence is

intimately linked to the persistence of excitation condition

1Corresponding author rolf.findeisen@ovgu.de

encountered in system identification, which is however out

of the scope of this work.

Consistency-based approaches for fault diagnosis are avail-

able for linear parameter varying systems Blesa et al.

[2007], for uncertain linear systems Combastel and Raka

[2009], Tornil et al. [2003], and for nonlinear systems sub-

ject to biased uncertain measurements Planchon [2007].

Other approaches are based on residuals generated by

means of observers or Kalman filters and compared to a

threshold Theilliol et al. [2008], Videau et al. [2009], Zhang

et al. [2008]. Further fault diagnosis methods for nonlinear

systems are available in Aßfalg and Allg¨ ower [2006], Selmic

et al. [2009], Zhang et al. [2002].

In this work, we propose a set-based approach for fault

diagnosis for polynomial and rational systems in which we

directly aim to classify what fault situations are consistent

with the taken measurements. Our framework derives from

a parameter estimation and model invalidation approach

presented in Borchers et al. [2009], which is based on

formulating the regarded problem in terms of a nonlinear

feasibility problem. We extend this technique to fault

diagnosis, by reformulating the fault detection and fault

isolation problems in a similar way. Coupled with an

efficient semidefinite solution strategy of the feasibility

problem, we are able to provide conclusive proofs on

inconsistency of certain fault situations with respect to

the measurements. Under the assumption of a complete

description of the set of possible faults we can furthermore

isolate the corresponding fault candidates and guarantee

completeness of our method.

2. PROBLEM SETUP

In this contribution, we consider discrete-time systems Mf

subject to a specific fault f ∈ F = {f0,f1,...,fnf}, where

f0is associated with the nominal (fault free) system. The

Proceedings of the 9th International Symposium on

Dynamics and Control of Process Systems (DYCOPS 2010),

Leuven, Belgium, July 5-7, 2010

Mayuresh Kothare, Moses Tade, Alain Vande Wouwer, Ilse Smets (Eds.)

MoMT4.5

Copyright held by the International Federation of Automatic Control

127

Page 2

behavior of these systems is described by polynomial or

rational difference equations of the form

Gf(xk+1,xk,wk,p) = 0,

Hf(yk,xk,wk,p) = 0.

(1)

(2)

Here xk ∈ Rnxdenotes the system states, p ∈ Rnpthe

model parameters and wk ∈ Rnw, yk ∈ Rnydenote the

measured input and output respectively.

For simplicity of presentation, we assume throughout the

paper that only a single fault affects the considered process

in the time horizon of interest and that for all faults a

corresponding model is known. Furthermore, we assume

the measurements to be unknown-but-bounded and to be

given as convex sets such that measurement uncertainties

can be taken into account.

Definition 1. (Consistency). Consider a measurement Wk

of the applied input taken at time-index k and a mea-

surement Yk of the output of the considered process. A

model Mfis said to be consistent with the measurements

if wk∈ Wkand yk∈ Yk.

With Definition 1 we can state the following problems:

Problem 1. (Fault detection). A fault has occurred if the

model of the nominal case Mf0is inconsistent with the

measurements.

Problem 2. (Fault isolation). A fault f is a fault candi-

date, if the model Mf is consistent with the measure-

ments.

Note that consistency can on-line only be checked in a

necessary manner since only past measurements can be

taken into account, but not future ones.

