WO2022085218A1 - Information processing system, and method for constructing database - Google Patents

Information processing system, and method for constructing database Download PDF

Info

Publication number
WO2022085218A1
WO2022085218A1 PCT/JP2021/009550 JP2021009550W WO2022085218A1 WO 2022085218 A1 WO2022085218 A1 WO 2022085218A1 JP 2021009550 W JP2021009550 W JP 2021009550W WO 2022085218 A1 WO2022085218 A1 WO 2022085218A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
abnormality
unit
database
program
Prior art date
Application number
PCT/JP2021/009550
Other languages
French (fr)
Japanese (ja)
Inventor
大輝 伊達
Original Assignee
オムロン株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by オムロン株式会社 filed Critical オムロン株式会社
Publication of WO2022085218A1 publication Critical patent/WO2022085218A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C29/00Checking stores for correct operation ; Subsequent repair; Testing stores during standby or offline operation
    • G11C29/04Detection or location of defective memory elements, e.g. cell constructio details, timing of test signals
    • G11C29/08Functional testing, e.g. testing during refresh, power-on self testing [POST] or distributed testing
    • G11C29/10Test algorithms, e.g. memory scan [MScan] algorithms; Test patterns, e.g. checkerboard patterns 
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C29/00Checking stores for correct operation ; Subsequent repair; Testing stores during standby or offline operation
    • G11C29/04Detection or location of defective memory elements, e.g. cell constructio details, timing of test signals
    • G11C29/08Functional testing, e.g. testing during refresh, power-on self testing [POST] or distributed testing
    • G11C29/12Built-in arrangements for testing, e.g. built-in self testing [BIST] or interconnection details
    • G11C29/44Indication or identification of errors, e.g. for repair
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C29/00Checking stores for correct operation ; Subsequent repair; Testing stores during standby or offline operation
    • G11C29/56External testing equipment for static stores, e.g. automatic test equipment [ATE]; Interfaces therefor

