CN106843022A - A kind of method for improving embedded control system output reliability - Google Patents
A kind of method for improving embedded control system output reliability Download PDFInfo
- Publication number
- CN106843022A CN106843022A CN201510882658.4A CN201510882658A CN106843022A CN 106843022 A CN106843022 A CN 106843022A CN 201510882658 A CN201510882658 A CN 201510882658A CN 106843022 A CN106843022 A CN 106843022A
- Authority
- CN
- China
- Prior art keywords
- data
- backup data
- state
- backup
- control system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/042—Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
- G05B19/0423—Input/output
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/21—Pc I-O input output
- G05B2219/21106—If specific I-O not updated in memory, priority access of I-O, data directly to microprocessor
Abstract
The invention provides a kind of method for improving embedded control system output reliability, it is characterised in that comprise the following steps:Step one:Data backup is when the state machine of embedded control system runs, the state of current state machine is backed up using the method for redundancy backup in real time in principal function, it is divided to two groups of storages in LAP Low Address Part and the high address section in RAM areas by Backup Data, every group of data are with respectively storage one time of true form and complement form, Backup Data frame format is referring to table 1, data include the sub- state of current operation, the order for receiving, the AD data of sampling, controlled output order;Step 2:Reset mode judges and state is recovered.
Description
Technical field
This patent belongs to embedded system, automation control area, be related to it is a kind of based on embedded control system output run fly after
Restoration methods.
Background technology
Embedded control system is widely used in the multiple fields such as medical treatment, telecommunications, space flight and aviation, automobile making, office, household electrical appliances,
Can control, strengthen, monitor and manage almost all of high technology equipment.
Because its range of application is wide, so can often in severe use environment, such as high/low temperature, high pressure, high frequency etc.,
Program is easily subject to electromagnetic interference and runs winged.
Embedded real-time control system based on state machine design, software is generally caught race using instruction redundancy and trap tech and flown
Program, and set house dog make software program after can reset again.After above measure is taken, embedded control system
Stability and reliability increase, but shortcoming is still present in actual use, the program for such as resetting causes state machine
Performed since original state, it is impossible to before being returned directly in normal sub- state, cause output to be interrupted, embedded control system
Task be destroyed.
The content of the invention
The invention discloses a kind of method for improving embedded control system output reliability, after software runs to fly, using common
After instruction redundancy and software trap and watchdog technique make embedded control system reset at program entry, by the method energy
In system is returned to normal state machine, and by the control logic stabilizing measures in outside CPLD chips, it is ensured that in system
During recovery, the output signal of embedded system state machine is maintained at software and runs the normal condition before flying so that control system it is defeated
Go out software run fly before, run fly when, recover after keep continual and steady.
The present invention in order to achieve the above object, adopts the technical scheme that a kind of side for improving embedded control system output reliability
Method, it is characterised in that comprise the following steps:
Step one:Data backup
When the state machine of embedded control system runs, the state of current state machine is used into redundancy backup in real time in principal function
Method backed up, by point of twice storage of Backup Data RAM areas LAP Low Address Part and high address section, every group of data are with true form
Respectively stored with complement form one time, referring to table 1, data include the sub- state of current operation, the life for receiving to Backup Data frame format
Order, the AD data of sampling, controlled output order;
Table 1
Step 2:Reset mode judges
Fly whenever embedded control system program occurs to run, and after being resetted by house dog or software trap, embedded Control
System brings into operation from program entry, is electrification reset or exceptional reset according to upper electricity sign judgement, if exceptional reset,
Then extract the data of backup and carry out state recovery according to the data of backup;If electrification reset, then system is according to normal state
Machine runs.
