442

DECISION SUPPORT SYSTEM FOR FAULT DIAGNOSIS AND RECOVERY OF GAS DISTRIBUTION NETWORKS
F Perschl.

Schmidt

Technixhe Universitllt Milnchen, Gemany

Abstract: T h i s paper describes an expert system for online fault detection and diagnosis o f gas transmission networks, combining model- and knowledge-based methods. It consists of a set o f hierarchically structured components which include signal processing, state observation, rule-based knowledge processing as well as an advanced user interface. In addition, an intelligent hypertext t o o l is integrated i n t o the user interface to support the operator during fault recovery. T h e diagnosis system was tested w i t h real measurement data f r o m a medium sized gas distribution network. I t s realt i m e capability and effectiveness for basic fault detect i o n purposes was demonstrated by industrial applications.

is highly flexible, configurable and based o n standard hardware and software components. Similar investigations i n real-time diagnosis and decision support systems are known f r o m the field o f electric power systems, as described for example in Okuda et al (2) and Sekine et al (3). Other papers, like Frank (4), concentrate basically on certain aspects o f a diagnosis system, such as state and parameter estimation. With respect t o gas transmission and distribution networks only a few papers and applications o f diagnosis systems are reported i n the literature, for example Lappus and Schmidt (1).

SYSTEM STRUCTURE
As shown i n Fig. 1 , the decision support system can be divided i n t o four main components. All necessary input data is provided by t h e Supervisory Control A n d D a t a Acquisition (SCADA) system installed i n t h e gas distribution network. Data consist mainly of analog pressure and flow measurements y, binary status signals
-z

INTRODUCTION
Modern distribution networks for natural or product gases are highly automated systems. Sensors gather information o n t h e network's states and computers cont r o l t h e network via actuators. As shown i n Lappus and Schmidt (l), the operator or dispatcher acts as a supervisor o f the t o t a l system and takes control actions when faults occur. With modern networks growi n g more complex, the operator's j o b becomes more difficult. Additional responsibilities are p u t o n the operator by safety and economic requirements. Introduction of a decision support system may support t h e operator i n his task, particularly i n abnormal situations. Goals o f t h e diagnosis subsystem are t h e early detection o f fault symptoms and the search for possible technical causes behind them. Fault causes considered here are measurement failures, as for example caused by instrument failures and drifts, plant failures such as leaks and pipeline blockages as well as operator faults. B y automatic supervision of t h e operator's control actions, t h e risk of causing new faults can be greatly reduced, particularly i n stress situations. Furthermore, a decision support system may help t o enhance network performance w i t h respect t o economy, reliability and availability. In order t o achieve these goals, a combined signal-, model- and knowledge-based approach was developed. T h e decision support system described i n this article is designed for real-time operation. For this reason, special requirements exist for its knowledge-based parts. In order to apply the decision support system t o different gas transmission networks, t h e program package

as well as analog and binary control signals g. g includes signals generated automatically by the control system as well as by the operator.

T h e signal-oriented component processes t h e signals and detects abnormal deviations such as outliers, etc. Methods used include filtering of measurement signals, limit and trend checking and statistical f a u l t detection. : . like "signal They generate symbolic fault symptoms y OK" and "signal MISSING', which are indications of measurement failures. M o s t o f this signal processing can also be carried o u t i n the SCADA system. Details on this component can be found i n Perschl and Schmidt

(7).

Symptoms ,y ' processed measurement data y ' and control signals g are transfered to t h e model-based component. T h i s level incorporates t w o dynamic state observers. Observer 1 reconstructs n o t directly available network states, i.e. flows and pressures, while observer 2 generates estimates for the measurements based o n the assumption t h a t no fault has occured. T h e residuals between b o t h observers are fault sympt o m s f o r slowly evolving measurement failures and plant failures such as leaks, pipeline or filter blockages and valve errors. Symptoms invoke the knowledge-based diagnosis component. This component transforms fault symptoms, which o n their own have only minor significance for the operator, by means o f rule-based infer-

'Intelligent Systems Engineering', 5-9 S e p t e m b e r 7994, Conference Publication No. 395, @ IEE, 1994

443

operator

4
hypertext dialog component support for failure handling suppon for diagnosis of unknown failures knowledge-based f decision support component symbolic residual generitor

leak detection(mass balance)

State observer I reconstruct. of not measured states supervisionof operator actions temporal reasoning I
I I

state obseNer 2 (fault-free model)

