REAL TIME CAUSAL MONITORS
FOR COMPLEX PHYSICAL SITES*
Chuck Rieger and Craig Stanfill
Department of Computer Science
University of Maryland
College Park, MD 20742
ABSTRACT
GOALS
Some general and specific ideas are advanced. about
the
design and implementation
of cau;llmn;ltorlng
s stems for complex sites such as a
Such '*c,P:%
p P ant or NASA missions control room.
monitors" are interesting from l;idth;zEl;heoretical
greatly
viewpoints,
and
engineering
improve
existing man-machine
interfaces to complex
systems.
An ideal causal
monitoring
system
does
not
replace
humans,
F,ut rather
'x;;$$&~~$,b,'oad~;;
process
their
abi:;j-;;s
to collect and synthesize
enhances
ability
critical
situations.
relevant information in time
would
ap ear
The
ideal
system
to the human
controllers as a small number o I; color CRT displays
and a keyboard.
The system would
INTRODUCTION
sense
and
symbolically
1. continually
characterize
all
sensors
in a way ttCi
reflected their
relative
importance
acceptable ranges in the current operating
context
large
complex
Human
understandin
of
physical
facility,
sue a as a ~NASA mission control
room or a nuclear power plant, is often a hapk;;a:d
affair.
Traditionally,
once
a site
is
knoyledge
about. it resides
,in technical manual;
$hlch
tend to sit on the-she1 ) and in the minds
the experts. As technlcal staff turnover occurs
over an extended period
of time,
this
knowledge
tends
to get misplaced, rearranged, or altogether
forgotten, - at
least - as
da--to-day
working
knowledge.
The
result
is usua P ly that no single
the
individhl
fully
appreciates
or
understands
system
as a whole; the operators learn simply to
cope with it to the extent
required
for daily
operations
Of course, thisa;;;;;
and maintenance.
that when an emergency occurs, or when need
the required
to perform
some
unusual
maneuver,
human ex ertise is often hard to locate. Manuals on
the she1 P are virtually worthless in most contexts,
especially those in which time is critical.
Even
~JF
the expert.is on the site, it may take him too
to perceive
the context of an emergency and
per P orm the synthesis of a lar e set of parameters
necessary to diagnose the prob 9 em.
2. continually verify that
sensor
groups
obey
ex ressin
the nature
re P ations Fiip
3. be aware of the human onerator's exoressed
"runn'ing
preventative
intent
(e.g.;
mornin
maintenance
check 32", "executin
power-up") and adiust causal rela f ions an 8
parametric
and- lower-level
ex ectations
to P erances accordingly
4. have a knowledge of component
and
sensor
failure
modes and limit violations,
their
their
i..iicators,
&&e;table
precursors,
their
probable
corrective proceduresc8%%'in
the forma;:
automatic
correction
algorithms
recommendations
to the huma:)
"maneuvers",
5. have a knowledge of standard
sequences
expressed
with
action
cog?irmable
consequences
(for
ste wise
and
as an
bot f: automatic
execution
archival reference for the human)
Given this state
of high
technology,
which
produces
systems too deep1
or broadly complex for
an individual
or reasona 41ly
sized
group
of
individuals
to comprehend, -there is a clear need
secondary systems for monitoring
for "intelligent"
the
primary
systems.
To develop such intelligent
systems, we need (1) flexible
representations
for
causality, (2) good human interfaces that
physical
accept descriptions
of the physical world andrnk;;ii
$szrlptions
In tkese representations,
(3)
ComDrehension
that are capable of relating the
myriad * states
of
site
to
the
the causal
description,
relevant
and
then passing along only
to the human operators, and
information
~~por%:t
efficient
symbolic
computation
environments
to support items l-3 in real time.
s nthesize
important
6. continually
all
aspects
of
and
from
t;k,s
tK e system
of
synthesis, identify which aspects
system to display to the human controllers
(in the absence of specific requests from
the humans)
on the most
appropriate
screen
7. decide
and displayu;;c,nique
for each
allocation
the current
piece of information
context
Most procedural knowledge about the primar
would
be on-line, and in a form meaningfu P t:YE:etmh
The s stem would
play
the hu;nTeando:he
corn uter.
continually
inte P ligent
watt ifl
er
the
hundreds of sensors and refating them to
monitorin
the causa H model for the cur:;zt o crating context.
sP te s state
via
The system would summarize
well-managed
CRT displays, and would be capable not
of detecting
irregularities
Otll
and suggesting
pro 4:
able
consequences
and
corrective
causes,
of automatically
carrying out
measures,
but
also
both routin: ;;2a;m;rge:;z
c;;;z;tive measures w",;;
given the
- would ge "self aware"c~~t~~~~efimited
physical s !?te
sense.
