WO2005069089A3 - Design of safety critical systems - Google Patents

Design of safety critical systems Download PDF

Info

Publication number
WO2005069089A3
WO2005069089A3 PCT/IB2005/050701 IB2005050701W WO2005069089A3 WO 2005069089 A3 WO2005069089 A3 WO 2005069089A3 IB 2005050701 W IB2005050701 W IB 2005050701W WO 2005069089 A3 WO2005069089 A3 WO 2005069089A3
Authority
WO
WIPO (PCT)
Prior art keywords
functional specification
system architecture
independence
design
replicates
Prior art date
Application number
PCT/IB2005/050701
Other languages
French (fr)
Other versions
WO2005069089A2 (en
Inventor
Samuel Boutin
Original Assignee
Renault Sas
Samuel Boutin
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Renault Sas, Samuel Boutin filed Critical Renault Sas
Priority to JP2006548570A priority Critical patent/JP2007528532A/en
Priority to DE602005006732T priority patent/DE602005006732D1/en
Priority to EP05708849A priority patent/EP1706799B1/en
Priority to US10/585,934 priority patent/US7694250B2/en
Publication of WO2005069089A2 publication Critical patent/WO2005069089A2/en
Publication of WO2005069089A3 publication Critical patent/WO2005069089A3/en

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B9/00Safety arrangements
    • G05B9/02Safety arrangements electric
    • G05B9/03Safety arrangements electric with multiple-channel loop, i.e. redundant control systems

Abstract

A method is disclosed of producing a system architecture comprising a plurality of electrical devices connected to each other, said system preferably comprising a fault tolerant system, the method including: a) identifying a set of undesirable events and ascribing to each of said undesirable events an indicator of their severity; b) associating where possible each said undesirable event with one or more actuators of said system architecture; c) developing a functional specification of an initial architecture proposed for implementation of said system architecture; d) refining on said functional specification the fault tolerance requirements; e) producing replicates in said functional specification together with attached indicators of independence of said replicates, f) defining a hardware structure for said system architecture; g) mapping of said functional specification onto said hardware structure; and h) verifying automatically that said indicators of independence are preserved during mapping.
PCT/IB2005/050701 2004-01-13 2005-01-13 Design of safety critical systems WO2005069089A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
JP2006548570A JP2007528532A (en) 2004-01-13 2005-01-13 Design method for safety-oriented system
DE602005006732T DE602005006732D1 (en) 2004-01-13 2005-01-13 DESIGN OF SECURITY CRITICAL SYSTEMS
EP05708849A EP1706799B1 (en) 2004-01-13 2005-01-13 Design of safety critical systems
US10/585,934 US7694250B2 (en) 2004-01-13 2005-01-13 Method for design and verification of safety critical systems

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR04300018.1 2004-01-13
EP04300018A EP1555587B1 (en) 2004-01-13 2004-01-13 Design of safety critical system

Publications (2)

Publication Number Publication Date
WO2005069089A2 WO2005069089A2 (en) 2005-07-28
WO2005069089A3 true WO2005069089A3 (en) 2005-10-27

Family

ID=34610242

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2005/050701 WO2005069089A2 (en) 2004-01-13 2005-01-13 Design of safety critical systems

Country Status (6)

