DIAGNOSIS OF HYBRID SYSTEMS THROUGH BOND GRAPH, OBSERVERS AND TIMED AUTOMATA

Despite technological advances and progress in industrial systems, the fault diagnosis of a system remains a very important task. In fact an effective diagnosis contributes not only to improved reliability but also to a decrease in maintenance costs. This paper presents an approach to a diagnosis of hybrid systems thanks to the use of Bond Graphs, Observer and Timed Automata. Dynamic models (in normal and failing mode) are generated by an observer based methods as well as through state equations generated by the Bond Graphs model. The procedure of fault localization through a method based on the observer does not allow locating faults with the same signature of failure. Thus the diagnosis technique for the localization of these defects will be based on the time analysis using Timed Automata. The proposed approach is then validated by simulation tests in a two tanks hydraulic system.


INTRODUCTION
Improvement in the dependability of systems rests essentially on algorithms of detection and isolation of defects. These algorithms mainly consist in comparing the actual behavior of a system with a behavior of reference systems describing normal functioning (in order to detect defects) or describing different kinds of defects (In order to analyze and isolate faults), while reducing false alarms, non-detections as well as delays in detection of defects. In surveillance approaches based on quantitative models performances of detection procedures and localization of failures strongly depend on the used model.
Once the last is generated, failure indicators can be deducted. Obtaining such model is a complex and difficult task more particularly for the process engineering systems because of their diversity and coupling energies which characterize them.
Classical techniques for detection, localization and diagnosis show their limits, especially for systems which become increasingly complex, which Hybrid Dynamic Systems (HDS). HDSs [1,33] are systems composed of dynamics of a continuous and discrete nature interacting between them; continuous dynamics is represented by differential equations and discrete dynamics by state transitions. For HDS modeling, there are several approaches. The common point between these approaches is that continuous evolution is affected by discrete events.
The HDS study focuses on problem classes that could not be treated with traditional approaches based on homogeneous modelling. Complex systems are designed by incorporating differential equations to model continuous behavior, and discrete event representations to model the instantaneous state change in response to events. Among the HDS modeling tools, we find: hybrid automata [2], Hybrid Petri nets [3,32], and hybrid bond-graph [4].
To obtain good performance in terms of coverage and high quality of isolation, research is directed towards coupling approaches and using their complementarity. The coupling of continuous/discrete approaches must achieve good performance. The modeling approach to which we have been interested in our work considers the hybrid system model, which is based on the interaction of two sub-models, one for eventaspects, based on timed automata, and the other, formalized by state equations (obtained through bond graphs) for the continuous aspects.
The objective of this paper is the modeling of hybrid dynamic systems using a mixed approach (the approach that combines the continuous systems approach and the Discrete Event Systems approach), and the application of the generation technique Residuals and generation of the timed model for the monitoring of these systems. In this context, this paper proposes a dynamic model (in normal mode and in fault mode) using an observerbased method, where the equations are obtained DIAGNOSTYKA, Vol. 21, No. 3 (2020) Mhamdi L, Achbi MS, Dhouibi H, Kechida S.: Diagnosis of hybrid systems through bond graph, observers … 114 thanks to a bond graph, well known in the continuous domain. For a complex system the bond graphs allow modeling of physical processes in all aspects (electrical, mechanical ...) [5,6,34]. The observer theory is used for detection and localization of single part failures. As shown in the flowchart of Figure 1, this model is coupled to the timed automata (TA). TA [7,8,35], commonly used in the field of discrete event systems [9,10,36], allows to take into account the temporal aspects and to follow the dynamic evolution of the system as well as the propagation effects of the defects. The diagnoser built by automaton can refine the location of the fault [11]. The Bond Graphs modeling [12,13] as a unified modeling approach for different physical domains is especially suitable for development of multienergy systems models [14]. In more detail the use of the Bond Graphs for the conception of a generator of formal dynamic models of the energy processes is compulsory in order to monitor them [15,16]. These models generated under formal form will be used in order to generate dynamic equations of each component. From these equations, it is easy to determine equations of processes state and to monitor them by the method based on the observers since it is robust and efficient compared to Bond Graphs models. The principle of model-based diagnosis is to compare the expected behavior of the system, given by a model, with its actual behavior, a defect is detected if the residuals, generated by the observer model, are different from zero and if one event does not come on the desired date. When a fault is detected, it is a matter of locating it. This location is made from the signature matrix and from time identification.
• Signature matrix: the signature matrix combines sensitivity and robustness information for the residuals. The dimensions of the signature matrix are determined from the number of sensors or actuators and the number of residues generated by the observer model.
• Temporal identification: From the time of detection of a fault and the various fault modes identified in FMEA (Failure Modes and Effects Analysis), it is necessary to know how a fault spreads in the system and how it will change the appearance of future events. In order to present our methodology for the diagnosis, the paper is organized as follows: Section 2 presents a proposed approach for the fault diagnosis on a hybrid model as soon as possible. An academic example in Section 3 has been used to illustrate our approach. Finally, a conclusion is presented with some perspectives.

