SYSTEMS AND METHODS FOR FAIL SAFE PROCESS EXECUTION, MONITORING AND OUTPUT CONTROL FOR CRITICAL SYSTEMS

摘要

Methods and systems for fail-safe process execution, monitoring and output control for critical systems operating on an open bus architecture with multiple, independent partitions on a single processor is presented. The control system state variables and their status of critical systems, within the control laws and mode logic, are monitored for process completion and health, and shut down if necessary. The embodiments provide for a dual path for shut down of, for example, flight critical systems so that the failure of one partitioned module does not affect the operation of the remaining partitioned modules. One path involves the CPM (10) and IOC (20) determination of command/response health. If persistent faults are detected, then either the DSP (30) monitoring or the CPM performance monitoring results in a discrete signal being sent to the H-bridge (40) disable (403) to shutdown the current output. The second path is CPM controlled via a separate discrete signal on the input/output controller (20) to the flight critical system shut-off valve (60). By implementing these separate paths, critical systems in one partition cannot be defeated by a single failure in another partition (102).