This paper brief1
desc;;kes*the
CAM
(Causal
Monitor)
to develop
a
Project,
w ?I
ose
1s
framework
for
the construction
of intelligent,
causal1 -b;s;zs real-time
monitors
for
ar~;:;~;~
physica P
The
project
is under
funding
by NASA
Goddard Space Flight Center, and
will result in a rototype causal monitor generator
Our aim K ere is to advance
some
specific
?%kEm*about
the conceptual architecture
of such a
Background ideas on the concept of causal
~~~~~~*for man-made devices can be found in [6].
* The research described here
is funded
Their support is gratefully acknowledged.
by
related
causally
symbolic
rules
their
causal
of
NASA.
215
ARCHITECTURE
OF THE CAM GENERATOR
---
SYSTEM
In the CAM Project we are concerned
not
with
modelin
specific
*
but
rather
with
that
can
be
develop P ng z general-purp~~~e'model
imported
to any site. Once there, it will interact
with the site experts as
they
define
the
site's
causal
structure
v~~si.~t~nte;~cti;;~sframe-driven
system.
From
the
knowledge
acquisition
phase,
the
specific
site
CAM
is
generated.
The CAM generator
pieces:
system
consists
of
operator
start-up,
Some event in the model
',,"L,;zFputation at a no 6 E'HA'the net) identi-ffieFhz
, R, that deals with
some
aspect
e.g., the ru~es~~;t
describe
environment,
modeled
relationships
the causal
Rules in ti?s set are then Cht%dr
Pressure S stem.
on
even;t;ll; r;
Fe ;p,;gtzd azd
from which they wi3 1 all
evaluated.
several
1. A collection of frame-like knowledge uni;;
that
collectively
virtually any fj
hysica
incorporate
Actuator,
Component,
-* FailureMode;
ActionStep,
Maneuver,
Operatingcontext,
Dis laypacket,
OperatorIntent.
Others
wil !f emerge as the project progresses.
structural
An
important
PDM
concept
is
of the network as a natural byproduct
augmentation
of a node's
evaluation:
evaluation
of a newly
ueued rule causes the rule to be structurally knit
s nto
the PDM network. During a node's evaluation,
present in the net
are
any ex ressions not alread
create B as new net nodes, P*inked to the referencing
node via Above links
and placed in
expression's
P
process
themselves.
This
for
expansion
"downward
chaining"
structurally
introduces
t:e
rule into the PDM net.
2. A collection of procedz;s
for interact;;5
with site
engineers
scientists
will
interactively
describe
the site by
filling
in frames.
interface
is
semi-active
*
in a methodical way
from the site engineers.
The
information
compiled
by
the
frame-driven
interface
results in a collection
of data
objects
and
production
rule-like knowledge about
their interrelationships.
of display
primitives
3. A collection
display handling techniques
Once
the
instz$l.Fd by. downward
chaining,
rule's
value
to receive constant PDM
begin
evaluation via "upward chaining": changes in lower
nodes'
values
in the net
ropagate upward
Will
throu h this structure, causing hig R er nodes to be
reeva f uated.
Nodes subject to reevaluation by this
mechanism are queued on Q. By using the same
for both
structural integration of rules in;~~~~~
current context and for the ropagation
of
a P lows
the
PDM
scheme
values,
a graczfil
and
d namic
context-shifting
mechanism.
it
0 i:
viates
run-time
pittern
the
need
for most
and
4. ,A,iollection of *primitive
sensor-reading
actuator-driving
schemata (i.e., code
schemata)
5. A system for corn iling the production rule
description
of t R e site onto an
efficient
lattice-like
data structure that obviates
most run-time pattern matching
matching.
To illustrate, suppose some node's
evaluation
k$s called for zfrule set for monitoring
the degree
0 enness
Relief-Valve-14
(RV-14)
to be
swappe x in. The PDM system will, say, then
ueue up
and
evaluate
others)
a rule,
R?
for
(among
.
comparing
the
RV-14
again;t
the
Pipe-P"4sii$?14yf
ressure of
This
leads
to
R nitting
process:
Rl
looks
for RV-14 and PP-lz
run-time
6. A
maintenance
system
for
coordinatin
the real time of the symbolic
monitor.
causal mode 9
The frames and the nature
of
the knowledge
acquisition
interface
are described in [3]. Since
the real-time efficiency of the generated system is
a critical issue, we devote the
remainder
of
discussion
here
to the architecture
of the Ek
real-time monitor s stem
which we have termed
the
Propagation Driven ifi
achi;e (PDM).
PROPAGATION
DRIVEN
determinin
trigger a higher node, e.g.,
a display
for
communicating
the
results
to
operators.
MACHINES
CAM will require an extre;Eky hi,p$ throughput
from
its runtime
system.
reason, we
cannot tolerate much f eneral
pattern
matchin
f,i;
the basic machine cyc e. To e iminate the nee
attern
mate hing, we base our machine on a form of
d"ependency lattice
similar in structure
described in [l], [2],[4]
and [5]. The e%enE?%
such a scheme is to re reient antecedent-consequent
relations
b~ac~wa~,ra~~~sohhi~~
is useful
in both
forward and
,~reirn;~;;
R
This dual-purpy;:
use of the PDM queue, nam;;;
for
staking
out
net
and
structure
performing
co;~~:~~ion;ak~;
pf-ygztion
of changes
in net
node
topologically
g;;pagating
",,y~lz,ic
system. AE~ .&tsp;ft;heoBett;;e
upward
R
sprouting, while others are atrophying
garbage
collected).