DIAGNOSTIC APPROACH BASED ON HYBRID MODEL
Many industrial processes are hybrid in nature, which means that their behavior results from the evolution and interaction of continuous variables and discrete variables. For this type of system, little work has been devoted to detecting, locating or diagnosing failures [17]. The literature in this field is abundant and numerous solutions have been proposed for continuous and discrete systems, linear and nonlinear.
The mixed approach proposed in this paper is based on a combination of two models (continuous and discrete). The continuous component is described by a set of differential equations obtained by bond graph and the discrete component by a finite state automaton. This approach evolves through an alternation of continuous steps, where state variables and time evolve continuously, and discrete steps where several discrete and instantaneous transitions can be crossed. The diagnostic method combines the advantages of the three approaches (Bond Graph, Observer and Timed Automata) for best performance, particularly in the fault locating phase. Each step is described in a conventional form. For a complex system, the Bond Graph allows the modeling of multi-energy physical processes (electrical, mechanical, thermal etc). The observerbased approach is used to generate fault indicators. The fault detection algorithm consists of analyzing these residuals. The location is made from the signature matrix and from time identification.

Bond graph modeling
The Bond Graph is a multi-physical modeling tool based on analogy and power exchange capable of modeling systems with a single language independently of their physical nature. Several works have been devoted to the theory of Bond Graph [18,19]. The Bond Graph methodology is based on the graphical representation of the power exchanges within a system to be modeled and the analogy between the variables of different physical domains. The power exchange between two DIAGNOSTYKA, Vol. 21, No. 3 (2020) Mhamdi L, Achbi MS, Dhouibi H, Kechida S.: Diagnosis of hybrid systems through bond graph, observers … 115 elements of a system is represented by a half-arrow (or by link), Figure 2, which is characterized by two variables: effort variable "e" and flow variable "f", called "Power variables". The product of these two variables represents the instantaneous power exchanged by this link. The direction of the half arrow indicates the direction of the power transfer. In addition to this energy aspect, the Bond Graph tool has important causal properties for the modeling of complex systems. Causality, represented on the bond graph by a "causal trait" placed perpendicular to the link, makes it possible to highlight the relations of "cause and effect", or "input -output" or "given -unknown". This is one of the major advantages of the Bond Graph technique to systematically write state equations. The convention is as follows: the causal trait is placed near the element for which the effort is a given, and away from the element for which the flux is known ( Figure 2). The Bond Graph [20,21] is a physical model where parameters are explicitly represented by Bond Graph elements. The sources of effort, Se and flux, Sf are active elements which provide power, the elements of resistive type R, capacitive C, inertial I are passive elements which transform the power supplied to them into dissipated energy (elements R) or stored (elements C and I), the elements 0, 1, TF, GY are junction elements which are conservative of power and the detectors of effort, De and flux, Df represent sensors of effort and flux supposed ideal, and therefore not consuming power.
The power exchange in bond graph is represented by a half arrow while the exchange of information (from a sensor or a controller) is modeled by an arrow. A bond graph model is structurally observable in state if and only if there is a causal path between all the dynamic elements I and C and a detector De or Df [22] as shown in Figure 3. In bond graph, the state variables x are the energy variables: the generalized displacement (q) and the pulse (p) associated with the elements I and C, the inputs u are the sources of effort and flux and the measurements y are the effort and flux detectors.