3. FAULT DIAGNOSIS AS A FEASIBILITY

PROBLEM

In this section, we propose a reformulation of Problem 1

and Problem 2 as a nonlinear feasibility problem. There-

fore, assume the following collections of measurements

Y = {Yk⊂ Rny,k ∈ T} and W = {Wk⊂ Rnw,k ∈ T} in

a certain time window T = {t0,...,te}. This time window

just specifies the time instances when a measurement was

taken. Furthermore, assume a candidate fault model Mf

to be given, as described in the previous section. We can

then gather all information in the following semi-algebraic

equations

Ff(P) :

Gf(xk+1,xk,wk,p) = 0, k ∈ T,

Hf(yk,xk,wk,p) = 0,

p ∈ P,

xk∈ Xk,

wk∈ Wk,

yk∈ Yk,

k ∈ T,

k ∈ T,

k ∈ T,

k ∈ T,

(3)

where P,Xkdenote some given convex sets bounding the

parameters and the states, respectively. For instance such

bounds can be derived from the physical meaning of the

parameters or states (e.g. concentrations have to be non-

negative), or from conservation principles. Note that these

bounds can be in general arbitrary large, but from a

practical perspective tighter bounds are preferable for the

proposed relaxation procedure.

Recall that the goal of the fault detection problem is to

show that under the allowed variations in p the measure-

ments are not reproducible by the nominal model Mf0.

We denote therefore as feasibility problem the problem of

checking whether Ff(P) admits a solution or not.

If the feasibility problem does not admit a solution, then

there exists no input for which the model Mfis consistent

with the measurements Y,W.

Problem 1 and Problem 2 are transfered to

Proposition 1. (Fault detection/Fault isolation). If Ff(P)

does admit a solution, the fault f is a fault candidate, i.e.

Mf is consistent with the measurements.

However, it is in general not possible to determine an

exact solution of the feasibility problem Ff(P), due to

the nonlinearities of the model equations. But we will

show in the next section that it is possible to address a

relaxed version instead of the original feasibility problem

for polynomial/rational systems to give conclusive answers

to the problems included in Proposition 1. Note that as a

consequence of the relaxation the fault candidates will be

determined by elimination of all other possibilities.

4. PROBLEM RELAXATION

As shown in Kuepfer et al. [2007], Borchers et al. [2009]

for polynomial/rational systems it is possible to relax

Ff(P) into a convex semidefinite program. The method

used is based on an image convexification described in

Lasserre [2001], Ramana [1994]. Semidefinite programs as

a generalization of linear programs can then be efficiently

solved via interior point methods, e.g. with Sturm [1999].

In literature several approaches for reformulating Ff(P)

are known, i.a. Lasserre [2001], Parrilo [2003]. For the

purpose of this work a quadratic reformulation is chosen,

as it leads to SDPs of moderate size. For the sake of

completeness, we present a short overview of the necessary

relaxation steps following Borchers et al. [2009].

As a first step the original feasibility problem Ff(P) is

rewritten as a quadratic feasibility problem (QP). There-

fore, we introduce a vector ξ ∈ Rnξ, consisting of a minimal

basis of monomials of the model and output equations (1)-

(2), in the form

ξ = (1, xi, pj, wl, ym, xipj, xiwl, ...)T,

where the indexes i,j,l,m correspond to the respective

number of states x, parameters p, inputs w and outputs y.

Equations (1) can be transformed to

Gf

i(xk+1,xk,p,w) = ξTQi

kξ = 0, (4)

in which Qi

i is again the number of states. Apparently the same is

possible for (2) whereas i takes values in {1,...,ny}. Note

that if the model equations (1)-(2) contain higher order

terms (products of lower degree monomials), additional

equality constraints of the form (4) have to be introduced.

k∈ Rnξ×nξis a symmetric matrix and the index

For simplicity of notation we redefine the index i such that

it covers the number of states nx, the number of output

equations nyand the number of additional constraints nd

as i ∈ I = {1,...,nx+ ny+ nd}.

Copyright held by the International Federation of Automatic Control

128

Page 3

The bounds describing the subsets P,Xk,Wk,Ykappear-

ing in Ff(P) can be described as linear constraints

Bξ ≥ 0.

Here B ∈ R2(nξ−1)×nξprovides explicit upper and lower

bounds on all components of ξ except the first one.

