Review of Fault-Tolerant Control Methods for Suspension Systems: From Road Vehicles to Maglev Trains

Abstract

Road vehicles and maglev trains have garnered significant attention, with their suspension systems being crucial for safe and stable performance. However, these systems can be compromised by faults such as sensor and actuator failures, posing risks to stability and safety. This review explores fault-tolerant controls for suspension systems, driven by the need to enhance fault tolerance in such scenarios. We examine the dynamic similarities between the semi-active/active suspension systems in road vehicles and the suspension systems in maglev trains, offering a comprehensive summary of fault-tolerant control strategies for both. Our analysis covers the histories, technical characteristics, fundamentals, modeling, mathematical derivations, and control objectives of both systems. The review categorizes fault-tolerant control methods into hardware redundancy, passive fault-tolerant control, and active fault-tolerant control. We evaluate the advantages and disadvantages of these strategies and propose future directions for the development of fault-tolerant control in suspension systems.

1. Introduction

As science and technology have advanced, transportation has undergone a significant transformation. Initially, it was human-powered, such as bicycles and horse-drawn carriages. Later, it shifted to mechanically powered transportation, like automobiles and trains. Now, we are witnessing the emergence of electrified transportation, including electric cars and magnetic levitation trains. Furthermore, we are entering the era of intelligent transportation, which includes self-driving cars and drones. However, transportation systems have become increasingly complex and uncertain. This complexity arises due to the involvement of a large number of people, transportation facilities, and environmental elements [1]. The uncertainty is mainly attributed to manufacturing and measurement errors, wear and aging, and state uncertainty. For example, variations in vehicle suspension and tire parameters can impact the vehicle’s dynamics and stability [2]. Additionally, situations where the state of a system cannot be accurately predicted and controlled due to changes in the system’s internal and external environments can lead to state uncertainty. For example, sensors and actuators within the vehicle may also malfunction or become distorted, and changes in factors such as road conditions and weather conditions may affect the state of the vehicle [3]. Other factors contributing to uncertainty include the nonlinear properties of vehicle dynamics systems and multi-body dynamics resulting from complex system interactions.

In situations where the dependability and safety of a system are paramount, particularly in complex transportation systems such as airplanes, high-speed trains, and subways, any error in the system control may have severe consequences and endanger the lives and property of individuals. In these complex transportation systems, control systems are critical in ensuring that the system operates at the desired state by regulating and adjusting key variables to reach the desired state of the controlled object. However, it is essential to recognize that all components of the control system are subject to failure. The types of failures that may occur include failures in the controlled object, instrumentation failures (which may involve sensor, actuator, and signal conversion interface failures), and computer and software failures (including hardware, troubleshooting programs, and control algorithm program failures). According to statistics, 80% of control system failures are attributed to sensor or actuator failures [4]. Consequently, sensor and actuator failures are the primary causes of control system failures.

Moreover, electronic components and mechanical parts are the fundamental units of a control system, and the reliability of these basic units determines the reliability of the entire control system. However, using only high-reliability components can significantly increase the cost of the control system. Therefore, the objective of engineering design is to optimize the use of low-reliability components to create a high-reliability control system. This requires a comprehensive understanding of the operating mechanisms of the basic units and their interactions to design the system more effectively [5]. To achieve this, fault-tolerant control techniques have been developed.

In general, fault-tolerant control technology, through the design and application of redundant controllers, actuators, and other components, as well as appropriate fault detection and diagnostic mechanisms, can quickly detect and isolate faults in the event of system failures to ensure the normal operation of the system [6]. For example, fault-tolerant control technology in aircraft control systems can ensure that even if a sensor or actuator fails, the system can still operate normally and ensure the safe flight of the aircraft. Typically, fault-tolerant ideas can be divided into hardware-based redundancy and software-based fault-tolerant control.

The principle of the hardware redundancy method is to set up backups for each component within the control system, so that when a component within the system fails, the backup component is automatically activated to reorganize the operation of the system so that the normal operation of the system is not affected by the failure of the component [7]. In general, the fault-tolerant effect of hardware redundancy systems is better, but excessive redundancy will increase the system cost. Therefore, a balance must be struck between fault-tolerant effectiveness and system cost.

There exist various classifications of software-based fault-tolerant controls, such as the categorization of linear and nonlinear fault-tolerant controls based on the type of system [8] and the categorization of actuator fault-tolerant control and sensor fault-tolerant control based on the location where the fault occurred [9]. Furthermore, fault-tolerant controls can be divided into active fault-tolerant control and passive fault-tolerant control based on the control method [10]. In this paper, we categorize fault-tolerant controls into active fault-tolerant control and passive fault-tolerant control based on whether the fault-tolerant system relies on a fault detection and diagnosis system, and whether its control system can be restructured in terms of structure or parameters.

Active fault-tolerant control is the process of redesigning a control system’s characteristics after a fault has occurred to stabilize the entire system. The performance of the new control system may be inferior to the original system, and most active fault-tolerant control methods require fault detection and diagnosis subsystems. However, some methods do not require this subsystem but do require prior knowledge of the faults [11]. Active fault-tolerant control methods are classified into four main categories: signal reconfiguration, fault compensation, gain scheduling, and online automatic controller design. In gain scheduling methods, a pre-computed control law is selected based on the fault situation, which is determined by the fault detection and diagnosis subsystem. The online automatic controller design approach involves constructing a new controller and computing its parameters, which is a reconfigurable control technique. The general strategy for active fault-tolerant control is illustrated in Figure 1.

Passive fault-tolerant control is an approach that is analogous to robust control, which involves constructing a system that is insensitive to faults in the feedback loop. This approach ensures stability and optimal performance under normal operating conditions, as well as in the event of failures in the actuators, sensors, or other components, by employing controllers with a specific structure that takes into account the values of the parameters in both normal and fault situations. The use of the same control strategy before and after a fault occurs, without any adjustments, is a key feature of passive fault-tolerant control [12]. The strategy for passive fault-tolerant control is shown in Figure 2.

The benefit of a passive fault-tolerant control strategy is that the controller configuration and parameters are typically simple and have a fixed form. However, this approach is conservative, and the performance of the fault-tolerant control system may not be optimal. Additionally, if unforeseen faults occur, the system’s performance and stability cannot be guaranteed [13]. On the other hand, active fault-tolerant control addresses these limitations. It can proactively handle faults as they occur and provides stronger adaptive fault tolerance than passive fault-tolerant control. However, active fault-tolerant control systems require a more complex design, as they need a robust basic controller to maintain stability during the reconfiguration of the control law and a fault-detection unit that is robust to reduce false alarms and shorten the time of fault detection [14].

Fault-tolerant control methods rooted in the aforementioned concepts are extensively utilized in transportation systems. In the aerospace sector, fault-tolerant control techniques have proven to be highly effective [15,16,17,18,19]. Given the exceptional safety and reliability demands of aircraft, particularly those with complex systems, fault-tolerant control technology is an essential tool for ensuring aircraft performance and safety while preventing accidents from occurring. After several decades of development, fault-tolerant control technology has yielded remarkable outcomes in aircraft control, and corresponding fault-tolerant control design techniques have been proposed for various aircraft models and fault types, such as rudder faults, sensor faults, and process faults, among others. The strategy for fault-tolerant control in an aircraft is depicted in Figure 3. In this aircraft system, when the fault detection and diagnosis unit identify the faults, the control system will adjust the control strategy or will reconfigure the system to maintain normal operation.

Fault-tolerant control is also widely used in the automotive sector [20,21,22,23]. In vehicles, fault-tolerant control technology is widely used to improve the reliability and safety of vehicles. Fault-tolerant control systems for automotive actuators are mainly classified into two categories: direct fault diagnosis of actuator components and active fault-tolerant control by reconfiguring the upper-layer algorithms after the fault localization is accomplished; and indirect fault diagnosis of the actuators from the level of the whole vehicle, which is commonly used to identify the key dynamics parameters such as the vehicle speed, the traverse angular velocity, and the lateral deflection angle of the center of mass. Figure 4 shows a fault-tolerant control method for a vehicle.

In the field of magnetic levitation trains, related fault-tolerant control research has achieved extensive results [24,25,26]. Most of the research has focused on the levitation control systems of magnetic levitation trains. The research on the fault-tolerant control of sensors and actuators for magnetic suspension systems has yielded abundant results. On the engineering realization side, hardware redundancy approaches are widely used. On the software side, an active fault-tolerant control strategy consisting of fault diagnosis and feedback reconfiguration is a mainstream approach. This method performs a fault diagnosis of sensors, identifies critical parameters (e.g., levitation gap, levitation acceleration, solenoid current, etc.), and then reconstructs the inputs for the missing signals to maintain system stability. Figure 5 shows a fault-tolerant control algorithm structure of a magnetic suspension system.

In addition to the several systems mentioned above, fault-tolerant control also has a wide range of applications in transportation systems such as ships and railroads. At present, scholars at home and abroad have conducted a series of review studies on fault-tolerant control [28,29,30,31]. These reviews provide some degree of introduction to fault-tolerant control, with related reviews providing detailed information on the application of fault-tolerant control to aircraft. However, these reviews lack an introduction to the fault-tolerant control of suspension systems for magnetic levitation trains. The magnetic suspension system consists of several sets of actuators and sensors that act as the “hands” and “eyes” of the magnetic suspension system by working together to keep the system functioning properly. For example, in the section on low-speed maglev trains, there are 10 levitation controllers and 20 sets of levitation sensors installed in the low-speed maglev trains [32], and a high-speed maglev train is fitted with 32 levitation controllers and 64 levitation sensors [33]. Faced with such a large and complex magnetic levitation train suspension control system, its safety, reliability, and effectiveness become key to this technology. Fault-tolerant control (FTC) technology, as a new technology developed in the 1980s aiming to improve the reliability of systems, has become a powerful tool for solving the problem of fault tolerance of the suspension control systems of magnetic levitation trains, and has attracted more and more academic attention.

In this literature review, our objective is to offer a comprehensive and cutting-edge analysis of the maglev field and delve into the recent advancements in fault-tolerant control techniques. To guarantee the breadth and representativeness of our study, the systematic literature review (SLR) methodology proposed by Kitchenham [34,35] was adopted and implemented in the research. Firstly, we adopted a systematic literature search strategy. Specifically, we carried out an in-depth literature search in the following electronic databases: IEEE Xplore, Web of Science, and Google Scholar. Our search extended from the establishment year of these databases up to January 2024, ensuring comprehensive temporal coverage. The search keywords were meticulously chosen to encompass the core of research on fault-tolerant control methods implemented in magnetic levitation systems and include “fault-tolerant control systems”, “magnetic levitation system”, “active suspension system”, “compensation”, and “real-time optimization”. To enhance the accuracy and scope of the search, we also made use of Boolean operators such as AND, OR, and NOT to formulate complex queries. For example, we employed the following query: ((Fault-Tolerant Control Systems) AND (Magnetic Levitation System OR Maglev Train)) AND (Real-time Optimization OR Compensation). Furthermore, we enforced inclusion and exclusion criteria to ensure that the selected literature were directly related to our research goals and scope. We excluded papers that centered on theoretical deliberations without experimental validation, as well as those that were not directly pertinent to the technological areas of interest. Through this approach, we endeavor to provide readers with a curated assortment of literature that reflects the latest trends and challenges in the application of fault-tolerant control technology to magnetic levitation systems. This paper can provide systematic and abundant references for scholars engaged in the research in this field, as well as the scientific and technological frontiers and key issues that should be paid attention to by the engineers of magnetic levitation transportation. The main contribution of this paper can be divided into two aspects:

• This paper will emphasize the magnetic levitation train suspension system (MLTS) and incorporate it with the vehicle semi-active/active suspension system, which shares a similar structure with the MLTS. The study examines, evaluates, and synthesizes past research on fault-tolerant control, focusing on the routes, theoretical approaches, and technological tools that are common to both systems. The intended audience includes scholars and engineers in the fields of rail transportation, fault-tolerant control, and magnetic levitation.
• The analysis examines the features of two types of engineered systems designed for fault-tolerant control. It delves into specific aspects such as redundancy, fault detection, fault diagnosis, and fault-tolerant control. This information can guide the selection of fault-tolerant strategies in different failure scenarios and holds significant implications for engineering applications. The fault-tolerant control methods discussed in this paper for suspension systems can be basically classified according to Figure 6.