Definitions

  • This disclosure relates to an information processing system and a method for constructing a database.
  • Soft errors are caused by, for example, collisions of alpha particles and cosmic ray neutrons. Applying memory that can cause soft errors to the system can result in anomalies caused by soft errors. Therefore, it is desirable to confirm the relationship between soft errors and their effects in advance.
  • Patent Document 1 discloses a soft error test method for confirming the effect on an electronic device by irradiating the electronic device to be tested with neutrons and reproducing the soft error. ing.
  • This disclosure has been made in view of the above problems, and its purpose is to provide a method for constructing an information processing system and a database that can easily confirm the relationship between soft errors and their effects.
  • the information processing system includes a first information processing device and a database.
  • the first information processing device includes a processor that executes a first program and a second program that is interrupted during execution of the first program, and a memory.
  • the second program is an instruction to invert the 1-bit data at a specified position in the memory and an instruction to collect the first information regarding an abnormality that occurred in the execution of the first program after inverting the 1-bit data.
  • the information processing system further includes a registration unit that registers the second information and the first information regarding the designated position in the database in association with each other.
  • the first information and the second information are associated and stored in the database.
  • the database it is possible to easily confirm the influence when a soft error occurs in the information processing apparatus that executes the first program.
  • the second information includes the name of the variable written at the specified position.
  • the first information includes at least one of the first identification information for identifying the content of the abnormality and the second identification information for identifying the source code executed when the abnormality occurred in the first program. include.
  • the first identification information it is possible to easily confirm what kind of abnormality occurs.
  • the second identification information it is possible to easily confirm in which source code of the first program the abnormality occurs.
  • the registration unit further registers a memory dump indicating the contents of the memory when an abnormality occurs in the database in association with the first information and the second information.
  • the memory dump corresponding to the abnormality information having the same content as the abnormality is compared with the memory content of the information processing apparatus. Will be done. The comparison results help identify the cause of the anomaly. Therefore, the time required for analysis of the cause of the abnormality can be shortened.
  • the information processing system 1 searches the database for the first information that matches the analysis target information regarding the abnormality generated in the second information processing apparatus that executes the first program, and corresponds to the searched first information.
  • a search unit for outputting the second information is further provided.
  • the information processing system 1 searches the database for the first information that matches the analysis target information regarding the abnormality generated in the second information processing apparatus that executes the first program, and the second information corresponding to the searched first information and the second information.
  • a search unit that outputs a memory dump may be further provided.
  • a soft error at the position indicated by the output second information can be easily mentioned.
  • the time required for analysis of the cause of the abnormality can be shortened.
  • the comparison result between the memory dump and the contents of the memory of the second information processing device is useful for identifying the cause of the abnormality. Therefore, the time required for analysis of the cause of the abnormality can be further shortened.
  • the registration unit associates the first information and the second information with the third information indicating whether or not the cause of the abnormality corresponding to the first information is the inversion of 1-bit data in the database.
  • Register further.
  • the search unit excludes the first information corresponding to the third information indicating that the cause of the abnormality is not the inversion of the 1-bit data from the search target. According to this disclosure, the time required for searching is shortened.
  • a method of constructing a database using an information processing device including a processor for executing a program and a memory includes first to third steps.
  • the first step is a step of inverting 1-bit data at a specified position in the memory.
  • the second step is to collect the first information regarding the abnormality that occurred in the execution of the program by the processor after inverting the 1-bit data.
  • the third step is a step of associating the second information and the first information regarding the designated position with each other and registering them in the database.
  • FIG. 1 It is a schematic diagram which shows the structure related to the construction of the database provided in the information processing system which concerns on embodiment. It is a schematic diagram which shows the structure related to the use of the database provided in the information processing system which concerns on embodiment. It is a schematic diagram which shows the hardware configuration example of the safety IO unit shown in FIG. It is a block diagram which shows the hardware configuration example of the computer shown in FIG. 1 and FIG. It is a block diagram which shows the functional structure of a safety IO unit. It is a block diagram which shows the functional structure of a computer. It is a figure which shows an example of the table included in a database.
  • FIG. 1 is a schematic diagram showing a configuration related to the construction of a database provided in the information processing system according to the embodiment.
  • the information processing system 1 exemplified in FIG. 1 includes a safety IO (Input / Output) unit 100, a database 200, a computer 300, a PLC (programmable logic controller) 400, a coupler 500, and a safety controller 600. ..
  • a safety IO Input / Output
  • FIG. 1 includes a safety IO (Input / Output) unit 100, a database 200, a computer 300, a PLC (programmable logic controller) 400, a coupler 500, and a safety controller 600. ..
  • PLC programmable logic controller
  • the safety IO unit 100, PLC400, coupler 500 and safety controller 600 are prepared for the construction of the database 200.
  • the safety IO unit, PLC, coupler and safety controller installed in the production line at the start-up stage may be used as the safety IO unit 100, PLC400, coupler 500 and safety controller 600, respectively.
  • the safety controller 600 and the safety IO unit 100 are connected to the coupler 500 as a local unit via the local bus 10.
  • the "local unit” is a general term for any unit connected via the local bus 10.
  • the PLC400 executes standard control for any control target (not shown) according to a standard control program created in advance.
  • Standard control is a general term for processes for controlling a controlled object in accordance with predetermined requirement specifications.
  • the control target is, for example, a servo motor, a robot, or the like.
  • the coupler 500 mediates the exchange of data between the PLC 400 and the safety controller 600.
  • the coupler 500 is electrically connected to the PLC 400 via a field network.
  • the field network is a communication medium for realizing data transmission for FA.
  • frame transmission is possible at a predetermined cycle, and the data arrival time for each node in the network is guaranteed.
  • EtherCAT registered trademark
  • the coupler 500 transmits the data received from the PLC 400 to the local unit (safety controller 600 and safety IO unit 100) via the local bus 10.
  • the coupler 500 receives data from the local unit, the coupler 500 prepares to store the received data in the next communication frame.
  • the safety controller 600 executes safety control for an arbitrary control target.
  • "Safety control” is a general term for processes to prevent human safety from being threatened by equipment or machines.
  • the “safety control” is designed to meet the requirements for realizing the safety function specified in, for example, IEC 61508.
  • the safety IO unit 100 is connected to the safety controller 600 via the local bus 10. Further, an arbitrary safety device (not shown) is connected to the safety IO unit 100. Safety devices include light curtains, emergency stop buttons, safety door switches and the like.
  • the safety IO unit 100 executes an IO task at a predetermined cycle (hereinafter referred to as "safety task cycle").
  • safety task cycle a predetermined cycle
  • the process of receiving the input signal from the safety device, the process of providing the input signal to the safety controller 600, the process of accepting the command from the safety controller 600, the process of calculating according to the command, and the process of outputting the calculation result are output. Processing to be done is included.
  • the IO task includes a process of detecting an abnormality in the safety IO unit 100 and a process of notifying the safety controller 600 of the detected abnormality.
  • the safety controller 600 executes safety control according to the input signal provided from the safety IO unit 100. For example, the safety controller 600 cuts off the power supply to the controlled object of the PLC 400 when an input signal indicating the intrusion of a person is provided from the safety device which is a light curtain. Alternatively, the safety controller 600 cuts off the power supply to the controlled object of the PLC 400 when the input signal indicating the button press is provided from the safety device which is the emergency stop button. When the safety controller 600 cuts off the power supply to the controlled object of the PLC 400, the safety controller 600 stops the communication between the devices constituting the information processing system 1.
  • the safety controller 600 cuts off the power supply to the controlled object of the PLC 400 even when an abnormality occurs in the safety IO unit 100.
  • the computer 300 is, for example, a general-purpose notebook computer.
  • the computer 300 exchanges data with the PLC 400 according to a communication standard such as Ethernet / IP (registered trademark). Further, the computer 300 can access the database 200, updates the database 200, and performs a search process using the database 200.
  • a communication standard such as Ethernet / IP (registered trademark).
  • a soft error occurs in the safety IO unit installed in the production line that operates 24 hours x 365 days, and if an abnormality occurs in the safety IO unit due to the soft error, the production line is stopped. In such a production line, it is preferable to shorten the downtime as much as possible. Therefore, it is desired to be able to immediately analyze the cause of the abnormality.
  • the information processing system 1 In order to meet such a demand, the information processing system 1 according to the present embodiment generates a pseudo soft error in the main memory 104 provided in the safety IO unit 100, and information on an abnormality that occurs thereafter (hereinafter, , "Abnormal information”) is registered in the database 200.
  • step S1 the computer 300 designates the position of one bit in the main memory 104 of the safety IO unit 100 via the PLC 400, the coupler 500, and the safety controller 600. ..
  • step S2 the safety IO unit 100 inverts 1-bit data at a designated position in the main memory 104.
  • the safety IO unit 100 collects abnormality information regarding an abnormality that has occurred within a predetermined time after inverting the 1-bit data.
  • the safety controller 600 cuts off the power supply to the controlled object of the PLC 400. At this time, the communication between the devices of the information processing system 1 is also stopped.
  • step S3 is transmitted to the PLC 400 via the safety controller 600 and the coupler 500.
  • the computer 300 acquires the abnormality information from the PLC 400.
  • step S4 the computer 300 registers the position information regarding the position specified in step S1 and the abnormality information acquired in step S3 in the database 200 in association with each other.
  • the location information and the abnormality information are associated and stored in the database 200.
  • the influence when a soft error occurs in the safety IO unit 100 can be easily confirmed.
  • FIG. 2 is a schematic diagram showing a configuration related to the use of the database 200 provided in the information processing system 1 according to the embodiment.
  • the information processing system 1 includes a safety IO unit 100A, a PLC 400A, a coupler 500A, and a safety controller 600A in addition to the database 200 and the computer 300.
  • the safety IO unit 100A, PLC400A, coupler 500A and safety controller 600A are installed on the production line in operation.
  • the safety IO unit 100, PLC400, the coupler 500 and the safety controller 600 installed in the production line at the start-up stage may be used as the safety IO unit 100A, the PLC400A, the coupler 500A and the safety controller 600A, respectively.
  • the safety IO unit 100A When an abnormality occurs, the safety IO unit 100A generates abnormality information regarding the abnormality. The generated abnormality information is transmitted to the safety controller 600A, the coupler 500A and the PLC 400A. The computer 300 acquires the transmitted abnormality information from the PLC 400A as analysis target information (step S11). The computer 300 may directly acquire the analysis target information from the safety IO unit 100A.
  • the computer 300 searches the database 200 for abnormal information that matches the acquired analysis target information (step S12).
  • the computer 300 outputs the position information corresponding to the searched abnormality information (step S13). For example, the computer 300 displays location information.
  • the analyst can cite a soft error of the position data indicated by the position information in the main memory 104 of the safety IO unit 100A as a candidate for the cause of the abnormality generated in the safety IO unit 100A.
  • the analyst can determine whether or not the cause of the abnormality is a soft error by confirming the position data indicated by the position information.
  • the time required for the analysis can be shortened.
  • FIG. 3 is a schematic diagram showing a hardware configuration example of the safety IO unit shown in FIG. 3 .
  • the safety IO unit 100 exemplified in FIG. 3 includes a processor 102, a main memory 104, a storage 106, a local bus controller 108, a safety IO module 110, and a buffer memory 112. These components are connected to each other via the processor bus 114.
  • the processor 102 corresponds to an arithmetic processing unit that executes control operations related to signal input / output and management functions necessary for realizing safety control, and is configured by a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like. Will be done.
  • a CPU Central Processing Unit
  • MPU Micro Processing Unit
  • the main memory 104 is composed of volatile memories such as DRAM (Dynamic Random Access Memory) and SRAM (Static Random Access Memory).
  • DRAM Dynamic Random Access Memory
  • SRAM Static Random Access Memory
  • the SRAM uses a flip-flop as the structure of the storage unit, does not require a refresh operation, and has an advantage that it can operate at a higher speed than the DRAM. Therefore, it is preferable to use SRAM as the main memory 104.
  • DRAM with a stack type structure has high soft error resistance.
  • the soft error tolerance is lowered due to miniaturization. Therefore, when the main memory 104 configured by the SRAM is used, a soft error is likely to occur in the main memory 104.
  • the main memory 104 is a SRAM.
  • the main memory 104 has a stack area, a data area, and a text area.
  • the stack area is an area for temporarily saving data held in a register built in the processor 102.
  • a function process subroutine
  • the data area is an area in which various variables and the like are stored.
  • the text area is the area where the program is expanded.
  • the storage 106 is composed of, for example, a non-volatile storage device such as an SSD (Solid State Drive) or an HDD (Hard Disk Drive).
  • the storage 106 stores an executable program 120 for realizing an IO task, a library 122, and an interrupt program 124.
  • the executable program 120 includes a group of instructions that specify control operations related to signal input / output and management functions necessary for realizing an IO task.
  • the executable program 120 is composed of one or more program files.
  • the interrupt program 124 is a program for collecting information registered in the database 200.
  • the interrupt program 124 is interrupted and executed with the highest priority during the execution of the executable program 120.
  • the local bus controller 108 exchanges data with a device (for example, a safety controller 600, a coupler 500) to which the safety IO unit 100 is connected via the local bus 10.
  • a device for example, a safety controller 600, a coupler 500
  • the safety IO module 110 is electrically connected to the safety device, accepts inputs such as detection results by the safety device, and outputs a signal to the safety device.
  • the buffer memory 112 temporarily holds a communication frame for transmitting the local bus 10.
  • the buffer memory 112 holds an input data group and an output data group.
  • the safety IO module 110 stores the input signal received from the safety device in the buffer memory 112 as a part of the input data group.
  • the local bus controller 108 stores the input signal received from the coupler 500 or the safety controller 600 in the buffer memory 112 as a part of the input data group.
  • the output data group is transmitted to the safety controller 600 and the coupler 500 by the local bus controller 108 every safety task cycle. Further, the output data group is transmitted from the coupler 500 to the PLC 400.
  • the safety IO unit 100A shown in FIG. 2 also has the hardware configuration shown in FIG. However, the interrupt program 124 may not be stored in the storage 106 of the safety IO unit 100A.
  • FIG. 4 is a block diagram showing a hardware configuration example of the computer 300 according to the present embodiment shown in FIGS. 1 and 2.
  • the computer 300 is typically a personal computer having a general-purpose architecture. As shown in FIG. 4, the computer 300 includes a processor 302, a memory 304, a storage 306, a display 308, an input device 310, and a USB controller 312. These components are connected to each other via an internal bus 314.
  • the processor 302 is composed of a CPU, an MPU, and the like, and realizes various functions as described later by reading various programs stored in the storage 306, expanding them in the memory 304, and executing the programs.
  • the memory 304 is composed of a volatile storage device such as DRAM or SRAM.
  • the storage 306 is composed of, for example, a non-volatile storage device such as an HDD or SSD.
  • the storage 306 stores an OS (Operating System) 320, a DB construction program 322 related to the construction of the database 200, and a search program 324 for searching for the cause of an abnormality in the safety IO unit 100A.
  • OS Operating System
  • DB construction program 322 related to the construction of the database 200
  • search program 324 for searching for the cause of an abnormality in the safety IO unit 100A.
  • the display 308 is a device that displays the calculation result of the processor 302 or the like, and is composed of, for example, an LCD (Liquid Crystal Display) or the like.
  • the input device 310 is a device that receives input, and is composed of, for example, a keyboard and a memory.
  • the USB controller 312 exchanges data with and from the PLC400 and 400A via the USB connection. Further, the USB controller 312 accesses the database 200 via the USB connection.
  • FIG. 5 is a block diagram showing a functional configuration of the safety IO unit 100.
  • the safety IO unit 100 includes a task execution unit 11, a write / read processing unit 12, a data inversion unit 13, a variable name extraction unit 14, an abnormality information collection unit 15, and a dump process. Including part 16.
  • the task execution unit 11 is realized by the processor 102 shown in FIG. 3 executing the executable program 120.
  • the write / read processing unit 12 is realized by the processor 102 executing the library 122.
  • the data inversion unit 13, the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 are realized by the processor 102 executing the interrupt program 124.
  • the processor 102 executes the interrupt program 124 in response to an interrupt instruction received from the computer 300.
  • the task execution unit 11 executes an IO task every safety task cycle. Specifically, the task execution unit 11 performs a control operation using at least one of the data included in the input data group stored in the buffer memory 112 and the variables stored in the main memory 104. Further, the task execution unit 11 stores the data obtained by the control operation in the buffer memory 112 as a part of the output data group.
  • the task execution unit 11 stores the input signal from the safety device included in the input data group in the buffer memory 112 as a part of the output data group.
  • the input signal from the safety device is output to the safety controller 600 in the next safety task cycle.
  • the safety controller 600 can recognize that the safety device detects the intrusion of a person.
  • the task execution unit 11 generates abnormality information 130 regarding the abnormality in response to the occurrence of some abnormality in the control operation, and stores the generated abnormality information 130 in the buffer memory 112 as a part of the output data group. As a result, in the next safety task cycle, the abnormality information 130 is transmitted to the safety controller 600, the coupler 500, and the PLC 400. As a result, the safety controller 600 can recognize that an abnormality has occurred in the safety IO unit 100.
  • the abnormality information 130 includes identification information for identifying the content of the abnormality (hereinafter referred to as “abnormal ID”) and identification information for identifying the source code executed when the abnormality occurred (“code information”). It is referred to as).
  • the code information describes the file name of one program file including the running source code of one or more program files constituting the executable program 120, and the running sword code in the one program file. Includes the line number.
  • Abnormalities in the safety IO unit 100 include, for example, unacceptable operations (division by 0, operations in which the solution becomes an imaginary number in real number operations, etc.), access to unallocated storage areas, and the like.
  • the write / read processing unit 12 receives the write instruction and the read instruction, and executes the write / read of the designated variable to the main memory 104, respectively. As shown in FIG. 5, the write / read processing unit 12 manages the variable management table 17.
  • the variable management table 17 associates a variable name with an address in which data indicating the value of the variable is held in the main memory 104 for each variable.
  • the write / read processing unit 12 executes writing / reading of the designated variable by using the variable management table 17.
  • the processing of the task execution unit 11 is temporarily stopped.
  • the position of 1 bit in the main memory 104 (hereinafter, referred to as “reversed position”) is specified.
  • the inverted position is represented by the address and the bit position within the address.
  • the interrupt program 124 includes an instruction to invert 1-bit data at a specified position in the memory. Therefore, the data inversion unit 13 generates a write instruction to invert the 1-bit data at the inversion position designated by the interrupt instruction according to the instruction. The data inversion unit 13 outputs the generated write instruction to the write / read processing unit 12. As a result, the 1-bit data at the inverted position in the main memory 104 is inverted. When the data inversion is completed, the data inversion unit 13 restarts the processing of the task execution unit 11.
  • the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 generate a data group registered in the database 200 (hereinafter, referred to as “registration data group 140”).
  • the generated registration data group 140 is stored in the buffer memory 112 as a part of the output data group.
  • variable name extraction unit 14 extracts the name of the variable (hereinafter, referred to as “variable name”) written in the inverted position specified by the interrupt instruction as a part of the registration data group 140.
  • the variable name extraction unit 14 may extract the variable name 141 corresponding to the address representing the inversion position from the variable management table 17.
  • the interrupt program 124 includes an instruction for collecting abnormality information regarding an abnormality that occurred in the execution of the executable program 120 after inverting the 1-bit data. Therefore, the abnormality information collecting unit 15 collects the abnormality information 142 regarding the abnormality that occurred in the IO task after the 1-bit data is inverted as a part of the registration data group 140 according to the instruction. Specifically, the abnormality information collecting unit 15 monitors the output data group of the buffer memory 112 in a predetermined period after the 1-bit data is inverted. The abnormality information collecting unit 15 copies the abnormality information 130 in response to the addition of the abnormality information 130 to the output data group in a predetermined period, thereby displaying the abnormality information 142 that becomes a part of the registration data group 140. Generate.
  • the predetermined period is P times the safety task cycle.
  • P is appropriately set according to the contents of the executable program 120, the length of the period allowed for constructing the database 200, and the like.
  • P is set according to the length of the period allowed for the construction of the database 200.
  • the dump processing unit 16 executes dump processing of the main memory 104 in response to an abnormality occurring in the IO task after the 1-bit data is inverted. Specifically, the dump processing unit 16 monitors the output data group of the buffer memory 112 in a predetermined period after the 1-bit data is inverted. The dump processing unit 16 executes dump processing of the main memory 104 in response to the addition of the abnormality information 130 to the output data group in a predetermined period, and generates a memory dump 143 as a part of the registration data group 140. ..
  • the memory dump 143 is a file in which a part or all of the contents of the main memory 104 is recorded.
  • variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 use the registration data group 140 as a part of the output data group after a predetermined period has elapsed after the 1-bit data is inverted, and the buffer memory 112. Store in. Alternatively, the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 buffer the registration data group 140 as a part of the output data group immediately after the collection of the abnormality information 142 and the generation of the memory dump 143 are completed. It may be stored in the memory 112.
  • the registration data group 140 contains only the variable name 141, and includes the abnormality information 142 and the memory dump 143. not.
  • the output data group including the registration data group 140 is transmitted to the PLC 400 via the local bus 10 and the field network.
  • the PLC 400 acquires the registration data group 140. If an abnormality occurs within a predetermined period after the 1-bit data is inverted and communication between the devices constituting the information processing system 1 is stopped, the registration data is used in the safety task cycle after the communication is resumed.
  • the output data group including the group 140 is transmitted to the PLC 400.
  • the safety IO unit 100A shown in FIG. 2 also has the functional configuration shown in FIG. However, in the safety IO unit 100A, the data inversion unit 13, the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 may be omitted. Also in the safety IO unit 100A, the task execution unit 11 generates the abnormality information 130 regarding the abnormality in response to the occurrence of some abnormality in the control operation, and the generated abnormality information 130 is used as a part of the output data group in the buffer memory. Store in 112. As a result, in the next safety task cycle, the abnormality information 130 is transmitted to the safety controller 600, the coupler 500, and the PLC 400.
  • FIG. 6 is a block diagram showing a functional configuration of the computer 300.
  • the computer 300 includes an instruction unit 31, a registration unit 32, and a search unit 33.
  • the instruction unit 31 and the registration unit 32 are realized by the processor 302 shown in FIG. 4 executing the DB construction program 322.
  • the search unit 33 is realized by the processor 302 executing the search program 324.
  • the instruction unit 31 generates an interrupt instruction with the safety IO unit 100 as the transmission destination, and sets the generated interrupt instruction in the PLC 400. As a result, the interrupt instruction is transmitted from the PLC 400 to the safe IO unit 100 via the field network and the local bus 10.
  • the interrupt instruction specifies the inversion position of 1 bit in the main memory 104 of the safety IO unit 100.
  • the inverted position is represented by an address and a bit position as described above.
  • the registration unit 32 registers a new record in the table 20 included in the database 200 in response to the acquisition of the registration data group 140 by the PLC 400 after the interrupt instruction is set in the PLC 400 by the instruction unit 31.
  • FIG. 7 is a diagram showing an example of the table 20 included in the database 200.
  • the table 20 includes one or more records 21 in which the position information 22, the abnormality information 23, the memory dump 24, and the flag 25 are associated with each other.
  • the flag 25 is information indicating whether or not the cause of the abnormality indicated by the abnormality information 23 is the inversion of the 1-bit data at the position indicated by the position information 22. If the cause of the abnormality is the inversion of 1-bit data, the flag 25 is set to "True”. If the cause of the abnormality is not the inversion of 1-bit data, the flag 25 is set to "False". If it is unknown whether the cause of the abnormality is the inversion of 1-bit data, the flag 25 is set to "Unknown".
  • the registration unit 32 sets the position information 22 including the address and the bit position representing the inversion position designated by the interrupt instruction and the variable name 141 included in the registration data group 140 acquired in response to the interrupt instruction. .. Further, the registration unit 32 sets the abnormality information 142 and the memory dump 143 included in the registration data group 140 as the abnormality information 23 and the memory dump 24, respectively. The registration unit 32 adds a record 21 in which the set position information 22, the abnormality information 23, and the memory dump 24 are associated with the flag 25 in which "Unknown" is set as a default to the table 20.
  • the registration unit 32 updates the flag 25 of each record 21 in response to the input to the input device 310 (see FIG. 4).
  • the analyst may determine whether or not the cause of the abnormality is the inversion of 1-bit data by checking the position information 22, the abnormality information 23, and the memory dump 24 of each record 21.
  • the analyst may input the update instruction of the flag 25 to the input device 310 according to the determination result.
  • the instruction unit 31 generates an interrupt instruction for each of all the bits of the main memory 104, and sequentially sets the generated interrupt instruction in the PLC 400. Specifically, the instruction unit 31 sets the interrupt instruction corresponding to the kth bit in the PLC 400. After that, after the record 21 is added to the table 20 based on the registration data group 140 acquired in response to the interrupt instruction corresponding to the kth bit, the instruction unit 31 issues an interrupt instruction corresponding to the k + 1st bit. Set to PLC400. In this way, the record 21 corresponding to each of all the bits of the main memory 104 is added to the table 20.
  • the registration unit 32 may omit the addition of the record 21 to the table 20.
  • the search unit 33 acquires the abnormality information 130 transmitted from the safety IO unit 100A to the PLC 400A as analysis target information.
  • the search unit 33 searches the database 200 for the abnormality information 23 that matches the analysis target information.
  • the search unit 33 outputs the position information 22 and the memory dump 24 corresponding to the searched abnormality information 23. Specifically, the search unit 33 displays the position information 22 and the memory dump 24 on the display 308.
  • the search unit 33 may exclude the abnormality information 23 corresponding to the flag 25 indicating that the cause of the abnormality is not the inversion of 1-bit data from the search target. Specifically, the search unit 33 excludes the record 21 whose flag 25 is "False” from the search target in the search. Alternatively, the search unit 33 may exclude the record 21 whose flag 25 is "False” or "Unknown” from the search target in the search. This reduces the time required for the search.
  • ⁇ Flag update example> An example of updating the flag 25 will be described. For example, when the abnormality ID included in the abnormality information 23 indicates an abnormality due to the exception handler call, the flag 25 is updated as follows.
  • the exception handler is executed, for example, when an unauthorized memory access or the like occurs during the execution of an IO task.
  • Step S1 shown in FIG. 1 the processor 302 operating as the instruction unit 31 generates an interrupt instruction in which the inversion position is specified, and sets the generated interrupt instruction in the PLC 400.
  • the PLC 400 transmits the set interrupt instruction to the coupler 500 via the field network.
  • the coupler 500 transmits an interrupt instruction to the safety IO unit 100 via the local bus 10.
  • the safety IO unit 100 receives an interrupt instruction specifying the inverted position.
  • step S2 the processor 102 of the safety IO unit 100 temporarily suspends the IO task in response to receiving the interrupt instruction.
  • the processor 102 operates as a data inversion unit 13 and inverts 1-bit data at the inversion position designated by the interrupt instruction in the main memory 104. Then, the processor 102 operates as the task execution unit 11 and restarts the IO task.
  • the processor 102 that operates as the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 generates the registration data group 140. Specifically, the processor 102 extracts the variable name 141 that identifies the variable written in the inverted position from the variable management table 17 as a part of the registration data group 140. The processor 102 of the registration data group 140 by copying the abnormality information 130 in response to the addition of the abnormality information 130 to the output data group in a predetermined period after the 1-bit data is inverted. Generates anomaly information 142 as part.
  • the processor 102 executes a dump process of the main memory 104 in response to the addition of the abnormality information 130 to the output data group in a predetermined period, and generates a memory dump 143 as a part of the registration data group 140. ..
  • step S3 the local bus controller 108 transmits the output data group including the registration data group 140 to the coupler 500 via the local bus 10.
  • the coupler 500 transmits the registration data group 140 to the PLC 400 via the field network.
  • the processor 302 operating as the registration unit 32 acquires the registration data group 140 from the PLC 400.
  • step S4 the processor 302 sets the position information 22 including the address and the bit position representing the inversion position specified by the interrupt instruction and the variable name 141 included in the registration data group 140. Further, the processor 302 sets the abnormality information 142 and the memory dump 143 included in the registration data group 140 as the abnormality information 23 and the memory dump 24, respectively. Then, the processor 302 adds the record 21 associating the position information 22, the abnormality information 23, and the memory dump 24 with the flag 25 in which "Unknown" is set as a default to the table 20. Further, the processor 302 updates the flag 25 of each record 21 in response to the input to the input device 310. As a result, the table 20 of the database 200 is updated.
  • the influence on the safety IO unit 100A when a soft error occurs in the main memory 104 can be easily confirmed.
  • each record 21 in the table 20 includes the position information 22.
  • the position information 22 includes the name (variable name) of the variable written at the inverted 1-bit position. Therefore, it becomes easy to confirm the influence when data garbled due to a soft error occurs on the value of the variable stored in the main memory 104.
  • the abnormality information 23 includes an abnormality ID that identifies the content of the abnormality and code information that identifies the source code that was executed when the abnormality occurred.
  • the analyst can determine what kind of abnormality occurs when a soft error occurs in the main memory 104, or which source code of the executable program 120 causes the abnormality. It can be easily confirmed.
  • a memory dump 24 indicating the contents of the main memory 104 when an abnormality occurs is also registered in association with the position information 22 and the abnormality information 23.
  • the memory dump 24 corresponding to the abnormality information 23 having the same content as the abnormality and the main memory 104 of the safety IO unit 100A Can be compared with the contents of. The comparison results help identify the cause of the anomaly. Therefore, the time required for analysis of the cause of the abnormality can be shortened.
  • step S11 shown in FIG. 2 the processor 102 of the safety IO unit 100A operates as the task execution unit 11, generates abnormality information 130 in response to the occurrence of an abnormality, and outputs the generated abnormality information 130 as a part of the output data group. Is stored in the buffer memory 112. As a result, the abnormality information 130 is transmitted to the coupler 500 via the local bus 10. The coupler 500 transmits the abnormality information 130 to the PLC 400 via the field network. Then, the processor 302 acquires the abnormality information 130 from the PLC 400, and sets the acquired abnormality information 130 as the analysis target information.
  • step S12 the processor 302 operates as the search unit 33 and searches the table 20 of the database 200 for the abnormality information 23 that matches the analysis target information. At this time, the processor 302 may use the flag 25 to narrow down the search target.
  • step S13 the processor 302 outputs the position information 22 and the memory dump 24 corresponding to the searched abnormality information 23. Specifically, the processor 302 causes the position information 22 and the memory dump 24 to be displayed on the display 308.
  • the analyst can easily cite a soft error at the position indicated by the output position information 22 as a candidate for the cause of the abnormality that occurred in the safety IO unit 100A. As a result, the time required for analysis of the cause of the abnormality can be shortened. Further, the comparison result between the output memory dump 24 and the contents of the main memory 104 of the safety IO unit 100A is useful for identifying the cause of the abnormality. Therefore, the time required for analysis of the cause of the abnormality can be further shortened.
  • a soft error is generated in a pseudo manner in the safety IO unit 100.
  • the device that generates a pseudo soft error is not limited to the safety IO unit 100, and may be various information processing devices.
  • the abnormality information 130 and 142 include the abnormality ID and the code information.
  • the abnormality information 130 and 142 may include only one of the abnormality ID and the code information. Even if only one of the abnormality ID and the code information is registered in the database 200 as the abnormality information 23, the influence of the soft error can be confirmed.
  • the computer 300 includes an instruction unit 31, a registration unit 32, and a search unit 33.
  • the computer 300 may include the instruction unit 31 and the registration unit 32, and another computer may include the search unit 33.
  • this embodiment includes the following disclosures.
  • the first information processing apparatus (100) is A processor that executes the first program (120) and the second program (124) that is interrupted during the execution of the first program (120).
  • the second program (124) An instruction to invert 1-bit data at a specified position in the memory (104), and Includes an instruction to collect first information (142, 23) regarding an abnormality that occurred in the execution of the first program (120) after inverting the one-bit data.
  • the information processing system (1) further An information processing system (1) including a registration unit (32, 302) that associates the second information (22) with respect to the designated position with the first information (142, 23) and registers the first information (142, 23) in the database.
  • the first information (142, 23) is the first identification information for identifying the content of the abnormality and the second identification information for identifying the source code executed when the abnormality occurs in the first program.
  • the information processing system (1) according to configuration 1 or 2, comprising at least one.
  • the registration unit (32, 302) is associated with the first information (142, 23) and the second information (22), and a memory dump indicating the contents of the memory (104) when the abnormality occurs.
  • the information processing system (1) according to any one of configurations 1 to 3, further registering (24) in the database (200).
  • the first information (142, 23) that matches the analysis target information regarding the abnormality generated in the second information processing apparatus (100A) that executes the first program (120) is searched from the database (200) and searched.
  • the information processing system (1) according to any one of configurations 1 to 3, further comprising a search unit (33, 302) for outputting the second information (22) corresponding to the first information (142, 23). ..
  • the first information (142, 23) that matches the analysis target information regarding the abnormality generated in the second information processing apparatus (100A) that executes the first program (120) is searched from the database (200) and searched.
  • the cause of the abnormality corresponding to the first information (142, 23) is the cause of the abnormality in association with the first information (142, 23) and the second information (22).
  • Third information (25) indicating whether or not 1-bit data is inverted is further registered in the database (200).
  • the search unit (33, 302) excludes the first information (142, 23) corresponding to the third information (25) indicating that the cause of the abnormality is not the inversion of the 1-bit data.
  • the information processing system (1) according to the configuration 5 or 6.
  • FIG. 8 A method of constructing a database (200) using an information processing device (100) including a processor (102) for executing a program (120) and a memory (104). A step of inverting 1-bit data at a specified position in the memory (104), and A step of collecting first information regarding an abnormality that occurred in the execution of the program (120) by the processor (102) after inverting the 1-bit data, and a step of collecting the first information.
  • a method for constructing a database (200) comprising a step of associating the second information regarding the designated position with the first information and registering the second information in the database (200).

