CN101751532A - Selecting 2 from 3 logic hardware voting method for safety output of safety computer platform - Google Patents
Selecting 2 from 3 logic hardware voting method for safety output of safety computer platform Download PDFInfo
- Publication number
- CN101751532A CN101751532A CN200910155632A CN200910155632A CN101751532A CN 101751532 A CN101751532 A CN 101751532A CN 200910155632 A CN200910155632 A CN 200910155632A CN 200910155632 A CN200910155632 A CN 200910155632A CN 101751532 A CN101751532 A CN 101751532A
- Authority
- CN
- China
- Prior art keywords
- output
- negative
- voltage
- dynamic
- logic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 15
- 239000003990 capacitor Substances 0.000 description 14
- 101100277598 Sorghum bicolor DES3 gene Proteins 0.000 description 3
- 231100001261 hazardous Toxicity 0.000 description 3
- 230000008520 organization Effects 0.000 description 3
- 101000737578 Arabidopsis thaliana Bifunctional cystathionine gamma-lyase/cysteine synthase Proteins 0.000 description 2
- 101000952234 Homo sapiens Sphingolipid delta(4)-desaturase DES1 Proteins 0.000 description 2
- 101000918926 Homo sapiens Sphingolipid delta(4)-desaturase/C4-monooxygenase DES2 Proteins 0.000 description 2
- 102100037416 Sphingolipid delta(4)-desaturase DES1 Human genes 0.000 description 2
- 102100029473 Sphingolipid delta(4)-desaturase/C4-monooxygenase DES2 Human genes 0.000 description 2
- 239000002131 composite material Substances 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- WWJZWCUNLNYYAU-UHFFFAOYSA-N temephos Chemical compound C1=CC(OP(=S)(OC)OC)=CC=C1SC1=CC=C(OP(=S)(OC)OC)C=C1 WWJZWCUNLNYYAU-UHFFFAOYSA-N 0.000 description 1
Images
Landscapes
- Power Sources (AREA)
- Electronic Switches (AREA)
Abstract
The invention relates to a selecting 2 from 3 logic hardware voting method for safety output of a safety computer platform. Three independent dynamic outputs A, B and C are provided; the A and the B respectively output corresponding negative direct current voltages -VA and -VB after passing through two common dynamic-static deserializers, the -VA and the -VB output negative direct current voltages -VA+B after passing through a first logic or operation facility; the -VA+B and the C output negative direct current voltages -V(A+B)C after passing through a first logic or operation dynamic-static deserializer, the A and the -VB output negative direct current voltages -VAB after passing through a second logic or operation dynamic-static deserializer, and the -V(A+B)C and the -VAB output negative direct current voltages -V(AC+BC+AB) expressing A, B and C selecting 2 from 3 logic operation after passing through a second logic or operation facility. The invention provides a selecting 2 from 3 logic structure and a circuit implementing method on the basis that the signals are output dynamically, and meets the requirements on high reliability and safety of the safety computer platform to the output.
Description
Technical field
The present invention relates to a kind of computer failure-safety method, relate in particular to the fail-safe means of voting of exporting in a kind of safety computer platform.
Background technology
Reliability and security are that the most basic while of the important key equipment monitor control systems in field such as track traffic, aviation and petrochemical industry electric power also is topmost requirement.The reliability assurance system of system non-fault for a long time moves reliably, and security then guarantees any part failure to the safe side side under the situation of breaking down of system, and promptly its consequence can not cause the Monitoring and Controlling object to produce danger or heavy losses.Its core of the monitor control system of this high reliability and high security is a safety computer platform, because the output of this platform will be directly connected to correct, the trouble free service of controlling object, the output of safety computer platform is one of key component of system reliability and security.
The form of output signal has static output and dynamically exports two kinds, and the output of dynamic-form is better than static form in reliability and security.For guaranteeing reliability and security, output circuit adopts heat to be equipped with, 2 to get 2 and 3 and get 2 logical organizations usually, independent heat is equipped with the there be limited evidence currently of that requires that logical organization owing to be difficult to reaches higher reliability and security and is used, 2 get 2 and 3 gets 2 logical organizations characteristics is respectively arranged, 2 get 2 logical organizations often needs to use the reliability of the system that could guarantee and the composite request of security jointly with the hot backup redundancy structure of total system, and 3 get the composite request that 2 logical organizations can independently reach reliability and security, makes total system compact more, efficient by contrast.But 3 what get that 2 logical organizations at first must guarantee is the failure to the safe side characteristic of self, and common active logic device realizes 3, and to get 2 logics be simple, but often do not have the characteristic of failure to the safe side, can not realize that 3 get the reliability and the security of 2 logical organizations.
