Control system for controlling safety-critical processes
First Claim
1. A control system (10) for controlling safety-critical processes in an automated system by means of a communications network (20) with:
- an unsecured communications master (22) for controlling the communications on the network (20); and
a plurality of network subscribers (12, 14, 16, 18), wherein at least three of the network subscribers are configured as decentralized, secure network subscribers (16) and each has a separate, decentralized safety controller (17) for controlling a safety-relevant application,each of the decentralized, secure network subscribers (16) has a unique safety address,each of the decentralized, secure network subscribers (16) executes safety functions or safety logic operations relevant for said subscriber (16),the secure network subscribers (16) are grouped into at least three safety islands (1, 2, 3), anda logical point-to-point communication (36) via a data line on the network (20) between the decentralized, secure network subscribers (16) is configured as a fail-safe point-to-point communication (36) based on a chain of point-to-point relationships (36) from one safety island to another safety island,wherein a decentralized, secure network subscriber (16) of a first safety island (1) in a point-to-point relationship forms a master (32) and a decentralized, secure network subscriber (16) of a safety island (2) that follows the first safety island in the chain forms a slave (33),the master-slave relationships between safety islands (1, 2, 3) forming the chain of point-to-point relationships, so that decentralized, secure network subscribers (16) are pairwise individually connected with each other, thus providing each other safety functions.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention relates to a control system for controlling safety-critical processes in an automated system by using a communications network with a communications master for controlling the communications on the network and a plurality of network subscribers. At least a few of the network subscribers are constructed as decentralized, secure network subscribers, and each has a separate, decentralized safety controller for controlling a safety-relevant application. Each of the decentralized, secure network subscribers has a unique safety address. The decentralized, secure network subscribers themselves execute the safety functions and/or safety logic operations relevant to them. The decentralized, secure network subscribers communicate with each other in a fail-safe way in which each executes automatic, fail-safe point-to-point communications with another of the decentralized, secure network subscribers, in order to be able to provide safety functions covering the decentralized, secure network subscribers.
34 Citations
14 Claims
-
1. A control system (10) for controlling safety-critical processes in an automated system by means of a communications network (20) with:
-
an unsecured communications master (22) for controlling the communications on the network (20); and a plurality of network subscribers (12, 14, 16, 18), wherein at least three of the network subscribers are configured as decentralized, secure network subscribers (16) and each has a separate, decentralized safety controller (17) for controlling a safety-relevant application, each of the decentralized, secure network subscribers (16) has a unique safety address, each of the decentralized, secure network subscribers (16) executes safety functions or safety logic operations relevant for said subscriber (16), the secure network subscribers (16) are grouped into at least three safety islands (1, 2, 3), and a logical point-to-point communication (36) via a data line on the network (20) between the decentralized, secure network subscribers (16) is configured as a fail-safe point-to-point communication (36) based on a chain of point-to-point relationships (36) from one safety island to another safety island, wherein a decentralized, secure network subscriber (16) of a first safety island (1) in a point-to-point relationship forms a master (32) and a decentralized, secure network subscriber (16) of a safety island (2) that follows the first safety island in the chain forms a slave (33), the master-slave relationships between safety islands (1, 2, 3) forming the chain of point-to-point relationships, so that decentralized, secure network subscribers (16) are pairwise individually connected with each other, thus providing each other safety functions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification