Fault tolerant control system

US 8,099,179 B2
Filed: 09/09/2005
Issued: 01/17/2012
Est. Priority Date: 09/10/2004
Status: Active Grant

First Claim

Patent Images

1. Fault-tolerant control system for a vehicle utilizing a plurality of propulsion systems, comprising:

a front propulsion system providing propelling force to said vehicle;

a rear propulsion system providing propelling force to said vehicle;

a first communication bus;

a second communication bus;

a first controller controlling operation of said front propulsion system by providing a first output signal to said front propulsion system and monitoring a second output signal from a second controller via said first communication bus; and

said second controller controlling operation of said rear propulsion system by providing said second output signal to said rear propulsion system and monitoring the first output signal from said first controller via said second communication bus;

wherein each of said first and second controllers identifies faults within itself through a built-in test;

wherein each of said first and second controllers identifies faults within the other of said first and second controllers through said built-in tests based upon its respectively monitored one of said first and second output signals; and

wherein said first and second controllers utilize said built-in tests to maintain one of said propelling forces to said vehicle despite a single fault in any of said front propulsion system, said rear propulsion system, said first communication bus, said second communication bus, said first controller, and said second controller.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A dual-redundant propulsion-by-wire control architecture with robust monitoring is presented to increase system availability without compromising safety. The dual-redundant controllers are able to cross-monitor and self-monitor. Self monitoring is effected at the application level and built-in system tests are performed. The monitor functions are set as high priority tasks. The first controller controls operation of a first propulsion system, monitors operation of a second controller, and, self-monitors. The second controller controls operation of a second propulsion system, monitors operation of the first controller, and, self-monitors. Each controller is operable to identify faults occurring in the first and the second controller, and implement an alternate operating control scheme for the respective propulsion system when a fault is identified. The first controller is signally connected to the second controller by substantially redundant communications buses.

26 Citations

View as Search Results

9 Claims

1. Fault-tolerant control system for a vehicle utilizing a plurality of propulsion systems, comprising:
- a front propulsion system providing propelling force to said vehicle;
  
  a rear propulsion system providing propelling force to said vehicle;
  
  a first communication bus;
  
  a second communication bus;
  
  a first controller controlling operation of said front propulsion system by providing a first output signal to said front propulsion system and monitoring a second output signal from a second controller via said first communication bus; and
  
  said second controller controlling operation of said rear propulsion system by providing said second output signal to said rear propulsion system and monitoring the first output signal from said first controller via said second communication bus;
  
  wherein each of said first and second controllers identifies faults within itself through a built-in test;
  
  wherein each of said first and second controllers identifies faults within the other of said first and second controllers through said built-in tests based upon its respectively monitored one of said first and second output signals; and
  
  wherein said first and second controllers utilize said built-in tests to maintain one of said propelling forces to said vehicle despite a single fault in any of said front propulsion system, said rear propulsion system, said first communication bus, said second communication bus, said first controller, and said second controller.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The control system of claim 1, wherein said first and second controllers evaluate a second fault within any of said front propulsion system, said rear propulsion system, said first communication bus, said second communication bus, said first controller, and said second controller and selectively continue operation through one of said controllers without a fault.
  - 3. The control system of claim 1, wherein each of said first and second controllers selectively disables the other of said first and second controllers based upon said identifying faults within the other of said first and second controllers and confirming no fault within the one of said first and second controllers performing said selective disabling.
  - 4. The control system of claim 1, wherein each of said first and second controllers selectively disables itself based upon said identifying faults within itself.
  - 5. The control system of claim 1, wherein said built-in test identifying faults within said first controller further identifies faults within said first communication bus and said front propulsion system;
    - and wherein said built-in test identifying faults within said second controller further identifies faults within said second communication bus and said rear propulsion system.
  - 6. The control system of claim 5, wherein one of said built-in tests further identifies faults within an energy storage device connected to one of said propulsion systems.
  - 7. The control system of claim 1, wherein said built-in tests identifying faults within said other of said first and second controllers further identifies faults within said communication bus and front propulsion system connected to said other controller.
  - 8. The control system of claim 1, wherein one of said controllers selectively commands a fail-safe mode based upon said built-in tests identifying a plurality of faults.
  - 9. The system of claim 1, wherein said first controller controlling operation of said front propulsion system comprises said first controller determining a first maximum torque value to control said front propulsion system;
    - wherein said second controller controlling operation of said rear propulsion system comprises said second controller determining a second maximum torque value to control said rear propulsion system; and
      
      wherein each of said first and second controllers identifying faults within the other of said first and second controllers through said built-in tests comprises;
      
      the first controller determining a virtual signal for the rear propulsion system;
      
      the first controller comparing the second maximum torque value to the virtual signal for the rear propulsion system and indicating a fault based upon the comparing indicating that the second maximum torque value is greater than the virtual signal for the rear propulsion system;
      
      the second controller determining a virtual signal for the front propulsion system; and
      
      the second controller comparing the first maximum torque value to the virtual signal for the front propulsion system and indicating a fault based upon the comparing indicating that the first maximum torque value is greater than the virtual signal for the front propulsion system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations LLC (General Motors Company)
Inventors
Naik, Sanjeev M., Mishra, Pradyumna K., Pertet, Soila M.
Primary Examiner(s)
Chaki, Kakali
Assistant Examiner(s)
Gami, Tejal J

Application Number

US11/223,400
Publication Number

US 20060074500A1
Time in Patent Office

2,321 Days
Field of Search

700/21, 700/79, 700/80, 700/210, 303/177, 701/74, 701/93, 180/65.225, 903/916, 903/919, 903/945
US Class Current

700/21
CPC Class Codes

G05B 9/03   with multiple-channel loop,...

Y10S 903/916   with plurality of drive axles

Y10S 903/919   Stepped shift

Y10S 903/945   Characterized by control of...

Fault tolerant control system

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Fault tolerant control system

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links