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Debugging And Monitoring (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

This method for constructing a database, in which there is used an information processing device that includes a memory and a processor that executes a first program, comprises first to third steps. In the first step, one bit of data in a designated position in the memory is inverted. In the second step, first information is collected, the first information relating to an abnormality occurring during execution of the first program by the processor after the one bit of data was inverted. In the third step, second information relating to the designated position and the first information are associated with each other and registered in a database. The relationship between a software error and the effect thereof can thereby be easily confirmed.

Description

情報処理システムおよびデータベースの構築方法How to build an information processing system and database
 本開示は、情報処理システムおよびデータベースの構築方法に関する。 This disclosure relates to an information processing system and a method for constructing a database.
 半導体デバイスの高集積化および微細化に伴い、メモリにおける一過性のビットエラー(ソフトエラー)が急増している。ソフトエラーは、例えばα粒子や宇宙線中性子の衝突によって生じる。ソフトエラーの起こりうるメモリをシステムに適用すると、ソフトエラーに起因する異常が生じうる。そのため、ソフトエラーとその影響との関係が予め確認されることが望まれる。 With the increasing integration and miniaturization of semiconductor devices, transient bit errors (soft errors) in memory are rapidly increasing. Soft errors are caused by, for example, collisions of alpha particles and cosmic ray neutrons. Applying memory that can cause soft errors to the system can result in anomalies caused by soft errors. Therefore, it is desirable to confirm the relationship between soft errors and their effects in advance.
 特開2019-86429号公報(特許文献1)には、試験対象の電子機器に中性子を照射し、ソフトエラーを再現することにより、電子機器に生じた影響を確認するソフトエラー試験手法が開示されている。 Japanese Unexamined Patent Publication No. 2019-86429 (Patent Document 1) discloses a soft error test method for confirming the effect on an electronic device by irradiating the electronic device to be tested with neutrons and reproducing the soft error. ing.
特開2019-86429号公報Japanese Unexamined Patent Publication No. 2019-86429
 しかしながら、特許文献1に記載の技術では、中性子発生源を準備する必要があり、ソフトエラーとその影響との関係を確認するためのコストが増大する。 However, in the technique described in Patent Document 1, it is necessary to prepare a neutron generation source, and the cost for confirming the relationship between the soft error and its influence increases.
 本開示は、上記の問題に鑑みてなされたものであり、その目的は、ソフトエラーとその影響との関係を容易に確認可能な情報処理システムおよびデータベースの構築方法を提供することである。 This disclosure has been made in view of the above problems, and its purpose is to provide a method for constructing an information processing system and a database that can easily confirm the relationship between soft errors and their effects.
 本開示の一例によれば、情報処理システムは、第1情報処理装置と、データベースと、を備える。第1情報処理装置は、第1プログラムと第1プログラムの実行中に割り込まれる第2プログラムとを実行するプロセッサと、メモリと、を含む。第2プログラムは、メモリ内の指定された位置の1ビットのデータを反転させる命令と、1ビットのデータを反転させた後の第1プログラムの実行において発生した異常に関する第1情報を収集させる命令と、を含む。情報処理システムは、さらに、指定された位置に関する第2情報と第1情報とを対応付けてデータベースに登録する登録部を備える。 According to an example of the present disclosure, the information processing system includes a first information processing device and a database. The first information processing device includes a processor that executes a first program and a second program that is interrupted during execution of the first program, and a memory. The second program is an instruction to invert the 1-bit data at a specified position in the memory and an instruction to collect the first information regarding an abnormality that occurred in the execution of the first program after inverting the 1-bit data. And, including. The information processing system further includes a registration unit that registers the second information and the first information regarding the designated position in the database in association with each other.
 この開示によれば、第1情報と第2情報とが対応付けてデータベースに蓄積される。その結果、データベースを参照することにより、第1プログラムを実行する情報処理装置においてソフトエラーが発生したときの影響を容易に確認できる。 According to this disclosure, the first information and the second information are associated and stored in the database. As a result, by referring to the database, it is possible to easily confirm the influence when a soft error occurs in the information processing apparatus that executes the first program.
 上述の開示において、第2情報は、指定された位置に書き込まれていた変数の名称を含む。 In the above disclosure, the second information includes the name of the variable written at the specified position.
 この開示によれば、メモリに格納された変数の値にソフトエラーによるデータ化けが発生したときの影響を確認しやすくなる。 According to this disclosure, it becomes easy to confirm the effect when data garbled due to a soft error occurs on the value of the variable stored in the memory.
 上述の開示において、第1情報は、異常の内容を識別する第1識別情報および第1プログラムのうち異常が発生したときに実行されていたソースコードを識別する第2識別情報の少なくとも1つを含む。 In the above disclosure, the first information includes at least one of the first identification information for identifying the content of the abnormality and the second identification information for identifying the source code executed when the abnormality occurred in the first program. include.
 この開示によれば、第1識別情報を参照することにより、どのような内容の異常が発生するかを容易に確認できる。あるいは、第2識別情報を参照することにより、第1プログラムのうちのどのソースコードで異常が発生するかを容易に確認できる。 According to this disclosure, by referring to the first identification information, it is possible to easily confirm what kind of abnormality occurs. Alternatively, by referring to the second identification information, it is possible to easily confirm in which source code of the first program the abnormality occurs.
 上述の開示において、登録部は、第1情報および第2情報と対応付けて、異常が発生したときのメモリの内容を示すメモリダンプをデータベースにさらに登録する。 In the above disclosure, the registration unit further registers a memory dump indicating the contents of the memory when an abnormality occurs in the database in association with the first information and the second information.
 この開示によれば、例えば、第1プログラムを実行する情報処理装置において異常が発生した場合、当該異常と同じ内容の異常情報に対応するメモリダンプと、当該情報処理装置のメモリの内容とが比較される。比較結果は、異常の原因の特定に役立つ。そのため、異常の原因の解析に要する時間を短縮できる。 According to this disclosure, for example, when an abnormality occurs in the information processing apparatus that executes the first program, the memory dump corresponding to the abnormality information having the same content as the abnormality is compared with the memory content of the information processing apparatus. Will be done. The comparison results help identify the cause of the anomaly. Therefore, the time required for analysis of the cause of the abnormality can be shortened.
 上述の開示において、情報処理システム1は、第1プログラムを実行する第2情報処理装置において発生した異常に関する解析対象情報と一致する第1情報をデータベースから検索し、検索された第1情報に対応する第2情報を出力する検索部をさらに備える。 In the above disclosure, the information processing system 1 searches the database for the first information that matches the analysis target information regarding the abnormality generated in the second information processing apparatus that executes the first program, and corresponds to the searched first information. A search unit for outputting the second information is further provided.
 情報処理システム1は、第1プログラムを実行する第2情報処理装置において発生した異常に関する解析対象情報と一致する第1情報をデータベースから検索し、検索された第1情報に対応する第2情報およびメモリダンプを出力する検索部をさらに備えてもよい。 The information processing system 1 searches the database for the first information that matches the analysis target information regarding the abnormality generated in the second information processing apparatus that executes the first program, and the second information corresponding to the searched first information and the second information. A search unit that outputs a memory dump may be further provided.
 これらの開示によれば、第2情報処理装置において発生した異常の原因の候補として、出力された第2情報によって示される位置のソフトエラーが容易に挙げられる。その結果、異常の原因の解析に要する時間を短縮できる。 According to these disclosures, as a candidate for the cause of the abnormality generated in the second information processing apparatus, a soft error at the position indicated by the output second information can be easily mentioned. As a result, the time required for analysis of the cause of the abnormality can be shortened.
 さらに、メモリダンプが出力される場合、当該メモリダンプと第2情報処理装置のメモリの内容との比較結果は、異常の原因の特定に役立つ。そのため、異常の原因の解析に要する時間をさらに短縮できる。 Furthermore, when a memory dump is output, the comparison result between the memory dump and the contents of the memory of the second information processing device is useful for identifying the cause of the abnormality. Therefore, the time required for analysis of the cause of the abnormality can be further shortened.
 上述の開示において、登録部は、第1情報および第2情報と対応付けて、第1情報に対応する異常の原因が1ビットのデータの反転であるか否かを示す第3情報をデータベースにさらに登録する。検索部は、異常の原因が1ビットのデータの反転でないことを示す第3情報に対応する第1情報を検索対象から除外する。この開示によれば、検索に要する時間が短縮される。 In the above disclosure, the registration unit associates the first information and the second information with the third information indicating whether or not the cause of the abnormality corresponding to the first information is the inversion of 1-bit data in the database. Register further. The search unit excludes the first information corresponding to the third information indicating that the cause of the abnormality is not the inversion of the 1-bit data from the search target. According to this disclosure, the time required for searching is shortened.
 本開示の一例によれば、プログラムを実行するプロセッサとメモリとを含む情報処理装置を用いたデータベースの構築方法は、第1~第3のステップを備える。第1のステップは、メモリ内の指定された位置の1ビットのデータを反転させるステップである。第2のステップは、1ビットのデータを反転させた後のプロセッサによるプログラムの実行において発生した異常に関する第1情報を収集するステップである。第3のステップは、指定された位置に関する第2情報と第1情報とを対応付けてデータベースに登録するステップである。この開示によっても、ソフトエラーとその影響との関係を容易に確認できる。 According to an example of the present disclosure, a method of constructing a database using an information processing device including a processor for executing a program and a memory includes first to third steps. The first step is a step of inverting 1-bit data at a specified position in the memory. The second step is to collect the first information regarding the abnormality that occurred in the execution of the program by the processor after inverting the 1-bit data. The third step is a step of associating the second information and the first information regarding the designated position with each other and registering them in the database. This disclosure also makes it easy to confirm the relationship between soft errors and their effects.
 本開示によれば、ソフトエラーとその影響との関係を容易に確認できる。 According to this disclosure, the relationship between soft errors and their effects can be easily confirmed.
実施の形態に係る情報処理システムに備えられる、データベースの構築に関連する構成を示す概略図である。It is a schematic diagram which shows the structure related to the construction of the database provided in the information processing system which concerns on embodiment. 実施の形態に係る情報処理システムに備えられる、データベースの利用に関連する構成を示す概略図である。It is a schematic diagram which shows the structure related to the use of the database provided in the information processing system which concerns on embodiment. 図1に示す安全IOユニットのハードウェア構成例を示す模式図である。It is a schematic diagram which shows the hardware configuration example of the safety IO unit shown in FIG. 図1および図2に示すコンピュータのハードウェア構成例を示すブロック図である。It is a block diagram which shows the hardware configuration example of the computer shown in FIG. 1 and FIG. 安全IOユニットの機能構成を示すブロック図である。It is a block diagram which shows the functional structure of a safety IO unit. コンピュータの機能構成を示すブロック図である。It is a block diagram which shows the functional structure of a computer. データベースに含まれるテーブルの一例を示す図である。It is a figure which shows an example of the table included in a database.
 本開示の実施の形態について、図面を参照しながら詳細に説明する。なお、図中の同一または相当部分については、同一符号を付してその説明は繰返さない。 The embodiments of the present disclosure will be described in detail with reference to the drawings. The same or corresponding parts in the drawings are designated by the same reference numerals and the description thereof will not be repeated.
 §1 適用例
 航空宇宙システム、自動車、医療機器、通信機器、産業機器など様々に分野において、メモリのデータ化けに起因する異常が発生し得る。本開示は、このような様々な分野のシステムに適用され得る。以下では、本開示の適用例として、FA(ファクトリオートメーション)分野に組み込まれる情報処理システムについて説明するが、本開示の適用例は、FA分野に限定されない。 §1 Application example In various fields such as aerospace systems, automobiles, medical equipment, communication equipment, and industrial equipment, abnormalities due to garbled memory data may occur. The present disclosure may be applied to systems in such various fields. Hereinafter, an information processing system incorporated in the FA (factory automation) field will be described as an application example of the present disclosure, but the application example of the present disclosure is not limited to the FA field.
 図1は、実施の形態に係る情報処理システムに備えられる、データベースの構築に関連する構成を示す概略図である。図1に例示される情報処理システム1は、安全IO(Input/Output)ユニット100と、データベース200と、コンピュータ300と、PLC(プログラマブルロジックコントローラ)400と、カプラ500と、安全コントローラ600とを備える。 FIG. 1 is a schematic diagram showing a configuration related to the construction of a database provided in the information processing system according to the embodiment. The information processing system 1 exemplified in FIG. 1 includes a safety IO (Input / Output) unit 100, a database 200, a computer 300, a PLC (programmable logic controller) 400, a coupler 500, and a safety controller 600. ..
 図1に示す例では、安全IOユニット100のメインメモリ104に発生したソフトエラーとその影響との対応関係を示す情報がデータベース200に蓄積される。安全IOユニット100、PLC400、カプラ500および安全コントローラ600は、データベース200の構築のために準備される。あるいは、立ち上げ段階の生産ラインに設置された安全IOユニット、PLC、カプラおよび安全コントローラを、安全IOユニット100、PLC400、カプラ500および安全コントローラ600としてそれぞれ用いてもよい。 In the example shown in FIG. 1, information indicating the correspondence between the soft error generated in the main memory 104 of the safety IO unit 100 and its influence is stored in the database 200. The safety IO unit 100, PLC400, coupler 500 and safety controller 600 are prepared for the construction of the database 200. Alternatively, the safety IO unit, PLC, coupler and safety controller installed in the production line at the start-up stage may be used as the safety IO unit 100, PLC400, coupler 500 and safety controller 600, respectively.
 安全コントローラ600および安全IOユニット100は、ローカルユニットとして、ローカルバス10を介してカプラ500と接続される。なお、「ローカルユニット」とは、ローカルバス10を介して接続される任意のユニットを総称する。 The safety controller 600 and the safety IO unit 100 are connected to the coupler 500 as a local unit via the local bus 10. The "local unit" is a general term for any unit connected via the local bus 10.
 PLC400は、予め作成された標準制御プログラムに従って、図示しない任意の制御対象に対する標準制御を実行する。「標準制御」は、予め定められた要求仕様に沿って、制御対象を制御するための処理の総称である。制御対象は、例えばサーボモータ、ロボットなどである。 The PLC400 executes standard control for any control target (not shown) according to a standard control program created in advance. "Standard control" is a general term for processes for controlling a controlled object in accordance with predetermined requirement specifications. The control target is, for example, a servo motor, a robot, or the like.
 カプラ500は、PLC400と安全コントローラ600との間のデータの遣り取りを仲介する。カプラ500は、フィールドネットワークを介して、PLC400と電気的に接続されている。フィールドネットワークは、FA用のデータ伝送を実現するための通信媒体である。フィールドネットワークにおいて、予め定められた周期でフレーム伝送が可能になっており、ネットワーク内の各ノードに対するデータ到着時間が保証される。このようなデータ到着時間が保証されるプロトコルの一例として、フィールドネットワークにはEtherCAT(登録商標)が採用される。 The coupler 500 mediates the exchange of data between the PLC 400 and the safety controller 600. The coupler 500 is electrically connected to the PLC 400 via a field network. The field network is a communication medium for realizing data transmission for FA. In the field network, frame transmission is possible at a predetermined cycle, and the data arrival time for each node in the network is guaranteed. As an example of such a protocol in which the data arrival time is guaranteed, EtherCAT (registered trademark) is adopted for the field network.
 カプラ500は、ローカルバス10を介して、PLC400から受信したデータをローカルユニット(安全コントローラ600および安全IOユニット100)へ送信する。カプラ500は、ローカルユニットからデータを受信すると、当該受信したデータを次の通信フレームに格納する準備を行なう。 The coupler 500 transmits the data received from the PLC 400 to the local unit (safety controller 600 and safety IO unit 100) via the local bus 10. When the coupler 500 receives data from the local unit, the coupler 500 prepares to store the received data in the next communication frame.
 安全コントローラ600は、任意の制御対象に対するセーフティ制御を実行する。「セーフティ制御」は、設備や機械などによって人の安全が脅かされることを防止するための処理の総称である。「セーフティ制御」は、例えばIEC 61508などに規定されたセーフティ機能を実現するための要件を満たすように設計される。 The safety controller 600 executes safety control for an arbitrary control target. "Safety control" is a general term for processes to prevent human safety from being threatened by equipment or machines. The "safety control" is designed to meet the requirements for realizing the safety function specified in, for example, IEC 61508.
 安全IOユニット100は、安全コントローラ600にローカルバス10を介して接続される。さらに、安全IOユニット100には任意の安全デバイス(図示せず)が接続される。安全デバイスには、ライトカーテン、非常停止ボタン、セーフティドアスイッチなどが含まれる。 The safety IO unit 100 is connected to the safety controller 600 via the local bus 10. Further, an arbitrary safety device (not shown) is connected to the safety IO unit 100. Safety devices include light curtains, emergency stop buttons, safety door switches and the like.
 安全IOユニット100は、予め定められた周期(以下、「セーフティタスク周期」と称する。)ごとにIOタスクを実行する。IOタスクには、安全デバイスからの入力信号の受け付ける処理、当該入力信号を安全コントローラ600へ提供する処理、安全コントローラ600からの指令を受け付ける処理、当該指令に応じて演算する処理、演算結果を出力する処理などが含まれる。さらに、IOタスクには、安全IOユニット100の異常を検知する処理、および、検知された異常を安全コントローラ600に通知する処理も含まれる。 The safety IO unit 100 executes an IO task at a predetermined cycle (hereinafter referred to as "safety task cycle"). In the IO task, the process of receiving the input signal from the safety device, the process of providing the input signal to the safety controller 600, the process of accepting the command from the safety controller 600, the process of calculating according to the command, and the process of outputting the calculation result are output. Processing to be done is included. Further, the IO task includes a process of detecting an abnormality in the safety IO unit 100 and a process of notifying the safety controller 600 of the detected abnormality.
 安全コントローラ600は、安全IOユニット100から提供された入力信号に応じて、セーフティ制御を実行する。例えば、安全コントローラ600は、ライトカーテンである安全デバイスから人の侵入を示す入力信号が提供されると、PLC400の制御対象への電源供給を遮断する。あるいは、安全コントローラ600は、非常停止ボタンである安全デバイスからボタン押下を示す入力信号が提供されると、PLC400の制御対象への電源供給を遮断する。安全コントローラ600は、PLC400の制御対象への電源供給を遮断する際、情報処理システム1を構成する機器間の通信を停止する。 The safety controller 600 executes safety control according to the input signal provided from the safety IO unit 100. For example, the safety controller 600 cuts off the power supply to the controlled object of the PLC 400 when an input signal indicating the intrusion of a person is provided from the safety device which is a light curtain. Alternatively, the safety controller 600 cuts off the power supply to the controlled object of the PLC 400 when the input signal indicating the button press is provided from the safety device which is the emergency stop button. When the safety controller 600 cuts off the power supply to the controlled object of the PLC 400, the safety controller 600 stops the communication between the devices constituting the information processing system 1.
 このように、安全IOユニット100は、人の安全が脅かされることを防止するためのセーフティ制御に直接関わる。従って、安全コントローラ600は、安全IOユニット100に異常が発生したときにも、PLC400の制御対象への電源供給を遮断する。 In this way, the safety IO unit 100 is directly involved in safety control for preventing the safety of human beings from being threatened. Therefore, the safety controller 600 cuts off the power supply to the controlled object of the PLC 400 even when an abnormality occurs in the safety IO unit 100.
