CN105786637A - Processing method for security computer platform software in abnormal state - Google Patents
Processing method for security computer platform software in abnormal state Download PDFInfo
- Publication number
- CN105786637A CN105786637A CN201610149827.8A CN201610149827A CN105786637A CN 105786637 A CN105786637 A CN 105786637A CN 201610149827 A CN201610149827 A CN 201610149827A CN 105786637 A CN105786637 A CN 105786637A
- Authority
- CN
- China
- Prior art keywords
- peripheral hardware
- main frame
- described main
- abnormal condition
- computer platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0706—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0751—Error or fault detection not based on redundancy
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0766—Error or fault reporting or storing
- G06F11/0778—Dumping, i.e. gathering error/state information after a fault for later diagnosis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0796—Safety measures, i.e. ensuring safe condition in the event of error, e.g. for controlling element
Abstract
The invention discloses a processing method for security computer platform software in an abnormal state.A security computer platform comprises a host and a peripheral.The host is configured in the mode that a response is made to determine that the host gets into the abnormal state, and a downtime instruction is sent to the peripheral; failure information is recorded; the recorded failure information is transmitted to a specified channel; after the recorded failure information is transmitted to the specified channel, the communication function between the host and the peripheral is cut off.The peripheral is configured in the mode that a response is made to determine that the peripheral gets into the abnormal state, and external information collecting and output functions of the peripheral are cut off; failure information is recorded; the recorded failure information is transmitted to the host; after the recorded failure information is transmitted to the host, the communication function between the peripheral and the host is cut off.
Description
Technical field
The present invention relates to rail traffic signal system, more particularly, to the processing method under safety computer platform software abnormal condition.
Background technology
Along with safe and reliable and automaticity are required raising day by day by the constantly progressive of technology and Rail Transit System, signaling system, as the core realm of Rail Transit System, has become more and more important, and its technical sophistication degree is also more and more higher.And for rail traffic signal system onboard control device and ground installation, no matter it is city rail traffic signal system or main line railway signaling system, no matter it is CTCS1 level, CTCS2 level row control equipment or CTCS3 level, CTCS4 level train control system, all there is a common core key technology, it is simply that railway signal fail-safe computer technology.This core technology is part the weakest in current domestic signal field, is also the part controlling to be difficult to most in system import process real technology transfer at main line railway and city railway train.Although domestic relevant enterprise has been carried out corresponding research and development and has obtained certain progress in technology with product in this field, but from the strict sense, formed yet and meet international railway safety criterion and meet fail-safe computer technology and the product platform of versatility requirement, key technology and product still dependence on import.It is therefore desirable to from strategy the long-range consideration of angle, key technology using fail-safe computer as rail traffic signal system primary study, with the thinking of technology Yu product platform, make and meet international railway signals security standard and there is the common orbit traffic signal safety computer platform of Chinese independent intellectual property right.
Current safety computer platform common design is plug-in type, and the process of information is responsible for by main frame, and peripheral hardware is responsible for external signal, the collection of data and transmission.The information of collection is converted to the data of certain format by peripheral hardware, and sends these data to the main frame plug-in unit of platform.Main frame plug-in unit is responsible for receiving the data of peripheral hardware, sends data to peripheral hardware after processing.As shown in fig. 1, main frame is communicated with multiple peripheral hardware plug-in units by network.Peripheral hardware plug-in unit may include but be not limited to shunt interface card, digital-to-analogue conversion plug-in unit, satellite fix plug-in unit, level conversion plug-in unit, power insert etc..
Current safety computer platform software, under abnormal condition, is typically designed as and is directly directed to secure side.Secure side implements different, it is however generally that include following two mode: 1) cut off the collection to external signal and output;2) correspondence with foreign country is cut off.In actual applications, failure logging, before failure to the safe side side, can be deposited to nonvolatile memory (in Flash and hard disk) by software, and each fault diagnosis is required for obtaining failure logging from each plug-in unit, causes great difficulty to fault diagnosis.This invention address that the storage of failure logging and transmission means so that safety computer platform can carry out fault diagnosis easily.
