A Distributed Fault Diagnosis and Cooperative Fault-Tolerant Control Design Framework for Distributed Interconnected Systems

Abstract

This paper investigates a design framework for a class of distributed interconnected systems, where a fault diagnosis scheme and a cooperative fault-tolerant control scheme are included. First of all, fault detection observers are designed for the interconnected subsystems, and the detection results will be spread to all subsystems in the form of a broadcast. Then, to locate the faulty subsystem accurately, fault isolation observers are further designed for the alarming subsystems in turn with the aid of an adaptive fault estimation technique. Based on this, the fault estimation information is used to compensate for the residuals, and then isolation decision logic is conducted. Moreover, the cooperative fault-tolerant control unit, where state feedback and cooperative compensation are both utilized, is introduced to ensure the stability of the whole system. Finally, the simulation of intelligent unmanned vehicle platooning is adopted to demonstrate the applicability and effectiveness of the proposed design framework.

1. Introduction

With the rapid development of sensing and communication technologies, modern engineering systems are increasingly networked and distributed [1]. Further, the large-scale distributed systems such as power grid and vehicle platooning are generally interconnected, physically or informationally [2,3,4,5]. These kinds of systems are thus referred to as distributed interconnected systems, which are composed of several subsystems in different locations through coupling mechanisms. On the other hand, the increasing size and complexity of distributed interconnected systems makes the occurrence of faults easier. Besides, due to the characteristics of interconnection, the fault diagnosis for distributed interconnected systems is challenging as an incipient fault occurring in any subsystem can potentially propagate from one subsystem to another and even result in the collapse of the whole system. The research on fault diagnosis and fault-tolerant control for distributed interconnected systems is receiving remarkable attention [6,7,8,9].

For the most part, the fault diagnosis approaches for distributed interconnected systems can be divided, according to the information used by the diagnostic units, into three categories: centralized, decentralized, and distributed fault diagnosis [10]. The centralized fault diagnosis approach employs a centralized diagnostic unit to collect the information of the whole system and then conducts fault diagnosis for all subsystems. In [11], an interconnected system with disconnected interconnections and packet dropouts was augmented into a switched system, and then a centralized robust fault detection filter was further designed. Obviously, the centralized approach requires high computation as well as communication and is not easy to expand, so it is not suitable for large-scale distributed interconnected systems. In the decentralized fault diagnosis approach, each subsystem is equipped with a local diagnostic unit which diagnoses its own faults with its own information; thus, the approach to interconnections among subsystems is of great importance. The conventional idea is to regard interconnections as external disturbances and design robust local observers to make local residuals insensitive to interconnections. In [12], a decentralized sensor fault isolation approach was investigated for a class of large-scale interconnected nonlinear systems. Some prior known reference signals were utilized to estimate interconnections and then the maximum impact of the estimation error on the local residual was assessed for an adaptive threshold setting. Although the decentralized approach does not need to consider information transmission or security issues, because of no interactions among subsystems, it is conservative to think of interconnections as disturbances or estimate interconnections based on prior information, which can result in a low fault detection rate.

In the distributed fault diagnosis approach, the local diagnostic unit for each subsystem can not only use information about the subsystem itself, but also interact with other subsystems. In other words, the distributed fault diagnosis approach can improve the fault diagnosis performance by partial information interaction which can obtain interconnection characteristics, and thus has received much more attention [13,14,15,16,17]. Fault isolation is the key to fault diagnosis for the distributed interconnected systems as interconnection characteristics can lead to fault propagation. In [15], fault isolation for a class of fuzzy interconnected systems was considered for the first time under the framework of interval observers, and piecewise interval observers were constructed to characterize the unknown interconnections among subsystems and the residual intervals were further used to realize fault isolation. In [16], fault isolation was achieved through the decoupling method. The unknown input consisting of faults in the other subsystems and disturbance in the whole system could be partitioned into the decoupled and the non-decoupled part, and a bank of finite-frequency $H_{-}/H_{\infty }$ unknown input observers were further constructed. Moreover, a set of linear matrix inequalities were also used to ensure that the generated residual was sensitive to the fault, while remaining robust against the unknown input. Although the method provides design with a degree of freedom, the appropriate computation capacity and resources are demanded. In addition, information interaction among subsystems can exacerbate fault propagation, especially for sensor faults. In [17], the problem of fault isolation for sensor faults was studied. The influence of local and propagated sensor faults on the residuals was analyzed to realize distributed fault isolation for multiple sensor faults in interconnected systems. However, one of the main focuses in some distributed systems is to minimize the number of measurements shared among subsystems to reduce the communication cost. Meanwhile, different strategies including the fault-driven minimal structurally overdetermined set strategy, the minimal hitting set strategy, the equation-based strategy, and a set of fault-driven minimal structurally overdetermined sets strategies have been explored [8,18,19,20]. Distinguished from what has been mentioned above, the broadcasting communication is used for information exchange in our work, and the means of communication is not the focus.

Less research effort has been made, in comparison with fault diagnosis, to study fault-tolerant control for distributed interconnected systems. The traditional fault-tolerant control approach is to estimate the faults, or the changes of the subsystems caused by the faults, approximately via the adaptive or neural networked method, and then design the distributed or decentralized local fault-tolerant control law to compensate for the faults, so that the subsystems or the whole system can recover to an acceptable performance [21,22,23]. In these schemes, fault-tolerant control only regulates the controllers of the faulty subsystems, so it is called independent fault-tolerant control. From the perspective of globally distributed interconnected systems, another fault-tolerant control approach, called cooperative fault-tolerant control, is to make full use of subsystems and the cooperative effect of their coupling mechanisms to ensure the performance of the faulty system. In [24], a novel fault-tolerant control scheme for switched and interconnected nonlinear systems was designed to guarantee the stability of the state based on “fault-tolerant control Lyapunov–Barrier functions”. In [25], the cycle-small-gain theorem was utilized to ensure the closed-loop stability of interconnected systems, and a fault-tolerant control scheme that considered both rigid and flexible component faults was proposed. However, the use of the small gain theorem generally leads to a conservative result, and the fault-tolerant objective is only to guarantee the stability of faulty systems. To the best of our knowledge, most investigations on fault-tolerant control for the distributed interconnected systems are limited to basic stability analysis, whereas other dynamic and static properties have not been covered in great detail.

Inspired by the above considerations, a distributed fault diagnosis and cooperative fault-tolerant control design framework for distributed interconnected systems is proposed in this paper. Specifically, the contributions of this paper are as follows:

• A novel fault diagnosis framework, which is mainly composed of fault detection observers and fault isolation observers, is developed for a general class of distributed interconnected systems with actuator faults. By transmitting the state estimation information in the form of a broadcast communication and carrying out several decision logic schemes in the cloud processing unit based on the residuals to achieve fault detection, isolation, and estimation, the problem of fault propagation can be solved as well;
• A cooperative fault-tolerant control scheme, where LQR controllers for the healthy subsystems and a cooperative fault-tolerant controller for the faulty subsystem are utilized respectively, is also proposed to guarantee the stability and performance of the whole system;
• Different from the conventional isolation decision logic, the adaptive method is employed to estimate the fault and the fault estimation information is used to modify the residuals. In this way, the subsystem with an actuator fault can be located where the residual value is less than the threshold rather than exceeding the threshold as usual.