 コンピュータ300は、例えば汎用のノート型コンピュータである。コンピュータ300は、例えばEthernet/IP(登録商標)等の通信規格に従って、PLC400との間でデータを遣り取りする。さらに、コンピュータ300は、データベース200にアクセス可能であり、データベース200を更新したり、データベース200を用いた検索処理を行なったりする。 The computer 300 is, for example, a general-purpose notebook computer. The computer 300 exchanges data with the PLC 400 according to a communication standard such as Ethernet / IP (registered trademark). Further, the computer 300 can access the database 200, updates the database 200, and performs a search process using the database 200.
 24時間×365日稼働する生産ラインに設置された安全IOユニットにおいてソフトエラーが発生し、当該ソフトエラーに起因して安全IOユニットに異常が発生すると、生産ラインが停止される。このような生産ラインでは、停止時間をなるべく短縮することが好ましい。そのため、異常の原因を即座に解析できることが望まれる。このような要望に応えるために、本実施の形態に係る情報処理システム1は、安全IOユニット100に備えられるメインメモリ104において擬似的にソフトエラーを発生させ、その後に発生した異常に関する情報(以下、「異常情報」と称する。)をデータベース200に登録する。 A soft error occurs in the safety IO unit installed in the production line that operates 24 hours x 365 days, and if an abnormality occurs in the safety IO unit due to the soft error, the production line is stopped. In such a production line, it is preferable to shorten the downtime as much as possible. Therefore, it is desired to be able to immediately analyze the cause of the abnormality. In order to meet such a demand, the information processing system 1 according to the present embodiment generates a pseudo soft error in the main memory 104 provided in the safety IO unit 100, and information on an abnormality that occurs thereafter (hereinafter, , "Abnormal information") is registered in the database 200.
 具体的には、図1に示されるように、ステップS1において、コンピュータ300は、PLC400、カプラ500および安全コントローラ600を介して、安全IOユニット100のメインメモリ104内の1ビットの位置を指定する。 Specifically, as shown in FIG. 1, in step S1, the computer 300 designates the position of one bit in the main memory 104 of the safety IO unit 100 via the PLC 400, the coupler 500, and the safety controller 600. ..
 次にステップS2において、安全IOユニット100は、メインメモリ104の指定された位置の1ビットのデータを反転させる。安全IOユニット100は、1ビットのデータを反転させた後の所定時間内に発生した異常に関する異常情報を収集する。 Next, in step S2, the safety IO unit 100 inverts 1-bit data at a designated position in the main memory 104. The safety IO unit 100 collects abnormality information regarding an abnormality that has occurred within a predetermined time after inverting the 1-bit data.
 安全IOユニット100において異常が発生すると、安全コントローラ600は、PLC400の制御対象への電源供給を遮断する。このとき、情報処理システム1の機器間の通信も停止される。 When an abnormality occurs in the safety IO unit 100, the safety controller 600 cuts off the power supply to the controlled object of the PLC 400. At this time, the communication between the devices of the information processing system 1 is also stopped.
 その後、情報処理システム1の機器間の通信が再び開始されると、ステップS3において、収集された異常情報は、安全コントローラ600およびカプラ500を介して、PLC400に伝送される。コンピュータ300は、PLC400から異常情報を取得する。 After that, when the communication between the devices of the information processing system 1 is started again, the collected abnormality information in step S3 is transmitted to the PLC 400 via the safety controller 600 and the coupler 500. The computer 300 acquires the abnormality information from the PLC 400.
 次にステップS4において、コンピュータ300は、ステップS1において指定した位置に関する位置情報とステップS3において取得した異常情報とを対応付けてデータベース200に登録する。 Next, in step S4, the computer 300 registers the position information regarding the position specified in step S1 and the abnormality information acquired in step S3 in the database 200 in association with each other.
 これにより、位置情報と異常情報とが対応付けてデータベース200に蓄積される。その結果、データベース200を参照することにより、安全IOユニット100においてソフトエラーが発生したときの影響を容易に確認できる。 As a result, the location information and the abnormality information are associated and stored in the database 200. As a result, by referring to the database 200, the influence when a soft error occurs in the safety IO unit 100 can be easily confirmed.
 図2は、実施の形態に係る情報処理システム1に備えられる、データベース200の利用に関連する構成を示す概略図である。図2に示されるように、情報処理システム1は、データベース200およびコンピュータ300に加えて、安全IOユニット100Aと、PLC400Aと、カプラ500Aと、安全コントローラ600Aとを備える。 FIG. 2 is a schematic diagram showing a configuration related to the use of the database 200 provided in the information processing system 1 according to the embodiment. As shown in FIG. 2, the information processing system 1 includes a safety IO unit 100A, a PLC 400A, a coupler 500A, and a safety controller 600A in addition to the database 200 and the computer 300.
 安全IOユニット100A、PLC400A、カプラ500Aおよび安全コントローラ600Aは、稼働中の生産ラインに設置される。立ち上げ段階の生産ラインに設置されていた安全IOユニット100、PLC400、カプラ500および安全コントローラ600が、安全IOユニット100A、PLC400A、カプラ500Aおよび安全コントローラ600Aとしてそれぞれ用いられてもよい。 The safety IO unit 100A, PLC400A, coupler 500A and safety controller 600A are installed on the production line in operation. The safety IO unit 100, PLC400, the coupler 500 and the safety controller 600 installed in the production line at the start-up stage may be used as the safety IO unit 100A, the PLC400A, the coupler 500A and the safety controller 600A, respectively.
 安全IOユニット100Aは、異常が発生すると、異常に関する異常情報を生成する。生成された異常情報は、安全コントローラ600A、カプラ500AおよびPLC400Aに伝送される。コンピュータ300は、PLC400Aから、伝送された異常情報を解析対象情報として取得する(ステップS11)。なお、コンピュータ300は、安全IOユニット100Aから解析対象情報を直接取得してもよい。 When an abnormality occurs, the safety IO unit 100A generates abnormality information regarding the abnormality. The generated abnormality information is transmitted to the safety controller 600A, the coupler 500A and the PLC 400A. The computer 300 acquires the transmitted abnormality information from the PLC 400A as analysis target information (step S11). The computer 300 may directly acquire the analysis target information from the safety IO unit 100A.
 次に、コンピュータ300は、データベース200から、取得した解析対象情報と一致する異常情報を検索する(ステップS12)。コンピュータ300は、検索された異常情報に対応する位置情報を出力する(ステップS13)。例えば、コンピュータ300は、位置情報を表示する。 Next, the computer 300 searches the database 200 for abnormal information that matches the acquired analysis target information (step S12). The computer 300 outputs the position information corresponding to the searched abnormality information (step S13). For example, the computer 300 displays location information.
 これにより、解析者は、安全IOユニット100Aにおいて発生した異常の原因の候補として、安全IOユニット100Aのメインメモリ104における、位置情報によって示される位置のデータのソフトエラーを挙げることができる。その結果、解析者は、位置情報によって示される位置のデータを確認することにより、異常の原因がソフトエラーか否かを判断できる。このように、本実施の形態のデータベース200を用いて安全IOユニット100Aの異常の原因を解析することにより、解析に要する時間を短縮できる。 Thereby, the analyst can cite a soft error of the position data indicated by the position information in the main memory 104 of the safety IO unit 100A as a candidate for the cause of the abnormality generated in the safety IO unit 100A. As a result, the analyst can determine whether or not the cause of the abnormality is a soft error by confirming the position data indicated by the position information. As described above, by analyzing the cause of the abnormality of the safety IO unit 100A using the database 200 of the present embodiment, the time required for the analysis can be shortened.
 §2 具体例
 <安全IOユニットのハードウェア構成>
 図3は、図1に示す安全IOユニットのハードウェア構成例を示す模式図である。図3に例示される安全IOユニット100は、プロセッサ102と、メインメモリ104と、ストレージ106と、ローカルバスコントローラ108と、安全IOモジュール110と、バッファメモリ112とを含む。これらのコンポーネントは、プロセッサバス114を介して、互いに接続されている。 §2 Specific example <Hardware configuration of safety IO unit>
FIG. 3 is a schematic diagram showing a hardware configuration example of the safety IO unit shown in FIG. The safety IO unit 100 exemplified in FIG. 3 includes a processor 102, a main memory 104, a storage 106, a local bus controller 108, a safety IO module 110, and a buffer memory 112. These components are connected to each other via the processor bus 114.
 プロセッサ102は、セーフティ制御を実現するために必要な信号の入出力および管理機能に係る制御演算を実行する演算処理部に相当し、CPU(Central Processing Unit)やMPU(Micro Processing Unit)などによって構成される。 The processor 102 corresponds to an arithmetic processing unit that executes control operations related to signal input / output and management functions necessary for realizing safety control, and is configured by a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like. Will be done.
 メインメモリ104は、例えばDRAM(Dynamic Random Access Memory)やSRAM(Static Random Access Memory)のような揮発性メモリによって構成される。SRAMは、記憶部の構造としてフリップフロップを用いており、リフレッシュ動作を必要とせず、DRAMより高速に動作できるという利点を有する。そのため、SRAMをメインメモリ104として用いることが好ましい。 The main memory 104 is composed of volatile memories such as DRAM (Dynamic Random Access Memory) and SRAM (Static Random Access Memory). The SRAM uses a flip-flop as the structure of the storage unit, does not require a refresh operation, and has an advantage that it can operate at a higher speed than the DRAM. Therefore, it is preferable to use SRAM as the main memory 104.
 積み上げ型(スタック型)の構造を有するDRAMでは、ソフトエラー耐性が高い。一方、フリップフロップ構造を有するSRAMでは、微細化によりソフトエラー耐性が低下する。そのため、SRAMによって構成されるメインメモリ104を用いる場合、メインメモリ104にソフトエラーが起こりやすい。以下、メインメモリ104がSRAMであるとものとして説明する。 DRAM with a stack type structure has high soft error resistance. On the other hand, in an SRAM having a flip-flop structure, the soft error tolerance is lowered due to miniaturization. Therefore, when the main memory 104 configured by the SRAM is used, a soft error is likely to occur in the main memory 104. Hereinafter, it is assumed that the main memory 104 is a SRAM.
 メインメモリ104は、スタック領域、データ領域およびテキスト領域を有する。スタック領域は、プロセッサ102に内蔵されるレジスタに保持されるデータを一時退避させるための領域である。メインルーチンの実行中に関数処理(サブルーチン)が発生すると、メインルーチンを中断させるために、レジスタに保持されたデータがスタック領域に一時的に退避される。データ領域は、各種の変数などが格納される領域である。テキスト領域は、プログラムが展開される領域である。 The main memory 104 has a stack area, a data area, and a text area. The stack area is an area for temporarily saving data held in a register built in the processor 102. When a function process (subroutine) occurs during execution of the main routine, the data held in the register is temporarily saved in the stack area in order to interrupt the main routine. The data area is an area in which various variables and the like are stored. The text area is the area where the program is expanded.
 ストレージ106は、例えば、SSD(Solid State Drive)、HDD(Hard Disk Drive)などの不揮発性記憶装置などで構成される。ストレージ106には、IOタスクを実現するための実行可能プログラム120と、ライブラリ122と、割り込みプログラム124とが格納される。 The storage 106 is composed of, for example, a non-volatile storage device such as an SSD (Solid State Drive) or an HDD (Hard Disk Drive). The storage 106 stores an executable program 120 for realizing an IO task, a library 122, and an interrupt program 124.
 実行可能プログラム120は、IOタスクを実現するために必要な信号の入出力および管理機能に係る制御演算を規定する命令群を含む。実行可能プログラム120は、1または複数のプログラムファイルによって構成される。 The executable program 120 includes a group of instructions that specify control operations related to signal input / output and management functions necessary for realizing an IO task. The executable program 120 is composed of one or more program files.
 割り込みプログラム124は、データベース200に登録される情報を収集するためのプログラムである。割り込みプログラム124は、実行可能プログラム120の実行中に最優先で割り込まれて実行される。 The interrupt program 124 is a program for collecting information registered in the database 200. The interrupt program 124 is interrupted and executed with the highest priority during the execution of the executable program 120.
 ローカルバスコントローラ108は、ローカルバス10を介して、安全IOユニット100が接続されるデバイス(例えば安全コントローラ600、カプラ500)との間でデータを遣り取りする。 The local bus controller 108 exchanges data with a device (for example, a safety controller 600, a coupler 500) to which the safety IO unit 100 is connected via the local bus 10.
 安全IOモジュール110は、安全デバイスと電気的に接続され、安全デバイスによる検出結果などの入力を受け付けたり、安全デバイスへ信号を出力したりする。 The safety IO module 110 is electrically connected to the safety device, accepts inputs such as detection results by the safety device, and outputs a signal to the safety device.
 バッファメモリ112は、ローカルバス10を伝送する通信フレームを一時的に保持する。バッファメモリ112には入力データ群と出力データ群とが保持される。安全IOモジュール110は、安全デバイスから受けた入力信号を入力データ群の一部としてバッファメモリ112に格納する。さらに、ローカルバスコントローラ108は、カプラ500または安全コントローラ600から受けた入力信号を入力データ群の一部としてバッファメモリ112に格納する。出力データ群は、セーフティタスク周期ごとに、ローカルバスコントローラ108によって安全コントローラ600およびカプラ500に伝送される。さらに、出力データ群は、カプラ500からPLC400に伝送される。 The buffer memory 112 temporarily holds a communication frame for transmitting the local bus 10. The buffer memory 112 holds an input data group and an output data group. The safety IO module 110 stores the input signal received from the safety device in the buffer memory 112 as a part of the input data group. Further, the local bus controller 108 stores the input signal received from the coupler 500 or the safety controller 600 in the buffer memory 112 as a part of the input data group. The output data group is transmitted to the safety controller 600 and the coupler 500 by the local bus controller 108 every safety task cycle. Further, the output data group is transmitted from the coupler 500 to the PLC 400.
 図2に示す安全IOユニット100Aも図3に示すハードウェア構成を有する。ただし、安全IOユニット100Aのストレージ106には、割り込みプログラム124が格納されていなくてもよい。 The safety IO unit 100A shown in FIG. 2 also has the hardware configuration shown in FIG. However, the interrupt program 124 may not be stored in the storage 106 of the safety IO unit 100A.
 <コンピュータのハードウェア構成例>
 図4は、図1および図2に示す本実施の形態に係るコンピュータ300のハードウェア構成例を示すブロック図である。 <Computer hardware configuration example>
FIG. 4 is a block diagram showing a hardware configuration example of the computer 300 according to the present embodiment shown in FIGS. 1 and 2.
 コンピュータ300は、典型的には、汎用的なアーキクテチャを有するパーソナルコンピュータである。図4に示されるように、コンピュータ300は、プロセッサ302と、メモリ304と、ストレージ306と、ディスプレイ308と、入力装置310と、USBコントローラ312とを含む。これらのコンポーネントは内部バス314を介して互いに接続されている。 The computer 300 is typically a personal computer having a general-purpose architecture. As shown in FIG. 4, the computer 300 includes a processor 302, a memory 304, a storage 306, a display 308, an input device 310, and a USB controller 312. These components are connected to each other via an internal bus 314.
 プロセッサ302は、CPU、MPUなどで構成され、ストレージ306に格納された各種プログラムを読み出して、メモリ304に展開して実行することで、後述したような各種機能を実現する。メモリ304は、DRAMやSRAMなどの揮発性記憶装置などで構成される。 The processor 302 is composed of a CPU, an MPU, and the like, and realizes various functions as described later by reading various programs stored in the storage 306, expanding them in the memory 304, and executing the programs. The memory 304 is composed of a volatile storage device such as DRAM or SRAM.
 ストレージ306は、例えば、HDDやSSDなどの不揮発性記憶装置などで構成される。ストレージ306には、OS(Operating System)320と、データベース200の構築に関するDB構築プログラム322と、安全IOユニット100Aの異常の原因を検索する検索プログラム324とが格納される。 The storage 306 is composed of, for example, a non-volatile storage device such as an HDD or SSD. The storage 306 stores an OS (Operating System) 320, a DB construction program 322 related to the construction of the database 200, and a search program 324 for searching for the cause of an abnormality in the safety IO unit 100A.
 ディスプレイ308は、プロセッサ302などによる演算結果を表示するデバイスであり、例えば、LCD(Liquid Crystal Display)などで構成される。 The display 308 is a device that displays the calculation result of the processor 302 or the like, and is composed of, for example, an LCD (Liquid Crystal Display) or the like.
 入力装置310は、入力を受付けるデバイスであり、例えば、キーボードやメモリなどで構成される。 The input device 310 is a device that receives input, and is composed of, for example, a keyboard and a memory.
 USBコントローラ312は、USB接続を介して、PLC400,400Aとの間でデータを遣り取りする。さらに、USBコントローラ312は、USB接続を介して、データベース200にアクセスする。 The USB controller 312 exchanges data with and from the PLC400 and 400A via the USB connection. Further, the USB controller 312 accesses the database 200 via the USB connection.
 <安全IOユニットの機能構成>
 図5は、安全IOユニット100の機能構成を示すブロック図である。図5に示されるように、安全IOユニット100は、タスク実行部11と、書込読出処理部12と、データ反転部13と、変数名抽出部14と、異常情報収集部15と、ダンプ処理部16とを含む。 <Functional configuration of safety IO unit>
FIG. 5 is a block diagram showing a functional configuration of the safety IO unit 100. As shown in FIG. 5, the safety IO unit 100 includes a task execution unit 11, a write / read processing unit 12, a data inversion unit 13, a variable name extraction unit 14, an abnormality information collection unit 15, and a dump process. Including part 16.
 タスク実行部11は、図3に示すプロセッサ102が実行可能プログラム120を実行することにより実現される。書込読出処理部12は、プロセッサ102がライブラリ122を実行することにより実現される。データ反転部13、変数名抽出部14、異常情報収集部15およびダンプ処理部16は、プロセッサ102が割り込みプログラム124を実行することにより実現される。なお、プロセッサ102は、コンピュータ300から受ける割り込み指示に応じて割り込みプログラム124を実行する。 The task execution unit 11 is realized by the processor 102 shown in FIG. 3 executing the executable program 120. The write / read processing unit 12 is realized by the processor 102 executing the library 122. The data inversion unit 13, the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 are realized by the processor 102 executing the interrupt program 124. The processor 102 executes the interrupt program 124 in response to an interrupt instruction received from the computer 300.
 タスク実行部11は、セーフティタスク周期ごとにIOタスクを実行する。具体的には、タスク実行部11は、バッファメモリ112に格納された入力データ群に含まれるデータおよびメインメモリ104に格納された変数の少なくとも一方を用いた制御演算を行なう。さらに、タスク実行部11は、制御演算によって得られたデータを出力データ群の一部としてバッファメモリ112に格納する。 The task execution unit 11 executes an IO task every safety task cycle. Specifically, the task execution unit 11 performs a control operation using at least one of the data included in the input data group stored in the buffer memory 112 and the variables stored in the main memory 104. Further, the task execution unit 11 stores the data obtained by the control operation in the buffer memory 112 as a part of the output data group.
 例えば、タスク実行部11は、入力データ群に含まれる、安全デバイスからの入力信号を出力データ群の一部としてバッファメモリ112に格納する。これにより、次のセーフティタスク周期において、安全デバイスからの入力信号が安全コントローラ600に出力される。その結果、安全コントローラ600は、安全デバイスによって人の侵入が検知されることを認識できる。 For example, the task execution unit 11 stores the input signal from the safety device included in the input data group in the buffer memory 112 as a part of the output data group. As a result, the input signal from the safety device is output to the safety controller 600 in the next safety task cycle. As a result, the safety controller 600 can recognize that the safety device detects the intrusion of a person.
 タスク実行部11は、制御演算において何らかの異常が発生したことに応じて、異常に関する異常情報130を生成し、生成した異常情報130を出力データ群の一部としてバッファメモリ112に格納する。これにより、次のセーフティタスク周期において、異常情報130は、安全コントローラ600、カプラ500およびPLC400に伝送される。その結果、安全コントローラ600は、安全IOユニット100において異常が発生したことを認識できる。 The task execution unit 11 generates abnormality information 130 regarding the abnormality in response to the occurrence of some abnormality in the control operation, and stores the generated abnormality information 130 in the buffer memory 112 as a part of the output data group. As a result, in the next safety task cycle, the abnormality information 130 is transmitted to the safety controller 600, the coupler 500, and the PLC 400. As a result, the safety controller 600 can recognize that an abnormality has occurred in the safety IO unit 100.
 異常情報130は、異常の内容を識別する識別情報(以下、「異常ID」と称する。)と、異常が発生したときに実行していたソースコードを識別する識別情報(「以下、コード情報」と称する。)とを含む。コード情報は、実行可能プログラム120を構成する1または複数のプログラムファイルのうちの実行中のソースコードを含む1つのプログラムファイルのファイル名と、当該1つのプログラムファイルにおける実行中のソードコードが記載された行番号とを含む。 The abnormality information 130 includes identification information for identifying the content of the abnormality (hereinafter referred to as “abnormal ID”) and identification information for identifying the source code executed when the abnormality occurred (“code information”). It is referred to as). The code information describes the file name of one program file including the running source code of one or more program files constituting the executable program 120, and the running sword code in the one program file. Includes the line number.
 安全IOユニット100の異常には、例えば、許されない演算(0での除算、実数演算で解が虚数になる演算など)、割り当てられていない記憶領域へのアクセスなどが含まれる。 Abnormalities in the safety IO unit 100 include, for example, unacceptable operations (division by 0, operations in which the solution becomes an imaginary number in real number operations, etc.), access to unallocated storage areas, and the like.
