【Control】🛑 06. What Reliability Control Needed Was Not “Going Faster,” but Knowing When to Stop

topics: [“control engineering”, “PID control”, “reliability”, “FSM”, “simulation”]

Introduction (Continuation from the Previous Article)

In the previous article, we demonstrated that:

Under friction aging, control strategies that preserve only timing (Δt) inevitably fail.

Through a comparison between:

Conventional PID control
AITL control (FSM-based retuning)

we reached a clear conclusion:

AITL can detect delay and compensate for it
But at the cost of losing amplitude (controllability)
This was not a bug, but an inevitable design consequence

In this article, we go one step further and ask:

What was actually missing for “Reliability Control”?

❌ The Problem Was Not “Retuning”

First, to avoid misunderstanding:

The AITL implementation in this study did succeed in:

Detecting degradation
Performing retuning
Improving response in some aspects

Yet it still failed as reliability control.

The reason turned out to be very simple.

🧠 What Was Missing Was the Ability to “Stop”

The FSM logic in AITL was essentially:

Detect degradation
Strengthen gains
Bias the response toward faster timing

However, one critical question was never asked:

Did this retuning actually improve reliability?

That judgment was completely absent.

📊 What Was Actually Happening (Numerical View)

Let us revisit the results under friction aging equivalent to 1000 days.

Controller | Δt mean [s] | |Δt| [s] | Amp ratio
----------------------------------------------
PID_only  |   -0.4730   |  0.4730 |  0.902
AITL      |   -1.3807   |  1.3807 |  0.888

AITL attempted to cancel delay
But ** Δt actually worsened**
The amplitude ratio fell below the safe threshold (0.9)

In other words:

A well-intended retuning action was actively degrading reliability.

🧩 The Concept of a Reliability FSM

This led to the introduction of a new idea:

An FSM that judges whether retuning is allowed at all.

The principle is extremely simple.

🔁 Three States Are Sufficient

The FSM only needs three states:

OK: within acceptable range
LAG: excessive delay
LEAD: excessive advance

The key insight is:

LEAD (too fast) must also be treated as degradation.

⚠️ “Too Fast” Is Also an Abnormal Condition

From a traditional control engineer’s intuition:

Delay → bad
Faster response → good

But from a reliability perspective, this is incorrect.

An overly advanced response:

Increases saturation risk
Reduces effective amplitude
Erodes future degradation tolerance

Thus:

LEAD is a form of hidden reliability degradation.

🛡 Guard Conditions as a Design Decision

The following guard condition was added to the FSM:

Amplitude ratio A/A₀ < 0.9
→ Gain strengthening forbidden

The resulting behavior was:

AITL | State = LEAD
     | Amp ratio = 0.888
     | Action = BLOCK

This enabled the system to decide:

“Any further adjustment will break reliability.”

💡 The Most Important Insight

The core lesson from this study is:

Reliability control is not about continuously improving performance,
but about stopping before things get worse.

❓ Did AITL Fail?

No.

The AITL implementation (A-Type):

Successfully demonstrated adaptive control
But did not yet reach reliability control

This is not a failure, but a clear design milestone:

It clarified where adaptive control ends and reliability control begins.

▶ What Comes Next

At this point, the following have become clear:

Optimizing Δt alone is dangerous
Amplitude and saturation must be included
Retuning requires rejection and rollback mechanisms

The next step is therefore:

Designing a new AITL (B-Type)
with Reliability as the explicit objective function

Summary

Preserving timing alone does not constitute reliability control
Adaptive control and reliability control are fundamentally different
Reliability control requires the ability to stop
FSMs are not only for “acting intelligently,”
but also for deciding not to act

🔗 References

Reproducible Code and Environment
https://github.com/Samizo-AITL/aitl-controller-a-type
Detailed Analysis (GitHub Pages)
https://samizo-aitl.github.io/aitl-controller-a-type/docs/reliability/

👉 Next Preview
“PID vs AITL Through Reliability Cost — Why ‘Ordinary PID’ Still Wins”