The
system
is e.sr:,tizi$g
sompi ed production rule system, but one
in
compilation"
is as dynamic as the propagation of
as
values. Rule sets can come and go as naturally
values can be changed.
The central data structure of the
PDM
is a
graph
whose
nodes
represent the current value of
some parameter or proposition (e. ., "the
current
value of sensor 23 is X"
K
condition
in chamber
19"ih'rghesl~~e~~ef,p:~~s~~
network nodes are the primitive sensor readers
real
time
clocks
whose
spontaneous
ticking
se uences all propagation in the net.
Nodes in the
PD8 are connected by Above and Below
links
which
reflect computational
dependencies
among noies. For
example,
if node
Nl represents knowledge of the
form
A and B and C) causes D then in the PDM net
E wtidi E-o-1,
aTZlT?lrwiil be Above each of A,
.
,
Semantically,
the
lowest
nodes
of
the
PDM
network,
and those that are present initially
are
spontaneously
ticking real-time clocks whose
Lb ove
pointers gob;;iEensor-reading
nodes.
Additionally,
mon*toring
expressions
are
certain
represented by nodes initially in the net.
As
the
site's
state changes, these 'caretaker" rules (net
not
nodes) will make reference to other rules
queuing them up.':,'
;kE;,turally
part
of the net
references
----.
come
to bg evaluated.
their
evalua tion draws them into the PDM net, where they
begin to participa te in the monitoring
process.
216
shifts in a way that causes the
When
the context
paged-in
;a;Et&;r
node to be uninterested
in the
, the caretaker node drops its reference to
effectively cutting the Below link
iktwe?!?tsE?f"and
the top members of the rule set.
Nodes with no Above
pointers
and
which
are
not
are subject to PDM
marked
as "permanent"
collection. Garbage.collection
is effectivef;rbX
inve:;: oEu:E
origmzl;ddownward
chaining that knit
structurally
removes the
in
set,
entire rule set by following Below pointers.
SUMMARY
of
A CAM generator system is a s ecial
R
do:z:
l;,s
knowledge
acquisition
~ornpl~~"~~"hys~cZ~~~ sites.
causality in large,
from
requires
(1) models of knowled e elicitation
of the
(2)alframe-li 3 e models
the site experts,
physical sites and their
to
conce ts common
causa T topology, and (3) an efficient, yet flexible
en ineering solution to thEfproblems
of controll+ng
production
rule-like
a!? arge symbolic
The PDM model appears to
knowledge
in rea?y~~~~.
be a realistic approach to real-time monitoring:
it
exhibits
the breadth
and
thorou hness
of
classical
rule system, % ut without thz
production
matching
and
database
usual problems of pattern
maintenance.
The
area
of data
driven
real-time
causal
models
of corn lex
ph sical sites appears to be a
very fertile an 8 large I y unexplored
area
of AI
research. Research in this area will he1 brin
following
areas of AI closer together: E rame- %a::
modeling,
systems, knowledge
acquisition,
causal
for
and
efficient
implementation
techniques
real-time
manipulation.
The
domain
'
symbol
manageable because we are modeling s stems in whit;
deep
problem
solving
is not
a %
issue, and
its
theoretically
becausEY
of
interesting
breadth-wise
complexity.
REFERENCES
ill
London,
P. E.,
Dependency
Networks
as
Representation
Modelling
in Genera?
for
Department
of
Computer
I?~?~~~~ Solvers,.
of Maryland,
Technical
University
Report ?R-698, 1978.
[21
McDermott,
D., Flexibility and Efficiency
Computer Pro ram for Designing Circuits,
AIM-402, 197 7 .
E31
Rieger, C. and Stanfill, C., A Causal
Monitor
Generator
System,
Forthcoming TR, Department
of Computer Science, University
of Maryland,
1980.
[41
Shortliffe,
E. H.,
MYCIN:
A
Based
Rule
for Advising
Physicians
Computer
Program
Regardin
Antimicrobial
Therapy
Selection,
Memo
Artificial
Intelligence
ifi
IM-251,
Laboratory,
Stanford University,
1974.
[51
Sussman, G. J. Holloway J. and Knight, I. F.
Desi n for
Computer Aided
Evolutionar
iZ*:tal
K IT, AHM-526,
Integrated
Systems,
1999.
[61 Rieger,
System
Design,
hinTa
,
C., and Grinberg, M.
of Representation
$orACo$??~;E~~~~~
Artificial
Intelligence
and
Pattern
puteran~:d~~7D~gn,
J. co
217