Under prior art, it does not have the method obtaining fault data simply, easily, and system cannot accomplish real-time diagnosis.It is contemplated that when ensureing platform safety, construct a kind of simply, the method for transmission fault data easily.
Summary of the invention
There is provided present invention to introduce some concepts that will further describe in the following specific embodiments in simplified form.Present invention is not intended to the key feature or essential feature that identify theme required for protection, is intended to be used to assist in the scope of theme required for protection.
A kind of method that the invention provides abnormal condition for processing safety computer platform, described safety computer platform includes main frame and one or more peripheral hardware, and described method includes: described peripheral hardware determines whether described peripheral hardware enters abnormal condition;In response to determining that described peripheral hardware enters abnormal condition, described peripheral hardware cuts off the external information collection of described peripheral hardware, output function;Described peripheral hardware record trouble information;The transmitting fault information that records is given described main frame by described peripheral hardware;And after the fault message recorded is transferred to described main frame, described peripheral hardware cuts off the communication function with described main frame.After described method is additionally included in the communication function that described peripheral hardware cuts off with described main frame, described peripheral hardware enters software trap.Described main frame receive from after the fault message of described peripheral hardware, by described transmitting fault information to the passage specified, the wherein said passage specified includes fault diagnosis server.
A kind of method that present invention also offers abnormal condition for processing safety computer platform, described safety computer platform includes main frame and peripheral hardware, and described method includes: described main frame determines whether described main frame enters abnormal condition;In response to determining that described main frame enters abnormal condition, described main frame sends, to described peripheral hardware, machine instruction of delaying;Described host record fault message;Described main frame is by the transmitting fault information recorded to the passage specified;And after the fault message recorded is transferred to the described passage specified, described main frame cuts off the communication function with described peripheral hardware.After described method may additionally include the communication function that described main frame cuts off with described peripheral hardware, described main frame enters software trap.The described passage specified includes fault diagnosis server.
Present invention also offers a kind of safety computer platform, described safety computer platform includes: main frame, and described main frame is configured to: in response to determining that described main frame enters abnormal condition, send, to described peripheral hardware, machine instruction of delaying;Record trouble information;By the transmitting fault information recorded to the passage specified;And after the fault message recorded is transferred to the described passage specified, cut off the communication function with described peripheral hardware;And with one or more peripheral hardwares of coupling of main-machine communication ground, each peripheral hardware in the one or more peripheral hardware is configured to: in response to determining that described peripheral hardware enters abnormal condition, cut off the external information collection of described peripheral hardware, output function;Record trouble information;Described main frame is given by the transmitting fault information that records;And after the fault message recorded is transferred to described main frame, cut off the communication function with described main frame.Described main frame be further configured to receive from after the fault message of described peripheral hardware, by described transmitting fault information to the described passage specified, the wherein said passage specified includes fault diagnosis server.
By reading detailed description below and with reference to the accompanying drawing that is associated, these and other feature and advantage will become clear from.It should be understood that general description and detailed description below above are merely exemplary, each side required for protection will not be formed restriction.
Accompanying drawing explanation
In order to enable the mode understood in detail used by the features described above of the present invention, it is possible to reference to each embodiment, the content summarized briefly above being more particularly described, some of them aspect is shown in the drawings.It should be noted, however, that accompanying drawing illustrate only some typical pattern of the present invention, therefore it is not construed as limiting its scope, because this description allows for other equivalent effective aspect.
Fig. 1 is the structural representation of security platform according to an embodiment of the invention.
Fig. 2 is the flow chart of the processing method of peripheral hardware software abnormal condition in prior art.
Fig. 3 is the flow chart of the exemplary processing method of peripheral hardware software abnormal condition according to an embodiment of the invention.
Fig. 4 is the flow chart of the processing method of host software abnormal condition in prior art.
Fig. 5 is the flow chart of the exemplary processing method of host software abnormal condition according to an embodiment of the invention.