Then Ff(P) can be rewritten as

Such a quadratic decomposition can always be found for

a polynomial/rational system (1)-(2), but QPf(P) is of

course still non-convex. However, by introducing X = ξξT

and relaxing the rank(X) = 1 and tr(X) ≥ 1 condition

into the weaker constraint X ? 0, see e.g. Parrilo [2003],

we get the convex semidefinite program

QPf(P) :

find ξ ∈ Rnξ

subject toξTQi

ξ1= 1,

Bξ ≥ 0.

kξ = 0, i ∈ I,k ∈ T,

SDPf(P) :

find

subject to tr(Qi

X ∈ Rnξ×nξ

kX) = 0,

tr(eeTX) = 1,

BXe ≥ 0,

BXBT≥ 0,

X ? 0,

i ∈ I,k ∈ T,

where e = (1,0,...,0)T∈ Rnξ. The relaxation process

will increase in general the solution space of Ff(P) and

therefore a fault could be wrongly included in the fault

candidate set. However, the true fault will never be ex-

cluded from the fault candidates. Note that the redundant

constraints BXBT≥ 0 were added to reduce this effect

Lasserre [2001].

Since we are only interested in proving infeasibility of

Ff(P), an efficient approach is to consider the Lagrangian

dual Lf of the semidefinite relaxation.

Lf(P) :

max ω

subject to

?

+BTλ1eT+ BTλ2B + λ3= 0,

k∈T

?

j∈I

νj

kQj

k+ ωeeT+ eλT

1B+

λ1≥ 0, λ2≥ 0, λ3? 0,

k, ω are the Lagrangian multipliers corresponding

to the equality constraints in the semi definite program,

and λ1 ∈ R2nξ−1,λ2 ∈ R(2nξ−1)×(2nξ−1), λ3 ∈ Rnξ×nξ

those corresponding to the remaining constraints.

Theorem 1. If the Lagrangian dual Lf(P) is unbounded,

then Mf is inconsistent with the measurements.

The Lagrangian weak-duality property and the relaxation

process guarantee that if the Lagrangian dual is un-

bounded, then Ff(P) does not admit a solution Waldherr

et al. [2008].

(5)

where νj

5. PARAMETER ESTIMATION

Recall that a way for proving inconsistency of a model Mf

is to verify that the Lagrangian dual Lf(P) is unbounded.

But since we allow uncertainties in the parameters as

well as in the measurements it is very likely for a fault

resulting in a slow change in the system dynamics, that the

corresponding model Mfcannot be excluded immediately.

In such a case it might be necessary to estimate the system

parameters from the measurements. The same is true for

a fault resulting in a slow drift in one of the parameters.

The goal is then to approximate the subset Pc ⊆ P

of consistent parameters. We denote this approximation

asˆPc. Therefore, a subregion Q ⊆ P is tested via the

Lagrangian dual whether a consistent parameterization

is contained or not. The subset Pc is approximated by

systematically exploring subregions of P and cutting out

those that lead to an unbounded Lf(P), i.e.

ˆPc:= P\

?

Q⊆P : Lf(Q)→∞

Q.(6)

A possible way of systematically investigating the param-

eter space is using a recursive bisection algorithm.

Algorithm 1. (Q∗= Outer − approximate(Mf,Q)).

if Lf(Q) is unbounded

then return Q∗= ∅

else if volume(Q) ≤ precision threshold δ

then return Q∗= Q

else partition Q into Q1and Q2,

i.e. Q1∪ Q2= Q and Q1∩ Q2= ∅

Q?

Q?

returnQ∗= Q?

fi

fi

1:= Outer − approximate(Q1)

2:= Outer − approximate(Q2)

1∪ Q?

2

In Figure 1 the outcome of Algorithm 1 is depicted. The

quality of the outer-approximation is directly dependent

on the chosen precision threshold δ, whereas a decrease of

δ results of course in an increase of computational effort.

