Structural redundancy as robustness assurance of complex geoengineering systems
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
Structural redundancy as robustness assurance of complex
geoengineering systems
Alina Dychko1,*, Igor Yeremeyev2, Natalya Remez1, Serhii Kraychuk3, and Natalia Ostapchuk3
1NationalTechnical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Institute of Energy Saving and Energy
Management, 37 Peremohy Ave., Kyiv, 03056, Ukraine
2Taurida National V. I. Vernadsky University, 33 Ivana Kudri Str., Kyiv, 04000, Ukraine
3Rivne State University of Humanities, 12 Stepana Bandery Str., Rivne, 33000, Ukraine
Abstract. The present paper provides that robustness is the facility of complex computer-aided
geoengineering systems of keeping its feature invariable along the certain period of time. The detecting of
indications which testify that system is not responding adequately to input disturbances may be realized by:
comparing real data on assembly output with number of reference artefacts which correspond to specific states
of disturbances; comparing real data on assembly output with a normal reaction to the actual set of input
signals. To increase the resilience of monitoring data of geoengineering system the majority principle and the
Byzantine agreement method are used.
1 Robustness problem failure of the currently operating structure is detected.
Every of mentioned ways of duplicating has intrinsic
Robustness [1–3] characterizes the complex computer- preferences and limitations.
aided geoengineering systems (CCAS) facility of keeping Redundancy is considering as an additional type of
its feature invariable along the specified time. After this structural performance indicator that is defined as a
time such characteristics may gradually deteriorate but measure of warning available prior to system catastrophe
with a decrease in quality of operation within predefined [4]. The redundancy can be evaluated and its
limits (by reducing dynamic and static accuracy, quantification can be formulated with the help of
increasing response time, increasing transient intervals, characteristics of the geoengineering systems functions.
reducing possible additional functions, performance/cost For optimization of their operation it’s important to
metrics, etc.). control the effects of maintenance on lifetime functions
Robustness study helps to understand better the and redundancy [4].
characteristics of the complex systems, geoengineering, The existence of redundancy assists in enhancing the
energy efficiency and building energy sustainability in safety and reliability of a system in its intact state; and
particular [2]. It’s used when there is a need for a mitigating the sensitivity or vulnerability of the structure
functional layer to provide built-in protection to ensure to localised damage under an accidental situation. To
that it is robust with respect to requests that are issued at assure such characteristics of the systems it’s possible to
instances that are incompatible with its current state and take into account various stages where redundant
could therefore cause catastrophic system failure [3]. structures are involved in and to develop essential means
There are the following ways of robustness assurance: of designing for redundancy which can readily be
structural redundancy; procedural redundancy; integrated into safety decision-making [5]. Such approach
informational redundancy; combination of the all or some should be considered in underground and on-ground
of above mentioned redundancies. construction, in mining and the extraction of minerals, in
Structural redundancy presumes the duplicating the assessment of subsidence and subsidence of soil bases
structures utilization while each of them is capable to etc. Generalizing the problem of structural redundancy, it
realize all the necessary procedures and control actions should be emphasized that it implies the introduction into
inherent to CCAS. There are the following ways of using the system of additional equipment, structured in such
duplicating structures: way that even in case of failure of a certain part of the
- Simultaneous functioning of the two (or three and more) equipment, the system will continue to function
structures (dynamic or “hot” backup) with their activity successfully [6, 8, 11]. All these need the reliable control
results analysis and the structure of fault occurred of information, which is impossible without system
deactivating if the specifics of wrong operation is reliability engineering and its predicting with reliability
detected; monitoring scheme under changing environmental
- One of structures is operating when the other one is in conditions [7, 9-11].
standby reserve and shall be activated only after the
*
Corresponding author: aodi@ukr.net
© The Authors, published by EDP Sciences. This is an open access article distributed under the terms of the Creative Commons Attribution License 4.0
(http://creativecommons.org/licenses/by/4.0/).E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
2 Structural redundancy comparing real data on assembly output with a normal
reaction to the actual set of input signals (to detect the fact
The simplest example of structural redundancy is the of stability loss).
hardware duplicating and use in standby reserve either in Incidentally the distribution of points of set Yi f, which
dynamic or “hot” backup. In the first variant the one characterizes the real output signal is compared with
hardware is operating but the second one is idle or on distribution of points of reference signal Yіe and the
maintenance prevention. In the second variant the both Euclidean metrics
hardware operate simultaneously and supplementary
monitoring hardware analyzes the operation of both
, = ∑ − (3)
complexes and makes a decision about what complex
generates the more reliable information [12]. Each mode
has the positive and negative distinguishing features. For is estimated.
example, the duplicating structure with standby reserve is If D[Yi f, Yіe] < |δ|, where δ – maximum acceptable
developed in such way that after predetermined time of deviation of the real pattern from reference, the assembly
operation trsb when the probability of trouble-free is considered as correct one or corresponding to certain
operation reference artefact.