The remainder of the paper is structured as follows: in Section 2, the technical characteristics of the suspension control system, including the basic principles, the modeling process, and the control objectives, are presented. Section 3 reviews the literature on fault-tolerant control in vehicle active suspension systems. Section 4 presents a literature review of fault-tolerant control in maglev train suspension systems. Section 5 reveals the characteristics of several techniques. Finally, Section 6 gives a summary and outlook.

2. Technical Characteristics of Suspension Systems

The suspension system, which is employed in both automobiles and magnetic levitation trains, is primarily designed to bear the weight of the vehicle body and distribute loads such as driving and braking [36,37]. Its capacity to accommodate geometric distortions and unevenness of the track or pavement greatly impacts the safety, reliability, and comfort of the vehicle [38,39].

Table 1. Comparison of maglev train suspension system and road vehicle suspension system [42,43].

Name	Suspension System
Control system	Levitation system of Maglev train	Semi-Active/Active Suspension System of Road Vehicles
Control Objective	To keep the suspension gap between the train and the rail within a certain range by precisely controlling the current or voltage in the suspension electromagnet.	Body vibration and body height are controlled by changing the height, shape, and damping of the suspension system.
Control Method	Various sophisticated sensors are required to monitor the system status and regulate the control parameters through the control unit.

lists the comparison between the maglev train suspension system and the road vehicle suspension system. In vehicles, a suspension system comprising springs and shock absorbers functions to absorb and disperse vibrations. This system is typically attached to the suspension portion of the vehicle, connecting the wheels to the body [40]. For magnetic levitation trains, the suspension system relies on electromagnetic force to achieve stable levitation, which is primarily determined by the attraction between the guideway and the electromagnet. The suspension controller automatically adjusts the electromagnet’s current size based on the train’s actual distance from the rail to maintain a consistent levitation gap, ensuring the safe and comfortable operation of the train [41].

2.1. Dynamic Modeling of Road Vehicle Suspension Systems

Vehicle body vibration and tire cropping are provoked by road surface unevenness when the vehicle is driven on the road. In addition, the vehicle body vibration caused by road surface unevenness will also lead to changes in body attitude, such as longitudinal body pitching motion and lateral body tilting motion [44]. When body vibration reaches a certain level, it can lead to uncomfortable passengers or damage to the carried cargo, affecting driving safety. Suspension is an important part of the car, as it connects the car body with the axle elastically and bears the force acting between the wheels and the car body, cushioning the impact load transferred to the car body from the uneven road surface, attenuating the vibration of the car body caused by various dynamic loads. Suspension has a great influence on the smoothness of the car motion, maneuvering stability, and other performance indicators. Therefore, suspension design has always been one of the issues of great concern to automobile designers. According to the different working principles of suspension, it can be divided into passive suspension, semi-active suspension, and active suspension. Semi-active suspension in the automobile suspension system that mainly utilizes variable damping or other variable energy-consuming components. With the increase in automobile speed and the demand for energy-saving automobiles, environmental protection, safety, and comfort, people put forward higher and higher requirements for the performance of automobile suspension. Due to the structure of passive suspension and the fact that the main parameters cannot be automatically adjusted with the speed of the car and road conditions, it is not possible to achieve the desired performance indicators in a variety of working conditions, and the optimization of the parameters to improve the performance of this type of suspension is also close to its limit, so the current research on automotive suspensions is mainly focused on electronic control of the suspension. Electronically controlled suspensions are generally categorized into semi-active suspensions and fully active suspensions [45]. Fully active suspensions use a force generator, or actuator, to replace the springs and dampers of conventional passive suspensions. The actuator, which is usually hydrodynamic or pneumatic, generates a force of the appropriate magnitude based on a control signal. The next section will focus on the dynamics model of a representative semi-active suspension.

Due to the complexity of the vehicle structure, the vehicle suspension is a nonlinear system with multiple degrees of freedom coupled with each other. For the convenience of analyzing the problem, the model is usually simplified to a certain extent. Since the left and right sides of the road do not change much, when establishing the vertical dynamics model of the car traveling on the road surface, the effect of lateral inclination due to the difference between the left and right sides of the road surface may not be taken into account, and the complex vehicle model can be simplified to a four-degree-of-freedom half-vehicle model [46], as shown in Figure 7.

In Figure 7, $M_a$ represents the mass of the vehicle body; $x_a$ is the vertical displacement of body centroid; $\theta$ is the vertical displacement of the vehicle body’s center of mass; $L_a/L_b$ are the distances from the center of mass of the car body to the front/rear axle, respectively; $L$ is the front and rear axle wheelbase; $M_l/M_r$ are the unsprung masses for the left and right sides; $x_{lu}/x_{ru}$ are the vertical displacements of the unsprung masses on the left and right sides; $k_{lt}/k_{rt}$ are the tire stiffness coefficients for the left and right tires; $x_{lr}/x_{rr}$ are the vertical displacements of the road surface on the left and right sides; $c_{ls}/c_{rs}$ are the damping coefficients for the left and right sides; $k_{ls}/k_{rs}$ are the suspension stiffness coefficients for the left and right sides; $x_{ls}/x_{rs}$ are the vertical displacements at the vehicle body end on the left and right sides; and $u$ is the actuator control output force.

When the suspension mass distribution coefficient is close to one, the vertical vibrations of the front and rear suspension systems are virtually independent and can then be simplified to the two-degree-of-freedom model of a single-wheeled vehicle (1/4 vehicle), as shown in Figure 8.

The simplification process makes the following assumptions: (1) Neglect the deformation of the spring-loaded mass and treat it as a rigid body. (2) The wheel stiffness $k_t$ and the suspension damping spring stiffness $k_s$ are linear, ignoring the hysteresis phenomenon of suspension damper damping. (3) The tires were never detached from the ground during vehicle driving.

The automotive semi-active suspension system incorporates a damping force control mechanism to regulate the mechanical model of the damper, which is represented by the variable damping force u. Additionally, u serves as an input to the system, along with other factors such as the unspring mass $m_1$, sprung mass $m_2$, tire stiffness $k_t$, suspension spring stiffness $k_{\mathrm{s}}$, base value damping factor $c_s$, and road surface unevenness $x_0$. Meanwhile, let $x_2$ represent the deflection of the sprung mass and $x_1$ represent the deflection of the unspring mass.

We can get the following kinetic equation:

$$\left\{\begin{array}{l}{m}_1{\ddot{x}}_1-k_s\left(x_2\right)+k_t(x_1-x_0)-c_s({\dot{x}}_2-{\dot{x}}_1)+u=0\\ m_2{\ddot{x}}_2+c_s({\dot{x}}_2-{\dot{x}}_1)+{k-x_1}_s(x_2-x_1)-U=0\end{array}\right.$$

(1)

where the total damping force is as follows:

$$F=c_s\left({\dot{x}}_2-{\dot{x}}_1\right)+u$$

(2)

Take the following state variables:

$$X={\left[\begin{array}{c}{x}_1-x_0,x_2-x_1,{\dot{x}}_1,{\dot{x}}_2\end{array}\right]}^T$$

(3)

Also take ${\dot{x}}_0=w\left(t\right)$, i.e., considering the roadway speed input as noise, the state-squared equations of the system are as follows:

$$\dot{X}=AX+Bu+Gw$$

(4)

where

$$\left.A=\left|\begin{array}{cccc}0& 0& 1& 0\\ 0& 0& -1& 1\\ {\displaystyle \frac{-k_{\mathrm{t}}}{m_1}}& {\displaystyle \frac{k_s}{m_1}}& {\displaystyle \frac{-c_s}{m_1}}& {\displaystyle \frac{c_s}{m_1}}\\ 0& -k_s& {\displaystyle \frac{c_{\mathrm{s}}}{m_2}}& {\displaystyle \frac{-c_{\mathrm{s}}}{m_2}}\end{array}\right.\right|,B=\left[\begin{array}{c}0\\ 0\\ {\displaystyle \frac{-1}{m_1}}\\ {\displaystyle \frac{1}{m_2}}\end{array}\right],G=\left[\begin{array}{c}-1\\ 0\\ 0\\ 0\end{array}\right]$$

The output equation can then be designed as follows based on the desired output:

$$Y=CX+Du$$

(5)

At present, with the development of computer technology, electronic technology, and hydraulic homologation technology, active/semi-active suspension has been widely used. At the same time, the development of various control theories means a variety of control methods have been applied to active/semi-active suspension control, such as optimal control, anticipatory control, adaptive control, neural network control, fuzzy control, etc. [48]. However, these control technologies were developed in consideration of the fact that the suspension, sensors, actuators, and controllers are all in perfect condition. When the suspension, sensors, actuators, or even the controller fails, the above control effect cannot achieve the original design goal, meet the requirements of vehicle ride comfort, and meet the requirements of vehicle driving safety. Fault-tolerant control involves adopting certain control strategies or methods for the possible failure of the control system so that the performance indexes of the control system can meet the requirements in the absence or presence of faults [49]. Therefore, considering various faults of vehicle active suspension systems and implementing fault-tolerant control is an important way to optimize the suspension design, improve the reliability and quality of vehicle active suspensions, and further improve the safety of vehicle driving.

2.2. Dynamic Modeling of the Suspension System of a Magnetic Levitation Train

The EMS-type maglev train comprises multiple bogies, each of which contains a minimum of four levitation electromagnets. Among these, a single levitation electromagnet serves as the fundamental component [50]. By employing a decentralized independent levitation control strategy and the modularization concept of the magnet structure, the control issue of the levitation system is separated into a single levitation control problem through decoupling, and the dynamics model and characteristics of the levitation of a single electromagnet are examined. A standard integral levitation electromagnet consists of two half-body levitation electromagnets, and each half-body levitation electromagnet (i.e., a single-point levitation system) corresponds to a set of levitation sensors and a set of levitation controllers [51]. Figure 9 provides a schematic illustration of a single-point suspension module.

The single-point levitation control system consists of a levitation frame, bracket arm, primary levitation, secondary levitation, solenoid, F-rail, and sensors. The levitation frame is connected via the primary levitation to the levitation electromagnet, which loads the load onto each individual levitation subsystem. Attraction is controlled by actively controlling the current to the direct current (DC) solenoid so that the solenoid and rail maintain a clearance of 8–10 mm for levitation [52] and the vehicle can travel around the guideway without contact.

