A method to execute jobs of a set of tasks in a computer system according to a global time-triggered schedule, wherein the computer system comprises one or more cores on one or more central processing units of the computer system. The global time-triggered schedule includes one time-triggered schedule, “core schedule”, for each core, wherein the tasks of the set of tasks to be executed on a specific core are executed on the core according to the core schedule of the core. The core schedule specifies for each job a flexibility interval, wherein the flexibility of a job defines a time interval during which the job can be executed. Runtime dispatching means select and launch jobs for execution according to the global time-triggered schedule, taking into account for each core all flexibility intervals as specified in the core schedule.
The invention relates to a reliable system and method for energy management at an end user of electrical energy. The proposed energy management system comprises two substantially independent fault containment units (FCU), an energy steering system (110) and an energy optimization system (150), which exchange data via a well-defined message interface. The energy steering system performs the energy distribution according to the target data (142) periodically received from the energy optimization system. The energy optimization system calculates the optimum use of energy at any given time. Since the energy optimization system has no direct contact with the Internet during normal operation, there can be no intrusion into the energy optimization system. If the energy optimization system fails due to an intrusion, the energy steering system takes over the target data from an contingency/emergency plan stored locally a priori.
H02J 3/14 - Circuit arrangements for ac mains or ac distribution networks for adjusting voltage in ac networks by changing a characteristic of the network load by switching loads on to, or off from, network, e.g. progressively balanced loading
3.
Interface System for Processing and Controlling the Data Flow Between a Cloud and a Technical System
The invention relates to an interface system, which is arranged between a technical system and the cloud and which prevents malware originating from the cloud or errors in the data delivered by the cloud from causing essential functions of the technical system to fail. The interface system comprises two fault containment units (FCUs), FCU_1 and FCU_2, and a restrictive data connection between these two FCUs. Using this restrictive data connection, a well-defined periodic data flow is realized between the two FCUs. The stringent restrictions in the data flow from FCU_2 to FCU_1 make it technically impossible for an intruder to transmit malware from FCU_2 to FCU_1 even if they have assumed complete control over FCU_2. This provides protection of the FCU_1 and, therefore, the technical system from attacks from the cloud.
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Construction machines; Earth moving machines; Drilling machines; Cranes [lifting and hoisting apparatus]; Agricultural machines; Harvesting machines; Elevating work platforms; Mobile cranes; Excavators; Ice-resurfacing machines; Snow ploughs; Snow moving vehicles; Motors, other than for land vehicles; Machine coupling and transmission components (except for land vehicles); Process control units [mechanical]; Industrial robots; Industrial robots for use in manufacture; Gear cutters [machine tool]; Lathes [machine tools]; Chasers [machine tool]. Electronic control units; Computer hardware; Computer software; Computer operating system software; Computer software applications, downloadable; Readers [data processing equipment]; Electronic communication installations; Electronic control systems; Electronic control systems for machines; Factory automation software; Industrial automation software; Industrial automation controls; Industrial process control software; Manufacturing software; Remote control apparatus; Ethernet switches; Computer networks; fault-tolerant networks comprising computer network adapters; electronic interlocking systems comprising railway signals for train control; Apparatus and instruments for controlling electricity; Apparatus and instruments for switching electricity; Apparatus and instruments for conducting electricity; Data processing equipment; Computers; apparatus and instruments for conducting, switching, transforming, accumulating, regulating or controlling electricity, fuel, hydraulics, air and other physical media, namely, highly-available distributed controls, switches, electrical controllers; computer servers and communication network servers for use in connection with deterministic, fault-tolerant and hard real-time Ethernet networking for critical embedded systems, computing centers and data centers; Network routers; Computer network adapters; Data switches; Network hubs; Wireless communication devices for voice, data, or image transmission; Computer firmware for use in operating and maintaining the computer system; Semi-conductors; Microprocessors; Integrated circuits; Computer central processing units; Microcomputer apparatus; Computer chipsets for use in transmitting data to and from a central processing unit; Computer motherboards; Computer graphics boards; Computer peripheral devices; Computer networking hardware; Computer hardware for telecommunications; Sound cards; Modems; Computer network switches; Computer chips; Computer software development tools; Software tools for planning and verification of software and hardware configurations; Firmware; Middleware; Middleware for management of software functions on electronic devices; switches, routers and hubs for airborne and ground systems, traffic controls, electronic interlocking systems comprising railway signals for train control, development systems comprising Ethernet adapters, cables, controllers, repeaters, switches and transceivers for investigation of deterministic Ethernet features and the development of distributed real-time applications; Control apparatus and data processing equipment for transferring data between computers in a network or to a distributed computer system, in particular fault-tolerant networks and computer systems; Safety software for use in the field of industrial operations and industrial automation; Real-time data processing apparatus; Computer software for the remote management of machines and devices for use in the field of industrial operations and industrial automation control; Software for electronic driving assistance systems; Computer programs for use in the assisted driving of vehicles; Computer applications for automatic vehicle driving control; Autonomous driving control systems for vehicles; Computer applications for automated vehicle parking control; Computer programs for use in autonomous driving of vehicles; Energy management software; Photovoltaic modules; Electric control devices for energy management; Apparatus for monitoring electrical energy consumption; software interfaces for the energy sector; computer hardware for the energy sector; operating system software for the energy sector; cloud platform software for the energy sector; measurement software for the energy sector; eletrical charging infrastructure software; Electrical charge modules. Teaching, namely Conducting of seminars and workshops in the following fields: Technology and software development, networking and communications technologies and systems belonging thereto; IT training services; Training and education services in the energy sector. Computer hardware development; Software development; Computer software design; Programming of electronic control systems; Configuration of computer systems and networks; Consultancy services relating to computer networks; Development of computer firmware; Development of computer peripherals; Development of hardware for digital signal processing; Research relating to the computerised automation of industrial processes; Research and development services relating to computer hardware; IT consultancy, advisory and information services; Computer system monitoring services; Monitoring of network systems; Services relating to computer software for use in the field of industrial operations and industrial automation; Conversion of computer programs and data, other than physical conversion; Maintenance of computer software; Monitoring of computer systems by remote access; Updating of computer software; Virtualized hosting of computer programs, applications, operating systems and virtual machines; Cloud computing for use in the field of industrial automation, in the automotive sector, in the aerospace sector, and for tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; Software as a service [SaaS] for use in the field of industrial automation, in the automotive sector, in the aerospace sector, and for tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; IT consultancy, advisory and information services in relation to electronic driving assistance systems and automatic driving control systems for vehicles; Software development, programming and implementation in relation to electronic driving assistance systems and automatic driving control systems for vehicles; Design and development of computer software for vehicles; functional safety consultancy in the automotive field and in the field of off-highway vehicles; Research services in the field of information and telecommunications technology; Computer programming; technical consultancy with regard to the use of computer hardware, computer software and communication technology and networks in companies and in internal and external, and global networks, in the field of communications technology and networks; Programming of energy management software; Design and development of energy management software; Design and development of software for control, regulation and monitoring of solar energy systems; Design and development of software for control, regulation and monitoring of renewable energy systems; Computer programming for the energy industry; Development of software for the energy sector.
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Construction machines; Earth moving machines; Drilling machines; Cranes [lifting and hoisting apparatus]; Agricultural machines; Harvesting machines; Elevating work platforms; Mobile cranes; Excavators; Ice-resurfacing machines; Snow ploughs; Snow moving vehicles; Motors, other than for land vehicles; Machine coupling and transmission components (except for land vehicles); Process control units [mechanical]; Industrial robots; Industrial robots for use in manufacture; Gear cutters [machine tool]; Lathes [machine tools]; Chasers [machine tool]. Electronic control units; Computer hardware; Computer software; Computer operating system software; Computer software applications, downloadable; Readers [data processing equipment]; Electronic communication installations; Electronic control systems; Electronic control systems for machines; Factory automation software; Industrial automation software; Industrial automation controls; Industrial process control software; Manufacturing software; Remote control apparatus; Ethernet switches; Computer networks; fault-tolerant networks comprising computer network adapters; electronic interlocking systems comprising railway signals for train control; Apparatus and instruments for controlling electricity; Apparatus and instruments for switching electricity; Apparatus and instruments for conducting electricity; Data processing equipment; Computers; apparatus and instruments for conducting, switching, transforming, accumulating, regulating or controlling electricity, fuel, hydraulics, air and other physical media, namely, highly-available distributed controls, switches, electrical controllers; computer servers and communication network servers for use in connection with deterministic, fault-tolerant and hard real-time Ethernet networking for critical embedded systems, computing centers and data centers; Network routers; Computer network adapters; Data switches; Network hubs; Wireless communication devices for voice, data, or image transmission; Computer firmware for use in operating and maintaining the computer system; Semi-conductors; Microprocessors; Integrated circuits; Computer central processing units; Microcomputer apparatus; Computer chipsets for use in transmitting data to and from a central processing unit; Computer motherboards; Computer graphics boards; Computer peripheral devices; Computer networking hardware; Computer hardware for telecommunications; Sound cards; Modems; Computer network switches; Computer chips; Computer software development tools; Software tools for planning and verification of software and hardware configurations; Firmware; Middleware; Middleware for management of software functions on electronic devices; switches, routers and hubs for airborne and ground systems, traffic controls, electronic interlocking systems comprising railway signals for train control, development systems comprising Ethernet adapters, cables, controllers, repeaters, switches and transceivers for investigation of deterministic Ethernet features and the development of distributed real-time applications; Control apparatus and data processing equipment for transferring data between computers in a network or to a distributed computer system, in particular fault-tolerant networks and computer systems; Safety software for use in the field of industrial operations and industrial automation; Real-time data processing apparatus; Computer software for the remote management of machines and devices for use in the field of industrial operations and industrial automation control; Software for electronic driving assistance systems; Computer programs for use in the assisted driving of vehicles; Computer applications for automatic vehicle driving control; Autonomous driving control systems for vehicles; Computer applications for automated vehicle parking control; Computer programs for use in autonomous driving of vehicles; Energy management software; Photovoltaic modules; Electric control devices for energy management; Apparatus for monitoring electrical energy consumption; software interfaces for the energy sector; computer hardware for the energy sector; operating system software for the energy sector; cloud platform software for the energy sector; measurement software for the energy sector; eletrical charging infrastructure software; Electrical charge modules. Teaching, namely Conducting of seminars and workshops in the following fields: Technology and software development, networking and communications technologies and systems belonging thereto; IT training services; Training and education services in the energy sector. Computer hardware development; Software development; Computer software design; Programming of electronic control systems; Configuration of computer systems and networks; Consultancy services relating to computer networks; Development of computer firmware; Development of computer peripherals; Development of hardware for digital signal processing; Research relating to the computerised automation of industrial processes; Research and development services relating to computer hardware; IT consultancy, advisory and information services; Computer system monitoring services; Monitoring of network systems; Services relating to computer software for use in the field of industrial operations and industrial automation; Conversion of computer programs and data, other than physical conversion; Maintenance of computer software; Monitoring of computer systems by remote access; Updating of computer software; Virtualized hosting of computer programs, applications, operating systems and virtual machines; Cloud computing for use in the field of industrial automation, in the automotive sector, in the aerospace sector, and for tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; Software as a service [SaaS] for use in the field of industrial automation, in the automotive sector, in the aerospace sector, and for tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; IT consultancy, advisory and information services in relation to electronic driving assistance systems and automatic driving control systems for vehicles; Software development, programming and implementation in relation to electronic driving assistance systems and automatic driving control systems for vehicles; Design and development of computer software for vehicles; functional safety consultancy in the automotive field and in the field of off-highway vehicles; Research services in the field of information and telecommunications technology; Computer programming; technical consultancy with regard to the use of computer hardware, computer software and communication technology and networks in companies and in internal and external, and global networks, in the field of communications technology and networks; Programming of energy management software; Design and development of energy management software; Design and development of software for control, regulation and monitoring of solar energy systems; Design and development of software for control, regulation and monitoring of renewable energy systems; Computer programming for the energy industry; Development of software for the energy sector.
