[go: up one dir, main page]

EP3111283A1 - Procédé pour faire fonctionner un élément de commutation sûr d'une installation - Google Patents

Procédé pour faire fonctionner un élément de commutation sûr d'une installation

Info

Publication number
EP3111283A1
EP3111283A1 EP15707322.2A EP15707322A EP3111283A1 EP 3111283 A1 EP3111283 A1 EP 3111283A1 EP 15707322 A EP15707322 A EP 15707322A EP 3111283 A1 EP3111283 A1 EP 3111283A1
Authority
EP
European Patent Office
Prior art keywords
mode
user
display
user interface
switching element
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP15707322.2A
Other languages
German (de)
English (en)
Inventor
Franz Kaufleitner
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
B&R Industrial Automation GmbH
Original Assignee
Bernecker und Rainer Industrie Elektronik GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bernecker und Rainer Industrie Elektronik GmbH filed Critical Bernecker und Rainer Industrie Elektronik GmbH
Publication of EP3111283A1 publication Critical patent/EP3111283A1/fr
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/04Programme control other than numerical control, i.e. in sequence controllers or logic controllers
    • G05B19/10Programme control other than numerical control, i.e. in sequence controllers or logic controllers using selector switches
    • G05B19/106Programme control other than numerical control, i.e. in sequence controllers or logic controllers using selector switches for selecting a programme, variable or parameter
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/04Programme control other than numerical control, i.e. in sequence controllers or logic controllers
    • G05B19/042Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
    • G05B19/0423Input/output
    • G05B19/0425Safety, monitoring
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/04Programme control other than numerical control, i.e. in sequence controllers or logic controllers
    • G05B19/041Function-oriented details
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/18Numerical control [NC], i.e. automatically operating machines, in particular machine tools, e.g. in a manufacturing environment, so as to execute positioning, movement or co-ordinated operations by means of programme data in numerical form
    • G05B19/409Numerical control [NC], i.e. automatically operating machines, in particular machine tools, e.g. in a manufacturing environment, so as to execute positioning, movement or co-ordinated operations by means of programme data in numerical form characterised by using manual data input [MDI] or by using control panel, e.g. controlling functions with the panel; characterised by control panel details or by setting parameters
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/25Pc structure of the system
    • G05B2219/25163Transmit twice, redundant, same data on different channels, check each channel
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/34Director, elements to supervisory
    • G05B2219/34316Install nc system, check voltages, power supply with incorporated a-d