Detailed description of the invention
The present invention being described in detail below in conjunction with accompanying drawing, the feature of the present invention will be further apparent in following specific descriptions.
The invention mainly relates to two kinds of softwares: host software and peripheral hardware software.Individually below invention is described in detail by two kinds of softwares.
Fig. 2 is the flow chart of the processing method of peripheral hardware software abnormal condition in prior art.When a peripheral hardware of security platform determines that it enters abnormal condition, this peripheral hardware cuts off external information collection, output function immediately, and cut off and main-machine communication function, it is therefore intended that make the plug-in unit abnormal condition will not the data of outside output error, it is ensured that the safety of system.As mentioned above, in the nonvolatile memory (such as Flash or hard disk) that failure logging is deposited to non-peripheral hardware place by peripheral hardware subsequently.After have recorded fault, enter software trap.Software trap is the known program debugging technology of computer software fields, by arranging key instruction, guides the program of make a mistake (such as disorderly flying) into an address specified by force, has one section of special program processed that program is made mistakes there.
Fig. 3 is the flow chart of the exemplary processing method of peripheral hardware software abnormal condition according to an embodiment of the invention.Similarly to the prior art, when a peripheral hardware of security platform determines that it enters abnormal condition, this peripheral hardware cuts off external information collection, output function immediately.But, unlike the prior art, in the method for the present invention, peripheral hardware software does not now cut off the communication function with main frame immediately.Alternatively, peripheral hardware software records fault, and by transmitting fault information to main frame.After transmitting fault information completes, peripheral hardware cuts off the communication function with main frame.Afterwards, similarly to the prior art, software trap is entered to process erroneous procedures.
After main frame receives the fault data of peripheral hardware software, it is possible to immediately by fault data transmission to the passage (such as outside fault diagnosis server) specified, thus realizing inline diagnosis function.
Fig. 4 is the flow chart of the processing method of host software abnormal condition in prior art.When security platform main frame determines that it enters abnormal condition, main frame sends to peripheral hardware and delays machine instruction, and cuts off and peripheral communication function, it is therefore intended that the abnormal condition making system will not the data of outside output error, it is ensured that the safety of system.Main frame is record trouble data subsequently, subsequently enter software trap.
Fig. 5 is the flow chart of the exemplary processing method of host software abnormal condition according to an embodiment of the invention.Similarly to the prior art, when security platform main frame determines that it enters abnormal condition, main frame sends, to peripheral hardware, machine instruction of delaying.But, unlike the prior art, in the method for the present invention, main frame does not now cut off the communication function with peripheral hardware immediately.Alternatively, host software record trouble data, and send fault data to dedicated tunnel.After transmitting fault information completes, main frame cuts off the communication function with peripheral hardware again.Afterwards, similarly to the prior art, host software enters software trap to process erroneous procedures.
More than respectively describe handling process when main frame and peripheral hardware entrance abnormal condition.Compared with prior art, software fault data (especially the fault data of peripheral side) are recorded centrally in fault diagnosis server by the present invention, rather than record is local at each peripheral hardware.Thus, both can facilitate implementation inline diagnosis function, obtain failure logging from each peripheral hardware plug-in unit respectively again without each fault diagnosis.
The content having been described above includes the example of each side of claimed subject.Certainly; describe for describing the purpose of claimed subject each it is contemplated that assembly or the combination of method be impossible; but one of ordinary skilled in the art is it should be appreciated that many further combinations and permutations of claimed subject are all possible.Thus, disclosed theme is intended to all such change, the modifications and variations that fall in the spirit and scope of appended claims.
Claims (10)
1. the method for processing the abnormal condition of safety computer platform, described safety computer platform includes main frame and one or more peripheral hardware, it is characterised in that described method includes:
Described peripheral hardware determines whether described peripheral hardware enters abnormal condition;
In response to determining that described peripheral hardware enters abnormal condition, described peripheral hardware cuts off the external information collection of described peripheral hardware, output function;
Described peripheral hardware record trouble information;
The transmitting fault information that records is given described main frame by described peripheral hardware;And
After the fault message recorded is transferred to described main frame, described peripheral hardware cuts off the communication function with described main frame.