An illustration of an EMS levitation system without considering the rail beam deformation as well as the damping relationship is shown in Figure 10.

In Figure 10, $Mg$ is the electromagnet gravity; $F_d$ is the external disturbance; $F_e$ is the electromagnetic attraction force; $i\left(t\right)$ is the control coil current; $u\left(t\right)$ is the coil circuit voltage; ${\mathsf{\Phi }}_T$ is the main pole magnetic flux; and ${\mathsf{\Phi }}_m$ is the air gap magnetic flux. The floating electromagnet and the coil are located below the track. Let c(t) and h(t) be the displacements of the electromagnet and the track with respect to a reference plane, respectively, and z(t) be the gap between the electromagnet and the track. They are related by the following [53]:

$$c\left(t\right)=h\left(t\right)+z\left(t\right)$$

(6)

The force analysis of a certain levitation frame of a low- and medium-speed maglev train is carried out, and the dynamic equation function of the levitation frame is obtained:

$$\left\{\begin{array}{l}M{\displaystyle \frac{d^{2}z\left(t\right)}{d{t}^2}}=Mg-F_e+F_d\left(\delta ,t\right)\\ F_e\left(t\right)={\displaystyle \frac{{\mu }_0{N}^{2}A}{4}}{\left[{\displaystyle \frac{i\left(t\right)}{z\left(t\right)}}\right]}^2\end{array}\right.$$

(7)

in which $m$ is the equivalent mass of the levitating electromagnet; $g$ is the acceleration of gravity; $F_d$ is the external disturbance dynamic; $F_e\left(t\right)$ is the electromagnetic attraction at moment $t$; $F_d\left(\delta ,t\right)$ is the external disturbance force at moment $t$; ${\mu }_0$ is the air permeability; $i\left(t\right)$ is the coil current; $A$ is the area of the solenoid pole; and $N$ is the number of turns of solenoid windings [54].

According to the function of the equations of motion of the levitating frame, the low- and medium-speed levitation model with the current as the control quantity is obtained:

$$\left\{\begin{array}{l}{\dot{x}}_1=x_2\\ {\dot{x}}_2=g+b\left(x\right)u+d\end{array}\right.$$

(8)

where $x_1$ and $x_2$ are the two state variables indicating air gap and rate of change of the air gap for the system; $g$ is the acceleration of gravity; $u$ is the input; $b\left(x\right)$ is the input coefficient for the corresponding state; and $d$ is the perturbation.

The control quantity is the current and the output quantity is the levitation air gap. The state-space equation of the levitation control system under rigid orbit conditions is expressed as follows:

$$\left[\begin{array}{c}{\dot{x}}_1\\ {\dot{x}}_2\end{array}\right]=\left[\begin{array}{c}{x}_2\\ -{\displaystyle \frac{{\mu }_0{N}^{2}A}{4M}}{\left({\displaystyle \frac{u}{x_1}}\right)}^2+g+{\displaystyle \frac{F_d}{M}}\end{array}\right]$$

(9)

On the basis of the above model, the model can be further refined by considering kinetic relationships such as primary suspension, secondary suspension, etc. [55]. Figure 11 shows the suspension model considering the secondary suspension as well as the vehicle-rail coupling.

In the design of the suspension system for high-speed maglev trains, modeling typically considers the characteristics of the lap structure and the dynamics of the electromagnetic system [56]. A lap structure refers to the structure in a high-speed maglev train suspension system, where two electromagnets are connected by a levitation frame and work together to support the levitation of the train [57]. By examining the characteristics of the overlapping structure and integrating them with the dynamics of the electromagnetic system, a model for the high-speed magnetic levitation train suspension system can be developed. This model is illustrated in Figure 12.

For overlapping structures, take the following state quantities: $X={\left[x_1{x}_2{x}_3{x}_4\right]}^T={\left[z_1\dot{z_1}{z}_2\dot{z_2}\right]}^T$, and the simplified state-space expression can be obtained as follows:

$$\begin{gathered} \left\{\begin{array}{l}\dot{x_1}=x_2\\ \dot{x_2}=g-{\kappa }_1{\displaystyle \frac{i_l^2}{x_1^2}}+{\displaystyle \frac{K_s}{2M_1}}\left(x_3-x_1\right)+{\displaystyle \frac{M_h+M_c}{2M_1}}g\\ \dot{x_3}=x_4\\ \dot{x_4}=g-{\kappa }_2{\displaystyle \frac{i_r^2}{x_2^2}}+{\displaystyle \frac{K_s}{2M_2}}\left(x_1-x_3\right)+{\displaystyle \frac{M_h+M_c}{2M_2}}g\end{array}\right. \\ {\kappa }_1={\displaystyle \frac{{\mu }_0{N}_{e1}^2{A}_{e1}}{4}},{\kappa }_2={\displaystyle \frac{{\mu }_0{N}_{e2}^2{A}_{e2}}{4}} \end{gathered}$$

(10)

The mass of the suspension frame is denoted by $M_h$, while $M_c$ represents the mass of the transportation. The masses of the left and right electromagnets are denoted by $M_1$ and $M_2$, respectively, and the stiffness of the inner left and right springs is represented by $K_s$. The number of turns of the solenoid coil is $N_e$, and the effective pole area of the electromagnet is $A_e$. Additionally, the magnetic permeability under a vacuum is ${\mu }_0$.

According to the state-space equations, the single-point levitation control system of an EMS-type maglev train is a strongly nonlinear system [58]. In addition to achieving stable levitation, control objectives include suppressing electromagnet-rail coupling vibrations, tracking low-frequency variations of the rail (e.g., curves and slopes) within permissible gap variations, withstanding a wide range of vehicle loading disturbances, and withstanding, to a certain extent, the effects of external disturbances. The more widely used control methods in maglev control are linear state feedback methods (such as PD control, PID control, or LQR). These methods are simple and effective in design. They only require the introduction of the output error and its differential, or some state variables, which are then combined with the control gain parameters to obtain the control law. These methods have a low design cost and are still widely used today. However, the drawbacks of this method are also very prominent, because the design of the controller is carried out after the linearization of the original nonlinear model and the gain cannot be adjusted online. As a result, the levitation effect can easily become unstable or even severely unstable when the operating state deviates from the equilibrium point, or when inhomogeneous tracks and elasticity are taken into account. However, considering that the process of maglev train operation is a complex, dynamic process, especially during the operation of the system, it may encounter problems of load changes and perturbations caused by factors such as track inhomogeneity [59]. In addition, the suspension system is typically a strongly nonlinear unstable system. In terms of system reliability, the magnetic suspension system is an extremely complex and sophisticated system, so the failure of any part of the suspension system, such as sensors or actuators, will bring great harm to the whole system [60]. Therefore, fault-tolerant techniques are important and necessary in suspension systems where security is a prerequisite.

3. Fault-Tolerant Control of Road Vehicle Active Suspension Systems

In recent years, research on the fault-tolerant control of vehicle suspension systems from different perspectives has been widely carried out, including passive fault-tolerant control methods and active fault-tolerant control methods, as well as fault detection and diagnosis of the suspension system. From the viewpoint of the object of fault-tolerant control, the relevant research is mainly carried out for the actuators and sensors of the suspension system. This paper mainly introduces passive fault-tolerant control and active fault-tolerant control.

3.1. Passive Fault-Tolerant Control Method

Passive error-tolerant control of active suspension systems is considered an effective fault-tolerant control method, which takes into account the failure of the active suspension system in advance. An offline designed controller is used to make the system insensitive to faults, so that the system performance can be maintained or kept within an acceptable range even when components or parts of the system fail, thereby improving the reliability and effectiveness of the control. At the same time, when designing the fault-tolerant controller offline, the system parameter perturbations within a certain range are taken into account in advance so that the designed control system is stable and has both robustness and fault-tolerant control effects.

Consequently, the implementation of robust passive fault-tolerant control of the active suspension represents an effective strategy for further enhancing its control reliability, which will consequently enhance the control quality of the active suspension. Specifically, the passive fault-tolerant controller design for active suspension should consider the actuator failure and suspension system parameter uptake at the outset of the controller design. This is because the designed passive fault-tolerant controller must not only have a good control effect on the control of the control system but must also be capable of maintaining similar performance indexes to those of the active suspension under the control of a normal control law, while also demonstrating a superior control effect on the control of a faulty suspension where parameter uptake and actuator failure occur. The control system must retain its ability to exert control. The control effect of a faulty suspension under state feedback controller control makes the active suspension control fault-tolerant and robust to parameter uptake under faulty conditions. This realization of robust fault-tolerant control (RFTC) of the active suspension is made possible by the aforementioned control methods, which include robust control methods, adaptive control, and sliding mode control methods, respectively.

3.1.1. Robust Fault-Tolerant Control Method

Zhang [61] proposed a H2/H∞-based robust passive fault-tolerant control (RPFTC) strategy method. Taking the half-car model as an example, considering actuator fault and parameter perturbation of active suspension in advance, the optimal robust fault-tolerant controller design can be transformed into the optimal feasible solution problem in the LMI toolbox by using the multi-objective H2/H∞ state feedback controller and the bounded real argument theorem. That is, according to the optimal robust control method based on state feedback under fault-free conditions, the specific control law parameters are obtained by solving the corresponding constraint matrix inequality of the closed-loop fault system. On the basis of Zhang’s research, some scholars have conducted further research based on the H2/H∞ robust passive fault-tolerant control (RPFTC) strategy method. Ahmad [62] proposed a dynamic event-triggered communication mechanism for an automobile suspension control system based on a H2/H∞ state feedback controller for event-triggered uncertain actuator faults. The proposed method considered actuator failure and complete shutdown as special cases, and the DETC (dynamic event-triggered communication) mechanism allowed the threshold parameters in the trigger conditions to be adaptively adjusted according to some dynamic rules, making it more possible to trade off resource usage and control performance. Xiong [63] used controller gain variation to describe perturbation or uncertainty of actuator parameters. Considering ride comfort, road holding capacity, and hard constraints of suspension deflection and actuator forces, a H2/H∞ state feedback-based quantization control strategy was proposed for closed-loop systems with and without actuator faults by using the redundancy of input quantization errors. The design strategy is unified, simple, and can be easily extended to the case of static output feedback since only part of the variables measured by sensors is available. Viadero [64,65] studied the problem of using an active suspension control system to improve vehicle driving safety and comfort under network communication conditions. An integral event-triggered condition is defined to reduce network occupancy over time, and a dynamic output feedback controller is designed according to H∞ criterion and Lyapunov function to ensure system stability. At the same time, actuator faults are considered in controller design. The integral event-triggered law is considered in the design of the controller, which improves the transmission rate (TR) and enhances system stability. Wong [66] proposed a robust control algorithm considering finite time and designed a robust synchronous control strategy for an ECAS system (electronically controlled air suspension) with a H∞ index. The robust control of vehicle height and attitude adjustment in the presence of uncertain parameters, external disturbances, and fault-tolerant control of actuator faults in the ECAS system were realized. Compared to the traditional nonlinear model predictive controller, the proposed controller can effectively reach the desired vehicle height in both healthy and faulty conditions in finite time and has a better vehicle attitude. Figure 13 shows a fault-tolerant control method that adds a dynamic event-triggering mechanism on the basis of traditional robust fault-tolerant control.