Summary of the invention
The present invention proposes the logical organization and the circuit implementation method of a kind of " 3 get 2 ", satisfy high reliability and the high security requirement of safety computer platform output.
A kind of " 3 get 2 " hardware means of voting of safety computer platform output signal comprises:
Some common dynamic-static deserializers are used for the dynamic pulse signal of input is converted to a negative DC level output, and the fixed level of importing is then remained zero level;
Some logical computing dynamic-static deserializers are used for the dynamic pulse signal of input is converted to a negative DC level output, and the input fixed level is then remained zero level, have simultaneously " with " the logical operation function;
Some diodes are used to form the logical "or" arithmetic facility;
Described means of voting comprises following process:
Independently dynamically export A, B and C for (1) three, will dynamically export A and obtain negative dc voltage output-V by the first common dynamic-static deserializer
A, will dynamically export the negative dc voltage output-V that B obtains by the second common dynamic-static deserializer
B
(2) with described negative dc voltage output-V
AWith-V
BBy obtaining negative dc voltage output-V behind the first logical "or" arithmetic facility of forming by first diode and second diode
A+B, wherein, negative dc voltage output-V
ABy first diode ,-V
BBy second diode;
(3) with described negative dc voltage output-V
A+BIndependently dynamically export C with another and obtain negative dc voltage output-V by the first logical computing dynamic-static deserializer
(A+B) C
(4) with negative dc voltage output-V
BIndependently dynamically export A and obtain negative dc voltage output-V by the second logical computing dynamic-static deserializer
AB
(5) with described negative dc voltage output-V
(A+B) CWith-V
(AB)By obtaining negative dc voltage output-V behind the second logical "or" arithmetic facility of forming by the 3rd diode and the 4th diode
(AC+BC+AB), realize " 3 get 2 " hardware voting of dynamically output; Wherein, negative dc voltage output-V
(A+B) CBy the 3rd diode, negative dc voltage output-V
(AB)By the 4th diode.
Described output signal is a dynamic-form, and promptly logical zero is a fixed level, and the expression relay falls, and logical one is a dynamic pulse, the expression relay energized.
Described dynamic-static deserializer is output as DC voltage, the corresponding input of no-voltage " 0 " logic, and the corresponding input of negative voltage " 1 " logic can not produce positive voltage output.
Two of described logical computing dynamic-static deserializer be input as dynamic input and " with " the logic input, wherein, " with " logic is input as DC voltage, no-voltage correspondence " 0 " logic, negative voltage correspondence " 1 " logic; Logical computing deserializer be output as dynamic input and " with " result that AND operation is carried out in logic input, represent no-voltage correspondence " 0 " logic, negative voltage correspondence " 1 " logic with DC voltage.
The principle of work of wherein common dynamic-static deserializer is, dynamically output signal A is input to P-MOS fet and N-MOS fet after first light-coupled isolation, when pulse signal is zero level, the conducting of P-MOS fet, the N-MOS fet is closed, power supply+V2 charges by P-MOS fet and first diode pair, first electric capacity, and the voltage when being full of on first electric capacity is approaching+V2; When pulse signal is positive level, the conducting of N-MOS fet, the P-MOS fet is closed, voltage on first electric capacity charges (belonging to discharge process concerning first electric capacity) by N-MOS fet and second diode pair, second electric capacity, and charging finishes when the voltage on second electric capacity equates with the voltage of first electric capacity.Through the charge and discharge process of a plurality of cycles of dynamic pulse to first electric capacity and second electric capacity, magnitude of voltage under no-load condition on second electric capacity can reach supply voltage+V2, but it should be noted that the voltage on second electric capacity is the DC voltage of bearing over the ground, and this negative DC voltage is the output of deserializer.When output signal A is fixed level, can not produce charge and discharge process to first electric capacity, second electric capacity, the voltage on second electric capacity is that output voltage is zero.A most important feature of deserializer is wherein any one element fault output that can not produce the guiding hazardous side, promptly negative DC voltage output.
Wherein have " with " the logical computing dynamic-static deserializer ultimate principle of logic function is identical with common dynamic-static deserializer, just increase the AND function that one second optocoupler is used for realizing its input A and DRV_B, DRV_B represents the signal of another output signal B through deserializer output, is negative dc voltage input.Deserializer output DRV_B is a negative dc voltage when output signal B is " 1 " logic, and output signal A can unstring by second optocoupler and the 3rd optocoupler, realizes the AND function with output signal B.