2. the method for claim 1, it is characterised in that described method also includes:
After the communication function that described peripheral hardware cuts off with described main frame, described peripheral hardware enters software trap.
3. the method for claim 1, it is characterised in that described method also includes:
Described main frame receive from after the fault message of described peripheral hardware, by described transmitting fault information to the passage specified.
4. method as claimed in claim 3, it is characterised in that the described passage specified includes fault diagnosis server.
5. the method for processing the abnormal condition of safety computer platform, described safety computer platform includes main frame and peripheral hardware, it is characterised in that described method includes:
Described main frame determines whether described main frame enters abnormal condition;
In response to determining that described main frame enters abnormal condition, described main frame sends, to described peripheral hardware, machine instruction of delaying;
Described host record fault message;
Described main frame is by the transmitting fault information recorded to the passage specified;And
After the fault message recorded is transferred to the described passage specified, described main frame cuts off the communication function with described peripheral hardware.
6. method as claimed in claim 5, it is characterised in that described method also includes:
After the communication function that described main frame cuts off with described peripheral hardware, described main frame enters software trap.
7. method as claimed in claim 5, it is characterised in that the described passage specified includes fault diagnosis server.
8. a safety computer platform, it is characterised in that described safety computer platform includes:
Main frame, described main frame is configured to:
In response to determining that described main frame enters abnormal condition, send, to described peripheral hardware, machine instruction of delaying;
Record trouble information;
By the transmitting fault information recorded to the passage specified;And
After the fault message recorded is transferred to the described passage specified, cut off the communication function with described peripheral hardware;And
With one or more peripheral hardwares of coupling of main-machine communication ground, each peripheral hardware in the one or more peripheral hardware is configured to:
In response to determining that described peripheral hardware enters abnormal condition, cut off the external information collection of described peripheral hardware, output function;
Record trouble information;
Described main frame is given by the transmitting fault information that records;And
After the fault message recorded is transferred to described main frame, cut off the communication function with described main frame.
9. safety computer platform as claimed in claim 8, it is characterised in that described main frame be further configured to receive from after the fault message of described peripheral hardware, by described transmitting fault information to the described passage specified.
10. method as claimed in claim 8 or 9, it is characterised in that the described passage specified includes fault diagnosis server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610149827.8A CN105786637A (en) | 2016-03-16 | 2016-03-16 | Processing method for security computer platform software in abnormal state |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610149827.8A CN105786637A (en) | 2016-03-16 | 2016-03-16 | Processing method for security computer platform software in abnormal state |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105786637A true CN105786637A (en) | 2016-07-20 |
Family
ID=56392812
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610149827.8A Pending CN105786637A (en) | 2016-03-16 | 2016-03-16 | Processing method for security computer platform software in abnormal state |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105786637A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7233879B1 (en) * | 2006-05-09 | 2007-06-19 | Toyota Technical Center Usa, Inc. | System and method of agent self-repair within an intelligent agent system |
| CN102355682A (en) * | 2011-06-29 | 2012-02-15 | 中国联合网络通信集团有限公司 | Sensor adapting method, sensor adapting device and IOT (Internet Of Things) system |
| CN103472776A (en) * | 2013-08-26 | 2013-12-25 | 株洲南车时代电气股份有限公司 | Safety control method and safety control system for communication interruption of upper computer and lower computer |