 書込読出処理部12は、書込指示および読出指示を受けて、メインメモリ104に対して指定された変数の書き込みおよび読み出しをそれぞれ実行する。図5に示されるように、書込読出処理部12は、変数管理テーブル17を管理している。変数管理テーブル17は、各変数について、変数名とメインメモリ104において当該変数の値を示すデータが保持されるアドレスとを対応付ける。書込読出処理部12は、変数管理テーブル17を用いて、指定された変数の書き込みおよび読み出しを実行する。 The write / read processing unit 12 receives the write instruction and the read instruction, and executes the write / read of the designated variable to the main memory 104, respectively. As shown in FIG. 5, the write / read processing unit 12 manages the variable management table 17. The variable management table 17 associates a variable name with an address in which data indicating the value of the variable is held in the main memory 104 for each variable. The write / read processing unit 12 executes writing / reading of the designated variable by using the variable management table 17.
 データ反転部13は、割り込み指示を受けると、タスク実行部11の処理を一時的に中止させる。割り込み指示において、メインメモリ104における1ビットの位置(以下、「反転位置」と称する。)が指定される。反転位置は、アドレスおよびアドレス内のビット位置によって表される。 When the data inversion unit 13 receives the interrupt instruction, the processing of the task execution unit 11 is temporarily stopped. In the interrupt instruction, the position of 1 bit in the main memory 104 (hereinafter, referred to as “reversed position”) is specified. The inverted position is represented by the address and the bit position within the address.
 割り込みプログラム124は、メモリ内の指定された位置の1ビットのデータを反転させる命令を含む。そのため、データ反転部13は、当該命令に従って、割り込み指示によって指定された反転位置の1ビットのデータを反転させる書込指示を生成する。データ反転部13は、生成した書込指示を書込読出処理部12に出力する。これにより、メインメモリ104における反転位置の1ビットのデータが反転する。データ反転部13は、データの反転が完了すると、タスク実行部11の処理を再開させる。 The interrupt program 124 includes an instruction to invert 1-bit data at a specified position in the memory. Therefore, the data inversion unit 13 generates a write instruction to invert the 1-bit data at the inversion position designated by the interrupt instruction according to the instruction. The data inversion unit 13 outputs the generated write instruction to the write / read processing unit 12. As a result, the 1-bit data at the inverted position in the main memory 104 is inverted. When the data inversion is completed, the data inversion unit 13 restarts the processing of the task execution unit 11.
 変数名抽出部14、異常情報収集部15およびダンプ処理部16は、データベース200に登録されるデータ群(以下、「登録用データ群140」と称する。)を生成する。生成された登録用データ群140は、出力データ群の一部としてバッファメモリ112に格納される。 The variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 generate a data group registered in the database 200 (hereinafter, referred to as “registration data group 140”). The generated registration data group 140 is stored in the buffer memory 112 as a part of the output data group.
 変数名抽出部14は、登録用データ群140の一部として、割り込み指示によって指定された反転位置に書き込まれている変数の名称(以下、「変数名」と称する。)を抽出する。変数名抽出部14は、変数管理テーブル17から、反転位置を表すアドレスに対応する変数名141を抽出すればよい。 The variable name extraction unit 14 extracts the name of the variable (hereinafter, referred to as “variable name”) written in the inverted position specified by the interrupt instruction as a part of the registration data group 140. The variable name extraction unit 14 may extract the variable name 141 corresponding to the address representing the inversion position from the variable management table 17.
 割り込みプログラム124は、1ビットのデータを反転させた後の実行可能プログラム120の実行において発生した異常に関する異常情報を収集させる命令を含む。そのため、異常情報収集部15は、当該命令に従って、登録用データ群140の一部として、1ビットのデータが反転された後のIOタスクにおいて発生した異常に関する異常情報142を収集する。具体的には、異常情報収集部15は、1ビットのデータが反転された後の所定期間において、バッファメモリ112の出力データ群を監視する。異常情報収集部15は、所定期間において出力データ群に異常情報130が追加されたことに応じて、当該異常情報130をコピーすることにより、登録用データ群140の一部となる異常情報142を生成する。 The interrupt program 124 includes an instruction for collecting abnormality information regarding an abnormality that occurred in the execution of the executable program 120 after inverting the 1-bit data. Therefore, the abnormality information collecting unit 15 collects the abnormality information 142 regarding the abnormality that occurred in the IO task after the 1-bit data is inverted as a part of the registration data group 140 according to the instruction. Specifically, the abnormality information collecting unit 15 monitors the output data group of the buffer memory 112 in a predetermined period after the 1-bit data is inverted. The abnormality information collecting unit 15 copies the abnormality information 130 in response to the addition of the abnormality information 130 to the output data group in a predetermined period, thereby displaying the abnormality information 142 that becomes a part of the registration data group 140. Generate.
 所定期間は、セーフティタスク周期のP倍の期間である。Pは、実行可能プログラム120の内容、データベース200の構築のために許される期間の長さなどに応じて、適宜設定される。 The predetermined period is P times the safety task cycle. P is appropriately set according to the contents of the executable program 120, the length of the period allowed for constructing the database 200, and the like.
 例えば、アドレスが書き込まれている領域の1ビットが反転された場合、当該アドレスは、メインメモリ104に存在しない位置を表し得る。そのため、次のセーフティタスク周期において当該アドレスを読み出すと、異常が発生する。このような場合、P=1としても問題ない。しかしながら、変数が書き込まれている領域の1ビットが反転された場合、当該変数の値を用いた制御演算がQ回実行されることにより、異常が発生することがある。このような場合、PとしてQ以上の整数を設定することが好ましい。 For example, when one bit of the area where the address is written is inverted, the address may represent a position that does not exist in the main memory 104. Therefore, if the address is read out in the next safety task cycle, an abnormality will occur. In such a case, there is no problem even if P = 1. However, when one bit in the area where the variable is written is inverted, an abnormality may occur because the control operation using the value of the variable is executed Q times. In such a case, it is preferable to set an integer greater than or equal to Q as P.
 一方、Pの値が大きいと、データベース200の構築に要する時間が長くなる。そのため、データベース200の構築のために許される期間の長さに応じて、Pが設定される。 On the other hand, if the value of P is large, the time required to construct the database 200 becomes long. Therefore, P is set according to the length of the period allowed for the construction of the database 200.
 ダンプ処理部16は、1ビットのデータが反転された後のIOタスクにおいて異常が発生したことに応じて、メインメモリ104のダンプ処理を実行する。具体的には、ダンプ処理部16は、1ビットのデータが反転された後の所定期間において、バッファメモリ112の出力データ群を監視する。ダンプ処理部16は、所定期間において出力データ群に異常情報130が追加されたことに応じて、メインメモリ104のダンプ処理を実行し、登録用データ群140の一部としてメモリダンプ143を生成する。メモリダンプ143は、メインメモリ104の内容の一部または全部が記録されたファイルである。 The dump processing unit 16 executes dump processing of the main memory 104 in response to an abnormality occurring in the IO task after the 1-bit data is inverted. Specifically, the dump processing unit 16 monitors the output data group of the buffer memory 112 in a predetermined period after the 1-bit data is inverted. The dump processing unit 16 executes dump processing of the main memory 104 in response to the addition of the abnormality information 130 to the output data group in a predetermined period, and generates a memory dump 143 as a part of the registration data group 140. .. The memory dump 143 is a file in which a part or all of the contents of the main memory 104 is recorded.
 変数名抽出部14、異常情報収集部15およびダンプ処理部16は、1ビットのデータが反転されてから所定期間が経過した後に、登録用データ群140を出力データ群の一部としてバッファメモリ112に格納する。あるいは、変数名抽出部14、異常情報収集部15およびダンプ処理部16は、異常情報142の収集およびメモリダンプ143の生成の完了直後に、登録用データ群140を出力データ群の一部としてバッファメモリ112に格納してもよい。 The variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 use the registration data group 140 as a part of the output data group after a predetermined period has elapsed after the 1-bit data is inverted, and the buffer memory 112. Store in. Alternatively, the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 buffer the registration data group 140 as a part of the output data group immediately after the collection of the abnormality information 142 and the generation of the memory dump 143 are completed. It may be stored in the memory 112.
 なお、メインメモリ104内の1ビットのデータが反転されたとしても、必ず異常が発生するわけではない。例えば、頻繁に上書きされる領域の1ビットのデータが反転された場合、当該データは、反転された直後に正しい値に上書きされる。このような場合、異常は発生しない。あるいは、読み出しが行なわれない領域の1ビットのデータが反転された場合も、異常は発生しない。1ビットのデータが反転されてから所定期間が経過するまでの間に異常が発生しない場合、登録用データ群140には、変数名141のみが含まれ、異常情報142およびメモリダンプ143が含まれない。 Even if the 1-bit data in the main memory 104 is inverted, an abnormality does not always occur. For example, when 1-bit data in a frequently overwritten area is inverted, the data is overwritten with a correct value immediately after the inversion. In such a case, no abnormality occurs. Alternatively, no abnormality occurs even when the 1-bit data in the area where reading is not performed is inverted. If no abnormality occurs between the time when the 1-bit data is inverted and the predetermined period elapses, the registration data group 140 contains only the variable name 141, and includes the abnormality information 142 and the memory dump 143. not.
 登録用データ群140がバッファメモリ112に格納された後のセーフティタスク周期において、登録用データ群140を含む出力データ群は、ローカルバス10およびフィールドネットワークを介して、PLC400に伝送される。これにより、PLC400は、登録用データ群140を取得する。なお、1ビットのデータが反転された後の所定期間内に異常が発生し、情報処理システム1を構成する機器間の通信が停止された場合、通信再開後のセーフティタスク周期において、登録用データ群140を含む出力データ群がPLC400に伝送される。 In the safety task cycle after the registration data group 140 is stored in the buffer memory 112, the output data group including the registration data group 140 is transmitted to the PLC 400 via the local bus 10 and the field network. As a result, the PLC 400 acquires the registration data group 140. If an abnormality occurs within a predetermined period after the 1-bit data is inverted and communication between the devices constituting the information processing system 1 is stopped, the registration data is used in the safety task cycle after the communication is resumed. The output data group including the group 140 is transmitted to the PLC 400.
 図2に示す安全IOユニット100Aも図5に示す機能構成を有する。ただし、安全IOユニット100Aにおいて、データ反転部13、変数名抽出部14、異常情報収集部15、およびダンプ処理部16は省略されてもよい。安全IOユニット100Aにおいても、タスク実行部11は、制御演算において何らかの異常が発生したことに応じて、異常に関する異常情報130を生成し、生成した異常情報130を出力データ群の一部としてバッファメモリ112に格納する。これにより、次のセーフティタスク周期において、異常情報130は、安全コントローラ600、カプラ500およびPLC400に伝送される。 The safety IO unit 100A shown in FIG. 2 also has the functional configuration shown in FIG. However, in the safety IO unit 100A, the data inversion unit 13, the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 may be omitted. Also in the safety IO unit 100A, the task execution unit 11 generates the abnormality information 130 regarding the abnormality in response to the occurrence of some abnormality in the control operation, and the generated abnormality information 130 is used as a part of the output data group in the buffer memory. Store in 112. As a result, in the next safety task cycle, the abnormality information 130 is transmitted to the safety controller 600, the coupler 500, and the PLC 400.
 <コンピュータの機能構成>
 図6は、コンピュータ300の機能構成を示すブロック図である。図6に示されるように、コンピュータ300は、指示部31と、登録部32と、検索部33とを含む。指示部31および登録部32は、図4に示すプロセッサ302がDB構築プログラム322を実行することにより実現される。検索部33は、プロセッサ302が検索プログラム324を実行することにより実現される。 <Computer function configuration>
FIG. 6 is a block diagram showing a functional configuration of the computer 300. As shown in FIG. 6, the computer 300 includes an instruction unit 31, a registration unit 32, and a search unit 33. The instruction unit 31 and the registration unit 32 are realized by the processor 302 shown in FIG. 4 executing the DB construction program 322. The search unit 33 is realized by the processor 302 executing the search program 324.
 指示部31は、安全IOユニット100を送信先とする割り込み指示を生成し、生成した割り込み指示をPLC400に設定する。これにより、PLC400からフィールドネットワークおよびローカルバス10を介して、割り込み指示が安全IOユニット100に伝送される。割り込み指示は、安全IOユニット100のメインメモリ104内の1ビットの反転位置を指定する。反転位置は、上述したように、アドレスおよびビット位置で表される。 The instruction unit 31 generates an interrupt instruction with the safety IO unit 100 as the transmission destination, and sets the generated interrupt instruction in the PLC 400. As a result, the interrupt instruction is transmitted from the PLC 400 to the safe IO unit 100 via the field network and the local bus 10. The interrupt instruction specifies the inversion position of 1 bit in the main memory 104 of the safety IO unit 100. The inverted position is represented by an address and a bit position as described above.
 登録部32は、指示部31によって割り込み指示がPLC400に設定された後にPLC400が登録用データ群140を取得したことに応じて、データベース200に含まれるテーブル20に新たなレコードを登録する。 The registration unit 32 registers a new record in the table 20 included in the database 200 in response to the acquisition of the registration data group 140 by the PLC 400 after the interrupt instruction is set in the PLC 400 by the instruction unit 31.
 図7は、データベース200に含まれるテーブル20の一例を示す図である。図7に示されるように、テーブル20は、位置情報22と、異常情報23と、メモリダンプ24と、フラグ25とを対応付けた1または複数のレコード21を含む。 FIG. 7 is a diagram showing an example of the table 20 included in the database 200. As shown in FIG. 7, the table 20 includes one or more records 21 in which the position information 22, the abnormality information 23, the memory dump 24, and the flag 25 are associated with each other.
 フラグ25は、異常情報23によって示される異常の原因が、位置情報22によって示される位置の1ビットのデータの反転であるか否かを示す情報である。異常の原因が1ビットのデータの反転である場合、フラグ25には「True」が設定される。異常の原因が1ビットのデータの反転でない場合、フラグ25には「False」が設定される。異常の原因が1ビットのデータの反転であるか否か不明である場合、フラグ25には「Unknown」が設定される。 The flag 25 is information indicating whether or not the cause of the abnormality indicated by the abnormality information 23 is the inversion of the 1-bit data at the position indicated by the position information 22. If the cause of the abnormality is the inversion of 1-bit data, the flag 25 is set to "True". If the cause of the abnormality is not the inversion of 1-bit data, the flag 25 is set to "False". If it is unknown whether the cause of the abnormality is the inversion of 1-bit data, the flag 25 is set to "Unknown".
 登録部32は、割り込み指示によって指定される反転位置を表すアドレスおよびビット位置と、当該割り込み指示に応じて取得された登録用データ群140に含まれる変数名141とを含む位置情報22を設定する。さらに、登録部32は、登録用データ群140に含まれる異常情報142およびメモリダンプ143を異常情報23およびメモリダンプ24としてそれぞれ設定する。登録部32は、設定した位置情報22、異常情報23およびメモリダンプ24と、デフォルトとして「Unknown」が設定されたフラグ25とを対応付けたレコード21をテーブル20に追加する。 The registration unit 32 sets the position information 22 including the address and the bit position representing the inversion position designated by the interrupt instruction and the variable name 141 included in the registration data group 140 acquired in response to the interrupt instruction. .. Further, the registration unit 32 sets the abnormality information 142 and the memory dump 143 included in the registration data group 140 as the abnormality information 23 and the memory dump 24, respectively. The registration unit 32 adds a record 21 in which the set position information 22, the abnormality information 23, and the memory dump 24 are associated with the flag 25 in which "Unknown" is set as a default to the table 20.
 登録部32は、入力装置310(図4参照)への入力に応じて、各レコード21のフラグ25を更新する。解析者は、各レコード21の位置情報22、異常情報23およびメモリダンプ24を確認することにより、異常の原因が1ビットのデータの反転であるか否かを判断すればよい。解析者は、判断結果に応じて、フラグ25の更新指示を入力装置310に入力すればよい。 The registration unit 32 updates the flag 25 of each record 21 in response to the input to the input device 310 (see FIG. 4). The analyst may determine whether or not the cause of the abnormality is the inversion of 1-bit data by checking the position information 22, the abnormality information 23, and the memory dump 24 of each record 21. The analyst may input the update instruction of the flag 25 to the input device 310 according to the determination result.
 指示部31は、メインメモリ104の全ビットの各々について割り込み指示を生成し、生成した割り込み指示をPLC400に順次設定する。具体的には、指示部31は、k番目のビットに対応する割り込み指示をPLC400に設定する。その後、k番目のビットに対応する割り込み指示に応じて取得した登録用データ群140に基づいてレコード21がテーブル20に追加された後に、指示部31は、k+1番目のビットに対応する割り込み指示をPLC400に設定する。このようにして、メインメモリ104の全ビットの各々に対応するレコード21がテーブル20に追加される。 The instruction unit 31 generates an interrupt instruction for each of all the bits of the main memory 104, and sequentially sets the generated interrupt instruction in the PLC 400. Specifically, the instruction unit 31 sets the interrupt instruction corresponding to the kth bit in the PLC 400. After that, after the record 21 is added to the table 20 based on the registration data group 140 acquired in response to the interrupt instruction corresponding to the kth bit, the instruction unit 31 issues an interrupt instruction corresponding to the k + 1st bit. Set to PLC400. In this way, the record 21 corresponding to each of all the bits of the main memory 104 is added to the table 20.
 なお、上述したように、メインメモリ104内の1ビットのデータが反転されたとしても、必ず異常が発生するわけではない。そのため、登録部32は、登録用データ群140に異常情報142およびメモリダンプ143が含まれない場合、テーブル20へのレコード21の追加を省略してもよい。 As described above, even if the 1-bit data in the main memory 104 is inverted, an abnormality does not always occur. Therefore, if the registration data group 140 does not include the abnormality information 142 and the memory dump 143, the registration unit 32 may omit the addition of the record 21 to the table 20.
 検索部33は、安全IOユニット100AからPLC400Aに伝送された異常情報130を解析対象情報として取得する。検索部33は、解析対象情報を取得すると、解析対象情報と一致する異常情報23をデータベース200から検索する。検索部33は、検索された異常情報23に対応する位置情報22およびメモリダンプ24を出力する。具体的には、検索部33は、位置情報22およびメモリダンプ24をディスプレイ308に表示する。 The search unit 33 acquires the abnormality information 130 transmitted from the safety IO unit 100A to the PLC 400A as analysis target information. When the search unit 33 acquires the analysis target information, the search unit 33 searches the database 200 for the abnormality information 23 that matches the analysis target information. The search unit 33 outputs the position information 22 and the memory dump 24 corresponding to the searched abnormality information 23. Specifically, the search unit 33 displays the position information 22 and the memory dump 24 on the display 308.
 検索部33は、異常の原因が1ビットのデータの反転でないことを示すフラグ25に対応する異常情報23を検索対象から除外してもよい。具体的には、検索部33は、検索において、フラグ25が「False」であるレコード21を検索対象から除外する。あるいは、検索部33は、検索において、フラグ25が「False」または「Unknown」であるレコード21を検索対象から除外してもよい。これにより、検索に要する時間が短縮される。 The search unit 33 may exclude the abnormality information 23 corresponding to the flag 25 indicating that the cause of the abnormality is not the inversion of 1-bit data from the search target. Specifically, the search unit 33 excludes the record 21 whose flag 25 is "False" from the search target in the search. Alternatively, the search unit 33 may exclude the record 21 whose flag 25 is "False" or "Unknown" from the search target in the search. This reduces the time required for the search.
 <フラグの更新例>
 フラグ25の更新例について説明する。例えば、異常情報23に含まれる異常IDが例外ハンドラ呼出しによる異常を示す場合、以下のようにしてフラグ25が更新される。例外ハンドラは、例えば、IOタスクの実行中に不正メモリアクセス等が発生した際に実行される。 <Flag update example>
An example of updating the flag 25 will be described. For example, when the abnormality ID included in the abnormality information 23 indicates an abnormality due to the exception handler call, the flag 25 is updated as follows. The exception handler is executed, for example, when an unauthorized memory access or the like occurs during the execution of an IO task.
 例えば、解析者は、異常IDから、異常の原因が不正メモリアクセスであることを疑い、異常情報23に含まれるコード情報と、メモリダンプ24とを確認する。コード情報が関数処理終了後のソースコードを示している場合、戻りアドレスのデータ化けが疑われる。戻りアドレスは、関数の呼出しの際に、プロセッサ102のレジスタからメインメモリ104のスタック領域に一時的に退避され、関数処理終了後にレジスタに復帰される。そのため、解析者は、位置情報22を確認し、反転された1ビットの位置がスタック領域であるか否かを判断する。反転された1ビットの位置がスタック領域である場合、解析者は、メモリダンプ24と実行可能プログラム120のソースコードとを確認することにより、異常の原因が1ビットのデータの反転か否かを判断できる。解析者は、判断結果に応じて、フラグ25を更新すればよい。 For example, the analyst suspects that the cause of the abnormality is unauthorized memory access from the abnormality ID, and confirms the code information included in the abnormality information 23 and the memory dump 24. If the code information indicates the source code after the function processing is completed, it is suspected that the return address is garbled. The return address is temporarily saved from the register of the processor 102 to the stack area of the main memory 104 when the function is called, and is returned to the register after the function processing is completed. Therefore, the analyst confirms the position information 22 and determines whether or not the inverted 1-bit position is the stack area. When the inverted 1-bit position is the stack area, the analyst checks the memory dump 24 and the source code of the executable program 120 to determine whether the cause of the abnormality is the inversion of the 1-bit data. I can judge. The analyst may update the flag 25 according to the determination result.