Fig. 1. Result of the outer-approximation algorithm for

a consistent parameter region Pc (dark gray area).

Light gray areas do not contain consistent parameter-

izations.

Note that in the case when the applied solver is not well

tuned, e.g. the solution is not converging fast enough

and the number of allowed iterations is too low, it might

also be necessary to implement this algorithm for proving

inconsistency.

6. FAULT DIAGNOSIS ALGORITHM

In the previous section, we have shown, that the set of

parameters Pcleading to a consistent behavior of a model

Copyright held by the International Federation of Automatic Control

129

Page 4

Mfcan be approximated. In this section we want to show

how the parameter estimation algorithm can be extended

to a complete fault diagnosis algorithm. As a first step

we have to introduce a way of dividing the measurement

collections Y and W into subsequences. This derives from

Borchers et al. [2009], but is used here for formalizing the

fault diagnosis algorithm and not only for reducing the

computational complexity.

We split the collection of measurements Y and W into

smaller collections

S = {Sj⊆ Y,j = 1,...,nS}

with a corresponding shortened time window Tj ⊆ T as

depicted in Figure 2.

(7)

Fig. 2. Split collection of measurements.

The consistent parameters Pc can then be bounded by

intersecting the estimates obtained for each individual

subsequence, i.e.

Pc⊆

?

j=1...nS

ˆPj

c,(8)

where

subsequence j. A direct consequence is of course that a

model Mfcan only be consistent with the measurements if

for all subsequences Sja non-empty consistent parameter

setˆPj

Hence it is sufficient to prove that one subsequence leads

to the empty set. In the case that only one subsequence

is considered the detectability of a fault consequently

depends on the size of the regarded subsequence.

ˆPj

c denotes the result of Algorithm 1 for one

ccan be found.

If we now specify the starting point of a shortened time-

window with k and the length of the time-window with j,

the fault diagnosis is given by

Algorithm 2. (ˆ F =Fault-Diagnosis(F,k,j)).

initializeˆ F = F

if Fault − Detection(Mf0,k,j) == false

thenˆ F =ˆ F \ f0

display a fault has occurred fi

for fi∈ˆ F

if Fault − Detection(Mfi,k,j) == false

thenˆ F =ˆ F \ fifi

end

returnˆ F

function consistent = Fault − Detection(Mf,k,j)

Q := Outer − approximate(Mf,P)

if Q == ∅ then return consistent = false fi

if Q ⊆ P then return consistent = true fi

Theorem 2. Algorithm 2 is a complete fault diagnosis

algorithm, since the true fault f∗is never excluded from

the initial fault set F, i.e. f∗∈ˆ F.

The completeness of Algorithm 2 results directly from

Theorem 1. If we consider an initial fault set F a fault

f will only be excluded if and only if Ff(P) is infeasible.

At the same time Mf might be considered as consistent

due to the relaxation, even though Ff(P) does not admit

a solution. In other words if we denote the best possible

diagnostic result as F∗then

F∗⊆ˆ F.

7. EXAMPLE

In this section we will show the applicability of our method

considering the simple two-tank system as described in

Blanke et al. [2006] and depicted in Figure 3.

Fig. 3. Two-tank system.

We only consider the case that H1,H2are measurable, be-

cause, as demonstrated in Blanke et al. [2006], measuring

only one of the heights results in a loss of diagnosability.

7.1 System description

The system consists of two tanks connected by a valve, an

inflow qP, an outflow q2and a possible leakage qL. H1,H2

denote the measured water-levels. the maximum allowed

height hmaxfor H1is reached qP will be set to zero. All

parameters are given in Table 1 and are taken from Blanke

et al. [2006]. We assume for reasons of simplicity in the

remainder of this work that under operating conditions

the fill level H1 will always be greater or equal to H2.

If one would want to incorporate the case that H1< H2

than one could apply a strategy similar to Hasenauer et al.