Observer-based fault detection and location 2.1.2.1. Principle of diagnosis using an observer approach
Our goal is to study the problem of faults detection and localization for systems with faults and disturbances. This problem has received considerable attention in the past ten years [23, 24, 25, and 26]. We consider a model-based approach for fault detection and location where two steps are distinguishable: generation of residuals sensitive to faults and location of faults. We design a set of observer-based residuals; in such way that the faults are always detected and isolated despite disturbances and noises. The representation of a control loop with different sources of defaults is given by Figure 4. The diagnosis using the observer state estimation became a method most widely used in the industry [27]. The principle of this method is given in Figure 5.

The observer principle
Suppose we have a representation of the process as a linear dynamic model with m inputs, denoted u, and p measured outputs, denoted y.
With the set of n variables describing the state When the system is linear, the equation of state and measurement have the following form: In which: The evolution of dynamic system subjected to inputs () ut and delivering information y( ) t is entirely characterized by a vector x( ) t of size n linked to the input and output by the relation: With: Where is the state vector, is the input vector and is the output vector.
Note that matrix A, B, and C correspond to the state-space description of the linear time-invariant system and they have appropriate dimensions with those of the vectors x (t), u (t) and y (t) [28]. To diagnose the fault, the following observer is constructed: Where: -is the estimated state vector.
is the estimated output vector.
This system (3) can be written as: Since it has been assumed that the pair (A, C) is observable, the observer gain matrix L can be selected so that (A − LC) is a stable matrix [29]. The observer described by equation (4) is illustrated in Figure 6. If the system (2) is provided with the state feedback, u(t) = -K x(t) + v(t), the closed loop system is written as follows: Where v(t) is input for the closed loop system and since it has been assumed the pair (A, B) is controllable, the state feedback gain K can be selected so that (A − BK) is a stable matrix [29].
By realizing a loop-back , The dynamics of the closed loop system is written as follows: The equation of state of the global system (6) is illustrated in Figure 7. The fault detection step is very important in a system diagnosis. If this step is not realized correctly, the faults can be badly or not detected. False alarms can also appear.
Detection efficiency passes by its robustness against model uncertainties.
The fault location is studied using the fault signature matrix. The dimensions of the signature 117 matrix are determined from the number of sensors or actuators and the number of residues generated by the observer model. It is a binary matrix whose column j corresponds to the defect f j and the line i corresponds to the residue r i .
Unfortunately this method does not allow locating faults with the same signature. To work around this problem, we use Timed Automata.

