Fault Diagnosis for Functional Safety in Electrified and Automated Vehicles

Fault Diagnosis for Functional Safety in Electriﬁed and Automated Vehicles

Dissertation

Presented in Partial Fulﬁllment of the Requirements for the Degree Doctor of Philosophy in the Graduate School of The Ohio State University

Tianpei Li,

Graduate Program in Mechanical Engineering

The Ohio State University

2020

Dissertation Committee:

Prof. Giorgio Rizzoni, Advisor Prof. Manoj Srinivasan Prof. Ran Dai Prof. Qadeer Ahmed c Copyright by

Tianpei Li

2020 Abstract

Vehicle safety is one of the critical elements of modern automobile development.

With increasing automation and complexity in safety-related electrical/electronic

(E/E) systems, and given the functional safety standards adopted by the automotive industry, the evolution and introduction of electriﬁed and automated vehicles had dramatically increased the need to guarantee unprecedented levels of safety and security in the automotive industry.

The automotive industry has broadly and voluntarily adopted the functional safety standard ISO 26262 to address functional safety problems in the vehicle development process. A V-cycle software development process is a core element of this standard to ensure functional safety. This dissertation develops a model-based diagnostic methodology that is inspired by the ISO-26262 V-cycle to meet automotive functional safety requirements. Specifically, in the first phase, system requirements for diagnosis are determined by Hazard Analysis and Risk Assessment (HARA) and Failure Modes and Effect Analysis (FMEA). Following the development of system requirements, the second phase of the process is dedicated to modeling the physical subsystem and its fault modes. The implementation of these models using advanced simulation tools (MATLAB/Simulink and CarSim in this dissertation) permits quantification of the fault effects on system safety and performance. The next phase is dedicated

ii to understanding the diagnosability of the system (given a sensor set), or the selection of a suitable sensor set to achieve the desired degree of diagnosability, using a graph-theoretic method known as structural analysis. By representing a system in directed-graph or incidence-matrix form, structural analysis allows the determination of analytical redundancy in the system and of the detectability and isolability of individual faults. Further, it provides a logical computation sequence for solving for system unknowns, by identifying analytical redundant relations (ARRs) that can be used to design diagnostic algorithms. The design of residual generation based on ARRs is linked to state estimation and system identiﬁcation methods, including state observers and parameter estimation. The later phases of the V-diagram address the development of Model-In-the-Loop, Software -In-the-Loop, Hardware-In- the-Loop, in-vehicle calibration and validation. For the purposes of this dissertation we limit our demonstration of the methods to Model-In-the-Loop validation for two of the case studies and Hardware-In-the-Loop validation for a third.

In addition to developing a process-oriented methodology, this dissertation also addresses trade-oﬀs in selecting diﬀerent methods in terms of computational causality and robustness to noise and uncertainty in compliance with diagnostic requirements.

Further, when dealing with state estimation and system identification in nonlinear systems, system observability can change with operating conditions. This dissertation also introduces a novel nonlinear system observability index to quantify system observability under different operating conditions. This index helps determine proper scenarios to apply state estimation and system identification approaches for fault diagnosis. That is, the system observability and fault detectability may be enhanced in some operating conditions.

iii The effectiveness of the methodology is demonstrated in three case studies: i) the diagnosis of electric traction drive resolver faults in all-wheel drive battery electric vehicles; ii) resolver fault diagnosis in a P-2 configuration hybrid-electric powertrain; and iii) fault diagnosis in the automated vehicle steering system. While ISO 26262 applies to E/E systems, mechanical and electromechanical systems are also susceptible to safety-related degradation and failure. Thus, in the third case study, we extend the scope of functional safety problems addressed by ISO 26262 to mechanical faults in vehicle steering system. That is, this dissertation addresses functional safety issues related to both E/E systems and mechanical systems in electrified and autonomous vehicles.

iv Dedicated to my parents

v Acknowledgments

First, I would like to express my sincere gratitude to my advisor, Prof. Giorgio

Rizzoni, for his continuous guidance and support in helping me develop interests in my research area. Without his expertise, patience and supervision, this dissertation would not be successful. I also thank him for providing me with the opportunity to join the Ohio State University Center for Automotive Research (OSU CAR) and to work with a group of intelligent people. The invaluable knowledge and experience

I gained throughout my entire Ph.D career will be the key to my future success. I would also like to thank Prof Qadeer Ahmed, Prof. Manoj Srinivasan, Prof. Ran

Dai, for serving as my dissertation committee. I especially would like to express my appreciation to Prof. Qadeer Ahmed, for the helpful guidance in the research projects on electric traction drive resolver diagnosis and chassis system diagnosis. I would like to thank Dr. Jeﬀ Chrstos for his knowledge and experience in vehicle dynamics, CarSim and driving simulator. I specially thank Ruban Sekar for his help and support in performing experiments for my research. I also thank my workmates in the diagnostic/prognostic research group at CAR, including Ruochen Yang, Kaveh

Khodadadi Sadabadi. It was a pleasant experience to exchange ideas with these talented people.

I am also deeply grateful to my parents for their unconditional love and care.

Without their support, I would never grow into maturity. I would like to thank Ziyi

vi Li, for all her love and company over the past years. I also thank my friends at CAR, especially Tong Zhao, Ye Cheng, Yuxing Liu, Ke Pan, Zhaoxuan Zhu, for being so encouraging and supportive that helps me get rid of stresses and overcome all the hardships.

Finally, I would like to thank Ford Motor Company for providing me with great research opportunities and projects. My gratitude goes to the people at Ford Motor

Company, especially Mathew Boesch, Jason Meyer, Bader Badreddine, Dexin Wang,

Devon Eyerman and Timothy Drotar.

vii Vita

2014 ...... B.S. Vehicle Engineering, Hefei Univer- sity of Technology, Hefei, China 2014-present ...... Graduate Research Associate, Center for Automotive Research, Department of Mechanical and Aerospace Engineer- ing, The Ohio State University, Colum- bus, Ohio, USA.

Publications

Research Publications

Li, T., Rizzoni, G., Ahmed, Q., Meyer, J., Boesch, M. and Badreddine, B. (in press) “Model-Based Electric Traction Drive Resolver Fault Diagnosis for Electriﬁed Vehi- cles”. International Journal of Powertrains

Li, T., Ahmed, Q., Rizzoni, G., Meyer, J., Boesch, M. and Badreddine, B. “Motor Resolver Fault for AWD EV based on Structural Analysis”. SAE Technical Paper, 2018, No. 2018-01-1354

Li, T., Ahmed, Q., Rizzoni, G., Meyer, J., Boesch, M. and Badreddine, B. “Mo- tor Resolver Fault Propagation Analysis for Electriﬁed Powertrain”. ASME 2017 Dynamic Systems and Control Conference

Zhang, J., Amodio, A., Li, T., Aksun-Gven, B. and Rizzoni, G. “Fault Diagnosis and Fault Mitigation for Torque Safety of Drive-by-Wire Systems”. IEEE Transactions on Vehicular Technology, 67(9), pp.8041-8054

Zhang, J., Li, T., Amodio, A., Aksun-Guvenc, B. and Rizzoni, G. “Fault diagnosis and fault tolerant control for electriﬁed vehicle torque security”. 2016 IEEE Transportation Electriﬁcation Conference and Expo (ITEC), pp. 1-7. IEEE

viii Fields of Study

Major Field: Mechanical Engineering

ix Table of Contents

Page

Abstract ...... ii

Dedication ...... v

Acknowledgments ...... vi

Vita...... viii

List of Tables ...... xiv

List of Figures ...... xvi

List of Acronyms and Symbols ...... xxv

1. Introduction ...... 1

1.1 Motivation ...... 1 1.2 Contributions of this Dissertation ...... 10 1.3 Organization of this Dissertation ...... 11

2. Background ...... 14

2.1 Automotive Functional Safety ...... 14 2.2 Diagnostic Challenge for Automated Vehicles ...... 17 2.3 ISO/PAS 21448 Standard - Road Vehicles- Safety of the Intended Functionality (SOTIF) ...... 20 2.4 Objectives of This Dissertation ...... 21 2.5 Hazard Analysis and Risk Assessment (HARA) ...... 23 2.6 Functional Safety Concept and Technical Safety Concept ...... 25 2.7 Failure Modes and Eﬀect Analysis (FMEA) ...... 26

x 2.8 Model-based Diagnosis Approaches ...... 30 2.8.1 Analytical Redundancy ...... 30 2.8.2 Structural Analysis ...... 31 2.8.3 Fault diagnosis with observers ...... 43 2.8.4 Fault diagnosis with parity equation ...... 47 2.8.5 Equivalence between observer-based diagnosis and parity equation- based diagnosis ...... 49 2.8.6 Fault diagnosis with parameter estimation ...... 52 2.9 Overview of Model-based Fault Diagnosis Methodology ...... 56 2.10 Conclusion ...... 57

3. Diagnosis of Electric Traction Drive Resolver Fault in All-wheel Drive Electric Vehicles ...... 59

3.1 PMSM Drive System Modeling ...... 62 3.2 FMEA of Electric Traction Drive Resolver ...... 64 3.2.1 Resolver-to-digital Conversion ...... 65 3.2.2 Failure modes of the resolver ...... 66 3.3 Resolver Fault Effects Analysis ...... 69 3.3.1 Effects of Amplitude Imbalance and Quadrature Imperfection in PMSM Drive System ...... 70 3.3.2 Effects of Amplitude Imbalance and Quadrature Imperfection on Electric Motor Control ...... 71 3.3.3 Effects of Reference Phase Shift in PMSM Drive System . . 73 3.4 Simulation of Resolver Fault in PMSM Drive System ...... 74 3.4.1 Amplitude Imbalance in PMSM Drive System ...... 74 3.4.2 Reference Phase Shift in PMSM Drive System ...... 75 3.5 Structural Analysis for FDI ...... 77 3.6 Tire Slip Analysis ...... 83 3.6.1 Scenario 1: Tire Slip due to Intensive Acceleration . . . . . 85 3.6.2 Scenario 2: Tire Slip due to Extreme Road Conditions . . . 85 3.6.3 Scenario 3: Tire Slip due to Code Error ...... 86 3.7 GPS based Vehicle Speed and Wheel Speed Sensor Performance with Tire Slip ...... 86 3.8 Vehicle Drive Scenarios Analysis ...... 87 3.8.1 Vehicle Drive Scenario 1 ...... 88 3.8.2 Vehicle Drive Scenario 2 ...... 89 3.9 Design of Diagnostic Decision Logic ...... 90 3.10 Residual Design ...... 93 3.11 Residual Evaluation ...... 94 3.12 Simulation Results ...... 95

xi 3.12.1 Front Motor Resolver Fault with Tire Slip due to Extreme Road Conditions ...... 96 3.12.2 Front Motor Resolver Fault with Code Error Tire Slip . . . 98 3.12.3 Front Motor Resolver Fault and Front Wheel Speed Sensor Fault ...... 100 3.12.4 Front Motor Resolver Fault without Tire Slip or Wheel Speed Sensor Fault ...... 102 3.13 Conclusion ...... 104

4. Diagnosis of Electric Traction Drive Resolver Fault in Electriﬁed Powertrain105

4.1 Hybrid Electric Vehicle Powertrain ...... 108 4.2 Simulation of Resolver Fault Eﬀects in P2 Hybrid Powertrain . . . 109 4.2.1 Motor Torque Control...... 110 4.2.2 Motor Speed Control...... 112 4.3 Structural Analysis for Resolver Fault Detection ...... 114 4.4 Torque Converter Modeling for Motor Speed Estimation ...... 120 4.5 Electric Traction Drive Resolver Fault Diagnostic Strategy . . . . . 140 4.6 Conclusion ...... 146

5. Fault Diagnosis of Vehicle Steering System ...... 148

5.1 FMEA and Simulation of Fault Effects for Vehicle Steering System 153 5.2 Fault Diagnosis for Tire Degradation and Steering Backlash Detection158 5.2.1 Modeling of Vehicle Dynamics ...... 159 5.2.2 Structural Analysis on Simplified Four-wheel Vehicle Dynam- ics Model ...... 162 5.2.3 Fault Diagnostic Strategy for Tire Degradation and Steering Backlash Detection ...... 173 5.3 Fault Diagnosis for Tire Degradation Identification ...... 184 5.3.1 Structural Analysis on Single-track Vehicle Model ...... 185 5.3.2 A Degree of Observability Index for Nonlinear Systems . . . 195 5.3.3 Tire Cornering Stiffness Estimation with the Extended Kalman Filter and Unscented Kalman Filter ...... 199 5.4 Validation in Vehicle Dynamics Driver-in-the-loop Simulator . . . . 212 5.4.1 Design of Experiments ...... 214 5.4.2 Results ...... 221 5.5 Conclusion ...... 270

6. Conclusions and Future Work ...... 272

6.1 Summary and Conclusions ...... 272

xii 6.2 Future Work ...... 275

Appendices 276

A. Torque Converter Dynamic model ...... 276

A.1 Torque Converter Dynamic Model ...... 276 A.2 Nomenclature ...... 277

B. The Extended Kalman Filter and Unscented Kalman Filter Algorithms . 279

B.1 The EKF Algorithm ...... 279 B.2 The UKF Algorithm ...... 280

C. Observability Matrix of Vehicle Horizontal Dynamics System based on Single-track Vehicle Model ...... 283

Bibliography ...... 286

xiii List of Tables

Table Page

2.1 Classes of severity ...... 24

2.2 Classes of probability of exposure regarding operationg situations . . 24

2.3 Classes of controllability ...... 24

2.4 Hazard Analysis and Risk Assessment for Electric Traction Drive Re- solver ...... 24

2.5 FMEA for vehicle front suspension ...... 28

2.6 Example of Incidence Matrix ...... 36

3.1 FMEA for electric traction drive resolver ...... 67

4.1 Motor speed estimation error statistics with diﬀerent transmission ﬂuid density ...... 140

5.1 FMEA for automated vehicle steering system ...... 151

5.2 Tire cornering stiﬀness estimation error with EKF ...... 204

5.3 Tire cornering stiﬀness estimation with EKF (healthy vs. faulty) . . . 207

5.4 Tire cornering stiﬀness estimation error with the UKF ...... 208

5.5 Tire cornering stiﬀness estimation with the UKF (healthy vs. faulty) 210

5.6 Dimension speciﬁcation of ISO 3888-1:2018 ...... 217

xiv 5.7 Tire cornering stiﬀness estimation error under double lane change using the EKF ...... 227

5.8 Tire cornering stiﬀness estimation error under double lane change with front tire degradation using the EKF ...... 233

5.9 Tire cornering stiﬀness estimation during double lane change maneuver with the EKF (healthy vs. faulty) ...... 234

5.10 Tire cornering stiﬀness estimation error under double lane change with the UKF ...... 239

5.11 Tire cornering stiﬀness estimation error under double lane change with front tire degradation using the UKF ...... 245

5.12 Tire cornering stiﬀness estimation during double lane change maneuver with the UKF (healthy vs. faulty) ...... 246

5.13 Tire cornering stiﬀness estimation error under slalom test with the EKF252

5.14 Tire cornering stiﬀness estimation error under slalom test with front tire degradation using the EKF ...... 258

5.15 Tire cornering stiﬀness estimation during slalom test with the EKF (healthy vs. faulty) ...... 259

5.16 Tire cornering stiﬀness estimation error under slalom test with the UKF264

5.17 Tire cornering stiﬀness estimation error under slalom test with front tire degradation using the UKF ...... 269

5.18 Tire cornering stiﬀness estimation during slalom test with the UKF (healthy vs. faulty) ...... 270

xv List of Figures

Figure Page

2.1 Overview of the ISO 26262 ...... 16

2.2 Automation in vehicles (courtesy of Qadeer Ahmed) ...... 18

2.3 Model-based software development for automotive fault diagnosis . . 22

2.4 Example of technical safety concept for a model-based fault diagnosis system ...... 27

2.5 Two fundamental steps in model-based diagnosis using analytical redundancy ...... 31

2.6 Example of Bipartite graph ...... 35

2.7 Dulmage-Mendelsohn (DM) Decomposition of a Structural Model . . 37

2.8 DM Decomposition of System 1 ...... 38

2.9 Observer-based fault diagnosis scheme ...... 46

2.10 Dedicated observer scheme for fault diagnosis ...... 46

2.11 Generalized observer scheme for fault diagnosis ...... 47

2.12 First four steps of V diagram for model-based fault diagnosis . . . . . 57

3.1 First four steps of the V diagram for electric traction drive resolver FDI in all-wheel drive electric vehicles ...... 60

3.2 AWD EV system architecture ...... 61

xvi 3.3 Block diagram of the PMSM drive system ...... 62

3.4 Block diagram of the resolver-to-digital conversion ...... 66

3.5 Motor torque and motor speed proﬁle given amplitude imbalance in PMSM drive ...... 75

3.6 Real motor speed vs. measured motor speed given amplitude imbalance in PMSM drive ...... 76

3.7 Motor torque and motor speed proﬁle given reference phase shift in PMSM drive ...... 77

3.8 Structural analysis of AWD EV architecture: structural model, Dulmage- Mendelsohn (DM) decomposition and fault isolability analysis . . . . 79

3.9 Matching using equation (3.31) as analytical redundant relation . . . 82

3.10 Matching using equation (3.32) as analytical redundant relation . . . 83

3.11 Structural analysis of AWD EV architecture with extra constraint . . 84

3.12 Longitudinal tire slip under different road conditions and vehicle speed profile as well as wheel linear speed profile on icy road ...... 87

3.13 Diagnostic decision logic for resolver fault ...... 91

3.14 Residuals with front motor resolver fault and tire slip under extreme road condition ...... 96

3.15 Fault ﬂag with front motor resolver fault and tire slip under extreme road condition ...... 97

3.16 Residuals with front motor resolver fault and code error tire slip . . . 98

3.17 Fault ﬂag with front motor resolver fault and code error tire slip . . . 99

3.18 Residuals with front motor resolver fault and front wheel speed sensor fault ...... 100

xvii 3.19 Fault ﬂag with front motor resolver fault and front wheel speed sensor fault ...... 101

3.20 Residuals with front motor resolver fault ...... 102

3.21 Fault ﬂag with front motor resolver fault ...... 103

4.1 First four steps of the V diagram for electric traction drive resolver FDI in P2 hybrid electric vehicles ...... 107

4.2 P2 hybrid powertrain conﬁguration ...... 108

4.3 P2 hybrid powertrain architecture ...... 110

4.4 Accelerator pedal position for simulating vehicle launching process . . 111

4.5 Motor torque proﬁle given amplitude imbalance under motor torque control ...... 112

4.6 Motor speed proﬁle given amplitude imbalance under motor torque control ...... 113

4.7 Motor torque proﬁle given amplitude imbalance under motor speed control ...... 114

4.8 Motor speed proﬁle given amplitude imbalance under motor speed control115

4.9 Structural model of P2 hybrid powertrain in EV mode with open torque converter ...... 118

4.10 DM decomposition of P2 hybrid powertrain system in EV mode with open torque converter ...... 119

4.11 Structural model of P2 hybrid powertrain without equation 4.11 . . . 119

4.12 DM decomposition of P2 hybrid powertrain without equation 4.11 . . 120

4.13 Torque converter assembly ...... 121

4.14 Torque converter assembly ...... 122

xviii 4.15 Torque converter schematic ...... 123

4.16 Impeller and turbine torque estimation with and without stator rotational dynamics ...... 124

4.17 Impeller torque estimation error without stator rotational dynamics . 125

4.18 Sensitivity analysis of torque ratio vs. speed ratio with diﬀerent radius of impeller, turbine and stator ...... 127

4.19 Sensitivity analysis of torque converter eﬃciency vs. speed ratio with diﬀerent radius of impeller, turbine and stator ...... 128

4.20 Sensitivity analysis of torque converter capacity factor (K factor) vs. speed ratio with diﬀerent radius of impeller, turbine and stator . . . . 129

4.21 Sensitivity analysis of torque ratio vs. speed ratio with diﬀerent radius of impeller, turbine and stator ...... 130

4.22 Sensitivity analysis of torque converter eﬃciency vs. speed ratio with diﬀerent radius of impeller, turbine and stator ...... 131

4.23 Sensitivity analysis of torque converter capacity factor (K factor) vs. speed ratio with diﬀerent radius of impeller, turbine and stator . . . . 132

4.24 Capacity factor comparison between experimental data and torque converter model ...... 136

4.25 Comparison between motor torque estimate and motor torque request 137

4.26 Torque converter model validation through comparison between measured motor speed and estimated motor speed ...... 138

4.27 Scatterplot of motor speed estimate vs. motor speed measurement . . 139

4.28 Resolver fault diagnostic strategy ...... 140

4.29 Resolver fault tolerant control strategy ...... 142

4.30 Motor speed measurement with resolver fault ...... 143

xix 4.31 Adaptive thresholds and residual signals ...... 144

4.32 CUSUM results and fault ﬂag ...... 145

4.33 Motor speed measurement with fault tolerant control ...... 146

5.1 V diagram for vehicle steering system fault diagnosis ...... 152

5.2 Co-simulation architecture for fault injection and simulation . . . . . 153

5.3 Schematic of backlash in gear mechanism ...... 154

5.4 Vehicle response with backlash in steering system ...... 155

5.5 Tire lateral force vs. tire lateral slip angle ...... 156

5.6 Vehicle response with front tire degradation by cornering stiﬀness change by +20% ...... 157

5.7 Single-track vehicle model architecture ...... 160

5.8 14 DOF four-wheel vehicle model architecture ...... 161

5.9 Vehicle dynamics architecture ...... 161

5.10 Structural model of the simpliﬁed vehicle horizontal dynamics . . . . 167

5.11 DM decomposition of the simpliﬁed vehicle horizontal dynamics strutural model ...... 168

5.12 Fault isolability matrix of the simpliﬁed vehicle horizontal dynamics strutural model ...... 169

5.13 Matching using equation e21 as analytical redundant relation for fault isolation ...... 170

5.14 Matching using equation e22 as analytical redundant relation . . . . . 172

5.15 Fault diagnostic strategy for tire degradation and steering backlash detection ...... 174

xx 5.16 Vehicle trajectory during multiple cornering maneuver with equal effective cornering radius ...... 175

5.17 Vehicle lateral velocity and yaw rate estimation during multiple cornering maneuver with equal eﬀective cornering radius ...... 176

5.18 Wheel steer angle estimation during multiple cornering maneuver with equal eﬀective cornering radius ...... 177

5.19 Tire lateral force estimation during multiple cornering maneuver with equal eﬀective cornering radius ...... 178

5.20 Tire lateral slip angle estimation during multiple cornering maneuver with equal eﬀective cornering radius ...... 179

5.21 Residuals response with front tire degradation by cornering stiﬀness change ...... 180

5.22 Residuals response with steering backlash ...... 181

5.23 CUSUM results of Residual 1 for front tire degradation detection . . 182

5.24 CUSUM results of Residual 2 for front tire degradation detection . . 182

5.25 CUSUM results of Residual 1 for steering backlash detection . . . . . 183

5.26 CUSUM results of Residual 2 for steering backlash detection . . . . . 183

5.27 Structural model of the single-track vehicle dynamics model . . . . . 189

5.28 DM decomposition of the single-track vehicle dynamics model . . . . 190

5.29 Fault signature based on MSO sets ...... 191

5.30 Matching using equation (5.29) as analytical redundant relation . . . 194

5.31 Tire cornering stiﬀness estimation strategy ...... 200

5.32 Vehicle trajectory during multiple cornering maneuver with steady- state lateral acceleration at 0.3(g) ...... 202

xxi 5.33 Vehicle yaw rate and lateral velocity estimation with EKF and single- track vehicle model ...... 203

5.34 Tire cornering stiﬀness estimation with EKF and single-track vehicle model ...... 204

5.35 Tire cornering stiﬀness estimation with ±40% initial values error . . . 205

5.36 Tire cornering stiﬀness estimation with front tire degradation by +20% change in front tire cornering stiﬀness ...... 206

5.37 Vehicle yaw rate and lateral velocity estimation with the UKF and single-track vehicle model ...... 209

5.38 Tire cornering stiﬀness estimation with the UKF and single-track vehicle model ...... 210

5.39 Tire cornering stiﬀness estimation with front tire degradation by +20% change in front tire cornering stiﬀness using UKF ...... 211

5.40 Vehicle dynamics driver-in-the-loop simulator ...... 214

5.41 Driver’s point of view ...... 215

5.42 Steering motor controller layout ...... 215

5.43 Data ﬂow between QuadDS motion platform and accompanying software and hardware ...... 216

5.44 ISO 3888-1:2018 Double Lane Change maneuver layout ...... 217

5.45 Position of Cones for Double Lane Change ...... 218

5.46 ISO 3888-1:2018 cone dimensions ...... 219

5.47 Layout of Slaloms ...... 220

5.48 Vehicle target trajectory in long slalom ...... 220

5.49 Vehicle trajectory under double lane change maneuvers ...... 222

xxii 5.50 Vehicle yaw rate and lateral velocity estimation under double lane change maneuver ...... 223

5.51 Wheel steer angle estimation under double lane change maneuver . . 224

5.52 Tire lateral force estimation under double lane change maneuver . . . 225

5.53 Tire lateral slip angle estimation under double lane change maneuver 226

5.54 Tire cornering stiﬀness estimation under double lane change maneuver 227

5.55 Vehicle yaw rate and lateral velocity estimation under double lane change maneuver with front tire degradation ...... 229

5.56 Wheel steer angle estimation under double lane change maneuver with front tire degradation ...... 230

5.57 Tire lateral force estimation under double lane change maneuver with front tire degradation ...... 231

5.58 Tire lateral slip angle estimation under double lane change maneuver with front tire degradation ...... 232

5.59 Tire cornering stiﬀness estimation under double lane change maneuver with front tire degradation ...... 233

5.60 Vehicle yaw rate and lateral velocity estimation under double lane change maneuver with the UKF ...... 235

5.61 Wheel steer angle estimation under double lane change maneuver with the UKF ...... 236

5.62 Tire lateral force estimation under double lane change maneuver with the UKF ...... 237

5.63 Tire lateral slip angle estimation under double lane change maneuver with the UKF ...... 238

5.64 Tire cornering stiﬀness estimation under double lane change maneuver with the UKF ...... 239

xxiii 5.65 Vehicle yaw rate and lateral velocity estimation under double lane change maneuver with front tire degradation using the UKF . . . . . 241

5.66 Wheel steer angle estimation under double lane change maneuver with front tire degradation using the UKF ...... 242

5.67 Tire lateral force estimation under double lane change maneuver with front tire degradation using the UKF ...... 243

5.68 Tire lateral slip angle estimation under double lane change maneuver with front tire degradation using the UKF ...... 244

5.69 Tire cornering stiﬀness estimation under double lane change maneuver with front tire degradation using the UKF ...... 245

5.70 Vehicle trajectory under Slalom test ...... 247

5.71 Vehicle yaw rate and lateral velocity estimation under slalom test with the EKF ...... 248

5.72 Wheel steer angle estimation under slalom test with the EKF . . . . 249

5.73 Tire lateral force estimation under slalom test with the EKF . . . . . 250

5.74 Tire lateral slip angle estimation under slalom test with the EKF . . 251

5.75 Tire cornering stiﬀness estimation under slalom test with the EKF . . 252

5.76 Vehicle yaw rate and lateral velocity estimation under slalom test with front tire degradation using the EKF ...... 254

5.77 Wheel steer angle estimation under slalom test with front tire degradation using the EKF ...... 255

5.78 Tire lateral force estimation under slalom test with front tire degradation using the EKF ...... 256

5.79 Tire lateral slip angle estimation under slalom test with front tire degradation using the EKF ...... 257

xxiv 5.80 Tire cornering stiﬀness estimation under slalom test with front tire degradation using the EKF ...... 258

5.81 Vehicle yaw rate and lateral velocity estimation under slalom test with the UKF ...... 260

5.82 Wheel steer angle estimation under slalom test with the UKF . . . . 261

5.83 Tire lateral force estimation under slalom test with the UKF . . . . . 262

5.84 Tire lateral slip angle estimation under slalom test with the UKF . . 263

5.85 Tire cornering stiﬀness estimation under slalom test with the UKF . . 264

5.86 Vehicle yaw rate and lateral velocity estimation under slalom test with front tire degradation using the UKF ...... 265

5.87 Wheel steer angle estimation under slalom test with front tire degradation using the UKF ...... 266

5.88 Tire lateral force estimation under slalom test with front tire degradation using the UKF ...... 267

5.89 Tire lateral slip angle estimation under slalom test with front tire degradation using the UKF ...... 268

5.90 Tire cornering stiﬀness estimation under slalom test with front tire degradation using the UKF ...... 269

xxv List of Acronyms and Symbols

Acronyms

ARR Analytical Redundant Relation

ASIL Automotive Safety Integrity Level

C Controllability

CUSUM Cumulative Sum

DM Dulmage Mendelsohn

E Exposure

E/E Electrical/Electronic

EKF Extended Kalman ﬁlter

EM Electric Motor

EV Electric Vehicle

FDI Fault Detection and Isolation

FMEA Failure Modes and Eﬀect Analysis

FOC Field Oriented Control

FWVM Four-wheel Vehicle Model

xxvi HARA Hazard Analysis and Risk Assessment

HEV Hybrid Electric Vehicle

HIL Hardware-in-the-loop

IMU Inertial Measurement Unit

MSO Minimum Structurally Over-determined

OBD On-Board Diagnostics

PMSM Permanent Magnet Synchronous Machine

PSO Proper Structurally Over-determined

QM Quality Management

R/D Resolver-to-digital

S Severity

UKF Unscented Kalman ﬁlter

Symbols

α Amplitude Imbalance Index/Tire Lateral Slip Angle [rad]

β Quadrature Imperfection Index/Backlash Width

δ Phase Shift/Wheel Steer Angle [rad]

λm Magnetic Flux [Wb]

ξ System Observability Index

C The set of Equations/Constraints in a Structural Model

xxvii E The set of Edges in a Structural Model

FDR Final Drive Ratio

K The set of Known Variables in a Structural Model

R Real Numbers

Z The set of Variables in a Structural Model

ω Angular Velocity [rad/s]

θ Angular Position [rad]

σ Tire Relaxation Length

Σ Covariance Matrix b Rotational Damping Coeﬃcient [Nm/(rad/s)]

C Computation Sequence/Tire Cornering Stiﬀness [N/rad]

E Mathematical Expectation/Amplitude of Reference Voltage (Resolver) f Fault/Function

F Force [N] g Gravitational Acceleration [m/s2]

I Moment of Inertia of the Rotating Elements [kgm2] k Stiﬀness [Nm/rad]

K Transformation Ratio (Resolver) l Distance [m]

xxviii L Inductance [H] m Mass [kg]

M Wheel Aligning Moment [Nm]

P Number of Pole Pairs r Residual/Ratio

R Resistance/Radius s Slip Ratio

T Torque [Nm]

V Voltage [V] v Vehicle Speed [m/s] y Measured Variables

Superscripts

* Reference

’ Signal after Demodulation (Resolver-to-digital Conversion)

+ Structurally Over-Constrained (Structural Analysis)/A Posteriori Es-

timate (Kalman Filter)

- Structurally Under-Constrained (Structural Analysis)/A Priori Esti-

mate (Kalman Filter)

0 Structurally Just-Constrained

xxix Subscripts a Phase A Variable axle Axle b Phase B Variable c Phase C Variable cf Front Suspension Compliance cr Rear Suspension Compliance dd Axis Variable e Electromagnetic eng Engine err Signal Error f Front/Faulty Condition fl Front Left fr Front Right h Healthy Condition i Impeller k The k-th Time Step

L Load m Mechanical

xxx os Output Shaft p Pinion qq Axis Variable r Rear ref Reference Value rl Rear Left rr Rear Right t Turbine veh Vehicle x Longitudinal Direction y Lateral Direction

xxxi Chapter 1: Introduction

1.1 Motivation

Vehicle safety is one of the key issues of future automobile development with the high complexity growth in safety-related electrical/electronic (E/E) systems [1].

In addition to E/E systems, mechanical systems in a vehicle are also safety critical since the operation of parts and components within the automotive systems are also subject to failure and degradation resulting in safety issues. Particularly, safety related electro-mechanical systems in a vehicle require safe operation of both electric/electronic components and mechanical components (e.g. Electric Power Assist

Steering (EPAS) system). The assurance of functional safety relies on a systematic design process to do fault diagnosis and to enable fault tolerance in safety critical systems. Today, there is an increasing interest in the fault diagnosis in automotive systems because of the increasing level of safety requirements in vehicles. With higher level of automation and electronic control achieved by software and hardware development, diagnosis becomes signiﬁcant as is necessary to any fault tolerant control in the vehicle systems. This dissertation focuses on designing a systematic approach for diagnosing the faults in the automotive mechanical and electro-mechanical systems

1 from two perspectives: hybrid electric powertrain torque security, and mechanical failure and degradation in autonomous vehicle chassis system.

Safety requirement of hybrid powertrains impose requirements on electric motor torque monitoring and diagnostics, known as electric motor torque security and functional safety practices [2]. There are many aspects of torque security in the hybrid powertrain system. Torque security can be assured by testing the integrity of signals in the powertrain control system, including monitoring hardware integrity, such as the wiring harnesses, communication links, sensors and actuators that monitor and control operation of the powertrain system [3]. In the literature, fault diagnosis for electric drive systems in electrified vehicles has been investigated by Zhang et al [4], with focus on motor speed sensor, wheel speed sensor, motor three phase voltage sensor fault detection. However, the results are only valid for pure electric vehicles. In hybrid electric vehicles, which include a combustion engine, a torque converter, and a multi-speed transmission, there is no fixed or simple kinematic relation between motor speed and wheel speed to detect the motor speed sensor fault with the wheel speed measurement, and therefore new methods are needed and proposed in this dissertation. In terms of specific components of the electric system, some researchers proposed methods for detecting power-inverter faults in the electric drive system [5, 6, 7]. Peo- ple also worked on fault diagnosis of various types of electric motors. Cruz et al. studied stator winding fault diagnosis in three-phase synchronous and asynchronous motors using the Extended Park’s Vector Approach [8]. Thomson et al. investigated induction motor fault detection through analysis of current signature [9]. Khan et al. presented a fault diagnostic scheme for the interior permanent-magnet synchronous

2 motors via wavelet packet transform and artificial neural network [10]. The methods proposed in these references regarding power-inverter and electric motor fault detection are data-driven, which requires a substantial amount of calibration. Inside the electric motors, various types of faults have been studied and the corresponding detection techniques have been proposed. Bearing faults detection using artificial neural networks has been presented in [11]. Some researchers proposed bearing fault detection through statistical time frequency analysis [12]. Faults related to stator or armature have also been analyzed. Stone et al. presented stator winding fault detection using partial-discharge test methods for high voltage motors [13]. Penman et al. described a way of detecting the stator winding interturn shorts and localizing the faulted coil by predicting changes in the axial leakage flux [14]. Dister et al. used statistical process control methods to detect stator faults [15]. In addition to stator faults, broken rotor bar and end-ring faults could also occur in the electric motors.

Kliman et al. [16], Thomson et al. [17], Filippetti et al. [18], and Elkasabgy et al. [19] demonstrated borken bar fault detection via spectrum analysis of machine line current [20]. Further, some researchers studied eccentricity-related faults. Nandi et al. proposed model-based approaches to detect eccentricity-related components

[21, 22]. Cardoso and Saraiva presented airgap eccentricity detection using the stator voltage and current Park’s vector [23]. For electric motor current sensor fault detection, people have proposed diﬀerent approaches. Berriri et al. proposed fault detection and isolation (FDI) of three-phase current sensor faults in the electric drive using parity equation approach [24]. Freire et al. proposed an average normalized currents method for current sensor fault detection in permanent-magnet synchronous generator (PMSG) drives [25]. In [26], a current sensor fault diagnosis method using

3 load currents analysis has been proposed for three-phase voltage source inverters. Re- garding motor speed sensor fault diagnosis, as a critical part of electriﬁed powertrain torque security, Jeon and Lee have studied the motor position sensor fault diagnosis based on an IPMSM electric drive model [27]. In [28], Li et al. have also addressed the diagnosis of a particular type of motor position and speed sensor, the resolver.

This topic, and its implications on functional safety of hybrid electric powertrains has not been the subject of much research. Garramiola et al. proposed a diagnostic strategy using an observer-based approach and a frequency analysis approach for motor current sensor fault as well as a hardware redundancy solution for speed sensor fault in railway applications [29]. For the use of electric motors in automotive industry, a hardware redundancy solution for motor speed sensor fault detection is not cost effective for real world applications. Chakraborty and Verma presented fault detection and isolation of the current and speed sensor faults for vector-controlled induction motor using axes transformation [30]. Yu et al. proposed model-based diagnostic approach for speed and current sensor fault detection and isolation using adaptive observers for induction motor drive [31]. However, the accuracy of the diagnostic approach based on the electric drive model can be affected by model uncertainty due to parameter variation. The characteristics of variable reluctance resolver with uneven magnetic fields have been analyzed by Kim [32]. Kim et al. [33] also studied the variable reluctance resolver fault diagnosis using FEM analysis and resolver-to-digital converter tracking algorithm, but not in a systematic way which the resolver fault effects on vehicle torque security should be included. In this dissertation proposal, we introduce a systematic methodology to first analyze the resolver fault diagnosis in the hybrid electric powertrain, which differs considerably from the diagnosis of the

4 same sensor in a pure electric powertrain. A distinct problem is studied in [34] by

Zhang et al. In this work, the authors studied accelerator and brake pedal sensing and mechanical faults to address some aspects of torque security for modern vehicle drive-by-wire systems.

In addition to hybrid electric powertrain torque security, autonomous vehicle chassis systems, that is, those systems which manage vehicle ride, handling and braking, are also of signiﬁcant importance in functional safety for future automobile development. Automated driving features are more demanding and challenging in terms of functional safety mostly because human driver backup is no longer available in the autonomous vehicle. This means one can no longer rely on the driver to provide control inputs to the vehicle during operation [35, 36]. While controllability challenges imposed by the driver being out of loop remain to be addressed for functional safety of an autonomous vehicle, the loss of important sensory cues that can help with the diagnosis of mechanical degradation and failure is also a critical aspect to be analyzed.

When the driver is replaced by an automated driver, there is not necessarily a capability for the computerized driver to detect non-electronic faults that a normal driver would notice, such as abnormal noises, vibrations, smells, etc. Also, an automated driver will not necessarily drive the car to deliberately impose conditions that might help diagnose these problems. For example, a human driver might generate steering inputs that could help diagnose whether the vehicle is experiencing a handling problem. These facts make it extremely challenging to diagnose non-electronic faults in autonomous vehicles. In term of fault diagnosis for autonomous vehicle functional safety, few researchers have proposed diﬀerent concepts. Reschka et al. proposed a concept of a surveillance and safety system for autonomous vehicles, focusing on

5 functional degradation monitoring and mitigation [37]. Molina et al. have proposed a design strategy to design the autonomous vehicle at architectural level for improved vehicle safety [38, 39].Pimentel and Bastiaan characterized the safety concept for autonomous vehicles and discussed fault tolerant techniques and a fault containment protocol for the perception system [40]. No references can be found that are related to fault diagnosis of mechanical degradation and failure for the autonomous vehicle functional safety.

While vehicle safety is critical for conventional and autonomous vehicles, maintenance is another important aspect of vehicles, especially for advanced vehicles such as autonomous vehicles. Advances in wireless communications and increase in consumer interest provide motivation for developing Remote Diagnosis and Maintenance

(RD&M) [41]. Autonomous vehicles are designed to achieve higher level of automation, connectivity and mobility, which imposes more challenges and requirements on vehicle maintenance without human drivers supervision. For autonomous vehicles, the chassis mechanical parts degradation and failure not only add cost to maintenance but can negatively aﬀect vehicle performance in advanced automation functions, including lane keeping, lane change and automatic emergency brake, etc. Thus, diagnosing chassis mechanical degradation and failure is critical for autonomous vehicle maintenance and performance. The well-known on-board diagnostics (OBD) system has been developed and deployed focusing on vehicle emission regulation. It does not address diagnostic problems related to vehicle maintenance, including chassis mechanical and electro-mechanical degradation or failures. Traditional maintenance and repair typically occur in the repair shop when the human driver notices abnormality of the

6 vehicle or the vehicle experiences severe failures that terminate vehicle normal operation. For an autonomous vehicle ﬂeet, these scenario should be prevented since the service termination due to maintenance and repair can greatly aﬀect both the customer experience and the companies interest. On the other hand, early warning and indication of the requirements for maintenance and repair would potentially reduce the maintenance cost and prevent catastrophic failure. However, there are no warning indicators or systems in modern production vehicles that can monitor and detect degradation and failures in the vehicle chassis mechanical components and systems. Pattipatti et al. proposed model-based diagnostic approach for vehicle system monitoring, diagnosis and maintenance, with focus on brake system [42]. Taie et al. described a way of performing remote prognosis, diagnosis and maintenance using data-driven methods [43], which requires continuous vehicle data transmitted through wireless communications for training data-driven models. Kohl et al. presented automotive software diagnosis and maintenance strategy using multivariate split analysis

[44]. In [45], the current state-of-the-art of diagnosing faults in the vehicle embedded control system is demonstrated, without information of either on-line or oﬀ-line diagnosis of mechanical fault in a vehicle. Sanseverino et al. described the experience of developing diagnostic expert systems for model-based diagnosis of faults in a variety of automotive electronic subsystems [46]. Knapp et al. demonstrated a remote diagnosis and maintenance system for wheel misalignment detection through network communication between local in-vehicle computer for data collection and transmission and remote computer for decision making [47]. McQuade et al. proposed a concept of collecting data from a vehicle and using the data to diagnose mechanical

7 problems with the vehicle, collecting quotes for the required repair, without specify- ing the methods of diagnosing the mechanical faults [48]. None of these references speciﬁcally address the diagnosis of mechanical degradation and failures in vehicle chassis system. Dolgov and Urmson described a system and method of controlling a vehicle such that the amount of wear on a component of the vehicle is determined, followed by mitigation of further wear [49]. This method requires additional sensors including brake wear sensor and tread wear sensor for monitoring brake wear and tire wear, respectively.

