Data processing: vehicles – navigation – and relative location – Vehicle control – guidance – operation – or indication – Indication or control of braking – acceleration – or deceleration
Patent
1996-05-31
1999-01-19
Nguyen, Tan Q.
Data processing: vehicles, navigation, and relative location
Vehicle control, guidance, operation, or indication
Indication or control of braking, acceleration, or deceleration
701 76, 303122, 30312202, G05B 903, B60K 2816
Patent
active
058625020
DESCRIPTION:
BRIEF SUMMARY
This application is the U.S. national-phase application of PCT International Application No. PCT/EP94/03623.
BACKGROUND OF THE INVENTION
The present invention relates to a circuit arrangement which is intended for use in safety-critical control systems and comprises a microprocessor system including two or more central processor units or CPUs and by which input signals are evaluated and control signals are generated by data processing, that is at least in part redundant. Input data are processed in parallel and the results of the parallel, redundant data processing are compared and, in the absence of proper correlation, signals are generated for error identification or disconnection and disablement of the control system.
European patent application No. 0 496 509 discloses a circuit arrangement of this type which, exactly as the present invention, is intended for the control of an automotive vehicle anti-lock system. The information obtained by way of wheel sensors is processed in parallel in two microprocessors and the data processing results of the two microprocessors are correlated by another microprocessor to produce an error identification signal when the results differ. The anti-lock control system is disconnected in the presence of an error in order to ensure at least the conventional braking function.
German patent No. 32 34 637 discloses another example of a circuit arrangement of this type which is also used to control and monitor an anti-lock vehicle brake system. In this patent specification, the wheel sensor signals are supplied in parallel to and synchronously processed in two identically programmed microcomputers. The output signals (and intermediate signals) of the two microcomputers are checked for correlation to produce an error identification signal. One of the two microcomputers in this known circuit serves to generate braking pressure control signals and the other one serves to produce test signals. In this concept, a second microcomputer, that is identical in design and programming with the first microcomputer, is necessary especially for identification of a data processing error.
In still another prior art circuit arrangement disclosed in German patent publication No. 41 37 124, the input data are supplied to two microcomputers, of which only one performs the complete intricate signal processing operation. The second microcomputer mainly has a monitoring function. Therefore, the input signals are processed further after conditioning and after the generation of time derivatives by way of simplified control algorithms and a simplified control philosophy. The simplified processing is sufficient to generate signals which, by comparison with signals processed in the more sophisticated microcomputer, permit concluding proper operation. Although the cost of manufacture can be reduced by using a low-performance test microcomputer, in comparison with a system having two microcomputers of identical performance, the effort needed for error identification is still considerable.
Further, it is known in the art, for example, from U.S. Pat. No. 4,277,844 to write test information to a memory space and to compare the contents of the memory space with associated test information.
SUMMARY OF THE INVENTION
An object of the present invention is to provide a circuit arrangement of the previously mentioned type which results in reduced cost in manufacture compared to the above-mentioned prior art circuits and, nevertheless, detects and signals data processing errors with a high degree of reliability.
It has been found that this object can be achieved by a circuit arrangement which involves providing a microprocessor system with one single microprocessor that includes two or more central processor units or CPUs having common write/read memories associated with one generator each to produce test information and common read-only memories. The write/read memories and the read-only memories are extended by spaces in memory for the test information. The output data of a CPU, i.e., at least the calculating
REFERENCES:
patent: 3579200 (1971-05-01), Davis et al.
patent: 3618015 (1971-11-01), Homonick
patent: 4085979 (1978-04-01), Leiber et al.
patent: 4096990 (1978-06-01), Strelow
patent: 4198678 (1980-04-01), Maatje et al.
patent: 4277844 (1981-07-01), Hancock et al.
patent: 4358823 (1982-11-01), McDonald et al.
patent: 4546437 (1985-10-01), Bleckmann et al.
patent: 5001641 (1991-03-01), Makino
patent: 5193887 (1993-03-01), Bleckmann et al.
patent: 5265944 (1993-11-01), Gloceri
patent: 5411324 (1995-05-01), Zydek et al.
patent: 5440487 (1995-08-01), Althoff et al.
patent: 5458404 (1995-10-01), Fennell et al.
patent: 5671394 (1997-09-01), Katsuta
patent: 5682518 (1997-10-01), Inoue
patent: 5684702 (1997-11-01), Phillips et al.
WOBIG, Karl-Heinz: Vom Sinn (und Unsinn) der Diversitat sicheren Steuerungen. In: ZEV-Glas. Ann. 110, 1986, Nr. 12, pp. 417-422, Dec. 1986.
NIX, Heinz Gerhard: Weniger Ausfalle und hohe Sicherheit durch redunante Automatisierungssysteme. In: Siemens Energie & Automation 8, 1986, H. 1, pp. 2-4, (Month Is not available).
NIX, H.G.: Sichere Steuerungen in Mikroprozessortechnik. In messen + prufen/automatik, Jul./Aug., 1984, pp. 368-370.
Kling, Uwe; Schrodi, Ewald: Redundantes, hochverfugbares Automatisierungssytem AS22OH im dezentralen Prozessleitsystem Teleperm M. In: Siemens-Energie--technik 5, 1983, H. 2, pp. 73-76, (Month is not available).
Nikolaizik, Jurgen; u.a.: Fehlertolerante Mikrocomputersysteme, Verlag Technik GmbH Berlin, 1990, pp. 68-77, (Month is not available).
Johnson, Barry W.: Design and Analysis of Fault-Tolerant Digital Systems, Addison-Wesley Publishing Company, 1989, pp. 81-92, pp. 315-319.
European Search Report dated Mar. 16, 1995.
ITT Automotive Europe GmbH
Nguyen Tan Q.
LandOfFree
Circuit arrangement for safety-critical control systems does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Circuit arrangement for safety-critical control systems, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Circuit arrangement for safety-critical control systems will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1255857