II detectionof unknown failures

knowledge-based diagnosis component

Figure 2: Structure o f model-based component. ered as indications o f plant failures. Other model-based procedures make use of t h e estimated values for detect i o n and localization of leaks, as an example of a typical plant failure. T h e basic structure of this component is shown i n Fig. 2. W i t h i n the framework o f t w o Luenberger-type state observers a high order network state model is incorporated, This model consists o f distributed parameter subsystems, representing transient pressure and flow in long pipelegs, and lumped parameter subsystems, representing compressor, regulator and valve stations. In this type o f networks considered, dynamics are essentially caused by gas flow through t h e pipelegs. They can be modelled by a set o f nonlinear hyperbolic partial differential equations. Since dynamic effects o f the lumped parameter subsystems can be neglected, they can be incorporated in the model as stationary nonlinear algebraic equations T h e numerical solution o f the whole set o f model equations is achieved by space and t i m e discretization using a modified Crank-Nicholson difference scheme. T h e resulting system o f nonlinear equations is iteratively solved by a Newton-Raphson method using sparsematrix techniques. For reasons o f economy, only a small number o f sensors is installed i n a network. Therefore, state observer 1 reconstructs n o t directly measured signals This observer is tuned so t h a t it rapidly follows any changes i n the control and measurement signals g and 2'. State observer 2 on the other hand is only weakly connected to t h e measurement signals y' and slowly keeps track o f any changes. T h e estimated measurements $2, represent the dynamic processes in the fault-free network. See t h e t i m e charts i n Fig. 7.

I I I I I I

leak detection and lwalization

residual-basedfault delection state observer I
state observer 2

I
1

AL
processed data 11,E' signul-b;l*ed fault detection signal filterina raw input data g , 1, y,

symptoms for measurement failures y'

model-based diagnosis component

-.

I I

signal-based

diagnosis component

I
I I I

I-

- -b SCADA system / network

Figure 1: Basic structure o f decision support system. ence i n t o understandable messages. At the same t i m e information about network state is compressed and redundancy is reduced. Supervision of operator activities is carried o u t concurrently. Particularly, safety relevant activities receive special attention. T h e diagnosis component provides as a result causes for various faults. In some cases a detailed diagnosis may need additional information n o t available f r o m t h e SCADA system. This information can be retrieved f r o m the operator by the first layer o f the knowledge-based decision support component. Based on this information, diagnosis results will be refined and the operator will be assisted w i t h respect t o the recovery f r o m the detected faults and failures. This task is accomplished by an advanced dialog component, which uses a hypertext/hypermedia environment. Details o f the various components are discussed i n the following sections.

&.

MODEL-BASED FAULT DETECTION A N D DIAGNOSIS COMPONENT

T h e purpose o f t h e model-based fault detection component is the computation o f residuals by use o f dynamic process models. T h e residuals can be consid-

T h e rapid and slow observer response is accomplished by choosing appropriate gain values for observer error feedback. T h e success o f this approach depends on the high quality and stability o f the network model, which has been demonstrated in various industrial applications in the past, see Lappus and Schmidt (5). A n additional task o f the model-based component i s

444

mk

d
I

shon term mass balance

-),

Ill1
--I

long term mass balance

me;)sured profile (obferver I )

L, j
b
LOW
1

Figure 4: Example of mass balances considered for leak detection. dure allows a rough estimation o f leak location. Since division i n t o sub-networks is restricted by t h e structure o f the process model used i n t h e state observers, exact localization is n o t possible. Symbolic fault symptoms as well as estimates o f leak rate and location are results o f t h e model-based fault detection component.

1 :
HIGH
\

HIGH

. ,

LOW

posilion

symbolic residuals

Y,

Figure 3: Fault s y m p t o m pattern for filter clogging the transformation o f the numerical residuals ij = i n t o symbolic fault symptoms i.e. understandable terms for t h e knowledge-based diagnosis component. Symbolic fault symptoms in this context have values like "pressure HIGH", "pressure OK" or "pressure L O W ' . Generation o f symbolic symptoms is performed by comparing t h e residuals w i t h predefined limit values.

&,

k,

g,

i,

KNOWLEDGE-BASED NENT

DIAGNOSIS

COMPO-

As an example o f fault detection on this level, let us

consider t h e pressure profile o f a long pipeleg shown in Fig. 3. A to E represent measurement locations, hereafter referred t o as nodes. A dust filter is located between nodes B and C. The bold line in Fig. 3 represents the pressure profile under normal operating conditions. This profile is calculated by observer 2. In case o f filter clogging the dashed pressure profile would be measured and estimated by observer 1. T h e corresponding residuals j are translated i n t o symbolic values H I G H and LOW (pressure) as shown in the diagram. 'Leak detection forms another module o f the modelbased component. Here, t w o mass balances for consecutive t i m e steps are computed. Mass balance Am, results f r o m t h e t o t a l gas flow through the network as measured a t gas supplies and offtakes. Am2 is calculated f r o m t h e stored gas mass i n the network, which can be calculated f r o m the pressure measurements. T h e difference Amdiff = Am, - Am2 is called short term mass balance. This will be zero when no leak exists. In case o f a leak however, t h e value o f Amdill is a direct measure o f the leak rate. T h e sum o f Amdif, over t i m e is called l o n g term mass balance. i.e. Amsum= ZAmdjff. Fig. 4 shows typical developments of b o t h mass balances over time.