Discrete event model: Fault diagnosis through the Timed Automata
A timed automata (TA) is defined as a tool or theory for modeling and verification of real time systems. In the original formalism of the tool [30,01], a timed automata is a finite state extended with a set of real-valued modeling clocks. A finite automata which consider us a graph containing a finite set of nodes and a finite set of labeled edges extended with real-valued variables. In this work, we shall focus on timed automata us a tool used to generate a model for the analysis of a process and especially for the verification of the process operation, detection and isolation of failures.
The clocks of a timed automata evolve continuously over time. Thus, each transition contains a guard (on the value of the clocks) that describes when the transition will be executable and a set of clocks that must be reset to zero during transition. Each control state contains an invariant (a constraint on the clocks) that can limit the waiting time in the state and therefore force the execution of an action transition.
Let's consider the example in Figure 8. S0 is an initial state of this automata. The qualitative parameters represent the sequence of events (a and b) while the quantitative parameters represent the temporal parameters (x 1 and x 2 ). The invariants x 2 ≤ 2 of S0 and x 1 ≤ 3 of S1 indicate, respectively, that we can stay in S0 as long as x 2 is less than 2 and that we can stay in S1 as long as x 1 is less than 3 but not beyond. An invariant is associated with each state; it allows to represent the conditions to be satisfied to remain in the current state. The automata can remain in a state as long as the condition of the invariant is satisfied. As long as the controller is in a state Si, the clock x i is continuously incremented.
The continuous evolution of the clocks of the automata of figure 8 is described by the relation , the system can comprise more than one clock as a function of the modeling needs, in our example it can be seen that there are two clocks called x 1 And x 2 . All clocks are synchronized with the same increment step. Each transition of the automata is linked by an event called guard. The guard determines the possible instants to cross the arcs; an arc of the automata cannot be crossed until after verification of its guard.
Thus the guard corresponding to the output transition of the vertex S0 such that a ^ x2 = 2, this implies that the arc can only be crossed if the event "a" has occurred and the clock x 2 takes the value 2 the assignment corresponding to this transition is x 1 : = 0, this implies that the crossing of this arc causes the zeroing of the clock x 1 .
The assignment function allows the evolution of the parameters of the timed automata during transitions of the automata. During initialization of the model the initialization of the states and parameters of the model is realized by an initiating arc entering in the state S0 (in our case x 1 : = 0 and x 2 : = 0). Our objective, thanks to the use of timed automata, is to build a diagnosis system called diagnostician which allows to analyze, detect and locate a fault in a system. The construction of the diagnostician is based on a dynamic model representing different functioning modes of the monitored system (normal and failing). The dynamic model is neither more nor less a copy of a control-command program of the system to diagnose with added time information such as the duration of different steps of functioning, the execution order of tasks and the date of event appearance.

Description of the system
We consider as example a two tanks hydraulic system, Figure 9.
To fill the first tank T1of section S 1 (S 1 = 0.0154 m 2 ) with a volume flow q i and height h 1 which is measured by the level sensor L 1 .
At the exit of this tank a valve V 1 (of hydraulic resistance R V1 ), always opens to allow the fluid to pass in to a second tank T 2 , of section S 2 (S 2 = 0.0154 m 2 ) and height h 2 which is measured by the level sensor L 2 .
The outlet flow of this tank is authorized by a valve V 2 of hydraulic resistance R V2 .
Two overflow sensors: L3 for tank T1 and L4 for tank T2.

Generating a state representation
The bond graph model in derivative causality of the physical system of Figure 9 is shown in Figure  11. The element C models a storage tank T2, 6: The effort detector De models a level sensor L 2 , 7: The element R models a valve V 2 .
Using the bond graph representation system state equations can be directly deducted from the bond graph model of the system. In Bond Graph, the levels in the two tanks, h 1 and h 2 , represent the state variables x = [h 1 , h 2 ], the input u is the flux source: u = [q i ] and the measurements y are the effort detectors: y = [L 1 , L 2 ]. Choose as the first equation the one corresponding to the junction 0 1 .
We therefore have: In this equation the flow variables (f 5 , f 1 , f 6 ) can be determined by following the causal paths on the bond graph model of figure 11.
While f 5 variable is calculated from the constitutive relation of C T1 element: (9) Where C T1 parameter is given by the following relation:  We therefore have: The variable f 1 corresponds to the source of flow (Sf: q i ). We can thus write: (13) The variable f 6 can be obtained from the constitutive relation of the element R: (14) The variable e 7 is calculated from the equation of junction 1 1 : The causal path De: L 1 → e 4 → e 3 → e 2 → e 6 allows calculating the variable e 6 : (16) And e 8 is determined by following the causal path De: L2 → e12 → e11 → e10 → e8 (17) We therefore have: (18) We can therefore write: 5 1 , v e f f R The first equation is obtained as follows: Knowing that h 1 = L 1 , it is easy to deduce the first state equation: (21) By proceeding in the same way as for equation (8), a second one can be generated from the equation of the junction 0 3 . We can thus write: (22) The variable f 9 can be determined by the constitutive relation of the element C T2 as follows: (23) The causal path De: L 2 → e 12 → e 11 → e 10 → e 9 allows to calculate the variable e 9 : (24) The parameter C T2 is given by the following relation: (25) With S 2 the section of the second tank, g the gravity constant and  the density of the fluid are used. We can then write: (26) The variable f 13 can be obtained from the constitutive relation of the element R: (27) The causal path De : L 2 → e 12 → e 11 → e 10 → e 13 → e 14 allows to calculate the variable e 14 : (28) We can therefore write: (29) According to the law of conservation of the junction 1 1 and from the equation (19), we have: (30) The second equation which is structurally independent of the first is thus: 31) Knowing that h 1 = L 1 and h 2 = L 2 , it is easy to deduce the second state equation, which is structurally independent of the first, is thus: The state equation of a two-tank system, figure  9, is obtained from equations (21) and (32) generated by the bond graph model in Figure 11. ( -) ; The measurements are given as follows: L 1 = h 1 and L 2 = h 2 .
The system can be brought back in a stable closed loop system by the state feedback where is the state feedback gain and v(t) is input for the closed loop system. 11 12 The state equation obtained equation (33), takes the following form:

