Method for carrying out a safety function of a vehicle and system for carrying out the method

US 9,566,966 B2
Filed: 08/28/2013
Issued: 02/14/2017
Est. Priority Date: 08/29/2012
Status: Active Grant

First Claim

Patent Images

1. A method for carrying out, using one or more of electrical, electronic and/or programmable systems (3-13), a safety function of a vehicle (2), the method comprising:

transmitting data necessary for carrying out the safety function to a control unit (4) of the vehicle (2) by at least one communication system (3);

generating, by the control unit (4), control signals as a function of the transmitted data and transmitting the generated control signals to a functional unit (5) of the vehicle (2);

carrying out, by the functional unit (5), the safety function as a function of the generated control signals;

repeatedly carrying out diagnostic tests at time intervals, the diagnostic tests checking whether a fault that can adversely affect the carrying out of the safety function is present in one or more of the electrical, electronic and/or programmable systems (3-13);

transmitting, by the communication system (3), metadata of the transmitted data to the control unit (4), wherein the metadata contains information about the one or more of the electrical, electronic and/or programmable systems (3-13);

determining, by the control unit (4), at least one reliability value of the transmitted data using the metadata information, which value is dependent;

on the probability of the occurrence of failures or faults which can adversely affect the carrying out of the safety function, andon the probability that an occurrence of these failures or faults will be detected by the diagnostic tests and/or by a driver of the vehicle (2) in time before the safety function is adversely affected;

checking, by the control unit (4), as a function of the at least one reliability value, whether the transmitted data is sufficiently reliable for carrying out the safety function; and

actuating, by the control unit (4), a signal generator (17) of the vehicle (2) to signal to the driver whether the data necessary for carrying out the safety function is completely present and sufficiently reliable.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a system and a method for performing a safety function of a vehicle, control signals are generated and transferred to a functional unit of the vehicle by a control unit. The safety function is performed by the functional unit in dependence on the control signals. Diagnostic tests are repeatedly performed at time intervals, the diagnostic tests being used to check if a fault that can interfere with the performance of the safety function is present. Metadata of the data are transferred to the control unit by the communication system, the metadata containing information about systems. This information is used to determine at least one reliability value of the data by the control unit. In dependence on the at least one reliability value, the control unit checks if the transferred data are sufficiently reliable for the performance of the safety function.

7 Citations

View as Search Results

7 Claims

1. A method for carrying out, using one or more of electrical, electronic and/or programmable systems (3-13), a safety function of a vehicle (2), the method comprising:
- transmitting data necessary for carrying out the safety function to a control unit (4) of the vehicle (2) by at least one communication system (3);
  
  generating, by the control unit (4), control signals as a function of the transmitted data and transmitting the generated control signals to a functional unit (5) of the vehicle (2);
  
  carrying out, by the functional unit (5), the safety function as a function of the generated control signals;
  
  repeatedly carrying out diagnostic tests at time intervals, the diagnostic tests checking whether a fault that can adversely affect the carrying out of the safety function is present in one or more of the electrical, electronic and/or programmable systems (3-13);
  
  transmitting, by the communication system (3), metadata of the transmitted data to the control unit (4), wherein the metadata contains information about the one or more of the electrical, electronic and/or programmable systems (3-13);
  
  determining, by the control unit (4), at least one reliability value of the transmitted data using the metadata information, which value is dependent;
  
  on the probability of the occurrence of failures or faults which can adversely affect the carrying out of the safety function, andon the probability that an occurrence of these failures or faults will be detected by the diagnostic tests and/or by a driver of the vehicle (2) in time before the safety function is adversely affected;
  
  checking, by the control unit (4), as a function of the at least one reliability value, whether the transmitted data is sufficiently reliable for carrying out the safety function; and
  