| CN103931227A (en) * | 2011-11-11 | 2014-07-16 | 日本电气株式会社 | Wireless transmission device, failure-information forwarding method, and failure-information notification method |
| CN104260094A (en) * | 2014-09-16 | 2015-01-07 | 深圳市佳晨科技有限公司 | Robot fault processing system and robot fault processing method |
-
2016
- 2016-03-16 CN CN201610149827.8A patent/CN105786637A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7233879B1 (en) * | 2006-05-09 | 2007-06-19 | Toyota Technical Center Usa, Inc. | System and method of agent self-repair within an intelligent agent system |
| CN102355682A (en) * | 2011-06-29 | 2012-02-15 | 中国联合网络通信集团有限公司 | Sensor adapting method, sensor adapting device and IOT (Internet Of Things) system |
| CN103931227A (en) * | 2011-11-11 | 2014-07-16 | 日本电气株式会社 | Wireless transmission device, failure-information forwarding method, and failure-information notification method |
| CN103472776A (en) * | 2013-08-26 | 2013-12-25 | 株洲南车时代电气股份有限公司 | Safety control method and safety control system for communication interruption of upper computer and lower computer |
| CN104260094A (en) * | 2014-09-16 | 2015-01-07 | 深圳市佳晨科技有限公司 | Robot fault processing system and robot fault processing method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8714494B2 (en) | Railway train critical systems having control system redundancy and asymmetric communications capability | |
| CN107968775B (en) | Data processing method and device, computer equipment and computer readable storage medium | |
| EP1987632B1 (en) | Communication system and method for making busses limited to a linear topology extensible to other topologies | |
| CN103838189B (en) | CAN communication monitoring protector and vehicle | |
| EP3662601A1 (en) | Concept for the unidirectional transmission of data | |
| CN103158739B (en) | Method and device for dynamically handling railway track bad shunting | |
| DE102020123831A1 (en) | Concept for supporting an at least partially automated motor vehicle | |
| EP3732913A1 (en) | Control unit and method for the tamper-proof detection of operational safety-related integrity monitoring data | |
| US20170097915A1 (en) | Avionics system of an aircraft comprising line replaceable units that can exchange messages between them and device for monitoring such an avionics system | |
| CN104794086B (en) | A kind of serial communication method of the security system of serial communication and safety | |
| RU2572284C1 (en) | Data communication system for locomotive systems with critical information server using electronic signature | |
| Bezzateev et al. | Joint safety and security analysis for complex systems | |
| CN105786637A (en) | Processing method for security computer platform software in abnormal state | |
| EP3131804B1 (en) | Railway safety critical systems with task redundancy and asymmetric communications capability | |
| KR102138143B1 (en) | Method for analyzing protocol and automatic train protection display using the same | |
| CN105446251A (en) | A safety digital quantity input system and a signal processing method thereof | |
| SE439616B (en) | DEVICE FOR TRANSMISSION OF BINER CODED INFORMATION FOR REMOTE CONTROL OF A SWITCH | |
| CN105460026A (en) | Safety isolation and protection system of locomotive | |
| WO2019091074A1 (en) | Leu processing board | |
| WO2022049895A1 (en) | Abnormality monitoring device and abnormality monitoring method | |
| CN105245426A (en) | Platform plug-in having board position identification function | |
| KR102002395B1 (en) | CCTV and Lane Control System for Checking Operation Status Installed in Road and Tunnel | |
| CN105184171A (en) | Modules, running method and information processing devices of secure computer platform file system | |
| KR102094256B1 (en) | Track circuit for various/multiple information telegram transmission and control method thereof | |
| CN108216314A (en) | The distributed remote IO of global function distribution interlock system is realized and communication means |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: The age of 412001 in Hunan Province, Zhuzhou Shifeng District Road Applicant after: ZHUZHOU CRRC TIMES ELECTRIC Co.,Ltd. Address before: The age of 412001 in Hunan Province, Zhuzhou Shifeng District Road No. 169 Applicant before: ZHUZHOU CSR TIMES ELECTRIC Co.,Ltd. |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20170704 Address after: 410100 Hunan economic and Technological Development Zone, Changsha Province, the people of the East Road, No. 7, building 21, floor Applicant after: HUNAN CRRC TIMES SIGNAL & COMMUNICATION Co.,Ltd. Address before: The age of 412001 in Hunan Province, Zhuzhou Shifeng District Road Applicant before: ZHUZHOU CRRC TIMES ELECTRIC Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160720 |