1. Field of the Invention
The present invention relates to industrial automation systems and, more particularly, to a method and device for performing failsafe hardware-independent floating-point arithmetic.
2. Description of the Related Art
The question of machine safety, i.e., functional safety, is becoming increasingly important in industrial automation. Functional safety is concerned with the demand that processes, which are potentially dangerous to humans or the environment, require risk reduction if the initial risk is unacceptably high. This observation relates to machines such as presses, rollers, robotic manipulators, the track occupancy on rail networks or the operation of cableways forth. The importance of functional safety is supported by standardization, such as the general basic International Electrotechnical Commission (IEC) standard 61508 for electrical and electronic systems.
Functional safety relates to all the components of a safety chain. However, the central, key element of the safety chain is the controller that performs the decision to switch the installation into the safe state. Here, the concept of the controller comprises any form of stored program or programmable logic control, i.e., both actual hardware controllers and state-of-the-art implementations such as Soft Programmable Logic Controller (PLC) (e.g., Siemens WinAC RTX) on embedded controllers, industry PCs and the like.
Conventionally, safety functions are primarily defined as logic decisions whose notation requires only logic data (BOOLEAN) and integers (INT, DINT). The typical intervention of such a safety system comprises switching off power supplies. Increasingly, the focus is shifting to more complex safety functions. This development is driven largely by applications in the field of motion control. Here, recent requirements include functions such as “safe speed”, “safe position”, “safe stop”, “safe torque” and others whose processing involves the use of floating-point numbers. Further impetus for the increased use of floating-point numbers comes from the field of process control.
Two principles are available for implementing failsafe control, i.e., hardware diversity and software diversity.
Hardware diversity is based on the use of parallel and optionally diverse arithmetic units with subsequent consistency checking. This hardware diversity and software diversity represents the state of the art, and is marketed by many manufacturers to provide logical safety functions.
A solution based on software diversity is used in the F-series of the SIMATIC product family from Siemens, for example. Until now, safety programs in Distributed Safety could only utilize the data types BOOL, INT, and DINT as described above, and thus provide mainly logical safety functions. The validation is based on diverse internal notation using arithmetic codes. This exemplary solution is known from the publication DE 102 19 501.
Application of this solution to floating-point numbers using arithmetic codes was examined in principle, and found to offer insufficient performance for product application. The execution times that were achieved are too long due to the complexity of the processing, particularly if an application is required in a realtime system.
In addition, floating-point numbers involve the occurrence of rounding problems, which cause further difficulties for the implementation of functional safety and are not addressed at all by the arithmetic codes model.
As a result of this situation, hardware-independent and hardware-based single-channel safe floating-point operations have not previously been available on the market.