System and method for implementing an extended safety instrumented system

US 20070142934A1
Filed: 12/19/2006
Published: 06/21/2007
Est. Priority Date: 12/20/2005
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a processor configured to communicate data to another apparatus by replicating the data and outputting both the data and the replicated data in an output message; and

a medium attachment unit, which translates the output message between the processor and a transmission medium.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus, system and process is provided for communicating safety-related data, over an open system, from a sender to a receiver. Safety-related components, including function blocks, flexible function blocks, resource blocks and transducer blocks, as well as, safety-related objects are provided. Also, an extended safety-related protocol provides for authenticating communications between safety-related components over an existing black channel, such as one using a fieldbus Architecture.

135 Citations

View as Search Results

51 Claims

1. An apparatus comprising:
- a processor configured to communicate data to another apparatus by replicating the data and outputting both the data and the replicated data in an output message; and
  
  a medium attachment unit, which translates the output message between the processor and a transmission medium.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 34)
- - 2. The apparatus of claim 1, wherein the processor is configured to attach an authenticator to the data to form a data unit, replicate the data unit and output the data unit and replicated data unit in the output message.
  - 3. The apparatus of claim 1, wherein the processor attaches a sequence number to the data to form a data unit, replicates the data unit and outputs the data unit and the replicated data unit in the output message.
  - 4. The apparatus of claim 2, wherein the processor is configured to attach a sequence number to the data unit, replicate the data unit and output the data unit and the replicated data unit in the output message.
  - 5. The apparatus of claim 2, wherein the processor is configured to generate the authenticator based upon a sequence number and the data.
  - 6. The apparatus of claim 2, wherein the processor is configured to generate the authenticator using the data and a connection key.
  - 7. The apparatus of claim 2, wherein the processor generates the authenticator using the data, a connection key, and an object index.
  - 8. The apparatus of claim 7, wherein the processor generates the authenticator by using a sequence number.
  - 9. The apparatus of claim 2, wherein the processor outputs the authenticator in a second output message.
  - 10. The apparatus of claim 2, wherein the processor generates the authenticator using the data and a sub-index.
  - 11. The apparatus of claim 1, wherein the processor outputs the output message when the data is associated with a safety related function block.
  - 12. The apparatus of claim 1, further comprising at least one safety-related function block.
  - 13. The apparatus of claim 12, wherein the at least one safety-related function block receives analog input data.
  - 14. The apparatus of claim 12, wherein the at least one safety-related function block is an SISFB.
  - 15. The apparatus of claim 1, further comprising a memory adapted to store at least one non-safety-related function block.
  - 16. The apparatus of claim 1, further comprising a memory configured to store a plurality of function blocks, including a non-safety-related function block and a safety-related function block.
  - 17. The apparatus of claim 16, wherein the non-safety-related function block and the safety-related function block are interconnected to communicate data only from the safety-related function block to the non-safety-related function block.
  - 18. The apparatus of claim 1, wherein the transmission medium includes a digital bus.
  - 19. The apparatus of claim 17, wherein the transmission medium includes a High Speed Ethernet network.
  - 20. The apparatus of claim 1, wherein the processor is adapted for use with at least one of:
    - a safety-related resource block;
      
      a first safety-related transducer block; and
      
      a second safety-related transducer block.
  - 21. The apparatus of claim 19;
    - wherein the safety-related resource block insulates a safety-related function block from physical hardware.
  - 22. The apparatus of claim 19, wherein the first safety-related transducer block decouples an input to a safety-related function block, and the second safety-related transducer decouples an output of the safety-related function block.
  - 23. The apparatus of claim 1, wherein the output message is at least CRC-32 compliant.
  - 24. The apparatus of claim 1, wherein the output message is at least SIL-1 compliant.
  - 25. The apparatus of claim 2, wherein the output message is at least SIL-3 compliant.
  - 26. The apparatus of claim 1, wherein the processor generates a virtual protocol data unit prior to communication of the output message.
  - 27. The apparatus of claim 1, wherein the transmission medium further comprises a black channel.
  - 28. The apparatus of claim 26, wherein the processor outputs an authenticator for transmission over the black channel.
  - 29. The apparatus of claim 1, further comprising a watchdog timer configured to monitor whether an output safety-related function block is timely executed.
  - 30. The apparatus of claim 1, further comprising a diagnostic transducer block.
  - 31. The apparatus of claim 29, wherein the diagnostic transducer block monitors the transmission medium for errors which may occur in the communication of messages between safety-related function blocks.
  - 32. The apparatus of claim 30, wherein the diagnostic transducer block monitors for at least one of timing errors, sequence errors, authentication errors masquerading errors, queuing errors and insertion errors.
  - 34. The apparatus of claim 32, wherein the user layer includes a plurality of blocks interconnected to perform a desired function.