This paper is organized as follows. In Section 2, the framework of distributed fault diagnosis and cooperative fault-tolerant control is introduced briefly, followed by the corresponding design objective. Section 3 presents the main results, including the design of fault detection observer, fault isolation observer, and cooperative fault-tolerant controller. Section 4 is dedicated to the simulation of intelligent unmanned vehicle platooning to demonstrate the applicability and effectiveness of the proposed design scheme. Ultimately, some conclusions and possible future research directions are presented in Section 5.

2. Problem Description

The design framework of distributed fault diagnosis and cooperative fault-tolerant control for distributed interconnected systems is depicted in Figure 1 and mainly includes the monitoring and control units (MCUs) and cloud processing unit. The whole distributed interconnected system consists of $p$ subsystems and is modeled as

$$\{\begin{array}{l}x(k+1)=Ax(k)+Bu(k)+B_{f}f(k)+B_{v}v(k)\\ y(k)=Cx(k)+Ew(k)\end{array}$$

(1)

where $x(k)={\left[\begin{array}{ccccc}{x_1}^{\mathrm{T}}(k)& \cdots & {x_i}^{\mathrm{T}}(k)& \cdots & {x_p}^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}\in {\Re }^n$ denotes the state vector, with $x_i(k)\in {\Re }^{n/p}$ the $i^{\mathrm{th}}$ subsystem state. $u(k)={\left[\begin{array}{ccccc}{u_1}^{\mathrm{T}}(k)& \cdots & {u_i}^{\mathrm{T}}(k)& \cdots & {u_p}^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}\in {\Re }^m$ denotes the input vector, with $u_i(k)\in {\Re }^{m/p}$ the ith subsystem input.$y(k)={\left[\begin{array}{ccccc}{y_1}^{\mathrm{T}}(k)& \cdots & {y_i}^{\mathrm{T}}(k)& \cdots & {y_p}^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}\in {\Re }^r$ denotes the output vector, with $y_i(k)$ the $i^{\mathrm{t}\mathrm{h}}$ subsystem output.$f(k)=[\begin{array}{cccc}{f_1}^{\mathrm{T}}(k)& \cdots & {f_i}^{\mathrm{T}}(k)& \cdots \end{array}$.${{f_p}^{\mathrm{T}}(k)]}^{\mathrm{T}}\in {\Re }^m$ represents the actuator failure to be isolated, with $f_i(k)\in {\Re }^{m/p}$ the ith actuator failure. $v(k)={\left[\begin{array}{ccccc}{v_1}^{\mathrm{T}}(k)& \cdots & {v_i}^{\mathrm{T}}(k)& \cdots & {v_p}^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}\in {\Re }^m$ stands for the process noise, with $v_i(k)\in {\Re }^{m/p}$ the ith subsystem process noise.$w(k)={\left[\begin{array}{ccccc}{w_1}^{\mathrm{T}}(k)& \cdots & {w_i}^{\mathrm{T}}(k)& \cdots & {w_p}^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}\in {\Re }^s$ denotes the measurement noise, with $w_i(k)\in {\Re }^{s/p}$ the ith subsystem measurement noise. $A$, $B$, $B_f$, $B_v$, $C$ and $E$ in Equation (1) can be decomposed into

$$\begin{gathered} A=\left[\begin{array}{cccc}{A}_{11}& A_{12}& \dots & A_{1p}\\ A_{21}& A_{22}& \dots & A_{2p}\\ ⋮& ⋮& \ddots & ⋮\\ A_{p1}& A_{p2}& \dots & A_{pp}\end{array}\right],B=\left[\begin{array}{cccc}{B}_{11}& B_{12}& \dots & B_{1p}\\ B_{21}& B_{22}& \dots & B_{2p}\\ ⋮& ⋮& \ddots & ⋮\\ B_{p1}& B_{p2}& \dots & B_{pp}\end{array}\right],B_f=\left[\begin{array}{cccc}{B}_{f_1}& 0& \cdots & 0\\ 0& B_{f_2}& \cdots & 0\\ ⋮& ⋮& \ddots & ⋮\\ 0& 0& \cdots & B_{f_p}\end{array}\right], \\ {B}_v=\left[\begin{array}{cccc}{B}_{v_1}& 0& \cdots & 0\\ 0& B_{v_2}& \cdots & 0\\ ⋮& ⋮& \ddots & ⋮\\ 0& 0& \cdots & B_{v_p}\end{array}\right],C=\left[\begin{array}{cccc}{C}_1& 0& \cdots & 0\\ 0& C_2& \cdots & 0\\ ⋮& ⋮& \ddots & ⋮\\ 0& 0& \cdots & C_p\end{array}\right],E=\left[\begin{array}{cccc}{E}_1& 0& \cdots & 0\\ 0& E_2& \cdots & 0\\ ⋮& ⋮& \ddots & ⋮\\ 0& 0& \cdots & E_p\end{array}\right] \end{gathered}$$

The ith subsystem can be further given as

$$\{\begin{array}{l}{x}_i(k+1)=A_{ii}{x}_i(k)+{\displaystyle \sum _{j\in N_{\overline{i}}}{A}_{ij}{x}_j(k)+}{\displaystyle \sum _{l\in N}{B}_{il}{u}_l(k)+B_{f_i}{f}_i(k)+B_{v_i}{v}_i(k)}\\ y_i(k)=C_i{x}_i(k)+E_i{w}_i(k)\end{array}$$

(2)

where $N$ is the set of all subsystems and $N_{\overline{i}}$ is the set of subsystems other than the ith subsystem. $x_j(k)$ and $u_l(k)$ represent the jth ($j\ne i$) subsystem state and lth subsystem input. Note that $f_i(k)$ denotes the actuator failure and, in general, $B_{f_i}=B_{ii}$.

It can be found that each subsystem is equipped with an MCU which consists of the following components:

(1)

A fault detection observer (FDO), which is governed by

$$\{\begin{array}{l}{\hat{x}}_i(k+1)=A_{ii}{\widehat{x}}_i(k)+{\displaystyle \sum _{j\in N_{\overline{i}}}{A}_{ij}{\widehat{x}}_j(k)}+{\displaystyle \sum _{l=1}^N{B}_{il}{u}_l(k)}+L_i(y_i(k)-{\widehat{y}}_i(k))\\ {\widehat{y}}_i(k)=C_i{\widehat{x}}_i(k)\\ r_i(k)=y_i(k)-{\widehat{y}}_i(k)\end{array}$$

(3)

where ${\widehat{x}}_i(k)$ and ${\widehat{x}}_j(k)$ are the state estimations of the ith and jth subsystem respectively. ${\widehat{x}}_i(k)$ represents the output estimation of the ith subsystem. $L_i$ is the detection observer gain and $r_i(k)$ stands for the residual of the ith subsystem generated by the FDO.