Definitions

  • the invention relates to a method for actuating a mode selector element of a plant by a secure control process, the plant having a functional control and communication links, and wherein the functional controller comprises a memory unit, a (flow) control device, a display and a user interface.
  • Safety switches perform a personal protection function, and any malfunctions can result in serious personal injury. Therefore, there are special precautions for safety switches. For example, safety components must not be bypassed, turned away, removed or otherwise rendered ineffective. Furthermore, for example, a switching operation may only be triggered directly and directly by specially provided actuators.
  • safety control process in particular a control process is considered in connection with the subject description, which causes a change in the operating mode of the system.
  • Machines and other systems of the newer generation usually have a machine or system visualization, which is based on an integrated operating concept and has an access and authentication concept tailored to the system requirements. Due to the requirements set out above, it is currently not possible to integrate the selection of the operating mode into the system visualization or the access and authentication concept.
  • An advantageous embodiment of the invention may have the additional step of performing an identity check of the user upon receiving the user input and / or the confirmation. This prevents a circumvention of the security measures.
  • the method can be applied in an advantageous manner to a system in which at least parts of the user interface are displayed on the display as visualization elements, so that the method can also be used with modern operating concepts.
  • Visualization element or “visualized element” in this context, all elements are referred to, which can be computer-aided generated and made visible to the user. This relates in particular to displays on a screen, for example in the form of so-called “icons”, which can be selected or changed, for example by mouse click or touch-sensitive screens ("touchscreen”), by touching them or in some other way. Visualization elements can also be displayed in three dimensions, such as in holographic representation or as an element on a 3D screen, and selected for example by 3D gesture control.
  • the operation selection actuator can be displayed as a visualized element on the display. This allows the operation selection actuator to be available only to authorized users. The item may either not be displayed at all to unauthorized users, or it may be marked as not selectable by a changed appearance (e.g., colorless or pale).
  • the step of checking may further comprise the following steps:
  • the request for confirmation of the user input may be a visualized element that is displayed spatially offset from the operation selection actuation element.
  • the input can be made very intuitive by, for example, the same or a similar element (for example, in a different color or shape) appears at a different location on the screen for the user after pressing the mode-actuating element, which then confirms the Selection must be pressed again.
  • the communication steps of the method according to the invention run unnoticed in the background for the user. As a result, it can also be avoided that operating mode actuating elements are actuated inadvertently.
  • a plant visualization can be displayed on the display.
  • a standardized interface device for example in the form of a tablet PC, can perform the entire functionality of the user interface. This allows a subsequent adaptation, modification or supplementation of the appearance or the functionality of the interface even without hardware changes.
  • at least one communication connection can use a bus protocol.
  • the inventive method makes it possible to transmit safe control commands via a potentially unsafe bus connection. This avoids the need for a separate wiring.
  • bus protocols any protocols may be used which are appropriate for the respective application.
  • Ethernet protocols such as POWERLINK, Ethernet IP, ProfiNet, Ethercat, etc. are used in automation.
  • safety protocols are usually used, such as OpenSAFETY, ProfiSafe, ClPsafety, Safety over Ethercat, etc.
  • Ethernet protocols and safety protocols are well known. which is why it will not be discussed further here.
  • the method according to the invention can be used universally for different installations, such as, for example, machines, steam boiler systems, transport devices, power plants or other energy supply installations.
  • FIG. 1
  • Fig. 1 shows a block diagram of an exemplary plant, with which the method according to the invention can be used, and
  • Fig. 2 illustrates the steps of the method according to the invention in a flow chart.
  • FIG. 1 schematically shows, by way of example, a compilation of some elements of an automated production line, with the individual components communicating with one another via a bus 1.
  • a machine 2 a mode switching element 3, a computing unit 9 and a control console 5 are connected to each other via the bus 1.
  • FIG. 1 a symbol for a deep drawing press is shown in FIG. 1, but it should be understood that the method according to the invention can also be advantageously used with completely different machines or systems in which the provision of a secure control is required or desired.
  • the machine 2 is connected to an emergency stop switch 4, wherein an actuation of the emergency stop switch 4 is not communicated via the bus 1 for safety reasons. Therefore, the emergency stop switch 4 is connected to the machine 2 via a direct wiring 6, as required by the relevant standards and is generally common.
  • the display 7 and some or all operating elements 8 can also be designed as a touchscreen operating panel, whereby particularly intuitive operating concepts become possible, wherein a machine visualization can also be integrated into the display or the control panel.
  • the control unit for the flow control of the machine 2 can either be integrated in the control console 5, or it can be designed as a separate unit, which is particularly advantageous if the flow control requires more complex arithmetic operations, as for example in the control of CNC cells necessary is.
  • Fig. 1 is a own computing unit 9, which has a memory unit 10, provided for the flow control of the machine 2.
  • control console 5 and the arithmetic unit 9 together form the functional controller 1 1 of the machine 2.
  • the user selects the desired operating sequences for the machine 2 via the control console 5.
  • the user input is transmitted via the bus 1 to the arithmetic unit 9, evaluated by this and converted into control commands, which in turn are transmitted via the bus 1 to the corresponding actuators of the machine 2.
  • the arithmetic unit 9 also evaluates sensor information received from the machine 2 via the bus 1 and sends display information to the control console 5.
  • the arrangement of the machine control elements in Figure 1 is purely exemplary and well known in the art in that it can be realized in many different ways. Depending on the application concept, several different bus systems can also be used or wireless transmission systems can also be used.
  • operating mode switching element 3 is understood to mean a switching element whose positioning functionality acts directly on the machine 2.
  • the operating mode switching element 3 is connected to the machine 2 via a direct wiring 6 ', so that safe control commands can be transmitted from the mode selector switch element 3 directly to the machine 2 without the signal line having to be shared with other elements, as is the case with the bus topology.
  • the mode switching element 3 is connected on the one hand via the direct wiring 6 'to the machine 2, on the other hand, it also has a connection to the bus 1, via which it can communicate with the other elements of the system.
  • the operating mode switching element 3 is separated from the associated operating mode actuating element 3 '- in the case illustrated in FIG. 3, a mode selection switch.
  • the mode switching element 3 and the associated mode actuating element 3 'thus enable safe control for the selection of the operating mode in this example.
  • the operating mode actuating element 3 ' can also be represented, for example, as a virtual object on a touchscreen user interface and actuated by the user via this surface, as indicated in FIG. 1.
  • FIG. 2 illustrates the individual steps of the method according to the invention in a block diagram, reference being also made in the following description to elements which are illustrated in FIG.
  • a mode actuator 3 ' is provided to a user for secure control at a user interface, for example, at the display 7.
  • This mode actuator may also be arranged as a separate control on the control console 5.
  • actuation of the mode actuator may require a key or other means of identification, but release may also be based on a general access and authentication concept.
  • the mode actuator may also be implemented as an interactive virtual object, for example in the case of a touch screen display on which the mode actuator 3 'may be actuated by touching the touch screen. This makes it possible to provide the switching element only if this requires the situation and the required authorization is available. For example, a two-hand switch, such as two spaced-apart buttons, could only be superimposed on the screen if the workflow required the actuation of that switch.
  • step 102 user input is received at the user interface, due to which the configuration of the mode switching element 3, and thereby the operating mode of the machine 2, is to be changed. This can be done, for example, by turning the operating selector switch or by touching the corresponding virtual object or the corresponding virtual objects on the touchscreen.
  • step 103 the data of the selected configuration change is backed up.
  • the protection can either take place in a separate memory element of the control console 5, or in another memory unit, such as the memory unit 10 of the computing unit 9 shown in FIG. 1.
  • the data are stored on the one hand to be available for the later step of the test On the other hand, the stored data can be used as log files.
  • the data for the selected configuration change is transmitted from the functional controller 1 1 via the bus 1 to the mode switching element 3.
  • the selected configuration of the mode switching element 3 is not taken over immediately, but it is initially generated a security query.
  • step 105 the operating mode switching element 3 transmits the received data (or data corresponding thereto, from which the received configuration change results) to the functional controller 11.
  • step 106 a check is made as to whether the configuration change transmitted back to the functional controller 11 from the mode switching element 3 in step 105 coincides with the configuration change stored in step 103 and sent to the mode controller in step 104. Switching element 3 has been transmitted.
  • this step may also require user input if desired by security protocols.
  • a request for confirmation of the user input is displayed on the display 7.
  • This request can be presented in a variety of ways as required, such as in the form of a pop-up window or as a virtual control element appearing on an interactive user interface, or by the flashing of a button.
  • the confirmation request could also be signaled, for example, by the fact that the currently operated spaced control surfaces change color and must be pressed again, or if the control surfaces change position (eg jump to another position), so the hands have to follow them.
  • the user can thus confirm the confirmation prompt at the user interface in any manner, for example by pressing a key, by clicking or touching a control panel, by a gesture or in any other manner known in the art.
  • the acknowledgment is transmitted to the mode switching element 3. This ensures on the part of the mode switching element 3 that the signaled change in the configuration was neither an oversight nor a signaling error.
  • the mode switching element 3 assumes the selected configuration, this being signaled directly to the machine 2 via the direct wiring 6 'and switching to the new operating mode.
  • step 101 Thereafter, the process may be restarted again at step 101, either as needed or as needed, providing the mode actuator either permanently or made available only on the basis of certain conditions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Manufacturing & Machinery (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Safety Devices In Control Systems (AREA)