Further, the step of data of the extraction backup in step 2 are specially:Embedded Control system based on state machine design
System, judges the storage before resetting in LAP Low Address Part and the Backup Data validity of high address section,
The step of extraction in step 2 effective Backup Data, is specially:Embedded control system based on state machine design, sentences
It is fixed reset before storage in LAP Low Address Part and the Backup Data validity of high address section, specially:
1) calculate backup true form data in LAP Low Address Part verification and, if the verification and identical with storage in LAP Low Address Part, is carried out
Frame head is verified, and is jumped to 2);Backup Data is invalid in otherwise judging LAP Low Address Part, jumps to 4);
2) judge whether the frame head of Backup Data in LAP Low Address Part is consistent with the frame head of definition, unanimously then carries out complement code verification;Differ
Backup Data is invalid in causing then to judge LAP Low Address Part, jumps to 4);
3) judge whether the complement code verification of Backup Data in LAP Low Address Part is correct, and Backup Data is used as state in correctly then taking address field
The foundation that machine recovers, you can carry out state recovery;Backup Data is invalid in incorrect then judgement LAP Low Address Part, jumps to 4);
4) calculate storage in high address section the verification of Backup Data and, if the verification and identical with being stored in the section of location high, carry out
Frame head is verified, and is jumped to 5);Backup Data is invalid in otherwise judging location section high, the failure of this data recovery;
5) judge whether the frame head of Backup Data in location section high is consistent with the frame head of definition, unanimously then carries out complement code verification, jumps to
6);Inconsistent, Backup Data is invalid in judging location section high, the failure of this data recovery;
6) judge whether the radix-minus-one complement verification of Backup Data in location section high is correct, and Backup Data is used as state machine in correctly then taking location section high
The foundation of recovery, you can carry out state recovery;Incorrect, Backup Data is invalid in judging location section high, the failure of this data recovery.
Further, also including output lock step:
The control signal that embedded system state machine is exported is locked onto by upper one correct state by CPLD, control signal is used
Positive and inverse code is exported, and positive and inverse code is respectively written into CPLD in 2 discontinuous particular address registers, is designed by CPLD
D-latch latch and verify it is correct after, then export final control signal.
Further, judge it is concretely comprising the following steps for electrification reset or exceptional reset according to upper electricity sign:
1) judge whether the upper electricity sign in external RAM in address A and address B is value set in advance, is that then explanation is different
Often reset, jump to 2);Otherwise it is assumed that being electrifying startup, jump to 5);
2) system carries out state recovery;
3) state is successfully recovered, then jump to 4);It is unsuccessful, then jump to 6);
4) components of system as directed initialization, continues to run with the sub- state before programming jump to system reset, jumps to 7);
5) 6) value that electricity is indicated in setting in the address A and address B of external RAM, then jump to;
6) system is initialized comprehensively, i.e., brought into operation according to first upper electricity, then jumped to 7);
7) program is run in normal state machine.
The present invention be should be readily appreciated that and realize, state is increased in existing heavy-duty rectifier embedded control system interference protection measure
Machine recover and output lock function, improve the reliability of power-supply system, reduce caused due to output control signal mistake by
The probability of device damage is controlled, product fund and maintenance cost is saved.
Present invention control is more convenient, and it is strong that it expands performance, if need to apply in different embedded systems (such as single-chip microcomputer, DSP,
The systems such as ARM, FPGA), only code need to be modified with it is perfect, just can be transplanted, have a good application prospect and pass through
Ji value.
Brief description of the drawings
Fig. 1 reset mode decision flow charts;
Fig. 2 data validity determination methods;
Fig. 3 output control signals are locked.
Specific embodiment
Comprise the following steps:
Step one:Data backup
When the state machine of embedded control system runs, the state of current state machine is used into redundancy backup in real time in principal function
Method backed up, by point of twice storage of Backup Data RAM areas LAP Low Address Part and high address section, every group of data are with true form
Respectively stored with complement form one time, referring to table 1, data true form includes the sub- state of current operation to Backup Data frame format, receives
Host computer order, the AD data of sampling, switching on and shutting down signal condition;
Table 1
Step 2:Reset mode judges
Fly whenever embedded control system program occurs to run, and after being resetted by house dog or software trap, embedded Control
System brings into operation from program entry, is electrification reset or exceptional reset according to upper electricity sign judgement, if exceptional reset,
Then extract the data of backup and carry out state recovery according to the data of backup;If electrification reset, then system is according to normal state
Machine runs.
Also include output lock step:
The control signal that embedded system state machine is exported is locked onto by upper one correct state by CPLD, control signal is used
Positive and inverse code is exported, and positive and inverse code is respectively written into CPLD in 2 discontinuous particular address registers, is designed by CPLD
D-latch latch and verify it is correct after, then export final control signal.