Country Link
US (1) US7694250B2 (en)
EP (2) EP1555587B1 (en)
JP (1) JP2007528532A (en)
AT (2) ATE511669T1 (en)
DE (1) DE602005006732D1 (en)
WO (1) WO2005069089A2 (en)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2936766A3 (en) * 2008-10-07 2010-04-09 Renault Sas Signals processing method for measuring e.g. angular position of steering wheel of motor vehicle, involves constructing measured value signal of physical parameter, and departing signal issued from main sensor, in operating mode
US8117483B2 (en) * 2009-05-13 2012-02-14 Freescale Semiconductor, Inc. Method to calibrate start values for write leveling in a memory system
US9678483B2 (en) 2011-01-26 2017-06-13 Honeywell International Inc. Programmable controller with both safety and application functions
DE102011075545A1 (en) * 2011-05-10 2012-11-15 Robert Bosch Gmbh Method and device for checking a sensor signal and for controlling an occupant protection means of a vehicle
US8397191B1 (en) * 2011-11-07 2013-03-12 Xilinx, Inc. Determining failure rate from circuit design layouts
US10379143B2 (en) 2014-07-23 2019-08-13 Cummins, Inc. System and method for improving a battery management and accumulator system
WO2016032964A1 (en) 2014-08-26 2016-03-03 Cummins, Inc. Electric engine accessory control
EP3110061B1 (en) * 2015-06-23 2020-03-11 TTTech Auto AG Distributed real time computer system and method for imposing the fail silent behaviour of a distributed real time computer system
KR20170111076A (en) * 2016-03-25 2017-10-12 엘에스산전 주식회사 Fault diagnosis apparatus for brake of train and automatic train operation equipment due to the reduction braking performance using the same and fault diagnosis method for brake of train
US11128446B2 (en) 2016-04-14 2021-09-21 B.G. Negev Technologies And Applications Ltd., At Ben-Gurion University Self-stabilizing secure and heterogeneous systems
JP6864992B2 (en) 2016-04-28 2021-04-28 日立Astemo株式会社 Vehicle control system verification device and vehicle control system
US10417077B2 (en) * 2016-09-29 2019-09-17 2236008 Ontario Inc. Software handling of hardware errors
EP3580104B1 (en) 2017-02-10 2020-11-11 Nissan North America, Inc. Autonomous vehicle operational management blocking monitoring
KR102199093B1 (en) 2017-02-10 2021-01-06 닛산 노쓰 아메리카, 인크. Self-driving vehicle operation management, including operating a partially observable Markov decision process model instance
US11702070B2 (en) 2017-10-31 2023-07-18 Nissan North America, Inc. Autonomous vehicle operation with explicit occlusion reasoning
US11874120B2 (en) 2017-12-22 2024-01-16 Nissan North America, Inc. Shared autonomous vehicle operational management
CN111902782A (en) 2018-02-26 2020-11-06 北美日产公司 Centralized shared autonomous vehicle operation management
US11120688B2 (en) 2018-06-29 2021-09-14 Nissan North America, Inc. Orientation-adjust actions for autonomous vehicle operational management
CN110807773B (en) * 2019-11-12 2023-04-11 中广核检测技术有限公司 Panoramic image detection method for surface defects of nuclear power station
US11635758B2 (en) 2019-11-26 2023-04-25 Nissan North America, Inc. Risk aware executor with action set recommendations
US11899454B2 (en) 2019-11-26 2024-02-13 Nissan North America, Inc. Objective-based reasoning in autonomous vehicle decision-making
US11613269B2 (en) * 2019-12-23 2023-03-28 Nissan North America, Inc. Learning safety and human-centered constraints in autonomous vehicles
US11300957B2 (en) 2019-12-26 2022-04-12 Nissan North America, Inc. Multiple objective explanation and control interface design
US11714971B2 (en) 2020-01-31 2023-08-01 Nissan North America, Inc. Explainability of autonomous vehicle decision making
US11577746B2 (en) 2020-01-31 2023-02-14 Nissan North America, Inc. Explainability of autonomous vehicle decision making
US11782438B2 (en) 2020-03-17 2023-10-10 Nissan North America, Inc. Apparatus and method for post-processing a decision-making model of an autonomous vehicle using multivariate data

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6216252B1 (en) * 1990-04-06 2001-04-10 Lsi Logic Corporation Method and system for creating, validating, and scaling structural description of electronic device
EP1100007A2 (en) * 1999-08-13 2001-05-16 General Electric Company A method of optimizing a design project