(2)

A fault isolation observer (FIO), which is activated when there is an alarm provided by the corresponding FDO and can be described by

$$\{\begin{array}{l}{{\widehat{x}}_i}^q(k+1)=A_{ii}{{\widehat{x}}_i}^q(k)+{\displaystyle \sum _{j\in Alarm}{A}_{ij}{\widehat{x}}_j}(k)+{\displaystyle \sum _{\overline{j}\in \overline{Alarm}}{A}_{i\overline{j}}{\widehat{x}}_{\overline{j}}}(k)+{\displaystyle \sum _{l=1}^N{B}_{il}{u}_l(k)}\\ +B_{\mathit{fi}}{\widehat{f}}_i(k)+G_i(y_i(k)-{\widehat{y}}_i{}^q(k))\\ {{\widehat{y}}_i}^q(k)=C_i{{\widehat{x}}_i}^q(k)\\ {r_i}^q(k)=y_i(k)-{{\widehat{y}}_i}^q(k)\\ {\widehat{f}}_i(k+1)={\widehat{f}}_i(k)+{\Gamma }_i(y_i(k)-{\widehat{y}}_i^q(k))\end{array}$$

(4)

where $Alarm+\overline{Alarm}=N_{\overline{i}}$ and ${{\widehat{x}}_i}^q(k)$ is the state estimation of subsystem given by the FIO. $G_i$ is the isolation observer gain of the ith subsystem. ${{\widehat{y}}_i}^q(k)$ represents the corresponding output estimation and ${r_i}^q(k)$ is the residual of the ith subsystem generated by the FIO. ${\widehat{f}}_i(k)$ stands for the fault estimation and ${\Gamma }_i$ is the weighting matrix.

(3)

A controller, which can keep the faulty system stable and is constructed as

$$u_i(k)=\{\begin{array}{l}\begin{array}{cc}-R_i^{-1}{B}_{ii}^{\mathrm{T}}{K}_i{\widehat{x}}_{zi}(k),& fault-free\end{array}\\ \begin{array}{cc}-R_i^{-1}{B}_{ii}^{\mathrm{T}}{K}_i{\widehat{x}}_{zi}(k)-R_i^{-1}{B}_{ii}^{\mathrm{T}}{S}_i(k),& faulty\end{array}\end{array}$$

(5)

where $R_i$ is a positive definite matrix, and $K_i$ is the local optimal gain determined from a standard LQR Riccati equation. ${\hat{x}}_{zi}(k)=\{\begin{array}{l}\begin{array}{cc}{\widehat{x}}_i,& fault-free\end{array}\\ \begin{array}{cc}{\widehat{x}}_i^q,& faulty\end{array}\end{array}$ is the real state estimation of $x_i(k)$ and is provided by the cloud processing unit. $S_i(k)$ represents the cooperative compensation vector from other subsystems in the faulty case.

The processing flow of the cloud processing unit is shown in detail in Figure 2. It can be seen that the clouding processing unit shoulders the responsibility of receiving, processing, and broadcasting information. Further, it mainly perform three functions: (i) obtaining the state estimations ${\widehat{x}}_i$ and ${\widehat{x}}_i^q$ from the monitoring unit; (ii) accomplishing fault detection and isolation based on the residual signals and spreading results; and (iii) providing the corresponding state estimation to the control unit.

Based on this, the fault detection and isolation schemes in particular are given in Figure 3. The conventional fault detection observer is used to detect whether a fault occurs, and a residual value exceeding the threshold indicates that there is a fault in the process. Meanwhile, the fault isolation observer based on the adaptive fault estimation method is adopted to achieve fault isolation by the combination of an unconventional isolation decision logic. Specifically, since the adaptive method is employed to estimate the fault and the fault estimation information is used to modify the residuals. In this way, the subsystem with actuator faults can be located where the residual value is less than the threshold rather than exceed the threshold as usual. It is noteworthy that isolation decision logic in this paper is contrary to the detection decision logic and different from the conventional method [26].

In this paper, the design objective is to locate the fault accurately and achieve a cooperative fault-tolerant control. Hence, this paper studies the design of a novel fault diagnosis framework, and the detection and isolation observer gain $L_i$ and $G_i$, the controller gain $K_i$, and the cooperative compensation vector $S_i(k)$.

Remark 1.

It is worthwhile to note that only the single fault case is considered in this paper. Meanwhile, a cooperative controller with fault-tolerant ability is introduced to keep the faulty subsystem stable, and LQR controllers are employed so that the healthy subsystems, which may be affected by the faulty subsystem, can remain stable.

Remark 2.

The subsystems in Figure 1 are physically interconnected. From the mathematical viewpoint, the physical interconnection can be seen from the state matrix $A$.If the matrix $A_{ij}(i\ne j)$,the non-diagonal block of the matrix $A$,is not equal to zero, it means that the ithsubsystem and the jthsubsystem are physically interconnected. In addition, the monitoring units in Figure 1 are informationally interconnected. To be specific, the monitoring units acquire the state estimation information from other interconnected subsystems through broadcast communication, and all subsystems can use them once the state estimation information has been broadcast.

Remark 3.

Fault isolation is achieved by making use of the adaptive fault estimation observer which is not applicable for a sensor fault. This is the reason we do not consider a sensor fault. If the fault isolation observer based on the adaptive fault estimation method is replaced by some other sensor fault estimation observer, the problem of sensor fault diagnosis can be considered.

Remark 4.

Similar to what has been given in [27], the necessary conditions for the existence of the observer are$\left(A_{ii},C_i\right)(i=1,\cdots p)$being observable and$\left(A,C\right)$being observable, which can be guaranteed by the PBH rank criteria$rank\left[\begin{array}{cc}{C}_i^{\mathrm{T}}& s{I}_i-A_{ii}^{\mathrm{T}}\end{array}\right]=n/p$and$rank\left[\begin{array}{cc}{C}^{\mathrm{T}}& sI-A^T\end{array}\right]=n$respectively.

3. Main Results

The presentation of the main results is divided into three sections: (i) the design of fault detection observer; (ii) the design of fault isolation observer; and (iii) the design of cooperative fault-tolerant controller.

