EP3111283A1 - Verfahren zur betätigung eines sicheren schaltelements einer anlage - Google Patents
Verfahren zur betätigung eines sicheren schaltelements einer anlageInfo
- Publication number
- EP3111283A1 EP3111283A1 EP15707322.2A EP15707322A EP3111283A1 EP 3111283 A1 EP3111283 A1 EP 3111283A1 EP 15707322 A EP15707322 A EP 15707322A EP 3111283 A1 EP3111283 A1 EP 3111283A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- mode
- user
- display
- user interface
- switching element
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000009434 installation Methods 0.000 title abstract description 5
- 230000008859 change Effects 0.000 claims abstract description 22
- 238000012790 confirmation Methods 0.000 claims abstract description 11
- 238000004891 communication Methods 0.000 claims abstract description 7
- 238000012800 visualization Methods 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims 1
- 230000006870 function Effects 0.000 description 7
- 230000002452 interceptive effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000003825 pressing Methods 0.000 description 2
- 208000027418 Wounds and injury Diseases 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 208000014674 injury Diseases 0.000 description 1
- 230000007257 malfunction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 231100000279 safety data Toxicity 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 230000009469 supplementation Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/10—Programme control other than numerical control, i.e. in sequence controllers or logic controllers using selector switches
- G05B19/106—Programme control other than numerical control, i.e. in sequence controllers or logic controllers using selector switches for selecting a programme, variable or parameter
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/042—Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
- G05B19/0423—Input/output
- G05B19/0425—Safety, monitoring
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/041—Function-oriented details
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/18—Numerical control [NC], i.e. automatically operating machines, in particular machine tools, e.g. in a manufacturing environment, so as to execute positioning, movement or co-ordinated operations by means of programme data in numerical form
- G05B19/409—Numerical control [NC], i.e. automatically operating machines, in particular machine tools, e.g. in a manufacturing environment, so as to execute positioning, movement or co-ordinated operations by means of programme data in numerical form characterised by using manual data input [MDI] or by using control panel, e.g. controlling functions with the panel; characterised by control panel details or by setting parameters
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/25—Pc structure of the system
- G05B2219/25163—Transmit twice, redundant, same data on different channels, check each channel
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/30—Nc systems
- G05B2219/34—Director, elements to supervisory
- G05B2219/34316—Install nc system, check voltages, power supply with incorporated a-d
Definitions
- the invention relates to a method for actuating a mode selector element of a plant by a secure control process, the plant having a functional control and communication links, and wherein the functional controller comprises a memory unit, a (flow) control device, a display and a user interface.
- Safety switches perform a personal protection function, and any malfunctions can result in serious personal injury. Therefore, there are special precautions for safety switches. For example, safety components must not be bypassed, turned away, removed or otherwise rendered ineffective. Furthermore, for example, a switching operation may only be triggered directly and directly by specially provided actuators.
- safety control process in particular a control process is considered in connection with the subject description, which causes a change in the operating mode of the system.
- Machines and other systems of the newer generation usually have a machine or system visualization, which is based on an integrated operating concept and has an access and authentication concept tailored to the system requirements. Due to the requirements set out above, it is currently not possible to integrate the selection of the operating mode into the system visualization or the access and authentication concept.
- An advantageous embodiment of the invention may have the additional step of performing an identity check of the user upon receiving the user input and / or the confirmation. This prevents a circumvention of the security measures.
- the method can be applied in an advantageous manner to a system in which at least parts of the user interface are displayed on the display as visualization elements, so that the method can also be used with modern operating concepts.
- Visualization element or “visualized element” in this context, all elements are referred to, which can be computer-aided generated and made visible to the user. This relates in particular to displays on a screen, for example in the form of so-called “icons”, which can be selected or changed, for example by mouse click or touch-sensitive screens ("touchscreen”), by touching them or in some other way. Visualization elements can also be displayed in three dimensions, such as in holographic representation or as an element on a 3D screen, and selected for example by 3D gesture control.
- the operation selection actuator can be displayed as a visualized element on the display. This allows the operation selection actuator to be available only to authorized users. The item may either not be displayed at all to unauthorized users, or it may be marked as not selectable by a changed appearance (e.g., colorless or pale).
- the step of checking may further comprise the following steps:
- the request for confirmation of the user input may be a visualized element that is displayed spatially offset from the operation selection actuation element.
- the input can be made very intuitive by, for example, the same or a similar element (for example, in a different color or shape) appears at a different location on the screen for the user after pressing the mode-actuating element, which then confirms the Selection must be pressed again.