6.
Control System and Method for Safe Control of a Technical System
The invention is located in the field of computer technology and relates to a subsystem, the decision system, of a distributed fault-tolerant computer architecture for fully autonomous control of a technical system. A possible architecture of such a distributed fault-tolerant control system was published by H. Kopetz in the Springer Lecture Notes on Computer Science (LNCS) Vol. 13660, Chapter 4, pp. 61-84 under the title An Architecture for Safe Driving Automation in December 2022 [Kop22]. This safe control system consists of four subsystems, each of which is an independent hardware/software system and where each of the four subsystems forms a fault-containment unit. The four independent subsystems of the described architecture are a Primary Control System, a Monitoring System (MS), a Fallback System and a Decision System. Provided that the functioning of the decision system is always fault-free, the control system presented by H. Kopetz will bring the technical system to a safe state if an arbitrary (Byzantine) fault occurs in one of the other three subsystems. The present invention extends this architecture so that even in the event of a fail-silent fault of the decision system, the system is brought to a safe state.
The invention relates to a reliable system and a method for energy management in an end consumer of electrical energy. The proposed energy management system consists of two largely independent fault containment units (FCU), an energy control system (110) and an energy optimisation system (150), which exchange data via a well-defined message interface. The energy control system carries out the energy distribution according to the target data (142) which is periodically received by the energy optimisation system. The energy optimisation system calculates the optimum energy use at any given point in time. Since, in normal operation, the energy control system has no direct contact with the Internet, no intrusion into the energy control system can take place. If the energy optimisation system fails due to an intrusion, then the energy control system accepts the target data from an a priori, locally-stored, emergency operating plan.
H02J 3/00 - Circuit arrangements for ac mains or ac distribution networks
H02J 3/14 - Circuit arrangements for ac mains or ac distribution networks for adjusting voltage in ac networks by changing a characteristic of the network load by switching loads on to, or off from, network, e.g. progressively balanced loading
H02J 13/00 - Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the networkCircuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network
8.
Method to configure real-time communications in a network with time-triggered and rate-constrained traffic
A network configuration for the transmission of communication flows in a real-time communication network, wherein the network comprises components, which are connected by links, wherein an arrangement of the components and links of the network is described by a network topology, wherein said components of the network communicate via a defined set of communication flows, wherein the method comprises a first, a second, and a third module, as well as a first and a second feedback loop, wherein in a first step the first module computes, based on said network topology and said set of communication constraints, one route for each communication flow of said set of communication flows, and wherein, in a second step, after the first step has finished, said second module, computes a time-triggered schedule for the communication of said TT flows, so that one or more of the constraints related to said TT flows are fulfilled.
H04L 47/28 - Flow controlCongestion control in relation to timing considerations
H04L 47/76 - Admission controlResource allocation using dynamic resource allocation, e.g. in-call renegotiation requested by the user or requested by the network in response to changing network conditions
9.
Method to generate safe control data for a local machine
A method and system to generate safe control data to control and/or to supervise a local machine, wherein a local software application is executed on a safe hardware device and executes calculations based input data to generate said safe control data, wherein a software application is executed on a hardware external to the safe device and sends a request to the cloud application to execute one or more defined calculations and said specific input data, which is to be used by the at least one cloud application for the execution of the one or more defined calculations, wherein the control data is determined to be safe or unsafe, and wherein if the control data are not received timely they will not be used to control and/or supervise the local machine.
The invention relates to a method for providing a fault-tolerant global time and for the fault-tolerant transport of time-controlled messages in a distributed real-time computer system which comprises external computers and a fault-tolerant message distribution unit, FTMDU. The FTMDU comprises at least four components which supply the global time to the external computers by means of periodic external synchronization messages, wherein the external computers each set their local clock to the received global time, wherein each external sender of a time-controlled message transmits two message copies of the message to be sent via two different communication channels to two different components of the FTMDU at periodic sending times defined a priori in timetables, wherein these two message copies are delivered within the FTMDU via two independent communication paths to those two components of the FTMDU which are connected to an external receiver of the message via communication channels.
The invention relates to a method for providing a fault-tolerant global time via a time server in a distributed real-time computer system, wherein the time server comprises four components which are connected to one another via a bi-directional communication channel. At a priori defined periodic, internal synchronization times, each of the four components transmits an internal synchronization message, which is simultaneously transmitted to the other three components, from which each internal computer of a component determines a correction term for the tick counter contained in its component and corrects the reading of the local tick counter by this correction term.
The present disclosure envisages optimization of a time-sensitive fog network deployed in an industrial environment. The time-sensitive fog network comprises a plurality of fog nodes communicably coupled to a plurality of industrial equipments referenced as endpoints. Each fog node is embodied with a plurality of computer-based resources including computational resources, storage resources, security resources, network resources, application-specific resources, and device-specific resources. The resource constraints that warrant the endpoints to cooperate with specific fog nodes to access specific resources are manifested as a compute profile, a storage profile, a security profile, a network profile, an application-specific profile, and a device-specific profile. The endpoints are optimally provisioned to cooperate with the fog nodes and consume the computer-based resources embodied therein, based on a deployment model that optimally and deterministically correlates the plurality of computer-based resources embodied in each of the fog nodes to the resource profiles attributed to each of the endpoints.
A method for generating a schedule for the transmission of time-triggered, TT, messages in a network, wherein said network communicates TT messages according to said schedule and based on a global, network-wide time, wherein said network communicates rate-constrained, RC messages, wherein for each of said RC messages real-time requirements are provided, wherein the method comprises: Step 1: setting the transmission time of all TT messages which are communicated in the network, and Step 2: executing a search function to find a set of TT transmission times so that the real-time requirements of all RC messages are fulfilled, and when all real-time requirements or at least real-time requirements for defined RC messages are fulfilled, generating in Step 3: the schedule based on the transmission times retrieved in Step 2, or executing Step 2 again when not all real-time requirements or not all real-time requirements for the defined RC messages are fulfilled.
A method is provided for error detection in a ternary content addressable memory, TCAM, preferably in real-time, wherein the error detection is initiated with a read operation at a specified input address (200), wherein an additional random access memory, RAM, is provided, wherein said RAM has the same number of locations as the TCAM, wherein in both memories, TCAM and RAM, corresponding read data entries (210) which each consist of data and a mask are placed at the same address locations. In addition, a method is provided for error detection in a TCAM, preferably in real-time, wherein the error detection is triggered by the found of searched input key (400) and starts with a read operation at a specified memory address (410), wherein an additional RAM is provided, wherein said RAM has the same number of locations as the TCAM, wherein in both memories, TCAM and RAM, corresponding read data entries (420) which each consist of data and a mask are placed at the same address locations.
G11C 29/10 - Test algorithms, e.g. memory scan [MScan] algorithmsTest patterns, e.g. checkerboard patterns
G11C 29/44 - Indication or identification of errors, e.g. for repair
G11C 15/04 - Digital stores in which information comprising one or more characteristic parts is written into the store and in which information is read-out by searching for one or more of these characteristic parts, i.e. associative or content-addressed stores using semiconductor elements
G11C 29/12 - Built-in arrangements for testing, e.g. built-in self testing [BIST]
G11C 29/42 - Response verification devices using error correcting codes [ECC] or parity check
15.
Maintainable distributed fail-safe real-time computer system
A distributed maintainable real-time computer system is provided, wherein the real-time computer system includes at least two central computers and one, two or a plurality of peripheral computers. The central computers have access to a sparse global time, have identical hardware and identical software, but different startup data, wherein each functional central computer periodically sends time-triggered multi-cast life-sign messages to the other central computers according to a time plan a priori defined in its startup data, and wherein the peripheral computers (151, 152, 153, 154) can exchange messages (135) with the central computers (110, 120), and wherein at all times one central computer is in the active state and the other central computers are in the non-active state, and wherein after the apparent absence of a life-sign message of the active central computer expected at a planned reception time, that non-active functioning central computer which has the shortest start-up timeout takes over the function of the active central computer, and wherein each central computer (110, 120; 200) consists of three independent subsystems, an application computer (210), a storage medium having the startup data (230) characteristic of the central computer (200) and an internal monitor (220), wherein the internal monitor (220) periodically checks the correct functioning of the application computer (210), and wherein upon detection of an error the monitor (220) initiates a hardware reset and a restart of the application computer (210), and wherein preferably the active central computer initiates a maintenance action after an apparent absence of the life-sign messages expected at the planned reception times from a non-active central computer, which action can lead to the repair or replacement of a permanently failed central computer.
Trusted virtual process execution contexts using secure distributed ledger are disclosed herein. An example system can be configured to determine an allowable state for an IoT endpoint node of the IoT endpoint nodes, the allowable state having one or more trusted parameters for the IoT endpoint node; hashing the one or more trusted parameters of the allowable state for the IoT endpoint node into a parameter hash; store the hashed, trusted parameters along with the parameter hash; hashed, trusted and provision the one or more trusted elements with the one or more trusted parameters for the IoT endpoint node when the one or more trusted parameters are verified.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
17.