For vehicle chassis system diagnosis, people have proposed diagnostic strategies and methods for a variety of the subsystems including suspension, steering and brake system. Researchers have mostly focused on electric/electronic components and subsystems, rather than mechanical objects. Isermann et al. [50, 51] studied the diagnosis of sensor faults, tire pressure supervision and solenoid valve malfunction in the vehicle suspension and hydraulic brake systems through parameter estimation, neuron networks and parity equations. Arogeti et al. [52] analyzed the sensor faults, parametric faults and hardware failure in the hydraulic steering system. Diagnosis of automotive antilock braking systems (ABS) using integrated model-based and data- driven approach is proposed by Luo et al. [53], in which ABS sensor fault, tire radius change, tire inertia change, incorrect gain between brake torque and brake pressure and change in the time constant of master cylinder are the faults to detect and isolate.

Sensor fault detection in steer-by-wire system has also been analyzed [54, 55]. Pisu et al. [56, 57, 58, 59, 60] proposed a framework to do fault detection and isolation (FDI) to reduce computational eﬀort, using the brake caliper force sensor fault diagnosis as an example. The proposed methodology is not applicable to the mechanical faults,

8 which aﬀect the behavior of several/all subsystems at the same time, such as backlash in steering system or a bent tie rod. In [61], a fault detection and identiﬁcation scheme is applied to actuator and sensor faults in a vehicle steering system using sliding mode observer and state machine. Yu and Wang presented a model-based fault diagnosis and prognosis approach for vehicle steering system focusing on parametric faults, sensor faults and electric motor mechanical faults [62]. In [63], the authors developed a model-based diagnostic scheme for detecting and isolating faults in yaw rate sensor, steering motor current sensor and steering angle sensor. Ghimire et al. presented an integrated model-based and data-driven diagnostic approach for detecting friction change, motor armature resistance increase and torque sensor malfunction in electric power steering system (EPAS) [64]. Perisho and Deasy proposed a wheel alignment system to detect and correct wheel misalignment [65]. This method requires road wheel angular position sensor that is unavailable in production vehicles. Wolf and

Eiﬄaender presented a method of diagnosing rotating component damage in vehicle chassis by determining mechanical impedance of the transmission chain [66]. For conventional vehicles, diagnosis of chassis mechanical degradation and failures relies on technicians during vehicle maintenance and repair process. The autonomous vehicles must perform self-diagnosis of any mechanical degradation and failures that are safety-related or can aﬀect vehicle performance and maintenance cost. Any potential risks of accidents or termination of service need to be avoided for consumer safety and satisfaction.

9 1.2 Contributions of this Dissertation

This dissertation makes a number of methodological and practical contributions to the literature and to the understanding of functional safety and fault diagnosis of automotive systems. Based on structural analysis, the interconnections between faults, system inputs, outputs and measurements are analyzed to determine diagnosability of faults in a systematic way. Further, vehicle lateral motion and vertical motion are decomposed to augment diagnostic system design for detecting and isolating faults associated with vehicle steering system and suspension system, based on a few assumptions. To design diagnostic scheme using model-based approaches, proper representation of the system through physics-based model is required. To determine appropriate ﬁdelity of the system model, simulation comparison of models with different ﬁdelity is applied with consideration of the autonomous vehicle operational design domain (ODD). A novel diagnostic scheme is proposed for mechanical faults in vehicle steering system using simultaneous input, state and parameter estimation.

Model-based diagnosis methodology is used to diagnose the electric traction resolver fault for hybrid electric powertrain torque security. A torque converter model is used to estimate the motor speed independent from the motor speed measurement. Further, a residual is derived by comparing the estimated motor speed with the resolver measurement. To evaluate the residual for diagnostic decision making, adaptive threshold detection is utilized together with cumulative sum (CUSUM) algorithm. The accuracy and eﬃciency of the diagnostic strategy are assessed through simulation validation augmented with experimental data. In addition, a fault tolerant control scheme is proposed to guarantee vehicle safety and performance in the presence of the resolver fault.

10 In addition to electric traction drive resolver fault, this dissertation also addresses mechanical degradation and failure related to autonomous vehicle steering system. To diagnose the mechanical faults, mathematical models representing the physical system properties will be used and augmented by sensory data. Specifically, the mathematical model provides insight to the system dynamics through the design parameters and structure of the physical system, while sensory data contains useful information of the operating condition, environmental factors, as well as the uncertainties within the system dynamics. By analyzing the mathematical model dynamic response and the system behavior characterized by sensory data, degradation and failure in the system can be quantified and localized through the diagnostic design. Particularly, the designed residuals are evaluated using measurement data for anomaly detection. In this way, the model-based residual design contains information of the system behavior that can be interpreted by first principles while data-driven anomaly detection using the design residuals takes into account uncertainties in the system and modeling process as well as measurement noise.

1.3 Organization of this Dissertation

The rest of this dissertation is organized as follows.

Chapter 2 discusses functional safety and diagnostic challenges for conventional vehicles and autonomous vehicles. For conventional vehicles, the functional safety standard ISO 26262 provides a framework for safety requirements determination and the diagnostic system design. However, the functional safety standard for autonomous vehicle has yet been developed due to higher automation and complexity in the automated functions. One of the diagnostic challenges comes from the fact that there

11 is no human driver in a fully autonomous vehicle, which imposes great challenges in diagnosing faults, especially mechanical faults in an autonomous vehicle. In addition, the implementation of fault diagnosis in a systematic way is presented with summary of general model-based diagnostic methods. Following the systematic diagnosis approach starting from hazard analysis and risk assessment (HARA) and failure modes and eﬀect analysis (FMEA), one can design a bottom-up diagnostic scheme. The structural analysis provides a guideline for the design of residual generator based on system structure. The implementation of the residual generator can be achieved by using state observers, parity equations and parameter estimation.

Chapter 4 presents fault diagnosis in electriﬁed powertrain with the particular application to electric traction drive resolver diagnosis. The diagnosability of the resolver fault is analyzed using structural analysis, which addresses the suﬃciency of residual generation with a torque converter model. With motor torque request and turbine speed measurement, the torque converter model is able to accurately estimate motor speed independent from motor speed measurement. Moreover, model validation is performed using experimental data. Residual for resolver fault diagnosis is derived by comparing the estimated motor speed with the motor speed measurement from the resolver. Diagnostic decision is made through Cumulative sum (CUSUM) and adaptive threshold detection with sensitivity to fault and robustness to measurement uncertainty.

Chapter 3 discusses fault diagnosis of electric traction resolver fault in all-wheel drive electric vehicles (AWD EVs). The detectability and isolability of the resolver faults and wheel speed sensor faults are determined using the structural analysis.

Further, diﬀerent vehicle drive scenarios are studied focusing on tire slip conditions

12 of variety. Based on the drive scenarios, a diagnostic decision logic is proposed for diagnosing the resolver fault in all-wheel drive electric vehicles. Residuals based on the diagnostic logic are designed for detection and isolation of the resolver fault and wheel speed sensor fault. The process of residual evaluation is done by threshold detection and CUSUM algorithm.

Chapter 5 demonstrates the process of applying diagnostics to mechanical failure and degradation in automated vehicle chassis system.

Chapter 6 summarizes the results of the dissertation, and gives pointers to future research that can be based on this exemplary work.

13 Chapter 2: Background

Safety is one of the key issues of future automobile development with new function- alities related to vehicle system safety in areas such as driver assistance, propulsion, vehicle dynamics control and active and passive safety systems [67]. These func- tionalities require safe system design and development processes to achieve desired safety goals. With the high complexity growth in safety-related electrical/electronic

(E/E) systems, software content and mechatronic implementation, the risks emerge increasingly from systematic and random hardware failures [68].

2.1 Automotive Functional Safety

To ensure automotive functional safety, the automotive industry has developed its own functional safety standard ISO 26262, titled Road vehicles-Functional safety, which addresses functional safety requirements for the development and integration of safety-critical systems in road vehicles [69, 70]. As an adaptation of IEC 61508, ISO

26262 deﬁnes functional safety and life cycle management for road vehicle activities during the safety lifecycle of safety-related systems comprising of electrical, electronic, and software elements that provide safety-related functions. According to the standard, functional safety is referred to as absence of unreasonable risk associated with each hazardous event caused by malfunction in the electric or electronic system. ISO

14 26262 includes guidance to avoid potential risks by providing feasible requirements and processes. Figure 2.1 shows the product development process from ISO 26262.

It provides the automotive safety lifecycle and provides the Automotive Safety In- tegrity Levels (ASILs), which helps classify the severity of risks. Fault diagnosis is critical for product development at software level through integration of diagnostic strategy design into the v-cycle. Further, functional safety requirements are deﬁned in the concept phase, which provides guidance and motivation for diagnostics design.

Particularly, in the concept phase, Hazard Analysis and Risk Assessment (HARA) is performed to identify the functional safety requirements for a safety-related item.

From diagnostics perspective, performing the HARA is an important preliminary step before diagnostics design to understand the fault impact and to determine safety goals for specific item from component level to system level. In addition to HARA as a top-down approach, Failure Modes and Effects Analysis (FMEA), a bottom-up approach, is also a useful tool to analyze possible causes and consequences of the failures modes for a specific item. From HARA and FMEA, functional safety concept, as a subphase of the concept phase in ISO 26262, can be defined to specify the functional safety requirements to meet safety goals. The functional safety concept specifies safety mechanisms by addressing the following (ISO 26262 Part 3 8.2):

• Fault detection and failure mitigation;

• Transitioning to a safe state;

• Fault tolerance mechanisms, where a fault does not lead directly to the violation

of safety goals and which maintains the system in a safe state (with or without

degradation);

15 • Fault detection and driver warning in order to reduce the risk exposure time to

an acceptable interval (repair request, stop request); and

• Arbitration logic to select the most appropriate control request from multiple

requests generated simultaneously by diﬀerent functions.

Figure 2.1: Overview of the ISO 26262

As can be seen in Figure 2.1, fault diagnosis plays a signiﬁcant role in the product development phase through diagnostic software design. To achieve the safety mechanisms proposed by ISO 26262, a systematic design of diagnostics and fault tolerance is necessary to meet vehicle functional safety requirements. Further, with higher automation in the modern vehicle development, a self-diagnosis system for the automated functions becomes indispensable. On the other hand, the functional safety standard for traditional vehicles, ISO 26262, is not enough for autonomous vehicles.

16 Ethics considerations are one of the issues that make it challenging to adapt ISO

26262 to autonomous vehicles. In the way of design for ISO26262, there is a chance that there could be human error in decision-making that might lead to catastrophic consequences [39]. Considering autonomous vehicles being signiﬁcantly safety-critical, such a chance of risky decision-making by an automated driver must be prevented.

2.2 Diagnostic Challenge for Automated Vehicles

With increasingly higher automation in vehicles, as shown in Figure 2.2 [71], fault diagnosis becomes more important with the evolution of automatic functions. Nowa- days, the vehicle is evolving to level 2, level 3 automation. For example, GM Super

Cruise achieves hands-oﬀ experience for human drivers with automatic functions such as adaptive cruise control and lane keeping. As automation evolves, vehicles are increasingly relying on automatic functions, increasing the need to design diagnostic capabilities that are more advanced to fulﬁll the requirements of such features.

From the functional safety standard perspective, safety goals are not easily speci-

ﬁed for automated vehicles. It is also challenging to verify that the lower level safety concepts are complete with respect to the higher-level safety concept, as required by

ISO 26262 [72]. This implies ISO 26262 does not provide complete guidance to verify the functional safety of automated vehicles especially those with high level automation functions. Also, there is a gap between safety goal and functional safety requirements for automated vehicles if only using ISO 26262 as guidance. Some systems in the automated vehicles rely on environment perception such that there can be potential risks and hazardous events caused by the intended functionality or performance limitation of a system free from the faults covered by ISO 26262 [73]. The limitations of

17 Figure 2.2: Automation in vehicles (courtesy of Qadeer Ahmed)

ISO 26262 include the inability of the function to correctly understand the situation and operate safely. In particular, the automated functions that use machine learning algorithms tend to be non-deterministic, which makes it challenging to validate the system compared with conventional vehicles [36].

In general, automated vehicles introduce new challenges to insuring vehicle functional safety. Especially for highly automated vehicles or autonomous vehicles, where the human driver is replaced by an automated driver, the possibility of human intervention in a dangerous situation is reduced, or completely missing. The fact that the human driver is out of loop makes automation functions signiﬁcantly more complex in order to deal with edge cases. Moreover, without design and integration of more advanced diagnostic system, it becomes more challenging to diagnose non- electric/electronic component degradation and failures perceptible to the ﬁve human

18 senses. Speciﬁcally, in automated vehicles, when the driver is replaced full-time by an automated driver, the capability of the computerized driver to detect mechanical fault, faults that a human driver would physically perceive as abnormal noises, vibrations, etc. is lost. When human drivers notice mechanical problems with a car over the course of normal driving, sometimes they deliberately drive the car in such a way as to exaggerate the symptom, so as to isolate the conditions under which it occurs and to help isolate it to the suspected cause. However, an automated driver will not necessarily drive the car to deliberate conditions that help diagnose these problems. Diﬀerent from the vehicle powertrain, where electronic control system and on-board diagnosis system are broadly utilized, vehicle chassis system are not typically equipped with sensors and systematic diagnostic schemes to monitor mechanical failure and degradation. Thus, automated vehicles impose new challenges in diagnosing mechanical degradation and failures. On the other hand, diagnosing mechanical degradation and failures in the automated vehicle chassis system is critical for vehicle safety, performance and ride comfort. In particular, the component level failure and degradation in the vehicle chassis system can be closely correlated with vehicle safety, performance and ride comfort. For example, a broken tie-rod can lead to steering performance degradation through increased yaw delay and delayed lateral acceleration build. If the automated vehicle is deploying a lane change maneuver to do obstacle avoidance, a broken tie-rod may result in dangerous situation, even accidents. In addition, the passenger in an automated vehicle passing over a bump can experience extreme jounce and rebound with a degraded coil spring in the vehicle suspension, which compromises the ride comfort. The safety and performance

19 requirements make it necessary for the automated vehicle to do self-diagnosis of the mechanical degradation and failures.

2.3 ISO/PAS 21448 Standard - Road Vehicles- Safety of the Intended Functionality (SOTIF)

The standard ISO/PAS 21448 is an extension of ISO 26262 and it deﬁnes the

Safety of the Intended Functionality (SOTIF) as the absence of unreasonable risk due to hazards resulting from functional insuﬃciency of the intended functionality or by reasonably foreseeable misuse by persons [73]. This standard can be applied to intended functionality where proper situational awareness is critical to safety. The awareness can be obtained by sensors and algorithms to achieve robust risk mitigation in perception and behavioral decision making, or local motion planning. In particular, the intended functionality includes emergency intervention systems (e.g. emergency braking systems) and Advanced Driver Assistance Systems (ADAS) with levels 1 and

2 automation. This also implies the standard does not address safety challenges for vehicles with higher-level autonomy. In addition, the intended functionality or safety features, such as emergency braking, lane keeping and lane change, may experience malfunction due to defects in the system. Further, degradation and failure related to vehicle steering, suspension and chassis system can trigger hazardous event with the safety features engaged. This dissertation talks about methods for doing advanced diagnostics that is consistent with functional safety standards and consistent with the requirements for vehicles with advanced automation and functions. It may become critical for vehicles to perform self-diagnosis before being able to deliver automated functions, such as lane keeping and adaptive cruise control, etc. That is, the availability of the automated functions needs to be veriﬁed through design of diagnostics

20 in a systematic way. As a critical part of the self-diagnosis, vehicle steering system and suspension system play an important role in assuring the functionality of automated functions. Diagnosing mechanical degradation and failure is critical not only for vehicle safety but for the performance of the automated functions.

2.4 Objectives of This Dissertation

Due to higher vehicle electriﬁcation and automation as well as driver out-of-loop in automated vehicles, future vehicles present a new set of diagnostic challenges.

One of the objectives of this dissertation is to present a systematic fault diagnostic methodology for solving some of these diagnostic challenges. Fault diagnostic schemes need to be designed for speciﬁc application in advanced vehicles. In order to provide guidance in the design of the fault diagnostic scheme, we present a framework on model-based diagnostic system software development. For safety-critical faults, a safety goal needs to be identiﬁed based on hazard analysis and risk assessment

(HARA). Diagnostic requirements can be determined accordingly before diagnostic system design. For faults that are related to vehicle performance and maintenance, a similar procedure can be followed starting from failure modes and eﬀect analysis (FMEA). Moreover, we review model-based diagnosis methods for achieving the safety goal or diagnostic requirements in general. Some of these methods are then demonstrated in the dissertation, in applications related to hybrid electric vehicle and autonomous vehicles in Chapters 3, 4 and 5.

The procedure of developing model-based software for automotive diagnosis typically follows the V-diagram, as shown in Figure 2.3, in which the automated functions are speciﬁed as well for automated vehicle diagnosis. This dissertation focuses on the

21 ﬁrst four steps of this procedure, which includes diagnostic system requirement definition, plant and fault modeling, diagnostic strategy design and model-in-the-loop test. For the safety critical faults, there are instructions from ISO 26262 for designing diagnostics that comply with functional safety requirements. In terms of faults that are related to system performance, quality and reliability, Failure Modes and Eﬀect

Analysis (FMEA) provides a systematic way of studying the fault and its eﬀect, which is useful for diagnostic system design.

Figure 2.3: Model-based software development for automotive fault diagnosis

22 2.5 Hazard Analysis and Risk Assessment (HARA)

In the concept phase of ISO 26262, the item is deﬁned and all the interactions

that the item has with other items and the environment are described, such that

the automotive safety life cycle can be initialized. Once the item is deﬁned, hazard

analysis and risk assessment (HARA) need to be performed. The objective of the

HARA is to recognize and categorize the hazards that can be induced by the item.

To avoid unreasonable risk, the HARA is also used to formulate the safety goals

related to the prevention or mitigation of the hazardous events[74].

For each considered hazard, an Automotive Safety Integrity Level (ASIL) is as-

signed, utilizing the combination of the estimated potential severity of the resulting

harm S, frequency of exposure E (occurrence of a hazardous event), and controllability C (the ability to avoid harm or damage through timely reactions of the persons

involved). A risk R is described as a function F in terms of severity, exposure and controllability: R = F (S,E,C). According to the automotive functional safety standard

ISO 26262, the estimation of potential severity for a speciﬁc hazard can be determined

based on Table 2.1. The probability of exposure in each operational situation shall

be assigned to one of the probability classes E0, E1, E2, E3 and E4, according to

Table 2.2. The controllability of each hazardous event can be assigned to one of the

controllability classes according to Table 2.3. An example of the HARA for an electric

traction drive resolver is given in Table 2.4, in which the resolver is typically used to

measure the electric motor shaft speed for electriﬁed powertrain control. Based on

the HARA results, the resolver failure may lead to safety issue of the vehicle such

that diagnosing the resolver fault becomes necessary to achieve the safety goal, that

is, avoiding unintended acceleration or deceleration of the vehicle.

23 Class S0 S1 S2 S3 Description No injuries Light and Severe Life- moderate and life- threatening injuries threatening injuries (sur- injuries (sur- vival uncer- vival proba- tain), fatal ble) injuries

Table 2.1: Classes of severity

Class E0 E1 E2 E3 E4 Description Incredible Very low Low proba- Medium High prob- probability bility probability ability

Table 2.2: Classes of probability of exposure regarding operationg situations

Class C0 C1 C2 C3 Description Controllability Simply con- Normally con- Diﬃcult to in general trollable trollable control or uncontrollable

Table 2.3: Classes of controllability

Potential con- Potential Potential causes Recommend Item sequences of S E C ASIL Safety goal failure mode of failure action failure Avoid unin- Unintended vehi- Manufacturing Design fault di- Oscillation in tended vehicle motion; short- error; unequal agnosis and fault Resolver the resolver 2 2 3 A cle accelera- ened lifespan of inductances in tolerant control measurement tion or decel- the driveshaft the resolver strategy eration

Table 2.4: Hazard Analysis and Risk Assessment for Electric Traction Drive Resolver

24 2.6 Functional Safety Concept and Technical Safety Concept

For each hazardous event evaluated in the HARA, a safety goal needs to be determined as the top-level safety requirements, which lead to the functional safety requirements for avoiding an unreasonable risk. Safety goals are expressed not in terms of technological solutions, but in terms of functional objectives [75]. Following the safety goals, functional safety concept can be determined to specify functional safety requirements and to allocate them to the preliminary architectural elements

(sensors, controllers, actuators) of the item (systems) or to external risk reduction measures in order to ensure the required functional safety. The functional safety concept includes speciﬁcation of the basic safety mechanisms and safety measures in the form of functional safety requirements. From the vocabulary in ISO 26262, safety mechanisms are technical solutions implemented by E/E functions or elements, or by other technologies, for fault detection and failures control in order to achieve or maintain a safe state.

Following functional safety concept, the last section of the concept phase in ISO

26262, technical safety concept needs to be speciﬁed for product development at the system level. The objective of the speciﬁcation of technical safety concept is to specify the realization of the functional safety concept considering the functional concept and the preliminary architectural design [76]. Further, one needs to verify that the technical safety requirements comply with the functional safety requirements. The technical safety requirements shall specify safety mechanisms including [69]:

• the measures related to detection, indication and control of faults in the system

itself (self-monitoring of the system or elements)

25 • the measures related to detection, indication and control of faults in external

devices interacting with the system

• the measures that enable the system to achieve or maintain a safe state

• the measures to detail and implement the warning and degradation concept

• the measures that prevent faults from being latent

An example of the technical safety concept for a model-based fault diagnosis system is given in Figure 2.4. In this scheme, the technical safety requirements include:

• Models should be accurate enough to capture the plant dynamics

• The diagnostic system should have analytical redundancy for residual generation

• The fault diagnosis unit should apply appropriate algorithms to for fault detec-

tion and isolation as well as disturbance rejection

• The residual evaluation process should use appropriate statistical techniques for

making accurate diagnostic decision

• The fault tolerant control/fault mitigation strategies should be able to achieve

or maintain a safe state in the presence of faults, by compensating the input or

by transferring the system to other state/operation modes

2.7 Failure Modes and Eﬀect Analysis (FMEA)

While HARA focuses on safety hazards, the scope of Failure Modes and Eﬀect

Analysis (FMEA) includes safety as well as performance, quality and reliability.

26 Figure 2.4: Example of technical safety concept for a model-based fault diagnosis system

FMEA is an inductive method for studying the failure modes of the system components, as well as the causes and the eﬀects on the system in a systematic way.

Starting from the basic structure of the system and the system elements related to the failure modes and causes, it is feasible to analyze the fault propagation through the system and to understand the eﬀects on system performance [77]. FMEA is useful for identifying the failure modes that have a signiﬁcant impact on safety, reliability, availability and maintainability of a system. It also provides guidance for fault detection and isolation. An example of the FMEA for vehicle front suspension is shown in

Table 2.5, with focus on mechanical degradation and failures. Some of these degradation and failures are not safety-critical but they can have signiﬁcant impact on vehicle performance, quality and reliability, which are also within the scope of FMEA.

The fundamental concept of fault diagnosis consists of three tasks [78]:

27 Item Failure Mode Eﬀects

• Wheel hop Loss of damping; Shock sticky • increased roll angle for given lateral acceleration

• Wheel hop Large change in stiﬀ- Spring ness • increased roll angle for given lateral acceleration

• Wheel hop

Loose ball joint • increased roll angle for given lateral acceleration Lower control arm • Wheel hop Large change in bushing stiﬀness • increased roll angle for given lateral acceleration

• Delayed lateral acceleration build

Loose strut mount; • increased yaw delay Suspension strut sticky strut mount • Increased steering wheel angle vs. torque build-up hysteresis

• Delayed lateral acceleration build

• Decreased yaw delay Camber misalignment • Increased bump steer and torque steer

Caster misalignment • Reduced wheel aligning torque Wheel

• Increased vehicle rut wander

• Lateral acceleration washout af- Toe misalignment ter weight transfer

• Poor straight-line stability

Table 2.5: FMEA for vehicle front suspension

28 • Fault detection: indicate the occurrence of faults and the time of detection

• Fault isolation: classiﬁcation and localization of diﬀerent faults

• Fault identiﬁcation: determination of the size of the faults and their time-variant

behavior

General fault diagnosis approaches can be divided into two categories: model- based approaches and data-driven approaches. In both categories, there are quantitative methods and qualitative methods. In model-based fault diagnosis, quantitative methods include observer-based methods, parity space methods and parameter estimation methods; qualitative methods include qualitative physics based method, fault trees and digraphs. In data-driven fault diagnosis, quantitative methods are neural networks and statistical approaches (pattern recognition and machine learning); qualitative methods include expert system approaches and qualitative trend analysis

(QTA) [79]. To better explain the motivation and fundamental concepts of model- based fault diagnosis approaches, we ﬁrst have a review of some traditional fault diagnosis methods.

• Physical redundancy based fault diagnosis: physical redundancy (also called

hardware redundancy) is used for fault diagnosis when there is redundant hard-

ware or measurement device to monitor a process. When the process output is

diﬀerent from the output of the redundant hardware or measurement, a fault

alarm can be triggered. This is a straightforward approach for diagnosis, but

it typically adds cost, for example by adding redundant sensors. Further, the

redundant hardware is not guaranteed to be fault-free, depending on the relia-

bility of speciﬁc hardware components or devices.

29 • Signal processing based fault diagnosis: some mathematical or statistical tools

can help analyze the measurements to obtain information about faults of in-

terest. Speciﬁcally, time domain, frequency domain or time-frequency domain

analysis can be performed to detect change due to faults in magnitudes, mean,

standard deviation, spectral density, etc.

• Plausibility test: the plausibility test is applied by checking the input and output

of a process with physical laws, in which a fault would break the plausibility.

There is limitation of the plausibility test in fault diagnosis in a complex system

[78].

The idea of model-based fault diagnosis is using a mathematical model to provide so-called analytical redundancy (or software redundancy) for consistency check between model and system outputs in a process.

2.8 Model-based Diagnosis Approaches

Fault detection using mathematical models have been proposed with diﬀerent approaches. The underlying logic is using the analytical redundancy concept.

2.8.1 Analytical Redundancy

Redundancy is very useful for fault diagnosis by providing extra information of the system for consistency check, either between measurements of the system behavior or between measurements a model predicting the system behavior. The former consistency check is performed using physical redundancy or hardware redundancy while the latter one is utilizing the so-called analytical redundancy. For example,

30 dual redundant sensors for measuring the same variable provides the physical redundancy for diagnosing the sensor faults. One can also develop a mathematical model as the representation of a physical system to compare the predicted behavior with the actual system behavior. In this case, the analytical redundancy concept is utilized for fault diagnosis. Physical redundancy is simple to implement but it adds more cost to real world applications. In contrast, the concept of analytical redundancy is more cost eﬀective though it requires domain knowledge for modeling the system behavior. Model-based diagnosis using the concept of analytical redundancy consists of two fundamental steps as shown in Figure 2.5 [50].

Figure 2.5: Two fundamental steps in model-based diagnosis using analytical redundancy

2.8.2 Structural Analysis

In recent years, much attention has been paid to structural methods for fault diagnosis. Structural methods are based on the use of graphs to analyze redundancies that can be used for system diagnosis and for control reconﬁguration. The concept and structural theory of bi-partite graphs have been introduced by Dulmage and

Mendelsohn [80, 81, 82]. Then structural concepts have been used to decompose large systems for the convenience of solving the system equations [83, 84]. Lin [85, 86]

31 has proposed the concepts of system structural controllability and observability. A quantitative generalization of these concepts is applied in the analysis of the electrical system by Lagonotte et al. [87], and graph theoretic approaches have also been proposed to analyze multivariable control systems [88, 89].

For the structural analysis applications in the area of fault diagnosis, Negrini et al. [90] have proposed the idea of identifying some properties allowing to locate possible sources of errors or of faulty behavior from the structure of control flow and of relationships among variables in a program as far back as 1983. Chang et al. [91] have used several examples to study the diagnostic observability through the system structure. Staroswiecki et al. [92, 93, 94] have presented a structural approach to study the monitoring ability on large scale systems. Structural analysis has also been presented to do fault diagnosis with disturbance rejection [95]. Gertler et al. [96, 97] have developed the procedure for the design of structured residuals for failure detection and isolation. Cocquempot et al. [98] have used structural approach to extract analytical redundant relations (ARRs) to generate residuals for the ship benchmark. Structural concepts have also been used to analyze system reconfigurability [99], which provides an effective way of fault-tolerant control system design [100]. Examples and application can be found in [101, 102, 103]. Cordier et al. [104] have compared the FDI analytical redundancy approach based on structural concepts and the Diagnosis (DX) consistency-based logical approach used in the area of artificial intelligence, since the concepts in these two fields are similar to some extent. Bond-graph as a system modeling tool has been used for fault diagnosis through the system structure under a graphical form similar to structural analysis

[105].

32 Structural analysis has been recently utilized in sensor placement analysis [106],

ﬁnding minimum subsets of system equations for maximum diagnosability [107], and

in active diagnosis for fault isolation [108, 109, 110, 111]. Haﬀaf et al. [112] have pro-

posed an optimization algorithm to select better matchings with respect to physical

considerations and FDI. Zhang et al. [4, 113, 114, 115, 116] have applied the struc-

tural analysis on fault diagnosis in vehicle systems. Frisk et al. [117] have developed

a toolbox to apply structural analysis in model-based diagnosis systems. In summary,

the ﬁeld of structural FDI is well developed but there are still many open problems,

some of which are the subject of this research.

Structural Model

Structural analysis can be used for fault detection and isolation in a system by

extracting the structural information contained in the system model, i.e. the in-

terrelations between variables and equations [107]. Structural analysis represents a

system through its structural model using bipartite graph or Incidence Matrix [114].

The deﬁnitions of bipartite graph and Incidence Matrix are given as follows:

Deﬁnition 2.1 The structural model of the system (C, Z) is a bipartite graph

(C, Z, E), where C, Z, E represent the system constraints, variables and edges [80].

E = C × Z is the set of edges deﬁned by E = (ci, zi), which implies the variable zj appears in constraint ci [114]

The variables in a system can be categorized as known variables and unknown variables. The known variables include known system inputs, sensor measurements and known parameters. Unmeasured system states and unknown system inputs including disturbance in the system model are unknown variables.

33 Deﬁnition 2.2 Structural model by Incidence Matrix: the structural model represented by an Incidence Matrix is a matrix where the number of rows equals to the number of constraints |C|, and the number of columns is equal to the number of

variables |Z|. The i-th row, j-th column element (ci, zj) of the Incidence Matrix is

deﬁned as follows [80]:

(ci, zj) = 1, if the variable zj appears in the constraint equation ci;(ci, zj) = 0, otherwise.

An example of a structural model by bipartite graph and incidence matrix is given for the system described in equation (2.1):

e1 :x ˙ 1 = a1x1 + b1x2 + c1x3 + u1

e2 :x ˙ 2 = a2x1x2 + u2

e3 :x ˙ 3 = a3x2x3 + b2x3 (2.1)

e4 : yx1 = x1

e5 : yx2 = x2

In the above system, x1, x2 and x3 are system states, which are unknown variables. u1 is an unknown input while u2 is a known input ot the system in equation (2.1).

yx1 and yx2 are sensor measurements of the states x1 and x2, respectively, which are

also known variables. a1, a2 and a3 are system parameters.

The bipartite graph of the system given in this example is shown in Figure 2.6,

where one can clearly observe the connections between variables through edges (con-

straints). The structural model by Incidence Matrix in this example is given in

Table 2.6.

34 Figure 2.6: Example of Bipartite graph

Redundancy in a structural model

Redundancy exists when there are more equations than unknown variables in a system. This redundancy can be extracted in the form of analytical redundancy relations based on the constraint equations in which all the unknown variables can be solved through other constraint equations as well as known variables. The deﬁnition of analytical redundancy relations is given below:

Deﬁnition 2.3 An analytical redundancy relation R in a structural model is a

constraint equation that involves only the known variables K, including some or all

of the sensor measurements Z and known inputs U, after eliminating the unknown

variables X , namely, R(K) = 0, K ⊂ Z ∪ U [106, 108, 111]. Redundancy exists

35 Unknown Variables Known Variables

Constraints x1 x2 x3 u1 u2 yx1 yx2 e1 1 1 1 1 e2 1 1 1 e3 1 1 e4 1 1 e5 1 1

Table 2.6: Example of Incidence Matrix

when all the unknown variables can be solved through constraints in a system or a subsystem, where the rest of the constraint equations can be used as redundancy relations. These redundancy relations contain some of the solved unknown variables for consistency check. When the constraint equations, redundancy relations, do not hold, it indicates the occurrence of fault in the considered system or subsystem.

Structural Analysis for Fault Detectability and Isolability

A structural model can be simpliﬁed using a mathematical decomposition method,

Dulmage-Mendelsohn (DM) Decomposition, for the convenience of diagnosability analysis [81, 106]. The fundamental concept of DM Decomposition is that the constraint equations and variables in a system can be classified into three different subsets where there are different number of equations relative to the number of unknown variables indicating different degree of redundancy in each subset [118]. These three subsets are defined as follows (also shown in Figure 2.7):

1. Under-determined set U −: there are fewer equations than unknown variables.

2. Just-determined set U 0: there are equal number of equations as the number of

unknown variables.

36 3. Over-determined set U +: there are more equations than unknown variables.

Figure 2.7: Dulmage-Mendelsohn (DM) Decomposition of a Structural Model

According to Krysander et al. [106], a fault is structurally detectable in a model if it resides in the over-determined set U +. This is because there are more equations than unknown variables, providing redundancy for detecting the faults within this over-determined set. For the abovementioned structural model example of system

1 given by Figure 2.6 and Table!2.6, there exist two just-determined sets deﬁned by equation e1 and equation e3, and one over-determined set governed by equations

37 Figure 2.8: DM Decomposition of System 1

e2, e4, e5, as shown in Figure 2.8. This implies any fault in the over-determined set can be detected by the redundancy relation in it. Each equation in this subset can be used as a redundancy relation. For example, if there is a sensor fault in the sensor equation e4, the equation e2 can help check the consistency between variable

x1 (calculated through equations e2, e5) and sensor measurement yx1 to detect the sensor fault. The deﬁnition of structurally isolability is given as follows [102]:

A fault fi is structurally isolable from fj in the structural model U if fi lies in the structurally over-determined set of the model after removing the constraint equation

38 + efj that fj appears: fi ∈ (U/efj ) . Take the system 1 as an example, if the faults

considered are sensor faults in equation e4 and e5 given as follows:

e4 : yx1 = x1 + f1 (2.2)

e5 : yx2 = x2 + f2

Where f1 and f2 represent the faults in sensor measurement of unknown variable x1 and x2, respectively. After removing e5 where f2 appears, f1 lies in the just- determined set, which has no redundancy. Thus, in this example, fault f1 and f2 are not structurally isolable from each other.

Sequential Residual Generation by Structural Analysis

To design diagnostic schemes, the concept of sequential residual generators is proposed. A sequential residual generator is a set of equations that contain analytical redundancy, where the unknown variables are solved by some of the equations and the redundant equations are used to design diagnostic algorithm for fault detection and isolation [119]. The sequential residual generators can be found using the structural analysis. Specifically, one can find diagnosis tests, which are overdetermined subsystems where one or more specific faults can be detected. Also, different diagnosis tests can have different sensitivity to different faults, providing the capability of fault isolation. To find the diagnosis tests in an efficient way, according to Krysander et al. [106], the concept of Minimal Structurally Overdetermined sets (MSO sets) is introduced, where there is one more equation than unknown variables such that the redundancy is one. The definitions related to the MSO sets are given as follows [120]:

Deﬁnition 2.4 A set U of equations is structurally overdetermined (SO) if U has more equations than unknown variables.

39 The violation of an equation in the just-determined part U 0 does not change the

consistency in the set U 0 ∪ U +. Therefore, only U + can be used to detect faults that

aﬀect the consistency in it.

Deﬁnition 2.5 An SO set U is a proper structurally overdetermined (PSO) set if U = U + A PSO set can generally contain smaller PSO subsets that can not only be used to detect faults but to isolate faults. This leads to another deﬁnition:

Deﬁnition 2.6 An SO set is a minimal structurally overdetermined (MSO) set if one cannot ﬁnd any SO set within its subset such that its degree of redundancy is one.

The objective of MSO sets is to take advantage of as few equations as possible, maintaining redundancy for fault detection [121]. The MSO sets are useful for fault isolation especially for large system with multiple faults. Krysander et al. [120] developed an efficient algorithm for finding MSO sets for model-based diagnosis. Se- lection of MSO sets depends on specific applications, where there may be different requirements for diagnosis, different system structure and different causality, etc.

[119, 122, 123, 124, 125]. Each MSO set provides an analytic redundant relation

(ARR) and theoretically each equation in an MSO set can be used as an ARR. The

ARR can be used to generate a residual that is sensitive to faults appearing in the corresponding MSO set. Since the ARR is found by sequentially computing the unknown variables, the residual found in this way is called sequential residual generator

[107, 126]. For each sequential residual generator, there is a computation sequence that can be deﬁned to calculate the residual using the chosen set of equations in the correct order, as illustrated below.

40 Deﬁnition 2.7 Computation Sequence: given a model M(C, Z, E), a computation sequence is an ordered set S = {(E1,X1), (E2,X2), ..., (Ek,Xk), (Er, 0)}, where Xi ∈

X , ei ∈ C. Xi and Ei represent the unknown variables and equations, respectively.

(Ei,Xi) implies the unknown variable(s) Xi are computed from equation(s) Ei. Er is the equation of analytical redundant relation for fault detection and isolation. The computation of the unknown variables follow the order of their appearance in the set.

To effectively find computation sequence for residual generation, the concept of matching is introduced. According to Definition 2.1, the structural model of a system can be described by a bipartite graph, represented by (C, Z, E). Where C, Z, E represent the system constraints, variables and edges. A matching on a bipartite graph is a subset of edges such that any two edges do not share same nodes (constraints).

This implies each constraint within a matching is associated with a speciﬁc variable.

It is natural to only consider unknown variables for the purpose of computation sequence derivation. Further, a matching assigns orientation of some edges, from which a computation sequence can be determined to solve the unknown variables within the matching. In addition, a matching can also be found through system incidence matrix as long as the one-to-one relation between each edge and a specific unknown variable hold. It should be noted that the matching is not unique for a given system. In particular, for each MSO set, different matching can be found when choosing different equation as the analytical redundant relation. Thus, there can be multiple residual generators to select for FDI. The selection of residual generators depends on the computational causalities. In general, the dynamics of a system can be described by equation (2.3), where xd, xa are vectors of unknown dynamic variables and unknown algebraic variables, respectively, and z is a vector of known variables [127].

41 Two computational causalities may exist in designing the residual generator:

d Derivative causality is used when xd is diﬀerentiated to computex ˙ d, i.e.x ˙ d = dt xd. R Integral causality is used whenx ˙ d is integrated to compute xd, i.e. xd = x˙ ddt + xd(0), where xd(0) is the initial condition of the unknown variable xd.

g(xd, x˙ d, xa, z) = 0 (2.3)

For the previous example of system 1 given in equation (2.1), there is a MSO set given by the equation set e2, e4, e5, in which there are two unknown variables x1 and x2 in the three equations rendering the degree of redundancy one. Thus, each one of the three equations can be used as an analytical redundant relation for FDI.