3.1.2. Adaptive Fault-Tolerant Control and Sliding Mode Fault-Tolerant Control Methods

In addition to the H∞ optimal theory for fault-tolerant control, many scholars have proposed adaptive control and sliding mode control methods, considering bounded parameter variations and perturbations’ effects on system performance and stability. Cao [67] proposed an adaptive fault-tolerant control strategy for an active electromagnetic suspension system, considering unknown time-varying delay and dynamic burst fault. The unknown dynamic characteristics were identified using fuzzy logic systems (FLSs). This strategy improves the controllability and safety of electromagnetic active suspension systems in case of delay and fault. Zhang et al. [68] took the active suspension system as the research object. By constructing a time-varying Barrier Lyapunov function (TVBLF), a virtual fault-tolerant controller, a main fault-tolerant controller, and an adaptive law were designed to ensure the vehicle’s displacement and speed did not violate the constraint boundary, achieving fast fault tolerance. A radial basis function neural network (RBFNN) approximated the unknown continuous function caused by uncertain factors in the system. However, this method has serious chattering, needing further improvement of the control law. Kazemipour et al. [69] proposed a fault-tolerant control strategy based on a terminal sliding mode for a nonlinear quarter-vehicle suspension model with unknown road disturbance, model uncertainty, unknown external disturbance, and actuator failure. The established control law ensures the finite-time stability of the system trajectory, and ride comfort and road handling performance. The proposed algorithm’s advantage does not require prior knowledge of the active suspension system’s actuator fault boundary, prior information, and model uncertainty. Zhao et al. [70] studied the fault-tolerant control problem of a quarter-car nonlinear active suspension model. To improve ride comfort and handle stability under partial actuator failure, a SMC fault-tolerant controller (Figure 14) based on a radial basis function (RBF) was designed. This method effectively compensates for the fault and improves vehicle ride comfort.

Kou [71] proposed an adaptive sliding mode fault-tolerant control method to address actuator failure and vehicle handling balance degradation caused by nonlinear spring and damper pressure in electromagnetic hybrid suspension systems. The method involves designing an adaptive sliding mode fault-tolerant suspension controller based on a human body model, combining sliding mode manipulation with adaptive control. This approach utilizes the gravitational search algorithm (GSA) and linear matrix inequalities (LMIs) to optimize the sliding surface parameters, selecting the most favorable solution based on a health function. Sun [72], focusing on actuator faults of active suspension, studied the characteristics of suspension systems under different road excitations and various actuator faults using terminal sliding mode and second-order supe spiral sliding mode algorithms, achieving the fault-tolerant control of nonlinear hydraulic actuators in seven-degree-of-freedom suspensions. The method (Figure 15) introduces a non-singular fast terminal sliding mode controller to suppress the acceleration of sprung mass motion and utilizes a supe spiral sliding mode controller to track the desired control force generated by the terminal sliding mode. This enables the active suspension to maintain the desired performance under external disturbance and actuator fault conditions. The control algorithm effectively enhances vehicle vibration system performance, and compared with traditional H∞ control, the proposed method more effectively improves system reliability.

3.1.3. Intelligent Fault-Tolerant Control Method

Meanwhile, numerous scholars have embraced intelligent fault-tolerant control methods for automobile suspension. One of the more prevalent approaches is fuzzy fault-tolerant control (FFTC), which can be implemented by an operator utilizing appropriate fault-tolerant countermeasures based on accumulated experience. Fuzzy fault-tolerant controllers, derived from passive fault-tolerant control, encompass adaptive fuzzy fault-tolerant controllers, self-organizing fuzzy fault-tolerant controllers, self-learning fuzzy fault-tolerant controllers, hierarchical step-by-step fuzzy fault-tolerant controllers, optimal fuzzy fault-tolerant controllers, and so forth. The fundamental concept behind its design involves automatic adjustment, correction, and enhancement of the fuzzy control parameters or rules through self-adaptation, self-organization, and self-learning, to continually improve system performance in order to adapt to changing external conditions and achieve optimal operational outcomes. One common type of adaptive fuzzy fault-tolerant controller constantly adjusts the system structure or parameters to ensure satisfactory performance even in the event of failure. Furthermore, fuzzy fault-tolerant control does not rely on precise mathematical models and is capable of addressing various uncertainties and model errors present in actual systems. This characteristic renders it more flexible and practical when dealing with issues related to fault tolerance in control systems.

Zhang [73] proposed an adaptive fuzzy fault-tolerant control method for the seat active suspension system. Fuzzy logic was utilized to approximate the two unknown coefficients in the actuator fault of the seat active suspension system, and an adaptive fuzzy fault-tolerant controller was subsequently designed. This approach addresses the actuator fault of the seat active suspension system, effectively addressing passenger comfort and safety concerns. Furthermore, two different road surface disturbances were considered in simulations to validate the effectiveness of this proposed method. Li [74] introduced a novel adaptive fuzzy output feedback fault-tolerant control method for an active suspension system. The study focused on a quarter active suspension system with electromagnetic actuator faults and unknown state variables. Fuzzy logic systems (FLSs) were employed to approximate the nonlinear dynamics of complex springs, while fuzzy state observers were used to estimate unmeasured states. Finally, a new adaptive fuzzy output feedback FTC design was proposed based on the adaptive back-off technique and a specific Lyapunov function, ensuring the stability of all vertical vibration states in case of electromagnetic actuator failure. Yang [75] developed a learning-based MR damper model using a fuzzy inference system based on an adaptive network utilizing experimental data collected from a quarter vehicle test bed. Subsequently, they introduced the T-S fuzzy method to address uncertainty related to the suspension mass and pitch moment of inertia, constructing a corresponding T-S fault semi-active suspension system before proposing an adaptive sliding mode fault-tolerant controller. Xie [76] investigated robust fuzzy fault-tolerant control for nonlinear active suspension systems based on adaptive hybrid triggering techniques employing T-S fuzzy methods to weigh linear subsystems in controller design while considering actuator failures as part of their study’s scope. Mrazgua [77] employed linear matrix inequality (LMI) methodology to design the controller for handling active suspension systems with actuator faults based on the T-S model approach. The proposed fuzzy control system ensures asymptotic stability, compensates for the impact of actuator defects, and meets the H∞ performance requirements. Similarly, Pang [78] constructed the nonlinear model of a 1/4 vehicle based on the T-S fuzzy model, utilized the fault adjustment factor to represent the magnitude of the actuator fault, and subsequently acquired the vehicle active suspension control model considering the mass uncertainty of the suspension system and the actuator fault. Then, the sliding mode control and adaptive theory were integrated, and the appropriate sliding mode surface function and sliding mode fault-tolerant control law were devised to fulfill the fault-tolerant control objective of the faulty suspension system. According to the above analysis of the above passive fault-tolerant control method, the strengths and weaknesses are shown in

Table 2. Strengths and weaknesses of passive fault-tolerant control methods.

Reference	Classification	Strengths	Weaknesses
[61,62,63,64,65,66]	Robust fault-tolerant control method	When a fault emerges, fault-tolerant control can be accomplished punctually. Furthermore, the design is simplistic, reducing the design cost and complexity of the control system.	The method can only adapt to a few specific fault conditions and cannot achieve robustness against all faults with one controller, and this method comes at the expense of sacrificing the performance of the system.
[67,68,69,70,71,72]	Adaptive fault-tolerant control and sliding mode fault-tolerant control methods	Can be applied to nonlinear systems featuring incomplete feedback, uncertain parameters, and external disturbances. It is capable of preserving the stability of the system under such adverse circumstances and attaining a rapid system response.
[73,74,75,76,77,78]	Intelligent fault-tolerant control method	Does not depend on precise models and possesses strong adaptability, prominent robustness, and high real-time performance.	The selection of fuzzy control rules and membership functions frequently relies on experience and lacks systematicity, potentially resulting in the uncertainty of control effects.

.

3.2. Active Fault-Tolerant Control Method

The active fault-tolerant control for vehicle suspension systems can be categorized into methods based on reconfiguration and compensation. Numerous scholars have proposed a variety of fault-tolerant control methods within these two categories.

3.2.1. Fault Tolerance Control Method Based on Reconfiguration

The research on active fault-tolerant control of suspension systems based on reconstructed control primarily focuses on fault detection and diagnosis as its foundation. After a fault occurs, the control laws are readjusted, or sensor signals are reconstructed to ensure that the system performance remains consistent before and after the fault. This reconfiguration includes both sensor signal reconfiguration and control law reconfiguration. Pham [79] proposed an active fault-tolerant control method based on fault diagnosis for the online reconfiguration of control laws. Three observers (LPV observer, NLPV observer, and H-infinity observer) were initially introduced to estimate the damping force of actuators (electrorheological dampers) in suspension systems for dynamic vehicle diagnostics. Subsequently, an FTC method based on LPV was designed for semi-active suspension systems with online reconfiguration according to provided suspension forces under different faulty conditions. Experimental results demonstrated superior performance compared to nominal controllers. Han [80] integrated discrete vehicle active suspension system states and fault signals to design an enhanced system. An active fault-tolerant controller was then proposed based on optimal control theory using reduced-order observers. The controller comprised optimal vibration control components and event-triggered FTC components, which compensated for actuator and measurement faults. Pang [81] treated sensor faults as part of the system state vector, reconstructing a faulty active suspension system into an enhanced one by designing suitable adaptive observers capable of simultaneously estimating sensor faults, actuator faults, and the status of the active suspension system. The adaptive observers accurately estimated sensor and actuator faults, as well as the state of the active suspension system, while non-vulnerable fault-tolerant controllers effectively compensated for performance losses in faulty active suspensions. Wang [82] studied an active suspension system with control input delay and actuator gain faults. Based on the system dynamics model with delay and gain faults, a sliding mode controller was designed. Then, the gain faults were detected and diagnosed using robust observers and residuals, and active fault-tolerant control was achieved by control law reconfiguration. Sun [83] introduced an H∞-based method to reconstruct the sensor fault signals. At the same time, this method can also observe the unmeasured signals. Based on the reconstructed faults and observed signals, a gain scheduling controller was adopted to ensure the performance of the integrated model under different working conditions, and the steering input was selected as the scheduling object parameter. An active fault-tolerant control strategy framework for the vehicle active suspension system actuator with gain variation fault is shown in Figure 16. The active fault-tolerant controller (AFTC) was designed based on the control law reconfiguration and diagnosis information. The active fault control decision mechanism switches between the controller under normal conditions and AFTC according to the fault detection and diagnosis results to realize the suspension active fault-tolerant control in order to optimize ride comfort or have a similar performance with the active suspension system without fault compared with the faulty active suspension system.

3.2.2. Fault-Tolerant Control Method Based on Compensation

The compensation-based fault-tolerant control strategy aims to restore or maintain the system’s performance by introducing compensation mechanisms when the system experiences a fault. This strategy mitigates the impact of faults through various forms of compensation, enabling the system to continue operating at an acceptable level of performance. At its core, this control method involves designing an observer to estimate uncertain, faulty, and disturbed quantities within the suspension system.