Systems and methods for securing industrial data streams with a fog root of trust
Systems and methods for security of industrial data streams are provided herein. Methods according to various embodiments include provisioning a fogNode that is communicatively coupled with a fog cloud manager through a forwarder of the fogNode and providing a fogLet within the fogNode, the fogLet communicating with a plurality of operational technology devices. Embodiments include providing fogLet identification information using hardware root of trust of the fogNode, the hardware root of trust of the fogNode being a Trusted Platform Module (TPM) of the fogNode. Embodiments further comprise communicating operational device authentication information with fogLet identification information to a third party tenant application, the third party tenant application validating industrial data streams from the operational technology devices by communicating the operational device authentication information with the fogLet identification information to a third party cloud application.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Recorded computer software for providing an open infrastructure for running multiple workloads such as virtual machines and containers, for use in the field of industrial operations and industrial automation control; Recorded computer software for providing an open infrastructure for remotely managing workloads such as virtual machines and containers, for use in the field of industrial operations and industrial automation control; Recorded computer software for providing interfaces for accessing, storing and distributing data from machine sensors and controllers, for use in the field of industrial operations and industrial automation control; Computer hardware for use in the field of industrial operations and industrial automation control; Ethernet switches for use in the field of industrial operations and industrial automation control; all the foregoing not in the fields of web design, business data analytics or database management Cloud computing featuring software for uploading and deploying computer software for machines by remote means in the field of industrial operations and industrial automation control; Monitoring of computer hardware in the field of industrial operations and industrial automation control by remote access for the purpose of executing computer hardware diagnostics to ensure proper functioning; Technological research relating to the computerized automation of industrial processes; all the foregoing not in the fields of web design, business data analytics or database management
A communication node (NODE) for connecting a fault-tolerant computer (FTC) to a real-time network (NET), wherein the node receives critical application data (HCAD1, HCAD2) from computation hosts (HOST) of the fault-tolerant computer, and the node is configured to forward the critical application data as node critical application data (NCAD) to the NET. The node includes at least a first end system (ES1), a second end system (ES2) and a switch (SW), and the switch includes at least a commander part (COM), a monitor part (MON) and a comperator part (COMP). The MON and the COMP may be integrated into an integrated part (MONC). The ES1 connects to the computation hosts or a subset thereof, and the ES2 connects to the computation hosts or a subset thereof. The ES1 connects to the COM, and the ES2 connects to the MON. The computation hosts or a subset thereof provide first host critical application data (HCAD1) to the ES1, and the computation hosts or a subset thereof provide second host critical application data (HCAD2) to the ES2. The ES1 is configured to forward the HCAD1 as first end system critical application data (ESCAD1) to the COM and the ES2 is configured to forward the HCAD2 as second end system critical application data (ESCAD2) to the MON. The COM is configured to forward the ESCAD1 as commander critical application data (CCAD) to the COMP at a pre-configured commander forwarding point in time (TCOM), and the MON is configured to forward the ESCAD2 as monitor critical application data (MCAD) to the COMP at a pre-configured monitor forwarding point in time (TMON). If the MON and the COMP are not integrated into an integrated part, then the COMP is configured to forward either the CCAD or the MCAD as node critical application data (NCAD), if and only if, the CCAD and the MCAD are identical and the COMP starts to receive the CCAD and the MCAD within an interval of configured length (SYNC-1). Alternatively, if the MON and the COMP are integrated into an integrated part (MONC), then the COM is configured to forward the ESCAD1 as NCAD to the NET. The switch includes an interception function (INTERCEPT) which is configured to (i) preempt an ongoing transmission of NCAD and/or (ii) prevent the transmission of NCAD, and the COMP is configured to activate the interception function if and only if the CCAD and the MCAD are not identical or the COMP does not start to receive the CCAD and the MCAD within SYNC-1.
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Electronic controllers for construction machines; Electronic controllers for earth moving machines; Electronic controllers for drilling machines; Electronic controllers for cranes; Electronic controllers for agricultural machines; Electronic controllers for harvesters; Electronic controllers for elevating work platforms; Electronic controllers for mobile cranes; Electronic controllers for excavators; Electronic controllers for ice-resurfacing machines; Electronic controllers for snow ploughs; Electronic controllers for snow moving vehicles; Electronic controllers for engines other than for land vehicles; Electronic controllers for machine coupling and transmission components except for land vehicles; Electronic controllers for mechanical process control units; Electronic controllers for industrial robots; Electronic controllers for industrial robots for use in manufacture; Electronic controllers for machine tools, namely, gear cutters, lathes and chasers, excluding gaming apparatus; Computer memory hardware; Downloadable computer software for operating system programs, application programming interfaces, applications for managing electronic control units in vehicles, applications for managing industrial machines on a cloud computing platform in the field of off-highway vehicles, the automotive sector, the aerospace and space sector; industrial automation sector; Downloadable computer operating programs and computer operating systems; Downloadable middleware for software application integration; Memories for data processing equipment; Electronic communications systems comprised of computer hardware and recorded software for the transmission of data between two points; Electrical integrated control systems for use in the field of off-highway vehicles, the automotive sector, the aerospace and space sector; industrial automation sector; Electronic control systems for machines; Downloadable factory automation software, namely, software to integrate manufacturing machine operations, track problems and generate production reports; Industrial automation controls; Downloadable industrial process control software; Downloadable computer software to monitor and control factory manufacturing processes; Electric installations for the remote control of industrial operations; Ethernet switches; Computer networking hardware; Downloadable computer programs for network management; Computer network adapters; Electronic signaling mechanism, namely, a train control system used in the railway industry for detecting and controlling trains, ground faults, broken rails, power failures, track switches and lights; Electrical controlling devices; Electric switches; electrical switches; Electric conductors; Calculating machines, data processing equipment and computers; Computers; Apparatus and instruments for conveying, distributing, transforming, storing, regulating or controlling electric current; Power controllers for regulating or controlling electricity, fuel, hydraulics, air and other physical media, namely, highly-available distributed controls, switches, and electrical controllers; Computer servers; Computer network servers; Network servers; Network routers; Telephone routers; Wireless routers; Computer network adapters; Data switches as switch boxes; Computer network hubs; Wireless communication devices for voice, data or image transmission; Downloadable computer software and firmware for operating system programs; Semi-conductors; Micro-processors; Integrated circuits; Central processing units; Microcomputers; Computer chipset for use in transmitting data to and from a central processing unit; Motherboards; Computer graphics boards; Computer peripherals; Electronic control systems for machines; Computer networking hardware; Computer hardware for telecommunications; Sound cards; Modems; Computer network switches; Computer chips; Recorded computer software development tools; Downloadable software for planning and verification, installation and diagnostic testing of software and hardware configurations in the field of off-highway vehicles, automotive, aerospace and space and industrial automation; Downloadable computer software development tools; Downloadable computer firmware for operating system programs in the field of off-highway vehicles, the automotive sector, the aerospace and space sector, the industrial automation sector; Downloadable middleware for management of software functions on electronic devices; Computer network adapters, switches, routers and hubs; Data processing apparatus; Downloadable software for industrial safety control and procedures for use in the field of industrial operations and industrial automation; Downloadable computer software platforms for the remote management of machines and devices for use in the field of industrial operations and industrial automation control; Downloadable computer software platforms for electronic driving assistance systems; Computer programs, recorded, for use in the assisted driving of vehicles; Downloadable computer application software for vehicle on-board computer systems, namely, software for automatic vehicle driving control; Navigation apparatus for autonomous vehicles in the nature of on-board computers; electronic controls for autonomously driving vehicles; Computer hardware and recorded software system for monitoring environmental conditions and controlling devices within a vehicle to drive autonomously; Downloadable computer application software for vehicle on-board computer systems, namely, software for automated vehicle parking control; Computer programs, recorded, for use in autonomous driving of vehicles; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for construction machines; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for earth moving machines; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for drilling machines; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for cranes; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for agricultural machines; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for harvesters; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for elevating work platforms; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for mobile cranes; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for excavators; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for ice-resurfacing machines; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for snow ploughs; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for snow moving vehicles; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for engines other than for land vehicles; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for machine coupling and transmission components except for land vehicles; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for mechanical process control units; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for industrial robots; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for industrial robots for use in manufacture; Systems in the nature of electronic control units comprising displays, panels, operator interfaces and recorded software for machine tools, namely, gear cutters, lathes and chasers Educational services, namely, conducting seminars and workshops in the fields of technology and software development, networking and communication technologies and distribution of training materials in connection therewith; IT training services Computer hardware development; Research and development of computer software; Design and writing of computer software; Computer programming; Computer network configuration services; Consultancy in the design and development of computer hardware; Consulting services in the field of cloud computing; Consulting in the field of configuration management for computer hardware and software; Design and development of computer firmware; Design and development of software and hardware for digital signal processing; Research in the field of computerized automation of industrial processes; Research and development in the field of computer hardware; Information technology as IT consulting services; Monitoring of computer systems to detect breakdowns; Monitoring of computer systems for detecting unauthorized access or data breach; Technical support, namely, monitoring technological functions of computer network systems; Technical support services, namely, monitoring technological functions of network systems; Data conversion of computer programs and data, not physical conversion; Maintenance and updating of computer software; Monitoring of computer systems by remote access to ensure proper functioning; Updating of computer software; Hosting the software, websites and other computer applications of others on a virtual private server; Consulting services in the field of cloud computing; Computer services, namely, cloud hosting provider services; Computer services, namely, integration of private and public cloud computing environments; Providing virtual computer systems and virtual computer environments through cloud computing; Software as a service as SaaS services featuring software for safety functions, for system integration and system configuration, and for use as operating systems and/or safe execution platform for distributed networked systems in the field of industrial automation, in the automotive sector, in the aerospace sector, and for tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drill machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; Design and development of computer software for electronic driving assistance systems and automatic driving control systems for vehicles; Computer software installation and maintenance; Software design and development; Technology consultation in the field of functional safety for automotive and off-highway vehicles; Research services in the field of information and telecommunications technology; Technical consulting services in the fields of computer hardware and software, communications technology and networks
21.
Device and network to reliably communicate in a network
A self-checking network device (201) for communication in a real-time network, wherein the self-checking network device (201) includes at least four modules (S-COM, P-COM, P-MON, S-MON), wherein the network device (201) and/or each of the four modules is configured such that a first module (S-COM) of the at least four modules receives both regular data and protocol data from said communication links (110) on a first input (COM-IN), and said first module (S-COM) forwards protocol data on a second input (P-COM-IN) to a second module (P-COM) of the at least four modules, wherein said second module (P-COM) executes a first function (C-PU) as part of the one or the more of the network protocols using protocol data received on said second input (P-COM-IN) and produces protocol data as output on a first output (P-COM-OUT).