  actuating, by the control unit (4), a signal generator (17) of the vehicle (2) to signal to the driver whether the data necessary for carrying out the safety function is completely present and sufficiently reliable.
- View Dependent Claims (3, 4, 5)
- - 3. The method as claimed in claim 1, wherein if the data necessary for carrying out the safety function is not completely present or not sufficiently reliable, the control unit (4) actuates the signal generator (17) to signal to the driver the instantaneous non-availability of the safety function.
  - 4. The method as claimed in claim 1,wherein the data is produced as a function of measurement signals of at least one measuring unit (12, 13).
  - 5. The method as claimed in claim 1,wherein the at least one reliability value is determined as a function of at least one of failure rates l_SPF, l_RF, l_MPF,L, l_MPF,P, l_MPF,D, wherein each of said failure rates specifies the mean number of failures occurring within a time unit in the electrical, electronic and/or programmable systems (3-13), wherein the respective failure rates each relate exclusively to the following types of failures:
    - l_SPF;
      
      failures which, even when they occur alone, can adversely affect the carrying out of the safety function and the occurrence of which is not checked by the diagnostic tests and therefore also cannot be detected by the diagnostic tests in time before the safety function is adversely affected;
      
      l_RF;
      
      failures which, even when they occur alone, can adversely affect the carrying out of the safety function and the occurrence of which is checked by the diagnostic tests but is not detected by the diagnostic tests in time before the safety function is adversely affected;
      
      l_MPF,L;
      
      failures which, when they occur or are present at the same time as other failures, can adversely affect the carrying out of the safety function and the occurrence of which is not checked by the diagnostic tests;
      
      l_MPF,D;
      
      failures which, when they occur or are present at the same time as other failures, can adversely affect the carrying out of the safety function and the occurrence of which is checked by the diagnostic tests and detected in time before the safety function is adversely affected;
      
      l_MPF,P;
      
      failures which, when they occur or are present at the same time as other failures, can adversely affect the carrying out of the safety function and the occurrence of which is detected in time by the driver of the vehicle (2).

2. A method for carrying out, using one or more of electrical, electronic and/or programmable systems (3-13), a safety function of a vehicle (2), the method comprising:
- transmitting data necessary for carrying out the safety function to a control unit (4) of the vehicle (2) by at least one communication system (3);
  
  generating, by the control unit (4), control signals as a function of the transmitted data and transmitting the generated control signals to a functional unit (5) of the vehicle (2);
  
  carrying out, by the functional unit (5), the safety function as a function of the generated control signals;
  
  repeatedly carrying out diagnostic tests at time intervals, the diagnostic tests checking whether a fault that can adversely affect the carrying out of the safety function is present in one or more of the electrical, electronic and/or programmable systems (3-13);
  
  transmitting, by the communication system (3), metadata of the transmitted data to the control unit (4), wherein the metadata contains information about the one or more of the electrical, electronic and/or programmable systems (3-13);
  
  determining, by the control unit (4), at least one reliability value of the transmitted data using the metadata information, which value is dependent;
  
  on the probability of the occurrence of failures or faults which can adversely affect the carrying out of the safety function, andon the probability that an occurrence of these failures or faults will be detected by the diagnostic tests and/or by a driver of the vehicle (2) in time before the safety function is adversely affected; and
  
  checking, by the control unit (4), as a function of the at least one reliability value, whether the transmitted data is sufficiently reliable for carrying out the safety function,wherein, if the data necessary for carrying out the safety function is not completely present or is not sufficiently reliable,the data transmitted to the control unit (4) is not used to actuate the functional unit (5), and/ora deactivation signal is sent to the functional unit (5) by the control unit (4), wherein, after reception of this deactivation signal, the functional unit goes automatically into a safety mode in which the safety function cannot be carried out, and/orthe data is transmitted to the control unit (4) again after a predefined waiting time period, wherein the data is in this way transmitted to the control unit (4) until the data is completely present and sufficiently reliable.