 <ステップS1~S4>
 図1に示すステップS1において、指示部31として動作するプロセッサ302は、反転位置を指定した割り込み指示を生成し、生成した割り込み指示をPLC400に設定する。PLC400は、フィールドネットワークを介して、設定された割り込み指示をカプラ500に伝送する。カプラ500は、ローカルバス10を介して、割り込み指示を安全IOユニット100に伝送する。これにより、安全IOユニット100は、反転位置を指定した割り込み指示を受ける。 <Steps S1 to S4>
In step S1 shown in FIG. 1, the processor 302 operating as the instruction unit 31 generates an interrupt instruction in which the inversion position is specified, and sets the generated interrupt instruction in the PLC 400. The PLC 400 transmits the set interrupt instruction to the coupler 500 via the field network. The coupler 500 transmits an interrupt instruction to the safety IO unit 100 via the local bus 10. As a result, the safety IO unit 100 receives an interrupt instruction specifying the inverted position.
 ステップS2において、安全IOユニット100のプロセッサ102は、割り込み指示を受けたことに応じて、IOタスクを一時的に中断する。プロセッサ102は、データ反転部13として動作し、メインメモリ104における、割り込み指示によって指定された反転位置の1ビットのデータを反転させる。それから、プロセッサ102は、タスク実行部11として動作し、IOタスクを再開させる。 In step S2, the processor 102 of the safety IO unit 100 temporarily suspends the IO task in response to receiving the interrupt instruction. The processor 102 operates as a data inversion unit 13 and inverts 1-bit data at the inversion position designated by the interrupt instruction in the main memory 104. Then, the processor 102 operates as the task execution unit 11 and restarts the IO task.
 さらに、変数名抽出部14、異常情報収集部15およびダンプ処理部16として動作するプロセッサ102は、登録用データ群140を生成する。具体的には、プロセッサ102は、登録用データ群140の一部として、反転位置に書き込まれている変数を識別する変数名141を変数管理テーブル17から抽出する。プロセッサ102は、1ビットのデータが反転された後の所定期間において、出力データ群に異常情報130が追加されたことに応じて、当該異常情報130をコピーすることにより、登録用データ群140の一部として異常情報142を生成する。さらに、プロセッサ102は、所定期間において出力データ群に異常情報130が追加されたことに応じて、メインメモリ104のダンプ処理を実行し、登録用データ群140の一部としてメモリダンプ143を生成する。 Further, the processor 102 that operates as the variable name extraction unit 14, the abnormality information collection unit 15, and the dump processing unit 16 generates the registration data group 140. Specifically, the processor 102 extracts the variable name 141 that identifies the variable written in the inverted position from the variable management table 17 as a part of the registration data group 140. The processor 102 of the registration data group 140 by copying the abnormality information 130 in response to the addition of the abnormality information 130 to the output data group in a predetermined period after the 1-bit data is inverted. Generates anomaly information 142 as part. Further, the processor 102 executes a dump process of the main memory 104 in response to the addition of the abnormality information 130 to the output data group in a predetermined period, and generates a memory dump 143 as a part of the registration data group 140. ..
 ステップS3において、ローカルバスコントローラ108は、ローカルバス10を介して、登録用データ群140を含む出力データ群をカプラ500に伝送する。カプラ500は、フィールドネットワークを介して、登録用データ群140をPLC400に伝送する。それから、登録部32として動作するプロセッサ302は、PLC400から登録用データ群140を取得する。 In step S3, the local bus controller 108 transmits the output data group including the registration data group 140 to the coupler 500 via the local bus 10. The coupler 500 transmits the registration data group 140 to the PLC 400 via the field network. Then, the processor 302 operating as the registration unit 32 acquires the registration data group 140 from the PLC 400.
 ステップS4において、プロセッサ302は、割り込み指示によって指定された反転位置を表すアドレスおよびビット位置と、登録用データ群140に含まれる変数名141とを含む位置情報22を設定する。さらに、プロセッサ302は、登録用データ群140に含まれる異常情報142およびメモリダンプ143を異常情報23およびメモリダンプ24としてそれぞれ設定する。それから、プロセッサ302は、位置情報22、異常情報23およびメモリダンプ24とデフォルトとして「Unknown」が設定されたフラグ25とを対応付けたレコード21をテーブル20に追加する。さらに、プロセッサ302は、入力装置310への入力に応じて、各レコード21のフラグ25を更新する。これにより、データベース200のテーブル20が更新される。 In step S4, the processor 302 sets the position information 22 including the address and the bit position representing the inversion position specified by the interrupt instruction and the variable name 141 included in the registration data group 140. Further, the processor 302 sets the abnormality information 142 and the memory dump 143 included in the registration data group 140 as the abnormality information 23 and the memory dump 24, respectively. Then, the processor 302 adds the record 21 associating the position information 22, the abnormality information 23, and the memory dump 24 with the flag 25 in which "Unknown" is set as a default to the table 20. Further, the processor 302 updates the flag 25 of each record 21 in response to the input to the input device 310. As a result, the table 20 of the database 200 is updated.
 上記のステップS1~S4は、メインメモリ104のビットごとに繰り返される。これにより、メインメモリ104の全ビットの各々について、当該ビットに擬似的にソフトエラーを発生させたときの影響を示す情報がデータベース200に蓄積される。 The above steps S1 to S4 are repeated for each bit of the main memory 104. As a result, for each of all the bits of the main memory 104, information indicating the influence when a soft error is generated in the bits in a pseudo manner is accumulated in the database 200.
 このようにして構築されたデータベース200を参照することにより、メインメモリ104にソフトエラーが発生したときの安全IOユニット100Aへの影響を容易に確認できる。 By referring to the database 200 constructed in this way, the influence on the safety IO unit 100A when a soft error occurs in the main memory 104 can be easily confirmed.
 上述したように、テーブル20の各レコード21は位置情報22を含む。位置情報22は、反転された1ビットの位置に書き込まれている変数の名称(変数名)を含む。そのため、メインメモリ104に格納された変数の値にソフトエラーによるデータ化けが発生したときの影響を確認しやすくなる。 As described above, each record 21 in the table 20 includes the position information 22. The position information 22 includes the name (variable name) of the variable written at the inverted 1-bit position. Therefore, it becomes easy to confirm the influence when data garbled due to a soft error occurs on the value of the variable stored in the main memory 104.
 さらに、異常情報23は、異常の内容を識別する異常IDと、異常が発生したときに実行されていたソースコードを識別するコード情報とを含む。これにより、解析者は、メインメモリ104にソフトエラーが発生したときに、どのような内容の異常が発生するか、あるいは、実行可能プログラム120のうちのどのソースコードで異常が発生するか、を容易に確認できる。 Further, the abnormality information 23 includes an abnormality ID that identifies the content of the abnormality and code information that identifies the source code that was executed when the abnormality occurred. As a result, the analyst can determine what kind of abnormality occurs when a soft error occurs in the main memory 104, or which source code of the executable program 120 causes the abnormality. It can be easily confirmed.
 さらに、データベース200のテーブル20には、位置情報22および異常情報23と対応付けて、異常が発生したときのメインメモリ104の内容を示すメモリダンプ24も登録される。これにより、例えば、稼働中の生産ラインに設置された安全IOユニット100Aにおいて異常が発生した場合、当該異常と同じ内容の異常情報23に対応するメモリダンプ24と、安全IOユニット100Aのメインメモリ104の内容とを比較できる。比較結果は、異常の原因の特定に役立つ。そのため、異常の原因の解析に要する時間を短縮できる。 Further, in the table 20 of the database 200, a memory dump 24 indicating the contents of the main memory 104 when an abnormality occurs is also registered in association with the position information 22 and the abnormality information 23. As a result, for example, when an abnormality occurs in the safety IO unit 100A installed on the operating production line, the memory dump 24 corresponding to the abnormality information 23 having the same content as the abnormality and the main memory 104 of the safety IO unit 100A Can be compared with the contents of. The comparison results help identify the cause of the anomaly. Therefore, the time required for analysis of the cause of the abnormality can be shortened.
 <ステップS11~S13>
 図2に示すステップS11において、安全IOユニット100Aのプロセッサ102は、タスク実行部11として動作し、異常の発生に応じて異常情報130を生成し、生成した異常情報130を出力データ群の一部としてバッファメモリ112に格納する。これにより、異常情報130は、ローカルバス10を介して、カプラ500に伝送される。カプラ500は、フィールドネットワークを介して、異常情報130をPLC400に伝送する。それから、プロセッサ302は、PLC400から異常情報130を取得し、取得した異常情報130を解析対象情報として設定する。 <Steps S11 to S13>
In step S11 shown in FIG. 2, the processor 102 of the safety IO unit 100A operates as the task execution unit 11, generates abnormality information 130 in response to the occurrence of an abnormality, and outputs the generated abnormality information 130 as a part of the output data group. Is stored in the buffer memory 112. As a result, the abnormality information 130 is transmitted to the coupler 500 via the local bus 10. The coupler 500 transmits the abnormality information 130 to the PLC 400 via the field network. Then, the processor 302 acquires the abnormality information 130 from the PLC 400, and sets the acquired abnormality information 130 as the analysis target information.
 ステップS12において、プロセッサ302は、検索部33として動作し、解析対象情報と一致する異常情報23をデータベース200のテーブル20から検索する。このとき、プロセッサ302は、フラグ25を用いて、検索対象を絞り込んでもよい。 In step S12, the processor 302 operates as the search unit 33 and searches the table 20 of the database 200 for the abnormality information 23 that matches the analysis target information. At this time, the processor 302 may use the flag 25 to narrow down the search target.
 ステップS13において、プロセッサ302は、検索された異常情報23に対応する位置情報22およびメモリダンプ24を出力する。具体的には、プロセッサ302は、位置情報22およびメモリダンプ24をディスプレイ308に表示させる。 In step S13, the processor 302 outputs the position information 22 and the memory dump 24 corresponding to the searched abnormality information 23. Specifically, the processor 302 causes the position information 22 and the memory dump 24 to be displayed on the display 308.
 解析者は、安全IOユニット100Aにおいて発生した異常の原因の候補として、出力された位置情報22によって示される位置のソフトエラーを容易に挙げることができる。その結果、異常の原因の解析に要する時間を短縮できる。さらに、出力されたメモリダンプ24と安全IOユニット100Aのメインメモリ104の内容との比較結果は、異常の原因の特定に役立つ。そのため、異常の原因の解析に要する時間をさらに短縮できる。 The analyst can easily cite a soft error at the position indicated by the output position information 22 as a candidate for the cause of the abnormality that occurred in the safety IO unit 100A. As a result, the time required for analysis of the cause of the abnormality can be shortened. Further, the comparison result between the output memory dump 24 and the contents of the main memory 104 of the safety IO unit 100A is useful for identifying the cause of the abnormality. Therefore, the time required for analysis of the cause of the abnormality can be further shortened.
 <変形例>
 上記の説明では、安全IOユニット100において擬似的にソフトエラーを発生させる。しかしながら、擬似的にソフトエラーを発生される装置は、安全IOユニット100に限定されるものではなく、様々な情報処理装置であってもよい。 <Modification example>
In the above description, a soft error is generated in a pseudo manner in the safety IO unit 100. However, the device that generates a pseudo soft error is not limited to the safety IO unit 100, and may be various information processing devices.
 上記の説明では、異常情報130,142は、異常IDとコード情報とを含む。しかしながら、異常情報130,142は、異常IDとコード情報とのうちの一方のみを含んでもよい。異常IDとコード情報とのうちの一方だけが異常情報23としてデータベース200に登録されたとしても、ソフトエラーによる影響を確認できる。 In the above description, the abnormality information 130 and 142 include the abnormality ID and the code information. However, the abnormality information 130 and 142 may include only one of the abnormality ID and the code information. Even if only one of the abnormality ID and the code information is registered in the database 200 as the abnormality information 23, the influence of the soft error can be confirmed.
 上記の説明では、コンピュータ300が指示部31、登録部32および検索部33を含む。しかしながら、コンピュータ300が指示部31および登録部32を含み、別のコンピュータが検索部33を含んでもよい。 In the above description, the computer 300 includes an instruction unit 31, a registration unit 32, and a search unit 33. However, the computer 300 may include the instruction unit 31 and the registration unit 32, and another computer may include the search unit 33.
 §3 付記
 以上のように、本実施の形態は以下のような開示を含む。 §3 Addendum As described above, this embodiment includes the following disclosures.
 (構成1)
 情報処理システム(1)であって、
 第1情報処理装置(100)と、
 データベース(200)と、を備え、
 前記第1情報処理装置(100)は、
  第1プログラム(120)と前記第1プログラム(120)の実行中に割り込まれる第2プログラム(124)とを実行するプロセッサと、
  メモリ(104)と、を含み、
 前記第2プログラム(124)は、
  前記メモリ(104)内の指定された位置の1ビットのデータを反転させる命令と、
  前記1ビットのデータを反転させた後の前記第1プログラム(120)の実行において発生した異常に関する第1情報(142,23)を収集させる命令と、を含み、
 前記情報処理システム(1)は、さらに、
 前記指定された位置に関する第2情報(22)と前記第1情報(142,23)とを対応付けて前記データベースに登録する登録部(32,302)を備える、情報処理システム(1)。 (Structure 1)
Information processing system (1)
The first information processing device (100) and
With a database (200)
The first information processing apparatus (100) is
A processor that executes the first program (120) and the second program (124) that is interrupted during the execution of the first program (120).
Including memory (104)
The second program (124)
An instruction to invert 1-bit data at a specified position in the memory (104), and
Includes an instruction to collect first information (142, 23) regarding an abnormality that occurred in the execution of the first program (120) after inverting the one-bit data.
The information processing system (1) further
An information processing system (1) including a registration unit (32, 302) that associates the second information (22) with respect to the designated position with the first information (142, 23) and registers the first information (142, 23) in the database.
 (構成2)
 前記第2情報(22)は、前記指定された位置に書き込まれていた変数の名称を含む、構成1に記載の情報処理システム(1)。 (Structure 2)
The information processing system (1) according to configuration 1, wherein the second information (22) includes the name of a variable written at the designated position.
 (構成3)
 前記第1情報(142,23)は、前記異常の内容を識別する第1識別情報および前記第1プログラムのうち前記異常が発生したときに実行されていたソースコードを識別する第2識別情報の少なくとも1つを含む、構成1または2に記載の情報処理システム(1)。 (Structure 3)
The first information (142, 23) is the first identification information for identifying the content of the abnormality and the second identification information for identifying the source code executed when the abnormality occurs in the first program. The information processing system (1) according to configuration 1 or 2, comprising at least one.
 (構成4)
 前記登録部(32,302)は、前記第1情報(142,23)および前記第2情報(22)と対応付けて、前記異常が発生したときの前記メモリ(104)の内容を示すメモリダンプ(24)を前記データベース(200)にさらに登録する、構成1から3のいずれかに記載の情報処理システム(1)。 (Structure 4)
The registration unit (32, 302) is associated with the first information (142, 23) and the second information (22), and a memory dump indicating the contents of the memory (104) when the abnormality occurs. The information processing system (1) according to any one of configurations 1 to 3, further registering (24) in the database (200).
 (構成5)
 前記第1プログラム(120)を実行する第2情報処理装置(100A)において発生した異常に関する解析対象情報と一致する前記第1情報(142,23)を前記データベース(200)から検索し、検索された前記第1情報(142,23)に対応する前記第2情報(22)を出力する検索部(33,302)をさらに備える、構成1から3のいずれかに記載の情報処理システム(1)。 (Structure 5)
The first information (142, 23) that matches the analysis target information regarding the abnormality generated in the second information processing apparatus (100A) that executes the first program (120) is searched from the database (200) and searched. The information processing system (1) according to any one of configurations 1 to 3, further comprising a search unit (33, 302) for outputting the second information (22) corresponding to the first information (142, 23). ..
 (構成6)
 前記第1プログラム(120)を実行する第2情報処理装置(100A)において発生した異常に関する解析対象情報と一致する前記第1情報(142,23)を前記データベース(200)から検索し、検索された前記第1情報(142,23)に対応する前記第2情報(22)および前記メモリダンプ(24)を出力する検索部(33,302)をさらに備える、構成4に記載の情報処理システム(1)。 (Structure 6)
The first information (142, 23) that matches the analysis target information regarding the abnormality generated in the second information processing apparatus (100A) that executes the first program (120) is searched from the database (200) and searched. The information processing system according to configuration 4, further comprising a search unit (33, 302) for outputting the second information (22) corresponding to the first information (142, 23) and the memory dump (24). 1).
 (構成7)
 前記登録部(32,302)は、前記第1情報(142,23)および前記第2情報(22)と対応付けて、前記第1情報(142,23)に対応する前記異常の原因が前記1ビットのデータの反転であるか否かを示す第3情報(25)を前記データベース(200)にさらに登録し、
 前記検索部(33,302)は、前記異常の原因が前記1ビットのデータの反転でないことを示す前記第3情報(25)に対応する前記第1情報(142,23)を検索対象から除外する、構成5または6に記載の情報処理システム(1)。 (Structure 7)
In the registration unit (32, 302), the cause of the abnormality corresponding to the first information (142, 23) is the cause of the abnormality in association with the first information (142, 23) and the second information (22). Third information (25) indicating whether or not 1-bit data is inverted is further registered in the database (200).
The search unit (33, 302) excludes the first information (142, 23) corresponding to the third information (25) indicating that the cause of the abnormality is not the inversion of the 1-bit data. The information processing system (1) according to the configuration 5 or 6.
 (構成8)
 プログラム(120)を実行するプロセッサ(102)とメモリ(104)とを含む情報処理装置(100)を用いたデータベース(200)の構築方法であって、
 前記メモリ(104)内の指定された位置の1ビットのデータを反転させるステップと、
 前記1ビットのデータを反転させた後の前記プロセッサ(102)による前記プログラム(120)の実行において発生した異常に関する第1情報を収集するステップと、
 前記指定された位置に関する第2情報と前記第1情報とを対応付けて前記データベース(200)に登録するステップとを備える、データベース(200)の構築方法。 (Structure 8)
A method of constructing a database (200) using an information processing device (100) including a processor (102) for executing a program (120) and a memory (104).
A step of inverting 1-bit data at a specified position in the memory (104), and
A step of collecting first information regarding an abnormality that occurred in the execution of the program (120) by the processor (102) after inverting the 1-bit data, and a step of collecting the first information.
A method for constructing a database (200), comprising a step of associating the second information regarding the designated position with the first information and registering the second information in the database (200).
 本発明の実施の形態について説明したが、今回開示された実施の形態はすべての点で例示であって制限的なものではないと考えられるべきである。本発明の範囲は請求の範囲によって示され、請求の範囲と均等の意味および範囲内でのすべての変更が含まれることが意図される。 Although the embodiments of the present invention have been described, the embodiments disclosed this time should be considered to be exemplary in all respects and not restrictive. The scope of the present invention is indicated by the scope of claims and is intended to include all modifications within the meaning and scope equivalent to the scope of claims.
 1 情報処理システム、10 ローカルバス、11 タスク実行部、12 書込読出処理部、13 データ反転部、14 変数名抽出部、15 異常情報収集部、16 ダンプ処理部、17 変数管理テーブル、20 テーブル、21 レコード、22 位置情報、23,130,142 異常情報、24,143 メモリダンプ、25 フラグ、31 指示部、32 登録部、33 検索部、100,100A 安全IOユニット、102,302 プロセッサ、104 メインメモリ、106,306 ストレージ、108 ローカルバスコントローラ、110 安全IOモジュール、112 バッファメモリ、114 プロセッサバス、120 実行可能プログラム、122 ライブラリ、124 割り込みプログラム、140 登録用データ群、141 変数名、200 データベース、300 コンピュータ、304 メモリ、308 ディスプレイ、310 入力装置、312 USBコントローラ、314 内部バス、320 OS、322 DB構築プログラム、324 検索プログラム、400,400A PLC、500,500A カプラ、600,600A 安全コントローラ。 1 Information processing system, 10 Local bus, 11 Task execution unit, 12 Write / read processing unit, 13 Data inversion unit, 14 Variable name extraction unit, 15 Abnormal information collection unit, 16 Dump processing unit, 17 Variable management table, 20 table , 21 records, 22 location information, 23,130,142 abnormality information, 24,143 memory dump, 25 flag, 31 indicator, 32 registration unit, 33 search unit, 100,100A safety IO unit, 102,302 processor, 104 Main memory, 106, 306 storage, 108 local bus controller, 110 safety IO module, 112 buffer memory, 114 processor bus, 120 executable program, 122 library, 124 interrupt program, 140 registration data group, 141 variable name, 200 database , 300 computer, 304 memory, 308 display, 310 input device, 312 USB controller, 314 internal bus, 320 OS, 322 DB construction program, 324 search program, 400, 400A PLC, 500, 500A coupler, 600, 600A safety controller.