A method for data integrity check in a network device of a computer network. The network device includes a communication module and a monitoring module. The monitoring module receives (a) the same data being received by a communication module from an input port of the network device, and (b) the same data the communication module transmits towards output port/s of the network device. The monitoring module (i) derives, after receiving the same R-data as the communication module, a sub-tuple of the R-data, a “R-data sub-tuple”, wherein the R-data sub-tuple includes m of the n data elements of the n-tuple of R-data, wherein m>0 and m
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Construction machines; Earth moving machines; Drilling machines; Cranes; Agricultural machines; Harvesters; Elevating work platforms; Mobile cranes; Excavators; Ice-resurfacing machines; Snow ploughs; Snow moving vehicles; Engines, other than for land vehicles; machine coupling and transmission components except for land vehicles; Process control units [mechanical]; Industrial robots; Industrial robots for use in manufacture; Gear cutters [machine tools]; Lathes [machine tools]; Chasers [machine tools]. Electronic control units; Computer hardware; Computer software; Operating system software; Software applications; Readers [data processing equipment]; Electronic communication installations; Electronic control systems; Electronic control systems for machines; Factory automation software; Industrial automation software; Industrial automation controls; Industrial process control software; Manufacturing software; Remote control apparatus; Ethernet switches; Computer networks; fault-tolerant networks comprising computer network adapters; electronic interlocking systems comprising railway signals for train control; Apparatus and instruments for controlling electricity; Apparatus and instruments for switching electricity; Apparatus and instruments for conducting electricity; Data processing equipment; Computers; apparatus and instruments for conducting, switching, transforming, accumulating, regulating or controlling electricity, fuel, hydraulics, air and other physical media, namely, highly-available distributed controls, switches, electrical controllers; computer servers and communication network servers for use in connection with deterministic, fault-tolerant and hard real-time Ethernet networking for critical embedded systems, computing centers and data centers; Routers; Computer network adapters; Data switches; Network hubs; Wireless communication devices for voice, data, or image transmission; computer firmware for use in operating and maintaining the computer system; semiconductors; microprocessors; integrated circuits; computer central processing units; microcomputers; Computer chipsets for use in transmitting data to and from a central processing unit; computer motherboards; computer graphics boards; Computer peripherals; electronic control systems for machines; Computer networking hardware; Computer hardware for telecommunications; Sound cards; Modems; Computer network switches; Computer chips; Software development tools; Software tools for planning and verification of software and hardware configurations; Computer firmware; Middleware; Middleware for management of software functions on electronic devices; switches, routers and hubs for airborne and ground systems, traffic controls, electronic interlocking systems comprising railway signals for train control, development systems comprising Ethernet adapters, cables, controllers, repeaters, switches and transceivers for investigation of deterministic Ethernet features and the development of distributed real-time applications; control instruments and data processing apparatus for sending data between computers in a network or distributed computer system, in particular fault-tolerant networks and computer systems; Safety software for use in the field of industrial operations and industrial automation; Real-time data processing apparatus; Computer software for the remote management of machines and devices for use in the field of industrial operations and industrial automation control; Software for electronic driving assistance systems; Computer programs for use in the assisted driving of vehicles; Computer applications for automatic vehicle driving control; Autonomous driving control systems for vehicles; Computer applications for automated vehicle parking control; Computer programs for use in autonomous driving of vehicles. Education services, namely, providing seminars and workshops in the field of technology and software development, networking and communication technologies and related systems; IT training services. Computer hardware development; Computer software development; Computer software design; Programming of electronic control systems; Configuration of computer systems and networks; Consultancy services relating to computer networks; Development of computer firmware; Development of computer peripherals; Development of hardware for digital signal processing; Research relating to the computerised automation of industrial processes; Research and development services relating to computer hardware; IT consultancy, advisory and information services; Computer system monitoring services; Monitoring of network systems; Services relating to computer software for use in the field of industrial operations and industrial automation; Data conversion of computer programs and data, not physical conversion; Maintenance of computer software; Monitoring of computer systems by remote access; Updating of software; Virtualized hosting of computer programs, applications, operating systems and virtual machines; Cloud computing for use in the field of industrial automation, in the automotive sector, in the aerospace sector, and for tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; Software as a service [SaaS] for use in the field of industrial automation, in the automotive sector, in the aerospace sector, and for tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; IT consultancy, advisory and information services in relation to electronic driving assistance systems and automatic driving control systems for vehicles; Software development, programming and implementation in relation to electronic driving assistance systems and automatic driving control systems for vehicles; Design and development of computer software for vehicles; functional safety consultancy in the automotive field and in the field of off-highway vehicles; research services in the field of information and telecommunications technology; computer programming; technical consultancy with regard to the use of computer hardware, computer software and communication technology and networks in companies and in internal and external, and global networks, in the field of communications technology and networks.
Adaptive scheduling of compute functions in a fog network is described herein. An example method includes synchronizing kernel and hypervisor scheduling of applications used to control one or more edge devices using a global schedule, wherein the global schedule comprises timeslots for applications, and adapting the timeslots in real-time or near real-time based on application-based time related feedback that is indicative of time delays.
A method for transmitting real-time messages in a computer network (100), in particular real-time computer network, wherein said network comprises two or more computing nodes (21, 22, 23, 24, 25, 26) and one or more star couplers (1, 2, 3, 4), wherein said nodes are interconnected via at least one star coupler, wherein each node is connected to at least one star coupler via at least one of the communication links (50), and wherein the nodes exchange messages (M1, M2) with one another and with the at least one star coupler, and wherein star couplers, which are synchronized to a global time base (C), transmit a first non-empty set (SSET) of real-time messages according to a synchronized communication paradigm, and/or wherein computing nodes, which are synchronized to the global time base, transmit said first non-empty set of real-time messages according to the synchronized communication paradigm, wherein a star coupler, which is not synchronized to a global time base, and/or a computing node, which is not synchronized to a global time base, transmits a second non-empty subset (CSET) of said first non-empty subset of real-time messages according to an unsynchronized communication paradigm and stops the transmission of said second non-empty subset of real-time messages according to the synchronized communication paradigm.
A method for a determination of the optimal duration of a time slot for computational actions in a time-triggered controller. The controller includes a sensor subsystem, a computational subsystem, an actuator subsystem, and a time-triggered communication system. The time-triggered communication system is placed between the sensor subsystem, the computational subsystem, the actuator subsystem, and a monitor subsystem. An anytime algorithms is executed in the computational subsystem. A plurality of execution slot durations of the anytime algorithms is probed during the development phase, starting from the minimum execution slot duration, increasing this slot duration by the execution slot granularity until the maximum execution slot duration is reached. In each of the execution slot durations, a multitude of frames is executed in a destined application environment. In each frame the computational subsystem calculates imprecise anticipated values of observable state variables by interrupting execution of the anytime algorithm at the end of the provided execution slot duration, using data received from the sensor subsystems at the beginning of the frame.
A method to configure nodes in a real-time network, which nodes are connected with links to each other directly or indirectly via other nodes and communicate with each other using said links by exchanging frames, wherein: (i) at least one node (a) associates at least one queue with at least one link, (b) is connected to said at least one queue, and (c) places frames in said at least one queue for transmission on the associated link, (ii) said at least one queue is associated with a gate which can be in an open or closed state, (iii) said at least one node selects frames that are placed in said at least one queue on the at least one link associated with said queue for transmission if the gate associated therewith is in the open state and does not select frames for transmission when said gate is in the closed state, (iv) said gate changes the state with the progress of time from open to closed and vice versa to form windows as indicated by configuration data, (v) said configuration data is produced by a tool capable of solving constraints in array theory, (vi) said tool accepts input formulated as constraints in array theory, (vii) said input is provided to said tool by human user input and/or by communication requests from one or more nodes in the real-time network, and (viii) said configuration data is communicated to one or more nodes in the real-time network, nodes which apply part or all of said configuration data as local configuration.
Provided herein are exemplary systems and methods for an architecture for converged industrial control and real time applications, the architecture comprising a physical network port, a switching module, an embedded ARM core, a network interface controller, and a multi-core computing module. According to further exemplary embodiments, the physical network port is an ethernet port capable of supporting a real-time field bus. The switching module may be configured to support a multiport ethernet switch. The switching module may also be configured to enable a backplane mesh to interconnect multiple foglets. Additionally, the embedded ARM core may be within the switching module, and the embedded ARM core may be configured to support virtualization.
The invention describes a method and a computer network for fault tolerant message transmission. Nodes of the network are connected to form a ring network. Nodes in the network form a summation group. For transmitting messages from the nodes of the summation group to a switch edge, nodes of the summation group generate and send summation frames. If a node participating in the summation group determines the non-arrival of a summation frame, it generates first recovery frame, inserts its message into said recovery frame, and sends this first recovery frame in the direction of the summation frame, which it was expecting. After sending the first recovery frame, it generates a second recovery frame, inserts its messages into said second right direction recovery frame, and sends said second right direction recovery frame to the switch.
A network device for a computer network (1), the network device (2) including communication channels (3), a PHY chip (4) configured for transmitting data in a raw data stream on the communication channels, and a MAC chip (5) configured for encapsulating data to be transmitted into frames, and for calculating a checksum for each frame. The PHY chip is configured for receiving frames of the MAC chip and transmitting transmission data contained in the frames via at least one of its communication channels. The PHY chip is configured to calculate, after receiving a frame and before sending the data of the frame in a raw data stream, a checksum of the data contained in the frame, and to this checksum with the CRC contained in the frame. The data contained in the frame are transmitted if the comparison of the checksums delivers identical values. If the comparison delivers non-identical values, then a specifiable or specified action is executed.
Methods and computer systems for establishing an interactive consistency property between receivers of messages. Messages are transmitted to receivers by a sender over a communication network including disjoint communication paths for connecting receivers and sender. Switches include local clocks. Local clocks of non-faulty switches are synchronized to each other with a maximum error (precision), and receivers detect switch failures. Redundant copies of a message are forwarded by sender to each receiver across different disjoint communication paths. A switch of each disjoint path is configured such that redundant copies are forwarded to each receiver with a temporal distance between disjoint paths. That distance is selected such that all non-faulty receivers receive redundant copies in the same receive order, when the switches and communication links of the disjoint paths exhibit no failure. Each receiver concludes from the receive order whether and which redundant copy to accept to satisfy the interactive consistency property.
G06F 11/14 - Error detection or correction of the data by redundancy in operation, e.g. by using different operation sequences leading to the same result
G06F 11/16 - Error detection or correction of the data by redundancy in hardware
The invention relates to a method, in particular a time controlled error-tolerant method, for periodically transporting real-time data in a computer system, in particular in a distributed computer system, said computer system comprising node computers (111-116), in particular a plurality of node computers (111-116), and distributor units (131, 132, 133, 151), in particular a plurality of distributor units (131, 132, 133, 151). The node computers and the distributor units have access to a global time, and real-time data is transported by means of messages, preferably by means of time-controlled real-time messages. The topology of the computer system corresponds to an intree, and node computers (111-116), are arranged on the leaves of the intree. One or more sensors (101-106) is assigned to each node computer (111-116), and the node computers (111-116) arranged on the leaves of the intree transmit sensor data in the payload of messages in the direction of a control center (100) located at the root of the intree at points in time, preferably at synchronized points in time. The payload of one or more incoming messages in a distributor unit is transported out of the distributor unit with an outgoing message, and an individual time plan is generated a priori for each distributor unit, wherein the time plan contains a periodically repeating starting time (391) for transmitting a message (390) going out of the respective distributor unit, said starting time being calculated a priori from—the a priori known time of arrival of a controlling payload to be transported, which is specified a priori for example, of one of the incoming messages, in particular a time-critical payload to be transported of one of the incoming messages, —minus the a priori known lead-time interval ([391, 393]) of the outgoing message (390), —plus at least one time interval ([393, 393)] required to copy a data element of the controlling payload, in particular the time-critical payload of the incoming message (320), into a data element of the payload of the outgoing message (390); and the payloads of the incoming messages are copied into the payload of the outgoing message by carrying out the a priori generated time plan.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
Disclosed herein are enhancements for operating an input/output (I/O) management cluster with end I/O devices. In one implementation, a method of operating an I/O cluster includes, in a first I/O management node of the I/O management cluster, executing a first application to manage data for an I/O device communicatively coupled via at least one switch to the first I/O management node. The method further provides identifying a failure in the first I/O management node related to processing the data for the I/O device and, in response to the failure, configuring the at least one switch to communicate the data for the I/O device with a second I/O management node of the I/O management cluster. The method also includes, in the second I/O management node and after configuring the at least one switch, executing a second application to manage the data for the I/O device.