The corresponding computation sequences for using these equations as analytical redundant relations are given in equation (2.4). Using equation e2 or e4 as the ARR requires diﬀerential causality by computing derivative of the unknown variable x2.

With equation e5 being the ARR, integral causality is used to compute x2 based on its dynamics in equation e2.

C(e2) = {(e4, x1), (e5, x2), (e2, 0)}

C(e4) = {(e5, x2), (e2, x1), (e4, 0)} (2.4)

C(e5) = {(e4, x1), (e2, x2), (e5, 0)}

In theory, both causalities can be used for residual generation. However, integral causality requires information of the initial condition of an unknown variable, which is typically unknown. Meanwhile, using derivative causality may lead to inaccurate

results when diﬀerentiating a noisy signal, for instance yx1 and yx2 in equation (2.1).

To utilize derivative causality for residual generation in the presence of signal noise, one can use signal ﬁltering technique such as robust diﬀerentiator. If the integral

42 causality is chosen to design the residuals, state observers can be developed to eliminate the initial condition error (difference between true initial condition and the guess values of the initial condition). If the initial condition is known to be zero, the residual generator can be developed using parity equations. It is more straightforward for disturbance decoupling and fault isolation in the procedure of designing a parity equation-based residual generator. On the other hand, compared to observer-based residual generator, using parity equations may lead to steady-state error of the residuals in the presence of initial condition error. Both observers and parity equations are suitable for detecting actuator faults and sensor faults, which usually appear to be additive faults. In particular, unknown input observers or disturbance observers can be useful in identifying input actuator fault. In terms of multiplicative faults such as parametric faults, parameter estimation approaches are straightforward and effective in fault detection. Though residual design based on observers and parity equations can also detect the parametric faults, parameter estimation methods can further determine the fault size that is especially useful in system maintenance and remaining life estimation. Thus, depending on specific applications, system properties and fault properties, observers, parity equations and parameter estimation can all be applicable in residual design for FDI.

2.8.3 Fault diagnosis with observers

Before we go into details about observer-based fault diagnosis methods, we ﬁrst have a review of the state observer and observability concept. In control theory, a state observer is a system that estimates the internal states of a real system, using measured inputs and outputs of the given system. Observer is useful because in

43 practice many of the internal states of a given system can not directly measured,

while these unmeasured states can be important for control and fault diagnosis. If

a system is observable, the system states can be fully reconstructed using a state

observer as well as input and output measurements. To test whether a system is

observable, we can check its observability in speciﬁc ways depending on the system

properties. For a linear system given in equation 2.5, the observability is determined

by checking the rank of the observability matrix O, speciﬁed in equation 2.6. The

system is observable if and only if the observability matrix O is of full rank. X,U,Y

represent states, inputs and measured states, respectively. A,B,C,D are the state-

transition matrix, input matrix, output matrices, respectively.

n X˙ = AX + BU, X ∈ R (2.5) Y = CX + DU

 C   CA    O =  .  (2.6)  .  CAn−1 In practical applications, however, many systems are nonlinear such that the observability deﬁnition for a linear system does not hold. The nonlinear system observability can be determined using Lie derivative [128]. For a nonlinear system given by equation 2.7, the observability matrix is derived in equation 2.8. Equation 2.9 explain how to calculate the observability matrix using Lie derivative in a recursive way.

n m X˙ = f(X,U),X ∈ R ,Y ∈ R (2.7) Y = h(X,U)     O1 dhi(X) 1  O   dL hi(X)   2   f  O =  .  ,Oi =  .  (2.8)  .   .  n−1 Om dLf hi(X) 44 dh (X) = ∂hi ,..., ∂hi i ∂x1 ∂xn ∂h (X) L1 h (X) = i f(X,U) f i ∂X p (2.9) ∂L hi(X) Lp+1h (X) = f f(X,U) f i ∂X p ∂L hi(X) dLp h (X) = f f i ∂X The single observer-based fault diagnosis scheme is illustrated in Figure 2.9, where the observer is used to estimate the system states using inputs and outputs measurements, such that the estimated states can be compared with the measured states to generate residual signals for making a diagnostic decision. Depending on the observer gain design, diﬀerent types of observers can be utilized, including Luenberger- observer, sliding mode observer, Kalman ﬁlter and etc.

In addition to the single observer-based diagnosis scheme, a dedicated observer scheme (DOS) has been proposed to detect multiple sensors faults in a given system

[129]. As illustrated in figure 2.10, there are n observers for the n sensors, and each observer uses the system input U and the corresponding sensor output. In this way, faults in different sensors can be detected and isolated. For multiple fault detection, in which there can be faults in different sensors simultaneously, sensor voting logic can be applied as long as there are equal or more than 3 sensors.

When only a single sensor fault is considered at a time, the generalized observer scheme (GOS) can be used for fault detection, as shown in ﬁgure 2.11. With sensors of number n in a dynamical system, n observers can be build with the i-th observer using all but the i-th sensor measurement. Through this design approach, a single fault in one of the n sensors can be detected and isolated with other sensors at a time. For the single fault detection problem, the GOS can be made insensitive to n − 1 unknown inputs [130].

45 Figure 2.9: Observer-based fault diagnosis scheme

Figure 2.10: Dedicated observer scheme for fault diagnosis

46 Figure 2.11: Generalized observer scheme for fault diagnosis

2.8.4 Fault diagnosis with parity equation

Consider the state-space model of the system given in equation 2.10, where p(s) and q(s) represent additive faults and disturbances, respectively. EF and ED are the fault-state matrix and disturbance-state matrix, while FF and FD represent the fault- output matrix and disturbance-output matrix. The system input to output relation can be represented by the parity equation given in equation 2.11: ˙ X(s) = AX(s) + BU(s) + EF p(s) + EDq(s) (2.10)

Y (s) = CX(s) + DU(s) + FF p(s) + FDq(s)

Y (s) = M(s)U(s) + SF (s)p(s) + SD(s)q(s)

M(s) = C[sI − A]−1B + D (2.11) −1 SF (s) = C[sI − A] EF + FF

−1 SD(s) = C[sI − A] ED + FD

47 Where M(s) is the input to output transfer function matrix. SF (s) and SD(s) are the fault-output transfer function matrix and the disturbance-output transfer function matrix, respectively. The residual generator for FDI can be designed as R(s) in equation 2.12. It is obvious the residual is the function of fault and disturbance. The transformation matrix W (s) can be designed such that the residual R(s) is sensitive to fault while maintaining robustness to disturbance.

R(s) = W (s)[Y (s) − M(s)U(s)] (2.12) = W (s)[SF (s)p(s) + SD(s)q(s)]

For detecting parametric faults using parity equations method, residual generator can be designed according to the interconnections between the varying parameters

T and the system input-output transfer function. Deﬁne ν = [ν1, ..., νk] as the vector of parameters in a given system input-output transfer function matrix M(s). The model uncertainties ∆M(s) can be formulated as a function of the parameter variation,

∆νi, i = 1, ..., k, as given by equation (2.13) [131].

k X ∂M(s) ∆M(s) = ∆ν (2.13) ∂ν i i=1 i

With parametric faults denoted by ∆ν, system output can be expressed in equation (2.14). The residual generator can be determined by equation (2.15). Diﬀerent from the residual generator for additive fault detection, here the transformation matrix W (s) is time-varying.

y(s) = M(s)u(s) + V (s)∆ν

V (s) = [v1(s), ..., vk(s)] (2.14) ∂M(s) vi(s) = u(s), i = 1, .., k ∂νi R(s) = W (s)[y(s) − M(s)u(s)] = W (s)V (s)∆ν (2.15)

48 In terms of fault isolation, as mentioned before, structural analysis of the system provides information of whether diﬀerent faults can be distinguished from one another.

Based on the structural fault isolability analysis, a fault signature can be derived which implies the relation between each redundant relation (or residual) and each type of fault. For parity equation implementation for fault isolation, the design of the transformation matrix W (s) should be based on the fault signature such that the structurally isolable faults can be isolated through residual generator R(s) for additive faults and parametric faults.

2.8.5 Equivalence between observer-based diagnosis and parity equation-based diagnosis

For the linear system given in equation 2.10, its representation in time domain can be derived in equation (2.16). The observer can be designed for the model given in equation (2.17). The state estimation error dynamics can be written in equation (2.18). With proper design of the observer gain L, the state estimation error would settle down to its steady state as a function of the fault p(t) and disturbance q(t). ˙ X(t) = AX(t) + BU(t) + EF p(t) + EDq(t) (2.16)

Y (t) = CX(t) + DU(t) + FF p(t) + FDq(t) ˙ Xˆ(t) = AXˆ(t) + BU(t) + LC(X(t) − Xˆ(t)) (2.17) Yˆ (t) = CXˆ(t) + DU(t) ˙ ˆ˙ e˙(t) = X(t) − X(t) = (A − LC)e(t) + EF p(t) + EDq(t) (2.18) ˆ −1 e˙(t) → 0 =⇒ e(t) = X(t) − X(t) = −(A − LC) (EF p(t) + EDq(t)) R(t) = V (t)[Y (t) − Yˆ (t)] (2.19) −1 −1 = V (t)[(C(LC − A) EF + FF )p(t) + (C(LC − A) ED + FD)q(t)]

49 The residual R(t) can be designed in equation (2.19), where V represents the output transformation matrix. Comparing equation (2.12) and equation (2.19), the observer-based residual generation is equivalent to the parity-equation based residual generation at certain condition when the poles of W (s)C(sI − A)−1 are equal to the eigenvalues of LC. In [131], Gertler also shows any linear residual generator can be described by a parity equation.

Here, we demonstrate the design of fault diagnostic scheme for a DC motor as an example to show the equivalence between observer and parity equations in the implementation of sequential residual generator. Equation (2.20) describes the DC motor dynamics. i and V are the motor current and voltage, respectively. R and

L represent the resistance and inductance in the circuit. θ and ω are the motor angular position and angular velocity. The electromagnetic torque and load torque are denoted by Te and TL, respectively. J and b are the moment of inertia and the damping coeﬃcient of motor shaft, respectively. Ka and Kt are the back EMF constant and torque constant. The sensor measurement of motor current and angular position are given by yi and yθ, with the corresponding sensor faults, fi and fθ. It can be found the equation set e2, e3, e4, e5, e6 is a MSO set, in which any equation can be used as an analytic redundant relation to generate a residual. For example, we use equation e2 to formulate a residual in equation (2.21). To avoid double diﬀerentiation

dω of motor speed ω for the derivation of dt , a sliding mode observer can be designed to generate a residual, described in equation (2.22). With proper design of the observer gain K and equivalent control method given in equation (2.23), we can obtain the electromagnetic torque Te through a low pass ﬁlter. In this way, the residual given in equation (2.21) can be derived for detection of the sensor faults fi and fθ.

50 di e : V = i(R + f ) + L + K ω 1 R dt a

e2 : Te = Kti dω e3 : J = Te − bω − TL dt (2.20) dθ e : = ω 4 dt

e5 : yi = i + fi

e6 : yθ = θ + fθ

robsv = Te − Kt · yi (2.21) dωˆ J = −bωˆ − TL + η dt (2.22) η = Ksign(ω − ωˆ)

Te = ηeq (2.23)

For this DC motor example, another way of residual generator can be implemented using the parity equation approach. The input-output transfer function in terms of motor position can be derived in equation (2.24). Based on the parity equation approach, the residual can be implemented using equation (2.25). Obviously, the residual is sensitive to the sensor faults fi and fθ. This implies both observer-based residual generator and parity equation-based residual generator can be implemented for fault diagnosis, given a MSO set.

K K 1 y (s) = t y (s) − t f (s) − T (s) + f (s) (2.24) θ s(Js + b) i s(Js + b) i s(Js + b) L θ

K r = y (s) − t y (s) parity θ s(Js + b) i (2.25) K = − t f (s) + f (s) s(Js + b) i θ In practice, depending on the objectives of diagnosis, observers and parity equa-

tions both have advantages and disadvantages. Residual generator with observers can

51 eliminate initial condition error while parity equations require information of initial

condition. On the other hand, residual generator with parity equations provides a

straightforward way of decoupling disturbance with faults. Both observers and parity

equations can help isolate faults with reduced-order observers and proper design of

transformation matrix, respectively.

2.8.6 Fault diagnosis with parameter estimation

For parametric faults, in which the faults are in the form of parameter change,

parameter estimation methods can be applied for fault detection and identiﬁcation.

Common parameter estimation methods include least squares method, Kalman ﬁlter

method, etc. For the linear least squares problem deﬁned by equation 2.26, the

objective is to ﬁnd the best parameter in the constraint set Θ to minimize the

diﬀerence between the model output, Hθ, and the measurement data, y. H is a matrix whose ij element is the ith observation of the jth independent variable, and y is the measurement vector whose ith element is the ith observation of the dependent variable. The solution of the parameter estimation using least squares method is given by equation 2.27. One can detect the corresponding parametric fault by comparing the estimated parameter with a priori knowledge.

minJ(θ) = min || y − Hθ ||2 (2.26)

θˆ = (HT H)−1HT y (2.27)

The ordinary least squares parameter estimator can also be recursively implemented by minimizing the weighted sum of the squared estimation error. This approach is called recursive least squares (RLS). The RLS algorithm is described in equation (2.28) [132].

52 For given data x(1), x(2),..., x(n) and d(1), d(2),..., d(n),

1. Initialize w(0) = 0, P (0) = δI (I is the identity matrix)

2. For each time step, n=1,2,..., α(n) = d(n) − xT (n)w(n − 1)

g(n) = P (n − 1)x(n)[λ + xT (n)P (n − 1)x(n)]−1 (2.28) P (n) = λ−1P (n − 1) − g(n)xT (n)λ−1P (n − 1)

w(n) = w(n − 1) + α(n)g(n) Kalman filter can also be used for parameter estimation with robustness to noise and disturbance. Here, we describe the process of using extended Kalman filter for joint estimation of states and parameters in nonlinear system. Also, we show how to use dual Kalman filter for dual estimation of states and parameters. In the application of extended Kalman filter for joint state and parameter estimation, we define the nonlinear system model in equation (2.29). xk fk−1(xk−1, uk−1, ωk−1, θk−1 Xk = = Fk−1(Xk−1, uk−1,Wk−1) = θk θk−1 + rk−1 (2.29)

zk = hk(xk, uk, υk, θk)

Where ωk, υk and rk are independent Gaussian noises, regarding process noise and measurement noise for state estimation as well as process noise for parameter estimation. These Gaussian noise processes have meansω ¯,υ ¯,r ¯ and covariance matrices Σω,Συ,Σr. Deﬁne the corresponding matrices for implementing the extended

Kalman ﬁlter as follows [133]

ˆ dFk(Xk, uk,Wk) ˆ dFk(Xk, uk,Wk) Ak = |X =Xˆ + Bk = |W =W¯ dX k k dW k k k k (2.30) dhk(Xk, uk, υk) dhk(Xk, uk, υk) Cˆ = | ˆ − Dˆ = | k Xk=X k υk=¯υk dXk k dυk The extend Kalman ﬁlter algorithm for joint estimation of states and parameters is given as follows:

53 Initialization: for k = 0, set

ˆ + X0 = E[X0] (2.31) Σ+ = E[(X − Xˆ +)(X − Xˆ +)T ] X,˜ 0 0 0 0 0 For k = 1, 2,..., compute:

Time update: ˆ − ˆ + ¯ Xk = Fk−1(Xk−1, uk−1, Wk−1)

Σ− = Aˆ Σ+ AˆT + Bˆ Σ BˆT (2.32) X,k˜ k−1 X,k˜ −1 k−1 k−1 W˜ k−1

ˆ − zˆk = hk(Xk , uk, υ¯k) Measurement update:

L = Σ− CˆT [Cˆ Σ− CˆT + Dˆ Σ Dˆ T ]−1 k X,k˜ k k k,k˜ k k υ˜ k

ˆ + ˆ − Xk = Xk + Lk(zk − zˆk) (2.33)

Σ+ = (I − L Cˆ )Σ− X,k˜ k k X,k˜ For the use of dual Kalman ﬁlter, the discrete time state-space model for a given system can be written in the form of equation 2.34 and 2.35 for the state dynamics and parameter dynamics, respectively.

xk+1 = fk(xk, uk, θk, ωk) (2.34) zk = hk(xk, uk, θk, υk)

θk+1 = θk + rk (2.35) dk = hk(xk, uk, θk, ek)

Where ek is independent Gaussian noises, regarding measurement noise for parameter estimation, which has meane ¯ and covariance matrix Σe. Similar to the extended

Kalman filter, the corresponding matrices used in dual Kalman filter are defined as

54 follows: ˆ− ˆ− dfk(xk, uk, θk , ωk) dfk(xk, uk, θk , ωk) Aˆ = | + Bˆ = | k xk=ˆx k ωk=¯ω dxk k dωk ˆ− ˆ− x dhk(xk, uk, θk , υk) x dhk(xk, uk, θk , υk) Cˆ = | − Dˆ = | (2.36) k xk=ˆx k υk=¯υ dxk k dυk − − θ dhk(ˆxk , uk, θ, ek) θ dhk(ˆxk , uk, θ, ek) Cˆ = | ˆ− Dˆ = | k Xk=θ k ek=¯e dθ k dek The dual Kalman ﬁlter algorithm is given as follows:

Initialization: for k = 0, set

θˆ+ = E[θ ], Σ+ = E[(θ − θˆ+)(θ − θˆ+)T ] 0 0 θ,˜ 0 0 0 0 0 (2.37) + + + + T xˆ0 = E[x0], Σx,˜ 0 = E[(x0 − xˆ0 )(x0 − xˆ0 ) ] For k = 1, 2,..., compute:

Time update for the parameter estimation:

ˆ− ˆ+ θk = θk−1 (2.38) − + Σθ,k = Σθ,k−1 + Σr Time update for the state estimation:

− + ˆ− xˆk = fk−1(ˆxk−1, uk−1, θk , ω¯) (2.39) − ˆ + ˆT ˆ ˆT Σx,k = Ak−1Σx,k−1Ak−1 + Bk−1ΣωBk−1 Measurement update for the state estimation:

x − ˆx T ˆx − ˆx T ˆ x ˆ x T −1 Lk = Σx,k(Ck ) [Ck Σx,k(Ck ) + Dk Συ(Dk ) ]

+ − x − ˆ− xˆk =x ˆk + Lk[zk − hk(ˆxk , uk, θk , υ¯)] (2.40)

+ x ˆx − Σx,k = (I − LkCk )Σx,k Measurement update for the parameter estimation:

θ − ˆθ T ˆθ − ˆθ T ˆ θ ˆ θ T −1 Lk = Σθ,k(Ck ) [Ck Σθ,k(Ck ) + DkΣe(Dk) ]

ˆ+ ˆ− θ + ˆ− θk = θk + Lk[zk − hk(ˆxk , uk, θk , e¯)] (2.41)

+ θ ˆθ − Σθ,k = (I − LkCk )Σθ,k 55 It is obvious that the RLS algorithm is based on weighted least squares in the way that past values are considered for predicting future value. In the Kalman ﬁlter algorithm, the Kalman gain is calculated based on the RLS algorithm such that the optimal values are obtained with less time.

2.9 Overview of Model-based Fault Diagnosis Methodology

In this dissertation, we focus on the first four steps of the V diagram for applying model-based fault diagnosis, as shown in Figure 2.12. We first determine system requirements for fault diagnosis based on HARA or FMEA. According to the system requirements, we model the system and faults in an appropriate way such that the system dynamics and fault propagation are described correctly. Further, structural analysis can be applied to the models to analyze fault diagnosability. Sensor placement can also be studied to enhance detectability and isolability. With structural analysis, the so-called MSO sets can be found to assist the design of sequential residual generator. In particular, in lack of physical redundancy due to measurement limitation, MSO sets can be used to determine analytical redundant relations for residual generation. For a system with multiple faults, using multiple residual generators based on different MSO sets can enhance not only fault detection but fault isolation.

Often we need to deal with derivative causality and integral causality in implementing the sequential residual generator. Depending on the specific application, different methods and algorithms can be used to implement the sequential residual generator while avoiding direct differentiation and integration, especially when the signals are noisy and the initial condition is unknown for the signal being integrated. These methods include state observers, parity equations and parameter estimation, etc. In

56 this dissertation, we apply state observers and parameter estimation methods to two diﬀerent applications as case studies to demonstrate the methodology. Finally, we use model-in-the-loop simulation to evaluate the performance of the designed diagnostic strategy and algorithm.

Figure 2.12: First four steps of V diagram for model-based fault diagnosis

2.10 Conclusion

In this section, the automotive functional safety and diagnostic challenge for autonomous vehicles are discussed, which provides motivation for fault diagnosis. Fur- ther, a systematic approach of designing fault diagnostic scheme is discussed starting from HARA and/or FMEA, depending on the objective from either functional safety or system performance and maintenance perspective. In terms of model-based fault diagnosis, structural analysis can be ﬁrst applied to the system model for analyzing

57 fault detectability and isolability, based on the concept of analytical redundancy.

From the structural analysis, the so-called MSO sets can be derived for sequential residual generation. The residual generators can be implemented using diﬀer- ent model-based approaches depending on speciﬁc applications. These approaches include state observer-based residual generator, parity equation-based residual generator and parameter estimation, in which there is an equivalence relation between state observers and parity equations in terms of residual generation.

58 Chapter 3: Diagnosis of Electric Traction Drive Resolver Fault in All-wheel Drive Electric Vehicles

All-wheel drive electric vehicles (AWD EVs) simplify the conventional powertrain configuration by removing torque converter and transmission with better fuel economy. Nevertheless, AWD EVs impose stricter requirements for electric drive control design to meet the requirements of safety, smooth mode transition and comfortable drivability. Particularly, the resolver position sensing system as a key element of the electric drive becomes significant to the AWD EVs powertrain control. In addition to its role in providing rotor position for motor feedback control, the resolver measures the motor speed, affecting vehicle safety, performance and drivability, since the vehicle supervisory controller receives accelerator pedal position signal and motor speed signal to determine the desired torque applied on wheels. Thus, diagnosing the resolver fault becomes necessary.

In this chapter, we focus on electric traction drive resolver fault diagnosis in AWD

EVs as a case study of applying model-based fault diagnosis methodology. It is obvious that diagnosing the resolver fault is signiﬁcant for AWD EVs since the electric motors directly provide the driving torque without a combustion engine. The resolver fault, which results in inaccurate motor speed measurement, could lead to unexpected vehicle motion. We follow the ﬁrst four steps of the V cycle as shown in Figure 3.1.

59 We apply FMEA methodology to study the failure modes and eﬀects of the resolver faults. Based on FMEA results, we develop fault model and incorporate it with

PMSM drive model and powertrain kinematic model to formulate the overall system architecture. Further, we design diagnostic strategy for resolver FDI in AWD EVs.

For completeness, wheel speed sensor faults are also considered in this application. We

first anlayze the resolver fault detectability and isolability using structural analysis, focusing on kinematic relations between resolver and wheel speed sensor measurements. From the structural analysis, MSO sets are explored to assist the design of sequential residual generators for FDI. Since the redundancy of the system changes under different driving conditions, a diagnostic decision logic is designed to deal with different driving scenarios. The selected residual generators are expected to detect and isolate faults in the considered scenarios. In the last section, the performance of the diagnostic logic and residual generators are evaluated through model-in-the-loop simulation.

Figure 3.1: First four steps of the V diagram for electric traction drive resolver FDI in all-wheel drive electric vehicles

60 The all-wheel drive battery electric vehicle architecture studied in this paper is shown in Figure 3.2. The Front EM and Rear EM represent the two electric motors mounted on front axle and rear axle respectively. The arrows in the figure indicate the power flow in the system from motors to wheels through final drive and differential.

There are two resolvers mounted on the front motor shaft and the rear motor shaft respectively measuring motor speed. Though there are four separate wheel speed sensors for independent wheel speed measurement, the schematic here is drawn in a simpliﬁed way to lump the left wheel and right wheel together for both the front drive and the rear drive.

Figure 3.2: AWD EV system architecture

61 Figure 3.3: Block diagram of the PMSM drive system

3.1 PMSM Drive System Modeling

To understand the role of resolver in electric traction drive, the PMSM drive

system is modeled to simulate the resolver fault eﬀects on the system performance,

with the modeling diagram shown in Figure 3.3. Also, this dissertation focuses on

the electric vehicle (EV) mode, where the engine gets disconnected so that the motor

∗ torque request Te is equal to the total torque request from the supervisory controller. In motor torque control, the motor torque request depends on the accelerator pedal position and the motor speed measurement from resolverω ˜m. In motor speed control, the torque request is sent out by the PI controller to track the reference motor speed

62 ωm ref . Considering the PMSM using direct Field-oriented Control, the desired d-

∗ axis current in the rotor synchronous rotating reference frame id is set to zero for

∗ ﬂux control while the desired q-axis current iq is calculated based on equation (3.1)

for torque control. P and λm represent the number of motor pole pairs and the

permanent magnetic ﬂux linkage respectively.

3 T ∗ = P λ i∗ (3.1) e 2 m q

The desired d-axis and q-axis currents in the rotor synchronous rotating reference

∗ ∗ frame (Id ,Iq ) are ﬁrst transformed into desired d-axis and q-axis currents in the

∗ ∗ stationary reference frame (Iα,Iβ) through the Inverse Park transformation, given by equation (3.2). ∗ ˜ ˜ ∗ iα cosθe −sinθe Id ∗ = ˜ ˜ ∗ iβ sinθe cosθe Iq (3.2)

˜ Where θe is the rotor position measurement from resolver, subject to resolver faults

∗ ∗ ∗ denoted by f in Figure 3.3. The desired three phase currents ia, ib , ic are then derived by the Inverse Clarke transformation, formulated in equation (3.3). And the

motor current hysteresis controller compares the desired three phase currents with

the measurement to generate gate signals and send to the PWM inverter, so that the

inverter provides proper AC voltage to drive the motor. The model of the PMSM

drive system can be described by equation 3.4 through equation 3.8.

i∗  1 0  a √ I∗ i∗ = − 1 3 α  b   2 2√  I∗ i∗ 1 3 β (3.3) c − 2 − 2

diq Rs Ld λm Vq = − iq − P ωmid − P ωm + (3.4) dt Lq Lq Lq Lq

63 did Lq Rs Vd = − P ωmiq − id + (3.5) dt Ld Ld Ld dω J m = T − bω − T (3.6) dt e m L 3 T = P λ i (3.7) e 2 m q dθ e = P ω (3.8) dt m

Where Rs is the phase resistance and Ld, Lq are the inductances in rotating reference frame. P is the number of motor pole pairs, and ωm is the motor shaft rotational speed. Vd and Vq are the voltages in the rotating reference frame. b is the damping coefficient for the motor shaft and TL represents the load torque applied on the motor shaft. As shown in Figure 3.3, the resolver is of significance for the operation of the PMSM drive system as it not only measures the motor speed to determine the motor torque request but measures the electrical angle θe for the application of FOC, which eventually affects the motor torque generation. Consequently, resolver faults can lead to the electrical angle estimation error f, which can compromise the PMSM drive system performance and vehicle performance as well as raising safety concern.

3.2 FMEA of Electric Traction Drive Resolver

The rotor position measurement error due to the resolver fault can result from many diﬀerent sources such as non-ideal resolver signals and non-ideal resolver-to- digital (R/D) conversion. Given the R/D converter with high accuracy, the error due to non-ideal R/D conversion is small compared with the non-ideal resolver signals

[134]. Also, many people have proposed eﬀective methods for fast and accurate

R/D conversion [135, 136]. Thus, the main source of error for the resolver position measurement should be the non-ideal characteristics of resolver signals.

64 3.2.1 Resolver-to-digital Conversion

Resolver is similar to a rotating transformer, composed of a primary winding and two secondary windings [137]. A reference voltage source Vref is applied to the primary winding as the excitation signal. Ideally, the two secondary windings are as- sembled in space quadrature to induct two analog voltage signals Vsin and Vcos, which are sine function and cosine function of the rotor angular position respectively. The relationship between the primary winding excitation voltage and the two output voltage signals in the two secondary windings can be expressed in equation (3.9). K and

E represent transformation ratio and amplitude of the reference voltage, respectively.

ω and θ are the reference voltage frequency and the rotor position, respectively.

Vref = KEsinωt

Vsin = KEsinωtsinθ (3.9)

Vcos = KEsinωtcosθ

Moreover, the resolver-to-digital converter transforms the analog voltage signals to digital signals and provides a rotor position estimate φ through demodulation.

The demodulation process of the resolver output signals are illustrated in Figure 3.4.

The two secondary winding outputs of the resolver are sent to the multiplier through analog-to-digital converter. Then the two output signals from the multiplier are compared in the subtractor to obtain the error voltage signal Verr. The demodulation module is used to further process and decouple the input error voltage signal in order to ﬁlter out the excitation signal. In this way, the output signal after demodulation,

0 indicated by Verr, only contains the information of the position error between the physical rotor position θ and the estimated rotor position φ [138]. This process is formulated in equation (3.10). With the PI controller driving the error voltage to

65 zero, an accurate estimate of the rotor position can be obtained, namely, θ = φ.

0 Vsin = KEsinωtsinθcosφ

0 Vcos = KEsinωtcosθsinφ (3.10) Verr = KEsinωtsin(θ − φ)

0 Verr = KEsin(θ − φ)

Figure 3.4: Block diagram of the resolver-to-digital conversion

3.2.2 Failure modes of the resolver

The resolver FMEA is illustrated in Table 3.1. The amplitude imbalance and quadrature imperfection in the output signals of the two secondary windings are the most critical factors of the resolver faults. Meanwhile, the reference phase shift can also occur in the resolver sensing system during normal operation. Hence, this section focuses on these three types of resolver faults.

66 Item Failure Mode Eﬀects Amplitude Oscillated motor speed imbalance measurement signal Resolver Quadrature im- Oscillated motor speed perfection measurement signal Reference phase Motor speed measurement shift signal drift

Table 3.1: FMEA for electric traction drive resolver

Amplitude Imbalance and Quadrature Imperfection.

To model the amplitude imbalance and quadrature imperfection for better understanding of the resolver fault mechanism and effects, different indices are introduced in equation (3.11), including α and β to represent the severity of the amplitude imbalance and quadrature imperfection respectively. The resolver outputs are derived under the amplitude imbalance and quadrature imperfection before modulation. For completeness, signal offsets are also considered in the process, denoted by ∆Vsin and

∆Vcos. Vsin = KEsinωtsin(θ + β) + ∆Vsin (3.11) Vcos = (1 + α)KEsinωtcosθ + ∆Vcos The resolver outputs after modulation can be derived in equation (3.12)

0 Vsin = KEsinωtsin(θ + β)cosφ + ∆Vsincosφ (3.12) 0 Vcos = (1 + α)KEsinωtcosθsinφ + ∆Vcossinφ

Then the error voltage after demodulation can be represented in equation (3.13)

0 Verr = KE[sin(θ − φ) − αcosθsinφ + βcosθcosφ ∆V cosφ − ∆V cosφ (3.13) + sin cos ] KE

67 Usually, the signal oﬀsets are not dominant compared to the amplitude imbalance

and quadrature imperfection [137]. Thus, these oﬀsets are neglected such that equa-

tion (3.13) can be rewritten as follows:

0 Verr = KE[sin(θ − φ) − αcosθsinφ + βcosθcosφ] (3.14)

With the PI controller, the above error voltage signal will be driven to zero. Thus, equation (3.14) can be reformulated in equation (3.15).

sin(θ − φ) = αcosθsinφ − βcosθcosφ (3.15)

The position error after tracking control should be small, thus cosθsinφ ≈ cosθsinθ, and cos θcosφ ≈ cos2θ. Finally, the position error can be derived in equation (3.16).

α β θ = sin2θ − (1 + cos2θ) (3.16) err 2 2 It can be seen from equation (3.16) that the position error have the frequency twice

the rotor angular frequency with sine function and cosine function corresponding to

amplitude imbalance and quadrature imperfection respectively.

Reference Phase Shift.

π When the reference excitation voltage signal has a phase shift of δ + 2 and the resolver dynamics is included, the error voltage given by equation (3.10) can be re-

formulated in the following form [135, 136]. ω V 0 = KE[sin(θ − φ)cosδ − r cos(θ − φ)sinδ] (3.17) err ω

Where ωr and ω indicate the rotor shaft speed and the excitation signal frequency

respectively. Considering δ and the position error are small, the position error can be

obtained as: ω θ = r δ (3.18) err ω 68 Based on equation. (3.18), the position error can be taken as a constant when the motor is rotating at or close to a constant speed. Otherwise, the position error will be a ramp function of the motor speed and the excitation voltage frequency.

3.3 Resolver Fault Eﬀects Analysis

In this section, the resolver fault effects is studied in the PMSM drive system, with focus on the rotor position measurement error due to amplitude imbalance, quadrature imperfection and reference phase shift in the resolver position sensing system. In this process, two different motor control objectives are taken into consideration, motor torque control and motor speed control. In the motor torque control, the PMSM is required to produce torque according to the torque request sent by the supervisory controller. In the motor speed control, however, the objective for the electric motor is to track a reference speed, such as the idle speed for EVs/HEVs. The resolver fault impact on the rotor position measurement, motor speed measurement and motor torque production are evaluated based on mathematical derivation of the fault mechanism and simulation results. Component-level simulation is performed in the PMSM drive simulator to verify the analysis from mathematical derivation. In addition, a complete powertrain simulator is utilized to simulate the resolver fault propagation in the electrified powertrain, considering driveline damping effect.

69 3.3.1 Eﬀects of Amplitude Imbalance and Quadrature Im- perfection in PMSM Drive System

For the PMSM drive system with Field-oriented Control, the d- and q-axis currents in the stationary reference frame (iα, iβ) can be written as:

iα = −Irsinωet (3.19) iβ = Ircosωet

Where Ir indicates the motor rated current and ωe is the rotor electrical speed. After

Park transformation, the d- and q-axis currents of the synchronous rotating reference frame (id,iq) in the occurrence of position error can be derived in equation (3.20). i cos(θ − θ ) sin(θ − θ ) −I sinω t d = e err e err r e iq −sin(θe − θerr) cos(θe − θerr) Ircosωet (3.20) −I sinθ = r err Ircosθerr

Where θe represents the rotor electrical angle. And the relationship between the rotor shaft angle θ and the rotor electrical angle θe is given by equation (3.21), where Pr/m is the ratio between the number of resolver poles and the number of motor poles.

θ = Pr/mθe (3.21)

The rotor position error given by equation (3.16) can then be rewritten as follows.

α β θ = sin2P θ − (1 + cos2P θ ) (3.22) err 2 r/m e 2 r/m e

When there is no resolver fault, namely, θerr = 0, d-axis current in the rotating reference frame is equal to zero and the motor torque is given by equation (3.23).

3 3 T = P λ i = P λ I (3.23) h 2 m q 2 m r

Where the subscript h represents the healthy case when there is no resolver fault.

When there is amplitude imbalance and quadrature imperfection, the motor torque

70 will change with the q-axis current according to equation (3.20). The motor torque equation in this case can be derived in equation (3.24).

3 3 α β T = P λ i = P λ I cos[ sin2P θ − (1 + cos2P θ )] (3.24) f 2 m q 2 m r 2 r/m e 2 r/m e

Where the subscript f represents the faulty condition when there is resolver fault.

The conclusion can be drawn from equation (3.24) that the motor torque will decrease with the amplitude imbalance or quadrature imperfection. In general, the motor will produce less torque given these types of resolver faults.

3.3.2 Eﬀects of Amplitude Imbalance and Quadrature Im- perfection on Electric Motor Control Motor Torque Control.

As can be seen from Figure 3.3, in motor torque control, the accelerator pedal position signal and the resolver speed measurementω ˜m are sent to the vehicle supervisory controller for determining motor torque request. For a ﬁxed accelerator pedal position, usually higher motor speed measurement leads to less torque request.

Hence, the resolver faults can inﬂuence the motor torque production by aﬀecting the motor speed measurement. And this provides the motivation for evaluating the motor speed measurement error given amplitude imbalance and quadrature imperfection.

According to equation (3.22), the position error has a sine term related to amplitude imbalance and a cosine term corresponding to the quadrature imperfection with the same frequency. The amplitude imbalance can be taken as an example for assessing the fault eﬀect on motor speed measurement. Speciﬁcally, when there is no resolver fault, the measured motor speed is given by:

˙ ω˜h = Pr/mθe (3.25)

71 When the amplitude imbalance, denoted by α, occurs in the resolver output signal,

equation (3.25) can be reformulated as follows, whereω ˜f is the measured motor speed

given the resolver fault (amplitude imbalance):

˙ ˙ ˙ ω˜f = Pr/m(θe − θerr) = Pr/mθe − αPr/mω˜hcos2Pr/mθe (3.26)

Comparing equation (3.25) and equation (3.26), the speed measurement errorω ˜err

given amplitude imbalance can be obtained from equation (3.27):

ω˜err =ω ˜h − ω˜f = αPr/mω˜hcos2Pr/mθe (3.27)

Assuming the number of resolver poles is equal to the number of motor poles for simplicity, Pr/m = 1, then equation (3.27) can be rewritten as:

ω˜err = αω˜hcos2θe (3.28)

The above equation shows that the motor speed measurement will experience periodic oscillations around the physical motor speedω ˜h, with the frequency twice the stator fundamental frequency [137]. The amplitude of the oscillations is the function of the amplitude imbalance severity index α and the physical motor speedω ˜h. It can be expected the motor torque request will also oscillate since the requested torque is a monotonic function of the measured motor speed with ﬁxed accelerator pedal position.

The simulation results can further verify the above mathematical derivation.

Motor Speed Control.

For a vehicle with a torque converter providing creep torque, the torque converter impeller and the motor spin at an idle speed. Typically speed control is used to maintain the desired idle speed. Thus, the motor torque request only depends on

72 the resolver speed measurement. Similar to motor torque control, the motor torque request will oscillate given the amplitude imbalance or quadrature imperfection according to equation (3.28). However, the amplitude and frequency of the oscillations now also depend on the PI speed controller parameter setting.

3.3.3 Eﬀects of Reference Phase Shift in PMSM Drive Sys- tem

As mentioned before, the reference phase shift in the resolver excitation signal leads to a constant bias position error when the motor is rotating at or close to a constant speed. Thus, the eﬀect of the reference phase shift is studied in the form of a constant bias in the measured rotor position, denoted by ∆θe. The d- and q-axis currents of the synchronous rotating reference frame (id,iq) in this case can be derived in equation (3.29). i cos(θ − ∆θ ) sin(θ − ∆θ ) −I sinω t d = e e e e r e iq −sin(θe − ∆θe) cos(θe − ∆θe) Ircosωet (3.29) −I sin∆θ = r e Ircos∆θe

When there is no reference phase shift, namely, ∆θe = 0, the motor torque is given by equation (3.23). When the reference phase shift occurs (∆θe 6= 0), the motor torque can be obtained from equation (3.30):

3 T = P λ I cos∆θ (3.30) f 2 m r e

Comparing equation (3.23) and equation (3.30), apparently, the motor produces less amount of torque when there is reference phase shift, which is similar to the amplitude imbalance and quadrature imperfection. On the other hand, this type of resolver fault doesn’t aﬀect the speed measurement accuracy except for the exact instant of the reference phase shift occurrence. The fault eﬀect on the motor torque generation

73 can then be compensated by the motor feedback control when the motor is controlled to track a reference speed. When the motor is producing torque according to the driver command, the motor speed will decrease slowly since the reference phase shift is usually small, which can be seen from the simulation results presented later. The reference phase shift inﬂuence at the powertrain level will not be studied in this paper due to its negligible eﬀects on the vehicle performance.

3.4 Simulation of Resolver Fault in PMSM Drive System

In the simulation, a vehicle launch scenario was chosen because it represents the fastest changes in impeller speed outside of shifting. The first part of the simulation is done in the PMSM drive system, where all the driveline components are detached, including the torque converter, transmission, final drive and differential. The second part of the simulation is performed in a complete electrified powertrain to include all the components from motor to wheels.

3.4.1 Amplitude Imbalance in PMSM Drive System

In the simulation, the amplitude imbalance severity index is set to be α = 0.4.

To study the fault propagation in PMSM drive system, a ﬁxed motor torque request is given to the motor controller, indicated by the blue solid line in Figure 3.5.

When the amplitude imbalance occurs at 2s, the actual motor torque (red solid line) begins to oscillate with its mean value less than the requested torque. To verify equation (3.24), the motor torque request is manipulated by the cosine function defined in equation (3.24). As shown in Figure 3.5, this modified torque request (cyan dashed line) fits well with the actual motor torque (red solid line) in the occurrence of amplitude imbalance. Meanwhile, the motor speed slightly decreases due to the resolver

74 Figure 3.5: Motor torque and motor speed proﬁle given amplitude imbalance in PMSM drive

amplitude imbalance. Similarly, for the veriﬁcation of equation (3.28), the physical

motor speed is manipulated by the cosine function deﬁned in Eqn. (3.28). As demon-

strated in Figure 3.6, the manipulated motor speed measurement (cyan dashed line)

ﬁts well with the actual resolver measurement (red solid line) when there is amplitude

imbalance in the resolver.