Further, the step of data of the extraction backup in step 2 are specially:Embedded Control system based on state machine design
System, judges the storage before resetting in LAP Low Address Part and the Backup Data validity of high address section,
1) calculate backup true form data in LAP Low Address Part verification and, if the verification and identical with storage in LAP Low Address Part, is carried out
Frame head is verified, and is jumped to 2);Backup Data is invalid in otherwise judging LAP Low Address Part, jumps to 4);
2) judge whether the frame head of Backup Data in LAP Low Address Part is consistent with the frame head of definition, unanimously then carries out complement code verification;Differ
Backup Data is invalid in causing then to judge LAP Low Address Part, jumps to 4);
3) judge whether the complement code verification of Backup Data in LAP Low Address Part is correct, and Backup Data is used as state in correctly then taking address field
The foundation that machine recovers, you can carry out state recovery;Backup Data is invalid in incorrect then judgement LAP Low Address Part, jumps to 4);
4) calculate storage in high address section the verification of Backup Data and, if the verification and identical with being stored in the section of location high, carry out
Frame head is verified, and is jumped to 5);Backup Data is invalid in otherwise judging location section high, the failure of this data recovery;
5) judge whether the frame head of Backup Data in location section high is consistent with the frame head of definition, unanimously then carries out complement code verification, jumps to
6);Inconsistent, Backup Data is invalid in judging location section high, the failure of this data recovery;
6) judge whether the radix-minus-one complement verification of Backup Data in location section high is correct, and Backup Data is used as state machine in correctly then taking location section high
The foundation of recovery, you can carry out state recovery;Incorrect, Backup Data is invalid in judging location section high, the failure of this data recovery.
Judge it is concretely comprising the following steps for electrification reset or exceptional reset according to upper electricity sign:
1) judge whether the upper electricity sign in external RAM in address A and address B is value set in advance, is that then explanation is different
Often reset, jump to 2);Otherwise it is assumed that being electrifying startup, jump to 5);
2) system carries out state recovery;
3) state is successfully recovered, then jump to 4);It is unsuccessful, then jump to 6);
4) components of system as directed initialization, continues to run with the sub- state before programming jump to system reset, jumps to 7);
5) 6) value that electricity is indicated in setting in the address A and address B of external RAM, then jump to;
6) system is initialized comprehensively, i.e., brought into operation according to first upper electricity, then jumped to 7);
7) program is run in normal state machine.
Specific embodiment:
Backup flow
1) initial address in Backup Data region is set to the 0x0020 and 0x00f0 of external RAM;
2) Backup Data is gathered, data include the sub- state of current operation, and the order for receiving, the AD data of sampling, control are defeated
Go out order, frame format is as shown in table 1;
3) calculate verification and carry is cast out;
4) frame head is set to 0x55, stores in specified address data true form according to the frame format of table 1;
5) whether 2 backups of address field all complete, no, jump to 1;It is to complete, returns to major cycle.
Fig. 2 reset modes judge
1) system 00h from program entry brings into operation;
2) judge upper electricity sign in external RAM address 0000h and 0001h whether 55h set in advance and AAh, be to jump
Go to 3;Otherwise jump to 6);
3) system carries out state recovery;
4) state is successfully recovered, then jump to 5);It is unsuccessful, then jump to 7);
5) components of system as directed initialization, continues to run with the sub- state before programming jump to system reset, jumps to 8);
6) electricity sign 55h and AAh is set up in the address 0000h and 0001h of external RAM, is jumped to 7);
7) system is initialized comprehensively, i.e., brought into operation according to first upper electricity, then jumped to 8);
8) program is run in normal state machine.
Claims (4)
1. it is a kind of improve embedded control system output reliability method, it is characterised in that comprise the following steps:
Step one:Data backup
When the state machine of embedded control system runs, the state of current state machine is used into redundancy backup in real time in principal function
Method backed up, by Backup Data be divided to two groups of storages RAM areas LAP Low Address Part and high address section, every group of data are with true form
Respectively stored with complement form one time, referring to table 1, data include the sub- state of current operation, the life for receiving to Backup Data frame format
Order, the AD data of sampling, controlled output order;
Table 1
Step 2:Reset mode judges and state is recovered
Fly whenever embedded control system program occurs to run, and after being resetted by house dog or software trap, embedded Control
System brings into operation from program entry, is electrification reset or exceptional reset according to upper electricity sign judgement, if exceptional reset,
Then extract effective Backup Data and state recovery is carried out according to effective Backup Data;If electrification reset, then system is according to just
Normal state machine operation.