Enterprise grade security for integrating multiple computing domains with a public cloud is provided herein. An example system a forwarder that provides one-way data publishing to a public cloud and a data bus that provides domain-to-domain messaging between a plurality of domains. At least one of the plurality of domains includes operational technology infrastructure devices and operational technology virtual machines. The operational technology virtual machines are communicatively coupled to the operational technology infrastructure devices using one or more operational technology switches. The operational technology switches isolates the operational technology infrastructure devices and facilitates one-way communication and prevents bidirectional communication to the operational technology infrastructure devices from the public cloud.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
09 - Scientific and electric apparatus and instruments
Goods & Services
Industrial automation controls; Electronic control systems for machines; Electronic apparatus for the remote control of industrial operations; Ethernet switches; the foregoing being used to control industrial machine processes, remotely monitor industrial machine data, and manage industrial machine applications
09 - Scientific and electric apparatus and instruments
Goods & Services
Industrial automation controls; Electronic control systems for machines; Electronic apparatus for the remote control of industrial operations; Ethernet switches; the foregoing being used to control industrial machine processes, remotely monitor industrial machine data, and manage industrial machine applications
Provided herein are exemplary systems and methods for a fog computing facilitated flexible factory including establishing a physical production process as part of a work cell, establishing a sensing process as part of the work cell for the physical production process, establishing a monitoring process for the sensing process and the physical production process, establishing a managing process for the monitoring process, the sensing process and the physical production process, establishing a planning process for the managing process, the monitoring process, the sensing process and the physical production process, and establishing a fog node as part of the work cell for all of the processes.
G05B 19/418 - Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
38.
Method for the reliable transport of alarm messages in a distributed computer system
The invention relates to a method for the reliable transport of alarm messages in a distributed computer system, said computer system comprising components, in particular a plurality of components, the components being node computers, distributor units, sensors—preferably intelligent sensors—and actuators—preferably intelligent actuators—and all components having access to a global time of known precision, and the node computers, intelligent sensors and intelligent actuators exchanging messages via the distributor units. It is provided that the computer system includes intelligent alarm sensors or intelligent alarm sensors are assigned to the computer system, and an intelligent alarm sensor transmits two types of time-triggered messages, alarm messages having an alarm transport period prescribed a priori, and error detection messages having an error detection period prescribed a priori, and the time stamps for the occurrence of alarm events are included in an alarm monitoring interval, the alarm monitoring interval ending directly before the transmission of the alarm message and being at least twice as long as the alarm transport period, and an alarm message only being transmitted if at least one time stamp of an alarm event is included in the alarm message, and the current states of all alarms that are active immediately before the transmission of the error detection message are included in the periodic error detection messages.
An information exchange between at least two processes (FEED_PROC-1, FEED_PROC-2, CONSUME_PROC-1) communicating with each other using at least one queue (QUEUE-001) uses a placement plan for determining the order in which messages are placed into the queue. The information feeding processes (FEED_PROC-1, FEED_PROC-2) place pieces of information (MESG-001, MESG-002) into the queue (QUEUE-001), from where an information consuming process (CONSUME_PROC-1) sequentially consumes the pieces of information. The placement plan describes, for at least one possible value of identifying information contained in each of the pieces of information, a respective position (POS-001, POS-002) in the queue (QUEUE-001), such that the pieces of information (MESG-001, MESCG-002) or respective references thereto are placed into the queue according to positions in the queue (QUEUE-001) corresponding to the respective values of the identifying information in the pieces of information.
The invention relates to a time-controlled distribution unit (30, 31) for the distribution of messages in a distributed computer system for safety-critical applications. Said distribution unit is designed as a self-testing functional unit and comprises input channels (201 . . . 222) for receiving time-controlled periodic input messages from node computers (20, 21, 22) upstream in the data flow, and output channels (301 . . . 333) for transmitting time-controlled periodic output messages to the node computers (50, 51, 52) downstream in the data flow, a computer (40) being provided in the distribution unit and being designed to analyze, by means of a “simple” software, useful information contained in the input messages, and to decide whether output messages are output and, if so, which useful information is contained in the output messages.
G06F 11/07 - Responding to the occurrence of a fault, e.g. fault tolerance
G06F 11/18 - Error detection or correction of the data by redundancy in hardware using passive fault-masking of the redundant circuits, e.g. by quadding or by majority decision circuits
G06F 11/16 - Error detection or correction of the data by redundancy in hardware
The invention relates to a fault-tolerant, maintainable automation system comprising two central computers, a process periphery and gateway computers, wherein the central computers and the gateway computers are fail-silent FCUs and represent autonomous exchange units, and the central computers and gateway computers exchange timed status messages via communications channels, and wherein each gateway computer establishes the link to the process periphery associated with the gateway computer and saves the current status of the process periphery associated with the gateway computer, and wherein a central computer assumes the role of an active central computer and another central computer assumes the role of a passive central computer, and wherein the active central computer exerts control over the gateway computers, and wherein the active central computer transmits a sign-of-life message to the passive central computer, preferably periodically, and wherein the passive central computer acknowledges the receipt of a sign-of-life message from the active central computer in a periodic sign-of-life message and monitors it through a time-out, and wherein the passive central computer assumes the role of the active central computer if the sign-of-life messages fail to appear after the time-out, and wherein the faulty, previously active central computer autonomously attempts to restart and, following a successful restart, monitors the communications traffic within a cluster, the cluster containing the central computer, in order to ascertain the current status of the cluster, and wherein the computer assumes the role of the passive central computer and informs the now-active central computer by means of preferably periodic sign-of-life messages that it is performing the role of the passive central computer, and wherein, if the restart is unsuccessful, the faulty central computer indicates the permanent error by means of a display means.
G06F 11/20 - Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
G05B 19/042 - Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Computer hardware for use in the field of industrial operations and industrial automation control; Computer software applications for use in the field of industrial operations and industrial automation control; Readers (data processing equipment) for use in the field of industrial operations and industrial automation control; Electric installations for the remote control of industrial operations; Factory automation software; Electronic control systems for machines; Electronic control systems; Industrial process control software; Industrial controls incorporating software; Manufacturing software; Computer software for the remote control of office machines and equipment; Remote control apparatus (Electronic -); Ethernet switches. Research relating to the computerised automation of industrial processes; Programming of electronic control systems; Cloud computing for use in the field of industrial automation; Data conversion of computer programs and data, not physical conversion, for use in the field of industrial automation; Maintenance of computer software for use in the field of industrial automation; Monitoring of computer systems by remote access; Software as a service [SaaS] for use in the field of industrial automation; Updating of software for use in the field of industrial automation.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Computer hardware for use in the field of industrial operations and industrial automation control; Computer software applications for use in the field of industrial operations and industrial automation control; Readers (data processing equipment) for use in the field of industrial operations and industrial automation control; Electric installations for the remote control of industrial operations; Factory automation software; Electronic control systems for machines; Electronic control systems; Industrial process control software; Industrial controls incorporating software; Manufacturing software; Computer software for the remote control of office machines and equipment; Remote control apparatus (Electronic -); Ethernet switches. Research relating to the computerised automation of industrial processes; Programming of electronic control systems; Cloud computing for use in the field of industrial automation; Data conversion of computer programs and data, not physical conversion, for use in the field of industrial automation; Maintenance of computer software for use in the field of industrial automation; Monitoring of computer systems by remote access; Software as a service [SaaS] for use in the field of industrial automation; Updating of software for use in the field of industrial automation.
44.
Method for executing a comprehensive real-time computer application by exchanging time-triggered messages among real-time software components
A method for executing a comprehensive real-time computer application including an application software including a description of functions on a distributed real-time computer system including sensors, actuators, computing nodes, and distributor units having access to a global time. The application software including a number of real-time software components (RTSWCs). When executed, the RTSWCs exchange information by time-triggered messages. Each RTSWC is allocated a time-triggered virtual machine TTVM, wherein, during a service interval SI, an operating system running on a computing node provides a TTVM realized on the computing node with protected access to the network resources and memory resources of the computing node assigned to the TTVM, and wherein, during the SI, a defined computing power for processing the RTSWCs running in the TTVM is allocated to the TTVM by the operating system of the computing node such that the RTSWCs provide a result before the end of the SI.
The invention relates to a method for deterministic wireless transfer of time-triggered real-time messages in a distributed real-time system, which real-time system comprises a plurality of node computers and one or more base stations, which are arranged in an arena, wherein all node computers and base stations have a global time, wherein one or more real-time message sequences are periodically transferred in the arena, wherein a real-time message sequence consists of a time-triggered header message with variable length and a sequence of one or more time-triggered real-time messages with a priori known length, and wherein, at an a priori determined transmission time, the software of a T-node issues, to a communication controller thereof, the command to send the header message, and wherein the communication controller of the T-node starts to send the header message as soon as no activity is determined in the arena during an IFS, and wherein the sending of the header message is aborted at an a priori determined time-triggered abort time of the T-node, and wherein, in a command interval before the abort time of the header message, the software of the computer node that has to send the first real-time message of the real-time message sequence issues, to the communication controller thereof, the command to send the first real-time message of the real-time message sequence, and wherein, in the command interval before the termination of the first real-time message, the software of the computer node that has to send the following real-time message of the real-time message sequence issues, to the communication controller thereof, the command to send the following real-time message, and wherein this process is repeated until all real-time messages of a real-time message sequence have been sent.
A method is provided to detect and handle failures in the communication in a network, including a sender (201, 203) and a receiver (202, 501, 502, 503), where communication between the sender and the receiver is message-oriented. The method includes: (a) the sender sending a message (M101, M101-C, M102-C) to the receiver; (b) the sender monitoring the transmission process of the message inside the sender and/or monitoring the message; (c) the sender executing a correctness check of (i) the message, e.g., its contents, and/or (ii) the transmission process of the message inside the sender; and (d) after the correctness check(s) has/have been completed, the sender informs the receiver of the result of the correctness check(s), wherein (e) the receiver of the message marks the message as being faulty and/or discards the message if the result of a correctness check indicates that the message and/or transmission process is faulty.
G06F 11/07 - Responding to the occurrence of a fault, e.g. fault tolerance
H04L 1/00 - Arrangements for detecting or preventing errors in the information received
G06F 11/14 - Error detection or correction of the data by redundancy in operation, e.g. by using different operation sequences leading to the same result
G06F 11/16 - Error detection or correction of the data by redundancy in hardware
47.
Time-triggered cut through method for data transmission in distributed real-time systems
The invention relates to a method for the periodic transport of real-time data in a distributed computer system, which computer system comprises node machines (100, 101, 102, 103), in particular a plurality of node machines (100, 101, 102, 103), and distributor units (121, 122), in particular a plurality of distributor units (121, 122), wherein the node machines (100, 101, 102, 103) and the distributor units (121, 122) have access to a global time, and wherein real-time data is transported by means of time-triggered real-time messages. It is provided that for at least one distributor unit (121, 122), preferably for all the distributor units (121, 122), through which a time-triggered real-time message is to be transported, attributes of this time-triggered real-time message are assigned a priori to a periodic time slot of the at least one distributor unit (121, 122), preferably to a respective time slot (121, 122) of each distributor unit (121, 122), in which periodic time slot or in which periodic time slots, this time-triggered real-time message is to be transported through the distributor unit (121, 122) or the distributor units (121, 122), and wherein, on the basis of attributes that are assigned a priori to this time slot and that are preferably stored in the distributor unit (121, 122), a message arriving in a periodic time slot in a distributor unit (121, 122) is forwarded, immediately after the beginning of the arrival of the message in the distributor unit (121, 12), to one or more output ports of the distributor unit (121, 122), which is/are specified in the attributes assigned to the time slot.
