Method and apparatus for safety-related communication in a communication network of an automation system

US 8,923,286 B2
Filed: 09/09/2010
Issued: 12/30/2014
Est. Priority Date: 09/23/2009
Status: Active Grant

First Claim

Patent Images

1. An automated manufacturing system comprising:

a non-safe communication master of the automated manufacturing system, wherein the non-safe communication master is not configured for error-proof communication by means of a secure network protocol; and

a plurality of local network subscribers of the automated manufacturing system, the local network subscribers being connected to the non-safe communication master via a communication network,wherein communication between the local network subscribers in the communication network is realized via telegrams,wherein at least two of the local network subscribers i) are safety network subscribers between which safety-related data are transferred based on error-proof communication, wherein a verification of a communication in conformity to one or more safety requirements includes checking a received telegram by a receiving subscriber for at least one of the following characteristics;

a time stamp, a transmitter identity, and a receiver identity, and ii) form a logical group of network subscribers for performing a safety-related function, andwherein the non-safe communication master maintains a routing table that stores logical connections between the local safety network subscribers in accordance with the safety-related function, the non-safe communication master being configured to control automatic routing of data from a transmitting safety network subscriber to a receiving safety network subscriber in accordance with the routing table, such that each communication among the safety network subscribers of one logical group occurs via two point-to-point connections, namely from the transmitting safety network subscriber to the non-safe communication master and then from the non-safe communication master to the receiving safety network subscriber,wherein the receiving safety network subscriber is configured to perform a safety-related action according to the received telegram, andwherein the communication network includes a means to retrieve information from the safety network subscribers for establishing the routing table, and to establish the routing table on the basis of the information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to communication between safety-related modules in a communication network of an automation system. The object of the invention is to simplify installation and development of safety-related modules in an automation network. To this end, the safety functions of a system are divided into small, manageable, locally delimitable and simply verifiable groups of modules.

Citations

10 Claims

1. An automated manufacturing system comprising:
- a non-safe communication master of the automated manufacturing system, wherein the non-safe communication master is not configured for error-proof communication by means of a secure network protocol; and
  
  a plurality of local network subscribers of the automated manufacturing system, the local network subscribers being connected to the non-safe communication master via a communication network,wherein communication between the local network subscribers in the communication network is realized via telegrams,wherein at least two of the local network subscribers i) are safety network subscribers between which safety-related data are transferred based on error-proof communication, wherein a verification of a communication in conformity to one or more safety requirements includes checking a received telegram by a receiving subscriber for at least one of the following characteristics;
  
  a time stamp, a transmitter identity, and a receiver identity, and ii) form a logical group of network subscribers for performing a safety-related function, andwherein the non-safe communication master maintains a routing table that stores logical connections between the local safety network subscribers in accordance with the safety-related function, the non-safe communication master being configured to control automatic routing of data from a transmitting safety network subscriber to a receiving safety network subscriber in accordance with the routing table, such that each communication among the safety network subscribers of one logical group occurs via two point-to-point connections, namely from the transmitting safety network subscriber to the non-safe communication master and then from the non-safe communication master to the receiving safety network subscriber,wherein the receiving safety network subscriber is configured to perform a safety-related action according to the received telegram, andwherein the communication network includes a means to retrieve information from the safety network subscribers for establishing the routing table, and to establish the routing table on the basis of the information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The automated manufacturing system according to claim 1, wherein the non-safe communication master is configured to perform the following steps to initialize the routing table:
    - a) determining a configuration of the communication network,b) determining identification information of the safety network subscribers,c) performing a plausibility check of the identification information determined, if applicable,d) establishing an instruction or copy list for the routing of telegrams in cyclic operation from the information resulting from steps a) and b).
  - 3. The automated manufacturing system according to claim 1, wherein the non-safe communication master is configured to retrieve information from the safety network subscribers connected to the communication network, and to determine from the retrieved information which safety network subscribers are allocated to a respective logical group, and to establish the logical connections in the routing table in accordance with the allocation of the safety network subscribers.
  - 4. The automated manufacturing system according to claim 1, wherein addresses of the safety network subscribers are configured to reflect a collective allocation to a respective logical group.
  - 5. The automated manufacturing system according to claim 1, wherein the transfer of safety-related data occurs in telegrams via a non-safe channel that is a communication medium for standard data as well as for safety-related data, and wherein, for error-proof transfer of the safety-related data, the receiving safety network subscriber is configured to detect errors with regard to permutation, corruption, misrouting or deterioration of telegrams.
  - 6. The automated manufacturing system according to claim 5, wherein the receiving safety network subscriber checks a received telegram for at least one of the following characteristics:
    - redundancy,a check sum, anda sequential telegram number.
  - 7. The automated manufacturing system according to claim 6, wherein the non-safe communication master is configured to allocate logical groups to specific address spaces.
  - 8. The automated manufacturing system according to claim 1, wherein among the safety network subscribers of a logical group there is at least one safety network subscriber that comprises an input module and at least one safety network subscriber that comprises an output module wherein the output module is configured to initiate a safety function in response to a telegram from an input module.
  - 9. The automated manufacturing system according to claim 5, characterized in that the receiving safety network subscriber checks a received telegram for all of the following characteristics:
    - a time stamp,redundancy,a check sum,a sequential telegram number,a transmitter identitya receiver identity.

10. A method for monitoring safety functions in an automated manufacturing system comprising a communication master that is not configured for error-proof communication by means of a secure network protocol and a plurality of local network subscribers, the local network subscribers being connected to the non-safe communication master via a communication network, and communication between the local network subscribers in the communication network being realized via telegrams, the method comprising:
- retrieving information from safety network subscribers for establishing a routing table that stores logical connections between the safety network subscribers in accordance with a safety-related function, wherein at least two of the local network subscribers i) are the safety network subscribers between which safety-related data are transferred based on error-proof communication, wherein a verification of a communication in conformity to one or more safety requirements includes checking a received telegram by a receiving subscriber for at least one of the following characteristics;
  
  a time stamp, a transmitter identity, and a receiver identity, and ii) form a logical group of network subscribers for performing the safety-related function;
  
  maintaining, at the non-safe communication master, the routing table on the basis of the information retrieved;
  
  automatically routing, through the non-safe communication master, data from a transmitting safety network subscriber to a receiving safety network subscriber in accordance with the routing table, such that each communication among the safety network subscribers of one logical group occurs via two point-to-point connections, namely from the transmitting safety network subscriber to the non-safe communication master and then from the non-safe communication master to the receiving safety network subscriber; and
  
  performing, at the receiving safety network subscriber, the safety-related action according to the received telegram.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Phoenix Contact GmbH & Company KG
Original Assignee
Phoenix Contact GmbH & Company KG
Inventors
Schmidt, Joachim, Horn, Steffen
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
Ghafoerkhan, Faiyazkhan

Application Number

US12/878,496
Publication Number

US 20110069698A1
Time in Patent Office

1,573 Days
Field of Search

None
US Class Current

370/389
CPC Class Codes

H04L 12/403   with centralised control, e...

H04L 12/462   LAN interconnection over a ...

H04L 45/00   Routing or path finding of ...

Method and apparatus for safety-related communication in a communication network of an automation system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for safety-related communication in a communication network of an automation system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links