[2009] by adding some discrete switching conditions. A

mathematical description of the system is then given by

the following nonlinear differential equations

˙H1(t) =1

A(qP(t) − qL(t) − q12(t)),

˙H2(t) =1

A(q12(t) − q2(t)),

(9)

(10)

with

Copyright held by the International Federation of Automatic Control

130

Page 5

qp(t) =

?¯ qp, H1(t) ≤ hmax,

?

H1(t) − H2(t), V12is open,

0, H1(t) > hmax,

?

(11)

qL(t) =

cL

0,

H1(t), H1(t) > 0,

H1(t) ≤ 0,

(12)

q12(t) =

?

?

c12

0,

?

?

V12is closed,

(13)

q2(t) =

c2

0,

H2(t), H2(t) > 0,

H2(t) ≤ 0.

(14)

The equations (12)-(14) contain non-polynomial parts,

therefore, we extend the model with three additional states

and three additional constraints

∆H2(t) = H1(t) − H2(t),

H2

1(t) = H1(t)H1(t),

H2

2(t) = H2(t)H2(t).

This approach of approximating the nonlinearities might

not be suited for other nonlinearities (e.g. exponential

functions) or for other measurement setups. In such cases

stricter constraints have to be applied, e.g. enveloping

the nonlinearities by means of polynomial functions, for

further details see Hasenauer et al. [2009].

(15)

(16)

(17)

As our method requires the considered models to be

in discrete-time, we apply Euler discretization to the

equations (12)-(14) with a step size of 2 seconds.

Table 1. Nominal parameters

Parameter:

A

hmax

unom

c12

c2

cL

¯ qP

Value: Description:

Area of both tanks

Height of both tanks

Nominal pump velocity

Flow constant valve V12

Flow constant of the outflow

1.54 · 10−2m2

0.6m

1

6 · 10−4m5/2s−1

2 · 10−4m5/2s−1

2.6 · 10−4m5/2s−1Flow constant of the leakage

1.5 · 10−4m3s−1

Flow constant of pump

7.2 Scenario and Setup

We study the presented approach in a series of simulation

studies. To get a realistic setup the parameters are not

assumed to be known a priori, but are first estimated

following the algorithm proposed in Section 5. The con-

sidered case is depicted in Figure 4, we performed it by

simulating the temporal evolution of the two states with

two slightly different initial conditions for the lower and

upper bound (H1(0) = 0.275m,H2(0) = 0.0375m, and

H1(0) = 0.325m,H2(0) = 0.0625m). We also added to the

bounds an additional absolute error of 1.2cm. The results

of the parameter estimation are given in Table 2.

Table 2. Achieved parameter bounds

Parameter: Lower bound: Upper bound:

c12

5 · 10−4

c2

1 · 10−4

¯ qP

0.5 · 10−4

In the following, we consider four different scenarios con-

cerning the measurements. For this reason, let us consider

the measurement collection Y∗:= {Yk = (Hk

k ≤ 300}, with each measurement providing information

on both states. If we split the measurement collection,

7 · 10−4

3 · 10−4

2.5 · 10−4

1,Hk

2),0 ≤

Fig. 4. Measurements taken of the two states from the

faultless model. The red lines give the upper and lower

bounds on the measurements of H1 and the dashed

blue lines the bounds on the measurements of H2.

following (7), into subsequences Sj

with ? ∈ {1,2,4,9}, we can investigate how many time-

steps after a fault f has occurred the fault can be de-

tected/isolated. Two different fault scenarios are consid-

ered: First (f1), the valve V12 gets stuck in the closed

position or the flow through it is obstructed suddenly at

time-step k = 150 (Figure 5) and second (f2) the leakage

qLoccurs at time-step k = 50 (Figure 6).

= {Yj,...,Yj+?}

Fig. 5. Fault f1occurs on time step 150.

Fig. 6. Fault f2occurs on time step 150.