6. A method for carrying out, using one or more of electrical, electronic and/or programmable systems (3-13), a safety function of a vehicle (2), the method comprising:
- transmitting data necessary for carrying out the safety function to a control unit (4) of the vehicle (2) by at least one communication system (3);
  
  generating, by the control unit (4), control signals as a function of the transmitted data and transmitting the generated control signals to a functional unit (5) of the vehicle (2);
  
  carrying out, by the functional unit (5), the safety function as a function of the generated control signals;
  
  repeatedly carrying out diagnostic tests at time intervals, the diagnostic tests checking whether a fault that can adversely affect the carrying out of the safety function is present in one or more of the electrical, electronic and/or programmable systems (3-13);
  
  transmitting, by the communication system (3), metadata of the transmitted data to the control unit (4), wherein the metadata contains information about the one or more of the electrical, electronic and/or programmable systems (3-13);
  
  determining, by the control unit (4), at least one reliability value of the transmitted data using the metadata information, which value is dependent;
  
  on the probability of the occurrence of failures or faults which can adversely affect the carrying out of the safety function, andon the probability that an occurrence of these failures or faults will be detected by the diagnostic tests and/or by a driver of the vehicle (2) in time before the safety function is adversely affected; and
  
  checking, by the control unit (4), as a function of the at least one reliability value, whether the transmitted data is sufficiently reliable for carrying out the safety function,wherein the functional unit (5) is an active or passive protection device of the vehicle (2), wherein;
  
  the functional unit (5) is an electronic brake system and the safety function is an automatic brake booster, and/orthe functional unit (5) is an emergency braking assistant and the safety function is an automatically triggered full-braking or partial-braking operation of the vehicle (2), and/orthe functional unit (5) is an avoidance assistant and the safety function is automatic driving around an obstacle, and/orthe functional unit (5) is an ESC unit and the safety function is automatic stabilization of the vehicle (2), in particular by braking one or more wheels of the vehicle (2) and/or by throttling the engine power of the vehicle (2), and/orthe functional unit (5) is an airbag system, and the safety function is triggering of the airbag.

7. A system (1) for carrying out a safety function of a vehicle (2), the system (1) comprising:
- the vehicle;
  
  a control unit (4) of the vehicle (2);
  
  a functional unit (5) of the vehicle; and
  
  a communication system configured to transmit data necessary for carrying out the safety function to the control unit (4) of the vehicle (2),wherein;
  
  the control unit (4) is configured to generate control signals as a function of the transmitted data and to transmit the control signals to the functional unit (5) of the vehicle (2),the functional unit (5) is configured to implement the safety function as a function of the control signals,the system (1) is configured to carry out diagnostic tests repeatedly at time intervals to check whether a fault that can adversely affect the carrying out of the safety function is present in one or more electrical, electronic and/or programmable systems of the system (1),the communication system is configured to transmit metadata of the transmitted data to the control unit (4),the metadata contains information of one or more of electrical, electronic and programmable systems (3-13) of the system (1),the control unit (4) is configured to determine at least one reliability value of the data as a function of the metadata information, which reliability value is dependenton the probability of the occurrence of faults which can adversely affect the carrying out of the safety function, andon the probability that an occurrence of these faults will be detected by means of the diagnostic tests and/or by a driver of the vehicle (2) in good time before the safety function is adversely affected, andthe control unit (4) is configured to;
  
  check, as a function of the at least one reliability value, whether the transmitted data is sufficiently reliable for carrying out the safety function, andactuate a signal generator (17) of the vehicle (2) to signal to the driver whether the data necessary for carrying out the safety function is completely present and sufficiently reliable.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Continental Automotive GmbH (Continental AG)
Original Assignee
Continental Automotive GmbH (Continental AG)
Inventors
Erdem, Bettina, Ross, Hans-Leo
Primary Examiner(s)
Shaawat, Mussa A
Assistant Examiner(s)
JHA, ABDHESH K

Application Number

US14/424,817
Publication Number

US 20150210258A1
Time in Patent Office

1,266 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

B60T 2270/406   Test-mode; Self-diagnosis

B60T 8/00   Arrangements for adjusting ...

B60T 8/885   using electrical circuitry

B60W 50/045   Monitoring control system p...

H04L 1/20   using signal quality detector

H04L 1/22   using redundant apparatus t...

Method for carrying out a safety function of a vehicle and system for carrying out the method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

7 Citations

7 Claims

Specification

Use Cases

Quick Links

Others

Method for carrying out a safety function of a vehicle and system for carrying out the method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

7 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others