- the communication steps of the method according to the invention run unnoticed in the background for the user. As a result, it can also be avoided that operating mode actuating elements are actuated inadvertently.
- a plant visualization can be displayed on the display.
- a standardized interface device for example in the form of a tablet PC, can perform the entire functionality of the user interface. This allows a subsequent adaptation, modification or supplementation of the appearance or the functionality of the interface even without hardware changes.
- at least one communication connection can use a bus protocol.
- the inventive method makes it possible to transmit safe control commands via a potentially unsafe bus connection. This avoids the need for a separate wiring.
- bus protocols any protocols may be used which are appropriate for the respective application.
- Ethernet protocols such as POWERLINK, Ethernet IP, ProfiNet, Ethercat, etc. are used in automation.
- safety protocols are usually used, such as OpenSAFETY, ProfiSafe, ClPsafety, Safety over Ethercat, etc.
- Ethernet protocols and safety protocols are well known. which is why it will not be discussed further here.
- the method according to the invention can be used universally for different installations, such as, for example, machines, steam boiler systems, transport devices, power plants or other energy supply installations.
- FIG. 1
- Fig. 1 shows a block diagram of an exemplary plant, with which the method according to the invention can be used, and
- Fig. 2 illustrates the steps of the method according to the invention in a flow chart.
- FIG. 1 schematically shows, by way of example, a compilation of some elements of an automated production line, with the individual components communicating with one another via a bus 1.
- a machine 2 a mode switching element 3, a computing unit 9 and a control console 5 are connected to each other via the bus 1.
- FIG. 1 a symbol for a deep drawing press is shown in FIG. 1, but it should be understood that the method according to the invention can also be advantageously used with completely different machines or systems in which the provision of a secure control is required or desired.
- the machine 2 is connected to an emergency stop switch 4, wherein an actuation of the emergency stop switch 4 is not communicated via the bus 1 for safety reasons. Therefore, the emergency stop switch 4 is connected to the machine 2 via a direct wiring 6, as required by the relevant standards and is generally common.
- the display 7 and some or all operating elements 8 can also be designed as a touchscreen operating panel, whereby particularly intuitive operating concepts become possible, wherein a machine visualization can also be integrated into the display or the control panel.
- the control unit for the flow control of the machine 2 can either be integrated in the control console 5, or it can be designed as a separate unit, which is particularly advantageous if the flow control requires more complex arithmetic operations, as for example in the control of CNC cells necessary is.
- Fig. 1 is a own computing unit 9, which has a memory unit 10, provided for the flow control of the machine 2.
- control console 5 and the arithmetic unit 9 together form the functional controller 1 1 of the machine 2.
- the user selects the desired operating sequences for the machine 2 via the control console 5.
- the user input is transmitted via the bus 1 to the arithmetic unit 9, evaluated by this and converted into control commands, which in turn are transmitted via the bus 1 to the corresponding actuators of the machine 2.
- the arithmetic unit 9 also evaluates sensor information received from the machine 2 via the bus 1 and sends display information to the control console 5.
- the arrangement of the machine control elements in Figure 1 is purely exemplary and well known in the art in that it can be realized in many different ways. Depending on the application concept, several different bus systems can also be used or wireless transmission systems can also be used.
- operating mode switching element 3 is understood to mean a switching element whose positioning functionality acts directly on the machine 2.
- the operating mode switching element 3 is connected to the machine 2 via a direct wiring 6 ', so that safe control commands can be transmitted from the mode selector switch element 3 directly to the machine 2 without the signal line having to be shared with other elements, as is the case with the bus topology.
- the mode switching element 3 is connected on the one hand via the direct wiring 6 'to the machine 2, on the other hand, it also has a connection to the bus 1, via which it can communicate with the other elements of the system.
- the operating mode switching element 3 is separated from the associated operating mode actuating element 3 '- in the case illustrated in FIG. 3, a mode selection switch.
- the mode switching element 3 and the associated mode actuating element 3 'thus enable safe control for the selection of the operating mode in this example.
- the operating mode actuating element 3 ' can also be represented, for example, as a virtual object on a touchscreen user interface and actuated by the user via this surface, as indicated in FIG. 1.
- FIG. 2 illustrates the individual steps of the method according to the invention in a block diagram, reference being also made in the following description to elements which are illustrated in FIG.
- a mode actuator 3 ' is provided to a user for secure control at a user interface, for example, at the display 7.
- This mode actuator may also be arranged as a separate control on the control console 5.
- actuation of the mode actuator may require a key or other means of identification, but release may also be based on a general access and authentication concept.