7.3 Simulation results

Table 3 shows the number of time-steps until a fault is

detected and isolated. The number of considered mea-

surements is apparently deciding the time necessary for

detecting/isolating the fault. An interesting observation

is that if only 2 measurements are considered at once, a

detection of the second fault is not possible before the

Copyright held by the International Federation of Automatic Control

131

Page 6

Table 3. Necessary time steps

Fault:

Number of time-steps k:

? = 1? = 2

92

--

Description of faults:

? = 4

1

2

? = 9

1

1

f1

f2

Valve V12is closed

Tank 1 is leaking

new steady-state is reached. This implies that one has to

carefully choose the amount of considered measurements.

Also, as noted in Blanke et al. [2006], the detection of f2

is more difficult then the detection of f1. This seems to be

a result of the less drastic change in the output measure-

ments. In addition fault f1can still be detected when even

larger errors in the measurements are assumed (results not

shown). One can conclude that if the measurements would

not allow a certain precision, i.e. the error is (very) large,

a detection/isolation is not possible.

8. CONCLUSIONS AND OUTLOOK

We have studied in this contribution fault diagnosis for

a quite general class of process control models. Based on

an existing set-based parameter estimation, we proposed

a solution method to the fault detection and isolation

problems that is complete under the closed-world assump-

tion. The method furthermore provides conclusive results

even if the measurements and the model parameters admit

uncertainties. We demonstrated for the well-known two

tank example, that our approach is capable of determining

which of the considered fault situations are exhibited by

the plant.

For the considered class of uncertain polynomial/rational

systems we were able to show that the fault detec-

tion/isolation tasks can be reformulated as a non-convex

feasibility problem. Additionally, we have shown that it

is sufficient to address a relaxed convex version of this

feasibility problem and still achieve conclusive results.

With the help of this so-called semidefinite program we

could derive an efficient algorithm for fault diagnosis. This

algorithm is complete since the true fault is never excluded

from the set of fault candidates. Furthermore, we proposed

a method for reducing the computational complexity.

In practice, even with the proposed reduction technique,

the number of resulting problems might be too large for

very complex processes, especially if the direct diagnos-

ability of the faults cannot be guaranteed. A combination

of the method with a state prediction scheme could then

be used to limit the number of fault models which has to

be addressed simultaneously. For instance, if more than

one fault model is consistent with the measurements a

investigation of the reachable state sets for all models

could help discarding models as soon as the next measure-

ment arrives and thus reducing immediately the number

of possible fault situations. Such a prediction could also

be used for finding a specific input sequence that allows

to discriminate fault alternatives (active diagnosis). Both

extensions will be subject of future work. Furthermore,

it might be possible to extend the proposed framework to

continuous-time models as shown in Lasserre et al. [2008].

REFERENCES

J. Aßfalg and F. Allg¨ ower.

mented state models: modeling, analysis, and design. In Proc. of

IEEE Conf. on Dec. and Contr., CDC’06, pages 1165–1170, San

Diego, USA, 2006.

Fault diagnosis with structured aug-

M. Blanke, M. Kinnaert, J. Lunze, and M. Staroswiecki. Diagnosis

and Fault-Tolerant Control. Springer, 2nd edition, 2006.

J. Blesa, Y. Bolea, and Y. Puig. Robust fault detection using interval

LPV models. In Proc. of IEEE Eur. Contr. Conf., ECC’07, pages

1618–1625, Kos, Greece, 2007.

S. Borchers, P. Rumschinski, S. Bosio, R. Weismantel, and R. Find-

eisen. A set-based framework for coherent model invalidation and

parameter estimation of discrete time nonlinear systems. In Proc.

IEEE Conf. on Dec. and Contr., CDC ’09, pages 6786–6792,

Shanghai, China, 2009.

C. Combastel and S. A. Raka. A set-membership fault detection test

with guaranteed robustness to parametric uncerties in continuous

time linear systems.In Proc. of IFAC Symp. on Fault Det.,

Superv. and Saf. of Techn. Proc., SAFEPROCESS’09, pages

1192–1197, Barcelona, Spain, 2009.

