Fault tolerant control system

US 20060074500A1
Filed: 09/09/2005
Published: 04/06/2006
Est. Priority Date: 09/10/2004
Status: Active Grant

First Claim

Patent Images

1. Fault-tolerant control system, comprising:

a first controller, adapted to;

control operation of a first system, monitor operation of a second controller, and, self-monitor;

the second controller, adapted to;

control operation of a second system, monitor operation of the first controller, and, self-monitor;

each said controller operable to identify faults occurring in the first and the second controller;

the first controller operable to implement an alternate control scheme for operating the first propulsion system when a fault is identified therein; and

, the second controller operable to implement an alternate control scheme for operating the second propulsion system when a fault is identified therein.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A dual-redundant propulsion-by-wire control architecture with robust monitoring is presented to increase system availability without compromising safety. The dual-redundant controllers are able to cross-monitor and self-monitor. Self monitoring is effected at the application level and built-in system tests are performed. The monitor functions are set as high priority tasks. The first controller controls operation of a first propulsion system, monitors operation of a second controller, and, self-monitors. The second controller controls operation of a second propulsion system, monitors operation of the first controller, and, self-monitors. Each controller is operable to identify faults occurring in the first and the second controller, and implement an alternate operating control scheme for the respective propulsion system when a fault is identified. The first controller is signally connected to the second controller by substantially redundant communications buses.

29 Citations

View as Search Results

21 Claims

1. Fault-tolerant control system, comprising:
- a first controller, adapted to;
  
  control operation of a first system, monitor operation of a second controller, and, self-monitor;
  
  the second controller, adapted to;
  
  control operation of a second system, monitor operation of the first controller, and, self-monitor;
  
  each said controller operable to identify faults occurring in the first and the second controller;
  
  the first controller operable to implement an alternate control scheme for operating the first propulsion system when a fault is identified therein; and
  
  , the second controller operable to implement an alternate control scheme for operating the second propulsion system when a fault is identified therein.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The fault-tolerant control system of claim 1, further comprising:
    - the first controller signally connected to the second controller by substantially redundant communications buses.
  - 3. The fault-tolerant control system of claim 2, wherein each said controller operable to identify faults occurring in the first and the second controller comprises:
    - each controller operable to self-monitor by executing a built-in-test capable to identify faults.
  - 4. The fault-tolerant control system of claim 3, wherein each said controller operable to identify faults occurring in the first and the second controller comprises:
    - each controller operable to monitor operation of the other controller and determine when an output of the other controller is within a desired range.
  - 5. The fault-tolerant control system of claim 4, further comprising:
    - notifying an operator when a fault is identified by the first controller or the second controller.
  - 6. The fault-tolerant control system of claim 1, wherein the second controller operable to implement an alternate control scheme for operating the second propulsion system when a fault is identified therein comprises:
    - the second controller operable to substantially disable operation of the second propulsion system.
  - 7. The fault-tolerant control system of claim 6, comprising the first controller operable to operate the first system when operation of the second system is substantially disabled.
  - 8. The fault-tolerant control system of claim 1, wherein the first controller operable to implement an alternate control scheme for operating the first system when a fault is identified therein comprises the first controller operable to substantially disable operation of the first system.
  - 9. The fault-tolerant control system of claim 8, further comprising the second controller operable to operate the second system when operation of the first system is substantially disabled.
  - 10. The fault-tolerant control system of claim 1, wherein the first system comprises a fuel-cell powered propulsion system.
  - 11. The fault-tolerant control system of claim 1, wherein the first system comprises an internal combustion engine powered propulsion system.
  - 12. The fault-tolerant control system of claim 11, wherein the second system comprises an electric energy storage system powered propulsion system including independent electric wheel motors.
  - 13. The fault-tolerant control system of claim 1, wherein the second system comprises an electric energy storage system powered propulsion system including independent electric wheel motors.
  - 14. The fault-tolerant control system of claim 1, wherein the second system comprises an electric energy storage system powered propulsion system including independent electric wheel motors.

15. Fault tolerant control system comprising:
- a first system including a first system control unit;
  
  a second system including a second system control unit;
  
  a first supervisory control module including a first control and a second system monitor;
  
  a second supervisory control module including a second control and a first system monitor;
  
  a first system control bus operatively coupled to said first control, said first system control unit and said first system monitor;
  
  a second system control bus operatively coupled to said second control, said second system control unit and said second system monitor;
  
  said first control providing a first system command to said first system control unit and said first system monitor, and providing a virtual second system command to said second system monitor;
  
  said second control providing a second system command to said second system control unit and said second system monitor, and providing a virtual first system command to said first system monitor; and
  
  , said first and second supervisory control modules characterized by cross-monitoring and self-monitoring.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The fault-tolerant control system of claim 15, wherein the first system comprises a fuel-cell powered propulsion system.
  - 17. The fault-tolerant control system of claim 15, wherein the first system comprises an internal combustion engine powered propulsion system.
  - 18. The fault-tolerant control system of claim 15, wherein the second system comprises an electric energy storage system powered propulsion system including independent electric wheel motors.
  - 19. The fault-tolerant control system of claim 15, wherein the second system comprises an electric energy storage system powered propulsion system including independent electric wheel motors.
  - 20. The fault-tolerant control system of claim 15, wherein the second system comprises an electric energy storage system powered propulsion system including independent electric wheel motors.

21. Fault tolerant control system for a vehicle having first and second propulsion systems comprising:
- a first control module including a) a first control for providing the first propulsion system with a primary first propulsion system command and b) a first monitor;
  
  a second control module including a) a second control for providing the second propulsion system with a primary second propulsion system command and b) a second monitor;
  
  said first monitor adapted to receive said primary second propulsion system command and perform rationality checks thereon to detect faults of the second control module; and
  
  , said second monitor adapted to receive said primary first propulsion system command and perform rationality checks thereon to detect faults of the first control module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations LLC (General Motors Company)
Inventors
Naik, Sanjeev M., Mishra, Pradyumna K., Pertet, Soila M.

Granted Patent

US 8,099,179 B2
Time in Patent Office

Days
Field of Search
US Class Current

700/21
CPC Class Codes

G05B 9/03   with multiple-channel loop,...

Y10S 903/916   with plurality of drive axles

Y10S 903/919   Stepped shift

Y10S 903/945   Characterized by control of...

Fault tolerant control system

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Fault tolerant control system

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links