The invention relates to a method for periodic transmission of real time data in a computer system, particularly a distributed computer system, which computer system is comprised of node computers (201-208), particularly an appreciable number of node computers (201-208), and distributor units (211-215), particularly an appreciable number of distributor units (211-215), wherein the node computers (201-208) and the distributor units (211-215) have access to a global time, and wherein real time data are transmitted by means of time-triggered real time messages, wherein selected distributor units (212, 213, 214, 215) form a central structure of distributor units; and wherein during a periodic communication round (PCR), in the error-free case, at least two copies of each real time message to be sent are transmitted via at least two independent routes through the central structure, by executing a satisfying or an optimal time plan, from a start distributor unit in the central structure to a target distributor unit in the central structure; such that in the error case, error handling can begin immediately after an error detection time point contained in the time plan, preferably in the optimal time plan.
A method for transmitting messages in a computer network, e.g., a TTEthernet network, the network including nodes and at least one star coupler, which are connected in a multi-hop fashion, the nodes periodically exchanging time-triggered (TT) messages according to a pre-defined transmission schedule, and wherein nodes exchange, according to the schedule, messages via scheduled time-triggered flows, wherein adding a new time-triggered flow into the running computer network includes: 1. determining, for each hop in the new flow path of the new time-triggered flow, a free transmission gap in the transmission cycle of the corresponding port, 2. modifying, if a sufficiently long transmission gap is not free in a transmission cycle, said transmission cycle, wherein 3. modifying transmission cycles occurs iteratively, and 4. if a sufficient transmission gap is found in each transmission cycle along the flow path, the new transmission is incorporated into each of the cycles and executed periodically.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
H04L 12/413 - Bus networks with decentralised control with random access, e.g. carrier-sense multiple-access with collision detection [CSMA-CD]
50.
Method and computer network for transmitting messages
a is relayed in the network, as a time-controlled time. Alternatively, the computing node 104 reacts by reading a current value from a local sensor, by altering the state of an actuator.
The invention relates to a method for transmitting messages in a computer network, and to a computer network of this type. The computer network comprises computing nodes (101-105), said computing nodes (101-105) being interconnected via at least one star coupler (201) and/or at least one multi-hop network (1000), wherein each computing node (101-105) is connected via at least one communication line (110) to the at least one star coupler (201) and/or the at least one multi-hop network (1000), and wherein the computing nodes (101-105) exchange Ethernet messages with one another and with the at least one star coupler (201) and/or the at least one multi-hop network (1000). A set of two or more components are directly connected to one another in each case by two or more communication lines (110, 111), wherein each component in the set is either a computing node (101-105) or a star coupler (201), and sending components in the set of components send to at least two of the two or more communication lines (110, 111) at least a proportion of the Ethernet messages that are to be sent, and receiving components in the set of components then accept and/or forward at least a proportion of the Ethernet messages received via the two or more communication lines (110, 111) only if at least two identical messages are received via at least two different communication lines.
The invention relates to a method for processing real-time data in a distribution unit of a distributed computer system, the computer system comprising a plurality of node computers and distribution units, the distribution unit containing, in addition to a switching engine (SE) and a switching memory (SM), one or more application computers each with one or more application central processing units and each with one or more application memories (AM), wherein the switching engine of the distribution unit, when it receives, at one of its ports, a message intended for an application computer, forwards this message to the addressed application computer through a direct memory access (DMA) unit that is arranged between the switching memory and the application memory of the addressed application computer and that is under the control of the switching engine. The invention also relates to an expanded distribution unit and a computer system with such expanded distribution units.
A process to detect a failure of a constituent system (110 . . . 113) in a system of systems (1) consisting of a number of constituent systems (111 . . . 113) which exchange messages through a communications system (120), in which every constituent system (111 . . . 113) has a global time with a known granularity g, and at least one constituent system creates, at periodic creation times (210, 211) determined a priori from the progression of the global time, a time-triggered life-sign message, the time of transmission (211, 221) of this life-sign message in the time-triggered communications system (120), determined a priori from the progression of the global time, is synchronized with the creation time of this life-sign message, and the time of receipt (212, 222) of this life-sign message, determined a priori from the progression of the global time, is synchronized with the timeout time point (213, 223), determined a priori from the progression of the global time, of a monitor (130) of this life-sign message monitoring the arrival of the life-sign message, wherein an error message is triggered at the timeout time point if no life-sign message has arrived at the expected time of receipt (222).
The invention concerns a method for transmitting messages in a computer network, wherein the computer network comprises a first set of computing nodes (101-105), which computing nodes (101-105) are connected to each other by means of at least one star coupler (201, 202) and/or at least one multi-hop network (1000), wherein each of the computing nodes of the first set of computing nodes (101-105) is connected by means of at least one communication line (110) to the at least one star coupler (201, 201) or the at least one multi-hop network (1000), and wherein the computing nodes (101-105) exchange Ethernet messages with each other and the exchange of at least some of the Ethernet messages of the computing nodes (101-105) occurs in time controlled manner. It is provided that a) the computer network comprises a second set of computing nodes (106-108), which are connected to each other by a bus (210), and wherein the bus (210) is connected to the at least one star coupler (201) and/or the at least one multi-hop network (1000), and wherein b) the second set of computing nodes (106-108) exchange Ethernet messages with each other and the exchange of at least some of the Ethernet messages of the computing nodes (106-108) occurs in time controlled manner, and wherein preferably c) the second set of computing nodes (106-108) exchange Ethernet messages with the first set of computing nodes (101-105) and the exchange of at least some of the Ethernet messages of the computing nodes (101-108) occurs in time controlled manner.
The invention relates to a method for allocating control in a system-of-systems, in particular a dynamic system-of-systems consisting of a physical system PS, an autonomous control system CS, a human operator HO, a monitor component MK and an actuator controller AST, or comprising a physical system PS, an autonomous control system CS, a human operator HO, a monitor component MK and an actuator controller AST, wherein the CS uses a sensor system assigned thereto to cyclically monitor surroundings and/or the physical system itself and creates an internal model of the surroundings and/or the PS on the basis of this monitoring and performs an analysis of this model in order to determine control values for the AST and a criticality index KI of the scenario in a cycle, in particular in the current cycle, and wherein the MK cyclically monitors the HO and/or the actions thereof, in particular the current actions thereof, in order to determine an engagement index EI of the HO in a cycle, in particular in the current cycle, on the basis of this monitoring, and wherein the control over the PS is allocated to the HO when EI>KI.
The invention relates to a method for the redundant transmission of messages in a distributed real-time system, wherein the real-time system comprises two or more computing nodes (101-108) and one or more star couplers (201-209), wherein the computing nodes (101-108) are connected to the star couplers (201-209) by means of bidirectional communication lines (301, 302, 303) and the star couplers (201-209) are interconnected by bidirectional communication lines (310), and wherein the star couplers (201-209) connected by the communication lines (310) form a network infrastructure (200), wherein one or more star couplers (201-209) of the network infrastructure (200) perform one or more activity rasters (1000), wherein an activity raster (1000) consists of alternating active phases (502) and rest phases (501), and wherein any message sent in the network infrastructure is assigned to precisely one activity raster (1000). The invention also relates to a network infrastructure and also a real-time system comprising a network infrastructure of this type.
Embodiments of the invention relate to the dynamic creation of TT paths in a large computer network having computer nodes, communication channels, and distribution modules (DMs), which all have access to a global time base, wherein a scheduling instance, aimed at establishing a time-controlled path with specified path time characteristics from a transmitting to a receiving node along an existing virtual connection (VC), requests from each DM in the VC all the TT path descriptor lists (TTPDLs) confirmed by said DMs, then transmits the specified path time characteristics and all confirmed TTPDLs to a dynamic scheduler that creates a new TTPDL for each DM in the VC, the existing reserved TTPDLs of the DMs affected remaining unchanged, wherein the corresponding new TTPDLs are transmitted to each DM in the VC, and wherein each DM in the VC reserves the TT path requested and confirms the reservation to the scheduling instance.
Embodiments of the disclosed invention relate to a method for generating fail-silent synchronization messages in a distributed real-time system including a satellite receiver, a precision reference clock, a central computer, a monitor and a data block for storing configuration parameters. The satellite receiver periodically generates a time signal (S-signal) based upon time signals received from a satellite, and the reference clock periodically produces an actual time signal (R-signal) having a nominal frequency and phase identical to the frequency and phase of the S-signal. A periodic synchronization message is generated by the central computer based upon the S-signal the R-signal and parameters stored by the central computer. The monitor checks whether the transmission time contained in the synchronization message matches the actual transmission time and whether the distance between two successive synchronization messages lies within a tolerance interval; and if not, modifies the synchronization message such that the synchronization message is erroneous.
and then confirms this deterministic communication route in an accept phase by sending an accept message to the network switches of the existing communication route before the KZPT.
The invention relates to a method for the reliable switching of synchronization messages in a distributed computer system consisting of a number of node computers, wherein the management of a transparent clock conforming to IEEE Standard 1588 is supported, wherein a switching unit consists of four separate FCUs, specifically an input system EIN, two independent switching systems VER1 and VER2, and an output system AUS, and wherein a message arriving at EIN from a transmitting node computer is forwarded immediately in unmodified form from EIN directly to the two independent switching systems VER1 and VER2, and wherein VER1 provides the event of the arrival of the message with a timestamp, analyses the message and switches said message to (an) output port(s) associated with an address field of the message, and wherein VER1 opens the message and modifies a TIC field within the message in order to determine the delay period of the message in VER1, and wherein VER1 closes the message again by re-calculating a CRC field of the modified message and forwarding the closed message to AUS, and wherein VER2 provides the event of the arrival of the message with a timestamp, analyses the message and switches said message to the output port(s) associated with the address field of the message, and wherein VER2 opens the message and modifies the TIC field within the message in order to determine the delay period of the message in VER2, and wherein VER2 closes the message again by re-calculating the CRC field of the modified message and forwarding the closed message to AUS, and wherein AUS checks whether the content of the message delivered from VER1 matches the content of the message delivered from VER2, and wherein AUS checks whether the interval between the moment of receipt of the message delivered from VER1 and the moment of receipt of the message delivered from VER2 is smaller than a first interval determined a priori, referred to hereinafter as the interval_1, and whether the absolute value of the difference of the delay values stored in the two TIC fields is smaller than a second interval known a priori, referred to hereinafter as the interval_2, and wherein, in the case that one of these checks is negative, AUS interrupts the transmission of the message that is outbound via the addressed output ports or changes the outbound message in such a way that each message receiver identifies the incoming message as faulty.
The invention relates to a method for monitoring, at the correct time, TTEthernet (TT) messages communicated by a TTEthernet switch (TTE switch) in a distributed real-time computer system. According to the invention, the TTE switch has a global time having precision P and accuracy A, and the TTE switch has a plurality of communication channels and one or more monitoring channels, and the TTE switch contains a selection data structure that specifies which TT message classes are to be monitored, and a copy of a TT message which belongs to a TT message class selected for monitoring is formed in the TTE switch and is transmitted by the TTE switch via a monitoring channel to a monitoring node, and the TTE switch subsequently autonomously transmits an ET message containing an identifier and the exact transmission time of the monitored TT message via a monitoring channel to a monitoring node.
