APPARATUS AND METHOD FOR A SECURITY-CRITICAL APPLICATION

摘要

In the case of programmable controllers for security-critical applications in a machine environment, it is necessary for the operation of security-relevant program components not to be influenced by errors or processes from other program components. Various criteria can be used for the flow control for application programs, for example the flow control can take place on the basis of a runtime system in conjunction with an operating system. The invention relates to an apparatus and a method for the parallel and independent operation of a normal program and a secure program on the basis of a runtime system structure, wherein it is proposed that all components that are relevant to the control be integrated on a hardware component 30 with a specific hardware architecture 300 and be isolated from one another by means of a runtime system structure 33, 34, 301 for two runtime systems that is at least of dual design, so as to be able to make changes to non-security-relevant components without restriction. The isolation can be provided particularly by prioritizing one of the runtime systems. Such a runtime system structure 301 or hardware architecture 300 means the follow-up certification of user-programmable controllers is not necessary, and the certification of the security-critical component continues to be valid even when changes to the non-security-relevant components are made.