Claims (8)

  1.  情報処理システムであって、
     第1情報処理装置と、
     データベースと、を備え、
     前記第1情報処理装置は、
      第1プログラムと前記第1プログラムの実行中に割り込まれる第2プログラムとを実行するプロセッサと、
      メモリと、を含み、
     前記第2プログラムは、
      前記メモリ内の指定された位置の1ビットのデータを反転させる命令と、
      前記1ビットのデータを反転させた後の前記第1プログラムの実行において発生した異常に関する第1情報を収集させる命令と、を含み、
     前記情報処理システムは、さらに、
     前記指定された位置に関する第2情報と前記第1情報とを対応付けて前記データベースに登録する登録部を備える、情報処理システム。     It is an information processing system
    The first information processing device and
    With a database,
    The first information processing device is
    A processor that executes the first program and the second program that is interrupted during the execution of the first program,
    Including memory,
    The second program is
    An instruction to invert 1-bit data at a specified position in the memory, and
    Includes an instruction to collect first information about an abnormality that occurred in the execution of the first program after inverting the one-bit data.
    The information processing system further
    An information processing system including a registration unit that associates the second information regarding the designated position with the first information and registers the first information in the database.
  2.  前記第2情報は、前記指定された位置に書き込まれていた変数の名称を含む、請求項1に記載の情報処理システム。 The information processing system according to claim 1, wherein the second information includes the name of a variable written at the designated position.
  3.  前記第1情報は、前記異常の内容を識別する第1識別情報および前記第1プログラムのうち前記異常が発生したときに実行されていたソースコードを識別する第2識別情報の少なくとも1つを含む、請求項1または2に記載の情報処理システム。 The first information includes at least one of the first identification information for identifying the content of the abnormality and the second identification information for identifying the source code executed when the abnormality occurred in the first program. , The information processing system according to claim 1 or 2.
  4.  前記登録部は、前記第1情報および前記第2情報と対応付けて、前記異常が発生したときの前記メモリの内容を示すメモリダンプを前記データベースにさらに登録する、請求項1から3のいずれか1項に記載の情報処理システム。 One of claims 1 to 3, wherein the registration unit further registers a memory dump indicating the contents of the memory when the abnormality occurs in the database in association with the first information and the second information. The information processing system according to item 1.
  5.  前記第1プログラムを実行する第2情報処理装置において発生した異常に関する解析対象情報と一致する前記第1情報を前記データベースから検索し、検索された前記第1情報に対応する前記第2情報を出力する検索部をさらに備える、請求項1から3のいずれか1項に記載の情報処理システム。 The first information that matches the analysis target information regarding the abnormality generated in the second information processing apparatus that executes the first program is searched from the database, and the second information corresponding to the searched first information is output. The information processing system according to any one of claims 1 to 3, further comprising a search unit.
  6.  前記第1プログラムを実行する第2情報処理装置において発生した異常に関する解析対象情報と一致する前記第1情報を前記データベースから検索し、検索された前記第1情報に対応する前記第2情報および前記メモリダンプを出力する検索部をさらに備える、請求項4に記載の情報処理システム。 The first information that matches the analysis target information regarding the abnormality generated in the second information processing apparatus that executes the first program is searched from the database, and the second information corresponding to the searched first information and the said The information processing system according to claim 4, further comprising a search unit that outputs a memory dump.
  7.  前記登録部は、前記第1情報および前記第2情報と対応付けて、前記第1情報に対応する前記異常の原因が前記1ビットのデータの反転であるか否かを示す第3情報を前記データベースにさらに登録し、
     前記検索部は、前記異常の原因が前記1ビットのデータの反転でないことを示す前記第3情報に対応する前記第1情報を検索対象から除外する、請求項5または6に記載の情報処理システム。     In association with the first information and the second information, the registration unit obtains third information indicating whether or not the cause of the abnormality corresponding to the first information is inversion of the 1-bit data. Further register in the database,
    The information processing system according to claim 5 or 6, wherein the search unit excludes the first information corresponding to the third information indicating that the cause of the abnormality is not the inversion of the 1-bit data from the search target. ..
  8.  プログラムを実行するプロセッサとメモリとを含む情報処理装置を用いたデータベースの構築方法であって、
     前記メモリ内の指定された位置の1ビットのデータを反転させるステップと、
     前記1ビットのデータを反転させた後の前記プロセッサによる前記プログラムの実行において発生した異常に関する第1情報を収集するステップと、
     前記指定された位置に関する第2情報と前記第1情報とを対応付けて前記データベースに登録するステップとを備える、データベースの構築方法。     It is a method of constructing a database using an information processing device including a processor that executes a program and a memory.
    A step of inverting 1-bit data at a specified position in the memory, and
    A step of collecting first information about an abnormality that occurred in the execution of the program by the processor after inverting the 1-bit data, and a step of collecting the first information.
    A method of constructing a database, comprising a step of associating the second information regarding the designated position with the first information and registering the first information in the database.
PCT/JP2021/009550 2020-10-23 2021-03-10 Information processing system, and method for constructing database WO2022085218A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2020177961A JP2022069031A (en) 2020-10-23 2020-10-23 Information processing system and construction method for database
JP2020-177961 2020-10-23

