A complex physical system, such as a spacecraft, can be made increasingly autonomous by making it self-aware and capable of detecting, and responding to, off-nominal conditions. Livingstone comprises a language for specifying a model of the system and a set of algorithms which use the models to track the system's state.
Integrated system health management will be a key functionality of any exploration mission to ensure safety. We believe that model-based diagnosis & recovery techniques that cover the multitude of subsystems making up the exploration mission would facilitate fast efficient ISHM. The use and re-use of component models allow us to deal with long durations of missions, staged construction, as well as quick turn around of crew exploration vehicles. The ability to synthesize recovery actions facilitate on-board decision making autonomously or by humans.
Right: Livingstone 2 has the ability to diagnose multiple faults.
Livingstone 2 (L2) is a model-based diagnosis and recovery engine that can estimate the state of the modeled system and suggest recovery actions to reach specified goals. L2 uses a set of high-level, qualitative models that focus on characterizing the system’s behavior in propositional logic form. A Livingstone model is composed of components (which may map onto physical components), connections between components and constraints. A component is specified by variables, with a set of discrete, qualitative values for each variable in its local nominal and failure modes. For each mode, the model specifies the components' behavior and transitions.
Unit propagation is used to perform fast simulation of the behavior. Truth maintenance systems are used to identify conflicts and heuristic search algorithms are used to resolve conflicts in order to determine valid candidates (which are assumed to be transitions to some fault mode). A similar approach is used for recovery where instead of transitions to fault modes we are interested in commanded transitions that may be fired to reach the specified goals.
The key features of L2 are:
- Ability to diagnose multiple faults;
- Ability to provide justification for diagnosis;
- Ability to detect unforeseen faults through the use of unknown modes;
- Ability to synthesize actions (commands) to recover from diagnosed faults.
L2 has already been implemented and is currently being applied to several test beds including the X-34 propulsion system (PITEX) and the International Space Station. In mid 2004 Livingstone 2 will participate in a flight experiment on Earth Observing Satellite 1 (EO-1). In the Livingstone on EO-1 (LEO-1) infusion experiment, L2 will be uploaded to EO-1 and will demonstrate monitoring and diagnosis of the operation of the spacecraft under command of the autonomy experiment. In addition, L2’s predecessor Livingstone was part of the highly successful Remote Agent Experiment (RAX) on Deep Space One.
Caption: Current Livingstone 2 experiments and applications.
Model-based Diagnosis (MBD) uses a general-purpose model of the internal structure and/or behavior of systems to perform the diagnosis (fault detection & isolation) task. The diagnosis based on these models takes advantage of the analytical redundancy in the models, which is captured as static and/or dynamic relations between the inputs to the system and the outputs from the system. The basic principle of MBD can be understood as the interaction between predictions and observations. The system behavior is measured through sensors. The computational model of the system can be used to predict what these measurement values should be under nominal conditions. The predicted behavior is compared to the observed behavior to identify any discrepancy.