3.4.2 Reference Phase Shift in PMSM Drive System

When the resolver reference signal phase shift (−20o) is introduced in the simulation at 2s, the motor torque decreases immediately as demonstrated in Figure 3.7.

And this result is consistent with the mathematical derivation given by equation (3.30).

75 Figure 3.6: Real motor speed vs. measured motor speed given amplitude imbalance in PMSM drive

The difference between the real motor torque and the torque request given by equation (3.30) can also be verified from Figure 3.7, in which the black dashed line fits well with the red solid line. Reasonably, the motor speed increases more slowly under the faulty condition due to the torque reduction with the reference phase shift. The effects of reference phase shift in electrified powertrain under motor torque control and motor speed control are not simulated here, since the reference phase shift doesn’t have much influence on the motor speed measurement. That is to say, the reference phase shift will not make a difference in the motor torque request under either the motor torque control or the motor speed control.

76 Figure 3.7: Motor torque and motor speed proﬁle given reference phase shift in PMSM drive

3.5 Structural Analysis for FDI

To understand the system structure and coordination of diﬀerent sensors for resolver FDI, we apply structural analysis to the AWD EV architecture. In particular, we develop system structural model to enable structural decomposition of the system to analyze system redundancy, fault detectability and isolability characteristics. The system structural model is represented in matrix form with each row indicating the relation between known or unknown variables, faults and the speciﬁc equation [139].

The sensor measurements and the known inputs are deﬁned as known variables while the system states and unknown inputs are deﬁned as unknown variables. Actuator

77 faults and sensor faults are also included in the structural model. The known and

unknown variables as well as faults for the AWD EV system are listed below:

Unknown variables: ωfl, ωfr, ωrl, ωrr, ωfm, ωrm Known variables: yωfl , yωfr , yωrl ,

yωrr , yωfm , yωrm Faults: fωfl , fωfr , fωrl , fωrr , fωfm , fωrm Where ω, y and f represent the rotational speed, sensor measurements and sensor faults respectively. The subscripts fl, fr, rl, rr, fm, rm represent the front left wheel, front right wheel, rear left wheel, rear right wheel, front motor and rear motor respectively. Equation 3.31 and 3.32 illustrate the relation between the motor speed and the wheel speed. ω + ω e : fl fr · FDR = ω (3.31) 1 2 f fm ω + ω e : rl rr · FDR = ω (3.32) 2 2 r rm

Where FDRf and FDRr are the front and rear ﬁnal drive gear ratio. These two equations are determined by the characteristics of the diﬀerential. In addition, considering the wheel speed sensor faults (constant bias fault) and resolver faults, the sensor performance can be described in equation 3.33 through 3.38.

e3 : yωfl = ωfl + fωfl (3.33)

e4 : yωfr = ωfr + fωfr (3.34)

e5 : yωrl = ωrl + fωrl (3.35)

e6 : yωrr = ωrr + fωrr (3.36)

e7 : yωfm = ωfm + fωfm (3.37)

e8 : yωrm = ωrm + fωrm (3.38)

78 Figure 3.8: Structural analysis of AWD EV architecture: structural model, Dulmage- Mendelsohn (DM) decomposition and fault isolability analysis

Once the equations and variables are deﬁned, the system structural model can be obtained in Figure 3.8 by using structural analysis toolbox [117]. In the structural model, each cross links a speciﬁc variable (known variable, unknown variable or fault) to the corresponding equation, implying the mathematical relation between variables and equations. Based on the structural model, the system can be further

79 decomposed using the Dulmage-Mendelsohn (DM) Decomposition to ﬁnd the system

redundancy for fault diagnosis [139]. Here for the AWD EV architecture with the

current sensor placement, the system structure after DM decomposition is shown in

Figure 3.8, where all the faults are within the over-determined set. From mathe-

matical point of view, the six sensor equations given by equation 3.33 to 3.38 can

be deﬁned as a just-determined set since there are also six unknown variables. By

adding the extra two equations equation 3.31 and 3.32 describing the kinematic re-

lations between the wheel speed and motor speed, the total eight equations and six

unknown parameters compose an over-determined set, which implies all the faults

fωfl , fωfr , fωrl , fωrr , fωfm , fωrm in this over-determined set are detectable. Regard- ing the fault isolability, two faults are isolable with each other if they lie in different over-determined sets. The process of identifying these different over-determined sets with some matrix manipulation leads to a fault isolability matrix as shown in the bottom right corner of Figure 3.8. When there is a dot in row i and column j, this implies fault fi and fault fj are not isolable with each other [140]. The ideal case is that the entire fault isolability matrix is in diagonal form, which means all faults in the system are isolable with one another, based on the assumption that these faults are all detectable. For this specific AWD EV architecture, there are two cor-

related fault sets fωfl , fωfr , fωfm and fωrl , fωrr , fωrm , where faults within the same set are not isolable with one another while faults in diﬀerent sets can be isolated with each other. Thus, the resolver faults cannot be isolated with the wheel speed sensor faults for either the front axle or the rear axle, given the current sensor placement and physical constraints deﬁned in equation (3.31) and (3.32). Further, there are two MSO sets found in the structural analysis, which are the two equation sets

80 {3.31, 3.33, 3.34, 3.37} and {3.32, 3.35, 3.36, 3.38}. These two equation sets can be used to derive sequential residual generators that are sensitive to the two correlated fault sets, respectively. Here since all the equations are algebraic equations, we do not need to consider the trade-oﬀ between integral causality and derivative causality.

Each equation within a MSO set can be chosen as the analytical redundant relation for residual generation. For the ﬁrst MSO set, we use the equation (3.31) to derive the matching, as shown in Figure 3.9. According to the matching, the computation sequence can be determined as {(3.37, ωfm), (3.34, ωfr), (3.33, ωfl), (3.31, 0)}. Similarly, for the second MSO set {3.32, 3.35, 3.36, 3.38}, the matching using equation (3.32) is shown in Figure 3.10. And the corresponding computation sequence is derived as

(3.38, ωrm), (3.36, ωrr), (3.35, ωrl), (3.32, 0). The residual equations based on these two computation sequences are given in equation (3.39) and (3.40), respectively.

yωfm yωfl + yωfr rMSO1 = − (3.39) FDRf 2

yωrm yωrl + yωrr rMSO2 = − (3.40) FDRr 2 To investigate the system diagnosability in depth, extra redundancy can be found by assuming the front axle is rotating with the same speed compared to the rear axle during longitudinal driving. This extra constraint can be formulated in equation 3.41

ωfm ωrm e9 : = (3.41) FDRf FDRr

yω + yω y + y r = fl fr − ωrl ωrr (3.42) extra 2 2

Based on this extra constraint, the results of system structural analysis are illustrated in Figure 3.11. The front motor and the rear motor resolver faults can be

81 Figure 3.9: Matching using equation (3.31) as analytical redundant relation

detected and isolated with each other in this case. There are 6 MSO sets by incorporating the original system equations with the extra constraint. One of the MSO set is the equation set {3.31, 3.32, 3.33, 3.34, 3.35, 3.36, 3.41}, from which another residual equation is derived in equation (3.42). It is obvious that adding this residual equation helps isolate the wheel speed sensor faults from electric motor resolver faults.

At this phase, the constraint given by equation (3.41) is valid when the vehicle is in longitudinal driving with no tire slip, which may not always hold in practice. The scenarios with tire slip will be analyzed in the following chapters. The structural analysis is usually treated as a useful starting point to understand the system structural diagnosability with diﬀerent sensor placement and diﬀerent constraints.

82 Figure 3.10: Matching using equation (3.32) as analytical redundant relation

3.6 Tire Slip Analysis

In practice, there can be many diﬀerent and complicated drive scenarios, where the constraint given by equation 3.41 does not hold resulting in challenge of the motor resolver fault diagnosis. Especially, vehicle can experience various types of tire slip caused by low road friction or vehicle controller code error, which may render the front wheel speed diﬀerent with the rear wheel speed. Analyzing these drive scenarios provides solid foundation for designing more realistic and feasible diagnostic strategy.

In engineering practice, the longitudinal tire slip can be further classiﬁed into three

83 Figure 3.11: Structural analysis of AWD EV architecture with extra constraint

types: acceleration tire slip, tire slip under extreme road conditions and code error tire slip.

84 3.6.1 Scenario 1: Tire Slip due to Intensive Acceleration

Common tire slip occurs when the axle is applying higher longitudinal forces to the tire contact patch on the ground, deﬁned as acceleration tire slip. According to

Boesch et al. (1999), this type of tire slip tends to occur if the axle torque exceeds a predetermined upper torque limit which indicates a steady-state slip condition [141].

When this tire slip occurs, the front axle and the rear axle can have diﬀerent speed.

Usually the driving wheels should have the tire slip with uniform road proﬁle and condition. For AWD EVs with both front axle and rear axle driving the vehicle, the axle providing higher traction force should ﬁrst have tire slip. This type of tire slip can be detected by calibrating the upper torque limit based on the vehicle design parameters. As shown in the structural analysis, the front and the rear motor resolver faults cannot be isolated with the wheel speed sensor faults if equation 3.41 doesnt hold, which is the case when the acceleration tire slip occurs. Thus, the diagnostic strategy can be designed such that the diagnosis is executed only when there is no acceleration tire slip detected.

3.6.2 Scenario 2: Tire Slip due to Extreme Road Conditions

In addition to the acceleration tire slip, tire slip can occur due to extreme road conditions, such as icy road where the road friction torque is much less than the torque applied to wheels. For this type of tire slip, the front wheel speed and the rear wheel speed can both have mismatch with the vehicle speed. The front wheel speed can be completely diﬀerent with the rear wheel speed, since the wheels are less coupled with the road.

85 3.6.3 Scenario 3: Tire Slip due to Code Error

For AWD EVs, tire slip can occur when there is code error in the vehicle controller such that diﬀerent torque commands are sent to front axle and rear axle. This type of tire slip is deﬁned as code error tire slip. For instance, one extreme case can be the front motor torque command is positive while the vehicle supervisory controller sends negative torque command to the rear motor.

3.7 GPS based Vehicle Speed and Wheel Speed Sensor Per- formance with Tire Slip

In the AWD EV architecture shown in Figure 3.2, only wheel speed sensors and motor resolvers are used for applying structural analysis, excluding GPS. This is because GPS based vehicle speed doesnt have deterministic relation with either the front wheel speed or the rear wheel speed considering tire slip and wheel speed sensor faults, while in general structural analysis needs deterministic relations among variables and faults to formulate the structural model. However, GPS is commonly utilized for measuring vehicle speed. The GPS performance under vehicle tire slip can be analyzed to determine its roles in resolver fault diagnosis. The longitudinal tire slip is deﬁned by equation 3.43 [142].

ω R − v s = w e veh (3.43) vveh

Where ωw is wheel angular velocity, Re represents tire eﬀective radius, and vveh indicates the vehicle longitudinal speed. The longitudinal tire slip during vehicle launching is simulated on dry tarmac, snowy road and icy road, as shown in Fig- ure 3.12. With the road friction coeﬃcient decreased, the tire slip becomes larger,

86 Figure 3.12: Longitudinal tire slip under different road conditions and vehicle speed profile as well as wheel linear speed profile on icy road

which means the diﬀerence between vehicle speed and wheel linear speed (or wheel speed sensor measurement without sensor fault) increases. The right plot in Fig- ure 3.12 demonstrates the increasing discrepancy between vehicle speed and wheel linear speed on icy road. The GPS based vehicle speed should be close to the wheel speed sensor based wheel linear speed with small tire slip (pseudo smaller than 0.01).

This indicates that GPS can be helpful to detect wheel speed sensor fault when vehicle is driving under normal operation and road condition. However, it also implies wheel speed sensor fault detection can be challenging with intensive tire slip.

3.8 Vehicle Drive Scenarios Analysis

The main objective of this paper is to study the resolver fault detection and isolation considering wheel speed sensor fault and longitudinal tire slip. The following

87 assumptions are made before analyzing diﬀerent vehicle drive scenarios for designing motor resolver fault diagnostic scheme.

1. There will not be faults in two (or more than two) wheel speed sensors simul-

taneously.

2. The left wheel and the right wheel of each axle have the same direction of

rotation.

3. Vehicle is driving in longitudinal direction.

4. Wheel speed sensor fault doesnt occur simultaneously with code error tire slip

or tire slip under extreme road conditions such as snowy road or icy road.

3.8.1 Vehicle Drive Scenario 1

When there is no code error tire slip and no wheel speed sensor fault, the front axle speed should be equal to the rear axle speed except when there is tire slip due to extreme road conditions. However, even with extreme condition tire slip, the front axle speed can still be equal or close to the rear axle speed with uniform road proﬁle. Here the axle speed is the average of the left and the right wheel speed sensor measurement, which has a deterministic kinematic relation with the electric motor

speed for both front axle and rear axle, shown in equation 3.44 and 3.45. ωfaxle and

ωraxle represent the front axle speed and the rear axle speed respectively. With small tire slip under normal road condition and vehicle operation, the front axle speed and the rear axle speed both have deterministic relation with GPS based vehicle speed signal shown in equation 3.46. In this case, either GPS based vehicle speed signal or wheel speed sensor measurement can help detect the motor resolver fault based on

88 equation 3.31 to 3.38. According to equations (3.44), (3.45) and (3.46), we can derive

another four independent analytical redundant relations for FDI based on structural

analysis to the new system. These redundant relations are described as residual

equations in equation (3.47) to (3.50).

ωfl + ωfr ωfm ωfaxle = = (3.44) 2 FDRf

ωrl + ωrr ωrm ωraxle = = (3.45) 2 FDRr

ωfaxle · rtire = ωraxle · rtire = vveh (3.46)

yω + yω r = fl fr · r − v (3.47) ARR1 2 tire veh y + y r = ωrl ωrr · r − v (3.48) ARR2 2 tire veh

yωfm rARR3 = · rtire − vveh (3.49) FDRf

yωrm rARR4 = · rtire − vveh (3.50) FDRr Apparently, the first two analytical redundant relations given in equation (3.47) and (3.48) are affected by not only wheel speed sensor faults but tire slip. This implies the corresponding residual signals generated by these two ARRs can be inaccurate with intensive tire slip on front axle and rear axle. Thus, further analysis is required for determining the tire slip effect on FDI in the AWD EV, which will be discussed in the next section.

3.8.2 Vehicle Drive Scenario 2

When the front axle speed is not consistent with the rear axle speed based on wheel speed sensor measurement, it implies there is potentially intensive tire slip or wheel speed sensor fault. In this case, GPS based vehicle speed signal can be used to

89 further determine whether there is tire slip (due to extreme road conditions or code error) or wheel speed sensor fault. If GPS vehicle speed is not consistent with either the front axle speed or the rear axle speed, there should be intensive tire slip for both front wheels and rear wheels due to extreme road conditions. On the other hand, when GPS vehicle speed signal is consistent with either the front axle speed or the rear axle speed, it means there is code error tire slip or there is a fault in the wheel speed sensors, rendering the other axle speed diﬀerent from GPS based vehicle speed.

3.9 Design of Diagnostic Decision Logic

Based on previous analysis of GPS and wheel speed sensor performance with tire slip given diﬀerent vehicle drive scenarios, the diagnostic decision logic can be formulated in Figure 3.13 for motor resolver diagnosis in the AWD EV architecture.

It should be noticed that there are some limitations from GPS. In some cases, GPS signal may not be accessible, for example, when the vehicle is driving in tunnels.

90 Figure 3.13: Diagnostic decision logic for resolver fault

91 As mentioned before, the acceleration tire slip can be detected by selecting proper threshold for the axle torque so that this speciﬁc type of tire slip tends to occur when the estimated axle torque goes beyond the threshold. Thus, the diagnostic scheme can be applied once there is no acceleration tire slip detected. The ﬁrst step is to check the consistency between the front axle speed and the rear axle speed. If there is no mismatch indicating no occurrence of wheel speed sensor fault, the wheel speed sensor signal can be compared with the motor resolver signal to do resolver fault

FDI. If the front axle speed is not consistent with the rear one, then another cross check is done by comparing GPS vehicle speed signal with both front axle speed and rear axle speed. If both are not consistent with GPS signal within some designed thresholds, then it implies there is tire slip under extreme road conditions with low tire friction coeﬃcient. In this case, wheel speed sensor signal is useful to detect and isolate resolver faults for both the front and the rear motors. Speciﬁcally, if the comparison shows GPS vehicle speed matches with the front axle speed, then the front motor resolver fault FDI can be achieved by comparing the resolver motor speed measurement with the front wheel speed sensor measurements, while the rear motor resolver fault is detected through Sensor voting 1 proposed in Figure 3.13. In Sensor voting 1, if GPS vehicle speed matches with the rear motor resolver measurement, it means there is no rear motor resolver fault while there is a fault in the rear wheel speed sensors. Otherwise, if there is inconsistency between GPS vehicle speed and the rear motor resolver measurement, the rear wheel speed sensor signals can be compared with the rear motor resolver signal to detect a resolver fault in the rear motor. A mismatch indicates the resolver fault no matter whether there is code error tire slip or rear wheel speed sensor fault. A similar decision sequence is included for

92 diagnosing the resolver fault when the GPS signal is consistent with the rear axle

speed instead of the front axle speed, which is also demonstrated in Figure 3.13.

3.10 Residual Design

Based on the proposed diagnostic decision logic in Figure 3.13, equation 3.51 to

3.57 show seven primary residuals r1,r2,r3,r4,r5,r6,r7 designed for motor resolver fault

FDI in all-wheel drive electric vehicles.

yω + yω y + y r = fl fr − ωrl ωrr (3.51) 1 2 2

yωfl +yωfr | 2 · rtire − vveh | r2 = (3.52) vveh

yωrl +yωrr | 2 · rtire − vveh | r3 = (3.53) vveh

yωfm · rtire − vveh FDRf r4 = (3.54) vveh yωrm · r − v FDRr tire veh r5 = (3.55) vveh

yωfm yωfl + yωfr r6 = − (3.56) FDRf 2

yωrm yωrl + yωrr r7 = − (3.57) FDRr 2 The tire radius of each wheel is assumed to be the same and known. In practice, tire radius may be diﬀerent from wheel to wheel due to ambient temperature and diﬀerent tire pressure. Then in this case, the inaccuracy of the resolver diagnosis based on the designed residuals should be expected. r1 is for consistency check between the front axle speed and the rear axle speed. r2 and r3 indicate whether the axle speed

(wheel speed) matches GPS based vehicle speed signal. r4 and r5 are designed based on the relation between resolver motor speed measurement and GPS vehicle speed

93 signal. r6 and r7 are designed to perform cross check between resolver measurement

and wheel speed sensor measurement.

3.11 Residual Evaluation

The seven primary residuals given by equation 3.51 through 3.57 are the prelim-

inary residuals for identifying mismatch among related sensor measurements, which

needs further steps to evaluate the residuals for robustness and accuracy of the re-

solver fault FDI. To avoid false alarms or misdetection, Cumulative Sum (CUSUM)

algorithm and hit crossing detection technique are used to perform residual evalu-

ation. CUSUM algorithm works similarly as an integrator that can reset its value

according to the residual at each sampling time. The goal of CUSUM is to eliminate

the impact of noise to make the diagnostics more robust. The CUSUM algorithm is

introduced in equation 3.58 and 3.59. For each sample xn of the primary residuals, a weight ωn is assigned to it and sum up with the sample at the current step xn as well as the previous sample xn−1 and its weight ωn−1. This gives the secondary residual at the current step Sn. Here, n and n − 1 indicate the nth and (n-1)th step of the CUSUM. Equation 3.58 and 3.59 represent the CUSUM algorithm for detecting change in positive direction and in negative direction respectively. Combining the processes of detecting changes in both positive and negative direction, a revised

CUSUM algorithm is derived in equation 3.60. ( S = 0 0 (3.58) Sn+1 = max(0,Sn + xn − ωn), ∀n ∈ R, n ≥ 0 ( S = 0 0 (3.59) Sn+1 = min(0,Sn + xn − ωn), ∀n ∈ R, n ≥ 0

94 ( S = 0 0 (3.60) Sn+1 = max(0,Sn + xn − ωn) + min(0,Sn + xn − ωn) Hit crossing detection technique is used together with CUSUM for detecting the

oscillations caused by the resolver fault, amplitude imbalance. The fundamental

principle is to ﬁrst set up a threshold for the residual and count the times (hit crossing

times) when the residual crosses the threshold within a period. CUSUM can be used

to take the algebraic sum of the hit crossing times for further evaluation. Once the

CUSUM output exceeds a second threshold, a fault ﬂag is triggered to indicate the

occurrence of a fault. The reason of using hit crossing detection technique is that

the typical motor resolver fault (amplitude imbalance) applies additive sinusoidal

oscillations on the true value of the motor speed. Ideally without sensor noise, the

preliminary residuals r1,r2,r3,r4,r5,r6,r7 should be all equal to zero without sensor

faults. Given motor resolver fault without sensor noise, r4, r5, r6 and r7 should be sinusoidal oscillations with zero mean.

3.12 Simulation Results

Four scenarios are simulated to verify the resolver fault diagnostic scheme, including the diagnostic decision logic, residual design and residual evaluation. Gaussian white noise is introduced in the sensors, including GPS, four wheel speed sensors and two motor resolvers. The noise has zero mean with variance equal to 0.0005. The sampling time in the simulation is 0.01s.

95 Figure 3.14: Residuals with front motor resolver fault and tire slip under extreme road condition

3.12.1 Front Motor Resolver Fault with Tire Slip due to Ex- treme Road Conditions

A vehicle model for the AWD EV architecture is simulated with tire slip to mimic the vehicle driving on snowy road and the front motor resolver fault is injected at

7s. Figure 3.14 shows the residuals response to both tire slip and front motor resolver fault. Both the front wheels and the rear wheels experience intensive tire slip

(greater than 0.1), as shown by residual r2 and r3. Residuals r2,r3,r4,r5 react quickly

96 Figure 3.15: Fault ﬂag with front motor resolver fault and tire slip under extreme road condition

to the tire slip within 0.5s from the beginning of simulation. The sinusoidal oscilla-

tions caused by front motor resolver fault are demonstrated by residuals r4 and r6 instantaneously with the fault injection at 7s. From the designed diagnostic decision logic in Figure 3.13, the resolver faults for both front motor and rear motor can be detected in this case by comparing the resolver measurement with the wheel speed sensor measurement. Figure 3.15 shows the fault ﬂags where the front motor resolver

97 fault is detected by ﬂag 6 at 7.13s. The tire slip triggers ﬂag 2,3,4 and 5 within 0.5s after the tire slip occurs at the beginning of simulation.

3.12.2 Front Motor Resolver Fault with Code Error Tire Slip

Figure 3.16: Residuals with front motor resolver fault and code error tire slip

Another scenario is simulated to include the code error tire slip induced by larger torque command applied to the front motor at 3s, which is shown by residuals r3 and r5 in Figure 3.16. The absolute values of these two residuals increase from 3s implying

98 Figure 3.17: Fault ﬂag with front motor resolver fault and code error tire slip

the increasing mismatch between the rear wheel speed and GPS vehicle speed. To be speciﬁc, the rear wheel tire slip increases largely due to the code error and reaches approximately 0.1 at 10s. Further, the front motor resolver fault is introduced at

7s, aﬀecting residuals r4 and r6. In Figure 3.17, the front motor resolver fault is detected by ﬂag 4 and 6 within 0.01s and 0.31s respectively through comparison between the front motor resolver measurement with either the front wheel speed sensor measurement or GPS vehicle speed signal.

99 3.12.3 Front Motor Resolver Fault and Front Wheel Speed Sensor Fault

Figure 3.18: Residuals with front motor resolver fault and front wheel speed sensor fault

The third scenario corresponds to the detection of front motor resolver fault (amplitude imbalance at 7s) and its isolation with front wheel speed sensor fault (constant bias of 15o at 3s) without the abovementioned two types of tire slip. Figure 3.18 presents all the residuals responses to the resolver fault and wheel speed sensor fault, where residuals r1 and r2 indicate the inﬂuence of the front wheel speed sensor fault

100 Figure 3.19: Fault ﬂag with front motor resolver fault and front wheel speed sensor fault

and residuals r4 and r6 are mainly responsible for the front motor resolver fault.

According to the designed diagnostic decision logic in Figure 3.13, when GPS vehicle speed is consistent with the rear axle speed but not consistent with the front axle speed, the front motor resolver fault can be detected by comparing the resolver measurement with both the GPS vehicle speed and the front wheel speed sensor measurements. With tuned threshold, the front motor resolver fault is detected by ﬂag 4 and ﬂag 6 within 0.13s, as shown in Figure 3.19.

101 3.12.4 Front Motor Resolver Fault without Tire Slip or Wheel Speed Sensor Fault

Figure 3.20: Residuals with front motor resolver fault

When there is neither tire slip (tire slip under extreme road conditions or code error tire slip) nor wheel speed sensor fault, the resolver fault detection is straightforward.

If the residuals r1, r2 and r3 dont have anomaly which triggers the corresponding fault

ﬂag, it means the wheel speed sensors are all in healthy condition without faults and the tire slip is small enough to be neglected in terms of resolver fault diagnosis. Thus,

102 Figure 3.21: Fault ﬂag with front motor resolver fault

the front motor resolver fault can be detected by comparing the resolver measurement with the front wheel speed sensor measurements. In Figure 3.20, only residuals r4 and r6 have anomaly with oscillations when the front motor resolver fault is introduced at

7s, demonstrating the mismatch between the front motor resolver measurement and the front wheel speed measurement as well as GPS vehicle speed measurement. In this case, ﬂag 4 and ﬂag 6 help detect the fault within 0.01s and 0.14s respectively as shown in Figure 3.21.

103 3.13 Conclusion

In this section, a diagnostic decision logic for motor resolver fault in AWD EV is proposed based on system structural analysis. Different types of tire slip are analyzed for designing reasonable and feasible diagnostic strategy. Moreover, two vehicle drive scenarios are described considering tire slip, wheel speed sensor fault and resolver fault. According to these drive scenarios, a diagnostic decision logic is designed. Seven preliminary residuals are generated based on the decision logic to determine mismatch among different sensor signals. The residuals are evaluated by a revised CUSUM algorithm and threshold detection for robustness and accuracy of fault detection and isolation. Finally, the simulation results verify that the designed diagnostic scheme can accurately and efficiently detect and isolate the resolver fault and wheel speed sensor fault regardless of sensor noise and tire slip.

104 Chapter 4: Diagnosis of Electric Traction Drive Resolver Fault in Electriﬁed Powertrain

With the applications of modern technologies including regenerative brakes, electric vehicles (EVs) and hybrid electric vehicles (HEVs) are becoming more and more popular in the automotive industry due to their high eﬃciency and fuel economy.

Thus, the electric motor, especially PMSM, is being widely used in the EVs/HEVs.

Choosing the PMSM is because of its high torque density (high torque per frame size) and easy heat dissipation. It’s also reliable for the automotive applications in absence of brushes and commutator. And brushless motor control system provides availability for applications requiring variable speed including the motor control system in EVs/HEVs. Among these applications, an accurate and precise position signal is necessary for the motor to deliver exact amount of torque as requested by the supervisory controller. For this purpose, position sensing technology is introduced with diﬀerent types of sensors such as resolver and encoder. In the recent years, resolvers are broadly used in the automotive applications as position sensor due to its robustness and reliability [143, 137]. The resolver output is normally sinusoidal waveform at carrier frequency with sine and cosine envelop. The resolver-to-digital (R/D) converter is usually used together with the resolver to determine the absolute rotor position. However, position error can occur during normal operation of the resolver.

105 Typical position error results from amplitude imbalance, quadrature imperfection, reference phase shift and inductive harmonics [144, 145]. Several methods and techniques are used to avoid the position error due to resolver fault. Some studies are focused on the eﬀect of the position error on the position measurement itself, without investigating the fault propagation in the PMSM drives and electriﬁed powertrain

[137, 144]. There is no reference in the open literature focusing on detecting resolver fault in a systematic way. This problem was addressed in part in Chapter 3 for the case of a pure EV, but there are other questions that arise in connection with hybrid architectures that are covered in this chapter.

In this chapter, the problem of diagnosing the resolver fault is extended to the P2 hybrid powertrain architecture, which is discussed with consideration of the system operational modes in section 4.1. The methodology applied in this case study is given in Figure 4.1. The electric motor (EM) controller and vehicle supervisory controller require motor speed information for EM control and vehicle traction control. Thus, an accurate electric motor speed measurement is significantly important while the measurement can be inaccurate due to resolver faults. To ensure functional safety in the P2 hybrid electric vehicles, the system needs redundancy in electric motor speed information. In particular, analysis on the system operating modes indicates the necessity of detecting the resolver faults and estimating the electric motor speed especially during vehicle launch, when the engine is disconnected from the powertrain and the torque converter is unlocked. In Chapter 3, resolver FMEA and resolver fault effects on PMSM drive system have been studied. To quantify the resolver fault effects on a P2 hybrid powertrain, the resolver faults are simulated using a resolver fault model and a hybrid powertrain simulator, as given in section 4.2. Based on

106 the system model and fault model, the diagnostic requirements are determined by structural analysis in section 4.3, which suggests the suﬃciency of modeling torque converter for resolver fault diagnosis. Since the torque converter provides time-varying coupling between the EM and the transmission, its dynamics are important. In section 4.4, a dynamic model of the torque converter is used to estimate motor speed from motor torque request and turbine speed measurement. The torque converter model is calibrated using experimental data from a test bench. In section 4.5, the diagnostic strategy is designed for resolver fault detection, followed by fault tolerant control strategy. To verify the eﬃcacy of the diagnostic strategy, model-in-the-loop simulation is performed, augmented by experimental data.

Figure 4.1: First four steps of the V diagram for electric traction drive resolver FDI in P2 hybrid electric vehicles

107 4.1 Hybrid Electric Vehicle Powertrain

The second application area considered in this dissertation concerns structural

FDI of hybrid electric powertrain for torque security. Torque security, as part of the functional safety standard, imposes new challenge to the safety requirement of the hybrid electric vehicles. And the electric traction drive position and speed sensor, resolver, is our focus to address the torque security problem in the hybrid electric vehicle powertrain.

Figure 4.2: P2 hybrid powertrain conﬁguration

The P2 hybrid powertrain configuration is depicted in Figure 4.2. The internal combustion engine is connected to motor shaft through a dual mass damper and a disconnect clutch, with a torque converter providing both torque multiplication and damping for the engine torque and the motor torque. Further, a multi-speed transmission and a final drive transfer the torque to wheels. This powertrain can have four different structures during operation: 1) engine is connected to the powertrain and

108 torque converter lockup clutch is open; 2) engine is connected and torque converter is locked; 3) engine is disconnected with torque converter lockup clutch open; 4) engine is disconnected with locked torque converter. In the case of engine connected to the powertrain, the crankshaft speed sensor provides redundancy for detecting resolver faults. In addition, when the torque converter is locked, the motor speed is equal to the turbine speed, which is measured by the transmission input shaft sensor giving redundancy for diagnosing the resolver faults. However, resolver fault diagnosis becomes challenging when the engine gets disconnected from the powertrain and the torque converter is unlocked. This condition occurs, for example, during a launch event in EV mode; in this case, the engine crankshaft speed sensor cannot be used to provide a redundant measurement of motor speed and, because the torque converter is unlocked, the turbine speed is no longer equal to the motor speed due to slip. Thus, we need redundancy in the motor speed information for resolver fault diagnosis.

4.2 Simulation of Resolver Fault Eﬀects in P2 Hybrid Pow- ertrain

As shown in Figure 4.3, in the P2 hybrid powertrain architecture, engine is connected to electric motor by mechanical clutch. From powertrain control perspective,

∗ ∗ the engine torque request Teng and motor torque request Te are generated by the supervisory controller based on the driver inputs, which are the accelerator pedal position and brake pedal position. The engine and electric motor are required to produce and deliver the torque as requested to the driveline [146].

In Chapter 3, we have modeled the resolver fault and simulated its eﬀects in

PMSM drive system. In addition, the resolver fault eﬀects on electric motor control have been analyzed in section 3.3.2. In this section, we simulate the resolver fault

109 Figure 4.3: P2 hybrid powertrain architecture

effects in the electrified powertrain using a P2 hybrid powertrain simulator. In the simulator, a combustion engine, PMSM drive system, torque converter, final drive and differential are modeled to describe the powertrain dynamics. The resolver fault is injected in the simulation based on resolver FMEA given in Chapter 3. As there are two modes of electric motor control, torque control and speed control, we analyze the resolver fault effects in these two modes separately. The fault impact on system safety and performance can be different with the two different control objectives.

4.2.1 Motor Torque Control.

The accelerator pedal position shown in Figure 4.4 is used to simulate the resolver fault effect under motor torque control. The amplitude imbalance takes effect by affecting the motor speed measurement accuracy. As mentioned in the previous section, the measured motor speed oscillates given amplitude imbalance in the resolver output signals, which is consistent with the result shown in Figure 3.6. Under the motor speed oscillation, the motor torque also oscillates since the torque request

110 Figure 4.4: Accelerator pedal position for simulating vehicle launching process

is a monotonic function of the measured motor speed under torque control. Speciﬁ- cally, Figure 4.5 illustrates the motor torque oscillation when amplitude imbalance is injected at 2s, where ’Healthy’ means the resolver is in normal operation and ’Faulty’ indicates the occurrence of the amplitude imbalance. In the simulation, the electric motor is assumed to generate the same amount torque as requested, neglecting the eﬀect of amplitude imbalance on the torque generation. In the zoomed in plot, the motor torque is showing sawtooth curve because the torque request generation in this case is using a map, embedded with a discontinuous function of the measured motor speed. Regarding the motor speed, Figure 4.6 illustrates that the motor speed

111 Figure 4.5: Motor torque proﬁle given amplitude imbalance under motor torque control

increases more slowly in the faulty case. There are no oscillations from the speed pro-

file since the mechanical inertia and torque converter fluid dynamics provide enough damping as a low-pass filter to resist the high frequency torque oscillations.

4.2.2 Motor Speed Control.

In motor speed control, the control objective is to track a reference motor speed such that the diﬀerence between the measured motor speed and the reference motor speed is taken as the input to the PI controller for generating the proper torque request. Based on the previous analysis, the measured motor speed should oscillate so that the motor torque should also experience oscillations. This conclusion can be

112 Figure 4.6: Motor speed proﬁle given amplitude imbalance under motor torque control

veriﬁed from the simulation result shown in Figure 4.7. For our motor conﬁguration, the absolute maximum torque is 250[Nm] and the reference motor speed is assigned to be 600[rpm] as its idle speed. As shown in Figure 4.8, when the amplitude imbalance is injected at 2s, the real motor speed begins to oscillate due to the torque oscillations.

High frequency components of the motor torque are ﬁltered out by the driveline damping eﬀect so that the motor speed oscillations are not severe in terms of the amplitude. However, the motor torque and speed oscillations should cause more intensive torsional vibration of the motor shaft than normal operation. The reliability of motor and bearing could hence experience degradations, though the failure modes

113 Figure 4.7: Motor torque proﬁle given amplitude imbalance under motor speed control

of the motor and its accessories under this condition are beyond the scope of this paper.

4.3 Structural Analysis for Resolver Fault Detection

The system model of Figure 4.2 is given by equation 4.1 to equation 4.11 for the scenario when the engine is disconnected from the powertrain and the torque converter lockup clutch is open. Equation 4.1 describes the dynamics of the lumped inertia of ¯ the motor shaft (Jm) and torque converter impeller, Jm, where τe, τi and τp represent the motor electrical torque, impeller torque and motor load torque from the transmission oil pump, respectively. Equation 4.2 indicates the dynamics of the lumped

114 Figure 4.8: Motor speed proﬁle given amplitude imbalance under motor speed control

inertia of turbine, transmission gears, ﬁnal drive, diﬀerential and wheels, (Jt), where

τt and τr are the transmission input torque (turbine torque) and road load torque ap-

plied on wheels. Rt and Rf are the transmission gear ratio and ﬁnal drive gear ratio

respectively. Equation 4.3 represents the kinematic relation between turbine speed

(ωt) and transmission output shaft speed (ωos). Equation 4.4 describes the kinematic relation between the transmission output shaft speed ωos and the axle speed

ωa. Equation 4.5 to equation 4.8 are related to the corresponding sensor measure-

ments (yωos ,yωa ,yωi ,yωt ). Particularly, in equation 4.7, we denote by fωi the resolver fault, which aﬀects the accuracy in measuring the motor speed ωi. While the fault is modeled as an additive oﬀset, this form can be generalized to capture faults of other

115 form such as gain. Equation 4.9 and 4.10 describe the derivative causality of the

motor speed ωi and turbine speed ωt, respectively. Equation 4.11 gives the relationships among the motor speed, turbine speed and motor torque, with f representing

that the motor speed as a function of the turbine speed and impeller torque. From

Figure 4.2, it is obvious this function depends on the torque converter characteristics.

At this phase, it is assumed this function f and the impeller torque τi are known.

¯ e1 : Jmω˙ i = τe − τi − τp (4.1)

¯ τr e2 : Jtω˙ t = τt − (4.2) Rt · Rf

e3 : ωt = Rt · ωos (4.3)

e4 : ωos = Rf · ωa (4.4)

e5 : yωos = ωos (4.5)

e6 : yωa = ωa (4.6)

e7 : yωi = ωi + fωi (4.7)

e8 : yωt = ωt (4.8) dω e :ω ˙ = i (4.9) 9 i dt dω e :ω ˙ = t (4.10) 10 t dt

e11 : ωi = f(ωt, τi) (4.11)

As mentioned before, these equations do not address the situation of torque being transmitted across the engine disconnect clutch nor the torque converter lockup clutch. Those situations can be diagnosed according to the physical redundancy provided by engine crankshaft speed sensors and the torque converter lockup clutch,

116 respectively, considering the system at steady state. Further, these situations are not

in the scope of this paper since the focus is on diagnosing the resolver fault during ve-

hicle launch event with engine disconnected from the powertrain and torque converter

lockup clutch open. Given the system equations, we apply structural analysis to de-

termine the detectability of the resolver fault by extracting the structural information

contained in the system model, i.e. the interrelations between variables and equa-

tions [107]. The structural model by incidence matrix is shown in Figure 4.9, where

the system variables are classiﬁed into three categories: unknown variables, fault and

known variables. Each dot indicates a variable appearing in a speciﬁc equation, while

I and D represent the integral causality and derivative causality, respectively. The

only fault considered is the resolver fault fωi given in equation 4.7.

Recall the deﬁnition of fault detectability in Chapter 2, a fault is detectable if it belongs to the over-determined part of the system.The DM decomposition result of the P2 hybrid powertrain system is given in Figure 4.10. It can be seen the resolver fault is in the over-determined part after the decomposition since there are 4 unknown variables and 7 equations in the subsystem indicated by the blue box at the lower

right corner of the entire matrix, with fωi representing the resolver fault. Thus, the resolver fault is detectable in this case, presuming the function f and impeller torque

τi given in equation 4.11 are known. To verify the role of this function for resolver fault diagnosis, structural analysis is applied to the original system equations without equation 4.11. The new structural model and DM-decomposition result are shown in Figure 4.11 and Figure 4.12. The results show that the resolver fault becomes undetectable. Thus, the relationship of the motor speed, turbine speed and impeller torque described by equation 4.11 is necessary for diagnosing the resolver faults in a

117 P2 hybrid powertrain, with an open torque converter lockup clutch and the engine disconnected from the powertrain. It should be noticed that the motor speed is equal to the turbine speed when the torque converter is locked, which makes the function f straightforward. However, with an open torque converter (lockup clutch is open), this kinematic relation does not exist considering the torque converter slip.

Figure 4.9: Structural model of P2 hybrid powertrain in EV mode with open torque converter

Based on the structural analysis, the system has one MSO set given by the set of three equations, equation (4.8), (4.7) and (4.11). Equation (4.7) can be treated as the analytical redundant relation for residual generation. The corresponding computation sequence is given by C in equation (4.12).

C = {(e8, ωt), (e11, ωi), (e7, 0)} (4.12)

118 Figure 4.10: DM decomposition of P2 hybrid powertrain system in EV mode with open torque converter

Figure 4.11: Structural model of P2 hybrid powertrain without equation 4.11

119 Figure 4.12: DM decomposition of P2 hybrid powertrain without equation 4.11

It is obvious that the relationship among the impeller torque τi, the motor speed

ωi and the turbine speed ωt, given by e11 needs to be determined to implement the

above computation sequence. In other words, the function f in equation (4.11) needs

to be deterministic, which captures the torque converter characteristics with an open

lockup clutch. Thus, the torque converter characteristics need to be modeled for

estimating the motor speed ωi, which is also a critical step given in the computation

sequence C from structural analysis. In the next section, we describe the modeling,

calibration of the torque converter and its use in motor speed estimation.