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5315972A (en) * 1991-12-23 1994-05-31 Caterpiller Inc. Vehicle diagnostic control system
US5365423A (en) * 1992-01-08 1994-11-15 Rockwell International Corporation Control system for distributed sensors and actuators
DE19527541A1 (en) * 1995-07-27 1997-01-30 Siemens Ag Device for generating control signals
US6999824B2 (en) * 1997-08-21 2006-02-14 Fieldbus Foundation System and method for implementing safety instrumented systems in a fieldbus architecture
US6199173B1 (en) * 1997-10-01 2001-03-06 Micron Electronics, Inc. Method for mapping environmental resources to memory for program access
US5914845A (en) * 1998-05-01 1999-06-22 Chase; Ronald Cole Surge protector system
US6161071A (en) * 1999-03-12 2000-12-12 Navigation Technologies Corporation Method and system for an in-vehicle computing architecture
US6647301B1 (en) * 1999-04-22 2003-11-11 Dow Global Technologies Inc. Process control system with integrated safety control system
US6789054B1 (en) * 1999-04-25 2004-09-07 Mahmoud A. Makhlouf Geometric display tools and methods for the visual specification, design automation, and control of adaptive real systems
US7865349B2 (en) * 2001-01-19 2011-01-04 National Instruments Corporation Simulation, measurement and/or control system and method with coordinated timing
SE522545C2 (en) * 2001-03-06 2004-02-17 Goalart Ab System, device and method for diagnosing flow processes
US7451063B2 (en) * 2001-07-20 2008-11-11 Red X Holdings Llc Method for designing products and processes
GB0122681D0 (en) * 2001-09-20 2001-11-14 Mead Corp Packaging systems apparatus and method therefor
US7260505B2 (en) * 2002-06-26 2007-08-21 Honeywell International, Inc. Method and apparatus for developing fault codes for complex systems based on historical data
FR2846117B1 (en) * 2002-10-21 2008-08-22 Renault Sas METHOD AND DEVICE FOR SYNTHESIZING AN ELECTRICAL ARCHITECTURE
US7720638B2 (en) * 2002-12-20 2010-05-18 Renault S.A.S. Method for diagnosis of functional faults in a functional architecture
US7913232B2 (en) * 2003-02-21 2011-03-22 The Math Works, Inc. Certifying software for safety-critical systems
US8180466B2 (en) * 2003-11-21 2012-05-15 Rosemount Inc. Process device with supervisory overlayer
US7076350B2 (en) * 2003-12-19 2006-07-11 Lear Corporation Vehicle energy management system using prognostics

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6216252B1 (en) * 1990-04-06 2001-04-10 Lsi Logic Corporation Method and system for creating, validating, and scaling structural description of electronic device
EP1100007A2 (en) * 1999-08-13 2001-05-16 General Electric Company A method of optimizing a design project

Also Published As

Publication number Publication date
EP1706799A2 (en) 2006-10-04
JP2007528532A (en) 2007-10-11
DE602005006732D1 (en) 2008-06-26
ATE511669T1 (en) 2011-06-15
EP1555587B1 (en) 2011-06-01
EP1706799B1 (en) 2008-05-14
WO2005069089A2 (en) 2005-07-28
ATE395643T1 (en) 2008-05-15
US20070168096A1 (en) 2007-07-19
EP1555587A1 (en) 2005-07-20
US7694250B2 (en) 2010-04-06

Similar Documents

Publication Publication Date Title
WO2005069089A3 (en) Design of safety critical systems
WO2008017014A3 (en) Iso-parallel ups system configuration
US9428159B2 (en) Fail-safe parking brake for motor vehicles
EP1997703A3 (en) Redundant brake actuators for fail safe brake system
WO2008129597A1 (en) Load distribution system, node device, load distribution device, load distribution control program, load distribution program, and load distribution method
WO2004010646A3 (en) Fault diagnosis system
EP1617331A3 (en) Efficient changing of replica sets in distributed fault-tolerant computing system
WO2002084488A3 (en) An apparatus and method for two computing elements in a fault-tolerant server to execute instructions in lockstep
CN104714450A (en) Redundancy management algorithm of mechanical dual-redundancy and electrical triplex redundancy atmosphere data sensor
US8948960B2 (en) Systems and methods for arbitrating sensor and actuator signals in a multi-channel control system
JP2011048534A (en) Fault tolerant computer and power control method
JP2014002731A5 (en)
WO2006042775A3 (en) Method and device for redundancy control of electrical devices
US8370004B2 (en) Control panel for an aircraft
EP2214984B1 (en) Aircraft power failure simulation apparatus and method
EP0866389A3 (en) Replicated controller and fault recovery method thereof
US8892265B2 (en) Automatic ram air turbine deployment
WO2007064781A3 (en) Microprocessor memory management
CN109917897A (en) Redundancy board power-supply management system and method
CN110554978B (en) Safety computer platform realized by universal I/O module
WO2013053643A3 (en) Method for operating a control network, and control network
EP1669881A3 (en) Computer system, fault tolerant system using the same and operation control method and program thereof
WO2007023106A3 (en) Method for diagnosing technical systems
US20150350903A1 (en) Radio device with two radio units and a method for the transmission of information
CN202334558U (en) Bus redundant circuit

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2005708849

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2006548570

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

WWE Wipo information: entry into national phase

Ref document number: 1020067016057

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 2005708849

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020067016057

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 2007168096

Country of ref document: US

Ref document number: 10585934

Country of ref document: US

WWP Wipo information: published in national office

Ref document number: 10585934

Country of ref document: US

WWG Wipo information: grant in national office

Ref document number: 2005708849

Country of ref document: EP