Modern control systems are highly effective when operating as designed, but often struggle when failures or unexpected conditions arise. This article explores how humans handle such situations intuitively, how this thinking maps onto Fault Tolerant Control, and how adaptive control architectures can make these ideas practical in real-world systems.
Humans as Adaptive Controllers
As a species, humans function quite well as controllers. In real-time we can observe our situation, intelligently make decisions based on a lifetime of experience and then execute precise movements- often without even thinking. One of the more impressive tasks humans have learned to do is fly planes. After many years of training, a qualified pilot is able to manoeuvre an aircraft with very little conscious effort, constantly making micro-adjustments based on what they see, hear and feel. A commercial pilot would have conducted thousands of routine landings and practiced events such as engine failures frequently enough that they become dull. However, whilst many scenarios can be practiced over and over again, the complexity of aerospace systems means it is impossible to train or even plan for certain events. One such example, is United Airlines Flight 232.
On July the 19th 1989, a McDonnell Douglas DC-10 took off from Denver en route to Philadelphia. During a shallow right turn at 37000 ft the tail-mounted engine exploded. This resulted in the severing of all three hydraulic lines and subsequently the complete loss of all aerodynamic controls [1]. The pilots were able to fly the aircraft by manipulating the two remaining wing-mounted engines and attempted a landing at Sioux City airport. Their quick thinking and adaptability saved nearly two-hundred lives. Such a feat demonstrates the level of controllability still present in the system despite such a catastrophic failure. But the pilots had to fly the aircraft in a way that was unnatural to them. How do you think they would have fared if the aircraft was still able to be flown with stick and rudder, the way they had spent thousands of hours becoming accustomed to? Would this have greatly increased the headspace available in the cockpit? Perhaps the reduction in workload would have allowed for better decision making or given more room for error?
Loss of Control and the Limits of Traditional Architectures
So-called loss of control in flight is the biggest contributor to fatalities in commercial aviation [2]. Whilst the industry may have reduced the risk these pose through better component design and training etcetera, fundamentally the underlying control architectures remain incredibly similar to what was around in the 1960s. Since then, fly-by-wire has become standardized and we have access to much faster computation, perhaps it’s time to fully utilize this, to design our control systems to be intelligent, adaptive and quick thinking like the pilots of flight 232.
Fault Tolerant Control
So how do you design a controller to maintain as much performance as possible given faults/failures? This is exactly what the field of Fault Tolerant Control (FTC) aims to solve, broadly the process can be split up into 3 sub-categories:
- Fault Detection and Isolation – What’s broken? How badly is it broken?
- Reconfigurable Control – I know what’s broken, how do I change what I’m doing to accommodate that?
- Robust Control – I need to be sure that I am robust to uncertainties and disturbances in both my understanding of what’s broken and how I intend to keep controlling the plane.
This can be traced back to the thought process that the pilots of Flight 232 would have gone through.
-
- Fault Detection and Isolation – There was a big bang, warning lights are going off for 1 of the engines, when I move the stick and rudder the aircraft doesn’t respond as I expect (in this case it wouldn’t have responded at all!), the 2 wing-mounted engines are working still.
-
- Reconfigurable Control – We only have the 2 wing-mounted engines left to control the aircraft, so we need to learn how to use these to turn the aircraft and how to climb/descend.
-
- Robust Control – We are constantly evaluating the above 2 processes, making judgment calls as best as possible given the large amounts of uncertainty.
Unifying Fault Tolerant Control in a Single Adaptive Controller
Typically, these 3 components are handled somewhat independently which can make combining them a bit tricky, but Luffy AI’s Adaptive Artificial Intelligence Controller deals with this effectively, using one combined computationally lightweight network to spot faults, reconfigure controls and robustly handle disturbances. This approach was shown to be highly effective in our recent UAV project, where a very small onboard adaptive neural network running on local hardware could make control inferences in milliseconds. This allowed it to respond immediately to sudden faults and disturbances, such as rotor failure, while maintaining stable flight.
It’s extremely difficult, and often unsafe, to collect sufficient real-world data on rare but critical events such as rotor failures to train a conventional deep learning network. Instead, we take a different approach. Using a digital-twin, we train our networks across a wide variety of faults/failures, winds, and payload shifts, as well as teaching it to fly a huge amount of different drones with changes in the geometry, mass properties, subsystem parameters etc. Some of these can be quite extreme! Have a look at this:
This allows the network to adapt itself to effectively control whatever it might face. Here is a video of it dealing with a rotor failure!
Conclusion
Scenarios like flight 232 show that even in the face of catastrophic failure, meaningful control can still exist; provided a system can detect what has changed, reconfigure how it acts, and be ready to adapt to uncertainty. Fault Tolerant Control formalises this idea in engineering terms, shifting control design away from rigid assumptions and toward adaptability.
However, implementing it as a single, real-time architecture is extremely challenging. At Luffy AI, we have built a unique adaptive control architecture that unifies fault detection, reconfiguration, and robustness in a single onboard controller, and demonstrated that it works in flight. The result is a one-of-a-kind practical, fault-tolerant system operating in conditions where conventional control architectures break down.
[1]https://www.faa.gov/lessons_learned/transport_airplane/accidents/N1819U
[2]https://www.iata.org/contentassets/b6eb2adc248c484192101edd1ed36015/loc-i_2019.pdf