2. it is according to claim 1 improve embedded control system output reliability method, it is characterised in that step 2
In extraction effective Backup Data the step of be specially:Judge the storage before resetting in LAP Low Address Part and the backup number of high address section
According to validity, specially:
1) calculate backup true form data in LAP Low Address Part verification and, if the verification and identical with storage in LAP Low Address Part, is carried out
Frame head is verified, and is jumped to 2);Backup Data is invalid in otherwise judging LAP Low Address Part, jumps to 4);
2) judge whether the frame head of Backup Data in LAP Low Address Part is consistent with the frame head of definition, unanimously then carries out complement code verification;Differ
Backup Data is invalid in causing then to judge LAP Low Address Part, jumps to 4);
3) judge whether the complement code verification of Backup Data in LAP Low Address Part is correct, and Backup Data is used as state in correctly then taking address field
The foundation that machine recovers, you can carry out state recovery;Backup Data is invalid in incorrect then judgement LAP Low Address Part, jumps to 4);
4) calculate storage in high address section the verification of Backup Data and, if the verification and identical with being stored in the section of location high, carry out
Frame head is verified, and is jumped to 5);Backup Data is invalid in otherwise judging location section high, the failure of this data recovery;
5) judge whether the frame head of Backup Data in location section high is consistent with the frame head of definition, unanimously then carries out complement code verification, jumps to
6);Inconsistent, Backup Data is invalid in judging location section high, the failure of this data recovery;
6) judge whether the radix-minus-one complement verification of Backup Data in location section high is correct, and Backup Data is used as state machine in correctly then taking location section high
The foundation of recovery, you can carry out state recovery;Incorrect, Backup Data is invalid in judging location section high, the failure of this data recovery.
3. it is according to claim 2 improve embedded control system output reliability method, it is characterised in that according to upper
Electricity sign judges it is concretely comprising the following steps for electrification reset or exceptional reset:
1) judge whether the upper electricity sign in external RAM in address A and address B is value set in advance, is that then explanation is different
Often reset, jump to 2);Otherwise it is assumed that being electrifying startup, jump to 5);
2) system carries out state recovery;
3) state is successfully recovered, then jump to 4);It is unsuccessful, then jump to 6);
4) components of system as directed initialization, continues to run with the sub- state before programming jump to system reset, jumps to 7);
5) 6) value that electricity is indicated in setting in the address A and address B of external RAM, then jump to;
6) system is initialized comprehensively, i.e., brought into operation according to first upper electricity, then jumped to 7);
7) program is run in normal state machine.
4. it is according to claim 1 improve embedded control system output reliability method, it is characterised in that also include
Output lock step:
The control signal that embedded system state machine is exported is locked onto by upper one correct state by CPLD, control signal is used
Positive and inverse code is exported, and positive and inverse code is respectively written into CPLD in 2 discontinuous particular address registers, is designed by CPLD
D-latch latch and verify it is correct after, then export final control signal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510882658.4A CN106843022A (en) | 2015-12-03 | 2015-12-03 | A kind of method for improving embedded control system output reliability |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510882658.4A CN106843022A (en) | 2015-12-03 | 2015-12-03 | A kind of method for improving embedded control system output reliability |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106843022A true CN106843022A (en) | 2017-06-13 |
Family
ID=59150061
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510882658.4A Pending CN106843022A (en) | 2015-12-03 | 2015-12-03 | A kind of method for improving embedded control system output reliability |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106843022A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111736453A (en) * | 2020-06-18 | 2020-10-02 | 西安微电子技术研究所 | Method and circuit structure for controlling abnormal instruction output |
