Microprocessor system for a machine controller in safety-certifiable applications
First Claim
1. A microprocessor system for a machine controller in safety-certifiable applications, said microprocessor system comprising:
- an unsafe area having a main processor;
a program and data store;
an input/output unit;
a bus for coupling the main processor the data store and the input/output unit;
a safe area having at least one safety processor which has a dedicated program/data store, said at least one safety processor and said dedicated program/data store being connected to the bus, wherein a protected transmission channel is designed to store programs and data in the dedicated program/data store of the at least one safety processor;
a data source which can be connected to the bus and has a checking data area and a mailbox associated with the at least one safety processor, wherein an whose input is connected to the bus and an output is connected to the dedicated program/data store of the at least one safety processor; and
a state machine which is designed to control data transmission from the data source to the dedicated program/data store of the at least one safety processor and is designed to use data from the checking data area for the purpose of verification.
1 Assignment
0 Petitions
Accused Products
Abstract
A microprocessor system for a machine controller used in safety-critical applications includes a main processor, a program and/or data store, an input/output unit and a bus. The bus couples the components and at least one safety processor together. The safety processor has a dedicated program/data store. A safe transmission link is provided for loading programs and data into the safety processor. The transmission link includes the general bus and a mailbox (87) which has a state machine whose input is connected to the general bus and whose output is connected to the safety processor. As a result, program data can be written to the safety processor'"'"'s program store without the risk of being manipulated. This makes it possible for the program data to be loaded into the safety processor safely using the bus which is not safe per se. The bus thus does not need to belong to the safe area. Certification of the microprocessor controller is thus simplified.
66 Citations
13 Claims
-
1. A microprocessor system for a machine controller in safety-certifiable applications, said microprocessor system comprising:
-
an unsafe area having a main processor;
a program and data store;
an input/output unit;
a bus for coupling the main processor the data store and the input/output unit;
a safe area having at least one safety processor which has a dedicated program/data store, said at least one safety processor and said dedicated program/data store being connected to the bus, wherein a protected transmission channel is designed to store programs and data in the dedicated program/data store of the at least one safety processor;
a data source which can be connected to the bus and has a checking data area and a mailbox associated with the at least one safety processor, wherein an whose input is connected to the bus and an output is connected to the dedicated program/data store of the at least one safety processor; and
a state machine which is designed to control data transmission from the data source to the dedicated program/data store of the at least one safety processor and is designed to use data from the checking data area for the purpose of verification. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification
-
- Resources
-
Current AssigneeWAGO Verwaltungsgesellschaft mbH (WAGO Holding GmbH)
-
Original AssigneeWAGO Verwaltungsgesellschaft mbH (WAGO Holding GmbH)
-
InventorsKirste, Hans-Herbert, Lehzen, Michael
-
Application NumberUS11/361,046Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current700/79CPC Class CodesG05B 19/0428 Safety, monitoring G05B19/0...G05B 2219/2227 Common memory as well as lo...G05B 2219/24008 Safety integrity level, saf...G05B 2219/25341 Single chip programmable co...