Observer-based fault diagnosis method
Method using observers consists of reconstructing, from the mathematical model of equation (35), the output system through an estimate of the system states. This method is capable of solving the fault detection and location problem by the evolution of residues as illustrated in figure 7. Indeed, the deviation signal or residual between the measurements and the outputs estimation (error estimation on outputs) is only a function of noises, model errors and failures. With the estimation error (or residual): r(t) =

Faults signature matrix
The residuals generation consists of comparing measurements stemming from the system to their estimations stemming from observer-based model. Only one residual allows fault detection at the level of a sub-system. However, the fault location requires a set of structured residuals. These residues must be designed to be sensitive to certain faults and insensitive to others, allowing thus the location of the failing element: symptoms are generated and compared to fault signatures.
These residues lead to the fault signature matrix which is given by Table 1.
By analyzing this matrix we see well the components signatures valve V 2 and level sensor L 2 are unique which means failures of these components are isolable. On the other hand, the components signatures valve V 1 and level sensor L 1 are identical which means the failures affecting these components cannot be isolated. To solve this problem another additional tool is used namely a timed automata in order to differentiate these two failures.

Diagnosis method based on Timed Automata
Dynamic model where timed automata is used contains all possible states (normal and failing states) of a system, which allows following its temporal evolution. Thanks to the trajectory that we follow to go from an initial state to a failure state, we are therefore able to locate a fault by quantifying the times spent in the transitions.
In order to locate faults having the same failure signatures (i.e. defects valve V 1 and level sensor L 1 ), it is necessary to apprehend the different phases of diagnosis (construction of the dynamic model, detection and location phase). All the times concerning faults detection and location have been found mathematically or from simulations taking into account a default. Indeed, the first step consists in establishing the system dynamics, Figure 12. The objective is to know how the system behaves in the course of time.  Figure 13 shows us the final state of the diagnostician in a two-tank system.
In the above figure, we distinguish three parts: the faultless functioning part of the two-tank system (diagnostician phase 1), the detection part and finally the fault location part.
The first part of the diagnostician corresponds to the system control Grafcet but with temporal information in more. We can see the correspondence states / transitions between the control Grafcet, figure 14, and the diagnostician Phase 1 (normal state), Figure 13-(a). In the case where the execution times of the diagnostician Phase 1 are not respected, we are thus in the presence of a defect. The second phase of diagnosis, Figure 13-(b), concerns the fault detection. In the case where one of these conditions is not respected, the diagnostician goes from a normal state to a fault detection state. The third step of diagnosis, Figure 13-(c), consists in the fault location. Each detection state has a necessary condition to go from the location detection. Indeed, following the detection of a fault, and of the different failure modes identified in the FMEA (Failure Modes and Effects Analysis), we need to know how the fault will spread in the system and how it will modify the appearance of future events.
(The state of the valve takes the value 0 for closed and the state of the valve takes 1 for open) ("&" corresponds to logical AND; "!" corresponds to logical NON).  The diagnostician construction is based on the temporal knowledge of the system it is necessary to know the times of the system such as, for example, the opening time of the valves or the change time of the sensors state. Figure 15 illustrates the nominal behavior of the system over an operating cycle.
The two diagnosis methods (Observer and Timed Automata) work in parallel. Indeed, the observer-based methods consist of detecting and locating a fault on a studied system at any instant and without delay. And the timed automata based method allows to locate the defects which cannot be isolated by the first method (observer-based method) and also to identify the causes of failure more precisely (i.e. for a valve V 2 default, the valve V 2 remains closed during an opening request or the valve V 2 remains open during a closing request) but with some delay.