3.1. The Design of Fault Detection Observer

In the design of the fault detection observer, the only design parameter is the observer gain $L_i$ in Equation (3). To this end, we define the state error as $e_i(k){=x}_i(k)-{\widehat{x}}_i(k)$ and the dynamics of the error system are obtained from Equations (2) and (3) as

$$\{\begin{array}{l}{e}_i(k+1)=(A_{ii}-L_i{C}_i)e_i(k)+{\displaystyle \sum _{j\in N_{\overline{i}}}{A}_{ij}{e}_j(k)+}{B}_{fi}{f}_i(k)+B_{di}{d}_i(k)\\ r_i(k)=C_i{e}_i(k)+D_i{d}_i(k)\end{array}$$

(6)

where $B_{\mathit{di}}=\left[\begin{array}{cc}{B}_{vi}& -L_i{E}_i\end{array}\right]$, $D_i=\left[\begin{array}{cc}0& E_i\end{array}\right]$ and $d_i(k)={\left[\begin{array}{cc}{v_i}^{\mathrm{T}}(k)& {w_i}^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}$, and the residual $r_i(k)$ is related to $v_i(k)$ and $w_i(k)$. Thus, the asymptotic stability and $H_{\infty }$ performance of the error system given in Equation (6) are ensured in the following theorem.

Theorem 1.

For a given scalar${\gamma }_i>0$, if there exists a symmetric matrix$P_i=P_i^{\mathrm{T}}>0$and$Y_i$such that

$$\left[\begin{array}{ccccccccccc}-P_i& P_i{A}_{ii}-Y_i{C}_i& P_i{B}_{v_i}& -P_i{L}_i{E}_i& P_i{A}_{im}& \cdots & P_i{A}_{ip}& 0& 0& \cdots & 0\\ \ast & -P_i& 0& 0& 0& \cdots & 0& C_i^{\mathrm{T}}& 0& \cdots & 0\\ \ast & \ast & -{\gamma }_i^2& 0& 0& \cdots & 0& 0& 0& \cdots & 0\\ \ast & \ast & \ast & -{\gamma }_i^2& 0& \cdots & 0& E_i^{\mathrm{T}}& 0& \cdots & 0\\ \ast & \ast & \ast & \ast & -{\epsilon }_m& \cdots & 0& 0& \sqrt{2{\epsilon }_m}& \cdots & 0\\ \ast & \ast & \ast & \ast & \ast & \ddots & ⋮& ⋮& ⋮& \ddots & 0\\ \ast & \ast & \ast & \ast & \ast & \ast & -{\epsilon }_p& 0& 0& 0& \sqrt{2{\epsilon }_p}\\ \ast & \ast & \ast & \ast & \ast & \ast & \ast & -I& 0& 0& 0\\ \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & -I& 0& 0\\ \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & -I& 0\\ \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & \ast & -I\end{array}\right]<0$$

(7)

where$0<{\epsilon }_m,\cdots ,{\epsilon }_p\ll 1$ ($m,\cdots p\in N_{\overline{i}}$). Then the error system (6) is asymptotically stable and satisfies $H_{\infty }$ performance ${\Vert r_i(k)\Vert }_2<{\gamma }_i{\Vert d_i(k)\Vert }_2$, and the detection observer gain can be obtained as $L_i=P_i^{-1}{Y}_i$.

Proof of Theorem 1.

Consider the following Lyapunov function candidate:

$$V_i(k)={e_i}^{\mathrm{T}}(k)P_i{e}_i(k)$$

and the stability of the error system (6) is satisfied if and only if

$$J_i=V_i(k+1)-V_i(k)+{r_i}^{\mathrm{T}}(k)r_i(k)-{\gamma }_i^2{d_i}^{\mathrm{T}}(k)d_i(k)<0$$

It yields

$$J_i<\begin{array}{c}{e_i}^{\mathrm{T}}(k)({{\overline{A}}_i}^{\mathrm{T}}{P}_i{\overline{A}}_i-P_i+{C_i}^{\mathrm{T}}{C}_i)e_i(k)+2{e_i}^{\mathrm{T}}(k)({{\overline{A}}_i}^{\mathrm{T}}{P}_i{B}_{di}+C_i^{\mathrm{T}}{D}_i)d_i(k)\\ +2{\displaystyle \sum _{j\in N_{\overline{i}}}{e_i}^{\mathrm{T}}(k){{\overline{A}}_i}^{\mathrm{T}}{P}_i{A}_{ij}{e}_j(k)}+{d_i}^{\mathrm{T}}(k)({B_{di}}^{\mathrm{T}}{P}_i{B}_{di}+D_i^{\mathrm{T}}{D}_i-{\gamma }_i^2)d_i(k)\\ +{\displaystyle \sum _{j\in N_{\overline{i}}}{e_j}^{\mathrm{T}}(k)({A_{ij}}^{\mathrm{T}}{P}_i{A}_{ij}+{\epsilon }_j)e_j(k)+}2{\displaystyle \sum _{j\in N_{\overline{i}}}{e_j}^{\mathrm{T}}(k){A_{ij}}^{\mathrm{T}}{P}_i{B}_{di}{d}_i(k)}\end{array}$$

or equivalently

$${{\xi }_i}^{\mathrm{T}}(k){\Xi }_i{\xi }_i(k)<0$$

where ${\overline{A}}_i=A_{ii}-L_i{C}_i$ and $\xi (k)={\left[\begin{array}{ccccc}{e_i}^{\mathrm{T}}(k)& {d_i}^{\mathrm{T}}(k)& {e_m}^{\mathrm{T}}(k)& \cdots & {e_p}^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}$, and

$${\Xi }_i=\left[\begin{array}{ccccc}{{\overline{A}}_i}^{\mathrm{T}}{P}_i{\overline{A}}_i-P_i+C_i^{\mathrm{T}}{C}_i& A_{ii}^{\mathrm{T}}{P}_i{B}_{di}+C_i^{\mathrm{T}}{D}_i& {{\overline{A}}_{ii}}^{\mathrm{T}}{P}_i{A}_{im}& \cdots & {{\overline{A}}_{ii}}^{\mathrm{T}}{P}_i{A}_{ip}\\ *& {B_{di}}^{\mathrm{T}}{P}_i{B}_{di}+{D_i}^{\mathrm{T}}{D}_i-{\gamma }_i^2& {B_{di}}^{\mathrm{T}}{P}_i{A}_{im}& \cdots & {B_{di}}^{\mathrm{T}}{P}_i{A}_{ip}\\ *& *& A_{im}^{\mathrm{T}}{P}_i{A}_{im}+{\epsilon }_m& \cdots & A_{im}^{\mathrm{T}}{P}_i{A}_{iP}\\ *& *& *& \ddots & ⋮\\ *& *& *& \cdots & A_{ip}^{\mathrm{T}}{P}_i{A}_{ip}+{\epsilon }_p\end{array}\right]$$

