SAFE SCHEDULER FOR FINITE STATE DETERMINISTIC APPLICATION

US 20150268133A1
Filed: 03/18/2014
Published: 09/24/2015
Est. Priority Date: 03/18/2014
Status: Active Grant

First Claim

Patent Images

1. An embedded controller, comprising:

a functional logic module interface;

a task scheduler module arranged to schedule a finite number of events of one or more functional logic modules accessible via the functional logic module interface; and

a safety module, the safety module arranged to;

monitor the finite number of events;

incrementally create a mathematic check value, each increment based on at least one of the finite number of monitored events;

compare the mathematic check value to a pre-computed model check value; and

set a test result value based on the comparison.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A safety system monitors faults in an embedded control system. The embedded control system is modeled to produce one or more model check values by calculating how many clock cycles will pass between an initialization time point and at least one event time point for a specific event. The initialization time point is a certain point in an initialization function of a scheduler in the embedded control system. The at least one event time point is an expected number of clock cycles to pass before a specific event occurs. In operation, the embedded control system is initialized, a current clock cycle counter value is retrieved at a certain point in the initialization, and either an occurrence or an absence of an occurrence of a scheduled event is recognized. A current clock cycle value is recorded upon the recognition, and a mathematic check value is produced from the clock cycle value stored at the certain point in the initialization and the clock cycle value recorded upon the recognition. Subsequently, the model check value is compared to the mathematic check value, and action is taken based on the comparison.

16 Citations

View as Search Results

20 Claims

1. An embedded controller, comprising:
- a functional logic module interface;
  
  a task scheduler module arranged to schedule a finite number of events of one or more functional logic modules accessible via the functional logic module interface; and
  
  a safety module, the safety module arranged to;
  
  monitor the finite number of events;
  
  incrementally create a mathematic check value, each increment based on at least one of the finite number of monitored events;
  
  compare the mathematic check value to a pre-computed model check value; and
  
  set a test result value based on the comparison.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The embedded controller of claim 1, comprising:
    - a memory interface, the memory interface configured to read data from and write data to an attachable memory, the data including the pre-computed model check value.
  - 3. The embedded controller of claim 1 wherein the pre-computed check value is a sequence of pre-computed check values, each one of the sequence representing an increment of the pre-computed model check value.
  - 4. The embedded controller of claim 1 wherein the mathematic check value is created as a cyclic redundancy check (CRC) check value, the CRC check value created by mathematically combining an accumulated CRC check value with an incremental value CRC check value.
  - 5. The embedded controller of claim 1 wherein incrementally creating the mathematic check value with the safety module includes:
    - retrieving a determined number of iterations m;
      
      configuring a variable n to incrementally count from 1 to m, each count associated with one iteration;
      
      detecting an nth one of the finite number of monitored events during each iteration;
      
      recording a time value associated with the nth one of the finite number of monitored events; and
      
      performing a linear function on the recorded time value associated with the nth one of the finite number of monitored events.
  - 6. The embedded controller of claim 5 wherein the linear function is a cyclic redundancy check (CRC).
  - 7. The embedded controller of claim 1 wherein the finite number of monitored events include a trigger of at least one analog to digital conversion, a received indication of a completed analog to digital conversion, and an interaction with at least one timer.
  - 8. The embedded controller of claim 1 wherein the functional logic module interface is arranged to communicate motor control commands.
  - 9. The embedded controller of claim 1 wherein the task scheduler is configured to carry out functions of a finite state machine.
  - 10. The embedded controller of claim 1 wherein the safety module is configured to cause an interrupt when the mathematic check value does not equal the pre-computed model check value.

11. A safety system method to monitor faults in an embedded control system, comprising:
- modeling the embedded control system to produce one or more model check values, the modeling including calculating how many clock cycles will pass between an initialization time point and at least one event time point, the initialization time point being a certain point in an initialization function of a scheduler in the embedded control system, the at least one event time point being an expected number of clock cycles to pass before an event occurs;
  
  initializing the embedded control system;
  
  storing a current clock cycle counter value at a certain point in the initialization;
  
  recognizing an occurrence or absence of occurrence of a scheduled event;
  
  recording a current clock cycle value upon the recognition; and
  
  producing a mathematic check value from the clock cycle value stored at the certain point in the initialization and the clock cycle value recorded upon the recognition;
  
  comparing the model check value to the mathematic check value; and
  
  taking an action based on the comparison.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The safety system method of claim 11, comprising:
    - anticipating a scheduled event wherein the anticipation of the scheduled event includes waiting while the embedded control system directs functions of a system under control.
  - 13. The safety system method of claim 12 wherein the action taken includes anticipating another scheduled event.
  - 14. The safety system method of claim 11 wherein the expected number of clock cycles is a range of clock cycles.
  - 15. The safety system method of claim 11 wherein the action taken includes directing an interrupt, the interrupt configured to detect a runtime fault in the embedded control system.

16. A non-transitory computer readable medium having computer executable instructions thereon that, when executed, cause a processor to monitor an expected behavior of an embedded control system, the monitoring including acts comprising:
- storing a model check value, the model check value based on a plurality of model time stamps, each model time stamp representing a value of a counter taken at a certain point in a model of a finite state machine arranged to direct operations of a system under control;
  
  initializing the embedded control system;
  
  executing a plurality of tasks, the tasks directed by the finite state machine;
  
  storing a plurality of time stamps associated with an actual behavior of the embedded control system;
  
  calculating a mathematic check value using at least some of the stored plurality of time stamps;
  
  comparing the mathematic check value with the model check value; and
  
  directing an action in the embedded control system based on the comparison.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The non-transitory computer readable medium of claim 16 wherein the act of calculating the mathematic check value includes a further act, comprising:
    - executing a cyclic redundancy check algorithm.
  - 18. The non-transitory computer readable medium of claim 16 wherein the act of directing the action in the embedded control system includes further acts, comprising:
    - storing data associated with a detected system fault; and
      
      triggering an interrupt in the processor;
  - 19. The non-transitory computer readable medium of claim 16 wherein the act of executing the plurality of tasks includes acts comprising:
    - storing data associated with a detected system fault;
      
      triggering an analog-to-digital (A2D) conversion in an A2D converter;
      
      receiving an A2D conversion completion indication; and
      
      retrieving a converted value from the A2D converter.
  - 20. The non-transitory computer readable medium of claim 16 wherein the act of comparing the mathematic check value with the model check value includes acts comprising:
    - detecting a sequence error in the execution of the plurality of tasks or detecting a timing error in the execution of the plurality of tasks.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
STMicroelectronics International N.V. (STMicroelectronics NV)
Original Assignee
STMicroelectronics International N.V. (STMicroelectronics NV), STMicroelectronics SRL (STMicroelectronics NV)
Inventors
Borgonovo, Giampiero, Baranwal, Deepak, Ranjan, Om

Granted Patent

US 9,558,052 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G05B 19/0428   Safety, monitoring G05B19/0...

G05B 2219/2637   Vehicle, car, auto, wheelchair

G05B 23/0254   based on a quantitative mod...

G06F 11/0736   in functional embedded syst...

G06F 11/2205   using arrangements specific...

G06F 11/3013   where the computing system ...

SAFE SCHEDULER FOR FINITE STATE DETERMINISTIC APPLICATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SAFE SCHEDULER FOR FINITE STATE DETERMINISTIC APPLICATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links