4.4 Torque Converter Modeling for Motor Speed Estimation

In this section, we focus on torque converter modeling to determine the function f in equation 4.11 for motor speed estimation and resolver fault diagnosis. To capture not only steady state response but transient response of a torque converter, a dynamic

120 model is required to identify the impeller/motor shaft rotational dynamics, turbine rotational dynamics and fluid dynamics in a torque converter. Three different operating modes of the torque converter should be modeled including torque amplification mode, fluid coupling mode and reverse mode.

Figure 4.13: Torque converter assembly

It is important to ﬁrst understand the torque converter structure and working principle. A torque converter consists of three components, impeller, turbine and stator, as shown in Figure 4.13 [147]. The torque converter has three operating

121 Figure 4.14: Torque converter assembly

modes: torque multiplication mode, fluid coupling mode, reverse flow mode. The three modes switch among one another at different speed ratio, defined as the ratio between turbine speed and impeller speed. In the torque multiplication mode, the speed ratio is smaller than the coupling point, typically around 0.9. In this mode, the stator is fixed and its rotational speed is zero. The property of the fluid helps multiply the impeller torque to accelerate the vehicle. When the speed ratio reaches the coupling point, torque converter enters fluid coupling mode, in which the speed

122 Figure 4.15: Torque converter schematic

ratio and torque ratio (ratio between turbine torque and impeller torque) are close to one. During the coupling range, the stator freely rotates and the stator torque is equal to zero, which implies the impeller torque is no longer multiplied by the ﬂuid dynamics. In the case of torque converter speed ratio above one, for example during engine braking, vehicle coasting or with road bumps, the turbine drives the impeller shaft and the ﬂow direction is reversed. The stator overruns, and the impeller torque is equal to the turbine torque [148]. The torque converter dynamics model is given in the appendix B, which incorporates all three operating modes of a torque converter. In

123 Figure 4.16: Impeller and turbine torque estimation with and without stator rotational dynamics

this model, the torus ﬂow rate is modeled using conservation of energy. The rotational dynamics of the impeller, stator and turbine are modeled based on conservation of momentum. The power ﬂow in a torque converter is demonstrated in Figure 4.15

[147]. Moreover, a torque converter can be characterized by several performance metrics. These include capacity factor, eﬃciency and torque ratio as functions speed ratio (turbine speed over impeller speed). The behavior of these characteristics with the change in torque converter speed ratio is illustrated in Figure 4.14.

124 Figure 4.17: Impeller torque estimation error without stator rotational dynamics

In the use of the torque converter dynamics model, the stator rotational dynamics can sometimes be neglected for model simplification. In particular, in fluid coupling mode and reverse flow mode, the stator speed is close or equal to the impeller speed while the stator torque is close or equal to the turbine torque. Thus, it is reasonable to neglect the stator rotational dynamics for fluid coupling and reverse flow mode. To evaluate the validity of the simplification, we focus on the impeller torque estimation error when neglecting the stator dynamics. In Figure 4.16, the impeller torque and

125 turbine torque estimated by the torque converter model are not greatly aﬀected without considering the stator dynamics. Further, the estimation error of the impeller torque is given in Figure 4.17. It shows the estimation error mainly exists during

fluid coupling and reverse flow mode. The estimation error is within acceptable range considering the criticality of these two operating modes in terms of vehicle safety and performance. Especially for this case study, the focus is on the torque multiplication mode during vehicle launching process. Thus, the choice of this simplified torque converter model is feasible.

Once the torque converter model ﬁdelity is determined from the above simpli-

ﬁcation, we need to calibrate the model so that the characteristics of the model matches experimental data of the physical torque converter for later use in motor speed estimation. In the calibration of a torque converter model, there are several design parameters that are important in describing the torque converter characteristics. These parameters include mean radii and blade angles at impeller, turbine and stator exits. Understanding the parametric sensitivity of the torque converter model not only helps model calibration but provides guidance for torque converter design.

In this section, we analyze the sensitivity of the torque converter dynamics model to these design parameters through simulation. The focus is on torque multiplication, characterized by the relation between torque ratio and speed ratio; torque converter eﬃciency and capacity factor. In particular, as one of the describing characteristics of a torque converter, the capacity factor is deﬁned in equation 4.13. It describes the relationship between the motor speed/impeller speed ωi and the impeller torque

τi. Regarding the ﬁrst step in the process of parametric analysis, the torque ratio is evaluated as a function of speed ratio with diﬀerent radii of the impeller, turbine

126 (a) Torque ratio vs. speed ratio with diﬀerent (b) Torque ratio vs. speed ratio with diﬀerent impeller radius turbine radius

Figure 4.18: Sensitivity analysis of torque ratio vs. speed ratio with diﬀerent radius of impeller, turbine and stator

127 (a) Efficiency vs. speed ratio with different im- (b) Efficiency vs. speed ratio with different tur- peller radius bine radius

Figure 4.19: Sensitivity analysis of torque converter eﬃciency vs. speed ratio with diﬀerent radius of impeller, turbine and stator

128 (a) Capacity factor vs. speed ratio with diﬀerent (b) Capacity factor vs. speed ratio with diﬀerent impeller radius turbine radius

Figure 4.20: Sensitivity analysis of torque converter capacity factor (K factor) vs. speed ratio with diﬀerent radius of impeller, turbine and stator

129 (a) Torque ratio vs. speed ratio with diﬀerent (b) Torque ratio vs. speed ratio with diﬀerent impeller radius turbine radius

Figure 4.21: Sensitivity analysis of torque ratio vs. speed ratio with diﬀerent radius of impeller, turbine and stator

130 (a) Efficiency vs. speed ratio with different im- (b) Efficiency vs. speed ratio with different tur- peller radius bine radius

Figure 4.22: Sensitivity analysis of torque converter eﬃciency vs. speed ratio with diﬀerent radius of impeller, turbine and stator

131 (a) Capacity factor vs. speed ratio with diﬀerent (b) Capacity factor vs. speed ratio with diﬀerent impeller radius turbine radius

Figure 4.23: Sensitivity analysis of torque converter capacity factor (K factor) vs. speed ratio with diﬀerent radius of impeller, turbine and stator

132 and stator, shown in Figure 4.18, at low speed ratio, the torque ratio decreases with increase in impeller radius or with decrease in turbine and stator radii. Ri, Rt and

Rs represent the radius of the impeller, turbine and stator, respectively. The effects of radius change on torque ratio become opposite at higher speed ratio. Similarly for torque converter efficiency, with increase in impeller radius or decrease in turbine and stator radii, the efficiency decreases at relatively low speed ratio. At higher speed ratio, the effects are reverse, illustrated in Figure 4.19. In addition, the radii of these torque converter components impose transparent impact on capacity factor or K factor, as shown in Figure 4.20. The capacity factor is reduced when increasing radius of the impeller or turbine. While decreasing the stator radius renders K factor decreased. The corresponding effects on torque multiplication, efficiency and K factor from different exit blade angles are given in Figure 4.21, 4.22 and 4.23. Regarding torque multiplication, larger impeller exit angle leads to smaller torque ratio under same speed ratio, while increasing or decreasing the exit angle of either turbine or stator from its nominal design value weakens the torque multiplication capability.

In terms of torque converter efficiency, the impeller exit angle does not have much impact. On the other hand, increase in the turbine exit blade angle renders the torque converter less efficient. For stator exit blade angle, any deviation from its nominal value decreases the efficiency of the torque converter. As to capacity factor, increasing the impeller or turbine exit blade angle reduces the capacity factor while the stator exit blade angle plays the opposite role. Overall, the capacity factor is the most sensitive characteristic of a torque converter with change in these design parameters. Meanwhile, the capacity factor is a significant characteristic for motor speed estimation since an accurate estimation requires accurate modeling of the capacity

133 factor as it fundamentally describe the relation between impeller torque and impeller

speed (motor speed). This implies the torque converter needs to be well calibrated

especially with respect to the capacity factor in order to achieve accurate motor speed

estimation. The model calibration is performed based on the parametric sensitivity

analysis and the details of model calibration are omitted here as they are not the

focus of this dissertation. ω K = √ i (4.13) τi With properly calibrated torque converter dynamic model, motor speed can be

estimated based on the impeller torque and measured turbine speed as represented

in equation 4.14.

ωˆi = f(yωt , τi) (4.14)

Since measuring the impeller torque τi is cost-ineﬀective and not always applicable considering the challenging operating environment of the hybrid powertrain, motor

∗ torque command τe can be used as a surrogate to estimate the motor speed as in equation 4.15:

∗ ωˆi = f(yωt , τe ) (4.15)

Equation 4.15 holds based on the following assumptions:

∗ 1. The motor torque request τe is close to the actual motor torque τe.

2. The motor torque τe is close to the impeller torque τi, which means the trans-

mission main oil pump torque τp is negligible compared to the motor torque.

3. Turbine speed measurement yωt is accurate.

To verify the model accuracy in predicting the capacity factor of the torque con-

verter, the relationship between the capacity factor and torque converter speed ratio

134 (between turbine speed and impeller/motor speed) is shown in Figure 4.24. Specif- ically, the capacity factor determined from the torque converter model is compared with the experimental data as a part of the model validation process. It shows the capacity factor derived from the torque converter model matches well with the experimental data when the speed ratio is in the range less than 0.85. But the capacity factor tends to inﬁnity when the speed ratio approaches 1, in which the torque converter is typically in ﬂuid coupling mode. Obviously, there is expected to be some modeling error when the speed ratio exceeds 0.85, which is shown by the discrepancy between blue solid line (experimental data) and red dashed line (torque converter model simulation data) in Figure 4.24.

To verify whether the ﬁrst assumption is reasonable in this case, the motor torque

τe is estimated from experimental data and compared with the motor torque request

∗ τe , which is used to estimate the motor speed, as shown in Figure 4.25. The data points in Figure 4.25 have been normalized to bring all values into the range [-1,1] to relate with the torque converter speed ratio indicated by light blue dotted line.

For this testing scenario where the vehicle is at launching process, the motor torque request matches well with the motor torque estimate especially when the torque converter is in torque ampliﬁcation mode, away from where the speed ratio increases before approaching 0.95.

The other two assumptions can be veriﬁed by validating the torque converter model. The validation is performed by comparing the motor speed measurement from experiments with the estimated motor speed based on the torque converter model. Since the driving scenario of interest is during vehicle launch, the experiments are performed with an open torque converter lockup clutch to ensure smooth driving

135 Figure 4.24: Capacity factor comparison between experimental data and torque converter model

torque transfer in the vehicle powertrain. In Figure 4.26, it shows the estimated motor speed based on torque converter model keeps up well with the measured motor speed, which indicates the accuracy of the model-based motor speed estimation. It can be noticed that the model is undershooting the 600 rpm lower limit when the motor is at idle speed. This is because the actual motor torque is greater than the motor torque request/command during motor idle speed control as shown in Figure 4.25. The maximum motor speed estimation error is 403.3[rpm] at 3.02[s] and the root mean

136 Figure 4.25: Comparison between motor torque estimate and motor torque request

square error is 45.7[rpm]. It is clear the motor torque request is much larger than the actual motor torque at the beginning of the vehicle launch event at 3.02[s], which renders the motor speed estimation inaccurate. This could be improved by reﬁning motor control strategy, which is out of the scope of this paper. However, based on the observations in Figure 4.25, the error between motor torque request and actual motor torque becomes signiﬁcantly smaller after 3.02[s]. This implies the diagnosis can be applied after certain period, in this case 3.02[s], during the vehicle launch event to

137 Figure 4.26: Torque converter model validation through comparison between measured motor speed and estimated motor speed

ensure the accuracy of diagnostic decision. In Figure 4.27, the scatterplot of motor speed estimate and measured motor speed indicates the motor speed estimation error is relatively large when the motor speed is lower than the idle speed, 600 rpm, due to the diﬀerence between motor torque request and actual motor torque. However, our focus is on applying diagnostics when the motor speed exceeds the idle speed and the motor torque is ampliﬁed and transferred through the torque converter and

138 Figure 4.27: Scatterplot of motor speed estimate vs. motor speed measurement

transmission to wheels. During torque amplification, the resolver faults could have more impact on the vehicle performance and safety compared with the scenario when the motor is at idle speed. In addition, the torque converter characteristics changes due to fluid density change under temperature variation. To evaluate the influence of fluid density change on motor speed estimation, we calculate the motor speed estimation error statistics through simulation with different fluid density, as given in

Table 4.1. It shows the root-mean square error of the motor speed estimate is within

139 Fluid density (gm/cc) Root-mean-square error (rpm) ρ=0.79 60.94 ρ=0.81 59.29 ρ=0.83 58.37 ρ=0.85 57.81 ρ=0.87 57.73

Table 4.1: Motor speed estimation error statistics with diﬀerent transmission ﬂuid density

acceptable range and does not change much with ﬂuid density variation. The overall performance of the motor speed estimation based on the torque converter model is satisfactory in terms of estimation accuracy and robustness to temperature change.

4.5 Electric Traction Drive Resolver Fault Diagnostic Strat- egy

Figure 4.28: Resolver fault diagnostic strategy

140 The diagnostic strategy for detecting the resolver fault is shown in Figure 4.28,

where the resolver fault is detected based on the residual developed by subtracting

∗ the estimated motor speed ωi from the measured motor speed yωi . τe and τi repre-

sent motor torque request and impeller torque, respectively, while τt is the turbine

torque or the load torque applied to the torque converter. ωi is the real motor speed.

Diagnostic decision making is implemented using adaptive threshold detection and

the cumulative sum (CUSUM) algorithm [149]. The adaptive threshold for the n-th

sample of the residual ηn is given in equation 4.16, where ηoffset is an oﬀset to com-

pensate for resolver measurement noise. G · ωˆi represents the estimated motor speed

ωi multiplied by a constant gain G. The oﬀset ηoffset and the gain G are determined through calibration. The logic of this design is based on the resolver fault mechanism, in which the resolver fault induced motor speed measurement error is in the form of oscillations with magnitude proportional to the real motor speed ωi (approximated by the estimated motor speedω ˆi). Further, the CUSUM algorithm, given by equation 4.18, is applied to take the running sum of the threshold detection outputs. Since the threshold detection outputs are always non-negative in our case, the algorithm given in equation 4.18 is chosen to detect the change in the positive direction. xn represents the threshold detection output at the n-th sample time, which is determined by equation (4.17). Where sn represents the residual at the n-th sample time.

Through calibration, a ﬁxed threshold can be utilized to make a diagnostic decision based on the CUSUM result given by Sn, representing the running sum of xn at the n-th sample time.

ηn = ηoffset + G · ωˆi (4.16)

xn = sn − ηn (4.17)

141 ( S = 0 0 (4.18) Sn+1 = max(0,Sn + xn), ∀n ∈ R, n ≥ 0

Figure 4.29: Resolver fault tolerant control strategy

As shown in Figure 4.29, fault tolerant control can be further applied once the resolver fault is detected such that the motor speed measurement from the resolver is replaced by the estimated motor speed from the torque converter model. That is, depending on the resolver fault diagnostic decision, the vehicle supervisory controller receives either the resolver measurement or the estimated motor speed. As a result, the potential vehicle performance degradation or safety issues could be avoided in the presence of resolver faults.

To simulate faulty operation, we inject amplitude imbalance and quadrature imperfection faults to the experimentally measured motor speed in healthy condition.

To simulate the diagnostic strategy, this faulty data is input to the high-ﬁdelity simulation. Speciﬁcally, in Figure 4.28, the motor delivers impeller torque τi to the

142 ∗ torque converter (plant) given motor torque request τe , which is independent of the motor speed measurement from the resolver. The real motor speed/impeller speed

ωi depends on the impeller torque τi, the turbine torque τt and the torque converter

characteristics. The experimentally measured motor speed signal in healthy condition

contains the information of the real motor speed ωi and measurement noise. Since online fault injection may result in some unforeseen situations, the motor speed mea-

surement in faulty condition yωi is mimicked oﬄine in the simulation environment by introducing resolver faults to the experimentally measured motor speed signal. Based on equation (3.16) and equation (4.7), this fault injection process is used to validate the proposed diagnostic strategy through model-in-the-loop simulation, augmented by the experimental data of the resolver measurement.

Figure 4.30: Motor speed measurement with resolver fault

143 The faulty data of the motor speed measurement yωi is used in simulation with

the torque converter model and the diagnostic algorithm implemented in MAT-

LAB/Simulink. Figure 4.30 shows the resolver fault injection in the experimentally

measured motor speed proﬁle. It can be seen the amplitude imbalance and quadra-

ture imperfection faults are injected at 50[s] in the form of motor speed measurement

oscillations. Also, the magnitude of the oscillations is related to the value of the

experimentally measured motor speed in healthy condition, depicted by the black

dashed line. Higher motor speed leads to larger magnitude of the oscillations.

Figure 4.31: Adaptive thresholds and residual signals

Figure 4.31 shows the simulated diagnostic results including the adaptive thresholds and the residual signals. The residual in faulty condition is plotted by red solid line with oscillations starting at 50[s] when the resolver faults are injected. The residual signal prior to fault injection is not exactly equal to zero because of modeling error

144 and measurement noise. The two adaptive thresholds, a positive one (yellow dash- dotted line) and a negative one (purple dotted line), are used for threshold detection based on equation (4.28). Moreover, Figure 4.32 demonstrates that the CUSUM result in faulty case depicted by green dotted line continuously increase from 50[s] due to the resolver faults. Through calibration, the adaptive threshold and CUSUM algorithm can help avoid false alarms with reasonable fault detection time, 0.5[s] in this case, as can be seen from the fault ﬂag depicted by blue solid line in Figure 4.32. The

Figure 4.32: CUSUM results and fault ﬂag

145 Figure 4.33: Motor speed measurement with fault tolerant control

motor speed measurement with fault tolerant control is shown in Figure 4.33. The motor speed measurement from the resolver without fault tolerant control is depicted in blue dash-dotted line, in which the measurement becomes highly oscillated in the presence of the resolver fault from 50s. When the fault is detected at approximately

50.5[s], the fault tolerant control replaces the motor speed measurement from the resolver with the motor speed estimate from the torque converter model, the latter indicated by the red dash-dotted line. It is clear the motor speed measurement with fault tolerant control is more accurate with respect to the real motor speed (yellow dashed line), compared with the case without fault tolerant control.

4.6 Conclusion

This chapter presents a diagnostic methodology for detecting resolver faults in electric traction drive by estimating the motor speed based on a torque converter

146 model. Resolver-to-digital conversion is explained for analyzing resolver failure modes.

Further, the resolver fault propagation is studied in a P2 hybrid powertrain simulator, which shows the motor torque oscillations as the result of the resolver faults. With structural analysis applied on the P2 hybrid powertrain architecture, it is suggested that using a torque converter model is suﬃcient to derive analytical redundancy for generating a residual to detect the resolver faults. This process proves the convenience and eﬀectiveness of structural analysis in analyzing interconnections between variables and faults with variable system structure, which helps diagnostic strategy design. In order to generate a residual for the real world application, a torque converter model implemented in MATLAB/Simulink is calibrated and validated through experimental data. The results show the torque converter model has good performance in the motor speed estimation, using as inputs motor torque request and turbine speed measurement. A diagnostic strategy is designed based on the residual generator which compares the measured motor speed from the resolver with the estimated motor speed from the torque converter model. The diagnostic decision is made by an adaptive threshold detection and the CUSUM algorithm. To verify the diagnostic strategy, resolver faults of interest, amplitude imbalance and quadrature imperfection, are injected in the motor speed measurement data from experiments.

Based on the simulation results, the residual is highly responsive to the resolver faults.

The adaptive threshold and the CUSUM algorithm work well in detecting the resolver faults accurately and robustly, in the presence of modeling error and measurement uncertainty. The proposed methodology can also be applicable to other types of faults in a resolver that may lead to inaccurate motor position and speed measurement.

147 Chapter 5: Fault Diagnosis of Vehicle Steering System

In this chapter, the subject of interest is now the diagnosis of vehicle chassis systems. The critical subsystems related to the control of an automated vehicle are: steering, braking and suspension. Of these, steering and braking are more immediately and directly related to vehicle safety. This chapter focuses on the steering system, with the understanding that similar processes could be followed for braking and suspension subsystems. In a vehicle steering system, there can be various types of mechanical faults that may aﬀect vehicle handling performance and vehicle safety. These faults can include steering backlash, tire degradation, bent tie-rod and loose tie-rod ball joints, bushing and control arm failures. Among these faults, steering backlash and tire degradation may occur due to wear in the steering (rack and pinion) gear, and in the tires. While both faults have a direct impact on the vehicle handling dynamics, their detection in a production vehicle under real-world conditions is a challenging task and requires a systematic approach to the design of diagnostic algorithms.

In terms of gear backlash in vehicle steering system, people have been working on steering mechanism design with the capability of removing backlash. Menjak has designed speciﬁc EPAS systems to eliminate steering backlash [150, 151]. Bock

148 designed a worm gear mechanism without backlash [152]. Some researches have proposed methods to identify backlash for specific types of systems. Voros dealt with recursive parameter identification of Hammerstein systems with discontinuous nonlinearities [153]. Giri et al. presented an approach for identifying hysteresis-backlash and relay nonlinearities in Hammerstein systems [154]. In [155], the authors discussed bounding parameters for linear system stability with input backlash. Dong et al. presented a backlash identification approach for nonlinear systems using recursive general identification algorithm [156]. However, few researchers have proposed specific methods for detecting gear backlash in vehicle steering system. Huang et al. proposed a method for identifying steering backlash using a two-degree-of-freedom vehicle dynamics model with vehicle motion measured by inertial measurement unit and

GPS [157]. However, the two-degree-of-freedom vehicle model has its limitation due to small angle approximation, neglecting tire load transfer, etc. GPS measurement can also be unavailable in many situations. In this section, we propose a systematic approach for detecting gear backlash in a vehicle steering system.

While the steering mechanism is critical for vehicle steering functionality, tires also play an important role in vehicle dynamics and are closely related to vehicle safety, handling and ride comfort. However, the tire performance in delivering the required force and moment is affected by tire degradation due to tire wear and aging, which causes tire cornering stiffness change [158]. It is straightforward to estimate the tire cornering stiffness for fault detection. Tire cornering stiffness estimation methods, with both advantages and disadvantages, may be found in the literature. Sierra et al. [159] proposed the beta-less method, using a least-squares method with yaw acceleration and lateral acceleration for tire cornering stiffness estimation. However,

149 the derivation of the yaw acceleration is subject to noise even with ﬁltering technique.

Also, the least-squares method is an under-determinate method which requires a sufficient amount of data to solve the problem. Further, the proposed method is not robust to road bank disturbance. Bechtoff et al. [160] used the Paceijka tire model and the Extended Kalman filter (EKF) to estimate the tire cornering stiffness, with a

Gauss Markov model taking into account road bank angle, road slope angle as well as maximum road friction coefficient. Though this method shows robustness to external disturbances and proves to be accurate, the derivation of the Paceijka model requires much effort in identifying a significant number of parameters. In [161], the authors use a single-track vehicle model and the dual Kalman filter method for online estimation of front and rear axle tires cornering stiffness. The vehicle sideslip angle and yaw rate measurements are necessary to apply the method. The results given by the authors show that it takes several consecutive maneuvers to guarantee convergence of the estimate, which presents a clear challenge if one is interested in online implementation.

In practice, measuring the vehicle side slip angle can be diﬃcult as well. Meanwhile, the authors assume front wheel steer angle to be known. In fact, only pinion angle is measured (instead of wheel steer angle) for rack-and-pinion steering mechanisms in production vehicles. In addition, rear wheel steer angle is neglected, leading to inaccurate estimation, especially during aggressive maneuvers.

In this chapter, we demonstrate a case study of applying model-based diagnosis to steering system for automated vehicle functional safety. The model-based diagnosis methodology in this case study is summarized in Figure 5.1. In Table 5.1, the

FMEA of vehicle steering system demonstrates the criticality of the faults to vehicle functional safety. To ensure functional safety, the vehicle steering system needs

150 Chassis Item Failure Mode Eﬀects Front tire degradation • Decreased vehicle un- Tires by cornering dersteer stiﬀness change Steering • Delayed lateral accel- system Steering eration build Gear backlash rack/gear • Increased yaw delay

Table 5.1: FMEA for automated vehicle steering system

redundancy to detect front tire degradation and steering backlash. In section 5.2.1, a simpliﬁed four-wheel vehicle dynamics model is used to describe vehicle horizontal dynamics, with steering backlash and front tire degradation represented as input actuator fault and parametric fault, respectively. Based on the system model and fault model, structural analysis is applied to determine fault diagnosability in section

5.2.2. A sequential residual generator derived from the structural analysis suggests the suﬃciency of estimating vehicle lateral motion response for fault diagnosis. In section 5.2.3, we apply the EKF to implement the sequential residual generator. In particular, vehicle lateral motion response is estimated for residual generation. In section 5.2.4, a diagnostic strategy is proposed to detect front tire degradation and steering backlash. The eﬀectiveness of this approach is demonstrated in co-simulation of CarSim and Simulink.

In addition, this dissertation proposes an approach to not only detect but identify the magnitude of front tire degradation. In section 5.3.1, vehicle horizontal dynamics are described by a single-track vehicle model, in which the front tire degradation is

151 represented as a parametric fault (tire cornering stiﬀness change). Based on the system model and fault model, structural analysis is applied to analyze fault detectability and to design sequential residual generator. The sequential residual generator demonstrates the feasibility of identifying front tire degradation with tire cornering stiﬀness estimation. Before applying estimation techniques, the system observability needs to be checked. Since the system is nonlinear, the system may become unobservable or less observable under some operating conditions. To quantify the nonlinear system observability, a degree of observability index is proposed in section 5.3.2. In section

5.3.3, we apply the Extended Kalman filter and the Unscented Kalman filter (UKF) separately to estimate tire cornering stiffness. The performance of the two filters are evaluated and compared in CarSim simulation and vehicle dynamics driver-in-the- loop (VDDIL) simulator. The simulation results show that both the EKF and the

UKF can eﬀectively identify front tire degradation.

Figure 5.1: V diagram for vehicle steering system fault diagnosis

152 5.1 FMEA and Simulation of Fault Eﬀects for Vehicle Steer- ing System

Figure 5.2: Co-simulation architecture for fault injection and simulation

Both tires and steering system play important roles in vehicle handling performance and vehicle safety. In particular, tire cornering stiffness is significant to vehicle lateral motion since it characterizes how much lateral force the tire can produce during steering maneuver. Further, it is critical for vehicle yaw stability control as the vehicle sideslip angle and yaw rate can be greatly affected by the change of tire cornering stiffness. Meanwhile, backlash in steering system has direct impact on vehicle steering responsiveness. To understand the fault mechanism and effects on vehicle performance and safety, FMEA is applied to the faults of interest in the vehicle chassis system. To analyze the consequences in the presence of faults, in a straightforward

153 way, we use co-simulation with CarSim and Simulink to demonstrate the fault propagation through vehicle steering system. The co-simulation architecture is shown in

Figure 5.2. In particular, the EPAS model is developed in Simulink with backlash model embedded. The backlash is characterized by the nonlinear model given in equation (5.1) [162]. The schematic of the backlash in gear mechanism is given in

Figure 5.3. θd = θ1 − θ2

θb = θ3 − θ2

˙ ˙ T = k(θd − θb) + c(θd − θb) (5.1)  max(0, θ˙ + k (θ − θ )), θ = −α(T ≤ 0)  d c d b b ˙ ˙ k θb = θd + c (θd − θb), |θb| < α(T = 0)  ˙ k min(0, θd + c (θd − θb)), θb = α(T ≥ 0)

Figure 5.3: Schematic of backlash in gear mechanism

The ﬁrst fault considered in the co-simulation is backlash in the steering system, evaluated in open-loop low frequency steering maneuver simulation. The width of the backlash is chosen to be 4 (deg). To assess the backlash eﬀect on vehicle steering response, a trapezoidal steering wheel angle is used in the simulation with the magnitude of 10 (deg). The vehicle longitudinal velocity is at 60 (mph). As shown

154 (a) Pinion angle (b) Lateral velocity response

Figure 5.4: Vehicle response with backlash in steering system

in Figure 5.4, the backlash width of 4 degrees has a direct impact on the steering wheel angle input to CarSim vehicle plant model. It should be noted the backlash is introduced in between the steering wheel and steering rack, based on which an equivalent steering wheel angle is calculated and sent to the CarSim model. Here, we plot the pinion angle instead of the steering wheel angle since only the pinion angle is measured in production vehicles. Due to compliance of the steering system, the pinion angle is slightly smaller than the steering wheel angle, as can be seen from

Figure 5.4. It is illustrated that the backlash results in delayed vehicle lateral motion

155 Figure 5.5: Tire lateral force vs. tire lateral slip angle

response, including lateral velocity, lateral acceleration and yaw rate. Moreover, the peak value of the lateral response is reduced due to the backlash. In practice, the delayed vehicle lateral motion can raise safety concern in emergency situations such as steering for crash avoidance and automatic lane change for automated and autonomous vehicles. In addition, vehicle handling performance can be greatly aﬀected due to response delay. Thus, it is necessary to detect the backlash in the steering system for the sake of vehicle safety and performance.

In addition to backlash in steering system, we also study the tire degradation eﬀect on vehicle safety and performance, especially front tire degradation for front wheel drive vehicles. In this work, tire degradation is characterized by tire cornering

156 (a) Pinion angle (b) Lateral velocity response

Figure 5.6: Vehicle response with front tire degradation by cornering stiﬀness change by +20%

stiffness change. The relation between tire lateral force and tire lateral slip angle is demonstrated in Figure 5.5. With tire degradation, the tire lateral force increases with small lateral slip angle but the maximum tire lateral force decreases. In other words, the tire cornering stiffness increases with tire degradation when the tire has not reached its grip limit. The effects of front tire degradation on vehicle lateral motion response are simulated as shown in Figure 5.6. It can be seen that the front tire degradation leads to more responsive vehicle lateral motion because of the increased

157 tire cornering stiﬀness. On the other hand, the front tire degradation results in decreased vehicle understeer since the front tires can provide larger tire lateral forces relative to the rear tires before reaching road friction limit. Decreased vehicle understeer provides more responsive handling performance but also increases the risks of vehicle spinning out. As a result, diagnosing the front tire degradation is critical for vehicle functional safety. In this dissertation, we focus on diagnosis of front tire degradation and gear backlash (in rack-and-pinion steering mechanism) in steering system.

5.2 Fault Diagnosis for Tire Degradation and Steering Back- lash Detection

In this section, we present fault diagnosis approach for tire degradation and steering backlash detection using vehicle dynamics model and Kalman ﬁltering technique.

Diﬀerent vehicle dynamics models are analyzed to determine the model ﬁdelity for this application. Once the system dynamics and faults are modeled, we apply structural analysis to analyze system redundancy for diagnostic design. With faults having impact on vehicle lateral dynamics response, it is feasible to estimate vehicle lateral dynamics response using vehicle on-board sensors for fault detection. To deal with noise and uncertainty in the nonlinear system, we apply the EKF to estimate vehicle yaw rate, lateral velocity, lateral acceleration as well as tire lateral force. Based on the estimation, a diagnostic strategy is designed to generate residuals that are sensitive to both front tire degradation and steering backlash.

158 5.2.1 Modeling of Vehicle Dynamics

Vehicle dynamics models range from the simple to complex, depending on the speciﬁc goals of the model. The most simpliﬁed vehicle dynamics model is the 2-

DOF single-track vehicle model or bicycle model; this model is capable of describing vehicle lateral motion and yaw motion as shown in Figure 5.7. A more accurate model as given by Figure 5.8, is a 14-DOF four-wheel vehicle model (FWVM), which includes a 3-DOF vehicle in-plane or horizontal dynamics (longitudinal motion, lateral motion and yaw motion), a 7-DOF vehicle vertical dynamics (vertical, pitch and roll motion of sprung mass and vertical motion of the four wheels (unsprung mass)) and a 4-DOF tire models (rotational dynamics of each wheel).

The 3-DOF vehicle handling model is given in equation (5.2), which includes vehicle longitudinal, lateral and yaw dynamics. p and q represent the functions for deriving longitudinal tire force and lateral tire force, respectively. The tire aligning moment also depends tire pneumatic trail, which is typically varying and unknown.

Since the aligning moments, Mzfl,Mzfr,Mzrl and Mzrr in equation (5.2), are much smaller than the yaw moment generated by tire lateral force under small tire slip angles, the eﬀect of tire aligning moment can be neglected in modeling vehicle yaw dynamics for simplicity.

159 1 v˙ = (F cosδ − F sinδ + F cosδ − F sinδ + F + F ) + v ψ˙ x m xfl fl yfl fl xfr fr yfr fr xrl xrr y ˙ ax =v ˙x − vyψ 1 v˙ = (F cosδ + F sinδ + F cosδ + F sinδ + F + F ) − v ψ˙ y m yfl fl xfl fl yfr fr xfr fr yrl yrr x ˙ ay =v ˙y + vxψ t t I ψ¨ = f (−F cosδ + F sinδ + F cosδ − F sinδ ) − r (F − F ) zz 2 xfl fl yfl fl xfr fr yfr fr 2 xrl xrr

+ lf (Fxflsinδfl + Fyflcosδfl + Fxfrsinδfr + Fyfrcosδfr) − lr(Fyrl + Fyrr)

+ Mzfl + Mzfr + Mzrl + Mzrr

˙ Fxfl =p(vx, vy, δfl, ψ, ωfl,Fzfl)

˙ Fyfl =q(vx, vy, δfl, ψ, Fzfl)

˙ Fxfr =p(vx, vy, δfr, ψ, ωfr,Fzfr)

˙ Fyfr =q(vx, vy, δfr, ψ, Fzfr) (5.2)

Figure 5.7: Single-track vehicle model architecture

160 Figure 5.8: 14 DOF four-wheel vehicle model architecture

Figure 5.9: Vehicle dynamics architecture

As can be seen from Figure 5.9, the vehicle horizontal dynamics (characterized by the vehicle handling model) and vehicle vertical dynamics (characterized by the vehicle ride model) are coupled with each other. However, during a low-frequency steering maneuver with small wheel steer angle and tire slip angle, the vehicle roll steer eﬀect can be negligible. Also, the vehicle bump steer eﬀect on vehicle horizontal dynamics can be neglected considering that the contribution of bump steer to the overall wheel steer is negligible under normal road roughness. Further, the vertical

161 tire load can be estimated based on vehicle longitudinal acceleration and lateral ac-

celeration by neglecting vehicle roll inertia and pitch inertia during a low-frequency

steering maneuver. Under these assumptions, the vehicle horizontal dynamics and

vertical dynamics can be decoupled and analyzed separately using the corresponding

dynamics model for simpliﬁcation. Though these assumptions may not always be

satisﬁed, sometimes the vehicle maneuver can be in compliance with these assump-

tions, in which the simpliﬁed vehicle model can be useful in characterizing the vehicle

response. While the model is simpliﬁed, it is good enough to account for the faults.

In addition, automated or autonomous vehicles can be designed to perform certain

maneuvers that satisfy these assumptions such that the corresponding model and

algorithms can be applied for diagnostics.

5.2.2 Structural Analysis on Simpliﬁed Four-wheel Vehicle Dynamics Model

Having made assumptions that allow decoupling of vehicle horizontal dynamics

from vertical dynamics under some assumptions, a simpliﬁed four-wheel vehicle hori-

zontal dynamics model can be derived based on the 14 DOF four-wheel vehicle model,

as shown in equation (5.3) and (5.4). qf and qr represent the tire lateral force maps

(known) for front tires and rear tires, respectively, as functions of vehicle longitudinal velocity, lateral velocity, yaw rate, wheel steer angle and tire vertical load. This is based on the fact that front tires and rear tires typically have diﬀerent properties in terms of tire cornering stiﬀness, tire force limit, etc. Also, the left tire and right tire are assumed to have the same properties. σf and σr are the relaxation length for the

front tires and the rear tires, respectively. For pneumatic tires, the relaxation length

describes the lag between the introduction of tire slip angle and the response of the

162 tire lateral force [163]. θp is the pinion angle for the rack-pinion steering mechanism. rst represents the steering ratio between wheel steer angle and pinion angle based on the kinematics. δftoe and δrtoe are the static toe angles for front wheels and rear wheels, respectively, assuming the left wheel and right wheel have the same absolute toe angle. Here, the sign of toe angle follows the standard of positive toe angle, which implies toe-in for both front axle and rear axle. kcf and kcr are the compliance steer coefficients for front wheels and rear wheels, respectively. With longitudinal tire force neglected, the wheel compliance steer depends on tire lateral force. There are two types of faults considered in the system, fCf as the front tires degradation with cornering stiffness change and flash as gear backlash in the rack-pinion steering mechanism. The vertical tire load can be determined based on lateral acceleration, with the assumption that the longitudinal acceleration is negligible, as given by the last four equations, e16, e17, e18 and e19, in equation (5.3). Rx represents the radius of gyration along vehicle longitudinal axis. Also, the road vertical excitation is neglected in terms of its effect on vertical tire load. Two intermediate variables, xfCf and xflash, are used to represent the faults, front tire degradation and steering gear backlash, respectively. This step is for convenience of applying structural analysis, since the same faults appear in multiple equations. Equation set e22, e23, e24, e25 is the set of sensor measurement equations, assuming there are no sensor faults in this case.

It should be noted that all these sensors are available in production vehicles, including inertial measurement unit (IMU) and wheel speed sensors (for calculating vehicle speed). The sensor availability is important for applying structural analysis since the system redundancy may change with diﬀerent sensors. Moreover, equation set

{e26, e27, e28, e29, e30, e31} represents the relation between a variable and its derivative.

