Sophisticated industrial processes, such as oil refining, automobile assembly or power generation, require the cooperative execution of numerous interdependent tasks by many different pieces of equipment. The enormous complexity of ensuring proper task sequencing and management, which requires not only appropriate logic but constant monitoring of equipment states to organize and distribute operations and detect malfunction, has resulted in the widespread adoption of programmable controllers. These controllers operate elaborate industrial equipment in accordance with a stored control program. When executed, the program causes the controller to examine the state of the controlled machinery by evaluating signals from one or more sensing devices (e.g., temperature or pressure sensors), and to operate the machinery (e.g., by energizing or de-energizing operative components) based on a logical framework, the sensor signals and, if necessary, more complex processing. The "inputs" to a particular controller can extend beyond the sensed state of the equipment the controller directly operates to include, for example, its environment, the state of related machinery or he state of its controllers.
Because of the frequently intricate, interdependent nature of industrial equipment assemblages, a simple step-by-step procedural framework can be inadequate for controlling processes with reliability; if the control sequence lacks routines for handling, for example, failure of vulnerable components, the process will either come to an abrupt, unexpected halt or continue to the point of possible damage. Accordingly, modern controllers frequently incorporate some form of diagnostic capability that recognizes specific failure conditions and alerts an operator to the source (or, in more sophisticated arrangements, initiates recovery sequences). For example, U.S. Pat. No. 4,827,396 describes a sequential controller that evaluates specified conditions at each control step for abnormalities; an input signal is compared with an expected input value at the current control step, and if the controller detects an inconsistency, it issues an alarm.
Such systems exhibit certain drawbacks. Merely checking for binary failure conditions--either the system has failed or is operating properly--does not address the diversity of possible abnormalities exhibited by complex equipment, which may operate over a spectrum of states; for example, between total failure and normal operation, a machine may exhibit reduced load capacity or suboptimal (but acceptable) efficiency, with some intermediate states being predictive of future malfunction or signalling the need for different forms of response procedures.
Binary-failure systems are even less adequate in the context of multiple-machine systems such as advanced assembly lines, where behavior frequently is nonlinear or chaotic in nature (see, e.g., Kempf et al., "Chaotic Behavior in Manufacturing Systems," Proc. of 3d Ann. Chaos in Manufacturing Conf. (1994)). In such cases, small deviations in sensed conditions can have large consequences for machine behavior that evolve over time. The determination of a proper response to deviant conditions, accordingly, cannot be handled reliably merely by looking up conditions in a troubleshooting table associated with a particular machine. Instead, adequate error handling must account for behavior at a system-wide level, with due regard, for example, to the influence exerted by the overall system on a particular piece of equipment.