33. An apparatus operating in a block-oriented open control system which includes safety related components, the apparatus comprising:
- a user layer, which includes an safety-related function block to provide functionality, wherein the safety-related function block includes end-user configured parameters and an end-user configured algorithm;
  
  a physical layer, which translates messages from a transmission medium into a suitable format for the user layer and from the user layer into a signal for transmission on the transmission medium using an extended safety-related protocol, wherein compliance with the extended safety-related protocol is accomplished by transmitting a message with replicated data utilized to authenticate a message communicated between two safety related function blocks to meet certain safety requirements; and
  
  a communication stack, connected to the user layer and the physical layer, wherein the communication stack includes a data link layer and an application layer, wherein the data link layer controls the transmission of messages onto the transmission medium and the application layer allows the user layer to communicate over the transmission medium.
- View Dependent Claims (35)
- - 35. The apparatus of claim 33, wherein the plurality of blocks includes at least one standard function block and at least one safety-related function block.

36. A process for communicating safety related data from a publisher to a subscriber over an open control system, comprising:
- obtaining information useful in generating a first data sequence;
  
  generating the first data sequence using the obtained information;
  
  generating a first authenticator for the first data sequence;
  
  generating a protocol data unit, wherein the protocol data unit includes the first data sequence, the first authenticator, a replicated first data sequence and a replicated first authenticator; and
  
  communicating the protocol data unit.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
- - 37. The process of claim 36, wherein the protocol data unit is communicated from a publisher to a subscriber.
  - 38. The process of claim 36, further comprising:
    - receiving a protocol data unit containing a received first data sequence, a received first authenticator, a received replicated first data sequence and a received replicated first authenticator;
      
      determining whether the received protocol data unit contains uncorrupted data by comparing the received first data sequence to the received replicated first data sequence and the received first authenticator to the received replicated first authenticator; and
      
      if they are not the same, discarding the received protocol data unit.
  - 39. The process of claim 38, wherein the result of the determining indicates the received data sequences and authenticators are the same, further comprising:
    - generating a second data sequence using at least one of the received first data sequence and the received replicated first data sequence;
      
      calculating a second authenticator based upon the second data sequence;
      
      comparing the second authenticator to at least one of the received first authenticator and the received replicated first authenticator; and
      
      if they are not the same, discarding the received protocol data unit, otherwise, accepting the received protocol data unit for further processing.
  - 40. The process of claim 36, further comprising communicating the protocol data unit using a fieldbus Architecture.
  - 41. The process of claim 36, wherein the information useful in generating the first data sequence further comprises message data, a sequence number, an object index and a connection key.
  - 42. The process of claim 41, wherein the connection key is obtained from a virtual communications relationship specified between the publisher and the subscriber.
  - 43. The process of claim 36, wherein the first data sequence further comprises a virtual protocol data unit.
  - 44. The process of claim 43, wherein the virtual protocol data unit further comprises a sequence of bytes including, a connection key, a sequence number, an object index and data, the data including an object value and status.
  - 45. The process of claim 44, wherein the connection key further comprises a unique number identifying a publisher-subscriber virtual communications relationship.
  - 46. The process of claim 36, wherein the first authenticator is generated using a cyclic redundancy check.
  - 47. The process of claim 39, wherein the first authenticator and second authenticator are generated using at least a thirty-two bit cyclic redundancy check.
  - 48. The process of claim 36, wherein the protocol data unit further comprises an actual protocol data unit.
  - 49. The process of claim 36, wherein the protocol data unit is communicated over a black channel.
  - 50. The process of claim 49, wherein the black channel further comprises a high speed network.
  - 51. The process of claim 50, wherein the high speed network further comprises a high speed Ethernet network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
FieldComm Group, Inc.
Original Assignee
Fieldbus Foundation (FieldComm Group, Inc.)
Inventors
Hoelzel, Juergen, Boercsoek, Habil, Wacker, Hans-Dieter

Granted Patent

US 8,676,357 B2
Time in Patent Office

Days
Field of Search
US Class Current

700/23
CPC Class Codes

G05B 19/4185   characterised by the networ...

G05B 2219/31118   Universal interface between...

Y02P 90/02   Total factory control, e.g....

System and method for implementing an extended safety instrumented system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

135 Citations

51 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for implementing an extended safety instrumented system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

135 Citations

51 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links