| CN111935112A (en) * | 2020-07-29 | 2020-11-13 | 深圳市安车检测股份有限公司 | Serial-based cross-network data safety ferrying equipment and method |
| CN114816581A (en) * | 2022-05-20 | 2022-07-29 | 中国电子科技集团公司第三十研究所 | Dynamic loading method of no-operating-system algorithm based on ARM processor |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103678028A (en) * | 2013-12-16 | 2014-03-26 | 重庆川仪自动化股份有限公司 | RAM internal storage detection method and device |
| CN104598330A (en) * | 2013-10-30 | 2015-05-06 | 中国航空工业集团公司第六三一研究所 | Data storage and verification method based on dual backup |
-
2015
- 2015-12-03 CN CN201510882658.4A patent/CN106843022A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104598330A (en) * | 2013-10-30 | 2015-05-06 | 中国航空工业集团公司第六三一研究所 | Data storage and verification method based on dual backup |
| CN103678028A (en) * | 2013-12-16 | 2014-03-26 | 重庆川仪自动化股份有限公司 | RAM internal storage detection method and device |
Non-Patent Citations (3)
| Title |
|---|
| 刘刚等: "一种单片机系统中的软件快速恢复设计", 《绵阳师范学院学报》 * |
| 穆平安等: "单片机应用系统的自动恢复技术", 《上海理工大学学报》 * |
| 马荩等: "基于C8051单片机的崩溃-恢复机制设计", 《工业控制计算机》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111736453A (en) * | 2020-06-18 | 2020-10-02 | 西安微电子技术研究所 | Method and circuit structure for controlling abnormal instruction output |
| CN111736453B (en) * | 2020-06-18 | 2023-06-06 | 西安微电子技术研究所 | Method and circuit structure for controlling abnormal instruction output |
| CN111935112A (en) * | 2020-07-29 | 2020-11-13 | 深圳市安车检测股份有限公司 | Serial-based cross-network data safety ferrying equipment and method |
| CN111935112B (en) * | 2020-07-29 | 2024-02-23 | 深圳市安车检测股份有限公司 | Cross-network data security ferrying device and method based on serial |
| CN114816581A (en) * | 2022-05-20 | 2022-07-29 | 中国电子科技集团公司第三十研究所 | Dynamic loading method of no-operating-system algorithm based on ARM processor |
| CN114816581B (en) * | 2022-05-20 | 2023-06-02 | 中国电子科技集团公司第三十研究所 | ARM processor-based non-operating system algorithm dynamic loading method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20170109235A1 (en) | Baseboard management controller recovery | |
| CN111352338B (en) | Dual-redundancy flight control computer and redundancy management method | |
| CN107122321A (en) | Hardware restorative procedure, hardware repair system and embodied on computer readable storage device | |
| US20130031420A1 (en) | Collecting Debug Data in a Secure Chip Implementation | |
| CN105094876B (en) | The upgrade processing method of CPLD, device and system | |
| CN104461594B (en) | The upgrade method and device of embedded OS | |
| CN105740139B (en) | A kind of debugging embedded software method based on virtual environment | |
| CN103257922B (en) | A kind of method of quick test BIOS and OS interface code reliability | |
| CN101937344B (en) | Computer and method for quickly starting same | |
| CN106843022A (en) | A kind of method for improving embedded control system output reliability | |
| CN104077220A (en) | Method and device for debugging microprocessor without interlocked piped stages (MIPS) framework operating system kernel | |
| WO2014183557A1 (en) | Star sensor in-orbit maintenance method | |
| CN104081311A (en) | Apparatus and method for managing operation of a mobile device | |
| CN103677897A (en) | System chip and programming method of system chip | |
| WO2015119950A1 (en) | Diagnostic systems and methods of finite state machines | |
| CN105468390A (en) | BOOT online upgrade apparatus and method | |
| CN110187922B (en) | Method, device, equipment and storage medium for setting and verifying BIOS (basic input output System) parameters | |
| CN104750600A (en) | Equipment state recording method and equipment state recording system | |
| CN105607945A (en) | Asynchronous monitoring interception system and method of host behavior on the basis of virtualization | |
| CN103890713A (en) | Apparatus and method for managing register information in a processing system | |
| CN107766247A (en) | Bootloader method of testing, device and readable storage medium storing program for executing | |
| CN105068969B (en) | Single particle effect guard system and method for digital signal processing platform framework | |
| CN106372498A (en) | Software protection method and device | |
| CN106933604A (en) | A kind of method for upgrading system and device | |
| CN105824650A (en) | Computer system, adaptive dormancy control module and control method for same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170613 |
|
| WD01 | Invention patent application deemed withdrawn after publication |