Safety critical monitoring of microprocessor controlled embedded systems

US 5,553,237 A
Filed: 12/13/1994
Issued: 09/03/1996
Est. Priority Date: 12/13/1994
Status: Expired due to Fees

First Claim

Patent Images

1. A safety critical monitoring system for a microprocessor controlled embedded system, comprising:

a central processing unit comprising a microprocessor and a non-volatile memory accessible by the microprocessor and having an operating system stored therein for performing application specific embedded executive functions and application specific program logic stored therein for controlling an application system;

an input/output circuit for providing an interface between the central processing unit and the application system;

wherein the application specific program logic includes a defined set of safety critical rules for the application system corresponding to criteria for safety critical operations to be performed by the microprocessor in accordance with the application specific program logic; and

wherein the operating system has means linked to the stored set of safety critical rules for verifying that the safety critical operations performed by the microprocessor in accordance with the application specific program logic meet the criteria set by the safety critical rules and means for indicating a failure to meet said criteria.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A safety critical monitoring system and method for a microprocessor controlled embedded system has application specific program logic including a defined set of safety critical rules for the application system corresponding to criteria for safety critical operations to be performed by the central processing unit in accordance with the application specific program logic. The operating system or central processing unit is linked to the stored set of safety critical rules for verifying that the safety critical operations performed in accordance with the application specific program logic meet the criteria set by the safety critical rules.

44 Citations

View as Search Results

22 Claims

1. A safety critical monitoring system for a microprocessor controlled embedded system, comprising:
- a central processing unit comprising a microprocessor and a non-volatile memory accessible by the microprocessor and having an operating system stored therein for performing application specific embedded executive functions and application specific program logic stored therein for controlling an application system;
  
  an input/output circuit for providing an interface between the central processing unit and the application system;
  
  wherein the application specific program logic includes a defined set of safety critical rules for the application system corresponding to criteria for safety critical operations to be performed by the microprocessor in accordance with the application specific program logic; and
  
  wherein the operating system has means linked to the stored set of safety critical rules for verifying that the safety critical operations performed by the microprocessor in accordance with the application specific program logic meet the criteria set by the safety critical rules and means for indicating a failure to meet said criteria.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system according to claim 1, wherein the embedded executive functions comprise at least one of multi-tasking, memory management, scheduling, exception handling, interrupt handling and supervisory level operations.
  - 3. The system according to claim 1, wherein the operating system has means for verifying outputs prior to being applied to the input/output circuit.
  - 4. The system according to claim 1, wherein the defined set of safety critical rules comprises at least one of input/output limitations, input/output interactions, input/output timing, input/output feedback, operational calculations and application system responses.
  - 5. The system according to claim 1, wherein the operating system has means for monitoring itself during use.

6. A safety critical monitoring method for a microprocessor controlled embedded system, comprising the steps of:
- providing a central processing unit having a microprocessor and a non-volatile memory accessible by the microprocessor;
  
  storing an operating system in the memory for performing application specific embedded executive functions and storing application specific program logic in the memory for controlling an application system;
  
  providing an interface between the central processing unit and the application system through an input/output circuit;
  
  wherein the application specific program logic includes a defined set of safety critical rules for the application system corresponding to criteria for safety critical operations to be performed by the microprocessor in accordance with the application specific program logic;
  
  linking the operating system to the stored set of safety critical rules to verify that the safety critical operations performed by the microprocessor in accordance with the application specific program logic meet the criteria set by the safety critical rules; and
  
  indicating a failure to meet said criteria.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method according to claim 6, wherein the embedded executive functions comprise at least one of multi-tasking, memory management, scheduling, exception handling, interrupt handling and supervisory level operations.
  - 8. The method according to claim 6, further comprising verifying outputs prior to being applied to the input/output circuit.
  - 9. The method according to claim 6, wherein the defined set of safety critical rules comprises at least one of input/output limitations, input/output interactions, input/output timing, input/output feedback, operational calculations and application system responses.
  - 10. The method according to claim 6, wherein the operating system monitors itself during use.