Abstract

L'invention concerne un procédé pour faire fonctionner un élément de commutation à sélections de fonctionnement d'un système par une opération de commande sécurisée, l'installation comportant une commande fonctionnelle et des liaisons de communication, et la commande fonctionnelle comportant une unité de stockage, un dispositif de commande (déroulement), un affichage et une interface utilisateur. Le procédé comprend les étapes suivantes consistant à : produire un élément d'actionnement à sélections de fonctionnement sur une interface utilisateur ; recevoir sur l'interface utilisateur une entrée utilisateur pour changer le mode de fonctionnement ; transmettre les données du changement de mode de fonctionnement à l'élément de commutation à sélections de fonctionnement ; retransmettre les données du changement de mode de fonctionnement de l'élément de commutation à sélections de fonctionnement à la commande fonctionnelle ; vérifier si le mode de transmission des données retransmises coïncide avec le mode de fonctionnement sélectionné par l'utilisateur ; transmettre une confirmation à l'élément de commutation à sélections de fonctionnement ; et changer le mode de fonctionnement par le biais de l'élément de commutation à sélections de fonctionnement.
EP15707322.2A 2014-02-26 2015-02-25 Procédé pour faire fonctionner un élément de commutation sûr d'une installation Ceased EP3111283A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AT501452014 2014-02-26
PCT/EP2015/053879 WO2015128341A1 (fr) 2014-02-26 2015-02-25 Procédé pour faire fonctionner un élément de commutation sûr d'une installation

Publications (1)

Publication Number Publication Date
EP3111283A1 true EP3111283A1 (fr) 2017-01-04

Family

ID=52596961

Family Applications (1)

Application Number Title Priority Date Filing Date
EP15707322.2A Ceased EP3111283A1 (fr) 2014-02-26 2015-02-25 Procédé pour faire fonctionner un élément de commutation sûr d'une installation

Country Status (3)