SIMULATION RESULTS
The simulation model is made in Matlab simulink , state-flow.
In order to test the effectiveness of the faults detection and location technique of the proposed diagnosis approach, we injected defects in a random way.
At first, we injected a fault on the valve V 2 at the instant t = 3s. Figure 16 shows the response of residuals R 1 and R 2 and their sensitivity to this failure. If we refer to the signature of valve V 2 given by Table1 we note this result is appears as expected or is aligned with expectations. In other words, if valve V 2 fails, only residuals R 1 and R 2 will exceed their respective thresholds. More precisely, Figure 17 shows the valve V 2 remains closed during an opening request (V 2 Stuck_Close).
In the above figure, despite the opening request (green signal), valve V 2 remains closed (red signal). This instant represents the occurrence of a failure. T occurrence = 3 sec.  figure 13. Finally, the detection is enough for the location. T location = 3.024 sec. V 2 _SC State of the diagnostician, Figure 13. Then, we injected a fault on the valve V 1 at the instant t = 7s. The responses residuals to this failure are given in Figure 18.
The signature of the valve V1 given by Table 1 merges with the signature of the level sensor L1 and consequently, this failure is detectable but not localizable. With the diagnosis method based on Timed Automata the fault valve V 1 can be located. Figure  19 shows the valve V 1 at the instant t = 7s remains closed during an opening request.
In the above figure, valve V 1 remains closed (red signal) during an opening request (green signal). This instant represents the occurrence of a failure. T occurrence = 7 sec. Subsequently sensor L 2 (purple signal), remains in state 0; 0.053 sec after the opening request of valve V 2 .
This instant represents the fault detection instant. T detection = 7.026 sec. State ED5 of diagnostician, Figure 13.
Finally, sensor L 3 (brown signal) remains in state 1 and sensor L 4 (cyan signal) remains in state 0; 0.091 sec after the activation of the detection state. This instant corresponds to the fault location. T location = 7.12 sec. V 1 _SC State of diagnostician, Figure 13. It is therefore possible to locate this fault by Timed Automata.
After several simulations, this diagnosis approach (using the Bond graph, the Observer and Timed Automata) detects and locates every defect at any time, it is reliable. Furthermore, the observer-based diagnosis method does not impose constraints or very restrictive conditions. Also, noteworthy is its robustness vis-a-vis of measurement noises. Although generated residuals are influenced by noises, faults can always be detected and isolated as quickly as possible. As a result performances of the diagnosis method based on Timed Automata (detection and location deadlines) are related to temporal characteristics of setting up the process and instrumentation.

CONCLUSION & PERSPECTIVES
The diagnostic method, in our work, combines the advantages of the three approaches (Bond Graph, Observer and Timed Automata) in order to obtain the best performances.
In this paper, we discussed the problem of faults diagnosis on a complex hybrid system thanks to the use of the bond graph and observer well known in the continuous field, coupled with the timed automata used in the field of Discrete events systems. The proposed approach solves the problem of fault identification.
The approach used consists, first, to model a complex physical system using the Bond Graph, in order to generate residues (or defects indicators), sensitive to any defect affecting the system to be monitored, by the observer model. Then, it is necessary to analyze these residues to detect the presence of a defect. Finally, the fault locating procedure is performed from the fault signatures matrix derived from the observer model and from time identification and the FMEA.
A perspective of this work is to extend our approach to take into account the diagnosis problem when the system is affected simultaneously by actuators and sensors faults. Another problem not addressed in this paper would be study and the mastery of propagation of defects in a hybrid system.