163 Thus, both derivative causality and integral causality are included in the structural analysis.

164 1 e :v ˙ = (F cosδ + F cosδ + F cosδ + F cosδ ) − v ψ˙ 1 y m yfl fl yfr fr yrl rl yrr rr x ˙ e2 :ay =v ˙y + vxψ

¨ e3 :Izzψ = lf (Fyflcosδfl + Fyfrcosδfl) − lr(Fyrlcosδrl + Fyrrcosδrr) t t + f (F sinδ − F sinδ ) + r (F sinδ − F sinδ ) 2 yfl fl yfr fr 2 yrl rl yrr rr ˙ vx e4 :Fyfl = (−Fyfl + qf (αfl,Fzfl, xfCf )) σf ˙ vx e5 :Fyfr = (−Fyfr + qf (αfr,Fzfr, xfCf )) σf ˙ vx e6 :Fyrl = (−Fyrl + qr(αrl,Fzrl)) σr ˙ vx e7 :Fyrr = (−Fyrr + qr(αrr,Fzrr)) σr

e8 :δfl = θp · rst − δftoe + kcf · Fyfl + xflash

e9 :δfr = θp · rst + δftoe + kcf · Fyfr + xflash e :δ = −δ + k · F 10 rl rtoe cr yrl (5.3) e11 :δrr = δrtoe + kcr · Fyrr ˙ vy + lf ψ e12 :αfl = δfl − tf ˙ vx − 2 · ψ ˙ vy + lf ψ e13 :αfr = δfr − tf ˙ vx + 2 · ψ ˙ vy − lrψ e14 :αrl = δrl − tr ˙ vx − 2 · ψ ˙ vy − lrψ e15 :αrr = δrr − tr ˙ vx + 2 · ψ ms · lr · g ms · lr · ay · Rx e16 :Fzfl = − + muflg 2(lf + lr) (lf + lr)tf ms · lr · g ms · lr · ay · Rx e17 :Fzfr = + + mufrg 2(lf + lr) (lf + lr)tf ms · lf · g ms · lf · ay · Rx e18 :Fzrl = − + murlg 2(lf + lr) (lf + lr)tr ms · lf · g ms · lf · ay · Rx e19 :Fzrr = + + murrg 2(lf + lr) (lf + lr)tr 165 e20 :xfCf = fCf

e21 :xflash = flash

˙ e22 :yψ˙ = ψ

e23 :yay = ay

e24 :yvx = vx

e25 :yθp = θp dv (5.4) e :v ˙ = y 26 y dt dψ˙ e :ψ¨ = 27 dt dF e :F˙ = yfl 28 yfl dt dF e :F˙ = yfr 29 yfr dt dF e :F˙ = yrl 30 yrl dt dF e :F˙ = yrr 31 yrr dt ( f = −θ · r · sign(θ ), | θ · r |≤ β lash p st p p st (5.5) flash = −β · sign(θp), | θp · rst |> β Under low frequency steering maneuver, the inertial eﬀects in the steering kinematic chain can be neglected such that the gear backlash can be modeled in equation

(5.5), where β represents the backlash width. The structural model of the system is given in Figure 5.10, where the x-axis includes known and unknown variables as well as fault variables. The derivative causality and integral causality are indicated in the ﬁgure as well. Further, the DM decomposition is applied to the structural model to determine detectability and isolability of the faults. As can be seen from

Figure 5.11, the entire structural model is structurally over-determined enclosed in the blue box, which implies the faults, fCf and flash, are detectable. In addition,

166 Figure 5.10: Structural model of the simpliﬁed vehicle horizontal dynamics

with ’D’ and ’I’ representing the derivative causality and integral causality, it can

be deduced that either causality may be required to detect the faults by solving the

unknown variables through numerical diﬀerentiation or integration. With the struc-

tural analysis toolbox [117], the fault isolability matrix is given in Figure 5.12, which

implies the faults are isolable with integral causality and derivative causality. There

are two MSO sets generated by the toolbox for fault isolation. The ﬁrst MSO set is

the equation set {e1, ...e19, e21, ..., e31}. The second MSO set is given by the equation set {e1, ...e20, e22, ..., e31}. It is obvious either one of the two equations related to the

167 Figure 5.11: DM decomposition of the simpliﬁed vehicle horizontal dynamics strutural model

faults fCf and flash is used in these two MSO sets. Based on the ﬁrst MSO set, a matching can be found through the toolbox, as shown in Figure 5.13, with equation e21 as the ARR. In this matching, yaw rate measurement needs to be diﬀerentiated in order to derive yaw acceleration, which is susceptible to sensor noise. Also, vehicle lateral velocity is derived by taking integral of its derivative using equation e2. How- ever, the initial condition of the vehicle lateral velocity is typically unknown, leading to potential poor accuracy in calculating lateral velocity due to the initial condition error. Though the fault isolability matrix generated by the toolbox states the faults

168 Figure 5.12: Fault isolability matrix of the simpliﬁed vehicle horizontal dynamics strutural model

are isolable, in fact, the steering backlash and front tire degradation cannot be iso-

lated. The issue is with the equations e20 and e21, in which the faults are represented by two corresponding unknown variables. This way of representing the faults is to solve the issue with the structural analysis toolbox, which does not allow the same fault variable to appear in multiple equations. However, this also cause problems in determining the fault isolability. Recall the deﬁnition of structural fault isolability that claims a fault fi is structurally isolable from fj in the structural model if fi lies

in the structurally over-determined set of the model after removing the constraint

equation that fj appears. Strictly speaking, to analyze fault isolability in the case

of representing a fault with an unknown variable, one needs to remove not only the

equation that the fault variable appears but the equation that the corresponding un-

known variable appears. Nevertheless, the structural analysis toolbox does not take

this into account, which can lead to incorrect conclusion about fault isolability. In

this case, the equations e4, e5 and e20 all need to be removed to evaluate whether the

169 Figure 5.13: Matching using equation e21 as analytical redundant relation for fault isolation

fault flash lies in a structurally over-determined set, such that the isolability between fault fCf and flash can be determined properly. To put it in another way, if the unknown variables for representing the corresponding faults can be solved independent of one another, these faults are isolable. Namely, the closed-form solution of a unknown variable (representing fault A) cannot contain any form of another unknown variable (representing fault B). Otherwise, fault A and B are not isolable. Through

170 this process, it is found that the two faults of interest, steering backlash and front tire degradation, are detectable but not isolable.

Since the faults are not isolable, we move forward to analyze how the faults can be detected. Based on the structural analysis, we choose one of the MSO set to do fault detection as given by equation set {e1, e3, e4, ..., e31}. This MSO set can be used to detected both steering backlash and front tire degradation since the corresponding fault equations, e20 and e21, are included in the MSO set. We ﬁrst analyze the case using equation e22 as the ARR. In particular, a sequential residual generator can be derived by ﬁnding the proper matching. In this case, the matching is illustrated in

Figure 5.14. The computation sequence based on the matching can be written as

{(e25, θp), (e24, vx), (e21, xflash), (e20, xfCf ), (e23, ay), (e19,Fzrr), (e18,Fzrl), (e17,Fzfr)

, (e16,Fzfl), (e11, e10, e9, e8, e15, e14, e13, e12, e3, e1, e7, e6, e5, e4, e27, e26, e31, e30, e29, e28, ¨ ˙ ˙ ˙ ˙ ˙ δrr, δrl, δfr, δfl, αrr, αrl, αfr, αfl, ψ, v˙y, Fyrr, Fyrl, Fyfr, Fyfl, ψ, vy,Fyrr,Fyrl,Fyfr,Fyfl)}.

The computation sequence can be used to solve the unknown variables in the system such that the residual using equation e22 as ARR can be derived in equation (5.6). In addition to equation e22 as an ARR, e23 can be used as another ARR. Speciﬁcally, by combining equation e1 and e2, one can estimate the lateral acceleration ay from the estimated tire lateral forces such that the estimated and measured lateral acceleration formulates a residual equation given in equation (5.7). It should be noted that the tire lateral forces would be solved in the process of deriving residual r1 using the given computation sequence. ˆ˙ r1 = yψ˙ − ψ (5.6) 1 r = y − (Fˆ cosδ + Fˆ cosδ + Fˆ cosδ + Fˆ cosδ ) (5.7) 2 ay m yfl fl yfr fr yrl rl yrr rr

171 Figure 5.14: Matching using equation e22 as analytical redundant relation

In Figure 5.14, it can be seen the integral causality is required to estimate the ˙ vehicle yaw rate ψ such that residual r1 can be derived. In terms of implementing the computation sequence, the integral causality can be achieved by direct numerical integration or state observers. While direct numerical integration requires information of the initial condition, state observers can eliminate the initial condition error and are robust to noise and uncertainty in the system. Thus, we choose state observers to implement the computation sequence. In Chapter 2, diﬀerent observer approaches have been discussed, in which the EKF proves its robustness and eﬃciency in real world applications. In the next section, we apply the EKF to generate residuals, in

172 which the consistency check between yaw rate measurement and estimate plays an important role in both the Kalman ﬁlter design and the residual generation as given in equation (5.6).

5.2.3 Fault Diagnostic Strategy for Tire Degradation and Steering Backlash Detection

In this section, we present a methodology of diagnosing front tire degradation and steering backlash. The fault diagnostic strategy is demonstrated in Figure 5.15.

According to section 5.2.2, the two residuals r1 and r2 can be used to detect the faults from structural analysis results. To generate the residuals, we adopt a simpliﬁed four- wheel vehicle dynamics model to describe vehicle lateral dynamics. Further, vehicle yaw rate and lateral acceleration can be estimated with the EKF. In this way, residual signals are generated by consistency check between estimate and measurement. For diagnostic decision making, we apply cumulative sum (CUSUM) control chart to ensure detection accuracy and eﬃciency.

To apply the EKF in vehicle lateral dynamics estimation for residual generation, we formulate the simpliﬁed four-wheel vehicle horizontal dynamics model in nonlinear state-space form. In particular, the system state vector is deﬁned as X in equation

(5.8). The input vector U is given by equation (5.9). The measurement is one of the system states, vehicle yaw rate ψ˙, described in equation (5.10).

T ˙ T X = [x1, x2, x3, x4, x5, x6] = [vy, ψ, Fyfl,Fyfr,Fyrl,Fyrr] (5.8)

T T U = [u1, u2, u3, u4] = [δfl, δfr, δrl, δrr] (5.9)

˙ Y = x2 = ψ (5.10)

173 Figure 5.15: Fault diagnostic strategy for tire degradation and steering backlash detection

The nonlinear function of the state equations f(.) is then given by equation (5.11).

The measurement function h(.) is derived in equation (5.12). qf represent the tire force map which uses the tire lateral slip angle and tire vertical load as inputs. σ is the tire lateral relaxation length, which describes the delay between the introduction of tire lateral slip and tire lateral force reaching its steady-state. In addition, to take the suspension compliance into account, both front and rear wheel steer angles are estimated based on suspension compliance coeﬃcient and tire lateral force estimation, as shown in equation (5.13).

 1  (x3cosu1 + x4cosu2 + x5cosu3 + x6cosu4) − vx · x2  m  1 [l (x cosu + x cosu ) − l (x cosu + x cosu )  Izz f 3 1 4 2 r 5 3 6 4  t + f (x sinu − x sinu ) + tr (x sinu − x sinu )]  2 3 1 4 2 2 5 3 6 4 vx f = σ (−x3 + qf (αfl,Fzfl)) (5.11)  vx  (−x4 + qf (αfr,Fzfr))  σ  vx  (−x5 + qr(αrl,Fzrl))  σ  vx  σ (−x6 + qr(αrr,Fzrr)) 174 h = x2 (5.12)

uˆ1 = θp · rst + kcf · xˆ3

uˆ2 = θp · rst + kcf · xˆ4 (5.13) uˆ3 = kcr · xˆ5

uˆ4 = kcr · xˆ6

Figure 5.16: Vehicle trajectory during multiple cornering maneuver with equal eﬀec- tive cornering radius

Once the model is determined, EKF is applied following the procedure as given in Appendix B. In the EKF implementation, both process noise covariance matrix and measurement noise covariance matrix are set to be constant diagonal matrices,

175 Figure 5.17: Vehicle lateral velocity and yaw rate estimation during multiple cornering maneuver with equal eﬀective cornering radius

which means there assume to be no correlation between diﬀerent process noise and measurement noise.

We evaluate the methodology using CarSim simulation. The ﬁrst simulation scenario is the continuous cornering maneuver with constant vehicle speed and equal eﬀective cornering radius. The vehicle trajectory is given in Figure 5.16. The vehicle lateral velocity and yaw rate estimation results are demonstrated in Figure 5.17.

The wheel steer angle estimation results are illustrated in Figure 5.18. The tire lateral force estimation results are demonstrated in Figure 5.19. The tire slip angle estimation is shown in Figure 5.20. It can be seen from these ﬁgures that all these

176 Figure 5.18: Wheel steer angle estimation during multiple cornering maneuver with equal eﬀective cornering radius

variables are estimated accurately under the given driving scenario. This provides

the foundation for applying diagnosis based on residual generation.

ˆ˙ ˆ˙ r1 = (yψ˙ − ψ) · sgn(ψ) (5.14)

r2 = (yay − aˆy) · sgn(ˆay) (5.15)

Once the eﬃcacy of the proposed methodology is veriﬁed, we proceed to residual generation for diagnosing the faults of interest. In equation (5.6) and (5.7), the primary residuals are designed to indicate fault impact on the vehicle dynamics estimation. It is found in simulation that the residual response changes its sign between

177 Figure 5.19: Tire lateral force estimation during multiple cornering maneuver with equal eﬀective cornering radius

left turns and right turns. To eliminate the sign change of the residuals, we multiply the primary residuals by a sign function to generate secondary residuals for residual evaluation and diagnostic decision making. The secondary residuals are formulated in equation (5.14) and (5.15). During multiple cornering maneuver, the secondary residuals response are given in Figure 5.21 and 5.22, with front tire degradation and steering backlash, respectively. In Figure 5.21, It can be seen that both residuals are sensitive to front tire degradation. The steering backlash has signiﬁcant impact on the residuals magnitude during cornering, as shown in Figure 5.22. In particular, residual 2 shows oscillations due to the steering backlash. The residuals discrepancy

178 Figure 5.20: Tire lateral slip angle estimation during multiple cornering maneuver with equal eﬀective cornering radius

between healthy case and faulty case is transparent in presence of either front tire degradation or steering backlash. It should be noted that the residuals are sensitive to the faults only during steering maneuver. This is reasonable since the system becomes unobservable in straight line driving. Here, the steering backlash is introduced in between pinion and front wheels in CarSim, with the backlash width equal to 8

(deg) with respect to pinion rotation.

Diagnostic Decision with CUSUM

In this section, we demonstrate the process of using cumulative sum (CUSUM) control chart to make diagnostic decisions. The CUSUM control chart algorithm

179 Figure 5.21: Residuals response with front tire degradation by cornering stiﬀness change

is presented in equation (5.16) and (5.17) for upper and lower cumulative process sums, respectively. xi represents the i-th sample of the residual signal. mx and σx are the mean and standard deviation of the ﬁrst 300 samples (sampling rate of 50

(Hz)), which describe the residual signals under healthy condition. q is the number of standard deviations from the target mean, that make a shift detectable. In this case, we choose q to be 5 for achieving the balance between false alarm and misdetection.

180 Figure 5.22: Residuals response with steering backlash

Here, we do not adopt sequential probability ratio test in performing CUSUM since the probability distribution for residuals under faulty condition is typically unknown.

Thus, using CUSUM for anomaly detection is more reasonable, in which we detect a shift in mean of the residuals caused by faults. ( 0, i = 1 SUi = 1 (5.16) max(0,SUi−1 + xi − mx − 2 qσx), i > 1

181 (a) CUSUM results of Residual 1 (b) CUSUM results of Residual 1 (zoomed in)

Figure 5.23: CUSUM results of Residual 1 for front tire degradation detection

(a) CUSUM results of Residual 2 (b) CUSUM results of Residual 2 (zoomed in)

Figure 5.24: CUSUM results of Residual 2 for front tire degradation detection

( 0, i = 1 SLi = 1 (5.17) min(0,SLi−1 + xi − mx + 2 qσx), i > 1 In practice, the front tire degradation and steering backlash may build up over time instead of occurring abrupt. However, to evaluate the accuracy and eﬃciency

182 (a) CUSUM results of Residual 1 (b) CUSUM results of Residual 1 (zoomed in)

Figure 5.25: CUSUM results of Residual 1 for steering backlash detection

(a) CUSUM results of Residual 2 (b) CUSUM results of Residual 2 (zoomed in)

Figure 5.26: CUSUM results of Residual 2 for steering backlash detection

of the diagnostic decision in simulation environment, we concatenate the residuals under healthy condition and faulty condition to describe the abrupt change of residuals due to front tire degradation and steering backlash. In particular, the residuals

183 given in Figure 5.21 and Figure 5.22 contain the residuals response during multiple cornering maneuver, based on which the residuals under healthy and faulty condition are concatenated. The CUSUM results of the residuals with front tire degradation and steering backlash are demonstrated in Figure 5.23 to 5.26. In Figure 5.23 and

5.24, it is shown the front tire degradation is detected within 3 (sec) after the fault is injected at 60 (sec). Residual 1 enables faster detection than residual 2 in this case.

In Figure 5.25 and 5.26, it takes less than 1 (sec) to for the CUSUM control chart to detect the steering backlash after the fault is introduced at 60 (sec). For both cases, the CUSUM results show the trend of consecutive increase and decrease due to the switch between cornering and straight line driving. During straight line driving, the system becomes unobservable such that residuals are insensitive to faults. Therefore, steering/cornering maneuver is critical for diagnosing the front tire degradation and steering backlash. Overall, the designed residuals are sensitive to the faults of interest. Also, the CUSUM control chart is capable of detecting the faults eﬀectively and eﬃciently.

5.3 Fault Diagnosis for Tire Degradation Identiﬁcation

In the previous section, a diagnostic strategy has been proposed to detect steering backlash and front tire degradation. In particular, the front tire degradation can be detected but the severity of the degradation cannot be identified. In this section, we consider tire cornering stiffness estimation for identifying tire degradation. The structural analysis and system observability analysis indicate the sufficiency and feasibility of tire cornering stiffness estimation. With the tire degradation modeled as a parametric fault, the EKF and the UKF are applied to a single-track vehicle model to

184 simultaneously estimate system states and parameters (tire cornering stiﬀness). The

results from CarSim simulation and VDDIL simulator demonstrate the eﬀectiveness

of the proposed approach.

5.3.1 Structural Analysis on Single-track Vehicle Model

In the single-track vehicle model, front wheel steer angle is typically determined

by steering wheel angle (or pinion angle for rack-pinion steering mechanism) while

rear wheel steer angle is sometimes neglected. Since the wheel steer angle has im-

pact on tire slip angle, inaccurate wheel steer angle information could greatly harm

the estimation of tire cornering stiﬀness. To ensure the accuracy of tire cornering

stiﬀness estimation, front and rear wheel steer angles need to be estimated accu-

rately. However, in production vehicles, pinion angle is measured instead of front

wheel steer angle. Meanwhile, the rear wheel also steers during steering maneuver

due to suspension compliance, which is not measured by vehicle on-board sensors.

Therefore, in the single-track vehicle model, we model the suspension compliance by

estimating the front and rear wheel steer angles based on tire lateral force estima-

tion. The front and rear wheel steer angles estimation takes into account pinion angle

measurement, steering ratio (between pinion angle and front wheel steer angle) and

suspension compliance (characterized by suspension compliance coeﬃcient).

In discrete time implementation, the front wheel steer angle estimation can be

achieved by equation (5.18), where the initial front wheel steer angle due to sus-

pension compliance is assumed to be zero. rst is the steering ratio representing the kinematic relation between pinion angle θp and front wheel steer angle due to suspension compliance δcf , in which only the pinion angle is directly measured. kcf is the

185 suspension compliance coeﬃcient associated with the front suspension. It indicates the front wheel steer due to front tire lateral force. Similarly, the rear wheel steer angle estimation is presented in equation (5.19), where kcr represents the suspension compliance coeﬃcient for rear suspension. Considering the sampling time ∆t, the dynamics of the front wheel steer angle and rear wheel steer angle are given in equation (5.20) and (5.21). It can be seen the dynamics of the wheel steer angle due to compliance depend on the sampling time ∆t. In CarSim, the default sampling time is

0.001 (sec). In real world, the wheel steer due to suspension compliance is expected to be much faster than the vehicle lateral dynamics (yaw rate, lateral velocity). How- ever, due to the limitation of the computer hardware in vehicles, the sampling rate can be as low as 20 (Hz). Therefore, the discrete time implementation under low sampling rate can be very inaccurate in capturing the dynamics of wheel steer due to suspension compliance. Since the dynamics of wheel steer angle due to suspension compliance are much faster than the vehicle horizontal dynamics, we neglect these dynamics for accuracy and computation eﬃciency. If these dynamics were included in the model, this would require treating the wheel steer angles (front and rear) due to compliance as two extra states, which would increase the system order from four to six, drastically increasing the computational eﬀort, especially in dealing with the

Jacobian matrix in EKF implementation. By neglecting the dynamics of wheel steer ˙ ˙ angle due to suspension compliance, we mean δcf = 0 and δcr = 0. Thus, the front and rear wheel steer angles due to suspension compliance are described by algebraic functions of the front and rear tires lateral forces, as given in equation (5.22) and

186 (5.23), respectively. ˆ δcf (0) = 0

ˆ ˆ ˆ vˆy(0) lf ˆ˙ δcf (1) = kcf · Cαf (1)(θp(0) · rst + δcf (0) − − ψ(0)) vx vx ˆ ˆ ˆ vˆy(k) lf ˆ˙ δcf (k + 1) = kcf · Cαf (k)(θp(k) · rst + δcf (k) − − ψ(k)), k = 1, 2, ... vx vx (5.18) ˆ δcr(0) = 0

ˆ ˆ ˆ vˆy(0) lr ˆ˙ δcr(1) = kcr · Cαr(0)(δcr(0) − + ψ(0)) (5.19) vx vx ˆ ˆ ˆ vˆy(k) lr ˆ˙ δcr(k + 1) = kcr · Cαr(k)(δcr(k) − + ψ(k)), k = 1, 2, ... vx vx ˙ kcf · Cαf − 1 kcf · Cαf kcf · Cαf kcf · Cαf · lf ˙ δcf = · δcf + · θp · rst − · vy − · ψ (5.20) ∆t ∆t ∆t · vx ∆t · vx ˙ kcr · Cαr − 1 kcr · Cαr kcr · Cαr · lr ˙ δcr = · δcr − · vy + · ψ (5.21) ∆t ∆t · vx ∆t · vx kcf · Cαf kcf · Cαf kcf · Cαf · lf ˙ δcf = · θp · rst − · vy − · ψ (5.22) 1 − kcf · Cαf (1 − kcf · Cαf ) · vx (1 − kcf · Cαf ) · vx kcr · Cαr kcr · Cαr · lr ˙ δcr = − · vy + · ψ (5.23) (1 − kcr · Cαr) · vx (1 − kcr · Cαr) · vx With the front and rear wheel steer angles estimated using suspension compliance and tire lateral force, the single-track vehicle model is given in equation (5.24) and ˙ (5.25), where m is the vehicle mass, vy is the vehicle lateral velocity and ψ represents the vehicle yaw rate. vx is the vehicle longitudinal velocity, which is known and determined by wheel speed measurement. Cαf and Cαr represent the reference values of the front tires and the rear tires cornering stiﬀness, respectively. Though the front tire degradation is of our interest, here we consider both front and rear tire degradation as two separate faults to expand the fault scenarios. The front and rear tire degradation are represented by fCf and fCr, respectively. xfCf and xfCr are the intermediate variables representing the magnitudes of the degradation (tire cornering stiﬀness change). The use of these intermediate variables is to be compliant with the

187 structural analysis toolbox, which requires the use of an intermediate variable when

the same fault appears in multiple equations [117]. θp represents the pinion angle. rst

is the steer ratio between the front wheel steer angle and the pinion angle. δcf and δcr are the front and rear wheel steer angles due to suspension compliance, respectively.

In practice, the wheel compliance steer can be estimated based on tire force and steer compliance coeﬃcient, which is a calibration parameter. Izz represents the vehicle yaw moment of inertia. lf and lr are the distances of vehicle CG to the front axle and

to the rear axle, respectively. The relation among the vehicle yaw rate ψ˙, the vehicle lateral velocity vy and the vehicle lateral acceleration ay is given by equation (5.26).

¨ vy lf ˙ vy lr ˙ Izzψ = 2(Cαf + xfCf )(θp · rst + δcf − − ψ) · lf − 2(Cαr + xfCr)(δcr − + ψ) · lr vx vx vx vx (5.24) ˙ vy lf ˙ vy lr ˙ m(v ˙y +vx ·ψ) = 2(Cαf +xfCf )(θp ·rst +δcf − − ψ)+2(Cαr +xfCr)(δcr − + ψ) vx vx vx vx (5.25) ˙ ay =v ˙y + vx · ψ (5.26)

To apply structural analysis, the front wheel steer angle and rear wheel steer angle due to suspension compliance are described by equation (5.27) and (5.28), respectively. Equations (5.31) to (5.34) assume the measurement of vehicle yaw rate yψ˙ ,

lateral acceleration yay , vehicle longitudinal velocity yvx (typically calculated based

on wheel speed sensor measurement) and pinion angle yθp are correct and accurate.

Similar to the simpliﬁed vehicle horizontal dynamics model, here the relations between variables and their time derivatives are given in equation (5.35) and (5.36).

The structural model represented by Incidence matrix is given by Figure 5.27, where each dot represents the appearance of a variable in an equation. In Figure 5.28, the

DM decomposition of the system implies the entire system is over-determined with

188 redundancy for fault detection. Thus, both front and rear tire degradation are detectable with the single-track vehicle model and the available sensor measurements.

Figure 5.27: Structural model of the single-track vehicle dynamics model

k · (C + xf ) k · (C + xf ) δ = cf αf Cf · θ · r − cf αf Cf · v cf 1 − k · (C + xf ) p st (1 − k · (C + xf )) · v y cf αf Cf cf αf Cf x (5.27) k · (C + xf ) · l − cf αf Cf f · ψ˙ (1 − kcf · (Cαf + xfCf )) · vx kcr · (Cαr + xfCr) kcr · (Cαr + xfCr) · lr ˙ δcr = − · vy + · ψ (5.28) (1 − kcr · (Cαr + xfCr)) · vx (1 − kcf · (Cαr + xfCr)) · vx

xfCf = fCf (5.29)

189 Figure 5.28: DM decomposition of the single-track vehicle dynamics model

xfCr = fCr (5.30)

˙ yψ˙ = ψ (5.31)

yay = ay (5.32)

yvx = vx (5.33)

yθp = θp (5.34)

190 dv v˙ = y (5.35) y dt dψ˙ ψ¨ = (5.36) dt

Figure 5.29: Fault signature based on MSO sets

Based on the structural analysis, there are 11 MSO sets available for designing sequential residual generators. The fault signature based on the MSO sets is given in Figure 5.29. Each dot implies that a MSO set is sensitive to the corresponding fault. It can be seen the MSO set 6 and MSO set 7 are only sensitive to the rear tire degradation (fCr) and the front tire degradation (fCf ), respectively. Thus, we can use these two MSO sets to not only detect but isolate the front and rear tire degradation. We ﬁrst analyze MSO set 7, since it is sensitive to the fault of interest, front tire degradation. MSO set 7 consists of all equations except equation (5.30).

Theoretically, each one of the equations can be used as the analytical redundant relation (ARR). In this case, we use equation (5.29) as the ARR to design sequential

191 residual generator, since this ARR indicates the magnitude of the front tire degra-

dation fCf . The corresponding matching is given in Figure 5.30. According to the

matching, we can determine the computation sequence of the sequential residual gen- ˙ ¨ erator as{(5.34, θp), (5.33, vx), (5.32, ay), (5.31, ψ), (5.36, ψ), (5.26, v˙y), (5.35, vy),

(5.24, 5.25, 5.28, 5.27, δcr, δcf , xfCr, xfCf ), (5.29, 0)}. Based on the sequential residual

generator, the residual is given by rf in equation (5.37) for detecting the front tire ¯ degradation. Cαf is an intermediate variable, which represents the actual front tire cornering stiffness that is subject to front tire degradation. This residual directly provides the fault magnitude, i.e. front tire cornering stiffness change xfCf . It should be noted that Cαf is the reference value of the front tire cornering stiffness that can be ¯ compared with Cαf . We repeat this procedure to analyze the MSO set 6 for detecting the rear tire degradation fCr. The MSO set 6 consists of all the system equations except equation (5.29). Similar to the analysis of MSO set 7, we choose equation

(5.30) as the ARR since xfCr indicates the magnitude of the rear tire degradation.

The corresponding matching is exactly the same as the case of front tire degradation, shown in Figure 5.30. This also implies the magnitudes of both front and rear tire degradation can be calculated using the same set of equations given by the aforemen- tioned computation sequence. The residual for detecting the rear tire degradation is given by rr in equation (5.38). The derivation of the two residuals rf and rr is es- ¯ ¯ sentially by estimating the front and rear tire cornering stiffness, Cαf and Cαr. This illustrates the sufficiency of estimating tire cornering stiffness to not only detect but identify the tire degradation.

192 It is obvious the two sequential residual generators require the use of integral

causality for calculating the vehicle lateral velocity vy. In practice, numerical inte-

gration requires initial condition of the speciﬁc variable that is typically unknown.

Moreover, diﬀerentiation of the vehicle yaw rate measurement is required in the resid-

ual derivation. However, numerical diﬀerentiation can be adversely aﬀected by sensor

noise. To implement the sequential residual generator while avoiding these issues, we

can use state observers to obtain the residual. By assuming the noise in the system to

be Gaussian white noise, it is reasonable to apply Kalman ﬁltering technique to esti-

mate system states, vehicle yaw rate and vehicle lateral velocity, while simultaneously

estimating the parameters, front and rear tires cornering stiﬀness.

 my ·l +I y˙ R (y −y ·y ) ay r zz ψ˙ ¯ θp·rst ay vx ψ˙ lf  = 2Cαf ( ¯ − ¯ − ¯ · yψ˙ )  lf +lr 1−kcf ·Cαf (1−kcf ·Cαf )yvx (1−kcf ·Cαf )yvx ¯ Cαf = Cαf + xfCf (5.37)  ¯ rf = Cαf − Cαf

R  mya ·l −Izzy˙ (ya −yv ·y ) y f ψ˙ ¯ y x ψ˙ lr  = 2Cαr(− ¯ + ¯ · yψ˙ )  lf +lr (1−kcr·Cαr)yvx (1−kcr·Cαr)yvx ¯ Cαr = Cαr + xfCr (5.38)  ¯ rr = Cαr − Cαr To estimate the vehicle yaw rate, lateral velocity and tire cornering stiﬀness using

Kalman filtering technique, we augment the state vector to specifically include both front and rear tire cornering stiffness as two states of the system. The augmented system state vector is defined as X in equation (5.39). The pinion angle θp is the input

deﬁned by u in equation (5.40). And the measurement vector Y , which consists of ˙ vehicle yaw rate ψ and lateral acceleration ay from sensor measurement, is described

in equation (5.41).

T ˙ T X = [x1, x2, x3, x4] = [ψ, vy,Cαf ,Cαr ] (5.39)

u = θp (5.40)

193 Figure 5.30: Matching using equation (5.29) as analytical redundant relation

T ˙ T Y = [y1, y2] = [ψ, ay] (5.41)

By incorporating the parameters into the state vector X, the front tires and rear tires cornering stiﬀness are modeled using the random walk model given in equations

(5.42). The nonlinear function of the state equations f(.) is then given by equation

(5.43). The measurement function h(.) is obtained by equation (5.44). ˙ x˙ 3 = Cαf = 0 (5.42) ˙ x˙ 4 = Cαr = 0 194  2x3 u·rst x2 lf ·x1 f1 = ( − − ) · lf  Izz 1−k ·x3 (1−k ·x3)·vx (1−k ·x3)·vx  cf cf cf  2x4 x2 lr·x1 − (− + ) · lr  Izz (1−kcr·x4)·vx (1−kcr·x4)·vx  2x3 u·rst x2 lf ·x1 f2 = ( − − ) f = m 1−kcf ·x3 (1−kcf ·x3)·vx (1−kcf ·x3)·vx (5.43) 2x4 x2 lr·x1 + (− + ) − vx · x1  m (1−kcr·x4)·vx (1−kcr·x4)·vx  f3 = 0  f4 = 0  h1 = x1  2x3 u·rst x2 lf ·x1 h = h2 = ( − − ) (5.44) m 1−kcf ·x3 (1−kcf ·x3)·vx (1−kcf ·x3)·vx  2x x l ·x + 4 (− 2 + r 1 ) m (1−kcr·x4)·vx (1−kcr·x4)·vx To ensure the tire cornering stiﬀness can be estimated using the above model, one needs to check the system observability. For a nonlinear system described by equation

(5.43) and (5.44), the observability of the system is evaluated locally and may change with system operating conditions. To quantify the nonlinear system observability, we will present a degree of observability index in the next section.

5.3.2 A Degree of Observability Index for Nonlinear Systems

As mentioned in Chapter 2, the observability for nonlinear system can be determined by Lie derivative. In this case, according to the observability matrix given by equation (C.1) in Appendix C, the system is observable except when either one of the following conditions hold:

1. front and rear steer angles are equal to zero, i.e. δf = δr = 0.

2. vehicle speed is equal to zero (vehicle at rest).

Thus, the vehicle lateral motion (yaw rate, lateral velocity) and tire cornering

stiﬀness estimation should be performed during vehicle steering maneuver, which is

reasonable considering the role of tire cornering stiﬀness in vehicle lateral motion.

In theory, the states of a system can be reconstructed from measured inputs

and outputs as long as the system meets the rank condition of observability matrix.

195 However, the degree of observability is also important for evaluating the feasibility of state estimation in real world applications. Especially for nonlinear systems, the degree of observability has to be evaluated locally, which means the system may become unobservable or less observable in some operating conditions. In this section, we discuss the degree of observability for linear and nonlinear systems. Further, a observability index is presented to quantify the degree of observability for nonlinear systems.

In terms of linear discrete system, one of the observability measures is to evaluate the singular values of the system observability gramian given in equation (5.45), for stochastic systems. Φi,0 represents the state transition matrix from step 0 to step i.

Hi is the measurement matrix at step i. The observability gramian for deterministic system is given in equation (5.46). Smaller singular values imply the corresponding states are less observable compared to the states associated with larger singular values.

Each singular value is a measure of the observability for the subspace spanned by the corresponding singular vector [164]. The overall system observability can be determined by the smallest singular value.

k T T −1 L0,k = Σi=0Φi,0Hi Ri HiΦi,0 (5.45)

k T T L0,k = Σi=0Φi,0Hi HiΦi,0 (5.46)

The nonlinear system observability can be evaluated using Lie derivative [128].

With Lie derivative, the nonlinear system observability can be determined and quan- tiﬁed locally. For each operating point of interest, one can calculate the singular values of the nonlinear system observability matrix through singular value decomposition [165]. In [166], an observability index is deﬁned in equation (5.47), where O

196 T T is the nonlinear observability matrix. λmin(O O) and λmax(O O) are the minimum and maximum eigenvalue of matrix OT O. This index is to quantify the degree of

observability for a nonlinear system. Nevertheless, in practice, calculating the eigen-

value of the matrix OT O is numerically less accurate than calculating the singular

value of the matrix O. This is because the formation of OT O can results in loss of

precision. Thus, we deﬁne a new observability index for nonlinear system in equation

(5.48). σmin(O) and σmax(O) are the minimum and maximum singular value of the

nonlinear system observability matrix O based on singular value decomposition. It

should be noted that the singular value is equal to the positive square root of the

eigenvalues of the matrix OT O. In particular, the minimum singular value indicates

the minimum distance between the matrix O and a matrix with lower rank.

T λmin(O O) δ = T (5.47) λmax(O O) σ (O) ξ = min (5.48) σmax(O) It should be noted that diﬀerent units of the variables considered in a nonlinear

system can change the nonlinear observability index ξ. To make the observability

matrix better conditioned, one should ﬁrst normalize the variables of the system,

such that all the variables lie in the range of [0, 1] under various system operating

conditions of interest. Further, we normalize the vector of the singular values so

that all the singular values are set to the scale of [0, 1]. For a fourth order nonlinear

system, the vector of the singular values calculated from the observability matrix

can be described in equation (5.49). The vector normalization is demonstrated in

equation (5.50), where |σO| represents the length of the vector σO. Through this

process, one can better compare the degree of observability under diﬀerent system

197 operating conditions.

σO = [σ1, σ2, σ3, σ4] (5.49) h i σ = σ1 , σ2 , σ3 , σ4 (5.50) norm |σO| |σO| |σO| |σO|

Here, we use the deﬁned nonlinear observability index to determine proper vehicle operating condition that renders the system more observable. The metric to characterize vehicle operating condition during steering maneuver is chosen to be the steady state lateral acceleration during cornering with constant eﬀective cornering radius. We compare two lateral acceleration levels, 0.15(g) and 0.3(g) (g represents the gravitational acceleration), with the vehicle turning at 20(mph). In

CarSim simulation, we perform two diﬀerent cornering maneuvers, in which the vehicle reaches steady state with the corresponding lateral acceleration levels. Mean- while, vehicle steady state yaw rate, lateral velocity and equivalent tire cornering stiﬀness are recorded as well to quantify the degree of observability. For steering maneuver with lateral acceleration at 0.15(g), the normalized singular value vector is [0.9991, 0.0424, 2.6748e − 4, 1.3303e − 5]. The observability index based on equa-

tion (5.48) is given by 1.3315e-5. When the steady state lateral acceleration level is

increased to 0.3(g), the normalized singular value vector of the corresponding observ-

ability matrix is [0.9993, 0.0379, 6.3192e − 4, 3.3016e − 5]. The resultant observability index is increased to 3.3040e-5. Thus, the system becomes more observable when the steady state lateral acceleration is at 0.3(g). The nonlinear observability index helps determine the most proper operating conditions for system state estimation. Once the operating condition is determined, we can proceed to choose appropriate Kalman

ﬁltering technique for tire cornering stiﬀness estimation.

198 5.3.3 Tire Cornering Stiﬀness Estimation with the Extended Kalman Filter and Unscented Kalman Filter

In Chapter 2, diﬀerent methods for observer based state estimation are introduced.

The Luenberger observer is applicable to linear system. When the system becomes nonlinear, the Luenberger observer can become inaccurate and not robust to noise and disturbance. The sliding mode observer can be used to suppress system uncertainty, but it can be affected by the “chattering” problem. Further, the design of the sliding mode observer can lead to complicated Lyapunov functions [167]. On the other hand, the EKF has proved to be effective for nonlinear system estimation when the system is not highly nonlinear. The single-track vehicle model is bilinear with the tire cornering stiffness as states, which means the system is not highly nonlinear from a mathematical perspective. Moreover, the Extended Kalman filter is robust to noise and disturbance in the system and proves efficient for real time estimation.

Thus, we ﬁrst apply the Extended Kalman Filter to estimate vehicle lateral motion response (yaw rate and lateral velocity as system states) and tire cornering stiﬀness

(system parameters). The general methodology of using the Extended Kalman Filter for joint estimation of system states and parameters are reviewed in Chapter 2. The reason for not using the Dual Kalman Filter to simultaneously estimate system states and parameters is that the Dual Kalman Filter can be inaccurate due to the loss of cross-correlations between states and parameters [133]. We further apply the UKF to compare its performance with the EKF, since the UKF may have better accuracy in linearing the system while maintaining computation eﬃciency. The EKF and the UKF algorithms are attached in Appendix B. The strategy of tire cornering stiﬀness estimation is shown in Figure 5.31. Based on the structural analysis in section

199 5.3.1, both front and rear tire degradation can be detected, isolated and identified by estimating the front and rear tire cornering stiffness. In this dissertation, we focus on front tire degradation as it has direct impact on vehicle handling. Thus, only front tire degradation is injected in simulation and experimental validation to demonstrate the effectiveness of the proposed methodology.

Figure 5.31: Tire cornering stiﬀness estimation strategy

In terms of the implementation of EKF in tire cornering stiﬀness estimation, it has been found more aggressive maneuvers result in more stable and accurate estimates. In particular, vehicle steering maneuvers with lateral acceleration above

0.15 (g) ensure faster convergence. To evaluate the EKF performance in estimating tire cornering stiﬀness, we run simulations in CarSim, in which the vehicle performs multiple cornering maneuvers in alternate directions with vehicle lateral acceleration up to 0.3 (g) and constant vehicle speed at 20(mph). To make the scenario more

200 realistic, Gaussian white noise is introduced in the measurement of vehicle yaw rate and lateral acceleration, with the noise standard deviation equal to 0.001 (rad/s) and

0.01(m/s2), respectively. The vehicle trajectory is shown in Figure 5.32, followed by the closed-loop driver model in CarSim. There are total 14 cornering events with same effective cornering radius of 27 (m). The vehicle yaw rate and lateral velocity estimation are given in Figure 5.33. The tire cornering stiffness estimation results are demonstrated in Figure 5.34, in which the reference values for front and rear tire cornering stiffness are determined based on the tire model in CarSim. Table 5.2 shows the reference values, estimates and estimation error percentage of the tire cornering stiffness estimation. The estimates are based on the steady-state values of the tire cornering stiffness estimates from EKF. Both front and rear tire cornering stiffness estimation error are within 10% compared to the reference values. In Figure 5.34, it can also be seen that the estimates remain constant during straight line driving, for example for between 220 and 250 (second). This implies the algorithm can be used to estimate tire cornering stiffness during vehicle normal operation, which is typically mixed with straight line driving and steering maneuver. In this application, the EKF has fast convergence rate as it only takes one cornering maneuver for the estimate to reach 90% of the steady-state value. In addition, to test whether the

EKF can eliminate the error between initial guess and reference value of the tire cornering stiffness, ±40% difference from the reference values are used to initialize the tire cornering stiffness estimate, as shown in Figure 5.35. It is obvious that the

EKF converges to steady-state values that are very close to each other under different initial conditions of the tire cornering stiffness. The overall performance of the EKF is fast, robust and reliable in terms of tire cornering stiffness estimation.

201 Figure 5.32: Vehicle trajectory during multiple cornering maneuver with steady-state lateral acceleration at 0.3(g)

202 203

(a) Vehicle yaw rate and lateral velocity estimation (b) Vehicle yaw rate and lateral velocity estimation error

Figure 5.33: Vehicle yaw rate and lateral velocity estimation with EKF and single-track vehicle model Figure 5.34: Tire cornering stiﬀness estimation with EKF and single-track vehicle model

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 7.09 7.21 +1.69% Rear (N/rad) 5.65 5.81 +2.83%

Table 5.2: Tire cornering stiﬀness estimation error with EKF

204 (a) Front tire cornering stiﬀness estimation with ±40% error of initial guess

(b) Rear tire cornering stiﬀness estimation with ±40% error of initial guess

Figure 5.35: Tire cornering stiﬀness estimation with ±40% initial values error

205 (a) Front tire cornering stiﬀness estimation with front tire degradation

(b) Rear tire cornering stiﬀness estimation with front tire degradation

Figure 5.36: Tire cornering stiﬀness estimation with front tire degradation by +20% change in front tire cornering stiﬀness

206 To further evaluate the EKF performance in identifying front tire degradation, we introduce front tire degradation by introducing +20% change in front tire cornering stiffness and repeat the simulation with the same maneuver. In Figure 5.36, the front and rear tire cornering stiffness estimation are given in the presence of front tire degradation. In particular, the front tire cornering stiffness estimate increases by 12.75% while the rear one decreases by 5.70%. The statistics of the estimation are shown in Table 5.3. By ’healthy’, we mean the absence of front tire degradation.