Kwon [84] employed a model-based approach to investigate the fault-tolerant control issue of an active suspension system for enhancing vehicle ride comfort in the presence of unknown actuator faults. A fault-tolerant control algorithm was proposed, encompassing actuator fault compensation (FCC) and a fault mode selector. The feedback control input was primarily determined through state and disturbance observers for executing fault model identification. Subsequently, the effectiveness loss of the actuator was estimated and compensated based on the fault compensation strategy. Finally, the control input was redistributed based on the fault mode selector. The disturbance observer introduced in this method estimated other state variables based on easily measurable signals and completely eliminated the influence of unknown road disturbances on estimation error. Du [85] put forward a method for diagnosing faults and implementing fault tolerance in magnetorheological dampers (MR dampers) within a semi-active suspension system for vehicles. An unknown input observer (UIO), characterized by robustness and simplicity, was utilized to detect MR damper faults. Fault isolation for MR dampers was achieved using a phase relationship number method based on system residuals. Lastly, a FTC (Skyhook) controller was designed to compensate for system faults. Kou [86] utilized a fuzzy sliding mode controller, as well as an unknown input observer, to estimate suspension states accurately. Based on residuals obtained from the unknown input observer, comparisons with residual thresholds were made to determine suspension faults effectively. Abboudi [87] established a real observer based on virtual observers to estimate system states and sensor faults accurately without requiring a specific fault isolation module. Based on these two types of observers, robust predictive control was developed using Lyapunov functions to achieve the effective management of linear parameter-varying systems with constraints imposed upon inputs alongside potential sensor failures. Morato [88] employed an extended state observer for fault estimation and subsequently developed an active fault-tolerant control (FTC) scheme based on the reconfiguration of the nominal state feedback strategy. Various straightforward implementation methods were utilized to configure the feedback laws, encompassing direct fault compensation, pole compensation, pole assignment with fault-dependent poles, linear fault-dependent LQR design, polynomial fault-dependent LQR parameters, LQR with a fault-dependent controlled output, and heuristic (vehicle-oriented) fault-dependent LQR synthesis. Pang [89] introduced a hybrid fault-tolerant control strategy (Figure 17) for a nonlinear active suspension system under actuator faults and road disturbances. The primary objective was to establish an extended closed-loop model of the nonlinear active suspension system with actuator faults and road disturbances, subsequently proposing a hybrid fault-tolerant controller composed of a nominal state feedback controller and a robust H∞ observer based on this model. Ho [90] developed an adaptive optimization control of pneumatic active suspension based on the fuzzy state observer, which can simultaneously compensate for the effects of unmeasured states and sensor faults. Its features include adaptive fault-tolerant control using the command-filtering inverse dynamics method to address the complexity explosion problem, as well as positive position feedback (PPF) control ensuring spring-loaded mass displacement stays within predetermined boundaries, thus enhancing tracking accuracy. An adaptive fault compensation method also proposed by Ho [91] can ensure the tracking performance of the suspension system even when the sensor fails. And while not violating the constraint boundaries of all system states, it can also guarantee the tracking error and observer error and solve the problem of complexity explosion. Pang [92] addressed dynamic modeling issues related to semi-vehicle active suspension systems with parameter uncertainty and actuator faults under external road disturbance by utilizing the T-S fuzzy method along with system augmentation technology to construct a T-S representation of enhanced-fault systems while designing a new adaptive law for the online accurate estimation of actuator gain and drift faults. Pang [93] proposed observer-based sliding mode fault-tolerant control for certain types of active suspension systems dealing with parameter uncertainty and sensor faults by establishing enhanced vehicle dynamics model through T-S fuzzy method representation, followed by the development of sliding mode observers estimating system state variables and sensor signals leading to the derivation of Lyapunov theory-based framework solving set linear matrix inequalities. Luo [94] proposed designing an active suspension FTTC based on proportional-integral observers (PIO), first establishing T-S representation of the faulty active suspension, then developing a robust H∞ output feedback controller, improving performance in absence of faults, before finally designing a PIO-based estimator synchronously predicting the system state and unmeasurable actuator faults compensating for achieving FTTC. According to the above analysis of the above active fault-tolerant control methods, they can be classified according to

Table 3. Classification of active fault-tolerant control strategies for vehicle suspension systems.

Reference	Classification	Machinery
[79,80,81,82,83]	Fault-tolerant control method based on reconfiguration	This method is predicated on fault detection and diagnosis. Once a fault emerges, the controller is shifted to the predesigned corresponding fault-tolerant controller in accordance with the detected fault, ensuring that the system performance remains largely unchanged before and after the fault. This scheme is applicable to scenarios where the possible fault modes are known beforehand, and the control law can be predetermined offline. The reconfiguration herein encompasses the reconfiguration of sensor signals as well as that of the control law.
[84,85,86,87,88,89,90,91,92,93,94]	Fault-tolerant control method based on compensation	This approach lies in restoring or maintaining the performance of the system when it fails by introducing a compensation mechanism. This strategy mitigates the influence of the failure via diverse forms of compensation, allowing the system to keep operating at an acceptable performance level. This method typically involves real-time monitoring and evaluation of the system state, along with the design and implementation of compensation measures for the impact of the failure.

.

4. Fault-Tolerant Control for Maglev Train Suspension Systems

In recent years, scholars both domestically and internationally have conducted extensive research on fault-tolerant strategies for maglev train suspension systems from various perspectives. Based on fundamental principles, these strategies primarily encompass hardware redundancy, passive fault-tolerant control, and active fault-tolerant control.

4.1. Hardware Redundancy Strategy

Similar to other complex control systems, suspension systems also employ the concept of redundancy control in practical applications. In hardware redundancy, backup systems are implemented for various components within the control system. When a component experiences a failure, the backup component is automatically activated and the system’s operational mode is reconfigured, enabling the system to continue functioning without being impacted by the faulty component. Specifically in suspension systems, increasing system redundancy enhances reliability and facilitates fault tolerance.

Michail [95] proposed a framework for optimizing sensor systems and a fault-tolerant control scheme for electromagnetic magnetic suspension systems, with the aim of minimizing sensor usage to optimize performance, reduce complexity, and provide fault tolerance. The results demonstrated that employing the minimum number of sensors (replacing up to five sensors with three) resulted in optimal performance while reducing system complexity. This strategy also offered fault tolerance and optimal performance for each potential sensor set before any faults occurred, ultimately leading to reduced overall costs. Zhang [96] implemented a three-out-of-two fault-tolerant strategy by utilizing redundant gap sensors at each suspension point to prevent sensor faults and sudden changes in the gap between the guideway and vehicle. Additionally, based on the connection structure of high-speed maglev trains, adjacent suspension points were utilized to share suspension effects when one point failed, thereby achieving fault tolerance. Zhai [97] leveraged symmetrical structural characteristics of splicing structures to design adaptive controllers for individual suspension units, effectively addressing control issues within the system. In cases where a single unit failed, Zhai simplified the spliced system into a single electromagnet system for fault-tolerant control. This redundant strategy resolved issues related to the failure of individual suspended control units within suspended connection structures while enhancing overall reliability. Chen [98] integrated two suspended controllers, resulting in the effective reduction of train load. Furthermore, Chen implemented redundant control using one board simultaneously with another; this approach effectively avoided previous designs that led to significant increases in system weight due to redundancy. Long [99] introduced a new structure for low-speed maglev train single-module suspended systems by employing four controllers managing eight electromagnets, which increased system redundancy. Long also incorporated sensor information into a redundant communication network allowing each controller to access more comprehensive state information about the entire system. Liang [100] adopted dual-mode redundant systems design (Figure 18) and performed fault-tolerant design involving signal boards, control boards, and IO boards within suspension computers, significantly improving reliability at the controller level as well as enhancing safety during operations. Deliparaschos [101] validated systematic sensor selection frameworks aiming toward efficient resource allocation without compromising performance across all sets, requiring minimal additional resources. Michail [102] proposed a hardware-in-the-loop (HIL) method based on field-programmable gate arrays (FIL) aimed at optimizing controls, alongside selecting robustly fault-tolerant sensors suitable under various conditions prior to any potential faults occurring, thus minimizing associated costs efficiently.

4.2. Passive Fault-Tolerant Control Method

Passive fault-tolerant control in magnetic suspension systems is a strategy that maintains system stability without altering the structure and parameters of the fault-tolerant controller before or after a fault occurs. This approach shares similarities with robust control and offers the advantage of relatively simple controller design, as well as obviating the need for a fault diagnostic unit, thus facilitating practical implementation in engineering applications. Building upon this concept, several scholars have developed various passive fault-tolerant control methods by integrating principles from robust control, adaptive control, and related methodologies.

4.2.1. Robust Passive Fault-Tolerant Control Method

Some scholars have developed robust passive fault-tolerant control methods based on robust control design. Long [103] designed a fault-tolerant controller with complete integrity against actuator failures for a single-module suspension system of a magnetic levitation train with parameter uncertainties. Simultaneously, considering engineering practical needs, the weight concept was introduced to modify the control law and manage suspension gap changes under different actuator failure modes. The robust fault-tolerant control method exhibits resilience to closed-loop system parameter uncertainty and provides fault tolerance for partial actuators with certain perturbations. Fang [104] investigated the robust H∞ fault-tolerant control problem in systems with input delay and uncertainty when actuators fail. This approach employed a conservative algorithm with reduced conservatism in handling inequality amplification, effectively decreasing controller design conservatism while ensuring stability and disturbance attenuation ability in time-delayed uncertain systems, as well as tolerating actuator faults. Zhai [105] focused on the suspension module of EMS-type high-speed maglev trains, utilizing synchronous stability principles and stable rational fraction factorization methods to design a passive fault-tolerant controller that ensures high-speed stable operation even if one suspension module fails, thereby enhancing the operational reliability of high-speed maglev trains by guaranteeing fault-tolerant stability within the system. Yang [106] proposed a fault-tolerant controller design method for networked control systems experiencing continuous packet loss and time-varying delay conditions. Based on Lyapunov’s theorem, this method derived sufficient conditions for robust stability under all possible sensor faults, packet loss scenarios, and delays within networked control systems using LMI methods for stability analysis and controller synthesis.