The logical organization and the circuit implementation method of " 3 get 2 " that the present invention proposes when satisfying safety computer platform the high reliability of output and high security are required, make total system compact more and efficient.
Description of drawings
Fig. 1 dynamically exports " 3 get 2 " hardware means of voting principle schematic for the present invention;
Fig. 2 is the common dynamic-static deserializer circuits of a present invention principle schematic;
Fig. 3 is a logical computing dynamic-static deserializer circuits principle schematic of the present invention;
Embodiment
Below in conjunction with accompanying drawing principle of the present invention and specific implementation method are further described.
The present invention adopts dynamic-form output signal and the corresponding dynamic-static deserializer with reliability and safety features, realizes " 3 get 2 " logic hardware voting of high reliability and high security output.
At first to common dynamic-static deserializer and have " with " principle of the logical computing dynamic-static deserializer of logic function does an explanation.The output signal of dynamic-form can be expressed as, and is fixed level when output is " 0 " logic, makes output drive relay and falls, and represents secure side, is dynamic pulse signal during " 1 " logic, is used for control output and drives relay energized, represents hazardous side.
The present invention adopt two common deserializer DES1 and DES2, two have " with " the logical computing dynamic-static deserializer DES3 and the DES4 of logic function, and four diode D1, D2, D3 and D4, wherein D1 and D2 constitute the first logical "or" arithmetic facility, D3 and D4 and constitute the second logical "or" arithmetic facility respectively.Two of described logical computing dynamic-static deserializer be input as dynamic input and " with " logic input, wherein, " with " logic is input as DC voltage, no-voltage correspondence " 0 " logic, negative voltage correspondence " 1 " logic; Logical computing deserializer be output as dynamic input and " with " result that AND operation is carried out in logic input, represent no-voltage correspondence " 0 " logic, negative voltage correspondence " 1 " logic with DC voltage.
As shown in Figure 1, independently dynamically export A, B and C for three, at first will export A and B and be output as corresponding negative dc voltage-V by the first common dynamic-static deserializer DES1 and the second common dynamic-static deserializer DES2 respectively
AWith-V
B,-V
AWith-V
BAfter the first logical "or" arithmetic facility computing of the first diode D1 and second diode D2 composition, be output as negative dc voltage-V respectively
A+BOutput A again with output C respectively by have " with " the first logical computing deserializer DES3 and the second logical computing deserializer DES4 of logic function, wherein DES3 " with " logic is input as-V
A+B, DES4 " with " logic is input as-V
BDES3 is output as expression output negative dc voltage-V
A+BWith output C " with " negative dc voltage-V after the logical operation
(A+B) C, DES4 is output as expression output A and output-V
B" with " negative dc voltage-V after the logical operation
ABAt last ,-V
(A+B) CWith-V
ABBe output as the negative dc voltage output-V of expression output A, B and C " 3 get 2 " logic through the second logical "or" arithmetic facility of the 3rd diode D3 and the 4th diode D4 composition
(AC+BC+AB), realize " 3 get 2 " hardware voting of dynamically output.
As shown in Figure 2, deserializer is realized the dynamic pulse signal of output is converted to a negative DC level, and the output fixed level is then remained zero level.Its principle of work is, dynamically output signal A is input to P-MOS fet Q1 and N-MOS fet Q2 after the first optocoupler O1 isolates, when pulse signal is zero level, P-MOS fet Q1 conducting, N-MOS fet Q2 closes, power supply+V2 charges to first capacitor C 1 by the P-MOS fet Q1 and the first diode D1, and the voltage when being full of on first capacitor C 1 is approaching+V2; When pulse signal is positive level, N-MOS fet Q2 conducting, P-MOS fet Q1 closes, voltage on first capacitor C 1 charges (first capacitor C 1 is belonged to discharge process) to second capacitor C 2 by the N-MOS fet Q2 and the second diode D2, and charging finishes when the voltage on second capacitor C 2 equates with the voltage of first capacitor C 1.Through the charge and discharge process of a plurality of cycles of dynamic pulse to first capacitor C 1 and second capacitor C 2, magnitude of voltage under no-load condition on second capacitor C 2 can reach supply voltage+V2, but it should be noted that the voltage on second capacitor C 2 is the DC voltage of bearing over the ground, and this negative DC voltage is the output of deserializer.When output signal A is fixed level, can not produce charge and discharge process to first capacitor C 1, second capacitor C 2, the voltage on second capacitor C 2 is that output voltage is zero.A most important feature of deserializer is wherein any one element fault output that can not produce the guiding hazardous side, promptly negative DC voltage output.