= , (1) 3 Procedure of imbalance identification
in systems
(where m – trouble-free life) exceeds a certain set
threshold, it is realized the transition to operating reserve The algorithm that implement the above operations is
set and the operated hardware is put on prevention for a presented in Fig.1-A –Fig.1-D and the conceptual layout
time tmp, during which the troubleshooting operations are of subsystem for some devices mismatching detecting and
carry out. It is the essential fulfilment of the condition adjusting their features – in Fig.2. The following
tstb > tmp while the more Δt = tstb – tmp then the system’s abbreviation is used here: UID – unit for information
fault-tolerance is better. If the operating complex fails the distribution, which depending on identical duplicating
standby reserve complex should be activated (if the last units’ у1 and у2 state and subsystem’s mode of operation,
one isn’t on prevention). This duplication approach is feeds the information on both units’ inputs (if the loss of
easy-to-work and requires the minimum of redundant stability is not detected), locks out the inputs of both units
hardware. But in case of failure and the need to switch to (if the loss of stability is detected and faulty unit is
a backup set it is a loss of time connected with procedures identified) or locks out input of faulty unit (while
for switching units, which leads to loss share information. correction procedure of the wrong data has place); UAM
If the standby reserve complex is on maintenance – unit of alternative models of assembly for the events of
prevention the information drop may even result in overall routine situation (proper operation, distortions due to
fault. Therefore in such a case when loss of information specific common causes); URS – unit (source) of
and temporary stoppage of CCAS functioning are reference signals for testing the nodes and performing
intolerable the dynamic or “hot” backup is used. In this procedures for correcting the characteristics of defective
case probability of failure-free operation along the time thb nodes; UIE – unit of information’s evaluation (the fact of
is estimated as: loss of stability detection, fault unit identification, the
optimal model selection); MU – memory unit for
ℎ ℎ
= 2 . (2) intermediate results of evaluations and corrections saving;
UFC – unit of feature correction which implements the
In the case of “hot” reservation the complementary correction calculations in nodal points and choice of
hardware is demanded for state analysis of every interpolation polynomials for calculations correction in all
complexes and decision making of which of the blocks the residuary points of unit features.
provides more reliable information. This hardware should In addition besides of majorization for fault tolerance
also be duplicated in order to ensure its trouble-free the Byzantine agreement approach is used, which differs
operation. Therefore this way of structure redundancy is in that degree of redundancy need not to be as uneven
characterized by surplus of the complementary hardware number.
as compared with standby reserve. Fault tolerance
property in this case is guaranteed along the shorter time 4 Principles of the resilience increase
interval that is thb< tsbr. But along that interval no losses
of information in its unexpected fault from operating As mentioned above, the further development of the
hardware occurs. method of structural redundancy consists in the use of the
The detecting of indications which testify that majority principle, or the principle of voting, which
assembly (subsystem, geoengineering system) is not requires the introduction of multiple redundancy of data
responding adequately to input signals or disturbances, processing facilities, where multiplicity is an odd number
i.e. that it is a some loss of stability, may be realized by: equal to “3” or higher than it. When using majorization,
comparing real data on assembly output with number the probability of a system failure can be determined from
of reference artefacts which correspond to specific states the expression
of disturbances (for detecting the cause of stability loss);
2E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
Start
і: → 1
i: → 1
To disable the DTIі input
E
1 To bring test уе
Ті=1 to DTIі
0
To compare уі and уе
Data entry in DTI і
1
Δуе>2ξ
1
І=2
0 To inform about
0
anomaly in DTIі
і+1: → і
E 0
і2ξ
To save уj
y= 0,5(у1+у2)
1
j=N
A
To put y (or у1) on output
of DTI 0
j+1: → j
Stop
Fig. 1. The block-diagram of algorithm of imbalance identification in homogeneous subsystems which duplicates one another (A).
3E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
А
To build according to yj the smoothed
curve yз = f(x)
To determine the corrections
Δyjk= yint j - yAKj
K:→ l
1
j=N
To determine the metrics μК, which
describes the grade of membership 0
уз=f(x) to yAK=f(x)
j+1: → j
To record μК
To determine the interpolating
polynomial dependence by data Δyj-1, Δyj
and Δyj+1
1
k=K
0
D
k+1: → k
ТiA: → 1
μopt = min(μ1, …, μk)
E
v B
j: → 1
0
μopt>2ξ
1
C
Fig. 1. The block-diagram of algorithm of imbalance identification in homogeneous subsystems which duplicates one another (B).