4.2.2. Adaptive Fault-Tolerant Control Method

Meanwhile, some scholars adopted adaptive fault-tolerant control methods. Sun [107] established a nonlinear dynamic model of a suspension system based on the splicing structure and described the fault of the actuating mechanism. Then, a nonlinear fault-tolerant suspension control law with an adaptive update rate was designed to achieve stable suspension under local actuating mechanism failure. Using the Lyapunov theory and the extended Barbalat lemma, the closed-loop asymptotic stability was strictly proved under the condition of a partial failure of the actuator in the nonlinear dynamic model without approximating the original nonlinear dynamics. Jia [108] proposed a robust adaptive fault-tolerant controller (RAFTC) for the output tracking control problem of an uncertain magnetic suspension system with time-varying actuator faults. Its feature is that it considers the time-varying faults, including the effectiveness loss and the biased actuator, and introduces a smooth projection correction adaptive law to deal with the influence of parameter uncertainty and interference. Liu [109] proposed a robust submersion and invariance adaptive synchronization control framework with a disturbance observer, and introduced a Barrier Lyapunov function (BLF) into the controller to keep the output within the specified constraint conditions, thus solving the problem of the adverse effects of parameter uncertainty and external interference on system performance and system output. Hu [110] proposed a fractional-order control adaptive control method (FOCM) for the speed/position tracking control problem of high-speed trains. The method considered the nonlinearity and uncertainty of the system, such as nonlinear control inputs, time-varying parameters, disturbances, train forces, and actuator faults, and had the characteristics of adaptability, robustness, and fault tolerance, without involving detailed information of system parameters. Furthermore, the FOCM-based controller significantly improved the control performance of the system, especially in terms of control accuracy, anti-interference ability, and convergence. Chen [27] proposed a neural network-based state observer to effectively estimate the system state and parameter matrix; secondly, based on the neural network observer model, a more robust inverse control algorithm was designed by combining the output limitation characteristic with the Lyapunov function, ensuring the stability of the system under interference; it had a fast response speed and was stable during hovering, and had a good anti-interference ability against time-varying mass disturbance. Tepljakov [111] investigated the application of model reference adaptive control (MRAC) in fractional-order PID (FOPID) closed-loop control of magnetic suspension systems. The proposed multi-loop MRAC FOPID control structure consisted of two nested loops that interacted with each other to enhance robust control performance under interference and fault conditions. According to the above review of passive fault-tolerant control methods, the classification and mechanism of passive fault-tolerant control methods of maglev train suspension system are shown in

Table 4. Applications of passive fault-tolerant control strategies for maglev suspension systems.

Reference	Classification	Machinery	Failure Scenario
[103,104,105,106]	Robust passive fault-tolerant control method	Considering the faults of the active suspension actuator and parameter perturbations in advance, the complex nonlinear and parameter uncertainty issues are converted into the offline design issue of the optimal robust fault-tolerant controller.	Is predominantly utilized in circumstances where the actuator exhibits certain perturbation faults or malfunctions. Meanwhile, in [105], this approach was also employed for potential sensor malfunctions.
[27,107,108,109,110,111]	Adaptive fault-tolerant control method	The adaptive fault-tolerant control measures the feedback signal of the controlled object in real-time, compares it with the expected output, and adjusts the parameters of the controller through an adaptive algorithm to precisely describe and control the dynamic characteristics of the controlled object.	Mainly focuses on the faults occurring in the actuator of the suspension system, including the partial failure of the actuator and parameter perturbations.

.

4.3. Active Fault-Tolerant Control Method

Active fault-tolerant control involves adjusting the controller structure or modifying the control parameters following a fault occurrence to ensure that the system performance remains essentially unchanged before and after the fault. This type of control is categorized into signal reconfiguration, fault compensation, gain scheduling, and online automatic controller design methods. The effectiveness of active fault-tolerant control relies on the accuracy and timeliness of the results obtained from the fault diagnosis subsystem.

4.3.1. Fault Detection and Diagnosis

• Fault detection

The process of fault detection involves identifying anomalies in a system from its healthy state to the point of failure, caused by various factors during operation. These anomalies are typically rare, unpredictable, or uncertain events that significantly impact the safety and reliability of the system. Numerous scholars have proposed diverse methods for fault detection.

Xu [112] conducted a study on real-time stability performance monitoring and evaluation of a PEMS suspension system, proposing a method that does not require knowledge of the suspension system model. Additionally, they introduced a new stability performance index capable of reflecting the real-time stability performance of safety-critical suspension systems. Considering the evolving model of the suspension system and unknown uncertain factors, they developed a data-driven method to achieve a real-time stability performance index. Wang [113] investigated data-driven state monitoring issues using residual generation methods based on input/output data from the system. This approach is not reliant on the system model but rather utilizes real-world suspension system data from various operating conditions, showing promise for future engineering applications. Zhou [114] proposed a fault detection method based on historical health data to address challenges such as multiple operating conditions, imbalanced data, and high fault detection dimensions. They divided complex operating conditions into simpler ones and applied techniques like the Walsh–Hadamard transform and principal component analysis to achieve fault detection under different scenarios. Wang [115] designed an online monitoring system for detecting faults in maglev train suspension controllers during operation by integrating hardware modules with acceleration sensor arrays deployed on tracks and software units for synchronization threshold transformation and feature synthesis. Wang [116] studied a component-level fault detection method based on stable kernel representation (SKR) and self-correlation length, which can yield improved results with less data compared to traditional methods. Liang [117] proposed a multi-operating condition fault detection method for complex systems based on optimized Kullback–Leibler divergence (KLD), offering low false alarm rates and high sensitivity when compared to other distance-based methods. Deliparaschos [118] presented an AI-based low-computation fault detection method (Figure 19) using neural networks (iFD) specifically tailored for sensor and actuator faults while considering computational complexity.

• Fault diagnosis

The fault diagnosis method for the suspension system enables it to operate within a relatively stable and safe range, providing an accurate assessment of system faults and establishing a more precise foundation for subsequent fault-tolerant control. Typically, the results of fault diagnosis are utilized for further active fault-tolerant control, thereby enhancing system stability and reliability. Fault diagnosis methods primarily encompass three categories: model-based, signal processing-based, and data-based approaches. In equipment-level fault diagnosis for maglev train suspension systems, predominant methods rely on data analysis and signal processing. Numerous experts and scholars have refined, innovated, and enhanced these methods, while also developing diverse fault diagnosis techniques tailored to maglev train suspension systems.

Many scholars have conducted fault diagnosis based on observers, which is a signal-based approach. Mei [119] considered potential interference and faults in the system and established a fault model for the suspension system of high-speed maglev trains with overlapping modules through dynamic analysis. The features of fault diagnosis were analyzed based on the full-dimensional state observer. While this fault model has universality in diagnosing faults more rapidly and effectively, it does not achieve fault isolation. Yang [120] utilized a method employing robust observers to detect and isolate actuator faults by decoupling the fault from system interference through state and output transformation. Subsequently, a sliding mode observer was designed for module 2 to judge the occurrence of faults using the output error as a residual, followed by designing sliding mode observers for each actuator to determine faulty actuator positions based on the system structure matrix. Yu [121] proposed a hybrid isolation method for dual-velocity sensor faults in the maglev system, considering the nonlinearity of suspension models, unknown external force disturbances, and sensor measurement noise; an improved extended state observer (ESO) was introduced to generate reference speed signals from position signals achieving fault isolation through residual evaluation. Luo [122] developed a full-state observer based on the suspension system’s fault model of high-speed maglev trains with coupling modules while addressing its limitations, proposing a robust observer-based diagnostic method along with sliding mode and adaptive observers to address model inaccuracies via generating residuals to identify fixed relationships between the input and output. Figure 20 shows an observer-based fault diagnosis strategy. The strategy uses the observer to generate the residuals of each state quantity, and according to the residual’s information, the fault is located and isolated.

In the subsequent section, scholars have developed fault diagnosis methods based on input–output data. Wang [123] proposed a fault diagnosis approach for the maglev train suspension system in this study. This method integrates model-based fault diagnosis with input–output data-based fault diagnosis to maximize their effectiveness while accounting for system noise and model uncertainty. Additionally, a secondary validation of fault isolation outcomes was suggested to enhance the reliability of fault diagnosis and minimize false alarm impact. Lastly, it was recommended that further processing of fault data be conducted to enrich fault analysis techniques, thereby enhancing the reliability of fault isolation results, as well as enriching the analysis and evaluation methods for faulty areas. Zhao [124] introduced a suspension state perception framework for suspension control systems based on a data-driven random matrix analysis under the assumption that residual suspension follows a normal distribution. The framework comprises an engineering program and a cascaded mathematical program. Within this, data-driven modeling of an individual suspension control module was achieved through nonlinear autoregressive modeling using an exogenous input neural network, with unknown parameters determined by an improved combination genetic algorithm.

4.3.2. Active Fault-Tolerant Control

Domestic and foreign scholars have stated that the active fault-tolerant control of magnetic suspension systems is mainly determined by the type of fault. According to the different fault categories, different fault-tolerant strategies are adopted. For sensor faults that can be reconstructed, the signal reconfiguration method is adopted. For faults of large magnitude, such as those seriously affecting system performance, a fault-tolerant configuration method based on switching is adopted. For minor faults, an online parameter adjustment strategy can be implemented to allow the suspension system to regain and maintain the optimal performance under the quadratic performance index.

• Fault-tolerant control based on signal reconfiguration

Based on signal configuration, fault-tolerant control mainly includes configuration for sensors or control law reconfiguration for actuators. The fault-tolerant control strategy centered on signal reconfiguration is primarily targeted at the sensors within the levitation system that are directly associated with the computation of the control quantity. Among these sensors, the most crucial and most prone to failure are the levitation gap sensor and the acceleration sensor. In the “two-in-one” sensor, both the gap sensor and the acceleration sensor are installed in the same housing and possess independent analog signal conditioning circuits. The precondition for being capable of conducting fault-tolerant control by means of signal reconfiguration is the presence of analytical redundancy within the system. To be more precise, there exists this direct redundancy relationship between the acceleration signal and the levitation gap signal. Wang [125] first conducted a comparative modeling of the EMS and PEMS magnetic suspension end effector structure systems and analyzed the causes of faults. Then, dynamic compensation methods and anti-interference methods based on disturbance estimation and feedback linearization were proposed separately. The direct dynamic compensation method utilizes an interference observer to estimate the interference, but the observer requires an acceleration signal. Therefore, a backup observer was designed for the case where the acceleration sensor could not function normally. Hou [126] performed online fault diagnosis of the acceleration sensor using a gap signal. Once the acceleration sensor failed, the acceleration sensor signal could be isolated and the acceleration signal could be reconstructed using the gap signal, which is a signal reconfiguration method. Additionally, a phase-lead compensator was adopted to improve system performance. Li [127] studied the active control problem of the maglev system when two probes fail, utilizing the output characteristics and limited response range of the probes during the joint-crossing process to explore a practical joint identification method. A pair of complementary filters acting on the acceleration and limited gap signals were proposed to reconstruct the suspension gap signal. Wang [128] considered two types of faults and proposed corresponding fault-tolerant control strategies. The first type of fault is that a gap sensor in a single suspension system fails. For this fault, a fault-tolerant control strategy based on signal reconfiguration was proposed. The second type of fault is that a single suspension subsystem fails as a whole. In this case, a fault-tolerant control scheme based on switching was adopted to make the faulty system stable with tolerable performance. Zuo [129] designed a fault-tolerant control scheme based on signal reconfiguration to address the high failure rate of the speed sensor in the sensor. The traditional tracking differentiator was improved by differentiating the gap signal to obtain the speed signal, forming an analytical redundancy of the speed signal. The fault-tolerant controller designed by him can make the guidance system stable, without overshoot, and has good anti-interference ability. It achieves the fault diagnosis of the speed sensor and switches to the signal in time after the fault occurs so that the system still has good performance after the fault occurs. Michail [130] selected sensors in an optimized way to meet a set of given complex system control requirements, namely, the optimal and robust performance of a high-integrity system and fault-tolerant control. When a fault occurred, the reconfiguration mechanism provided a signal to reconfigure the controller, with a dedicated observer, and isolated the faulty sensor so that the fault signal would not be fed back to the new controller. Michail [131] used signal residual-based fault detection and an isolation (FDI) mechanism to detect and isolate faulty sensors when multiple sensors failed, and then adopted a switching strategy to select sensor signals and reconstructed signals for fault-tolerant control. Long [132] used a tracking differential (TD) to obtain the differential gap signal instead of the integrated signal of the velocity sensor, and then reconstructed a new PID control algorithm to achieve fault-tolerant control when the velocity sensor failed. Zhai [133] employed a state observer to estimate gap measurement values from faulty sensors and used these estimates as replacements for sensor signals to achieve suspension unit reliability. Guang [134] addressed sensor faults in maglev train networked control systems with random induced delays through an active fault-tolerant controller design that enabled stability maintenance via a switch-over to observer state feedback loops when sensors failed. Yetendje [135] implemented a multi-sensor-estimator combination along with an automatic healthy/faulty sensor avoidance switching scheme in maglev systems, ensuring the selection of best-performing combinations according to predefined criteria at each instant. Li [136] studied novel tracking differential methods based on boundary features for diagnosing accelerator faults and implementing active tolerance strategies within magnetic suspension systems. Zhang [137] introduced a fault detection method based on optimized tracking differentials and applied it to the acceleration sensor of a maglev train suspension system. By comparing the integrated acceleration signal with the optimized tracking differential signal of the speed, the fault of the acceleration sensor was detected. When the acceleration sensor failed, the gap differential signal extracted by the optimized approximate linear tracking differential was used for fault-tolerant control instead of the acceleration integral signal. In Figure 21, the system realizes fault detection through signal comparison, and then completes the switch of the reconstructed signal according to the result of the fault detection.