As shown in Figure 3, have " with " the logical computing dynamic-static deserializer ultimate principle of logic function is identical with the deserializer of Fig. 2, just increase the AND function that one second optocoupler O2 is used for realizing its input A and DRV_B, DRV_B represents the signal of another output signal B through deserializer output, is negative dc voltage input.Deserializer output DRV_B is a negative dc voltage when output signal B is " 1 " logic, and output signal A can unstring by the second optocoupler O2 and the 3rd optocoupler O3, realizes the AND function with output signal B.
Claims (4)
1. 3 of a safety computer platform safety output get 2 hardware means of votings, comprise following equipment:
Some common dynamic-static deserializers are used for the dynamic pulse signal of input is converted to a negative DC level output, and the fixed level of importing is then remained zero level;
Some logical computing dynamic-static deserializers are used for the dynamic pulse signal of input is converted to a negative DC level output, and the input fixed level is then remained zero level, have simultaneously " with " the logical operation function;
Some diodes are used to form the logical "or" arithmetic facility;
It is characterized in that: described means of voting comprises following process:
Independently dynamically export A, B and C for (1) three, will dynamically export A and obtain negative dc voltage output-V by the first common dynamic-static deserializer
A, will dynamically export the negative dc voltage output-V that B obtains by the second common dynamic-static deserializer
B
(2) with described negative dc voltage output-V
AWith-V
BBy obtaining negative dc voltage output-V behind the first logical "or" arithmetic facility of forming by first diode and second diode
A+B, wherein, negative dc voltage output-V
ABy first diode ,-V
BBy second diode;
(3) with described negative dc voltage output-V
A+BIndependently dynamically export C with another and obtain negative dc voltage output-V by the first logical computing dynamic-static deserializer
(A+B) C
(4) with negative dc voltage output-V
BIndependently dynamically export A and obtain negative dc voltage output-V by the second logical computing dynamic-static deserializer
AB
(5) with described negative dc voltage output-V
(A+B) CWith-V
(AB)By obtaining negative dc voltage output-V behind the second logical "or" arithmetic facility of forming by the 3rd diode and the 4th diode
(AC+BC+AB), realize " 3 get 2 " hardware voting of dynamically output; Wherein, negative dc voltage output-V
(A+B) CBy the 3rd diode, negative dc voltage output-V
(AB)By the 4th diode.
2. means of voting as claimed in claim 1 is characterized in that: the described dynamic-form that independently dynamically is output as, and logical zero is a fixed level, and the expression relay falls, and logical one is a dynamic pulse, the expression relay energized.
3. means of voting as claimed in claim 1 is characterized in that: described dynamic-static deserializer is output as DC voltage, the corresponding input of no-voltage " 0 " logic, the corresponding input of negative voltage " 1 " logic.
4. means of voting as claimed in claim 1, it is characterized in that: two of described logical computing dynamic-static deserializer be input as dynamic input and " with " the logic input, wherein, " with " logic is input as DC voltage, no-voltage correspondence " 0 " logic, negative voltage correspondence " 1 " logic; Logical computing dynamic-static deserializer be output as dynamic input and " with " result that AND operation is carried out in logic input, represent no-voltage correspondence " 0 " logic, negative voltage correspondence " 1 " logic with DC voltage.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101556324A CN101751532B (en) | 2009-12-18 | 2009-12-18 | Selecting 2 from 3 logic hardware voting method for safety output of safety computer platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101556324A CN101751532B (en) | 2009-12-18 | 2009-12-18 | Selecting 2 from 3 logic hardware voting method for safety output of safety computer platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101751532A true CN101751532A (en) | 2010-06-23 |
| CN101751532B CN101751532B (en) | 2012-12-05 |
Family
ID=42478504
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101556324A Expired - Fee Related CN101751532B (en) | 2009-12-18 | 2009-12-18 | Selecting 2 from 3 logic hardware voting method for safety output of safety computer platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101751532B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102306116A (en) * | 2011-07-06 | 2012-01-04 | 浙江大学 | Voting structure for two-out-of-three safety output in static mode and voting method thereof |
