This invention relates to a fail-safe system which, through periodic initialization, prevents erroneous operation of a vehicle control computer that processes various calculations of a control system of a vehicle by a software program.
It is well known, e.g. in U.S. Pat. No. 3,969,614 and U.S. Pat. No. 3,835,819 etc., that an integrated digital microcomputer may be used to control vehicle systems. However, when the computer is mounted on a vehicle without any modification and used on it, register memories may be disturbed by ignition pulses supplied to the vehicle engine and other external noise, resulting in erroneous operation. Furthermore, under the conditions of high temperature and high moisture, the computer itself or a part of the content of the memory may be damaged. When the engine is cranking, the power supply voltage of the vehicle decreases considerably, particularly at low temperatures. At such times there may be a danger that the control flow is disturbed and the computer stops operation. A publicly known countermeasure for preventing erroneous operation of the computer is to detect the state of error in the computer and then to instruct a safe operation to it in accordance with the result of detection.
However, in the prior art method, it was necessary to provide a special means for discriminating the error. The means itself can not bring forth any desired effect in such a severe vehicle environment as described above. On the other hand, a problem of cost increase arises. As is well known in the art, when computers typically found in automotive control systems are supplied with a low voltage, or intense noises induced about the computer, all functions of the computer may be stopped. Many prior art systems do not provide means for restoring the operation of the computer.