With applying the Schur complement twice, ${\Xi }_i<0$ can be further expressed as:

$$\left[\begin{array}{ccccccc}-P_i& P_i{\overline{A}}_i& P_i{B}_{di}& P_i{A}_{im}& \cdots & P_i{A}_{ip}& 0\\ *& -P_i& 0& 0& \cdots & 0& C_i^{\mathrm{T}}\\ *& *& -{\gamma }_i^2& 0& \cdots & 0& D_i^{\mathrm{T}}\\ *& *& *& {\epsilon }_m& \cdots & 0& 0\\ *& *& *& *& \ddots & ⋮& ⋮\\ *& *& *& *& *& {\epsilon }_p& 0\\ *& *& *& *& *& *& -I\end{array}\right]<0$$

based on this, ${\epsilon }_m$, $\cdots$, ${\epsilon }_p$ are further managed with the use of Schur complement $p-1$ times. Hence, Theorem 1 can be proven. □

The root mean square (RMS) norm is selected as the residual evaluation function with

$$J_{i,RMS}={\Vert r_i(k)\Vert }_{RMS}$$

The threshold, the maximum influence of disturbance on the residual evaluation function without faults, can be computed by

$$J_{i,th}=\underset{\mathit{fault}-\mathit{free}}{\mathit{sup}}{\Vert r_i(k)\Vert }_{RMS}$$

Then, the fault detection decision logic can be described by

$$\{\begin{array}{l}{J}_{i,RMS}>J_{i,th}\Rightarrow {\epsilon }_i=1\\ J_{i,RMS}\le J_{i,th}\Rightarrow {\epsilon }_i=0\end{array}$$

where ${\epsilon }_i=1$ denotes that the ith subsystem will generate an alarm signal which will be broadcast by the cloud processing unit, and ${\epsilon }_i=0$ denotes that the ith subsystem is healthy.

3.2. The Design of Fault Isolation Observer

According to the above fault detection results, the alarming subsystems are firstly put into the fault set and then fault isolation is only conducted in the fault set. Meanwhile, the FIO given in Equation (4) takes advantage of the output signals from sensors as well as the input signals to generate state estimation ${{\widehat{x}}_i}^q(k)$ and fault estimation ${\widehat{f}}_i(k)$. Based on this, a novel framework of fault isolation is proposed to locate the fault accurately. For this purpose, some error expressions are defined as follows:

$${e_i}^q(k){=x}_i(k)-{{\widehat{x}}_i}^q(k), e_{f_i}(k)=f_i(k)-{\widehat{f}}_i(k).$$

Then, from Equations (2) and (4), the error dynamical system is described by

$$\{\begin{array}{l}{e_i}^q(k+1)=(A_{ii}-G_i{C}_i){e_i}^q(k)+{\displaystyle \sum _{j\in Alarm}{A}_{ij}{e_j}^q(k)}+{\displaystyle \sum _{\overline{j}\in \overline{Alarm}}{A}_{i\overline{j}}{e}_{\overline{j}}(k)}+B_{\mathit{fi}}{e_f}_i(k)\\ +B_{v_i}{v}_i(k)-G_i{E}_i{w}_i(k)\\ e_{f_i}(k+1)=-{\Gamma }_i{C}_i{e}_i^q(k)+e_{f_i}(k)+\Delta f_i(k)-{\Gamma }_i{E}_i{w}_i(k)\end{array}$$

(8)

where $\Delta f_i(k)=f_i(k+1)-f_i(k)$ denotes the variation in the fault.

According to the error system (8), the augmented system is as follows:

$$\{\begin{array}{l}{\tilde{e}}_i(k+1)={\tilde{A}}_i{\tilde{e}}_i(k)+{\tilde{B}}_{d_i}{\tilde{d}}_i(k)\\ e_{f_i}(k)={\tilde{E}}_i{\tilde{e}}_i(k)\end{array}$$

(9)

where ${\tilde{e}}_i(k)={\left[\begin{array}{cccccc}{e_i^q}^{\mathrm{T}}(k)& e_{f_i}^{\mathrm{T}}(k)& e_i^{\mathrm{T}}(k)& e_m^{\mathrm{T}}(k)& \cdots & e_p^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}$, ${\tilde{d}}_i(k)={\left[\begin{array}{ccc}{\tilde{w}}_i^{\mathrm{T}}(k)& {\tilde{v}}_i^{\mathrm{T}}(k)& \Delta {\tilde{f}}_i^{\mathrm{T}}(k)\end{array}\right]}^{\mathrm{T}}$, and ${\tilde{w}}_i(k)={\left[\begin{array}{cccc}{w}_i(k)& w_m(k)& \cdots & w_p(k)\end{array}\right]}^{\mathrm{T}}$, and ${\tilde{v}}_i(k)={\left[\begin{array}{cccc}{v}_i(k)& v_m(k)& \cdots & v_p(k)\end{array}\right]}^{\mathrm{T}}$, and $\Delta {\tilde{f}}_i(k)={\left[\begin{array}{cccc}\Delta f_i(k)& \Delta f_m(k)& \cdots & \Delta f_p(k)\end{array}\right]}^{\mathrm{T}}$, and ${\tilde{E}}_i=\left[\begin{array}{cccccc}0& 1& 0& 0& \cdots & 0\end{array}\right]$, and ${\tilde{A}}_i=\left[\begin{array}{cccccc}{A}_{ii}-G_i{C}_i& B_{f_i}& 0& A_{im}& \cdots & A_{ip}\\ -{\Gamma }_i{C}_i& 1& 0& 0& \cdots & 0\\ 0& 0& A_{ii}-L_i{C}_i& A_{im}& \cdots & A_{ip}\\ 0& 0& A_{mi}& A_{mm}-L_m{C}_m& \cdots & A_{mp}\\ ⋮& ⋮& ⋮& ⋮& \ddots & ⋮\\ 0& 0& A_{pi}& A_{pm}& \cdots & A_{pp}-L_p{C}_p\end{array}\right]$, and ${\tilde{B}}_{d_i}=\left[\begin{array}{cccccccccccc}-G_i{E}_i& 0& \cdots & 0& B_{v_i}& 0& \cdots & 0& 0& 0& \cdots & 0\\ -{\Gamma }_i{E}_i& 0& \cdots & 0& 0& 0& \cdots & 0& 1& 0& \cdots & 0\\ -L_i{E}_i& 0& \cdots & 0& B_{v_i}& 0& \cdots & 0& 0& 0& \cdots & 0\\ 0& -L_m{E}_m& \cdots & 0& 0& B_{v_m}& \cdots & 0& 0& 0& \cdots & 0\\ ⋮& ⋮& ⋮& ⋮& ⋮& ⋮& ⋮& ⋮& ⋮& ⋮& \ddots & ⋮\\ 0& 0& \cdots & -L_p{E}_p& 0& 0& 0& B_{v_p}& 0& 0& \cdots & 0\end{array}\right]$. Thus, the asymptotic stability and $H_{\infty }$ performance of the error system given in Equation (9) are ensured in the following theorem.

Theorem 2.