| CN103067202A (en) * | 2012-12-25 | 2013-04-24 | 卡斯柯信号有限公司 | Security arbitration voting system applicable to different calculation links |
| CN103986313A (en) * | 2014-04-21 | 2014-08-13 | 南京航空航天大学 | Bi-directional driving circuit and control method thereof |
| CN105446251A (en) * | 2016-01-18 | 2016-03-30 | 株洲南车时代电气股份有限公司 | A safety digital quantity input system and a signal processing method thereof |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE3208573C2 (en) * | 1982-03-10 | 1985-06-27 | Standard Elektrik Lorenz Ag, 7000 Stuttgart | 2 out of 3 selection device for a 3 computer system |
| CN1109416C (en) * | 2000-04-25 | 2003-05-21 | 华为技术有限公司 | Method and equipment for swapping active with standby switches |
-
2009
- 2009-12-18 CN CN2009101556324A patent/CN101751532B/en not_active Expired - Fee Related
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102306116A (en) * | 2011-07-06 | 2012-01-04 | 浙江大学 | Voting structure for two-out-of-three safety output in static mode and voting method thereof |
| CN102306116B (en) * | 2011-07-06 | 2013-09-11 | 浙江大学 | Voting structure for two-out-of-three safety output in static mode and voting method thereof |
| CN103067202A (en) * | 2012-12-25 | 2013-04-24 | 卡斯柯信号有限公司 | Security arbitration voting system applicable to different calculation links |
| CN103067202B (en) * | 2012-12-25 | 2016-05-04 | 卡斯柯信号有限公司 | Be applicable to the safety arbitration voting system between nonidentity operation link |
| CN103986313A (en) * | 2014-04-21 | 2014-08-13 | 南京航空航天大学 | Bi-directional driving circuit and control method thereof |
| CN103986313B (en) * | 2014-04-21 | 2017-01-04 | 南京航空航天大学 | A kind of drive circuit in bi-directional and control method thereof |
| CN105446251A (en) * | 2016-01-18 | 2016-03-30 | 株洲南车时代电气股份有限公司 | A safety digital quantity input system and a signal processing method thereof |
| CN105446251B (en) * | 2016-01-18 | 2018-08-24 | 湖南中车时代通信信号有限公司 | A kind of secure digital amount input system and its signal processing method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101751532B (en) | 2012-12-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104795834B (en) | A kind of Hybrid HVDC topological structure and control method | |
| US11031806B2 (en) | Uninterruptible power supply systems and methods using interconnected power routing units | |
| CN101751532B (en) | Selecting 2 from 3 logic hardware voting method for safety output of safety computer platform | |
| CN109274256A (en) | A kind of power module redundancy energy supply circuit and control method based on breakdown diode | |
| CN104787311A (en) | All-electric aircraft brake system and aircraft electric brake redundancy control method | |
| US10804696B2 (en) | Power distribution system and method | |
| CN103944227A (en) | Online active inverter discharging system for transformer substation storage battery | |
| CN103296692A (en) | Control device and method for putting converter station into flexible direct current power transmission system | |
| CN208508609U (en) | The power control circuit of uninterrupted power supply | |
| CN110649645B (en) | Quick turn-off device and photovoltaic power generation system applicable to same | |
| CN102355043A (en) | Multiple variable-frequency power supply combined power device with redundancy design | |
| CN113659605A (en) | Flexible direct power transmission IGCT-MMC sub-module redundant power supply system and method | |
| CN103048502B (en) | Control protection system of valve steady-state operation test device of shutoff device | |
| CN102195284B (en) | DC network management of driving system by using super capacitor | |
| CN102214918A (en) | High-reliability power supply system, method and frequency converter system | |
| CN207777068U (en) | A kind of wind power generating set theft-resistant link chain | |
| CN103000241B (en) | A kind of nuclear power station Emergency diesel adds the system and method for unloading steam turbine equipment | |
| CN206180697U (en) | N+1 computer case power supply monitoring devices | |
| CN101728837A (en) | Energy feedback system | |
| CN204205936U (en) | Based on the single supply supply unit of ComExpress module | |
| CN204424901U (en) | Drill ship DP3 closed loop PMS electric propulsion system | |
| CN107611982A (en) | A kind of detection control circuit and method for bypass contactor | |
| CN203381625U (en) | Train power converter | |
| CN104411531A (en) | Method for operating an electric traction drive system with a battery direct inverter and associated control apparatus | |
| CN106385093A (en) | Auxiliary power supply circuit applied on charging pile and auxiliary power supply system with same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121205 Termination date: 20141218 |
|
| EXPY | Termination of patent right or utility model |