Country Link
US (1) US10088822B2 (fr)
EP (1) EP3111283A1 (fr)
WO (1) WO2015128341A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3024099B1 (fr) * 2014-11-18 2020-06-10 Komax Holding AG Dispositif de traitement de câble
JP6798461B2 (ja) * 2017-09-26 2020-12-09 横河電機株式会社 通知制御装置、通知制御システム、通知制御方法、及び通知制御プログラム
EP3629141B1 (fr) 2018-09-28 2021-04-14 Sick Ag Procédé et dispositif de contrôle d'une valeur paramétrique de configuration
FR3100635B1 (fr) * 2019-09-10 2021-08-06 Schneider Electric Ind Sas Système de sécurisation d’un dispositif

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6661653B1 (en) 1999-07-21 2003-12-09 Paul M. Holmen Apparatus for data entry
DE10353210A1 (de) 2003-11-13 2005-06-16 Siemens Ag Sichere Erfassung von Eingabewerten
DE102004055971B8 (de) 2004-11-19 2012-06-21 Kw-Software Gmbh Verfahren und Vorrichtung zur sicheren Parametierung gemäß IEC 61508 SIL 1 bis 3 oder EN 954-1 Kategorie 1 bis 4
EP1895374B1 (fr) 2006-08-29 2016-04-06 Rockwell Automation Technologies, Inc. Dispositifs HMI dotés d'un comportement défini par l'utilisateur
DE102009042354C5 (de) * 2009-09-23 2017-07-13 Phoenix Contact Gmbh & Co. Kg Verfahren und Vorrichtung zur sicherheitsgerichteten Kommunikation im Kommunikations-Netzwerk einer Automatisierungs-Anlage

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
None *
See also references of WO2015128341A1 *

Also Published As

Publication number Publication date
WO2015128341A1 (fr) 2015-09-03
US10088822B2 (en) 2018-10-02
US20160370785A1 (en) 2016-12-22

Similar Documents

Publication Publication Date Title
EP3058427B1 (fr) Procédé et système de télécommande d'une machine-outil au moyen d'un dispositif de télécommunication mobile
EP3383598B1 (fr) Système manipulateur et procédé d'identification de dispositifs de commande
EP2453326B1 (fr) Procédé et système destinés à la commande d'une machine issue de la technique d'automatisation
WO2007131603A1 (fr) Procédé et système pour la modification de données de sécurité pour un dispositif de commande
EP3111283A1 (fr) Procédé pour faire fonctionner un élément de commutation sûr d'une installation
EP3064050B1 (fr) Système de contrôle d'un appareil de travail agricole
WO2018039692A1 (fr) Procédé de fonctionnement d'un système de commande industrielle et système de commande correspondant
DE102014216982A1 (de) Bedienvorrichtung, die mit einem mobilen Handgerät koppelbar ist
WO2013152847A1 (fr) Système et procédé de maintenance de machine
EP2422248B1 (fr) Système et procédé de répartition de données de projets d'un controlleur de sécurité d'une installation automatisée aux composants de commande
WO2006125404A1 (fr) Procede pour regler un appareil de terrain electrique
EP3470937B1 (fr) Procédé et dispositifs de surveillance du temps réactionnel d'une fonction de sécurité fournie par un système de sécurité
AT516652B1 (de) Formgebungsanlage
DE10161924A1 (de) Verfahren zur Zweihandbedienung einer flächigen Anzeige- und Bedieneinheit, mit berührungssensitivem Display, HMI Gerät, Automatisierungssystem und Computerprogrammprodukt zur Durchführung des Verfahrens
EP4152108B1 (fr) Dispositif de sécurité et procédé de fonctionnement d'un dispositif de sécurité
EP4500282A1 (fr) Procédé pour effectuer des vérifications de sécurité sur un contrôleur de sécurité modulaire
EP3719595B1 (fr) Operation d'un système technique
EP2618522A1 (fr) Procédé de conception assistée par ordinateur d'une installation d'automatisation
WO2003032141A2 (fr) Procede de commande a deux mains d'une unite d'affichage et de commande plate, ecran tactile, appareil hmi, systeme d'automatisation et produit programme d'ordinateur pour la mise en oeuvre dudit procede
DE102022113080A1 (de) Sicherheitszuhaltung
DE102005054140B4 (de) Verfahren und Vorrichtung zur Unterscheidung der Herkunft von Bedieneingaben
EP2312408A1 (fr) Commande de sécurité modulaire
EP1921525B1 (fr) Méthode d'opération d'un système de sécurité
EP3048498B1 (fr) Procédé de lecture de données de diagnostic provenant d'une commande de sécurité
DE102022115488A1 (de) Steuerungssystem mit betriebssicherer Eingabe

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20160720

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: B&R INDUSTRIAL AUTOMATION GMBH

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20200623

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20210801