• Fault-tolerant control based on switching

In the active fault-tolerant control structure based on a switching control strategy, both a main controller and a fault-tolerant controller are incorporated. The main controller, also known as the nominal controller in the preceding paragraph, ensures optimal system performance under normal operating conditions, while the fault-tolerant controller is specifically designed for the faulty system model to ensure optimal performance post-fault occurrence. Figure 22 shows the schematic diagram of fault-tolerant controllers based on a switch under sensor fault. During regular operation, the main controller is utilized; however, in case of a system failure indicated by the fault detection unit’s signal, a switch to the fault-tolerant controller takes place. The effectiveness of this fault-tolerant control method relies heavily on accurate and timely fault detection by the detection unit. Yetendje [138] introduced a specific strategy (Figure 23) for magnetic suspension systems with sensor faults (electromagnetic flow sensor and gap sensor), embedding two independent estimators to obtain measurement values from two sensors within the system and utilizing a switching scheme to select an optimal sensor–estimator combination at each instance for closed-loop performance enhancement. Chen [139] studied the fault-tolerant control problem of suspension systems when sensors fail. The FTC scheme adopted control strategy reconfiguration and state estimation methods. The simplified suspension model system, reconstructed controller, and state estimator were designed based on the state estimation. The FTC scheme can maintain consistent static and dynamic performance with the original system. Jin [140] proposed a novel suspension joint structure and designed an active fault-tolerant control algorithm based on state gain reconfiguration. The new structure connects the adjacent two bogies mechanically, increasing the system’s redundancy and considering the fault-tolerant control problem of the end bogie. The joint structure and active fault-tolerant control method can significantly improve the fault tolerance performance of the suspension system and have important engineering application value. Chen [141] proposed an optimal reconfiguration fault-tolerant control method that can adapt to different fault distribution models of electromagnetic actuators using optimal control theory. Based on the maglev train model, a reconfiguration method based on variance minimization and a reasonable allocation strategy for electromagnetic force was proposed. The reconfiguration fault-tolerant control method proposed by Chen not only timely compensates for the decrease in levitation force caused by partial electromagnetic actuator faults, but also makes the load of each electromagnetic actuator relatively balanced after reconfiguration. Michail [142] proposed a design framework that simultaneously handles control and reliability issues. The proposed system framework combined linear quadratic Gaussian control, feedback-based fault-tolerant control, and multi-objective optimization. The proposed framework is able to identify the optimal sensor set, even with single or multiple sensor faults, by minimizing the sensor redundancy to achieve optimal performance. Alizadeh [143] studied a fault-tolerant controller based on a virtual sensor/actuator method. A virtual actuator and sensor structure was adopted. In general, the reconfiguration block contains a virtual sensor and a virtual actuator to restore the stability of the EMS system after the sensors and actuators fail simultaneously. This method is the first to apply the fault concealment method to the EMS system.

• Fault-tolerant control method based on online optimization

The fault-tolerant control method based on online optimization or online updates is a technique that dynamically regulates and optimizes the control strategy during system operation to enhance the reliability and stability of the system. This approach typically involves real-time monitoring of the system state, the utilization of online learning algorithms or model predictive control techniques to update the system model and control policy, and adaptive adjustment in accordance with the system state, fault information, and environmental changes to sustain system performance and stability. Based on the nonlinear uncertain model of the maglev system, Li [144] developed a diagnostic algorithm for detecting sensor faults by using a nonlinear state observer and subsequently designed a corresponding fault-tolerant control algorithm after the electromagnet malfunctioned. A fault diagnosis algorithm based on real-time online parameter estimations was put forward to estimate the characteristic parameters of the electromagnet online. If the estimated parameters deviated significantly, the occurrence of inter-turn short circuits could be confirmed, thereby achieving the fault diagnosis of the inter-turn short circuit of the electromagnet in the suspension control system. Then, the control law of the system was reorganized to compensate for the loss of suspension force caused by the inter-turn short circuit within a certain extent, ensuring the operation of the suspension control system with acceptable performance results. Wang [145] utilized the theory of controller parameterization to propose a fault diagnosis and hierarchical fault-tolerant control design scheme for the suspension system of high-speed maglev trains. By integrating the physical model of the suspension system with input–output data, he introduced a fault diagnosis method based on residuals and jointly driven data. For minor faults in the suspension system, he suggested a fault-tolerant control strategy involving the online updating of control parameters. In cases of serious faults in the suspension system, an active fault-tolerant control method was adopted based on signal reconfiguration and control law switching strategies. Zhai [146] conducted an analysis of the complex dynamic characteristics of the suspension system and established its mathematical model. The Youla parameterization of the controller was implemented through left and right coprime decomposition, proposing a modularized control and optimization module for the suspension system consisting of existing controllers and dynamic compensators. An online optimization algorithm based on residual-driven design was employed to achieve dynamic compensation and online optimization used a dynamic compensator for achieving fault-tolerant control. Xin [147] proposed a data-driven optimal controller (DDOC) based on q-learning theory from reinforcement learning. Disturbances and faults in the system are reflected in the input–output data, eliminating the need for knowledge about the controlled object’s model information by iterating calculations solely based on the real-time input–output data dynamically changing feedback gain matrix parameters, ensuring accurate tracking given a reference signal, thus guaranteeing stability and reliability with fewer tuning parameters and fast convergence. Wang [148] proposed a method (Figure 24) to suppress disturbances by optimizing the controller; detailed analysis on the influence of track irregularity disturbances on hovering performance, followed by PnP control used to suppress interference caused by an irregular trajectory, enabled the adaptation to known/unknown time-varying track irregularities without considering tracking ability/fault diagnosis and only designing/optimizing the residual generator and compensation controller online. According to the above overview of the active fault-tolerant control method, the mechanism and application scenarios of the active fault-tolerant control method of maglev train suspension system are shown in

Table 5. Applications of active fault-tolerant control strategy for maglev suspension systems.

Reference	Classification	Machinery	Application Scenarios
[125,126,127,128,129,130,131,132,133,134,135,136,137]	Fault-tolerant control method based on signal reconfiguration	Based on signal configuration, fault-tolerant control mainly includes configuration for sensors or control law reconstruction for actuators. The fault-tolerant control strategy centered on signal reconfiguration is primarily targeted at the sensors within the levitation system that are directly associated with the computation of the control quantity.	Regarding the faults within the sensors associated with the computational control quantities of the suspension unit, such as faults of gap sensors, acceleration sensors, current sensors, etc.
[138,139,140,141,142,143]	Fault-tolerant control based on switching	The general idea of the switching fault-tolerant control method in the magnetic suspension system is to predesign the faults that may occur in the system and to realize the fault-tolerant control strategy through the reconfiguration of the control law when the fault occurs.	It primarily centers on the total failure of the individual suspension point, particularly when a suspension point in the lap structure fails to output the control voltage, leading to the complete inability to control the suspension point. The potential causes for this type of failure encompass drive circuit malfunctions, power supply failures, IGBT failures, etc. Simultaneously, it can also handle the issue of sensor signal switching selection resulting from the failure of certain sensors in the sensor concentration.
[144,145,146,147,148]	Fault-tolerant control method based on online optimization	The magnetic levitation-based online optimization-driven active fault-tolerant control system makes use of the system data gathered in real time and dynamically modifies the control strategy via the online optimization algorithm to accommodate the variations caused by minor faults. Mechanistically speaking, this approach is also a fault reconfiguration method.	It primarily focuses on the performance deterioration of system components prior to total failure, encompassing phenomena such as sensor signal bias, alterations in electromagnetic iron features, and variations in analog device characteristics. This is predominantly attributed to factors like mechanical friction, material deformation, and device aging accumulated over the prolonged operation of the suspension system. This kind of fault exhibits traits such as a minor fault amplitude, an uncertain fault trend, and temporal variations. It does not affect the system stability but has an influence on the system performance.

.

5. Discussion

As per the examination of the fault-tolerant methods for magnetic levitation train suspension systems and vehicle suspension systems, the fault-tolerant strategies for both systems are mainly categorized into hardware redundancy, passive fault-tolerant control, and active fault-tolerant control based on their principles. This section offers a summary of the commonly used fault-tolerant control techniques in both systems and the situations in which they are applicable.

The research on hardware redundancy methods primarily focuses on the suspension system of magnetic levitation trains. The primary aim of these methods is to enhance the fault tolerance of the suspension system by increasing the number of sensors and actuators while maintaining the continuity and stability of the system. Redundant fault-tolerant strategies can be applied to a diverse range of systems and applications and are widely used in suspension systems for magnetic levitation trains. However, the adoption of too many redundant components also increases the hardware cost of the system accordingly. At the same time, the additional redundant components will occupy more space and weight, which may not be suitable for a system with strict requirements on volume and weight. Some scholars have proposed optimized redundancy strategies, such as the minimum number of sensors strategy (using three sensors to replace up to five sensors), the suspended controller integration (using a single control board to achieve redundant control of two control boards at the same time), and the multi-objective optimization of sensor selection methods. These methods aim to reduce the complexity of the control system, provide sensor fault tolerance, and ensure optimal performance for each possible set of sensors prior to a fault condition while also reducing overall cost. Therefore, redundant fault tolerance strategies for maglev train systems remain a relatively simple, effective, and widely used approach.

