-
公开(公告)号:US20200267080A1
公开(公告)日:2020-08-20
申请号:US16275389
申请日:2019-02-14
IPC分类号: H04L12/741 , H04L29/08 , H04L12/879
摘要: A system for data processing and storage in vehicles having a zone-based, central computing in-vehicle communications network architecture, includes a zone control unit (ZCU) that receives electronic messages from one or more sensors or electronic control units (ECUs) located within a zone of the vehicle, the ZCU comprising a protocol data unit (PDU) gating module that converts the electronic messages into a plurality of PDUs, and a switch-based Ethernet network that transmits the plurality of PDUs, using Ethernet protocol frames comprising the plurality of PDUs, to a central computing platform. The central computing platform includes an Ethernet handler module that decomposes the Ethernet protocol frames into individual PDUs for storage in a shared memory. The central computing platform further includes a plurality of parsing modules that are configured to access the individual PDUs from the shared memory and perform data processing on the individual PDUs.
-
2.发明授权公开(公告)号:US09952948B2
公开(公告)日:2018-04-24
申请号:US15078233
申请日:2016-03-23
发明人: Soheil Samii , Thomas E. Fuhrman , Massimo Osella
CPC分类号: G06F11/2033 , G06F11/1641 , G06F11/1658 , G06F11/2028 , G06F11/2041 , G06F11/2048 , G06F11/2097 , G06F2201/805
摘要: A method for fault tolerant controller readiness. Executing functions by a first controller operating in a primary status mode. Operating in a hot standby status mode by a second controller and mirroring the first controller by executing functions to operate as a redundant controller. Operating in a cold standby status mode by at least one backup controller under normal operating conditions. The second controller is reconfigured while operating under normal operating conditions from the hot standby status mode to the primary standby status mode if a failure occurs in the first controller. Reconfiguring the at least one backup controller operating under normal operating conditions from cold standby status mode to hot standby status mode to operate as a redundant controller in response to the reconfiguring the second controller from the hot standby status mode to the primary status mode.
-
公开(公告)号:US10958576B2
公开(公告)日:2021-03-23
申请号:US16275389
申请日:2019-02-14
IPC分类号: H04J3/22 , H04L12/741 , H04L12/879 , H04L29/08
摘要: A system for data processing and storage in vehicles having a zone-based, central computing in-vehicle communications network architecture, includes a zone control unit (ZCU) that receives electronic messages from one or more sensors or electronic control units (ECUs) located within a zone of the vehicle, the ZCU comprising a protocol data unit (PDU) gating module that converts the electronic messages into a plurality of PDUs, and a switch-based Ethernet network that transmits the plurality of PDUs, using Ethernet protocol frames comprising the plurality of PDUs, to a central computing platform. The central computing platform includes an Ethernet handler module that decomposes the Ethernet protocol frames into individual PDUs for storage in a shared memory. The central computing platform further includes a plurality of parsing modules that are configured to access the individual PDUs from the shared memory and perform data processing on the individual PDUs.
-
4.发明授权Methods and apparatus for isolating safety functions in a motion control system for a vehicle 有权用于隔离车辆运动控制系统中的安全功能的方法和装置公开(公告)号:US09244460B2
公开(公告)日:2016-01-26
申请号:US14144987
申请日:2013-12-31
CPC分类号: G05D1/0055 , B60W50/0098 , B60W50/02 , B60W50/045 , B60W2050/0006 , G05D2201/0213
摘要: The present disclosure relates to an automated system for use in connection with longitudinal deceleration, longitudinal acceleration, and lateral acceleration functions. The system includes an interface receiving signals from and transmitting signals to a controller. The system also includes a safety kernel system comprising safety kernel software and a set of safety rules. Also disclosed are methods for use in a motion control system in connection with vehicle deceleration, acceleration, and lateral acceleration. The methods in some cases include receiving an initial request into a safety kernel software and determining whether the safety kernel software has received an override. The methods can also include detecting a violation of any primary safeguards defined by the safety kernel software, detecting a violation within a set of secondary safeguards defined by the safety kernel software, and adjusting the initial request to a modified level; and transmitting the modified level to an actuator.
摘要翻译: 本公开涉及一种用于与纵向减速,纵向加速和横向加速功能相结合的自动化系统。 该系统包括从控制器接收信号和向控制器传输信号的接口。 该系统还包括一个包括安全内核软件和一组安全规则的安全内核系统。 还公开了用于与车辆减速,加速度和横向加速度相关的运动控制系统中的方法。 在某些情况下,方法包括将初始请求接收到安全内核软件中,并确定安全内核软件是否已经接收到覆盖。 这些方法还可以包括检测违反由安全内核软件定义的任何主要安全措施,检测由安全内核软件定义的一组次级安全措施中的冲突,并将初始请求调整到修改级别; 并将修改的电平传送到致动器。
-
5.发明申请METHODS AND APPARATUS FOR ISOLATING SAFETY FUNCTIONS IN A MOTION CONTROL SYSTEM FOR A VEHICLE 有权用于隔离车辆运动控制系统中的安全功能的方法和装置公开(公告)号:US20150185732A1
公开(公告)日:2015-07-02
申请号:US14144987
申请日:2013-12-31
CPC分类号: G05D1/0055 , B60W50/0098 , B60W50/02 , B60W50/045 , B60W2050/0006 , G05D2201/0213
摘要: The present disclosure relates to an automated system for use in connection with longitudinal deceleration, longitudinal acceleration, and lateral acceleration functions. The system includes an interface receiving signals from and transmitting signals to a controller. The system also includes a safety kernel system comprising safety kernel software and a set of safety rules. Also disclosed are methods for use in a motion control system in connection with vehicle deceleration, acceleration, and lateral acceleration. The methods in some cases include receiving an initial request into a safety kernel software and determining whether the safety kernel software has received an override. The methods can also include detecting a violation of any primary safeguards defined by the safety kernel software, detecting a violation within a set of secondary safeguards defined by the safety kernel software, and adjusting the initial request to a modified level; and transmitting the modified level to an actuator.
