The invention relates to programmable sequence control operation for machines, and processes such as industrial machines or processes and it relates more particularly to high-security programmable sequence control apparatus, systems and methods.
It is known to control an industrial process sequentially, e.g. to cause the performance of a series of machine functions or process operations such that some of the steps will not be performed unless a predetermined event, which can be an earlier step, has occurred. Sequential control can be achieved with a stored set of program instructions successively read out and executed, and such control requires that at times these instructions provide for jumping, or branching out of the succession. Sequence controllers are well known, and an overview of the state of the prior art can be found in "Programmable Logic Controllers -- an Update" by N. Andreiev in Control Engineering of September, 1972, pages 45-47 and in "Programmable Logic Controllers-Painless Programming to Replace The Relay Bank" by G. Lapidus in Control Engineering of April 1971, pages 49-60. If the memory is programmable, a given hardware apparatus can be instantly adapted to fit a particular industrial process. Sequence controllers can be hard-wired, or they may use software coordinating logic elements used for decision and control. In a digital controller, conversation between the functional units is accomplished essentially by binary logic according to Boolean algebra. As a result of such logic steps, a logic decision is taken involving input conditions and output commands which admit of only two opposite states such as yes or no, do or do not, true or false, on or off. These states pertain for instance to limit switches, relay, valves or other such two-state power devices which are associated with the controlled process. A sequence controller can establish a predetermined sequence of outputs, each in one of two states, which is used to control a machine or a process and in this respect a sequence controller is distinguishable from other control systems which perfom data handling, logging or monitoring functions. The latter are generally associated with more complex control systems involving computation of data such as found in adaptive process control, for instance.
In contrast, a rather simple structural organization is practical with sequence controllers, although sequence controllers may be found also within more complex control systems, particularly in digital computer systems. As a result of this relative conceptual simplicity, efforts have been made in the past to reduce the structural combination to that essential for cost reduction and increased reliability. This trend is better represented by a combination of read-only-memory (ROM) units and a software translation, with coded instructions stored therein, of the logic coordination of the input and output signal units. Still, versatility and reliability demand a certain degree of comlexity which must be attained at the lowest cost as well as within the constraints of the simple basic structure of a sequence controller e.g. a short word length, a limited capacity for the memory, and, as a result, the availability of only a few elementary instructions.
Amond the requirements which need to be satisfied for the control of a real time process operation, an important requirement is the necessity of preventing any output command from being translated into process operation unless it is safe and desired to do so. A particular and critical control step can be unsafe to the human operator, or it may represent a risk of damage to the machinery, and equipment or the processed material. All such conditions must be anticipated and the logic of control by the sequence controller should take them into account so that only permissible output commands are provided.
As generally known, programmable logic controllers are designed to perform sequencing operations by first scanning signal inputs such as from relay contacts, limit switches, pushbuttons, valves, etc., then comparing the inputs to the conditions specified in the program and finally be energizing or deenergizing signal outputs in accordance with the programmed instructions. See in this respect "Programmable Logic Controllers" by G. Lapidus, Control Engineering, April 1971, pages 49-60.
It is known also in a programmed sequence controller to advance the control steps when machine functions, or process operations at a given step are matched with a pattern of input conditions. In particular, the prior art proposes logical interlocks to inhibit certain output signal functions in the programmed sequence until certain other input signal functions have been accomplished, and to this effect hardwiring is provided between input conditions sensed and an AND logic operation responsive to the output function to be abled or disabled. Seen in this regard U.S. Pat. No. 3,719,931 of R. L. Schroeder issued Mar. 6, 1973.
The prior art also shows that in sequence control apparatus is advantageous to use a programmable matrix of logic elements, rather than hard-wired logic, in order to modify the sequence of the control operations. See for instance, French Pat. No. 1,493,229 granted July 17, 1967 of Siemens and Halske A. G.
However, none of the above references is teaching the use of a separate high-security sequencer having selected outputs so interlocked that the propriety of outputs requested by the base programmed matrix of the controller is tested before enabling an actual ouput command, which is one important feature of the apparatus, system and method according to the present invention.
The prior art also shows two sequencers interlocked by an AND logic element to make them operate in dependency upon each other. See in this respect U.S. Pat. No. 3,651,482 of Benson issued Mar. 21, 1972. However, the sequencers disclosed in the Benson Patent are operating in parallel within a common processor and interlocking does not occur in one of them.
It is also known from the U.S. Pat. No. 3,783,251 of T. M. Pavkovich issued Jan. 1, 1974 to use two programs in digital automatic control, one program having stored predetermined critical characteristics which are compared at all times with the operative characteristics imposed by the other program so that when a mismatch occurs an interlocking signal is generated to stop the process or the machinery. Thus, one program generates a representation of all the critical parameters not to be exceeded for safe control and it monitors actual operation by the other program in order to detect any operation approaching criticality. In contrast, the present invention teaches the use of a separate high-security program having inherently safe control characteristics, and the base program does not actually exert control on the machine or process in relation to critical output functions unless the instructions to be performed have been effectively taken over by the high-security program. In addition, the present invention rather than stopping the entire operation of the process or machinery, proposes effective control operation in a prescribed and predetermined safe sequential order.
It is an object of the present invention to provide a sequence controller which is free from the prior art disadvantages and inconveniences.
Another object of the present invention is to provide a sequence controller of simple design but increased versatility.
Still another object of the present invention is to provide a sequence controller having selectable high-security features for application to control of machines and processes.