Passive fault-tolerant control methods have been more extensively studied in both systems. The passive fault-tolerant control strategy primarily depends on the redundancy and characteristics within the system, without altering the structure and parameters of the fault-tolerant controller before and after a system failure, thus allowing the system to remain stable. The concept of passive fault-tolerant control is more closely aligned with robust control, and its primary advantage lies in the fact that the controller is designed to be relatively straightforward, without the need for a fault diagnosis unit, making it easy to implement in engineering applications. Some researchers have combined this idea with robust control, adaptive control, intelligent control, and other methods to design a wide range of passive fault-tolerant control strategies. Passive fault-tolerant control methods are simple to implement and do not require information about faults, making them easy to put into practice. Since fault diagnosis and controller tuning are not necessary, passive fault-tolerant control exhibits a faster response time. However, passive fault-tolerant control is primarily applicable to known fault conditions and may not be as effective for unknown fault conditions. As a result, the effectiveness of passive fault-tolerant control may be limited and may not fully utilize the capabilities of the system. Passive fault-tolerant control systems for magnetic suspension often utilize robust control, adaptive control, and other nonlinear techniques. In contrast, the intelligent control method of fuzzy control is commonly employed in the suspension system’s passive fault-tolerant control of vehicles. The fundamental principle of fuzzy fault-tolerant control is the integration of fuzzy logic with fault-tolerant control strategies, and its benefits comprise independence from precise models, strong adaptability, exceptional robustness, and excellent real-time performance. These features make fuzzy fault-tolerant control a practical and promising approach for a magnetic levitation train’s suspension system. Further investigation into the passive fault-tolerant control of future magnetic suspension systems is warranted.

Active fault-tolerant control involves readjusting the controller structure or modifying control parameters following a fault to maintain consistent system performance. This strategy is more adaptable and intelligent, as it detects and diagnoses faults in real time, implementing appropriate measures based on the type and severity of the fault. The accuracy and timeliness of fault diagnosis results are crucial for active fault tolerance, which has been addressed through various detection methods such as signal-based, analytical model-based, and artificial intelligence-based approaches. These methods enable the rapid identification of fault locations, determination of fault types, and guidance for subsequent actions to ensure that the faulty system maintains static and dynamic performance similar to a normal system. Categorized into signal reconfiguration, fault compensation, gain scheduling, and online automatic controller design methods, active fault-tolerant control actively adjusts the controller parameters or structure according to system conditions to sustain stable operation even when faults occur. In the event of a fault, active fault-tolerant control allows the system to maintain a high performance similar to that which would have been achieved without the fault. This type of control is adaptive to the occurrence and magnitude of faults and can handle a wide range of unknown fault conditions. However, it typically relies on a fault diagnosis and isolation module to provide system fault information; thus, its effectiveness depends on the performance of this module. Additionally, the design process for active fault-tolerant control is complex, posing challenges in implementation. Active fault-tolerant control for magnetic suspension systems primarily utilizes methods such as reconfiguration, switching, and online optimization; while for vehicles, it focuses mainly on reconfiguration and compensation methods. Reconfiguration mainly refers to signal reconfiguration, which includes the reconfiguration of sensor signals and the reconfiguration of actuator control law signals. Active fault-tolerant control based on signal reconfiguration has a number of unique features that give the method a significant advantage when dealing with system faults. The approach also relies on a fault detection and diagnostic system that needs to be able to detect and respond to system faults in real time. As soon as a fault is detected, the control system performs signal reconfiguration to ensure the stability and continuity of system performance. The basic principle of this method is to reconstruct the state quantity signal or control law that the sensor should reflect through the healthy signal. The method is more flexible and applicable. However, the reconfiguration process usually relies on an accurate mathematical model of the system. Especially in the presence of nonlinear, time-varying, or uncertainty factors, model inaccuracies may lead to poor reconfiguration results. However, this method is still a superior approach.

Similar to the signal reconfiguration method, the basic idea of the compensation-based active fault-tolerant control method for vehicle systems is also to use the input and output signals of the system, as well as the state quantities of the system, to reconstruct the signals of faults occurring in the system and then directly input the compensation signals of the faults into the system. The core of this approach is that when a fault occurs in the system, the compensation-based active fault-tolerant control approach quickly recognizes and calculates the impact of the fault on the system’s performance, and then compensates for the impact by offsetting it. The approach is highly flexible. It can adopt different compensation strategies and parameters according to different fault types and degrees to achieve the best fault tolerance. However, this method has high requirements on the speed of the system in detecting and handling system faults. As soon as the fault detection system detects a fault, a compensation mechanism is activated to ensure that the system can quickly adapt and restore performance. Compensation-based active fault-tolerant control methods usually have a relatively simple implementation and can be easily integrated into existing control systems. This makes the method highly feasible and practical in practical applications. Similar to the signal reconfiguration method, the reconfiguration process is usually based on an accurate mathematical model of the system. The method is informative for the active fault-tolerant control of magnetic suspension systems.

The general idea of the switching fault-tolerant control method in magnetic suspension systems is to predesign the faults that may occur in the system and to realize the fault-tolerant control strategy through the reconfiguration of the control law when the fault occurs. The core of this method lies in the timely detection and effective isolation of system faults and the design of new control laws in advance for certain kinds of faults to replace the original failed parts after the occurrence of faults. This method has significant advantages in ensuring stable system operation and improving control performance. However, the method also has some limitations; for example, the method usually needs to be designed and implemented under specific failure modes. However, when faced with unknown or complex fault situations, the robustness of the method may be limited to effectively cope with and recover system performance. This is because the reconfiguration process is often based on a priori knowledge of the failure modes and may lack adequate handling mechanisms for unknown faults.

The active fault-tolerant control system based on online optimization for magnetic suspension systems uses real-time collected system data to dynamically adjust the control strategy through optimization algorithms to adapt to the changes caused by faults. The goal of online optimization is to find the optimal control strategy so that the system can still maintain good performance under fault conditions. The method includes real-time fault detection and diagnosis with online control strategy dynamic adjustment and online optimization. Real-time fault detection and diagnosis is an active fault-tolerant control method based on online optimization. By real-time monitoring of the system’s operating status and data, combined with fault diagnosis algorithms, the type and degree of system failure can be discovered and identified in a timely manner. This provides the necessary basis and support for subsequent online optimization and control strategy adjustment. Dynamic adjustment of the control strategy includes changing the control parameters, adjusting the control structure, or introducing new control algorithms. Through these adjustments, the impact of faults on system performance can be effectively mitigated or eliminated so that the system can continue to operate stably. The online optimization algorithm, on the other hand, needs to calculate the optimal control strategy parameters or structure based on the real-time collected system data and fault diagnosis results. This method is also more flexible and can flexibly adjust the control strategy according to different fault conditions and demands to realize targeted fault-tolerant control. At the same time, through the online optimization algorithm, the optimal control strategy can be found to improve the performance and efficiency of the system. Finally, this method has certain requirements on the real-time nature of the fault detection and diagnosis system, which is required to be able to detect and deal with system faults in real time. The method has been applied to a certain extent in magnetic levitation train suspension systems. With the continuous development and improvement of related technology, the method will play a greater role. According to the above analysis of the above fault-tolerant methods, their respective pros and cons are outlined in

Table 6. The pros and cons of each fault-tolerant control method.

Methods	Pros	Cons
Hardware redundancy method	The hardware redundancy method is both simple and effective, improving the reliability and safety of the magnetic levitation train’s suspension system.	Added complexity to the system, increased costs, and additional components affecting the design and energy efficiency of the train.
Passive fault-tolerant control method based on robust control and adaptive control	The structure and parameters of the fault-tolerant controller are not changed before and after the system failure, so it is easy to implement.	The control effect is conservative and can only deal with specific faults, which cannot make full use of the system performance.
Passive fault-tolerant control method based on intelligent control	Doesn’t rely on accurate model, strong adaptability, good robustness, and high real-time performance.	The design and parameter tuning of control systems can be relatively complex and require expert knowledge and experience.
Active fault-tolerant control method based on signal reconstruction	Can design different reconstruction strategies for different types of failures, flexibly addressing various failure scenarios.	Need accurate fault detection and diagnosis, increases in the system complexity and real-time processing ability of system requirements are put forward. At the same time, there may be performance tradeoffs.
Active fault-tolerant control method based on compensation	When a fault is detected, the system response can be actively adjusted to isolate the impact of the fault and ensure the normal operation of other parts of the system.	The design of compensation control is complex and requires some understanding of the system dynamics and potential failures. The effectiveness of compensation control is highly dependent on the accuracy and speed of fault detection, diagnosis, and isolation.
Active fault-tolerant control method based on control law switching	More flexible, can design customized fault tolerance strategy for different fault modes; the behavior of the system under fault conditions is more predictable.	The effectiveness of control law switching highly depends on accurate and timely fault detection and diagnosis. The switching of the control law may cause a shock to the system and affect the stability and performance of the system.
Active fault-tolerant control method based on online optimization	Strong adaptability, can adapt to the change of system parameters and unknown faults; the control input can be adjusted according to the current state of the system to optimize the performance index.	Complex algorithms and large amounts of computational resources are required, especially when fast responses are required.

.

6. Conclusions

Fault-tolerant strategies have been the focus of maglev train research. From the perspective of hardware and software, they can be categorized into hardware redundancy and fault-tolerant control methods. The fault-tolerant control methods can be further categorized into active fault-tolerant control and passive fault-tolerant control. By analyzing fault-tolerant control strategies for maglev train suspension systems and combining them with fault-tolerant control strategies for vehicle active suspension systems, this review outlines their strengths and weaknesses, as well as the conditions under which they are applicable. For example, active fault-tolerant control based on signal reconfiguration or signal compensation can be used if an exact model of the system is known; passive fault-tolerant control including robust fault-tolerant control as well as adaptive fault-tolerant control can be used if an exact model of the system is known and the type of faults likely to occur in the system is known; and passive fault-tolerant control including robust fault-tolerant control as well as adaptive fault-tolerant control can be used if an exact model of the system is unknown and uncertainty is high. If the system does not have a precise model and the uncertainty is strong, fuzzy fault-tolerant control can be used; if there is a large amount of operational data of the system in various situations and it needs the system to have a certain degree of judgment, online optimization of the active fault-tolerant control strategy can be used. This brings certain guidance and practical significance to the selection of fault-tolerant strategies for maglev transportation engineering. Nevertheless, fault-tolerant control in suspension systems is not perfect either. The use of fault-tolerant control will inevitably lead to the increase in system complexity, which will affect the cost and maintenance difficulty. Second, in order to achieve fault tolerance, the performance of the system must be compromised; for example: response speed, accuracy, or stability may not be as good as a system without fault tolerance control. Hence, engineers are required to make tradeoffs among the fault tolerance effect, cost, and performance in maglev systems.

The future research on maglev train suspension systems should focus on intelligent control. Intelligent fault-tolerant control methods, compared with the purely device-based fault detection and fault-tolerant control methods, which already have very rich results, can provide good error correction and bias rectification of the system in the face of the system’s possible errors and deviations. This expands a new research field and research scope for fault-tolerant control theory and technology. Secondly, future research should focus on fast FDI methods; the shorter the delay caused by fault detection and separation, the more favorable it is for the reconfiguration/reconstruction design of the control law. Additionally, in active fault-tolerant control based on signal reconfiguration, it is necessary to focus on research to simultaneously ensure the robustness of the underlying controller, the robustness of the fault detection and diagnosis methods, and the robustness of the reconstructed control law. Finally, the practicality of the designed fault-tolerant control strategy should be verified by evaluating it on a test bed or a real vehicle with both theoretical and practical applications.