’Faulty’ implies the occurrence of front tire degradation. Ideally, in the presence of front tire degradation, the change in front tire cornering stiﬀness should be +20% while the rear tire cornering stiﬀness should remain the same. Here the estimation error is due to modeling error of the single-track vehicle model.

Tire cornering stiﬀness Healthy Faulty Percentage change Front estimate (N/rad) 7.21 8.28 +14.84% Rear estimate (N/rad) 5.81 5.44 -6.37%

Table 5.3: Tire cornering stiﬀness estimation with EKF (healthy vs. faulty)

Next, we apply the UKF algorithm in lieu of the EKF to estimate the tire cornering stiffness for tire degradation detection. To compare the performance with EKF, the same vehicle maneuver is simulated, in which the vehicle trajectory is the same as shown in Figure 5.32. The vehicle yaw rate and lateral velocity estimation performed with the UKF are shown in Figure 5.37. The tire cornering stiffness estimation under healthy case is given in Figure 5.38, where the reference values of front and rear tire cornering stiffness are indicated by orange and purple dashed line, respectively. In

207 Table 5.4, the tire cornering stiﬀness estimate and estimation error percentage are summarized, which suggests high estimation accuracy especially for front tires.

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 7.09 7.22 +1.83% Rear (N/rad) 5.65 5.74 +1.59%

Table 5.4: Tire cornering stiﬀness estimation error with the UKF

208 209

(a) Vehicle yaw rate and lateral velocity estimation (b) Vehicle yaw rate and lateral velocity estimation error

Figure 5.37: Vehicle yaw rate and lateral velocity estimation with the UKF and single-track vehicle model Figure 5.38: Tire cornering stiﬀness estimation with the UKF and single-track vehicle model

Tire cornering stiﬀness Healthy Faulty Percentage change Front estimate (N/rad) 7.22 8.72 +20.78% Rear estimate (N/rad) 5.74 5.69 -0.87%

Table 5.5: Tire cornering stiﬀness estimation with the UKF (healthy vs. faulty)

Similar to the previous case with EKF, we introduce front tire degradation by

+20% change in front tire cornering stiﬀness to evaluate the UKF capability of identifying front tire degradation. In Figure 5.39, the change in front and rear tire cornering stiﬀness estimates are compared with and without front tire degradation. The

210 (a) Front tire cornering stiﬀness estimation with front tire degradation

(b) Rear tire cornering stiﬀness estimation with front tire degradation

Figure 5.39: Tire cornering stiﬀness estimation with front tire degradation by +20% change in front tire cornering stiﬀness using UKF

211 increase in front tire cornering stiﬀness estimate is transparent with front tire degra-

dation introduced in the simulation. The estimation statistics are summarized in

Table 5.5. Compared with Table 5.3, it can be concluded that UKF has better

performance compared with EKF in terms of tire cornering stiﬀness estimation for

front tire degradation detection. This conclusion is valid at least for the considered

driving scenario, in which the vehicle performs multiple cornering maneuver mixed

with straight line driving. The improved accuracy in the estimation could be due

to reduced linearization error in the UKF. In the UKF, the state distribution is ap-

proximated by the so-called sigma points, which can completely characterize the true

mean and covariance of the state distribution. When propagated through the non-

linear system model, these sigma points are capable of characterizing the posterior

mean and covariance to the third order [168]. On the other hand, the EKF linearizes

the nonlinear system model only to the ﬁrst order (Taylor series expansion).

5.4 Validation in Vehicle Dynamics Driver-in-the-loop Sim- ulator

The algorithm developed for tire cornering stiﬀness estimation is validated using

the vehicle dynamics driver-in-the-loop simulator (VDDIL) available at the OSU Cen-

ter for Automotive Research 1 as an experimental platform, as shown in Figure 5.40.

The driver’s point of view is shown in Figure 5.41 With a human driver interacting with the vehicle model by providing the steering input, accelerator and brake pedal positions; the VDDIL can be used for software-in-the-loop (SIL) simulation with a human driver in the loop. This form of validation goes beyond the MI and SIL validation, and is also one of the critical steps in model-based software development for

1Dr. Jeﬀ Chrstos, the Driving Dynamics Lab, https://ddl.engineering.osu.edu/

212 automotive diagnosis with reference to the V diagram of Figure 2.1 in Chapter 2.

In this case, the vehicle plant model is developed in CarSim, a high-fidelity simulation platform, and receives driver input commands from a steering wheel, accelerator pedal, brake pedal and a gear shifter. The vehicle response to these inputs is simulated by CarSim and results in the physical 3-DOF driving simulator matching the motion the vehicle would experience (within the limitations of the actuation hardware) and projecting the resulting motion of the vehicle on the monitor, such that the driver is able to control the vehicle for specific maneuvers based on visual and kinematic feedback. The environments that can be simulated include different weather and road conditions and mimic real world driving scenarios. With a human driver, the driving behavior will be more reasonable and realistic than using a driver model in a MIL simulation. This validation process is one form of HIL validation, in which some of the vehicle input control hardware (steering, braking systems) is present, and of course a human driver is responsible for decision making. This helps verify the performance of the developed algorithm in face of various driving conditions and realistic driving behavior.

The driving simulator is called QuadDS. There are three degrees of freedom in the simulator, heave motion, pitch motion and roll motion. In terms of the VDDIL setup, a steering wheel is attached to steering column to provide steering input while a pedal assembly and shifter enable the input of accelerator pedal signal, brake pedal signal and gear shift signal to CarSim, which then simulates the vehicle dynamics response.

In addition, steering wheel force feedback is provided by an electric motor, which communicates with the simulator motion platform via CAN bus [169]. The electric motor receives torque command generated by CarSim. As shown in Figure 5.42, the

213 Figure 5.40: Vehicle dynamics driver-in-the-loop simulator

steering motor control uses data related to steering wheel angle and velocity and the motor current control software is used for steering force feedback. The data ﬂow between the motion platform and accompanying software and hardware is shown in

Figure 5.43.

5.4.1 Design of Experiments

In this section, we present the design of experiments for testing the methodology in the vehicle dynamics driver-in-the-loop simulator. Doing experiments on a driving simulator with hardware and driver in the loop is important since the experiments

214 Figure 5.41: Driver’s point of view

Figure 5.42: Steering motor controller layout

provide more realistic driving scenarios for validation of diagnostic design. In particular, hardware-in-the-loop and driver-in-the-loop testing is one of the critical steps of the V diagram for achieving functional safety with model-based approach.

215 Figure 5.43: Data ﬂow between QuadDS motion platform and accompanying software and hardware

216 Figure 5.44: ISO 3888-1:2018 Double Lane Change maneuver layout

Section Length Lane Width Formula Width (m) 1 15 - 1.1 × vehicle width + 0.25 2.45 2 30 - - 2.65 3 25 3,5 1.2 × vehicle width +0.25 2.65 4 25 - - - 5 15 - 1.3 × vehicle width +0.25 2.85 6 15 - 1.3 × vehicle width +0.25 2.85

Table 5.6: Dimension speciﬁcation of ISO 3888-1:2018

Double Lane Change

Since the tire cornering stiﬀness estimation requires steering maneuver which excites the vehicle lateral motion, we adopt an ISO standard to perform double lane change maneuver as the ﬁrst experiment. According to ISO 3888-1:2018, the standard

217 Figure 5.45: Position of Cones for Double Lane Change

double lane change maneuver layout is given in Figure 5.44 [170]. The dimension of the track is illustrated in Table 5.6. The cone positions for performing the double lane change maneuver are indicated in Figure 5.45. In Figure 5.46, the dimension of each cone is speciﬁed which requires a minimum height of 500 (mm) with the base dimension of 285 (mm) × 285 (mm). During the double lane change, the target vehicle speed is set at 40 (mph), which is enough to excite vehicle lateral motion response.

To maintain the target speed, the accelerator pedal position is held steady during the experiments. The variables of our interest are the steering input (pinion angle for rack-and-pinion steering mechanism) and vehicle lateral motion response, especially vehicle yaw rate and lateral acceleration.

218 Figure 5.46: ISO 3888-1:2018 cone dimensions

Slalom Test

To test the algorithm under aggressive maneuvers, we perform the slalom test shown in Figure 5.47, in which both short slalom and long slalom can be implemented depending on the space between cones. In the slalom test, the vehicle performs consecutive turns in alternate directions which excites the vehicle transient steering response. Thus, the slalom test is suitable for evaluating vehicle yaw and steering performance. It provides an effective way to evaluate the capability of the algorithm in identifying the effects of tire cornering stiffness on vehicle steering response. The

219 implementation of the long slalom course is illustrated in Figure 5.48. The target vehicle speed is same as the double lane change maneuver at 40 (mph), which limits the lateral acceleration to be within 0.6 (g).

Figure 5.47: Layout of Slaloms

Figure 5.48: Vehicle target trajectory in long slalom

220 5.4.2 Results

In this section, we show experimental results using the vehicle dynamics driver- in-the-loop simulator as the test platform. Two scenarios are tested in the VDDIL, double lane change maneuver and slalom test. To ensure convergence of the Kalman

filter, we perform two consecutive double lane change maneuvers and two consecutive slalom tests. The performance of the EKF and the UKF is compared by evaluating their ability to estimate tire cornering stiffness. In these experiments, the vehicle parameters (vehicle mass, distance from CG to axles, yaw inertia) are different from those used in the previous simulation, as given in section 5.3.3. The tire model remains the same compared to the previous simulation. In this way, it would be reasonable to test the robustness of the EKF and the UKF with different vehicle parameters.

Tire Cornering Stiﬀness Estimation under Double Lane Change Maneuver

The ﬁrst test scenario is the double lane change (DLC) maneuver, in which the vehicle performs two consecutive DLC, with the vehicle trajectory shown in Figure 5.49.

We first apply EKF to estimate the vehicle lateral motion response and tire cornering stiffness. As shown in Figure 5.50, the vehicle lateral motion response, yaw rate and lateral velocity, are estimated accurately with EKF. In Figure 5.51, it shows both the front wheel angle and rear wheel angle are accurately estimated. The tire lateral force and tire lateral slip angle estimation are demonstrated in Figure 5.52 and Figure 5.53, respectively. The results show that the EKF can quickly and accurately estimate the tire force and tire lateral slip angle. Since the tire cornering stiffness determines the relationship between tire lateral slip angle and tire lateral force, the tire cornering stiffness estimation is reasonably accurate compared to the reference values, as shown

221 in Figure 5.54. In Table 5.7, it shows the estimation error of both front and rear tire cornering stiﬀness are within 10% compared to the reference values.

Figure 5.49: Vehicle trajectory under double lane change maneuvers

222 Figure 5.50: Vehicle yaw rate and lateral velocity estimation under double lane change maneuver

223 Figure 5.51: Wheel steer angle estimation under double lane change maneuver

224 Figure 5.52: Tire lateral force estimation under double lane change maneuver

225 Figure 5.53: Tire lateral slip angle estimation under double lane change maneuver

226 Figure 5.54: Tire cornering stiﬀness estimation under double lane change maneuver

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 6.31 5.84 -9.26% Rear (N/rad) 4.91 5.31 +8.15%

Table 5.7: Tire cornering stiﬀness estimation error under double lane change using the EKF

To further evaluate the EKF performance in identifying front tire degradation, we introduce front tire degradation in the tire model via the increase in front tire

227 cornering stiﬀness by 20%. The double lane change maneuver tests are rerun in the vehicle dynamics driver-in-the-loop simulator to collect experimental data. The data are downsampled to 20 (Hz) to challenge the EKF. It should be noted that all the data are analyzed oﬄine for convenience. But the EKF can estimate the variables of interest in an online manner as well. With the front tire degradation, the results of vehicle lateral motion response and tire response are given in Figure 5.55 to

Figure 5.58. The results show EKF estimates the vehicle response and tire response accurately with front tire degradation. In Figure 5.59, the front tire cornering stiffness estimation is fast and accurate enough to identify the front tire degradation. The estimation statistics are summarized in Table 5.8, which shows the EKF estimates the rear tire cornering stiffness very accurately while maintaining the estimation error of front tire cornering stiffness within 10%. Table 5.9 compares the tire cornering stiffness estimates with and without front tire degradation, which demonstrates the capability of the EKF in identifying the front tire degradation by an increase of 20% in front tire cornering stiffness.

228 Figure 5.55: Vehicle yaw rate and lateral velocity estimation under double lane change maneuver with front tire degradation

229 Figure 5.56: Wheel steer angle estimation under double lane change maneuver with front tire degradation

230 Figure 5.57: Tire lateral force estimation under double lane change maneuver with front tire degradation

231 Figure 5.58: Tire lateral slip angle estimation under double lane change maneuver with front tire degradation

232 Figure 5.59: Tire cornering stiﬀness estimation under double lane change maneuver with front tire degradation

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 7.56 6.99 -7.54% Rear (N/rad) 4.91 4.912 +0.04%

Table 5.8: Tire cornering stiﬀness estimation error under double lane change with front tire degradation using the EKF

233 Tire cornering stiﬀness Healthy Faulty Percentage change Front estimate (N/rad) 5.84 6.99 +19.69% Rear estimate (N/rad) 5.31 4.912 -7.50%

Table 5.9: Tire cornering stiﬀness estimation during double lane change maneuver with the EKF (healthy vs. faulty)

Next, we test the UKF performance using the same double lane change maneuver.

The vehicle yaw rate and lateral velocity estimation are given in Figure 5.60, in which the vehicle yaw rate is estimated accurately. The vehicle lateral velocity estimate takes some time to converge with some estimation error due to modeling error. The wheel steer angle, tire lateral force and tire lateral slip angle estimates are demonstrated in Figure 5.61 to Figure 5.63. The tire cornering stiﬀness estimation is illustrated in

Figure 5.64. The information of the tire cornering stiﬀness can be extracted from the mean value of the estimate. The estimation error is listed in Table 5.10 and it shows the comparable performance in estimating tire cornering stiﬀness compared with the

EKF.

234 Figure 5.60: Vehicle yaw rate and lateral velocity estimation under double lane change maneuver with the UKF

235 Figure 5.61: Wheel steer angle estimation under double lane change maneuver with the UKF

236 Figure 5.62: Tire lateral force estimation under double lane change maneuver with the UKF

237 Figure 5.63: Tire lateral slip angle estimation under double lane change maneuver with the UKF

238 Figure 5.64: Tire cornering stiﬀness estimation under double lane change maneuver with the UKF

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 6.31 5.83 -9.79% Rear (N/rad) 4.91 5.20 +5.91%

Table 5.10: Tire cornering stiﬀness estimation error under double lane change with the UKF

239 Similar to the case with the EKF, to test the UKF performance in identifying front tire degradation, we introduce front tire degradation in the tire model via the increase in front tire cornering stiﬀness by 20%. The double lane change maneuver tests are rerun in the vehicle dynamics driver-in-the-loop simulator to collect experimental data. With the front tire degradation, the results of vehicle lateral motion response and tire response are given in Figure 5.65 to Figure 5.68. The results show

EKF estimates the vehicle response and tire response accurately with front tire degradation. In Figure 5.69, the front tire cornering stiffness estimation is fast and accurate enough to identify the front tire degradation. In Table 5.11, the estimation error for front and rear tire cornering stiffness are summarized. The front tire cornering stiffness estimation error is -7.8% while the rear tire cornering stiffness estimation error is

-1.22%. The results are similar to the case using the EKF for the double lane change maneuver. Table 5.12 suggests the UKF can accurately identify the front tire degradation by cornering stiﬀness change, though there is some error in rear tire cornering stiﬀness estimation.

240 Figure 5.65: Vehicle yaw rate and lateral velocity estimation under double lane change maneuver with front tire degradation using the UKF

241 Figure 5.66: Wheel steer angle estimation under double lane change maneuver with front tire degradation using the UKF

242 Figure 5.67: Tire lateral force estimation under double lane change maneuver with front tire degradation using the UKF

243 Figure 5.68: Tire lateral slip angle estimation under double lane change maneuver with front tire degradation using the UKF

244 Figure 5.69: Tire cornering stiﬀness estimation under double lane change maneuver with front tire degradation using the UKF

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 7.56 6.97 -7.80% Rear (N/rad) 4.91 4.85 -1.22%

Table 5.11: Tire cornering stiﬀness estimation error under double lane change with front tire degradation using the UKF

245 Tire cornering stiﬀness Healthy Faulty Percentage change Front estimate (N/rad) 5.83 6.97 +19.55% Rear estimate (N/rad) 5.20 4.85 -6.73%

Table 5.12: Tire cornering stiﬀness estimation during double lane change maneuver with the UKF (healthy vs. faulty)

Tire Cornering Stiﬀness Estimation under Slalom Test

The second scenario for experimental validation is the slalom test. In the slalom test, vehicle performs turns in alternate directions, with the vehicle trajectory shown in Figure 5.70. The vehicle yaw rate and lateral velocity estimation are given in

Figure 5.71, in which the vehicle yaw rate is estimated accurately. The vehicle lateral velocity estimate takes some time to converge with some estimation error due to modeling error. The wheel steer angle, tire lateral force and tire lateral slip angle estimates are demonstrated in Figure 5.72 to Figure 5.74. The tire cornering stiffness estimation is illustrated in Figure 5.75. Table 5.13 shows that the UKF underestimates the front tire cornering stiffness and overestimates the rear tire cornering stiffness. The overall estimation error is within 10%.

246 Figure 5.70: Vehicle trajectory under Slalom test

247 Figure 5.71: Vehicle yaw rate and lateral velocity estimation under slalom test with the EKF

248 Figure 5.72: Wheel steer angle estimation under slalom test with the EKF

249 Figure 5.73: Tire lateral force estimation under slalom test with the EKF

250 Figure 5.74: Tire lateral slip angle estimation under slalom test with the EKF

251 Figure 5.75: Tire cornering stiﬀness estimation under slalom test with the EKF

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 6.02 5.61 -6.81% Rear (N/rad) 4.84 4.92 +1.65%

Table 5.13: Tire cornering stiﬀness estimation error under slalom test with the EKF

To evaluate the performance of the EKF in identifying front tire degradation, the front tire cornering stiﬀness is increased by 20%. The slalom tests are rerun in the

252 VDDIL. With the human driver in the loop, different runs of the tests contain un- certain in terms of vehicle speed, steering wheel angle input. Thus, the results can demonstrate the robustness of the EKF with respect to uncertainty in vehicle speed and steering input. The results of vehicle lateral motion response and tire response are given in Figure 5.76 to Figure 5.79. In Figure 5.80, the tire cornering stiffness estimates for both front and rear tires are indicated by blue and red solid lines, respectively. It can be seen the estimate are smaller than the reference mainly due to the estimation error in vehicle lateral velocity. It should be noted that the reference values of tire cornering stiffness change slightly from healthy case to faulty case. This is because of the difference in steering input and vehicle speed, controlled by the human driver. In different runs of the tests, the human driver cannot completely replicate the same vehicle speed and steering input, which is different and more realistic compared to a driver model in simulation. The estimation error statistics are given in

Table 5.14. A comparison between the healthy case and the faulty case is given in

Table 5.15. The EKF quickly and accurately identifies the front tire degradation by cornering stiffness change while there is also some estimation error in the rear tire cornering stiffness due to modeling error and uncertainty during the tests.

253 Figure 5.76: Vehicle yaw rate and lateral velocity estimation under slalom test with front tire degradation using the EKF

254 Figure 5.77: Wheel steer angle estimation under slalom test with front tire degradation using the EKF

255 Figure 5.78: Tire lateral force estimation under slalom test with front tire degradation using the EKF

256 Figure 5.79: Tire lateral slip angle estimation under slalom test with front tire degradation using the EKF

257 Figure 5.80: Tire cornering stiﬀness estimation under slalom test with front tire degradation using the EKF

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 7.24 6.77 -6.49% Rear (N/rad) 4.95 4.61 -6.87%

Table 5.14: Tire cornering stiﬀness estimation error under slalom test with front tire degradation using the EKF

258 Tire cornering stiﬀness Healthy Faulty Percentage change Front estimate (N/rad) 5.61 6.77 +20.68% Rear estimate (N/rad) 4.92 4.61 -6.30%

Table 5.15: Tire cornering stiﬀness estimation during slalom test with the EKF (healthy vs. faulty)

Once the EKF is tested in terms of tire cornering stiffness estimation, we move forward to evaluate the UKF performance in identifying front tire degradation by cornering stiffness change. The same test data are passed through the UKF to estimate tire cornering stiffness in an off-line manner. The estimation of vehicle lateral motion response and tire response using the UKF are shown in Figure 5.81 to Figure 5.84.

The tire cornering stiffness estimation and estimation error statistics are given in Fig- ure 5.85 and Table 5.16, respectively. Similar to the EKF, the UKF underestimates the front tire cornering stiffness and overestimates the rear tire cornering stiffness during the Slalom test. The overall estimation accuracy is satisfactory in terms of the front and rear tire cornering stiffness estimation.

259 Figure 5.81: Vehicle yaw rate and lateral velocity estimation under slalom test with the UKF

260 Figure 5.82: Wheel steer angle estimation under slalom test with the UKF

261 Figure 5.83: Tire lateral force estimation under slalom test with the UKF

262 Figure 5.84: Tire lateral slip angle estimation under slalom test with the UKF

263 Figure 5.85: Tire cornering stiﬀness estimation under slalom test with the UKF

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 6.02 5.65 -6.15% Rear (N/rad) 4.84 4.96 +2.48%

Table 5.16: Tire cornering stiﬀness estimation error under slalom test with the UKF

We then introduce front tire degradation by tire cornering stiﬀness change (+20%) in the tire model of CarSim. Slalom tests are rerun in the VDDIL to apply the UKF

264 for tire cornering stiffness estimation. The results from the UKF are demonstrated in Figure 5.86 to Figure 5.90. The tire cornering stiffness estimation error statistics is summarized in Table 5.17. A comparison of the tire cornering stiffness estimate using the UKF between the healthy case and the faulty case (with front tire degradation) is given in Table 5.18, which shows the UKF accurately identifies the front tire degradation by front tire cornering stiffness change. The discrepancy of the rear tire cornering stiffness estimates between the healthy case and the faulty case is -7.26%.

Figure 5.86: Vehicle yaw rate and lateral velocity estimation under slalom test with front tire degradation using the UKF

265 Figure 5.87: Wheel steer angle estimation under slalom test with front tire degradation using the UKF

266 Figure 5.88: Tire lateral force estimation under slalom test with front tire degradation using the UKF

267 Figure 5.89: Tire lateral slip angle estimation under slalom test with front tire degradation using the UKF

268 Figure 5.90: Tire cornering stiﬀness estimation under slalom test with front tire degradation using the UKF

Tire cornering stiﬀness Reference Estimate Estimation error percentage Front (N/rad) 7.24 6.82 -5.80% Rear (N/rad) 4.95 4.60 -7.07%

Table 5.17: Tire cornering stiﬀness estimation error under slalom test with front tire degradation using the UKF

269 Tire cornering stiﬀness Healthy Faulty Percentage change Front estimate (N/rad) 5.65 6.82 +20.71% Rear estimate (N/rad) 4.96 4.60 -7.26%

Table 5.18: Tire cornering stiﬀness estimation during slalom test with the UKF (healthy vs. faulty)

In conclusion, the EKF and the UKF can accurately estimate front and rear tire cornering stiffness. Thus, both algorithms are suitable for identifying the front tire degradation by tire cornering stiffness change. The tire cornering stiffness estimate has some error due to modeling error and uncertainty during the experimental tests.

But the overall performance of both the EKF and the UKF are satisfactory. In terms of the estimation accuracy, in this application, the EKF and the UKF demonstrate comparable performance compared to each other. The reason may be the nonlinearity in the single-track vehicle model (nonlinear when tire cornering stiffness is treated as a system state) is not significantly high such that a first order approximation (Taylor series expansion) can work well in linearing the system.

5.5 Conclusion

In this chapter, we present a diagnostic methodology for detecting steering backlash and tire degradation via modeling of vehicle dynamics and Kalman ﬁltering technique. Structural analysis is applied to analyze system redundancy and to design residual generators. In the detection of steering backlash and tire degradation, the residual generator is developed by estimating vehicle lateral motion response, vehicle yaw rate and lateral acceleration. The residuals are designed for consistency

270 check between estimated vehicle response and measured response. To further identify size/severity of the tire degradation, we extend the way of implementing residual generators from state estimation to parameter estimation as the tire degradation is characterized by a parametric fault in the system. In particular, we apply the Ex- tended Kalman filter and Unscented Kalman filter to estimate both front and rear tire cornering stiffness. To select appropriate system operating conditions for applying observer-based fault diagnosis, we propose a degree of observability index to quantify nonlinear system observability. Following the proposed methodology of model-based fault diagnosis, a critical step of validating the diagnostic system design is through hardware-in-the-loop testing. In this chapter, experimental validation is performed using the vehicle dynamics driver-in-the-loop simulator, with steering system hardware and a human driver in the loop. The EKF and the UKF show comparably desirable performance in estimating tire cornering stiffness under double lane change maneuver and slalom test. The overall results show the effectiveness of the proposed methodology in identifying tire degradation for vehicle safety and performance.

271 Chapter 6: Conclusions and Future Work

6.1 Summary and Conclusions

This dissertation presents a systematic methodology to achieve functional safety in electrified and automated vehicles. In compliance with the automotive functional safety standard ISO 26262, this methodology follows the V cycle as a standard procedure for functional safety. The V cycle starts with system requirements through hazard analysis and risk assessment as well as failure modes and effect analysis. Us- ing system and fault modeling and simulation, one can quantify the fault effects at component level and system level, which can be combined with HARA and FMEA to fully define system requirements and diagnostic requirements. The next step is to design a diagnostic strategy to meet the requirements. For the realization of the diagnostic strategy, specific algorithms should be developed for fault detection and identification. For model-based diagnosis, useful algorithms include state observers, parity equations and parameter estimation. By implementing the diagnostic algorithm in simulation environment with system and fault models of proper fidelity, one can effectively validate the efficacy and efficiency of the proposed approach in fault detection and identification. Following the V cycle, several steps can further be taken to validate the diagnostic design including hardware-in-the-loop testing and in-vehicle

272 testing. In the application of fault diagnosis in vehicle steering system, we also use a vehicle dynamics driver-in-the-loop simulator to assist the validation process, in which a human driver provides more realistic driving behavior than a virtual driver model in simulation.

In defining diagnostic requirements and designing diagnostic strategy, this dissertation presents a model-based approach using structural analysis to decompose system and to analyze system redundancy. With the system structural model represented in Incidence Matrix or bipartite graph, one can clearly identify the interconnections between knowns, unknowns and fault variables in a system. By decomposing the system structure using the DM decomposition, system redundancy can be determined to analyze fault detectability and isolability. By combining system requirements and structural analysis results, one can better define the diagnostic requirements in terms of the signals that are necessary for diagnosing the faults of interest. Structural analysis provides a systematic way of finding analytical redundancy for diagnostic strategy design. In particular, a type of diagnostic test, MSO set, can be generated using structural analysis. For each MSO set that contains a subset of system equations, each equation can be used as an analytical redundant relation to generate a residual.

Different MSO sets can be used to detect and isolate faults. The effectiveness of this approach in determining system redundancy for fault detection and isolation has been proved in Chapter 3,4 and 5 with its application related to electric traction resolver diagnosis and vehicle steering system diagnosis. In particular, in Chapter 3, the use of structural analysis in detecting and isolating multiple sensors faults is illustrated in all-wheel drive electric vehicles. In Chapter 4, the role of structural analysis in defining diagnostic requirements is demonstrated in the case study of electric traction drive

273 resolver diagnosis in P2 hybrid electric vehicles. In Chapter 5, the eﬀectiveness of structural analysis in analyzing system redundancy with system models of diﬀerent

ﬁdelity has been proved in diagnosing faults in the vehicle steering system.

With MSO sets generated through structural analysis, the residual can be generated by sequentially solving the unknown variables within a MSO set. The residual generated in this way is named sequential residual generator. There can be multiple

MSO sets in a system, such that the selection of MSO sets and sequential residual generators can depend on the trade-off between integral casuality and derivative causality. Considering the computation causality and diagnostic requirements, there are different approaches to implement a sequential residual generator. This dissertation clarifies the relation between the implementation of sequential residual generators and the selection of different approaches, including state observers, parity equations and parameter estimation. The strength and weakness of these approaches are discussed in Chapter 2. In particular, the equivalence of the state observers and parity equations are illustrated in section 2.8.5. The application of state observers and parameter estimation approaches is demonstrated in the case study of fault diagnosis in vehicle steering system.

Regarding the use of state observers or parameter estimation approaches in nonlinear systems, one needs to be careful of the system observability since the nonlinear system can become weakly observable or unobservable under some operating conditions. To rule out these conditions and to select proper operating conditions for applying estimation approaches, this dissertation proposes an observability index that can be used to quantify the degree of observability for nonlinear systems. This index is straightforward to calculate for any system operating conditions and is thus useful

274 to compare the eﬀectiveness of applying state estimation and parameter estimation approaches for fault diagnosis. The eﬀectiveness of this index in quantifying nonlinear system observability has been proved in the application of tire degradation detection with a single-track vehicle model.

6.2 Future Work

Next steps in advancing this work would certainly include the study of fault isolation through quantitative analysis of residuals, using pattern recognition and machine learning techniques. Further, it would be useful to be able to Visualize nonlinear system observability for a wide range of system operating conditions, such that the appropriate operating condition for applying observer-based fault diagnosis can be eﬀectively identiﬁed.

275 Appendix A: Torque Converter Dynamic model

A.1 Torque Converter Dynamic Model

Forward ﬂow mode: Q Q I ω˙ + ρS Q˙ = − ρ(ω R2 + R tanα − ω R2 − R tanα )Q + τ i i i i i i A i s s s A s i Q Q I ω˙ + ρS Q˙ = − ρ(ω R2 + R tanα − ω R2 − R tanα )Q + τ t t t t t t A t i i i A i t Q Q I ω˙ + ρS Q˙ = − ρ(ω R2 + R tanα − ω R2 − R tanα )Q + τ s s s s s s A s t t t A t s ρL ρ(S ω˙ + S ω˙ + S ω˙ ) + f Q˙ =ρ(R2ω2 + R2ω2 + R2ω2) i i t t s s A i i t t s s 2 2 2 − ρ(Rsωiωs + Ri ωtωi + Rt ωsωt) Q + ω ρ(R tanα − R tanα ) i A i i s s Q + ω ρ(R tanα − R tanα ) t A t t i i Q + ω ρ(R tanα − R tanα ) − P s A s s t t L (A.1)

The power loss within the torque converter is described in the following equation:

ρ ρf P = sgn(Q)(C V 2 +C V 2 +C V 2 )+ sgn(Q)(V ∗2 +V ∗2 +V ∗2) (A.2) L 2 sh,i sh,i sh,t sh,t sh,s sh,s 2 i t s

Q 0 V = R (ω − ω ) + (tanα − tanα ) sh,i s s i A s i Q 0 V = R (ω − ω ) + (tanα − tanα ) (A.3) sh,t i i t A i t Q 0 V = R (ω − ω ) + (tanα − tanα ) sh,s t t s A t s 276 Reverse ﬂow mode:

Q 0 Q 0 I ω˙ + ρS Q˙ = − ρ(ω R2 + R tanα − ω R2 − R tanα )Q + τ i i i t i i A t i s s A i i Q 0 Q 0 I ω˙ + ρS Q˙ = − ρ(ω R2 + R tanα − ω R2 − R tanα )Q + τ t t t s t t A s t i i A t t Q 0 Q 0 I ω˙ + ρS Q˙ = − ρ(ω R2 + R tanα − ω R2 − R tanα )Q + τ s s s i s s A i s t t A s s ρL ρ(S ω˙ + S ω˙ + S ω˙ ) + f Q˙ =ρ(R2ω2 + R2ω2 + R2ω2) i i t t s s A i t t s s i 2 2 2 − ρ(Rsωiωs + Ri ωtωi + Rt ωsωt)

Q 0 0 + ω ρ(R tanα − R tanα ) i A i t s i Q 0 0 + ω ρ(R tanα − R tanα ) t A t s i t Q 0 0 + ω ρ(R tanα − R tanα ) − P s A s i t s L (A.4)

A.2 Nomenclature

ωt, ωi, ωs: angular speed of turbine, impeller, and stator, respectively.

τi, τt, τs: impeller torque, turbine torque and stator torque, respectively. r: radius leading to ﬂuid particle which is the shortest distance to the tangential component of the velocity

∗ V : ﬂuid velocity relative to blades which is always tangent to the vane (= + · αφ where : radial direction, φ: tangential direction)

V : axial torus ﬂow velocity with spatially constant magnitude ir, iφ, iz: unit vectors corresponding to polar coordinates in the radial direction, the tangential direction, and direction along the torque converter axis, respectively.

α: blade angle

R 2 R Li 2 Ii,f : impeller ﬂuid moment of inertia, where Ii,f = CV r ρdV = 0 r ρAdl

Ii,m: impeller mechanical moment of inertia, where Ii = Ii,m + Ii,f

277 Ri,Rs,Rt: mean radii at impeller, stator, and turbine exits, respectively.

Ai,As,At: net ﬂow areas perpendicular to V at impeller, stator and turbine exits; by assumption: Ai = As = At = A.

αi, αs, αt: = blade angles at impeller, stator and turbine exits, respectively (exits deﬁned w.r.t positive Q)

0 0 0 αi, αs, αt: = blade angles at impeller, stator and turbine entrances, respectively (entrances deﬁned w.r.t positive Q)

Li,Ls,Lt: total length of axial projection of meridional line contained within impeller, stator and turbine.

Pin: net input power (Power=(F · r) · V = τ · V )

E: system kinetic co-energy

Ploss: system power loss due to ﬂow and ﬂuid shock losses.

∀tot: total ﬂuid volume equal to the sum of the three control

Lf : an equivalent ﬂuid inertia length.

ρ: transmission ﬂuid density

Pin,Pout: impeller input power and turbine input power

Q: = volume ﬂow rate through the converter; spatially constant, axial torus volume

Ri,Rt, etc: radius from converter axis to impeller exit, turbine entrance, etc.

Csh,i,Csh,t,Csh,s: shock loss coeﬃcients identically equal one; in practice determined experimentally. f: ﬂuid friction factor

Ii,m,Is,m,It,m: mechanical inertias of impeller, stator and turbine.

Si,Ss,St: = constants from the line integral along the stream line for impeller, stator, and turbine respectively.

278 Appendix B: The Extended Kalman Filter and Unscented Kalman Filter Algorithms

B.1 The EKF Algorithm

To apply the Extended Kalman ﬁlter, a nonlinear system model can be formulated as follows: xk fk−1(xk−1, uk−1, ωk−1, θk−1 Xk = = Fk−1(Xk−1, uk−1,Wk−1) = θk θk−1 + rk−1 (B.1)

zk = hk(xk, uk, υk, θk)

Kalman ﬁlter as follows:

ˆ dFk(Xk, uk,Wk) ˆ dFk(Xk, uk,Wk) Ak = |X =Xˆ + Bk = |W =W¯ dX k k dW k k k k (B.2) dhk(Xk, uk, υk) dhk(Xk, uk, υk) Cˆ = | ˆ − Dˆ = | k Xk=X k υk=¯υk dXk k dυk The ﬁrst-order EKF algorithm is then given as follows:

Initialization: for k = 0, set ˆ + X0 = E[X0] (B.3) Σ+ = E[(X − Xˆ +)(X − Xˆ +)T ] X,˜ 0 0 0 0 0 279 For k = 1, 2,..., compute:

Time update: ˆ − ˆ + ¯ Xk = Fk−1(Xk−1, uk−1, Wk−1)

Σ− = Aˆ Σ+ AˆT + Bˆ Σ BˆT (B.4) X,k˜ k−1 X,k˜ −1 k−1 k−1 W˜ k−1

ˆ − zˆk = hk(Xk , uk, υ¯k) Measurement update:

L = Σ− CˆT [Cˆ Σ− CˆT + Dˆ Σ Dˆ T ]−1 k X,k˜ k k k,k˜ k k υ˜ k

ˆ + ˆ − Xk = Xk + Lk(zk − zˆk) (B.5)

Σ+ = (I − L Cˆ )Σ− X,k˜ k k X,k˜

B.2 The UKF Algorithm

To apply the Unscented Kalman ﬁlter, the nonlinear system model can be formulated as follow: xk fk−1(xk−1, uk−1, ωk−1, θk−1 Xk = = Fk−1(Xk−1, uk−1,Wk−1) = θk θk−1 + rk−1 (B.6)

zk = hk(xk, uk, υk, θk)

The UKF is using the unscented transformation method, in which a random variable x, with dimension L, is propagated through a nonlinear function, y = g(x) [168].