- the mode actuator may also be implemented as an interactive virtual object, for example in the case of a touch screen display on which the mode actuator 3 'may be actuated by touching the touch screen. This makes it possible to provide the switching element only if this requires the situation and the required authorization is available. For example, a two-hand switch, such as two spaced-apart buttons, could only be superimposed on the screen if the workflow required the actuation of that switch.
- step 102 user input is received at the user interface, due to which the configuration of the mode switching element 3, and thereby the operating mode of the machine 2, is to be changed. This can be done, for example, by turning the operating selector switch or by touching the corresponding virtual object or the corresponding virtual objects on the touchscreen.
- step 103 the data of the selected configuration change is backed up.
- the protection can either take place in a separate memory element of the control console 5, or in another memory unit, such as the memory unit 10 of the computing unit 9 shown in FIG. 1.
- the data are stored on the one hand to be available for the later step of the test On the other hand, the stored data can be used as log files.
- the data for the selected configuration change is transmitted from the functional controller 1 1 via the bus 1 to the mode switching element 3.
- the selected configuration of the mode switching element 3 is not taken over immediately, but it is initially generated a security query.
- step 105 the operating mode switching element 3 transmits the received data (or data corresponding thereto, from which the received configuration change results) to the functional controller 11.
- step 106 a check is made as to whether the configuration change transmitted back to the functional controller 11 from the mode switching element 3 in step 105 coincides with the configuration change stored in step 103 and sent to the mode controller in step 104. Switching element 3 has been transmitted.
- this step may also require user input if desired by security protocols.
- a request for confirmation of the user input is displayed on the display 7.
- This request can be presented in a variety of ways as required, such as in the form of a pop-up window or as a virtual control element appearing on an interactive user interface, or by the flashing of a button.
- the confirmation request could also be signaled, for example, by the fact that the currently operated spaced control surfaces change color and must be pressed again, or if the control surfaces change position (eg jump to another position), so the hands have to follow them.
- the user can thus confirm the confirmation prompt at the user interface in any manner, for example by pressing a key, by clicking or touching a control panel, by a gesture or in any other manner known in the art.
- the acknowledgment is transmitted to the mode switching element 3. This ensures on the part of the mode switching element 3 that the signaled change in the configuration was neither an oversight nor a signaling error.
- the mode switching element 3 assumes the selected configuration, this being signaled directly to the machine 2 via the direct wiring 6 'and switching to the new operating mode.
- step 101 Thereafter, the process may be restarted again at step 101, either as needed or as needed, providing the mode actuator either permanently or made available only on the basis of certain conditions.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Human Computer Interaction (AREA)
- Manufacturing & Machinery (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Safety Devices In Control Systems (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AT501452014 | 2014-02-26 | ||
PCT/EP2015/053879 WO2015128341A1 (de) | 2014-02-26 | 2015-02-25 | Verfahren zur betätigung eines sicheren schaltelements einer anlage |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3111283A1 true EP3111283A1 (de) | 2017-01-04 |
Family
ID=52596961
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP15707322.2A Ceased EP3111283A1 (de) | 2014-02-26 | 2015-02-25 | Verfahren zur betätigung eines sicheren schaltelements einer anlage |
Country Status (3)
Country | Link |
---|---|
US (1) | US10088822B2 (de) |
EP (1) | EP3111283A1 (de) |
WO (1) | WO2015128341A1 (de) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3024099B1 (de) * | 2014-11-18 | 2020-06-10 | Komax Holding AG | Kabelbearbeitungseinrichtung |
JP6798461B2 (ja) * | 2017-09-26 | 2020-12-09 | 横河電機株式会社 | 通知制御装置、通知制御システム、通知制御方法、及び通知制御プログラム |