This component makes use o f the symbolic fault sympt o m s j , t o identify plant failures like pipeline and filter blockages, leaks and wrong valve positions. In order t o save computing time, fault symptoms in a network are grouped w i t h respect to their local neighbourhood. Then processing can be restricted consequently on this groups.

Symptom grouping
Fig. 5 shows an example o f s y m p t o m grouping. If t w o or more fault symptoms appear a t neighbouring nodes i n the network, it m a y be assumed t h a t a direct physical relationship exists between them, and t h a t t h e cause for all symptoms o f one group is a single failure. O n t h e other hand, if t w o or more fault symptoms in a network are separated by one or more measurement locations (nodes) without fault symptoms, it is assumed t h a t n o causal relationship exists between them. T h e problem o f grouping can easily be solved by means o f a graph theoretical approach. A recursive algorithm, based o n a binary representation o f faults i n a network graph, was implemented. I t s computing t i m e is very short, even for large gas transmission networks.

All subsequent diagnosis steps are based o n s y m p t o m groups. M o s t o f the diagnosis operations make use o f search algorithms, which analyze the existence o f a given fault pattern i n the network. These algorithms perform best, when working w i t h s y m p t o m groups, rep/ - \

A leak is detected, when the difference between the averages mk and m l or the difference between t h e gradients o f b o t h regression lines sk and sl is greater than a predefined limit a t current time t a c t . While t h e short t e r m mass balance Amdiff provides a
reliable indication o f higher leak rates, the long term mass balance indicates lower leak rates. When applied t o small sub-networks, the same proce-

Figure 5: S y m p t o m grouping i n a network

445
resenting small sub-networks

Detection of plant failures

Before t h e search algorithm can be started, fault patterns m u s t be defined: Considering again the example i n Fig. 3, t h e following conclusion can be drawn: L f a HIGH pressure s y m p t o m and a LOW symptom can be found a t neighbouring nodes and a filter is located between b o t h nodes, & this filter is probably clogged. In this case t h e algorithm searches for neighbouring HIGH and LOW symptoms i n a s y m p t o m group. Similar fault patterns can be derived f r o m other failure types. M o s t f a u l t situations are handled properly by this type o f f a u l t pattern search. Some special cases, particularly failures close t o supply or offtake nodes, need t h e definition of more complex fault patterns i n order t o elaborate a proper diagnosis. In these cases, b o t h pressure and flow profiles are used simultaneously t o generate appropriate fault patterns. S u m m i n g up, detection o f plant failures is achieved by coding each f a u l t pattern in a set of generic rules. These rules together w i t h t h e above-mentioned search algorithm are applied t o every s y m p t o m group detected. If a fault pattern matches the fault symptoms in the groups, then an appropriate message w i t h the diagnosis result is generated.

A history factor between 0 and 1 is assigned to each stored situation. I t s value is increased when the associated fault situation occurs repeatedly and it i s decreased when t h e fault situation disappears. A stored situation is deleted when the history factor is below a certain l i m i t .
Supervision of operator actions
T h e knowledge-based diagnosis component also deals w i t h supervision o f operator activities. There are certain control actions which are n o t permitted i n certain network states. For example, it may be extremely dangerous t o open a closed valve i n a high pressure gas transmission network if the pressure difference between inlet and outlet is higher than a certain l i m i t . Opening o f the valve would cause a high velocity of gas resulting i n high frictional energy, which i n turn would lead t o the valve being severely damaged or even destroyed.

To avoid this type of situation, the diagnosis system includes special rules which take care o f operator control actions. If an action is considered to be inadmissable, a message is generated and the action will n o t be carried o u t until the operator confirms his decision and ignores the warning o f the diagnosis system.

KNOWLEDGE-BASED COMPONENT

DECISION

SUPPORT

Detection of unknown failures

If fault situations occur, which do n o t fit a predefined fault pattern, limited support can be given by special rules. They m a y draw certain conclusions on possible fault causes based on the evolution o f a fault situation over t i m e and space. This method is often successful i n localizing t h e fault origin a t least.
T o date, t h e diagnosis system is capable o f detecting sudden failures. However, there are certain failures, w i t h slowly developing efFects, for example, drifting sensor signals or spreading o u t o f fault situations around the network because o f transient gas flow.