Suppose the mean and covariance of x arex ¯ and Px, respectively. A matrix χ can be formed of 2L + 1 vectors χi. The weights Si are assigned accordingly to each of the

280 vectors. This procedure is described below:

χ0 =x ¯ p χi =x ¯ + (L + λ)Pxi i = 1, ..., L p χi =x ¯ − (L + λ)Pxi−L i = L + 1, ..., 2L λ (B.7) S(m) = 0 L + λ λ S(c) = + 1 − α2 + β 0 L + λ 1 S(m) = S(c) = i = 1, ..., 2L i i 2(L + λ) 2 Where λ = α (L + κ) − L. α, β and κ are tuning parameters. sqrt((L + λ)Σx)i is the ith row of the matrix square root. The propagation of these vectors through the nonlinear function is given by:

yi = g(χx) i = 0, ..., 2L (B.8)

The mean and covariance of y can be approximated as follows:

2L (m) y¯ ≈ Σi=0Si yi (B.9)

2L (c) T Σy ≈ Σi=0Wi [yi − y¯][yi − y¯] (B.10)

To apply the UKF, the state vector is augmented with the process and measure-

a T T T T ment noise variables: Xk = [Xk Wk Vk ] . The unscented Kalman ﬁlter algorithm for joint estimation of states and parameters is given as follows:

Initialization: for k = 0, set ˆ X0 = E[X0]

ˆ ˆ T Σ0 = E[(X0 − X0)(X0 − X0) ]

ˆ a a ˆ T T (B.11) X0 = E[X ] = [X0 0 0]   Σ0 0 a a ˆ a a ˆ a T Σ0 = E[(X0 − X0 )(X0 − X0 ) ] =  0 ΣW 0  0 0 Συ

281 For k = 1, 2,...,

Calculate sigma points:

a ˆ a ˆ a p a ˆ a p a χk−1 = Xk−1 Xk−1 + (L + λ)Σk−1 Xk−1 − (L + λ)Σk−1 (B.12)

Time update:

X,− X,+ W,+ χk = Fk−1(χk−1,i, uk−1, χk−1,i)

ˆ − 2L (m) X,− Xk = Σi=0Si χk,i

Σ− = Σ2L S(c)(χX,− − Xˆ −)(χX,− − Xˆ −)T (B.13) X,k˜ i=0 i k,i k k,i k

X,− υ,+ ζk,i = hk(χk,i , uk, χk−1,i)

2L (m) zˆk = Σi=0Si ζk,i Measurement update:

2L (c) T Σz,k˜ = Σi=0Si (ζk,i − zˆk)(ζk,i − zˆk)

2L (c) X,− ˆ − T ΣX˜z,k˜ = Σi=0Si (χk,i − Xk )(ζk,i − zˆk)

−1 Lk = ΣX˜z,k˜ Σz,k˜ (B.14)

ˆ + ˆ − Xk = Xk + Lk(zk − zˆk)

Σ+ = Σ− − L Σ LT X,k˜ X,k˜ k z,k˜ k

282 Appendix C: Observability Matrix of Vehicle Horizontal Dynamics System based on Single-track Vehicle Model

Observability matrix for vehicle horizontal dynamics system:

 1 0 0 0  2(x ·l2 +x ·l2) 3 f 4 r 2(x3·lf −x4·lr) 2lf x2 lf 2lr x2 lr − − (u1 − − x1) − (u2 − + x1)  Izz·vx Izz·vx Izz vx vx Izz vx vx     o31 o32 o33 o34   o o o o  O =  41 42 43 44   −2(lf ·x3−lr·x4) −2(x3+x4) −2(x2+lf ·x1−u1·vx) 2(lr·x1−x2+u2·vx)     mvx mvx mvx mvx   o61 o62 o63 o64     o71 o72 o73 o74  o81 o82 o83 o84 (C.1)

283 2 2 2 2 4(x3 · lf + x4 · lr ) 2(lf · x3 − lr · x4)(mvx + 2lf x3 − 2lrx4) o31 = 2 2 + 2 Izz · vx Izzmvx 2 2 4(lf x3 − lrx4)(mx3lf + mx4lr + Izzx3 + Izzx4) o32 = 2 2 Izzmvx 2 3 2(4Izzlf x2x3 + 2Izzlf x2x4 − 2Izzlrx2x4 + 4Izzlf x1x3 + 4lf mx2x3) o33 = 2 2 Izzmvx 4 2 2 2(4lf mx1x3 + 4lf lr mx1x4 − 4Izzlf lrx1x4 − 4Izzlf u1vxx3 − 2Izzlf u2vxx4) + 2 2 Izzmvx 2 2 2 2(2Izzlru1vxx4 + Izzlf mvxx1 + 2lf lr mx2x4 − 2lf lrmx2x4) + 2 2 Izzmvx 3 2 2 2(−4lf mu1vxx3 − 2lf lr mu1vxx4 + 2lf lrmu2vxx4) + 2 2 Izzmvx 2 3 2(2Izzlf x2x3 − 2Izzlf x2x3 − 4Izzlrx2x4 + 4Izzlr x1x4 − 4lr mx2x4) o34 = 2 2 Izzmvx 4 2 2 2(4lr mx1x4 + 4lf lr mx1x3 − 4Izzlf lrx1x3 − 2Izzlf u2vxx3 + 2Izzlf u1vxx3) + 2 2 Izzmvx 2 2 2 2(4Izzlru2vxx4 − Izzlrmvxx1 + 2lf lr mx2x3 − 2lf lrmx2x3) + 2 2 Izzmvx 3 2 2 2(4lr mu2vxx4 − 2lf lr mu1vxx3 + 2lf lrmu2vxx3) + 2 2 Izzmvx (C.2)

2 2 2 2 2 x3lf + x4lr 8(x3lf + x4lr ) 2(lf x3 − lrx4) · (mvx + 2lf x3 − 2lrx4) o41 = − · ( 2 2 + 2 ) Izz · vx Izzvx Izzmvx 2 2 lf mx3 + lr mx4 + Izzx3 + Izzx4 2 − 2 2 3 (4(lf x3 − lrx4) · (mvx + 2lf x3 − 2lrx4) Izzm vx (C.3) 8(l x − l x ) o = − f 3 r 4 ((x + x )2I2 + m2(x l2 + x l2)2 42 I3 m2v3 3 4 zz 3 f 4 r zz x (C.4) 1 + (m(v2(l x − l x )m + 4l2x2 + 2x (l − l )2x + 4l2x2)I )) 2 x f 3 r 4 f 3 4 f r 3 r 4 zz

284 1 6 2 2 2 2 5 o43 = 3 2 3 (−24lf m x1x3 + 24m x3(u1vx − x2)lf Izzm vx x − 48mx (I x x + ml x (l x − 2 ))l4 3 zz 1 3 r 4 r 1 3 f 2 − 16(((−4lrx1 + x2)x4 + mx1vx − 3x3(u1vx − x2))Izz 2x − 2ml2x (u v − x ))mx l3 + (−24x (x + 4 )x I2 r 4 1 x 2 3 f 3 3 3 1 zz 3u v + 8m((−2l2x + l x )x2 + l (mx v2 − 4(l x + 1 x − 2x )x )x r 1 r 2 4 r 1 x r 1 2 2 3 4 2x + mv2x (u v − x ))I − 24m2l3(l x − 2 x2)l2) + ((16l x − 8x )x2 x 3 1 x 2 zz r r 1 3 4 f r 1 2 4 u v + (−4mx v2 + 32(l x + 1 x − x )x )x 1 x r 1 2 2 3 4 u v − 8(mx v2 − 3x (u v − x ))x )I2 − 8ml x (−4l (l x + 1 x − x )x 1 x 3 1 x 2 3 zz r 4 r r 1 4 2 4 u v + v2(l x + 1 x − x )m − 2l x (u v − x ))I x r 1 2 2 r 3 1 x 2 zz 2 4 2 + 8m lr x4(u1vx − x2))lf + 4Izz(((−2lrx1 − 2u1vx + 4x2)x4

2 2 + mx1vx − 4x3(u1vx − x2))Izz − 2mlr x4(u1vx − x2))lrx4) (C.5) 1 6 2 2 5 2 2 o44 = 3 2 3 (−24lr m x1x4 + 24lr m x2x4 Izz m vx u v x − 48(I x x + ml x (l x − 1 x + 2 ))mx l4 zz 1 4 f 3 f 1 3 3 4 r 2 2 3 + 16(((4lf x1 − u1vx + x2)x3 + mx1vx + 3x2x4)Izz + 2mlf x2x3)mx4lr 3x + (−16(x + 4 )x x I2 − 8((2l2x + (−u v + x )l )x2 3 2 4 1 zz f 1 1 x 2 f 3 u v + l (mx v2 + 4(l x − 1 x + 2x )x )x + mv2x x )mI f 1 x f 1 2 2 4 3 x 2 4 zz 2u v 2x − 24l3(l x − 1 x + 2 m2x2)l2 + (((16l x − 8u v + 8x )x2 f f 1 3 3 3 r f 1 1 x 2 3 u v + (4mx v2 + 32(l x − 1 x + x )x )x + 8mv2x x + 24x x2)I2 1 x f 1 2 2 4 3 x 1 4 2 4 zz 3u v u v + 8(4(l x − 1 x + x )l x + v2(l x − 1 x + x )m f 1 4 2 f 3 x f 1 2 2 2 4 2 + 2lf x2x4)lf mx3Izz + 8m lf x2x3)lr

2 2 − 4lf Izz(((2lf x1 − 2u1vx + 4x2)x3 + mx1vx + 4x2x4)Izz + 2mlf x2x3)x3) (C.6)

285 Bibliography

[1] I. Habli, I. Ibarra, R. S. Rivett, and T. Kelly, “Model-based assurance for justifying automotive functional safety,” tech. rep., SAE Technical Paper, 2010.

[2] A. Emadi, Advanced electric drive vehicles. CRC Press, 2014.

[3] H. Buur, W. R. Cawthorne, and L. G. Wozniak, “Method and system for monitoring signal integrity in a distributed controls system,” Feb. 21 2012. US Patent 8,118,122.

[4] J. Zhang, H. Yao, and G. Rizzoni, “Fault diagnosis for electric drive systems of electriﬁed vehicles based on structural analysis,” IEEE Transactions on Vehic- ular Technology, vol. 66, no. 2, pp. 1027–1039, 2016.

[5] F. Meinguet, P. Sandulescu, X. Kestelyn, and E. Semail, “A method for fault detection and isolation based on the processing of multiple diagnostic indices: application to inverter faults in ac drives,” IEEE Transactions on Vehicular Technology, vol. 62, no. 3, pp. 995–1009, 2012.

[6] A. M. Mendes and A. M. Cardoso, “Voltage source inverter fault diagnosis in variable speed ac drives, by the average current park’s vector approach,” in IEEE International Electric Machines and Drives Conference. IEMDC’99. Proceedings (Cat. No. 99EX272), pp. 704–706, IEEE, 1999.

[7] R. Peuget, S. Courtine, and J.-P. Rognon, “Fault detection and isolation on a pwm inverter by knowledge-based model,” IEEE Transactions on Industry Applications, vol. 34, no. 6, pp. 1318–1326, 1998.

[8] S. M. Cruz and A. M. Cardoso, “Stator winding fault diagnosis in three- phase synchronous and asynchronous motors, by the extended park’s vector approach,” IEEE Transactions on industry applications, vol. 37, no. 5, pp. 1227– 1233, 2001.

[9] W. T. Thomson and M. Fenger, “Current signature analysis to detect induction motor faults,” IEEE Industry Applications Magazine, vol. 7, no. 4, pp. 26–34, 2001.

286 [10] M. A. S. Khan and M. A. Rahman, “Development and implementation of a novel fault diagnostic and protection technique for ipm motor drives,” IEEE Transactions on Industrial Electronics, vol. 56, no. 1, pp. 85–92, 2008.

[11] R. R. Schoen, B. K. Lin, T. G. Habetler, J. H. Schlag, and S. Farag, “An un- supervised, on-line system for induction motor fault detection using stator current monitoring,” IEEE Transactions on Industry Applications, vol. 31, no. 6, pp. 1280–1286, 1995.

[12] B. Yazici, G. B. Kliman, W. J. Premerlani, R. A. Koegl, G. B. Robinson, and A. Abdel-Malek, “An adaptive, on-line, statistical method for bearing fault detection using stator current,” in IAS’97. Conference Record of the 1997 IEEE Industry Applications Conference Thirty-Second IAS Annual Meeting, vol. 1, pp. 213–220, IEEE, 1997.

[13] G. Stone and J. Kapler, “Stator winding monitoring,” IEEE Industry Applica- tions Magazine, vol. 4, no. 5, pp. 15–20, 1998.

[14] J. Penman, H. Sedding, B. Lloyd, and W. Fink, “Detection and location of interturn short circuits in the stator windings of operating motors,” IEEE transactions on Energy conversion, vol. 9, no. 4, pp. 652–658, 1994.

[15] C. J. Dister and R. Schiferl, “Using temperature, voltage, and/or speed measurements to improve trending of induction motor rms currents in process control and diagnostics,” in Conference Record of 1998 IEEE Industry Applications Conference. Thirty-Third IAS Annual Meeting (Cat. No. 98CH36242), vol. 1, pp. 312–318, IEEE, 1998.

[16] G. Kliman, R. Koegl, J. Stein, R. Endicott, and M. Madden, “Noninvasive detection of broken rotor bars in operating induction motors,” IEEE Transactions on Energy Conversion, vol. 3, no. 4, pp. 873–879, 1988.

[17] W. Thomson and I. Stewart, “Online current monitoring for fault diagnosis in inverter fed induction motors,” in Third International Conference on Power Electronics and Variable-Speed Drives, pp. 432–435, IET, 1988.

[18] F. Filippetti, G. Franceschini, C. Tassoni, and P. Vas, “Ai techniques in induction machines diagnosis including the speed ripple eﬀect,” IEEE Transactions on Industry Applications, vol. 34, no. 1, pp. 98–108, 1998.

[19] N. M. Elkasabgy, A. R. Eastham, and G. E. Dawson, “Detection of broken bars in the cage rotor on an induction machine,” IEEE transactions on industry applications, vol. 28, no. 1, pp. 165–171, 1992.

287 [20] S. Nandi, H. A. Toliyat, and X. Li, “Condition monitoring and fault diagnosis of electrical motorsa review,” IEEE transactions on energy conversion, vol. 20, no. 4, pp. 719–729, 2005.

[21] S. Nandi, S. Ahmed, and H. A. Toliyat, “Detection of rotor slot and other eccentricity related harmonics in a three phase induction motor with diﬀerent rotor cages,” IEEE Transactions on Energy Conversion, vol. 16, no. 3, pp. 253– 260, 2001.

[22] S. Nandi, R. M. Bharadwaj, and H. A. Toliyat, “Performance analysis of a three- phase induction motor under mixed eccentricity condition,” IEEE Transactions on Energy Conversion, vol. 17, no. 3, pp. 392–399, 2002.

[23] A. M. Cardoso and E. S. Saraiva, “Computer-aided detection of airgap eccentricity in operating three-phase induction motors by park’s vector approach,” IEEE Transactions on Industry Applications, vol. 29, no. 5, pp. 897–901, 1993.

[24] H. Berriri, M. W. Naouar, and I. Slama-Belkhodja, “Easy and fast sensor fault detection and isolation algorithm for electrical drives,” IEEE transactions on power electronics, vol. 27, no. 2, pp. 490–499, 2011.

[25] N. M. Freire, J. O. Estima, and A. J. M. Cardoso, “A new approach for current sensor fault diagnosis in pmsg drives for wind energy conversion systems,” IEEE Transactions on Industry Applications, vol. 50, no. 2, pp. 1206–1214, 2013.

[26] B. Gou, X.-L. Ge, Y.-C. Liu, and X.-Y. Feng, “Load-current-based current sensor fault diagnosis and tolerant control scheme for traction inverters,” Elec- tronics Letters, vol. 52, no. 20, pp. 1717–1719, 2016.

[27] N. Jeon and H. Lee, “Integrated fault diagnosis algorithm for motor sensors of in-wheel independent drive electric vehicles,” Sensors, vol. 16, no. 12, p. 2106, 2016.

[28] T. Li, Q. Ahmed, G. Rizzoni, J. Meyer, M. Boesch, and B. Badreddine, “Motor resolver fault propagation analysis for electriﬁed powertrain,” in ASME 2017 Dynamic Systems and Control Conference, American Society of Mechanical Engineers Digital Collection, 2017.

[29] F. Garramiola, J. del Olmo, J. Poza, P. Madina, and G. Almandoz, “Integral sensor fault detection and isolation for railway traction drive,” Sensors, vol. 18, no. 5, p. 1543, 2018.

[30] C. Chakraborty and V. Verma, “Speed and current sensor fault detection and isolation technique for induction motor drive using axes transformation,” IEEE Transactions on Industrial Electronics, vol. 62, no. 3, pp. 1943–1954, 2014.

288 [31] Y. Yu, Z. Wang, D. Xu, T. Zhou, and R. Xu, “Speed and current sensor fault detection and isolation based on adaptive observers for im drives,” Journal of Power Electronics, vol. 14, no. 5, pp. 967–979, 2014.

[32] K.-C. Kim, “Analysis on the charateristics of variable reluctance resolver considering uneven magnetic ﬁelds,” IEEE Transactions on Magnetics, vol. 49, no. 7, pp. 3858–3861, 2013.

[33] K.-C. Kim, S.-J. Hwang, K.-Y. Sung, and Y. Kim, “A study on the fault diagnosis analysis of variable reluctance resolver for electric vehicle,” in SENSORS, 2010 IEEE, pp. 290–295, IEEE, 2010.

[34] J. Zhang, A. Amodio, T. Li, B. Aksun-G¨uven¸c,and G. Rizzoni, “Fault diagnosis and fault mitigation for torque safety of drive-by-wire systems,” IEEE Transactions on Vehicular Technology, vol. 67, no. 9, pp. 8041–8054, 2018.

[35] N. H. T. S. Administration et al., “Preliminary statement of policy concerning automated vehicles,” Washington, DC, pp. 1–14, 2013.

[36] P. Koopman and M. Wagner, “Challenges in autonomous vehicle testing and validation,” SAE International Journal of Transportation Safety, vol. 4, no. 1, pp. 15–24, 2016.

[37] A. Reschka, J. R. B¨ohmer, T. Nothdurft, P. Hecker, B. Lichte, and M. Maurer, “A surveillance and safety system based on performance criteria and functional degradation for an autonomous vehicle,” in 2012 15th International IEEE Con- ference on Intelligent Transportation Systems, pp. 237–242, IEEE, 2012.

[38] C. B. S. T. Molina, J. R. de Almeida, L. F. Vismari, R. I. R. Gonz´alez,J. K. Naufal, and J. B. Camargo, “Assuring fully autonomous vehicles safety by design: The autonomous vehicle control (avc) module strategy,” in 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Net- works Workshops (DSN-W), pp. 16–21, IEEE, 2017.

[39] M. A. Gosavi, B. B. Rhoades, and J. M. Conrad, “Application of functional safety in autonomous vehicles using iso 26262 standard: A survey,” in South- eastCon 2018, pp. 1–6, IEEE, 2018.

[40] J. Pimentel and J. Bastiaan, “Characterizing the safety of self-driving vehicles: A fault containment protocol for functionality involving vehicle detection,” in 2018 IEEE International Conference on Vehicular Electronics and Safety (ICVES), pp. 1–7, IEEE, 2018.

[41] S. You, M. Krage, and L. Jalics, “Overview of remote diagnosis and maintenance for automotive systems,” tech. rep., SAE Technical Paper, 2005.

289 [42] K. R. Pattipatti, J. Luo, L. Qiao, and S. Chigusa, “Intelligent model-based diagnostics for system monitoring, diagnosis and maintenance,” Aug. 21 2007. US Patent 7,260,501.

[43] M. A. Taie, M. Diab, and M. ElHelw, “Remote prognosis, diagnosis and maintenance for automotive architecture based on least squares support vector machine and multiple classiﬁers,” in 2012 IV International Congress on Ultra Modern Telecommunications and Control Systems, pp. 128–134, IEEE, 2012.

[44] J. Kohl, A. Kotucz, J. Prenninger, A. Dorneich, and S. Meinzer, “Using multivariate split analysis for an improved maintenance of automotive diagnosis functions,” in 2011 15th European Conference on Software Maintenance and Reengineering, pp. 305–308, IEEE, 2011.

[45] P. E. Lanigan, S. Kavulya, P. Narasimhan, T. E. Fuhrman, and M. A. Salman, “Diagnosis in automotive systems: A survey,” Last accessed Sept, vol. 10, p. 2011, 2011.

[46] M. Sanseverino and F. Cascio, “Model-based diagnosis for automotive repair,” IEEE Expert, vol. 12, no. 6, pp. 33–37, 1997.

[47] B. Knapp and E. Fabregat, “Network coupled diagnosis and maintenance system,” Apr. 21 2005. US Patent App. 10/690,426.

[48] C. M. McQuade and B. Brinton, “System and method for vehicle maintenance including remote diagnosis and reverse auction for identiﬁed repairs,” May 31 2012. US Patent App. 12/956,961.

[49] D. A. Dolgov and C. P. Urmson, “Diagnosis and repair for autonomous vehicles,” Oct. 28 2014. US Patent 8,874,305.

[50] R. Isermann, Fault-diagnosis systems: an introduction from fault detection to fault tolerance. Springer Science & Business Media, 2006.

[51] M. B¨orner,H. Straky, T. Weispfenning, and R. Isermann, “Model based fault detection of vehicle suspension and hydraulic brake systems,” Mechatronics, vol. 12, no. 8, pp. 999–1010, 2002.

[52] S. A. Arogeti, D. Wang, C. B. Low, and M. Yu, “Fault detection isolation and estimation in a vehicle steering system,” IEEE Transactions on Industrial Electronics, vol. 59, no. 12, pp. 4810–4820, 2012.

[53] J. Luo, M. Namburu, K. R. Pattipati, L. Qiao, and S. Chigusa, “Integrated model-based and data-driven diagnosis of automotive antilock braking systems,” IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans, vol. 40, no. 2, pp. 321–336, 2009.

290 [54] P. Pisu, G. Rizzoni, and A. Serrani, “Model-based sensor fault detection and isolation in a steer-by-wire system with parameter uncertainties,” in Proc. FISITA World Automotive Congr., 2004.

[55] P. Pisu, A. Serrani, S. You, and L. Jalics, “Adaptive threshold based diagnostics for steer-by-wire systems,” Journal of dynamic systems, measurement, and control, vol. 128, no. 2, pp. 428–435, 2006.

[56] P. Pisu, A. Soliman, and G. Rizzoni, “Vehicle chassis monitoring system,” Con- trol Engineering Practice, vol. 11, no. 3, pp. 345–354, 2003.

[57] G. Rizzoni, A. Soliman, P. Pisu, S. S. Amberkar, and B. T. Murray, “Model- based fault detection and isolation system and method,” July 20 2004. US Patent 6,766,230.

[58] X. Zhang and P. Pisu, “Model-based fault diagnosis for a vehicle chassis system,” in 2009 American Control Conference, pp. 1116–1121, IEEE, 2009.

[59] P. Pisu, Hierarchical model-based fault diagnosis with application to vehicle systems. PhD thesis, The Ohio State University, 2002.

[60] P. Pisu, A. Soliman, and G. Rizzoni, “Hierarchical vehicle model-based fault diagnosis using propagation digraphs,” IFAC Proceedings Volumes, vol. 35, no. 1, pp. 217–222, 2002.

[61] X. Zhang and P. Pisu, “Sliding mode observer and state-machine-based fault diagnosis with application in a vehicle chassis steering system,” Journal of Dy- namic Systems, Measurement, and Control, vol. 136, no. 4, p. 041026, 2014.

[62] M. Yu and D. Wang, “Model-based health monitoring for a vehicle steering system with multiple faults of unknown types,” IEEE Transactions on industrial electronics, vol. 61, no. 7, pp. 3574–3586, 2013.

[63] C. D. Gadda, P. Yih, and J. C. Gerdes, “Incorporating a model of vehicle dynamics in a diagnostic system for steer-by-wire vehicles,” in Proceedings of AVEC, vol. 4, pp. 779–784, 2004.

[64] R. Ghimire, C. Sankavaram, A. Ghahari, K. Pattipati, Y. Ghoneim, M. Howell, and M. Salman, “Integrated model-based and data-driven fault detection and diagnosis approach for an automotive electric power steering system,” in 2011 IEEE AUTOTESTCON, pp. 70–77, IEEE, 2011.

[65] R. A. Perisho Jr and K. M. Deasy, “Wheel alignment system and method for vehicles having steer-by-wire steering system,” Aug. 8 2000. US Patent 6,098,296.

291 [66] D. Wolf and T. Eiﬄaender, “Method and device for the diagnosis of defects in components of chassis systems of motor vehicles,” July 24 2014. US Patent App. 14/342,871.

[67] I. ISO, “26262-1: 2011 road vehicles–functional safety–part 1: Vocabulary,” Berlin: ISO, 2011.

[68] Q. Van Eikema Hommes et al., “Assessment of safety standards for automotive electronic control systems,” tech. rep., United States. National Highway Traﬃc Safety Administration, 2016.

[69] I. ISO, “26262: Road vehicles-functional safety,” International Standard ISO/FDIS, vol. 26262, 2011.

[70] S. Christiaens, J. Ogrzewalla, and S. Pischinger, “Functional safety for hybrid and electric vehicles,” tech. rep., SAE Technical Paper, 2012.

[71] G. Rizzoni, “Diagnosis, functional safety and fault tolerance in automated vehicles -new challenges for the automotive industry,” January 2018.

[72] C. Bergenhem, R. Johansson, A. Söderberg, J. Nilsson, J. Tryggvesson, M. Törngren,and S. Ursing, “How to reach complete safety requirement re- finement for autonomous vehicles,” 2015.

[73] I. . ISO, “Iso/pas 21448:2019: Road vehicles-safety of the intended functionality,” International Standard ISO, vol. 21448, 2019.

[74] D. Watzenig and B. Brandst¨atter, Comprehensive Energy Management-Safe Adaptation, Predictive Control and Thermal Management. Springer, 2018.

[75] G. Rizzoni, “Lecture notes in introduction to functional safety,” September 2015.

[76] F. Torner, “Presentation on automotive industry approach to functional safety,” March 2016.

[77] N. Sellappan and K. Palanikumar, “Modiﬁed prioritization methodology for risk priority number in failure mode and eﬀects analysis,” International Journal of Applied Science and Technology, vol. 3, no. 4, 2013.

[78] S. X. Ding, Model-based fault diagnosis techniques: design schemes, algorithms, and tools. Springer Science & Business Media, 2008.

[79] Q. Yang, Model-based and data driven fault diagnosis methods with applications to process monitoring. PhD thesis, Case Western Reserve University, 2004.

292 [80] M. Blanke, M. Kinnaert, J. Lunze, M. Staroswiecki, and J. Schröder, Diagnosis and fault-tolerant control, vol. 2. Springer, 2006. [81] A. L. Dulmage and N. S. Mendelsohn, “Coverings of bipartite graphs,” Cana- dian Journal of Mathematics, vol. 10, pp. 517–534, 1958. [82] A. L. Dulmage, “A structure theory of bipartite graphs of finite exterior dimension,” The Transactions of the Royal Society of Canada, Section III, vol. 53, pp. 1–13, 1959. [83] D. V. Steward, “On an approach to techniques for the analysis of the structure of large systems of equations,” Siam Review, vol. 4, no. 4, pp. 321–342, 1962. [84] F. Harary, “A graph theoretic approach to matrix inversion by partitioning,” Numerische Mathematik, vol. 4, no. 1, pp. 128–135, 1962. [85] C.-T. Lin, “Structural controllability,” IEEE Transactions on Automatic Con- trol, vol. 19, no. 3, pp. 201–208, 1974. [86] C.-T. Lin, “System structure and minimal structure controllability,” IEEE Transactions on Automatic Control, vol. 22, no. 5, pp. 855–862, 1977. [87] P. Lagonotte, J. Sabonnadiere, J.-Y. Leost, and J.-P. Paul, “Structural analysis of the electrical system: Application to secondary voltage control in france,” IEEE transactions on power systems, vol. 4, no. 2, pp. 479–486, 1989. [88] K. J. Reinschke, Multivariable control: a graph-theoretic approach. Springer, 1988. [89] C. Schizas and F. Evans, “A graph theoretic approach to multivariable control system design,” Automatica, vol. 17, no. 2, pp. 371–377, 1981. [90] R. M. Negrini and M. Sami, “Some properties derived from structural analysis of program graph models,” IEEE Transactions on Software Engineering, no. 2, pp. 172–178, 1983. [91] C.-T. Chang and J.-W. Chen, “Implementation issues concerning the ekf-based fault diagnosis techniques,” Chemical Engineering Science, vol. 50, no. 18, pp. 2861–2882, 1995. [92] J. P. Cassar and M. Staroswiecki, “A structural approach for the design of failure detection and identification systems.,” IFAC Proceedings Volumes, vol. 30, no. 6, pp. 841–846, 1997. [93] M. Staroswiecki and P. Declerck, “Analytical redundancy in non linear inter- connected systems by means of structural analysis,” in Advanced Information Processing in Automatic Control (AIPAC’89), pp. 51–55, Elsevier, 1990.

293 [94] P. Declerck and M. Staroswiecki, “Characterization of the canonical components of a structural graph for fault detection in large scale industrial plants,” in European Control Conference, Grenoble, France, pp. 298–303, 1991.

[95] R. Izadi-Zamanabadi and M. Staroswiecki, “Structural analysis approach for fault diagnosis and disturbance decoupling,” in Proc. of the 39th IEEE Confer- ence on Decision and Control, Citeseer, 2000.

[96] J. Gertler and D. Singer, “A new structural framework for parity equation- based failure detection and isolation,” Automatica, vol. 26, no. 2, pp. 381–388, 1990.

[97] J. Gertler, “Analytical redundancy methods in fault detection and isolation- survey and synthesis,” IFAC Proceedings Volumes, vol. 24, no. 6, pp. 9–21, 1991.

[98] V. Cocquempot, R. Izadi-Zamanabadi, M. Staroswiecki, and M. Blanke, “Resid- ual generation for the ship benchmark using structural approach,” 1998.

[99] A.-L. Gehin, M. Assas, and M. Staroswiecki, “Structural analysis of system reconﬁgurability,” IFAC Proceedings Volumes, vol. 33, no. 11, pp. 297–302, 2000.

[100] R. Izadi-Zamanabadi and M. Staroswiecki, “A structural analysis method for- mulation for fault-tolerant control system design,” in Proceedings of the 39th IEEE Conference on Decision and Control (Cat. No. 00CH37187), vol. 5, pp. 4901–4902, IEEE, 2000.

[101] G. Hoblos, M. Staroswiecki, and A. Aitouche, “Fault tolerance with respect to actuator failures in lti systems,” IFAC Proceedings Volumes, vol. 33, no. 11, pp. 783–788, 2000.

[102] M. Blanke, R. Izadi-Zamanabadi, and T. F. Lootsma, “Fault monitoring and re-conﬁgurable control for a ship propulsion plant,” International journal of adaptive control and signal processing, vol. 12, no. 8, pp. 671–688, 1998.

[103] M. Blanke and R. Izadi-Zamanabadi, “Reconﬁgurable control of a ship propulsion plant,” IFAC Proceedings Volumes, vol. 31, no. 30, pp. 47–54, 1998.

[104] M. Cordier, P. Dague, M. Dumas, F. Levy, J. Montmain, M. Staroswiecki, and L. Trave-Massuyes, “Ai and automatic control approaches of model-based diagnosis: Links and underlying hypotheses,” IFAC Proceedings Volumes, vol. 33, no. 11, pp. 279–284, 2000.

294 [105] T. Kohda, H. Katsube, H. Fujihara, and K. Inoue, “Identiﬁcation of system failure causes using bond graph models,” in Proceedings of IEEE Systems Man and Cybernetics Conference-SMC, vol. 5, pp. 269–274, IEEE, 1993.

[106] M. Krysander and E. Frisk, “Sensor placement for fault diagnosis,” IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans, vol. 38, no. 6, pp. 1398–1410, 2008.

[107] M. Krysander and M. Nyberg, “Fault diagnosis utilizing structural analysis,” CCSSE, Norrk¨oping,Sweden, 2002.

[108] M. Ungermann, J. Lunze, and D. Scharzmann, “Model-based test signal generation for service diagnosis of automotive systems,” IFAC Proceedings Volumes, vol. 43, no. 7, pp. 117–122, 2010.

[109] M. Ungermann, J. Lunze, and D. Schwarzmann, “Service diagnosis utilizing the dependencies between the system structure and the operating points,” in 2010 Conference on Control and Fault-Tolerant Systems (SysTol), pp. 873–878, IEEE, 2010.

[110] M. Ungermann, J. Lunze, and D. Schwarzmann, “Service diagnosis of dynamical systems based on local structural models,” in 2011 19th Mediterranean Conference on Control & Automation (MED), pp. 455–460, IEEE, 2011.

[111] M. Ungermann, J. Lunze, and D. Schwarzmann, “Test signal generation for service diagnosis based on local structural properties,” International Journal of Applied Mathematics and Computer Science, vol. 22, no. 1, pp. 55–65, 2012.

[112] H. Haﬀaf and B. Ould Bouamama, “Enumerating cycles algorithm in tripartite graph for fdi,” Elsevier Science, pp. 123–135, 2008.

[113] J. Zhang, G. Rizzoni, A. Cordoba-Arenas, A. Amodio, and B. Aksun-Guvenc, “Model-based diagnosis and fault tolerant control for ensuring torque functional safety of pedal-by-wire systems,” Control Engineering Practice, vol. 61, pp. 255– 269, 2017.

[114] J. Zhang and G. Rizzoni, “Structural analysis for diagnosability and reconﬁg- urability, with pplication to electric vehicle drive system,” IFAC-PapersOnLine, vol. 48, no. 21, pp. 1471–1478, 2015.

[115] J. Zhang and G. Rizzoni, “Structural analysis for fdi of pmsm drive system in electric vehicles,” in 2014 IEEE Conference and Expo Transportation Electrifi- cation Asia-Pacific (ITEC Asia-Pacific), pp. 1–7, IEEE, 2014.

295 [116] J. Zhang, T. Li, A. Amodio, B. Aksun-Guvenc, and G. Rizzoni, “Fault diagnosis and fault tolerant control for electriﬁed vehicle torque security,” in 2016 IEEE Transportation Electriﬁcation Conference and Expo (ITEC), pp. 1–7, IEEE, 2016.

[117] E. Frisk, M. Krysander, and D. Jung, “A toolbox for analysis and design of model based diagnosis systems for large scale models,” IFAC-PapersOnLine, vol. 50, no. 1, pp. 3287–3293, 2017.

[118] T. Li, Q. Ahmed, G. Rizzoni, M. Boesch, and B. Badreddine, “Motor resolver fault diagnosis for awd ev based on structural analysis,” tech. rep., SAE Tech- nical Paper, 2018.

[119] C. Sundstr¨om,E. Frisk, and L. Nielsen, “Selecting and utilizing sequential residual generators in fdi applied to hybrid vehicles,” IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 44, no. 2, pp. 172–185, 2013.

[120] M. Krysander, J. Aslund,˚ and M. Nyberg, “An eﬃcient algorithm for ﬁnd- ing minimal overconstrained subsystems for model-based diagnosis,” IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans, vol. 38, no. 1, pp. 197–206, 2007.

[121] C. Sundstr¨om, Vehicle level diagnosis for hybrid powertrains. PhD thesis, Link¨opingUniversity Electronic Press, 2011.

[122] C. Svard and M. Nyberg, “Residual generators for fault diagnosis using computation sequences with mixed causality applied to automotive systems,” IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans, vol. 40, no. 6, pp. 1310–1328, 2010.

[123] C. Sv¨ard,M. Nyberg, E. Frisk, and M. Krysander, “Automotive engine fdi by application of an automated model-based and data-driven design methodology,” Control Engineering Practice, vol. 21, no. 4, pp. 455–472, 2013.

[124] C. Sv¨ard, M. Nyberg, and E. Frisk, “Realizability constrained selection of residual generators for fault diagnosis with an automotive engine application,” IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 43, no. 6, pp. 1354–1369, 2013.

[125] J. Zhang, Model-Based Fault Diagnosis For Automotive Functional Safety. PhD thesis, The Ohio State University, 2016.

[126] M. Krysander, Design and analysis of diagnosis systems using structural methods. PhD thesis, Institutionen f¨orsystemteknik, 2006.

296 [127] C. Sundstr¨om,E. Frisk, and L. Nielsen, “Residual generator selection for fault diagnosis of hybrid vehicle powertrains,” IFAC Proceedings Volumes, vol. 44, no. 1, pp. 2961–2966, 2011.

[128] H. Nijmeijer and A. Van der Schaft, Nonlinear dynamical control systems, vol. 175. Springer, 1990.

[129] R. N. Clark, “Instrument fault detection,” IEEE Transactions on Aerospace and Electronic Systems, no. 3, pp. 456–465, 1978.

[130] P. M. Frank, “Principles of model-based fault detection,” IFAC Proceedings Volumes, vol. 25, no. 10, pp. 213–220, 1992.

[131] J. Gertler, “Fault detection and isolation using parity relations,” Control engineering practice, vol. 5, no. 5, pp. 653–661, 1997.

[132] E. C. Ifeachor and B. W. Jervis, Digital signal processing: a practical approach. Pearson Education, 2002.

[133] G. L. Plett, “Lecture notes on simultaneous state and parameter estimation using kalman ﬁlters,” September 2018.

[134] L. Mingji, Y. Yu, Z. Jibin, L. Yongping, N. Livingstone, and G. Wenxue, “Error analysis and compensation of multipole resolvers,” Measurement Science and Technology, vol. 10, no. 12, p. 1292, 1999.

[135] A. Di Tommaso and R. Miceli, “A new high accuracy software based resolver- to-digital converter,” in IECON’03. 29th Annual Conference of the IEEE In- dustrial Electronics Society (IEEE Cat. No. 03CH37468), vol. 3, pp. 2435–2440, IEEE, 2003.

[136] C. Attaianese and G. Tomasso, “Position measurement in industrial drives by means of low-cost resolver-to-digital converter,” IEEE transactions on instru- mentation and measurement, vol. 56, no. 6, pp. 2155–2159, 2007.

[137] S.-H. Hwang, H.-J. Kim, J.-M. Kim, L. Liu, and H. Li, “Compensation of amplitude imbalance and imperfect quadrature in resolver signals for pmsm drives,” IEEE Transactions on Industry Applications, vol. 47, no. 1, pp. 134– 143, 2010.

[138] Z. Jiang, H. Li, and Y. Liu, “Obtaining rotor position based on resolver of ipmsm system,” Micromotors, vol. 11, p. 014, 2013.

[139] J. Zhang and G. Rizzoni, “Functional safety of electriﬁed vehicles through model-based fault diagnosis,” IFAC-PapersOnLine, vol. 48, no. 15, pp. 454– 461, 2015.

297 [140] J. Hansen and J. Molin, “Design and evaluation of an automatically generated diagnosis system,” 2006. [141] M. A. Boesch, L. M. Brown, and D. S. Rhode, “Low tire warning system with axle torque signal,” Dec. 14 1999. US Patent 6,002,327. [142] S. V. D. Committee et al., “Vehicle dynamics terminology. sae j670e. warren- dale, pa: Society of automotive engineers,” 1978. [143] A. Murray, B. Hare, and A. Hirao, “Resolver position sensing system with integrated fault detection for automotive applications,” in SENSORS, 2002 IEEE, vol. 2, pp. 864–869, IEEE, 2002. [144] D. C. Hanselman, “Resolver signal requirements for high accuracy resolver-to- digital conversion,” IEEE transactions on industrial electronics, vol. 37, no. 6, pp. 556–561, 1990. [145] D. C. Hanselman, “Techniques for improving resolver-to-digital conversion accuracy,” IEEE Transactions on Industrial Electronics, vol. 38, no. 6, pp. 501–504, 1991. [146] J. Zhang, G. Rizzoni, and A. Cordoba-Arenas, “Fault diagnosis for pmsm drive system in electric vehicle,” in ASME 2014 Dynamic Systems and Control Con- ference, American Society of Mechanical Engineers Digital Collection, 2014. [147] K. C. S. Giorgio Rizzoni, “Lecture notes on powertrain dynamics,” September 2014. [148] D. Hrovat and W. Tobler, “Bond graph modeling and computer simulation of automotive torque converters,” Journal of the Franklin institute, vol. 319, no. 1-2, pp. 93–114, 1985. [149] E. S. Page, “Continuous inspection schemes,” Biometrika, vol. 41, no. 1/2, pp. 100–115, 1954. [150] Z. Menjak and R. Menjak, “Gearing without backlash for electric power steering,” Sept. 24 2002. US Patent 6,454,044. [151] R. Menjak and D. Menjak, “Gear backlash elimination and adjustable gear backlash mechanism,” Feb. 14 2006. US Patent 6,997,076. [152] M. Bock, W. Nagel, and P. Brenner, “Steering gear is free from backlash,” July 28 2005. US Patent App. 10/506,854. [153] J. Voros, “Recursive identiﬁcation of hammerstein systems with discontinuous nonlinearities containing dead-zones,” IEEE Transactions on Automatic Con- trol, vol. 48, no. 12, pp. 2203–2206, 2003.

298 [154] F. Giri, Y. Rochdi, F. Chaoui, and A. Brouri, “Identiﬁcation of hammerstein systems in presence of hysteresis-backlash and hysteresis-relay nonlinearities,” Automatica, vol. 44, no. 3, pp. 767–775, 2008.

[155] V. Cerone and D. Regruto, “Bounding the parameters of linear systems with input backlash,” IEEE Transactions on Automatic Control, vol. 52, no. 3, pp. 531–536, 2007.

[156] R. Dong, Y. Tan, and H. Chen, “Recursive identiﬁcation for dynamic systems with backlash,” Asian Journal of Control, vol. 12, no. 1, pp. 26–38, 2010.

[157] X. Huang and J. Wang, “Identiﬁcation of ground vehicle steering system backlash,” Journal of Dynamic Systems, Measurement, and Control, vol. 135, no. 1, 2013.

[158] K. B. Singh, M. A. Arat, and S. Taheri, “Literature review and fundamental approaches for vehicle and tire state estimation,” Vehicle System Dynamics, vol. 57, no. 11, pp. 1643–1665, 2019.

[159] C. Sierra, E. Tseng, A. Jain, and H. Peng, “Cornering stiﬀness estimation based on vehicle lateral dynamics,” Vehicle System Dynamics, vol. 44, no. sup1, pp. 24–38, 2006.

[160] J. Bechtoﬀ and R. Isermann, “Cornering stiﬀness and sideslip angle estimation for integrated vehicle dynamics control,” IFAC-PapersOnLine, vol. 49, no. 11, pp. 297–304, 2016.

[161] S. Lee, K. Nakano, and M. Ohori, “On-board identification of tyre cornering stiffness using dual kalman filter and gps,” Vehicle System Dynamics, vol. 53, no. 4, pp. 437–448, 2015.

[162] M. Nordin, J. Galic’, and P.-O. Gutman, “New models for backlash and gear play,” International journal of adaptive control and signal processing, vol. 11, no. 1, pp. 49–63, 1997.

[163] H. Pacejka, Tire and vehicle dynamics. Elsevier, 2005.

[164] S. Hong, H.-H. Chun, S.-H. Kwon, and M. H. Lee, “Observability measures and their application to gps/ins,” IEEE Transactions on Vehicular Technology, vol. 57, no. 1, pp. 97–106, 2008.

[165] G. Strang and K. Borre, Linear algebra, geodesy, and GPS. Siam, 1997.

[166] L. A. Aguirre and C. Letellier, “Observability of multivariate diﬀerential em- beddings,” Journal of Physics A: Mathematical and General, vol. 38, no. 28, p. 6311, 2005.

299 [167] M. Doumiati, A. C. Victorino, A. Charara, and D. Lechner, “Onboard real-time estimation of vehicle lateral tire–road forces and sideslip angle,” IEEE/ASME Transactions on Mechatronics, vol. 16, no. 4, pp. 601–614, 2010.

[168] E. A. Wan and R. Van Der Merwe, “The unscented kalman ﬁlter for nonlinear estimation,” in Proceedings of the IEEE 2000 Adaptive Systems for Sig- nal Processing, Communications, and Control Symposium (Cat. No. 00EX373), pp. 153–158, Ieee, 2000.

[169] R. Sekar, “Evaluation of motion cueing algorithms for a limited motion platform driver-in-the-loop simulator,” Master’s thesis, The Ohio State University, 2020.

[170] S. Wood, “Passenger carstest track for a severe lane-change maneuverpart 1: Double lane change, iso 3888-1:2018,” The international organization for stan- dardization, 2011.

300