A method for fault recognition in a distributed real-time computer system comprising fault containment units (FCUs), which has a global timebase, wherein the fault containment units communicate by means of messages via at least one message distribution unit, wherein a commitment time is associated with a message formed by a fault containment unit, and wherein a message distribution unit that receives a message relays the message to one or more fault containment units operating in parallel, and wherein a processing fault containment unit (VFCU) does not transmit or use any of its results that are influenced by one or more of the received messages to the environment of the processing fault containment unit or before the commitment times associated with the received messages.
d) a component that is configured to consume a synchronization message will delay a received synchronization message upon reception for a duration that is calculated by an a priory configured value for the maximum transmission delay (“Maximum Transmission Delay”) minus the value of the sum of all delay values added to the received message before further usage of the message in the synchronization process of said component.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
In a network based on IEEE 1588, comprising a plurality of nodes (201, 501) and a plurality of connections where each connection connects at least two nodes to allow communication between nodes including the exchange of messages according to a network protocol, the synchronization of IEEE 1588 is improved by allowing multiple grandmaster clocks (701) to operate simultaneously in the system. Thus, the re-election protocol of IEEE 1588 is made obsolete. For this, a multitude of nodes form a subsystem implementing a high-availability grand master clock (301) according to the IEEE 1588 Standard, wherein the subsystem is configured to tolerate the failure of at least one of said nodes forming said subsystem. Bi-directional communication link (401) are configured for physically connecting a IEEE 1588 Master clocks (201) and/or IEEE 1588 Slave clocks (201) to the subsystem implementing a high-availability grand master clock (301).
A system comprises a plurality of nodes, at least one of the plurality of nodes configured to insert, on a per-virtual link basis, a delay value into a dynamic delay field of a frame corresponding to the respective virtual link, wherein the dynamic delay value represents latency of frames of the respective virtual link. The system also comprises a switch having a plurality of ports, each port coupled to one of the plurality of nodes. The switch is configured to route frames received from the plurality of nodes to one or more of the plurality of nodes. At least one of the plurality of nodes is configured to store frames received from the switch in a buffer and to update the value in the dynamic delay field to reflect the end-to-end system delay.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Machines and machine tools; motors and engines (except for
land vehicles); machine coupling and transmission components
(except for land vehicles); agricultural implements other
than hand-operated; automatic vending machines. Scientific, nautical, surveying, electric, photographic,
cinematographic, optical, weighing, measuring, signalling,
checking (supervision), life-saving and teaching apparatus
and instruments; apparatus for recording, transmission or
reproduction of sound or images; magnetic data-carriers,
recording discs; mechanisms for coin-operated apparatus;
cash registers, calculating machines, data processing
equipment and computers; fire-extinguishing apparatus. Scientific and industrial research; computer programming.
The invention relates to a method for fault identification in a System-on-Chip (SoC) consisting of a number of IP cores, wherein each IP core is a fault containment unit, and where the IP cores communicate with one another by means of messages via a Network-on-Chip, and wherein an excellent IP core provides a TRM (Trusted Resource Monitor), wherein a faulty control message which is sent from one non-privileged IP core to another non-privileged IP core is identified and projected by an (independent) fault container unit, as a result of which this faulty control message cannot cause any failure of the message receiver.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
[ Systems in the nature of electronic control units comprising displays, panels, and operator interfaces for, namely, tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; motors and engines other than for land vehicles; machine coupling and transmission components except for land vehicles ] Scientific, nautical, surveying, photographic, cinematographic, optical, weighing, measuring, signaling, life-saving, and teaching apparatus, namely, fault-tolerant networks for ground systems and traffic controls, electronic interlocking systems for train control, namely, computer hardware and software for electronic interlocking systems for train control; development systems for investigation of deterministic Ethernet features, namely, computer hardware and software for investigation of deterministic Ethernet features; apparatus and instruments for conducting, switching, transforming, accumulating, regulating or controlling electricity, fuel, hydraulics, air and other physical media, namely, highly-available distributed electrical controls, electrical switches, electrical controllers; apparatus for [ recording, ] transmission [ or reproduction ] of sound or images; [ blank magnetic data carriers, blank recording discs; ] data processing equipment and computers; computers; servers, namely, communication technology solutions for deterministic, fault-tolerant and hard real-time Ethernet networking for critical embedded systems and computing and data centers; computer hardware; computer and telecommunications networking hardware, namely, devices for transporting and aggregating voice, data, and video communications across multiple network infrastructures and communications protocols; computer network adaptors, switches, routers and hubs; wireless and wired modems and communication cards and devices, namely, computer expansion cards, peripheral component interconnect (PCI) cards, peripheral component interconnect mezzanine cards, and switched mezzanine cards; computer firmware for use in operating and maintaining the computer system; computer software for collection, editing, organizing, modifying, [ book marking, ] transmission, storage and sharing of data and information; semiconductors; microprocessors; integrated circuits; computer central processing units; microcomputers; computer chipsets for use in transmitting data; computer motherboards; [ computer graphics boards; ] [ computer peripherals and electronic apparatus for use with computers, namely, keyboards, computer joysticks and jog dials; ] structural parts, fittings, and testing apparatus for all the aforesaid goods; electronic control systems for machines Scientific and industrial research in the field of research and development for new products for others; Research and development of computer software; Research services in the field of information and telecommunications technology; computer programming; technical consultancy with regard to the use of computer hardware, computer software and communication technology and networks in companies and in internal and external, and global networks, in the field of communications technology and networks
69.
METHOD AND DEVICE FOR THE SAFE OPERATION OF A CONVERTER FOR ROTATING ELECTRICAL MACHINES
The invention relates to an intrinsically safe converter (4) or a converter (4) comprising a safety unit (7), and to a method for the safe operation of a converter (4) for rotating electrical machines (6), the converter (4) being arranged between an energy accumulator device (5) and a rotating electrical machine (6). Said method comprises the following steps: a) a nominal moment for the rotating electrical machine (6) is transmitted to the converter (4); b) the actual moment acting on the shaft of the rotating electrical machine (6) is determined; c) the actual moment is compared with the nominal moment; d) a safe state is activated when the deviation between the actual moment and the nominal moment is outside a set tolerance range, or e) the method continues to step a) when the values for the actual moment and the nominal moment are within a set tolerance range.
H02P 29/00 - Arrangements for regulating or controlling electric motors, appropriate for both AC and DC motors
B60L 3/00 - Electric devices on electrically-propelled vehicles for safety purposesMonitoring operating variables, e.g. speed, deceleration or energy consumption
B60L 3/04 - Cutting-off the power supply under fault conditions
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Systems in the nature of electronic control units comprising displays, panels, operator interfaces and software for, namely, tractors, construction machines, fork lifts, agricultural machines, elevating work platforms, mobile machinery, earth moving and drilling machines, fire fight trucks, snow groomers, ice-resurfacing machines, municipal vehicles, industrial robots, automatic guided machines and machine tools; motors and engines other than for land vehicles; machine coupling and transmission components except for land vehicles Scientific, nautical, surveying, photographic, cinematographic, optical, weighing, measuring, signaling, life-saving, and teaching apparatus, namely, medical controls, fault-tolerant networks for ground systems and traffic controls, electronic interlocking systems for train control, development systems for investigation of deterministic Ethernet features and the development of distributed real-time applications; apparatus and instruments for conducting, switching, transforming, accumulating, regulating or controlling electricity, fuel, hydraulics, air and other physical media, namely, highly-available distributed controls, switches, electrical controllers; apparatus for recording, transmission or reproduction of sound or images; blank magnetic data carriers, blank recording discs; data processing equipment and computers; computers; servers, namely, communication technology solutions for deterministic, fault-tolerant and hard real-time Ethernet networking for critical embedded systems and computing/data centres; computer hardware; computer and telecommunications networking hardware, namely, devices for transporting and aggregating voice, data, and video communications across multiple network infrastructures and communications protocols; computer network adaptors, switches, routers and hubs; wireless and wired modems and communication cards and devices; computer firmware for use in operating and maintaining the computer system; computer software for collection, editing, organizing, modifying, book marking, transmission, storage and sharing of data and information; semiconductors; microprocessors; integrated circuits; computer central processing units; microcomputers; computer chipsets for use in transmitting data; computer motherboards; computer graphics boards; computer peripherals and electronic apparatus for use with computers; structural parts, fittings, and testing apparatus for all the aforesaid goods; downloadable electronic publications in the area of computers, telecommunications, telephony, and wireless communications; electronic control systems for machines Education services, namely, providing seminars and workshops in the field of technology and software development, networking and communication technologies and related systems; IT training services Scientific and industrial research in the field of research and development for new products for others; Research and development of computer software; Research services in the field of information and telecommunications technology; computer programming; technical consultancy with regard to the use of computer hardware, computer software and communication technology and networks in companies and in internal and external, and global networks, in the field of communications technology and networks
71.
Method for synchronizing local clocks in a distributed computer network
A method for synchronizing local clocks in a distributed computer network, wherein end systems and switches of the network executes the method as a synchronization state machine, which uses three different frame types. The states in the state machine belong to an unsynchronized or to a synchronized set of states. All end systems being configured as Synchronization Master periodically send coldstart frames in one of the unsynchronized states, all end systems being configured as Synchronization Master react to the reception of a coldstart frame by sending a coldstart acknowledgment frame a first timeout after the reception of the coldstart frame on all replicated communication channels. First timeout is reset when a consecutive coldstart frame is received before the coldstart acknowledge is sent, and all Synchronization Masters react to the reception of a coldstart acknowledgment frame by starting a second timeout and enter a synchronized state when the second timeout expires.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
72.
Method for synchronizing local clocks in a distributed computer network
A method for synchronizing local clocks in a distributed computer network includes a number of components that are connected to each other via bi-directional communication links. An a priori configured set of components generates synchronization messages and sends these messages to the network. An a priori configured set of components consumes the generated messages. One or more message-relaying components in between a component that generates a synchronization message and the component that consumes the message adds delay value to the message reflecting the delay imposed by the message-relaying component. A component that is configured to consume a synchronization message delays a received synchronization message upon reception for a duration that is calculated by an a priori configured value for the maximum transmission delay minus the value of the sum of all delay values added to the received message before further usage of the message in the synchronization process.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
A communication method for transmitting TT Ethernet messages is a distributed real-time system, including a plurality of node computers. Each node computer has an Ethernet controller, which by way of a data line is directly connected to a port of a TTE star coupler, said port being uniquely associated with the node computer. A plurality of TTE star couplers are connected among each other by way of one or more data lines to form a TTE network. A TTE message scheduler dynamically calculates the conflict-free schedules for a number of time-controlled messages and signs the schedule provided for each node with a secret part of a public-key signature before it transmits said schedule to the corresponding node computer. Each node computer integrates the signed periodic schedule, which is transmitted to the node computer in the form of a TTE message header of an ETE message, into each dynamically calculated TTE message. The TTE star couplers check whether each dynamically calculated TTE message contains an authentically signed schedule.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
74.
PREVENTION OF MASQUERADE BY USING IDENTIFICATION SEQUENCES
The invention relates to a method for transmitting a message between a transmitter and a receiver on a bus using an identifier associated with the transmitter/receiver path for the purpose of authentication and a message counter. The identifier is dynamically selected from an identification sequence depending on the message counter value and is integrated into the message check sum but not transmitted via the bus. The invention further relates to a control device and to a vehicle which are adapted to carry out the method for transmitting a message.