摘要翻译: 本公开涉及一种用于与纵向减速,纵向加速和横向加速功能相结合的自动化系统。 该系统包括从控制器接收信号和向控制器传输信号的接口。 该系统还包括一个包括安全内核软件和一组安全规则的安全内核系统。 还公开了用于与车辆减速,加速度和横向加速度相关的运动控制系统中的方法。 在某些情况下,方法包括将初始请求接收到安全内核软件中,并确定安全内核软件是否已经接收到覆盖。 这些方法还可以包括检测违反由安全内核软件定义的任何主要安全措施,检测由安全内核软件定义的一组次级安全措施中的冲突,并将初始请求调整到修改级别; 并将修改的电平传送到致动器。
-
6.发明授权公开(公告)号:US10575155B1
公开(公告)日:2020-02-25
申请号:US16366492
申请日:2019-03-27
发明人: Fan Bai , Thomas E. Fuhrman , Soheil Samii , Prathap Venugopal , Massimo Osella
摘要: Method and system for interfacing a plurality of providers and a plurality of recipients that are independently located with a unified vehicle service framework having a quality of service filter and a broker module. A first cloud unit has at least one of the plurality of providers and the plurality of recipients. A first vehicle and a second vehicle each respectively have another at least one of the plurality of providers and the plurality of recipients. A second cloud unit has yet another at least one of the plurality of providers and the plurality of recipients. The unified vehicle service framework is configured to receive a subscription request and determine whether it is granted based in part on a quality of service score assigned by the quality of service filter. When the subscription request is granted, respective services from plurality of providers are routed through the broker module.
-
公开(公告)号:US10102085B2
公开(公告)日:2018-10-16
申请号:US15246803
申请日:2016-08-25
发明人: Soheil Samii , Thomas E. Fuhrman
摘要: A method for dynamically re-allocating controller functions based on minimizing utilization. A lookup table is generated based on functions and mode of operations. Each entry in the lookup table includes a number of executions required for a respective function in a respective mode of operation. Functions for execution to the controllers are assigned based on the number of executions for a function of an entry of a respective mode of operation. A utilization rate is determined for each controller in each mode of operation. Utilization rates of the various modes of operation are compared for each of the controllers. Matching utilization rates are identified between controllers of different modes of operations. A multi-mode re-allocation of function execution in the controller is coordinated by switching a set of pre-allocated functions between different controllers within a respective mode of operation to reduce the utilization rate of at least one controller.
-
8.发明授权公开(公告)号:US10037016B2
公开(公告)日:2018-07-31
申请号:US15078248
申请日:2016-03-23
发明人: Soheil Samii , Markus Jochim , Thomas E. Fuhrman , Massimo Osella
IPC分类号: G05B19/042 , G05B9/03
CPC分类号: G05B19/0425 , G05B9/03 , G05B2219/24033 , G05B2219/25022
摘要: A modified dual-duplex fail-operational control system. A primary controller includes a first processing unit and a second processing unit for executing a function. A first comparative module comparing the function results from the first and second processing unit to determine an error the first controller. A second controller includes a first processing unit and second processing unit. The first processing unit executes the function. The second processing unit operating in a non-redundant state and not executing the function while in the non-redundant state. A second comparative module determines whether an error is present in the second controller. A matching function result identified by the first comparative module of the first controller is input to second comparative module of the second controller to determine whether an error is present in the second controller utilizing only the matching function result identified by the first comparative module and the function result determined by the first processing unit of the second controller.
-
9.发明授权Architecture for scalable fault tolerance in integrated fail-silent and fail-operational systems 有权集成故障静音和故障操作系统中可扩展容错的架构公开(公告)号:US09563523B2
公开(公告)日:2017-02-07
申请号:US14688083
申请日:2015-04-16
发明人: Thomas E. Fuhrman , Soheil Samii
CPC分类号: G06F11/2028 , G06F11/1637 , G06F11/2038 , G06F2201/805
摘要: An integrated fail-silence and fail-operational control system includes a primary controller controlling features of devices while operating under non-fault operating conditions. A secondary controller includes a fail detector/decider module monitoring faults in the primary controller. The fail detector/decider module determines whether the fault in the primary controller is associated with a fail-silence requirement or a fail-operational requirement. If the fail detector/decider module determines the fault is a fail-silence requirement, then the fail detector/decider module actuates a shutdown command to the primary controller to shut down a feature affected by the fault where the feature becomes non-operational. If the fail detector/decider module determines that the feature associated with the fault is a fail-operational requirement, then the fail detector/decider module signals the primary controller to relinquish controls of the feature to the secondary controller. The secondary controller functions as a high assurance system for controlling the feature in a fail-operational mode.
摘要翻译: 集成的故障静默和故障操作控制系统包括主控制器,在非故障运行条件下运行时控制设备的特性。 次级控制器包括故障检测器/判定器模块,用于监视主控制器中的故障。 故障检测器/判定器模块确定主控制器中的故障是否与故障静默要求或故障操作要求相关联。 如果故障检测器/判定器模块确定故障是故障静默要求,则故障检测器/判定器模块致动到主控制器的关机命令,以关闭受特征变得不可操作的故障影响的特征。 如果故障检测器/判定器模块确定与故障相关联的特征是故障操作要求,则故障检测器/判定器模块发信号通知主控制器将特征的控制放弃到次级控制器。 辅助控制器作为在故障操作模式下控制特征的高保证系统。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.016 秒)