S. X. Ding.Model-based Fault Diagnosis Techniques: Design

Schemes, Algorithms, and Tools. Springer, 2008.

J. Gertler. Fault Detection and Diagnosis in Engineering Systems.

Marcel Dekker, New York, 1998.

J. Hasenauer, P. Rumschinski, S. Waldherr, S. Borchers, F. Allg¨ ower,

and R. Findeisen. Guaranteed steady-state bounds for uncertain

chemical processes. In Proc. Int. Symp. Adv. Contr. of Chem.

Proc., ADCHEM’09, pages 674–679, Istanbul, Turkey, 2009.

R. Isermann. Fault-Diagnosis Systems. An Introduction from Fault

Detection to Fault Tolerance. Springer, 2006.

L. Kuepfer, U. Sauer, and P. A. Parrilo. Efficient classification of

complete parameter regions based on semidefinite programming.

BMC Bioinformatics, 8:12, 2007.

J. B. Lasserre.Global optimization with polynomials and the

problem of moments. SIAM J. on Optimization, 11(3):796–817,

2001.

J.B. Lasserre, D. Henrion, C. Prieur, and E. Trelat.

optimal control via opccupation measures and lmi relaxations.

SIAM J. on Contr. and Opt., 47:1643–1666, 2008.

P. A. Parrilo.Semidefinite programming relaxations for semi-

algebraic problems. Math. Program., 96(2):293–320, 2003.

P. Planchon. Guaranteed diagnosis of uncertain linear systems using

state-set observation. Logos-Verlag, 2007.

M. V. Ramana.An algorithmic analysis of multiquadratic and

semidefinite programming problems. PhD thesis, John Hopkins

University, 1994.

R. R. Selmic, M. M. Polycarpou, and T. Parisini. Actuator fault

detection in nonlinear uncertain systems using neural on-line

approximation models. Eur. J. of Control, 15(1):29–44, 2009.

J.F. Sturm. Using SeDuMi 1.02, a MATLAB toolbox for optimiza-

tion over symmetric cones. Opt. Meth. and Soft., 11(1):625–653,

1999.

D. Theilliol, J.-C. Ponsart, M. Rodrigues, S. Aberkane, and J. Yam´ e.

Design of sensor fault diagnosis method for nonlinear systems

described by linear polynomial matrices formulation: application

to a winding machine. In Proc. of IFAC World Congress, pages

1890–1895, Seoul, Korea, 2008.

S. Tornil, T. Excobet, and L. Trave-Massuyes. Robust fault detection

using interval methods.In Proc. of IEEE Eur. Contr. Conf.,

ECC’03, Cambridge, United Kingdom, 2003.

G. Videau, R. Raissi, and A. Zolghadri.

consistency checks of nonlinear systems.

Fault Det., Superv. and Saf. of Tech. Proc., SAFEPROCESS’09,

pages 1210–1215, Barcelona, Spain, 2009.

S. Waldherr, R. Findeisen, and F. Allg¨ ower.

analysis of biochemical reaction networks via semidefinite pro-

gramming. In Proc. of IFAC World Congress, pages 9701–9706,

Seoul, Korea, 2008.

X. Zhang, M. M. Polycarpou, and T. Parisini. A robust detection

and isolation scheme for abrupt and incipient faults in nonlinear

systems. IEEE Trans. on Autom. Control, 47(4):576–593, 2002.

Y. Zhang, N. E. Wu, and B. Jiang. Fault detection and isolation

applied to a ship propulsion benchmark. In Proc. of IFAC World

Congress, pages 1908–1913, Seoul, Korea, 2008.

Nonlinear

Set-observer design for

In Proc. of Symp. of

Global sensitivity

Copyright held by the International Federation of Automatic Control

132