Technology International Incorporated 0f Virginia
US Department of Energy

A Reliable Fuzzy Fault-Tolerant Controller 

CUSTOMER: U.S.  Department of Energy, German Town, MD

CONTRACT #: DE-AC05-87ER80509


DURATION: 6 months

AMOUNT: $49,970


OTHER KEY PERSONNEL: Dr. Abdo A. Husseiny - Dr. Zeinab A. Sabri - Dr. Neerchal K. Nagaraj - Dr. Enju Liang - Richard E. Jarka



Husseiny, Abdo A., Sabri, Zeinab A., Adams, S. Keith, and Rodriguez, Rod J. (1990).  Automation of Nuclear Power Plants. Nuclear Technology, 90, 34.

Husseiny, Abdo A., Sabri, Zeinab A., Packer, Dan, Holmes, J. W., Adams, S. Keith, and Rodriguez, Rodrigo J. (1989).  Operating Procedure Automation to Enhance Safety of Nuclear Power Plants.  Nuclear Engineering and Design, 110, 277.

Liang, Enju, Rodriguez, Rodrigo J., Husseiny, Abdo A., and Nagaraj, Neerchal K. (1989). A Systematic Approach to the Design and Reliability of a Fault-Tolerant Controller:  I - Design Aspects. Reliability Engineering and System Safety, 24, 297.

Liang, Enju, Rodriguez, Rodrigo J., and Husseiny, Abdo A. (1989). A Systematic Approach to the Design and Reliability of a Fault-Tolerant Controller: II - Reliability Analysis and Assurance. Reliability Engineering and System Safety, 25, 59.

Liang, Enju, Abolrous, Sam A., and Husseiny, Abdo A. (1989).  Logic Reliability Analysis of Adaptive Control Strategies.  Annals Nucl. Energy, 16(5), 231-243.

Liang, Enju, and Husseiny, Abdo A. (1989). Structural Reliability of Adaptive Control Systems.  Annals Nucl. Energy, 16(3), 129-137.

Liang, Enju, Husseiny, Abdo A., and Rodriguez, Rodrigo J. (1989). Operational Reliability Assessment of Adaptive Control Strategies.  Annals Nucl. Energy, 16(2), 73-85.

Rodriguez, Rodrigo J., Liang, Enju, Husseiny, Abdo A., Sabri, Zeinab A. (1989).  A Reliable Fuzzy-Fault Tolerant Automatic Controller (REFFTAC), for Nuclear Power Plant Equipment.  Kerntechnic, 45, 26.

Rodriguez, Rodrigo J., Liang, Enju, and Husseiny, Abdo A. (1988, September).  A Rule-Based Fault Tolerant Neurocontroller.  Proceedings, First Annual Meeting, International Neural Network Society, Boston, MA.  Neural Networks, 1, Sup. 1,  465.

Rodriguez, Rodrigo J., Husseiny, Abdo A., Sabri, Zeinab A., and Liang, Enju (1987, November).  Design of a Reliable Fault-Tolerant Automatic Controller (REFFTAC).  U.S.  Department of Energy Contract # DE-AC05-87ER80509, DOE Rep # DOE/ER/8O5O9-1 and TII Rep # TILA-7O871O1/PR.


Husseiny, Abdo A., Liang, Enju, and Rodriguez, Rodrigo, J. (1991, January 15).  Reliable Fuzzy Fault Tolerant Controller.  Patent #4,985,824.

Sabri, Zeinab A., and Husseiny, Abdo A. (1992). ASPEXER, an automated performance evaluation and examination system for training on simulators.  Patent disclosure.


Application of fuzzy set theory to automatic control has shown to affect high quality reliable controls in applications pertinent to nuclear power plant equipment.  A scheme is developed her based upon incorporation of software-tolerant method to assure high reliability of software.  Application of the method to centrifugal pumps and heat exchanger are selected to demonstrate the viability of a redundant technique utilizing fuzzy and deterministic controls.  The work is aimed at development of a methodology to assure reliability of control systems when they interact or become part of the plant protection system.  This is a step towards providing autonomy in controlling complex processes; such as nuclear reactors.

The work in Phase I of a project to Design a Reliable Fuzzy Fault-Tolerant Automatic Controller (REFFTAC) is reported here.  The REFFTAC is based on the employment of two diverse controllers.  Reliability is achieved via redundancy and diversification in the design.  Control actions are tested via an interface between the two controllers.  The interface system assures error-free control command, delegates the control action to either controller, and actuates a tie-breaker in case of a disagreement between the two controllers.

Though the logic design of the REFFTAC is developed for a generic process, the controller is designed for a heat exchanger and its applicability to a pump is examined.  The fact that most power processes involve a boiler or a heat exchanger and pumps led to that selection.  However, the designed controller can provide continuous and discrete control actions to other processes.

In the design of the REFFTAC logic, a primary adaptive direct digital controller was designed based on parameter estimation and on-line control design.  The output of the adaptive controller is examined to assure proper control actions and to transfer the control command to a fuzzy controller in case of failure.  The fuzzy controller provides heuristic control actions based on predetermined strategies.

The reliability of the REFFTAC is examined using complexity analysis, and failure mode and effect analysis.  A high level of fault-tolerance is expected to be achieved by deployment of this controller. However, a reliability criterion is employed in which the controller would be able to perform control tasks as good as a human operator. To enhance the reliability of the system, a self-diagnosis scheme is provided.  Also, both controllers employ a learning expert system that utilizes historic data in control design.

As a follow-on of this work, the reliability needs to be tested in the environment of fault-tolerant hardware.  The plan is to demonstrate the REFFTAC on a full-scope simulator and on EBR-II as a test facility.  This is to examine the operability of the controller as well as it superiority over redundant or single controller. Higher targets of reliability also needs to be tested.

The REFFTAC utilizes proven technology and is found to be viable in control of heat exchangers and pumps. The fact that the system can be customized for various operations allows for application in complex processes which can be automated.

The fuzzy controller has the merits of being able to adapt operating procedures as control functions without the need for elaborate modeling, of using technical specifications as limits of operations, and of designing controls based on past experience.

Patent Summary

The invention is a controller which provides continuous regulation of the output of a process or a plant as well as performing discrete control functions. The REFFTAC includes an adaptive direct digital controller (ADDC) as a primary expert controller and a fuzzy expert controller (FECD) as a backup controller. In case of an error or failure of the primary ADDC the control function is transferred via an interface system (INF) to the FEC, thus preventing any fault in the REFFTAC mission. The INF system is a simple fuzzy controller which includes means to verify the control action and a timer to assure proper control action. It also includes a simulator that performs a self diagnosis on both the ADDC and the FEC to assure fault tolerance. Also, the REFFTAC comprises learning expert units which stores correct control actions for direct application to save time and to provide a reference for the INF system.