The goal of the present invention is to improve the useful data efficiency and reliability in the use of commercially available ETHERNET controllers, in a distributed real time computer system, by a number of node computers communicating via one or more communication channels by means of TT ETHERNET messages. To achieve this goal, a distinction is made between the node computer send time (KNSZPKT) and the network send time (NWSZPKT) of a message. The KNSZPKT must wait for the NWSZPKT, so that under all circumstances, the start of the message has arrived in the TT star coupler at the NWSZPKT, interpreted by the clock in the TT star coupler. The TT star coupler is modified, so that a message arriving from a node computer is delayed in an intelligent port of the TT star coupler until the NWSZPKT can send it precisely at the NWSZPKT into the TT network.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
76.
Procedure and architecture for the protection of real time data
The object of the present invention is to safeguard the authenticity and integrity of real-time data in a distributed real-time computer system. The present invention considers other requirements of real-time data processing, such as the timeliness of real-time data transmission and limited resource availability. Frequent modification of an asymmetric key pair hinders intruders from cracking a key before its validity has expired. The present method can also be extended to safeguard the confidentiality of real-time data. It can be implemented efficiently on a multiprocessor system-on-chip (MPSoC).
Disclosed is a method for transmitting CAN messages via a CAN bus in a communication system including several network nodes with at least one respective CAN controller. According to the method, the authorization of a network mode to send a CAN message is arbitrated, an arbitration decision being made in a higher protocol layer than the transmission of the CAN message, and the CAN message is already sent by the transmitting network node, the latter providing a dominant level in the ACK field of the message. A network node which receives the CAN message does not generate a dominant level in the ACK field and does not send a complete error frame.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
78.
METHOD FOR SYNCHRONIZING LOCAL CLOCKS IN A DISTRIBUTED COMPUTER NETWORK
The invention relates to a method for synchronizing local clocks in a distributed computer network, where said computer network consists of a number of end systems and at least two switches, where each end system is connected to at least two switches via bidirectional communication links, and where a configured subset of end systems and switches executes the method in form of a synchronization state machine, characterized in that a) the state machine uses at least three different frame types (coldstart frame type, coldstart acknowledge frame type, and integration frame type), and b) the states in the state machine are either said to belong to an unsynchronized set of states or belong to a synchronized set of states, and c) all end systems that are configured as Synchronization Master periodically send coldstart frames in one of the unsynchronized states, and d) all end systems that are configured as Synchronization Master react to the reception of a coldstart frame by sending a coldstart acknowledgment frame a configurable first timeout (CSO) after the reception of the coldstart frame on all replicated communication channels, provided that the end system is in a state in which the synchronization state machine defines a transition for coldstart frames, and where said first timeout (CSO) is reset when a consecutive coldstart frame is received before the coldstart acknowledge is sent, and e) all end systems that are configured as Synchronization Master react to the reception of a coldstart acknowledgment frame by starting a configurable second timeout (CAO), provided that they are not already executing said first timeout (CSO), and entering a synchronized state when said second timeout (CAO) expires.
The invention relates to a method for synchronizing local clocks in a distributed computer network, where said computer network consists of a number of components that are connected to each other via bi-directional communication links, characterized in that a) an a priori configured set of components of the network generates synchronization messages and sends these synchronization messages to the network, and b) an a priori configured set of components consumes the generated synchronization messages, and c) one or more message-relaying components in between a component that generates a synchronization message and the component that consumes the synchronization message will add a delay value to the synchronization message reflecting the delay imposed by the message-relaying component, d) a component that is configured to consume a synchronization message will delay a received synchronization message upon reception for a duration that is calculated by an a priory configured value for the maximum transmission delay ('Maximum Transmission Delay') (501) minus the value of the sum of all delay values added to the received message before further usage of the message in the synchronization process of said component.
09 - Scientific and electric apparatus and instruments
14 - Precious metals and their alloys; jewelry; time-keeping instruments
Goods & Services
Motor control apparatus, in particular electronic motor
control apparatus, fitted with a communications control
system. Checking (supervision) instruments and data processing
apparatus for control of communication in distributed
computer systems, in particular fault-tolerant computer
systems. Time control apparatus, e.g. clock synchronisation
semi-conductors which start the communication checking
(supervision) process.
The invention relates to a bus system (SYS) for motor vehicles, comprising at least two bus nodes (BK1, BK2) disposed in regions (BE1, BE2) of the motor vehicle that are arranged spatially at a distance from each other, wherein the bus nodes (BK1, BK2) are connected to each other for communication, each of the bus nodes (BK1, BK2) having two redundant microprocessors (MC11, MC12; MC21, MC22), wherein signals can be read in and/or emitted via said microprocessors (MC11, MC12; MC21, MC22). The mutually connected bus nodes (BK1, BK2) are connected to each other in each case via two redundant high-speed cables (FR1, FR1’), wherein each microprocessor (MC11, MC12) of one bus node (BK1) is connected via such a high-speed cable (FR1, FR1) to one microprocessor (MC21, MC22) of a bus node (BK2) connected thereto. According to the invention, at least one of the bus nodes (BK1) furthermore comprises at least one third microprocessor (MC13), wherein the third microprocessor (MC13) is connected to the two other microprocessors (MC11, MC12) of the bus node (BK1) thereof, and the third microprocessor (MC13) is equipped to monitor the other two microprocessors (MC11, MC12) with respect to the functionalities thereof.
G06F 11/20 - Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
G06F 11/16 - Error detection or correction of the data by redundancy in hardware
09 - Scientific and electric apparatus and instruments
14 - Precious metals and their alloys; jewelry; time-keeping instruments
Goods & Services
Motor control apparatus, namely, electronic motor communication control apparatus for data communication which are fitted with a data communications control system Control instruments and data processing apparatus for sending data between computers in a network or distributed computer system, in particular fault-tolerant networks and computer systems Time control apparatus, namely, time, timing and clock synchronization semi-conductors that control and manage data communication between computers in a network
A method for transmitting messages via a time-controlled communication system (ZK) between a number of IP cores is provided. Each IP core has an information-processing subsystem (IVS) and a network controller (NK). Each NK has at least two interfaces, one for the ZK and a one for the IVS, wherein a distinction is drawn between privileged and non-privileged messages of the ZK, and where the transmission parameters relating to the ZK of a port of the NK, such as the periodically recurring transmission time of a message and the maximum transmission duration after each transmission time, can be set by a privileged message via the ZK or directly by a privileged entity. Each NK intending to transmit a message starts to transmit the message autonomously exactly at the time of the next set transmission time and interrupts the transmission process no later than the assigned maximum transmission duration has elapsed.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
84.
METHOD FOR SWITCHING FROM A DISTRIBUTED PRINCIPLE TO A MASTER-SLAVE PRINCIPLE IN A NETWORK
A Method for switching from a distributed principle to a master-slave principle in a network, wherein the network is consisting of a number of end systems (202 - 207), and wherein the end systems (202 - 207) are capable of exchanging information in the form of messages, characterized in that at least one concentrator device (303) is provided in the network and wherein the at least one concentrator device (303) a) is capable of manipulating arbitrary messages of one or more protocol layers received of an end system (202 - 207) before relaying said message, with or without manipulation, to the end systems, and/or b) is capable of generating arbitrary messages of one or more protocol layers, which messages are relayed to the end systems (202 - 207), and wherein the messages relayed by the concentrator device (303) are used in the end systems (202 - 207) for realizing at least one system level function, for example for the synchronization of the local clocks. Furthermore, the invention relates to different devices such as the concentrator device and a network with such a concentrator device.
Disclosed is a method for transmitting CAN messages (NAR) via a CAN bus (BUS) in a communication system (SYS) comprising several network nodes (KK1, KK2, KK1', KK2', KK1', KK2') with at least one respective CAN controller (CON, CON1, CON2). According to said method, the authorization of a network node (KK1, KK2, KK1', KK2', KK1', KK2') to send a CAN message (NAR) is arbitrated, an arbitration decision being made in a higher protocol layer than the transmission of the CAN message (NAR), and the CAN message (NAR) is already sent by the transmitting network node (KK1, KK2, KK1'), the latter providing a dominant level in the ACK field of said message. A network node (KK2', KK1', KK2') which receives the CAN message does not generate a dominant level in the ACK field and does not send a complete error frame.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
Machines and machine tools; motors and engines (except for land vehicles); machine coupling and transmission components (except for land vehicles); agricultural implements other than hand-operated; incubators for eggs. Scientific, nautical, surveying, electric, photographic, cinematographic, optical, weighing, measuring, signalling, checking (supervision), life-saving and teaching apparatus and instruments; apparatus for recording, transmission or reproduction of sound or images; magnetic data-carriers, recording discs; automatic vending machines and mechanisms for coin-operated apparatus; cash registers, calculating machines, data processing equipment and computers; fire-extinguishing apparatus. Providing of food and drink; temporary accommodation; medical, hygienic and beauty care; veterinary and agricultural services; legal services; scientific and industrial research; computer programming.
87.
Communication method and system for the transmission of time-driven and event-driven Ethernet messages
A communication method for transmitting Ethernet messages in a distributed real-time system in which a plurality of network node computers, e.g. four network node computers (111, 112, 113, 114), each comprising at least one communication controller (121, 122, 123, 124), are linked via a communication system comprising one or more communication channels (109), one or more intelligent star couplers (101, 102) being disposed in each communication channel. According to the invention, a distinction is made between conventional Ethernet messages (ET messages) and time-triggered Ethernet messages (TT messages), the TT messages being transported with an a priori known constant delay time (Δ) between transmitter and receiver, and, when there is a time conflict between ET and TT messages, the transport of the ET message that is in conflict being delayed or aborted in order to be able to transport the TT message with the constant delay time (Δ). Furthermore, the invention relates to a corresponding communication system and a star coupler for such a communication system.
09 - Scientific and electric apparatus and instruments
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Machines and machine tools; motors and engines (except for land vehicles); machine coupling and transmission components (except for land vehicles); agricultural implements other than hand-operated; incubators for eggs. Scientific, nautical, surveying, electric, photographic, cinematographic, optical, weighing, measuring, signalling, checking (supervision), life-saving and teaching apparatus and instruments; apparatus for recording, transmission or reproduction of sound or images; magnetic data-carriers, recording discs; automatic vending machines and mechanisms for coin-operated apparatus; cash registers, calculating machines, data processing equipment and computers; fire-extinguishing apparatus. Education; training; entertainment; sporting and cultural activities. Providing of food and drink; temporary accommodation; medical, hygienic and beauty care; veterinary and agricultural services; legal services; scientific and industrial research; computer programming.
09 - Scientific and electric apparatus and instruments
14 - Precious metals and their alloys; jewelry; time-keeping instruments
Goods & Services
Motor control apparatus, in particular electronic motor control apparatus, fitted with a communications control system. Checking (supervision) instruments and data processing apparatus for control of communication in distributed computer systems, in particular fault-tolerant computer systems. Time control apparatus, eg clock synchronisation semi-conductors which start the communication checking (supervision) process.