EP3629141B1 (de) | 2018-09-28 | 2021-04-14 | Sick Ag | Verfahren und vorrichtung zum überprüfen eines konfigurationsparameterwerts |
FR3100635B1 (fr) * | 2019-09-10 | 2021-08-06 | Schneider Electric Ind Sas | Système de sécurisation d’un dispositif |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001008131A1 (en) | 1999-07-21 | 2001-02-01 | Holmen Paul M | Apparatus for data entry |
DE10353210A1 (de) | 2003-11-13 | 2005-06-16 | Siemens Ag | Sichere Erfassung von Eingabewerten |
DE102004055971B8 (de) | 2004-11-19 | 2012-06-21 | Kw-Software Gmbh | Verfahren und Vorrichtung zur sicheren Parametierung gemäß IEC 61508 SIL 1 bis 3 oder EN 954-1 Kategorie 1 bis 4 |
EP1895374B1 (de) | 2006-08-29 | 2016-04-06 | Rockwell Automation Technologies, Inc. | HMI-Geräte mit integriertem benutzerdefiniertem Verhalten |
DE102009042354C5 (de) * | 2009-09-23 | 2017-07-13 | Phoenix Contact Gmbh & Co. Kg | Verfahren und Vorrichtung zur sicherheitsgerichteten Kommunikation im Kommunikations-Netzwerk einer Automatisierungs-Anlage |
-
2015
- 2015-02-25 WO PCT/EP2015/053879 patent/WO2015128341A1/de active Application Filing
- 2015-02-25 US US15/121,564 patent/US10088822B2/en active Active
- 2015-02-25 EP EP15707322.2A patent/EP3111283A1/de not_active Ceased
Non-Patent Citations (2)
Title |
---|
None * |
See also references of WO2015128341A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2015128341A1 (de) | 2015-09-03 |
US20160370785A1 (en) | 2016-12-22 |
US10088822B2 (en) | 2018-10-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3058427B1 (de) | Verfahren und system zum fernbedienen einer werkzeugmaschine mittels eines mobilen kommunikationsgeräts | |
EP3383598B1 (de) | Manipulatorsystem und verfahren zur identifikation von bedienvorrichtungen | |
EP2453326B1 (de) | Verfahren und System zur Bedienung einer Maschine aus der Automatisierungstechnik | |
EP1857897B1 (de) | Verfahren und System zur Erstellung oder Änderung sicherheitsrelevanter Daten für eine Steuerungseinrichtung | |
WO2006125404A1 (de) | Verfahren zum einstellen eines elektrischen feldgerätes | |
EP3111283A1 (de) | Verfahren zur betätigung eines sicheren schaltelements einer anlage | |
EP3507662B1 (de) | Verfahren zum betreiben eines industriellen steuerungssystems sowie entsprechendes steuerungssystem | |
EP3064050B1 (de) | Steuerungssystem für ein landwirtschaftliches arbeitsgerät | |
WO2013152847A1 (de) | System und verfahren zur maschinenwartung | |
EP2422248B1 (de) | System und verfahren zum verteilen von projektdaten einer sicherheitssteuerung einer automatisierten anlage auf die steuerungskomponenten | |
EP3470937B1 (de) | Verfahren und vorrichtungen zum überwachen der reaktionszeit einer durch ein sicherheitssystem bereitgestellten sicherheitsfunktion | |
AT516652B1 (de) | Formgebungsanlage | |
DE102007038722A1 (de) | Verfahren zum Auslösen von Aktionen einer Maschine durch sichere Eingabeelemente | |
DE10161924A1 (de) | Verfahren zur Zweihandbedienung einer flächigen Anzeige- und Bedieneinheit, mit berührungssensitivem Display, HMI Gerät, Automatisierungssystem und Computerprogrammprodukt zur Durchführung des Verfahrens | |
DE102022113080A1 (de) | Sicherheitszuhaltung | |
EP3719595A1 (de) | Bedienung einer technischen anlage | |
WO2003032141A2 (de) | Verfahren zur zweihandbedienung einer flächigen anzeige- und bedieneinheit, mit berührungssensitivem display, hmi gerät, automatisierungssystem und computerprogrammprodukt zur durchführung des verfahrens | |
DE102005054140B4 (de) | Verfahren und Vorrichtung zur Unterscheidung der Herkunft von Bedieneingaben | |
EP1921525B1 (de) | Verfahren zum Betrieb einer sicherheitsgerichteten Anlage | |
EP2977840A1 (de) | Fehlersichere Bedienung eines Gerätes aus dem Bereich der industriellen Automatisierungstechnik mittels Gesten | |
EP3048498B1 (de) | Verfahren zum Auslesen von Diagnosedaten aus einer Sicherheitssteuerung | |
WO2023186666A1 (de) | Verfahren zur durchführung einer sicherheitsüberprüfung einer modularen sicherheitssteuerung | |
EP4152108A1 (de) | Sicherheitseinrichtung und verfahren zum betrieb einer sicherheitseinrichtung | |
DE102022115488A1 (de) | Steuerungssystem mit betriebssicherer Eingabe | |
EP2192461A1 (de) | Steuerungsvorrichtung und System zur fehlersicheren Datenübertragung |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20160720 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAX | Request for extension of the european patent (deleted) | ||
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: B&R INDUSTRIAL AUTOMATION GMBH |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20200623 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20210801 |