4E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
C
Δyjk = yфj - yAkj
1
y jk >2ξ
0
To save the
y jk
1
j=N
0
C To range saved :
y mk max max
δ1
……………………………
y nk min min
δ2
1
δ2 = δy(m-1)k
0
1
δ2 = δy(m-1)k m – catastrophic point
0
G ξ:→ ξ1
B F
Fig. 1. The block-diagram of algorithm of imbalance identification in homogeneous subsystems which duplicates one another (C).
5E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
F
μq opt = min(μq1,… μqQ)
q: → 1
1
μq opt > 2ξ
Smooth substitution of variable in 0
points (m-1), m, (m+1) by G
assistance of catastrophe q
ycat q =f(x)
To define corrections
Δyjkcat= y int j - yAkcatj
1
q= Q 1
j= N
0
0
q+1: → q
j+1: → j
q: → 1
To record interpolating polynomials for the
points (m-1), m, (m+1) [disaster struck], and
interpolating polynomials for points
To define the μq,
Δуj-1, Δyj,, Δyj+1 if j≠m
characterized by grade of
membership y cat q to yAk
1
q=Q D
0
q+1: → q
Fig. 1. The block-diagram of algorithm of imbalance identification in homogeneous subsystems which duplicates one another (D).
systems using majorization principle with different
= ∑ (1 − ) (4) redundancy values are given in Table 1.
In addition to the majority principle, the so-called
where n – number of sequentially connected blocks in the “Byzantine agreement” is used to increase the resilience,
channel; l – number of channels, i.e. number of characterized in that the multiplicity of redundancy is not
redundancies; j – number of properly operating channels necessarily characterized by an odd number. The
(j≥ k , where k = { l / 2 } – the closest integer in excess of formalism of the “Byzantine agreement” is
l/2; = -t pM / – probability of a single unit failing for effective when the total number of redundant (duplicate)
time tpM under failure conditions M. blocks (duplication rate) is n ≥ 2 k + m + 1, where the
Comparative characteristics of geoengineering blocks with failures are no more than k and m is the
6E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
number of blocks that did not fail. If the answer is different, a third repetition is initiated
When using Byzantine agreement the denied blocks and if its result is equal to one of the previously obtained
may remain connected with the system in any way and during the previous two steps of the decision, the answer
continue to function. It is only necessary to add that in is recognized as valid and the procedure ends. If, however,
such systems the source of the initial data is assumed to the decision obtained in the third step does not coincide
be quite reliable. with any obtained in the previous steps, a steady rejection
In a simpler case, such an approach should be that the signal may be issued. Sometimes a steady rejection signal
result of the re-decision is compared with the first can be provided after most 4…256 series solutions differ
decision and if they are the same, the decision is from each other by a value exceeding a predetermined
recognized as valid and the control procedure is threshold or double standard deviation.
completed.
Inputs
UID
UAM
У2
У1
URS
UIE
MU UFC
Output Y
Fig. 2. Conceptual layout of subsystem for some devices mismatching detecting and adjusting their features
7E3S Web of Conferences 166, 11003 (2020) https://doi.org/10.1051/e3sconf/202016611003
ICSF 2020
Table 1. Comparative characteristics of majorized systems 2012. doi: 10.1109/EDCC.2012.16
with different meanings of redundancy rate.
4. N.M. Okasha, D.M. Frangopol, Reliability
Probability of Engineering and System Safety 95, 5 (2010)
Probability of no- system output 5. Z.X. Fang, H.T. Fan, Procedia Engineering 14,
Majorization
failure operation RM emergency (1–RM) (2011)
R=0.9 R=0,99
2 from 3 RM = 3R2– 2R3 2.8x10-2 3x10-4
6. B.S. Dhillon, Engineering maintenance: a modern
3 from 5 RM = 10R3 -15R4 +6R5 8.56x10-3 1x10-5 approach (CRC Press, 2002)
RM = 35R4 – 84R5 7. M. Ram, Modeling and simulation based analysis in
4 from 7 2.73x10-3 3x10-7
+70R6 – 20R7 reliability engineering (CRC Press, 2018)
RM=125R5- 8. I.H. Witten, E. Frank, M. Hall, Data Mining.
5 from 9 420R6+540R7- 8.91x10-4 1.3x10-8
315R8+70R9
Practical Machine Learning Tools and Techniques,
RM=462R6- 3rd edn (Morgan Kaufmann, 2011)
1980R7+3465RR8- 9. R.W. Scholz, Environmental literacy in science and
6 from 11 2.96x10-4You can also read
