The Safety Standards ask for new approaches to mechatronic systems design for machines. The solutions based on Codesys, that proved to be useful, risk not to be adequate to the safety requirements. The solution proposed presents a new hardware design for a construction of earthmoving machine control system, based on a fully redundant hardware, where Codesys-based microcontroller is coupled with a traditional C language programmed microcontroller, not modifiable by the machine constructor. On the contrary, the Codesys-based microcontroller can be programmed by the machine manufacturer specialists, in order to adapt a basic control function to different machine types, using a protected programming environment and certifiable programming blocks, to create the desired control function in a safe way. The novelty of the solution is the safety requirements and criteria satisfaction, even if a modified Codesys-based machine control strategy is applied to the main microcontroller, without updating the redundant microcontroller's firmware. The solution shows a fully featured application of the last safety standards for SIL 2 or Performance Level C electronic control systems, implementing a Category 3 or 4 hardware with a sufficient diagnostic coverage.
A Safety Compliant Universal Machine Control Unit Using Codesys
Dian M;Malaguti G;Ruggeri M
2012
Abstract
The Safety Standards ask for new approaches to mechatronic systems design for machines. The solutions based on Codesys, that proved to be useful, risk not to be adequate to the safety requirements. The solution proposed presents a new hardware design for a construction of earthmoving machine control system, based on a fully redundant hardware, where Codesys-based microcontroller is coupled with a traditional C language programmed microcontroller, not modifiable by the machine constructor. On the contrary, the Codesys-based microcontroller can be programmed by the machine manufacturer specialists, in order to adapt a basic control function to different machine types, using a protected programming environment and certifiable programming blocks, to create the desired control function in a safe way. The novelty of the solution is the safety requirements and criteria satisfaction, even if a modified Codesys-based machine control strategy is applied to the main microcontroller, without updating the redundant microcontroller's firmware. The solution shows a fully featured application of the last safety standards for SIL 2 or Performance Level C electronic control systems, implementing a Category 3 or 4 hardware with a sufficient diagnostic coverage.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
