Reliable Computing 7: 171–185, 2001.
2001 Kluwer Academic Publishers. Printed in the Netherlands.
Application of Modal Intervals to the Generation
of Error-Bounded Envelopes
atica i Aplicacions, Universitat de Girona & LEA-SICA, Campus de Montilivi,
E-17071 Girona, Catalonia, Spain, e-mail: firstname.lastname@example.org
atica i Aplicacions, Universitat de Girona, Campus de Montilivi, E-17071 Girona,
Catalonia, Spain, e-mail: email@example.com
LAAS-CNRS & LEA-SICA, 7, Avenue du Colonel Roche, F-31077 Toulouse, France,
atica i Matem
atica Aplicada, Universitat de Girona, Campus de Montilivi,
E-17071 Girona, Catalonia, Spain, e-mail: firstname.lastname@example.org
(Received: 5 May 1999; accepted: 19 October 1999)
Abstract. An interval model can express the imprecision and the uncertainty associated to the
modeling of a system. The result of the simulation of one of these models can be represented in the
form of envelope trajectories. These envelopes can be characterized by several properties such as
completeness or soundness, that lead to the concepts of overbounded and underbounded envelopes.
The simulation of such interval models can be performed by several means including qualitative,
semiqualitative and quantitative methods. A brief description of the different types of simulators is
presented and their respective properties are outlined and compared in relation to model-based fault
detection. Whereas the existing simulators do not provide any information about the ”error” with
respect to the exact envelope, a method to obtain error-bounded envelopes is proposed. It is based
on the simultaneous computation of an underbounded and an overbounded envelope by means of
Modal Interval Analysis. A way of controlling the error of the envelopes and adjusting it to a desired
speciﬁed value is presented.
A way to detect when a system is malfunctioning is comparing its output with a ref-
erence one, which can be provided either by another system (physical redundancy)
or by a model of the system (analytical redundancy). Then, in the ideal case, a fault
is detected when the measured output of the system and the simulated output of the
model are different. In the real case, things are quite different because the modeling
of complex systems is often subjected to uncertainties and imprecisions and the
model usually is obtained after several approximations, hypothesis, simpliﬁcations,