For a given scalar${\delta }_i>0$, if there exist symmetric matrices${\tilde{P}}_{ii}={\tilde{P}}_{ii}^{\mathrm{T}}>0$,${\tilde{Q}}_{ii}={\tilde{Q}}_{ii}^{\mathrm{T}}>0$such that the following condition holds

$$\left[\begin{array}{cccc}-{\tilde{P}}_i& {\psi }_i& {\Theta }_i& 0\\ \ast & -{\tilde{P}}_i& 0& {\tilde{E}}_i\\ \ast & \ast & -{\delta }_i& 0\\ \ast & \ast & \ast & -{\delta }_i\end{array}\right]<0$$

(10)

where ${\tilde{P}}_i=diag\left\{\begin{array}{cccccc}{\tilde{P}}_{ii}& {\tilde{Q}}_{ii}& I& I& \cdots & I\end{array}\right\}$, ${\psi }_i=\left[\begin{array}{cccccc}{\tilde{P}}_{ii}{A}_{ii}-{\tilde{X}}_i{C}_i& {\tilde{P}}_{ii}{B}_{f_i}& 0& {\tilde{P}}_{ii}{A}_{im}& \cdots & {\tilde{P}}_{ii}{A}_{ip}\\ -{\tilde{Y}}_i{C}_i& {\tilde{Q}}_{ii}& 0& 0& \cdots & 0\\ 0& 0& A_{ii}-L_i{C}_i& A_{im}& \cdots & A_{ip}\\ 0& 0& A_{mi}& A_{mm}-L_m{C}_m& \cdots & A_{mp}\\ ⋮& ⋮& ⋮& ⋮& \ddots & ⋮\\ 0& 0& A_{pi}& A_{pm}& \cdots & A_{pp}-L_p{C}_P\end{array}\right]$, ${\Theta }_i=\left[\begin{array}{cccccccccccc}-{\tilde{X}}_i{E}_i& 0& \cdots & 0& {\tilde{P}}_{ii}{B}_{v_i}& 0& \cdots & 0& 0& 0& \cdots & 0\\ -{\tilde{Y}}_i{E}_i& 0& \cdots & 0& 0& 0& \cdots & 0& {\tilde{Q}}_{ii}& 0& \cdots & 0\\ -L_i{E}_i& 0& \cdots & 0& B_{v_i}& 0& \cdots & 0& 0& 0& \cdots & 0\\ 0& -L_m{E}_m& \cdots & 0& 0& B_{v_m}& \cdots & 0& 0& 0& \cdots & 0\\ ⋮& ⋮& \ddots & ⋮& ⋮& ⋮& \ddots & ⋮& ⋮& ⋮& \ddots & ⋮\\ 0& 0& \cdots & -L_p{E}_p& 0& 0& \cdots & B_{v_p}& 0& 0& \cdots & 0\end{array}\right]$, then the error dynamics (9) satisfy the $H_{\infty }$ performance index ${\Vert e_{f_i}(k)\Vert }_2<{\delta }_i{\Vert {\tilde{d}}_i(k)\Vert }_2$. Further, the weighting matrix and isolation observer gain are given as ${\Gamma }_i={\tilde{Q}}_{ii}^{-1}{\tilde{Y}}_i$ and $G_i={\tilde{P}}_{ii}^{-1}{\tilde{X}}_i$ respectively.

Proof of Theorem 2.

Consider the following Lyapunov function candidate:

$${\tilde{V}}_i(k)={\tilde{e}}_i^{\mathrm{T}}(k){\tilde{P}}_i{\tilde{e}}_i(k)$$

and the stability of the error system Equation (9) is satisfied if and only if

$${\tilde{J}}_i={\tilde{V}}_i(k+1)-{\tilde{V}}_i(k)+e_{f_i}^{\mathrm{T}}(k)e_{f_i}(k)-{\delta }_i^2{\tilde{d}}_i^{\mathrm{T}}(k){\tilde{d}}_i(k)<0$$

It yields

$$\begin{array}{l}{\tilde{e}}_i^T(k)({\tilde{A}}_i^T{\tilde{P}}_i{\tilde{A}}_i+{\tilde{E}}_i^T{\tilde{E}}_i-{\tilde{P}}_i){\tilde{e}}_i(k)+{\tilde{e}}_i^T(k){\tilde{A}}_i^T{\tilde{P}}_i{\tilde{B}}_{d_i}{\tilde{d}}_i(k)\\ +{\tilde{d}}_i^T(k){\tilde{B}}_{d_i}^{\mathrm{T}}{\tilde{P}}_i{\tilde{A}}_i{\tilde{e}}_i(k)+{\tilde{d}}_i^T(k)({\tilde{B}}_{d_i}^{\mathrm{T}}{\tilde{P}}_i{\tilde{B}}_{d_i}-{\delta }_i^2){\tilde{d}}_i(k)\end{array}<0$$

or equivalently

$$\left[\begin{array}{cccc}-{\tilde{P}}_i& {\tilde{P}}_i{\tilde{A}}_i& {\tilde{P}}_i{\tilde{B}}_{d_i}& 0\\ \ast & -{\tilde{P}}_i& 0& {\tilde{E}}_i^{\mathrm{T}}\\ \ast & \ast & -{\delta }_i& 0\\ \ast & \ast & \ast & -{\delta }_i\end{array}\right]<0$$

(11)

Theorem 2 can be proven by substituting ${\tilde{P}}_i$, ${\tilde{A}}_i$ and ${\tilde{B}}_{d_i}$ into Equation (11). □

Furthermore, the residual evaluation in the fault set is carried out again. The RMS norm is chosen as the residual evaluation function with

$$J_{i,RMS}^q={\Vert {r_i}^q(k)\Vert }_{RMS}$$

and the threshold, similar to previous subsections, is calculated as

$$J_{i,th}^q=\underset{\mathit{fault}-\mathit{free}}{\mathit{sup}}{\Vert r_i^q(k)\Vert }_{RMS}$$

Different from the conventional scheme of decision logic, fault isolation decision logic in this subsection is described by

$$\{\begin{array}{l}{J}_{i,RMS}^q\le J_{i,th}^q\Rightarrow faulty\\ J_{i,RMS}^q>J_{i,th}^q\Rightarrow fault-free\end{array}$$

and fault compensation is responsible for this.

Remark 5.

Alarm signals from FDOs are broadcasted by the cloud processing unit. In order to realize fault isolation, the alarming subsystems then further employ FIOs in turn after the use of FDOs. Meanwhile, the healthy subsystems, not generating alarm signals, use FDOs at all times.

3.3. The Design of Cooperative Fault-Tolerant Controller

In the two previous subsections, fault detection and isolation have been realized by the design of the fault detection and isolation observer. However, the stability of the whole system cannot be guaranteed because the fault is unsolved during fault diagnosis. For this reason, a cooperative fault-tolerant control scheme for the distributed interconnected system is presented in this subsection.