As already mentioned in t h e preceding section unknown failures may appear f r o m t i m e t o time. In this case t h e diagnosis system needs more information than available f r o m the SCADA system t o come up w i t h a correct diagnosis. Some o f the missing information can be obtained through a dialog w i t h the operator. A similar problem arises when more than one fault cause for the same situation is found. This problem m a y also be due t o missing information.
T w o possibilities exist t o resolve this type o f ambiguity. First, the operator can enter additional facts, which will be processed by the decision support system. Second, the decision support system offers t h e operator t h e contradicting results together w i t h explanations and further background information. Then the operator can draw his own conclusions based on his knowledge and experience and he can take appropriate counteractions t o correct the failure. B o t h methods are implemented i n the decision support component by means o f a hypertext tool. Let us discuss a typical example: A fault situation has occured and the diagnosis system concludes, t h a t the fault cause may be a closed control valve, which should be open according t o t h e SCADA system, or a blockage i n a nearby pipeleg. T h e operator would first t r y t o find detailed information about the pipeleg. If there is a hand-operated valve in this pipeleg and if the operator knows t h a t there was a pressure test some days ago

Temporal reasoning
T o handle this kind of problem, all fault situations and t h e detected f a u l t causes are stored in the knowledge base o f the used expert system t o o l for every t i m e step. When new fault situations occur, the stored situations are retrieved and compared t o the current situation. If the stored fault symptoms are identical or a t least a subset o f t h e current symptoms, then a causal relationship between old and new fault situation may exist w i t h some probability. W i t h this method, slowly evolving fault situations can be handled properly. Stored fault situations are also used for analysis o f the unknown failures mentioned earlier.

446
i n this part o f the network, then he would probably conclude t h a t someone forgot to open the valve after the test. Otherwise t h e problem is probably related t o t h e control valve itself. Now t h a t t h e fault cause is isolated, the decision support system can display step by step actions t o support fault recovery. A t this point further background information is needed, for example the exact location o f t h e faulty network elements, names o f the persons responsible, available staff, safety considerations, etc. As an example, see left window i n Fig. 7. T h e required knowledge is stored in individual hypertext documents which are loaded o n demand. Hypertext links allow j u m p i n g between documents and background information, which may consist o f graphical representations, like plans o f t h e network, lists, tables and even audio or video sequences. Links are marked in the hypertext viewer by underlined text (No i n Fig. 7) or through small icons, for example, an arrow symbol for further text information and other symbols for graphical information. T h e implemented hypertext viewer is a stand-alone program which communicates through messages w i t h t h e main body o f the diagnosis subsystem. Currently a special hypertext development system is under developement, which will automatically generate indices o f hypertext topics and support a graphical representation o f the document structure. With this system, it will be possible t o use t h e hypertext t o o l as a special information retrieval system, for example, for training or documentation purposes. Furthermore, it will reduce t h e "lost i n hyperspace" problem and allow the user t o backtrack his path through the different documents t o specific information or conclusions, as proposed by Hollender (8). Some details o f the user interface are reported in the next section.

ystem

gas transmission network

Figure 6: Implementation of the decision support syst e m as part o f a S C A D A system. T h e user interface and t h e hypertext t o o l are implemented in C and use X-Windows (Open Look). T h e diagnosis system kernel is partially programmed in C, the rule-based part i n Pamela-C, see Barachini (6). a fast forward chaining expert system tool. B o t h observers, incorporated in the kernel as well as t h e simulator are written i n Fortran. They are based o n the well-known programs G A N B E O and GANESI. described i n Lappus and Schmidt (5). T h e hypertext documents are written in standard HTML ( b p e r L e x t M a r k u p Language). For communication between the processes, standard

UNlX interprocess communication techniques based o n TCP/IP are used. One complete cycle o f simulation,
diagnosis and visualization for the gas transmission network, shown in the upper part o f a hardcopy o f the operator's interface i n Fig. 7, takes less than 1.5 sec on a SUN Sparc 10 work station. In comparison: i n real-time, one measurement updating cycle is 15 sec, as forced by t h e data aquisition system. T h e examined network consists of 109 nodes w i t h 11 valve stations, 2 main supply stations and 15 offtake nodes. T h e t o t a l pipeline length is about 170 k m . It distributes oxygen a t a pressure level o f about 40 atmospheres. This allows an average throughput o f gas o f about 100,000 m3 per hour. In the network 34 pressure and 17 flow measurements are made. In the knowledge-based diagnosis component, around 100 generic rules are implemented. These suffice t o detect leaks or blockages in every pipeleg, wrong valve positions, and they support localization o f unknown fault patterns and supervision of operator actions.