Publications (1)

Publication Number Publication Date
WO2022085218A1 true WO2022085218A1 (en) 2022-04-28

Family

ID=81290291

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/009550 WO2022085218A1 (en) 2020-10-23 2021-03-10 Information processing system, and method for constructing database

Country Status (2)

Country Link
JP (1) JP2022069031A (en)
WO (1) WO2022085218A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003045922A (en) * 2001-07-31 2003-02-14 Mitsubishi Electric Corp Device failure analysis apparatus
JP2005196680A (en) * 2004-01-09 2005-07-21 Ricoh Co Ltd Computer system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003045922A (en) * 2001-07-31 2003-02-14 Mitsubishi Electric Corp Device failure analysis apparatus
JP2005196680A (en) * 2004-01-09 2005-07-21 Ricoh Co Ltd Computer system

Also Published As

Publication number Publication date
JP2022069031A (en) 2022-05-11

Similar Documents

Publication Publication Date Title
US7698691B2 (en) Server application state
US8429467B2 (en) User-triggered diagnostic data gathering
US8291379B2 (en) Runtime analysis of a computer program to identify improper memory accesses that cause further problems
JP3532289B2 (en) Computer system analyzer
JPH0325629A (en) Method and system for detecting error in program
US20020073359A1 (en) System and method for high priority machine check analysis
WO2022085218A1 (en) Information processing system, and method for constructing database
US8762783B2 (en) Error identification
WO2020246095A1 (en) Control system, programmable logic controller, and information processing method
CN116860565A (en) Abnormality display detection method, abnormality display detection device, electronic device and storage medium
JP4472557B2 (en) Program creation device
US10140476B2 (en) Tracing processing activity
CN115292113B (en) Method and device for fault detection of internal memory of server and electronic equipment
Bergen et al. Post-Debugging in Large Scale Big Data Analytic Systems
KR101225577B1 (en) Apparatus and method for analyzing assembly language code
WO2021181712A1 (en) Data processing device, data processing method, and program
Rafał et al. Multithreading Errors in Data Reading Automation
JPH0695731A (en) Fault factor diagnosis system
Osintsev et al. Diagnostic service by means of a real-time operating system for environmental shielded TEM-chamber
Punia et al. Systematic Diagnostics for C4I Systems: A Conceptual Framework
JP2878014B2 (en) RAM test method
TanLi et al. Strategy and Methodology of Integration Testing for GUI Software
CN114328189A (en) Fault recurrence method, device, terminal and computer readable storage medium
JP2014160421A (en) Soft error analysis device and error information preparation device
CN114490150A (en) Method and system for abnormal positioning

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21882362

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21882362

Country of ref document: EP

Kind code of ref document: A1