To ensure that a distributed interconnected system with an actuator failure can maintain stability, the optimal cooperative fault-tolerant control law is designed as$u_i(k)=-R_i^{-1}{B}_{ii}^{\mathrm{T}}{K}_i{\widehat{x}}_{zi}(k)-R_i^{-1}{B}_{ii}^{\mathrm{T}}{S}_i(k)$, where the local control gain and cooperative compensation vector are determined from

$$K_i=Q_i+{A_{ii}}^{\mathrm{T}}{K}_i{A}_{ii}-{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ii}{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{K}_i{A}_{ii}$$

(12)

$$S_i(k+1)={[A_{ii}^{\mathrm{T}}-A_{ii}^{\mathrm{T}}{K}_i{B}_{ii}{(R_i+B_{ii}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B}_{ii}^{\mathrm{T}}]}^{-1}{S}_i(k)-K_i{\displaystyle \sum _{j\in N_{\overline{i}}}(A_{ij}{x}_j(k)+B_{ij}{u}_j(k))}$$

(13)

Proof of Theorem 3.

The global optimization problem for the control of the distributed interconnected system with a failure is a quadratic function related to the state and input vectors, which can be given as

$$\min \underset{u_i}{M}={\displaystyle \sum _{i=1}^N\frac{1}{2}(x_i^{\mathrm{T}}(k)Q_i{x}_i(k)+u_i^{\mathrm{T}}(k)R_i{u}_i(k))}$$

(14)

where $Q_i$ is a positive semidefinite matrix.

When one subsystem fails, the effect of cooperative compensation can be achieved by the Hamiltonian for each subsystem

$$\begin{array}{l}{H}_i=\frac{1}{2}({x_i}^{\mathrm{T}}(k)Q_i{x}_i(k)+{u_i}^{\mathrm{T}}(k)R_i{u}_i(k))+{{\lambda }_i}^{\mathrm{T}}(k+1)(A_{ii}{x}_i(k)+B_{ii}{u}_i(k)\\ +{\displaystyle \sum _{j\in N_{\overline{i}}}{A}_{ij}{x}_j(k)}+{\displaystyle \sum _{j\in N_{\overline{i}}}{B}_{ij}{u}_j(k)})\end{array}$$

(15)

where ${\lambda }_i(k+1)$ is the adjoint vector.

According to Equation (15), the necessary optimality conditions, obtained from the optimal control theory [28], are

$$\frac{\partial H_i}{\partial x_i}=Q_i{x}_i(k)+{A_{ii}}^{\mathrm{T}}{\lambda }_i(k+1)={\lambda }_i(k)$$

(16)

$$\frac{\partial H_i}{\partial u_i}=R_i{u}_i(k)+{B_{ii}}^{\mathrm{T}}{\lambda }_i(k+1)=0$$

(17)

Further, the cooperative compensation is calculated through a feedback control, which can be described by

$${\lambda }_i(k)=K_i{\widehat{x}}_i(k)+S_i(k)$$

(18)

Substituting Equations (18) and (2) without the fault $f_i(k)$ and the noise $v_i(k)$ into Equation (16) yields

$$\begin{array}{l}{\lambda }_i(k)=(Q_i+{A_{ii}}^{\mathrm{T}}{K}_i{A}_{ii})x_i(k)+{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ii}{u}_i(k)+{\displaystyle \sum _{j\in N_{\overline{i}}}{A_{ii}}^{\mathrm{T}}{K}_i{A}_{ij}{x}_j(k)}\\ +{\displaystyle \sum _{j\in N_{\overline{i}}}{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ij}{u}_j(k)}+{A_{ii}}^{\mathrm{T}}{S}_i(k+1)\end{array}$$

(19)

By combining Equations (18) and (2) without the fault $f_i(k)$ and the noise $v_i(k)$, Equation (17) can be re-written as

$$\begin{array}{l}{u}_i(k)=-{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{K}_i{A}_{ii}{x}_i(k)-{\displaystyle \sum _{j\in N_{\overline{i}}}{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{K}_i{A}_{ij}{x}_j(k)}\\ -{\displaystyle \sum _{j\in N_{\overline{i}}}{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ij}{u}_j(k)}-{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{S}_i(k+1)\end{array}$$

(20)

Moreover, substituting Equation (20) into Equation (19) leads to

$$\begin{array}{c}{\lambda }_i(k)=[Q_i+{A_{ii}}^{\mathrm{T}}{K}_i{A}_{ii}-{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ii}{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{K}_i{A}_{ii}]x_i(k)\\ +[{\displaystyle \sum _{j\in N_{\overline{i}}}{A_{ii}}^{\mathrm{T}}{K}_i{A}_{ij}-{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ii}{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{K}_i{A}_{ij}]x_j(k)}\\ +[{\displaystyle \sum _{j\in N_{\overline{i}}}{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ij}-{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ii}{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ij}]u_j(k)}\\ +[{A_{ii}}^{\mathrm{T}}-{A_{ii}}^{\mathrm{T}}{K}_i{B}_{ii}{(R_i+{B_{ii}}^{\mathrm{T}}{K}_i{B}_{ii})}^{-1}{B_{ii}}^{\mathrm{T}}]S_i(k+1)\end{array}$$

(21)

Theorem 3 can be proven by comparing Equations (18) and (21). □

4. Simulation Example

In this section, the proposed fault diagnosis and cooperative fault-tolerant control scheme is applied to the simplified model of intelligent unmanned vehicle platooning [29], which is shown in Figure 4. A desired separation distance ${\Delta }_o$ between adjacent vehicles, and a desired average velocity $V_o$ should be assigned under normal operating conditions. Furthermore, the variable $\Delta D_i(k)$ ($i=2,3,4$) represents the deviation from the desired separation distance while the variable $\Delta V_i(k)$ ($i=1,2,3,4$) represents the deviation from the desired velocity. $\Delta d_i(k)$ is the real separation distance between the ith and $i-\mathrm{1th}$ vehicle at time $k$, and $V_i(k)$ is the real velocity of the ith vehicle at time $k$. Therefore, the state vector and output vector in Equation (1) are $x(k)={\left[\begin{array}{ccccccc}\Delta V_4(k)& \Delta D_4(k)& \Delta V_3(k)& \Delta D_3(k)& \Delta V_2(k)& \Delta D_2(k)& \Delta V_1(k)\end{array}\right]}^{\mathrm{T}}$ and $y(k)=[\begin{array}{cc}\Delta D_4(k)& \Delta D_3(k)\end{array}$ ${\begin{array}{cc}\Delta D_2(k)& \Delta V_1(k)\end{array}]}^{\mathrm{T}}$ respectively, where $\Delta D_i(k)=$$\Delta d_i(k)-{\Delta }_o$ and $\Delta V_i(k)=V_i(k)-V_o$.