IMPLEMENTATION ISS U ES
A major part o f t h e development and experimental evaluation o f the fault detection and diagnosis system was accomplished by using data collected i n real gas transmission networks. Parts o f the described diagnosis system, such as leak detection and localization, were tested i n an industrial gas distribution network. Fig. 6 shows t h e integration o f the decision support system i n t o a modern S C A D A system. T h e diagnosis subsystem can be connected t o the system bus and makes use of the process data available i n the S C A D A system's database. T h e complete system is currently implemented on a UNlX work station. It consists o f five processes: the diagnosis system kernel, t w o state observers, user interface and hypertext tool. T h e diagnosis system kernel receives its inputs either f r o m a network simulator or f r o m a file which contains real measurement data. Diagnosis results are visualized through the user interface.

CONCLUSIONS
T h e gas network diagnosis system described i n this paper is capable o f detecting major measurement failures, plant failures and operator faults i n real time. This is accomplished by use o f a hierarchical combination of

447

oul
Pipeleg between node 6O00 and 2018 blocked
Explanation:
me diagnosis system has detected that the plpeleg between 6000 and ZOlE Is blocked. Gas should flow from 6000 to 2018. Pressure level at node 6000 Is higher than cxoected. mile oressure level at node 2018 is lower than expected.

Detailed Layout:

-"ere s a nand--operate0 valve in th s pipeleg Was inem any pressure re31or mantenance MR a l m s pipeleg our np tne ast 7 days

If maintenance w r k or a pressure test had been carried out then probabk someone forgot to open the valve.

Advice:
Please inform Mr *)3( about this incident. Please send someone Out la node 6000 to open the valve. Geographical plan and location:

Available staff

Safety:
Do not open the valve, lfthe pressure difference behveen inlet and outletls more than 1.4 almospheres.
pressure estimated by observer

Figure 7: Hardcopy o f operator's interface, where the pipeleg between nodes 6000 and Z018 i n t h e period f r o m a t o b is blocked signal-based, model-based and knowledge-based techniq ues . After detection and isolation o f failures, an advanced hypertext t o o l supports the operator i n fault recovery. T h e implemented prototype demonstrated t h a t t h e diagnosis system can be applied online, as part o f a standard S C A D A system, which monitors and controls a medium sized gas transmission network. Because o f t h e encouraging results w i t h the diagnosis o f gas transmission networks, t h e developed methods get currently adapted and generalized for use i n chemical plants, w i t h major emphasis on supervision and diagnosis o f material flow subprocesses. 1992, "Proc. o f the IMACS/SICE Int. Symp. on Robotics, Mechatronics and Manufacturing Systems", Kobe, Japan, 817 822. Sekine, Y.. A k i m o t o , Y . , Kunugi, M . , Fukui, C., Fukui. S., Fault diagnosis of power systems. 1992, Proc. o f the IEEE, 80, 673 - 683. Frank, P.M., Fault diagnosis i n dynamic systems using analytical and knowledge-based redunA survey and some new results. 1990, dancy Auto~matica,26, 459 474. Lappus, G., Schmidt, G., Design and industrial application of a large scale observer system. 1987 "IFAC 10th World Congress o n Automatic Control", Munich, Germany, preprints Vol. 3, 117 122. Barachini. F.. T h e evolution of P A M E L A . 1991, Expert Systems, 8, 8 7 98. Perschl, F., Schmidt, G.. Model- and knowledgebased fault detection and diagnosis of gas transmission networks. 1993, " IEEE International Conference on Systems, M a n and Cybernetics", Le Touquet, France, Vol. 1, 749 754. Hollender, M . , Diagnosing faults co-operatively and i n context. 1994, " IFAC-Symposium Safeprocess", Finish University of Technology, Espoo, Finland.

3.

4.

5.

Acknowledgements: This work was partially supported by t h e " Bayerische Forschungsverbund Systemtechnik, BayFORSYS" References

6.
7.

1. Lappus, G., Schmidt, G., Process monitoring and

control o f gas pipeline networks. in Tzafestas, S.G., Pal, J . K . (eds.), 1990, "Real Time Microcomputer Control o f Industrial Processes", Kluwer Academic Publishers, 397 - 433 2. Okuda. K.. Fujii, T., Miyasaka, N., Model based approach t o the real-time fault diagnosis,

8.