Mitigation of Potential Catastrophic Failures

*Methods are being developed which identify system stability thresholds to permit the design of intelligent controllers that only operate when a system moves along a trajectory towards a catastrophic state. These controllers enable systems to be used safely in a much wider operating regime than conventional control systems. *

**Benefit
**Long-term space missions place unique demands on systems in terms of reliability, safety and sustainability of operations. When re-supply is difficult and cannot be done in a short time-frame, it is imperative that systems be designed to operate safely even in the presence of degradations and unforeseen events. The technologies we have developed allow both for the monitoring and mitigation of degradations in the system’s behavior long before they will lead to a failure, and for the safe operation of the system in a wider range of conditions that would otherwise be possible, due to the ability to recognize when a critical path to failure is being followed.

**Research Overview
**The key properties of systems and structures that characterize their response to external perturbations are their stability thresholds and stability basins. Systems are designed to work within the basin of attraction of their stable operating point. The lowest exit point from this basin defines the stability threshold for the system. In complex systems they are not easily accessible from available mathematical equations or empirical knowledge. Relatively small perturbations in a system that do not exceed the stability threshold usually have a transient character and are followed by the full recovery of the nominal regime. On the other hand, large perturbations in a system can cause deviations that can leave the stability basin and may potentially lead to an irreversible system breakdown.

The effects of lowering of the stability thresholds due to degradation of various system components and faults are especially dangerous in long-term missions, because it can dramatically increase the risk of catastrophic events over the mission duration. For large systems such risk can be very difficult to assess because their critical states (threshold points) can be far away from the normal system modes and are not detectable in standard fault detection and isolation monitoring.

Our recent results on the statistical inference of fully nonlinear multidimensional dynamical models from sensor data allows us to estimate the stability thresholds by accumulating the data from the system trajectory far away from the critical regions (near the nominal regimes). This implies that we can learn degraded stability thresholds in real time before the system actually reaches the critical states. We propose to develop a set of software tools that will augment standard prognostic procedures and will constantly update a quantitative ‘map’ of critical states and system operational threshold values. In this case early warning of hidden system faults can be provided when the system thresholds are dangerously lowered and its stability is degraded. We expect this will significantly increase margins for safe system operations in long-duration space missions.

Based on the knowledge of the system model near its critical states we can develop a set of intelligent controls that will be off most of the time and on only when a large deviation toward a critical state is observed. These controls will use knowledge of the shape of an escape path (see below) and help mitigate the catastrophic events before they occur.

**Background
**Many systems can be described using the formalism of nonlinear dynamical systems. This describes the system using stochastic ordinary differential equations, which describe the time evolution of the state of the system. Effectively, the system is modeled as a "particle" moving under the action of a deterministic (but possibly unknown) "force" and a random disturbance. We have developed methods to learn the characteristics of this force as well as the noise affecting the system.

The system is designed to operate in a region where the "force" provides a stabilizing push back to the desired operating point, and in normal operation, where deviations from the desired operating point are small, this is indeed what occurs. However, in real systems, occasional large fluctuations will occur, leading to potential large deviations from the desired operating point. If such a large deviation takes the system into a region where the "force" pushes it further away from the desired operating point, catastrophic failure of the system will likely result.

The theory of large deviations predicts that a system moving towards escape from the stability basin will do so along a trajectory that is within a small "tube" around a most likely escape path. This path will typically exit the basin of stability at its lowest point - the stability threshold. Identifying the positions of these lowest escape points and the optimal trajectories leading to them allows controllers to be designed that operate only when the system is moving along an escape path; otherwise the controller does not affect the system.

Knowing the stability thresholds also enables a prognostic capability. Slow degradations in the system will result in slowly reducing stability thresholds. The safe operating regimes for the system can be determined at any point in the system’s lifespan.