The motion of each vehicle is characterized firstly by differential equations with the help of Newton’s second law, and then the state-space representation of the four vehicles platooning can be acquired through expanding the nonlinear term in a Taylor series expansion. The system matrices of the four vehicles platooning are given as follows:

$$\begin{gathered} A=\left[\begin{array}{ccccccc}0.9048& 0& 0& 0& 0& 0& 0\\ 0.0952& 1& -0.0952& 0& 0& 0& 0\\ 0& 0& 0.9048& 0& 0& 0& 0\\ 0& 0& 0.0952& 1& -0.0952& 0& 0\\ 0& 0& 0& 0& 0.9048& 0& 0\\ 0& 0& 0& 0& 0.0952& 1& -0.0952\\ 0& 0& 0& 0& 0& 0& 0.9048\end{array}\right] \\ B=\left[\begin{array}{cccc}0.0952& 0& 0& 0\\ 0.0048& -0.0048& 0& 0\\ 0& 0.0952& 0& 0\\ 0& 0.0048& -0.0048& 0\\ 0& 0& 0.0952& 0\\ 0& 0& 0.0048& -0.0048\\ 0& 0& 0& 0.0952\end{array}\right]’ \\ {B}_v=0.1B_f, C=\left[\begin{array}{ccccccc}0& 1& 0& 0& 0& 0& 0\\ 0& 0& 0& 1& 0& 0& 0\\ 0& 0& 0& 0& 0& 1& 0\\ 0& 0& 0& 0& 0& 0& 1\end{array}\right], E=\left[\begin{array}{cccc}1& 0& 0& 0\\ 0& 1& 0& 0\\ 0& 0& 1& 0\\ 0& 0& 0& 1\end{array}\right]. \end{gathered}$$

According to Theorem 1, the four parameters ${\gamma }_1$, ${\gamma }_2$, ${\gamma }_3$, and ${\gamma }_4$ are computed as 1.1339, 1.1339, 1.1339, and 1.0003 respectively, and the detection observer gains are as follows:

$$L_1=\left[\begin{array}{c}1.1439\times {10}^{-4}\\ 0.2222\end{array}\right], L_2=\left[\begin{array}{c}1.1439\times {10}^{-4}\\ 0.2222\end{array}\right], L_3=\left[\begin{array}{c}1.1439\times {10}^{-4}\\ 0.2222\end{array}\right], L_4=4.5233\times {10}^{-4}$$

Then, by solving the condition in Theorem 2, we can obtain the $H_{\infty }$ performance levels ${\delta }_4=1.8338$, ${\delta }_3=1.8633$, and the isolation observer parameters

$$G_4=0.9048, G_3={\left[\begin{array}{cc}0.0044& 0.6059\end{array}\right]}^{\mathrm{T}}, {\Gamma }_4=1, {\Gamma }_3=8.652\times {10}^{-6}.$$

Further, by solving Riccati Equation (9), the local optimal gains can be obtained as:

$$K_1=\left[\begin{array}{cc}0.3112& 0.3113\end{array}\right], K_2=\left[\begin{array}{cc}0.3112& 0.3113\end{array}\right], K_3=\left[\begin{array}{cc}0.3112& 0.3113\end{array}\right], K_4=0.0463.$$

In the simulation, the process and measurement noise are assumed as $v(k)=w(k)={\left[\begin{array}{cccc}0.1& 0.1& 0.1& 0.1\end{array}\right]}^{\mathrm{T}}\cdot U\left[\begin{array}{cc}-1& 1\end{array}\right]$. Meanwhile, a fault has occurred in the 1st vehicle and is chosen as

$$f_1(k)=\{\begin{array}{l}\begin{array}{cc}0,& k<30s\end{array}\\ \begin{array}{cc}0.8,& k\ge 30s\end{array}\end{array}$$

The simulation results of fault detection are depicted in Figure 5a–d. It can be observed that the 1st and 2nd vehicles generate alarm signals and the 3rd and 4th vehicles do not generate alarm signals. Thus, the fault detection logic table can be listed as follows:

The simulation results of fault detection are depicted in Figure 5a–d. It can be observed that the 1st and 2nd vehicles generate alarm signals and the 3rd and 4th vehicles don’t generate alarm signals. So the fault detection logic table can be listed as

Table 1. Fault detection logic.

Numbers	Decision Results
The 1st vehicle	1
The 2nd vehicle	1
The 3rd vehicle	0
The 4th vehicle	0

.

It indicates that the faulty vehicle is located in alarming vehicles and the 3rd and 4th vehicles are healthy because of no alarm signals. Hence, the fault set is defined as {the 1st vehicle, the 2nd vehicle}. The next step is to determine whether the faulty vehicle is the 1st vehicle or the 2nd vehicle. For this purpose, fault isolation for the 1st vehicle and the 2nd vehicle are carried out in turn.

The simulation results of fault isolation for the 1st vehicle and 2nd vehicle are shown in Figure 6 and Figure 7 respectively. It can be seen from Figure 6a,b that the residual assessment values of the 1st and 2nd vehicle are both less than the threshold. However, the residual assessment values of the 1st and 2nd vehicle are both over the threshold in Figure 7a,b after the occurrence of the fault. Based on this, the fault isolation logic table can be listed as

Table 2. Fault isolation logic.

Types	Numbers	Decision Results
Fault isolation for the 1st vehicle	The 1st vehicle (FIO)	0
	The 2nd vehicle (FDO)	0
Fault isolation for the 2nd vehicle	The 1st vehicle (FDO)	1
	The 2nd vehicle (FIO)	1

.

Combing the simulation results and the fault isolation logic, it can be found that the faulty vehicle is the 1st vehicle.

Meanwhile, it also can be found from Figure 8 that the fault estimation value of the 1st vehicle can follow the fault value rapidly and accurately in a short time.

In order to guarantee the stability of the whole intelligent unmanned vehicle platooning, a cooperative controller with fault-tolerant ability is applied to the 1st vehicle and LQR controllers are used for the other three vehicles, and fault-tolerant results are further shown in Figure 9. It is obvious that the malfunction of the 1st vehicle brings about fault propagation among intelligent unmanned vehicle platooning, so that the displacement curves of the other three vehicles are no longer parallel with each other for a period of time. However, the displacement curves of the four vehicles are parallel again under the action of cooperative fault-tolerant control, which demonstrates the effectiveness of the fault-tolerant control scheme proposed in this paper.

5. Conclusions

In this paper, a distributed fault diagnosis and cooperative fault-tolerant control framework was developed. To be specific, a fault detection observer was first designed for each subsystem, and the generated alarm signals were broadcast by the cloud processing unit. After that, fault isolation observers and isolation decision logic were used for alarming subsystems in turn to locate the fault accurately. Furthermore, the control unit with the effect of cooperative compensation was constructed to avoid the system instability caused by the faulty subsystem.

It is notable that the scheme in this paper can be employed if and only if a single fault occurs in the system, so it is challenging to study actuator faults as well as sensor faults simultaneously for a distributed interconnected system. Meanwhile, it is very meaningful to combine our proposed method with the distinguished technologies in [8,18,19,20], focusing on optimizing shared information among subsystems, so as to reduce communication costs. These may represent the directions of our future work.