Application programs for motion control devices including access limitations
First Claim
1. A method of generating control commands to be executed by a motion control system to move an object in a desired manner, the method comprising the steps of:
- determining a plurality of functions that may be executed by the motion control system;
creating a set of accounts associated with application programs comprising at least one of the functions;
providing a motion system for generating the control commands based on the application programs;
determining a plurality of access levels;
associating each of the plurality of functions with one of the access levels;
associating each of the accounts in the set of accounts with one of the access levels;
determining from the set of accounts the access level of a given account;
comparing the access level of the particular account with the access level of each function used by the given account; and
controlling the control command generating system to restrict the generation of control commands if the access level of at least one of the functions of a given application program created by the given account is not consistent with the access level of the given account.
2 Assignments
0 Petitions
Accused Products
Abstract
A security system for controlling access to motion control systems. The security system limits access to application programming interface (API) functions. The limitations on API functions can be implemented as a denial of access to certain restricted functions and/or as a limitation on certain controlled parameters employed by certain restricted functions. The security system may allow or disallow access based on users or accounts. The security system may also be programmed to prevent access to certain functions arbitrarily as determined by a system administrator or on criteria such as the status of the system.
122 Citations
25 Claims
-
1. A method of generating control commands to be executed by a motion control system to move an object in a desired manner, the method comprising the steps of:
-
determining a plurality of functions that may be executed by the motion control system;
creating a set of accounts associated with application programs comprising at least one of the functions;
providing a motion system for generating the control commands based on the application programs;
determining a plurality of access levels;
associating each of the plurality of functions with one of the access levels;
associating each of the accounts in the set of accounts with one of the access levels;
determining from the set of accounts the access level of a given account;
comparing the access level of the particular account with the access level of each function used by the given account; and
controlling the control command generating system to restrict the generation of control commands if the access level of at least one of the functions of a given application program created by the given account is not consistent with the access level of the given account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
determining limits for at least one restricted parameter associated with the at least one of the restricted functions; and
controlling the control command generating system to restrict the generation of control commands based on whether the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
-
6. A method as recited in claim 5, in which the step of controlling the control command generating system comprises the step of preventing the generation of control commands if the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
7. A method as recited in claim 5, in which the step of controlling the control command generating system comprises the step of limiting the generation of control commands based on the limits of the restricted parameter if the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
8. A method as recited in claim 5, in which the step of controlling the control command generating system comprises the step of limiting the generation of control commands to the limits of the restricted parameter if the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
9. A method as recited in claim 5, in which the at least one restricted parameter is at least one parameter selected from the group of parameters including minimum velocity, maximum velocity, minimum acceleration, maximum acceleration, minimum deceleration, maximum deceleration, minimum velocity, and maximum velocity.
-
10. A method as recited in claim 1 in which the step of controlling the control command generating system comprises the step of preventing the generation of control commands if the access level of at least one of the functions of the given application program created by the given user is not consistent with the access level of the given user.
-
11. A method as recited in claim 10, in which the step of preventing the generation of control commands comprises the step of preventing the generation of control commands for the at least one of the functions of the given application program the access level of which is higher than the access level of the user.
-
12. A method as recited in claim 10, further comprising the steps of:
-
determining limits for at least one restricted parameter associated with the at least one of the restricted functions; and
controlling the control command generating system to restrict the generation of control commands based on whether the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
-
13. A method as recited in claim 12, in which the step of controlling the control command generating system comprises the step of preventing the generation of control commands when the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
14. A method as recited in claim 12, in which the at least one restricted parameter is at least one parameter selected from the group of parameters including minimum velocity, maximum velocity, minimum acceleration, maximum acceleration, minimum deceleration, maximum deceleration, minimum velocity, and maximum velocity.
-
15. A method as recited in claim 12, in which the step of controlling the control command generating system comprises the step of limiting the generation of control commands based on the limits of the restricted parameter when the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
16. A method as recited in claim 12, in which the step of controlling the control command generating system comprises the step of limiting the generation of control commands to the limits of the restricted parameter when the given application program contains a restricted function having a restricted parameter that is not within the limits of the restricted parameter.
-
17. A method as recited in claim 1, in which the step of providing a control command generating system further comprises the step of providing means for generating control commands for a plurality of application programs simultaneously for real time execution, the method further comprising the steps of:
-
determining which of the plurality of application programs is a first given application program, and restricting the generation of control commands for the functions of a second given application program based on the execution of the first given application program.
-
-
18. A method as recited in claim 17, in which the step of determining which of the plurality of application programs is a first given application program comprise the step of determining which of the plurality of application programs was the first to begin execution.
-
19. A method as recited in claim 1, further comprising the steps of:
-
determining whether the application program has called an initializing function; and
restricting the generation of control commands for the functions of a second given application program if the application has not called the initializing function.
-
-
20. A method of generating control commands to be executed by a motion control system to move an object in a desired manner, the method comprising the steps of:
-
determining a plurality of functions that may be executed by the motion control system;
determining which of the plurality of functions are restricted functions access to which is to be limited;
creating a set of accounts who create application programs comprising at least one of the functions;
providing a control command generating system for generating the control commands based on the application programs;
determining a plurality of access levels;
associating each of the plurality of functions with one of the access levels;
associating each of the accounts in the set of accounts with one of the access levels;
determining from the set of accounts the access level of a given account;
determining whether the access level of the particular account is less than the access level of any restricted functions included in a given application program created by the given account; and
controlling the control command generating system to restrict the generation of control commands for any restricted functions included in the given application program if the access level of the given account is less than the access level of any restricted function included in the given application program. - View Dependent Claims (21)
controlled functions, where the step of controlling the control command generating system comprises the step of preventing access to controlled functions by the given application program; and
parameter-control functions, where parameter-control functions are functions having at least one controlled parameter having predetermined limits, and the step of controlling the control command generating system comprises the step of restricting access to parameter-control functions if the controlled parameter of the given application program is not within the predetermined limits.
-
-
22. A method of operating a motion control system to move an object in a desired manner, the method comprising the steps of:
-
defining a plurality of functions that may be called to cause the motion control system to move the object;
defining a plurality of security levels;
providing an application program that calls at least one of the functions; and
restricting the ability of the application program to call at least one of the functions based on the security levels. - View Dependent Claims (23, 24, 25)
modifying security settings of an underlying operating system based on the plurality of security levels; and
comparing each function called by the application program with the security settings of the underlying operating system.
-
-
24. A method as recited in claim 22, in which the step of restricting the ability of the application program to call at least one of the functions further comprises the steps of:
-
creating a function mask for each function, where the function masks define the security level of the function associated therewith;
creating a system security mask based on the security levels; and
comparing the function mask of each function called by the application program with the system security mask.
-
-
25. A method as recited in claim 22, in which the step of restricting the ability of the application program to call at least one of the functions further comprises the steps of:
-
creating a set of accounts, where each account is associated with one of the security levels;
associating the application program with at least one of the accounts; and
restricting the ability of the application program to call at least one of the functions further based on the security level of the at least one account associated with the application program.
-
Specification