11. A safety critical monitoring system for a microprocessor controlled embedded system, comprising:
- a central processing unit comprising safety critical microprocessing means and a non-volatile memory accessible by the microprocessing means and having an operating system stored therein for performing application specific embedded executive functions and application specific program logic stored therein for controlling an application system;
  
  an input/output circuit for providing an interface between the central processing unit and the application system;
  
  wherein the safety critical microprocessing means comprises a first microprocessor for performing the application specific embedded executive functions, a safety critical microprocessor for performing safety critical operations and an input/output interface circuit responsive to the safety critical microprocessor for controlling data from the first microprocessor to the input/output circuit;
  
  wherein the application specific program logic includes a defined set of safety critical rules for the application system corresponding to criteria for the safety critical operations to be performed by the safety critical microprocessor in accordance with the application specific program logic; and
  
  wherein the safety critical microprocessor has a stored safety critical operating program linked to the stored set of safety critical rules for verifying that the safety critical operations performed by the safety critical microprocessor meet the criteria set by the safety critical rules and means for indicating a failure to meet said criteria.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The system according to claim 11, wherein the embedded executive functions comprise at least one of multi-tasking, memory management, scheduling, exception handling, interrupt handling and supervisory level operations.
  - 13. The system according to claim 11, wherein the safety critical microprocessing means has means for verifying outputs prior to being applied to the input/output circuit.
  - 14. The system according to claim 13, wherein the means for verifying outputs comprises a first-in first-out register for delaying outputs to the input/output circuit.
  - 15. The system according to claim 11, wherein the defined set of safety critical rules comprises at least one of input/output limitations, input/output interactions, input/output timing, input/output feedback, operational calculations and application system responses.
  - 16. The system according to claim 11, wherein the safety critical microprocessor has means for monitoring itself during use.

17. A safety critical monitoring method for a microprocessor controlled embedded system, comprising the steps of:
- providing a central processing unit comprising safety critical microprocessing means and a non-volatile memory accessible by the microprocessing meansstoring an operating system in the memory for performing application specific embedded executive functions and storing application specific program logic in the memory for controlling an application system;
  
  providing an interface between the central processing unit and the application system through an input/output circuit;
  
  wherein the safety critical microprocessing means comprises a first microprocessor for performing the application specific embedded executive functions, a safety critical microprocessor including a stored safety critical operating program for performing safety critical operations and an input/output interface circuit responsive to the safety critical microprocessor for controlling data from the first microprocessor to the input/output circuit;
  
  wherein the application specific program logic includes a defined set of safety critical rules for the application system corresponding to criteria for the safety critical operations to be performed by the safety critical microprocessor in accordance with the application specific program logic; and
  
  linking the safety critical microprocessor safety critical operating program to the stored set of safety critical rules for verifying that the safety critical operations performed by the safety critical microprocessor meet the criteria set by the safety critical rules; and
  
  indicating a failure to meet said criteria.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The method according to claim 17, wherein the embedded executive functions comprise at least one of multi-tasking, memory management, scheduling, exception handling, interrupt handling and supervisory level operations.
  - 19. The method according to claim 17, wherein the safety critical microprocessing means verifies outputs prior to being applied to the input/output circuit.
  - 20. The method according to claim 19, wherein the step of verifying outputs comprises delaying outputs to the input/output circuit in a first-in first-out register.
  - 21. The method according to claim 17, wherein the defined set of safety critical rules comprises at least one of input/output limitations, input/output interactions, input/output timing, input/output feedback, operational calculations and application system responses.
  - 22. The method according to claim 17, wherein the safety critical microprocessor monitors itself during use.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ABB Automation GmbH (ABB Limited)
Original Assignee
Base Ten Systems, Inc. (CommScope Holding Company, Inc.)
Inventors
Eby, James A., Adelson, Alexander M., Eisenberg, Alan J.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Palys, Joseph E.

Application Number

US08/354,971
Time in Patent Office

630 Days
Field of Search

395/185.02, 395/185.04, 395/185.1, 395/183.07, 395/183.13, 395/184.01, 395/183.02, 395/905, 395/906, 395/907, 395/908, 395/913, 395/914, 395/915 , 395/916
US Class Current

714/47.1
CPC Class Codes

G06F 11/0706   the processing taking place...

G06F 11/0751   Error or fault detection no...

G06F 11/1004   to protect a block of data ...

G06F 11/1479   Generic software techniques...

G06F 11/27   Built-in tests

Safety critical monitoring of microprocessor controlled embedded systems

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Safety critical monitoring of microprocessor controlled embedded systems

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links