System for activating the distress beacon of an aircraft
US-9562963-B2 · Feb 7, 2017 · US
Fault detection in a multi-core safety-critical avionics system
US9891978B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-9891978-B1 |
| Application number | US-201514958635-A |
| Country | US |
| Kind code | B1 |
| Filing date | Dec 3, 2015 |
| Priority date | Dec 3, 2015 |
| Publication date | Feb 13, 2018 |
| Grant date | Feb 13, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system and method may ensure certified operation of a safety-critical avionics system incorporating a multi-core processor (MCP) aboard an aircraft via external architectural mitigation. A redundant processing element (RPE) may be associated with a processing core of the MCP and with safety-critical applications configured to execute on the core. The critical applications generate critical results based on sensed critical data parameters and pass the parameters and results to an external system monitor. The system monitor performs fault detection external to the original core by comparing the critical results and the critical data parameters and notifies the associated critical application if a fault is detected. The associated critical application may then log the fault to a fault history, reset an associated sensor, or notify the crew of the fault.
First claim
Opening claim text (preview).
We claim: 1. A certified safety critical avionics system, the system comprising: a multi-core processor (MCP) including two or more processing cores distributed among at least one processing unit; two or more redundant processing elements (RPE), each RPE associated with a processing core of the two or more processing cores, each RPE including at least one critical function configured to execute on the associated processing core, the at least one critical function configured to receive at least one critical data element; and generate at least one critical result associated with the at least one critical data element; at least one system monitor operatively coupled to the two or more processing cores, the at least one system monitor configured to: receive one or more of the at least one critical data element and the at least one associated critical result from the at least one critical function; detect at least one fault associated with the at least one critical function based on one or more of the at least one critical data element and the at least one associated critical result; notify the at least one critical function of the at least one detected fault; the at least one critical function further configured to process the at least one detected fault; at least one fault log of the MCP, the at least one fault log including one or more fault histories, each fault history associated with a processing core of the two or more processing cores; and at least one warning device communicatively coupled to the MCP, wherein at least one RPE of the two or more RPEs is assigned to the associated processing core based on a fault history associated with the associated processing core. 2. The system of claim 1 , wherein the at least one processing unit includes at least one of a single-core processor, a dual-core processor, and a multi-core processor having three or more processing cores. 3. The system of claim 1 , wherein the at least one critical data element includes at least one parameter received from a sensor of the aircraft. 4. The system of claim 1 , wherein the at least one system monitor is configured to detect the at least one fault by comparing the at least one critical data element and the at least one associated critical result. 5. The system of claim 1 , wherein the at least one critical function is configured to generate the at least one associated critical result by encrypting the at least one critical data element. 6. The system of claim 1 , wherein the at least one critical function is configured to process the at least one detected fault by logging one or more of a) the at least one detected fault, b) the at least one critical function associated with the at least one detected fault, c) the at least one RPE associated with the at least one detected fault, and d) the at least one processing core associated with the at least one critical function to the at least one fault log. 7. The system of claim 1 , wherein the at least one critical function associated with the at least one detected fault is configured to: generate at least one alert associated with the at least one detected fault; and deliver the at least one alert to at least one crewmember of the aircraft via the at least one warning device. 8. The system of claim 1 , wherein the at least one warning device includes at least one of an auditory warning device, a visual display system, and a tactile warning device. 9. The system of claim 1 , wherein the at least one critical function includes at least one safety-critical avionics application. 10. A method for certified operation of a safety-critical avionics system, the method comprising: assigning at least one redundant processing element (RPE) to a processing core of a multi-core processor (MCP) of the system based on a fault history associated with the processing core, the MCP including two or more processing cores distributed among at least one processing unit, the at least one RPE including at least one critical function configured to execute on the associated processing core; receiving at least one critical data element via the at least one critical function; generating at least one critical result associated with the at least one critical data element via the at least one critical function; sending one or more of the at least one critical data element and the at least one associated critical result to at least one system monitor; detecting, via the at least one system monitor, at least one fault associated with the at least one critical function based on one or more of the at least one critical data element and the at least one associated critical result; notifying the at least one critical function of the at least one detected fault via the at least one system monitor; and processing, via the at least one critical function, the at least one detected fault, wherein processing, via the at least one critical function, the at least one detected fault includes: logging, via the at least one critical function, one or more of a) the at least one detected fault, b) the critical function associated with the at least one detected fault, c) one more RPEs associated with the at least one detected fault, and d) at least one processing core associated with the at least one detected fault to at least one fault history of the system, the at least one fault history associated with the at least one processing core. 11. The method of claim 10 , wherein receiving at least one critical data element via the at least one critical function includes: receiving at least one parameter sensed by a sensor of the aircraft via the at least one critical function. 12. The method of claim 11 , wherein processing, via the at least one critical function, the at least one detected fault includes: resetting, via the at least one critical function, the at least one sensor. 13. The method of claim 10 , wherein generating at least one result associated with the at least one critical data element via the at least one critical function includes: generating at least one result associated with the at least one critical data element by encrypting the at least one critical data element via the at least one critical function. 14. The method of claim 10 , wherein detecting, via the at least one system monitor, at least one fault associated with the at least one critical function based on one or more of the at least one critical data element and the at least one associated result includes: detecting, via the at least one system monitor, at least one fault associated with the at least one critical function by comparing the at least one critical data element and the at least one associated result. 15. The method of claim 10 , wherein processing, via the at least one critical function, the at least one detected fault includes: generating, via the at least one critical function, at least one alert associated with the at least one detected fault; and delivering the at least one alert to at least one crewmember of the aircraft via at least one warning device.
Assignees
Inventors
Classifications
in a multiprocessor or a multi-core unit (multiprocessors per se G06F15/80) · CPC title
Error or fault detection not based on redundancy (power supply failures G06F1/30; network fault management H04L41/06) · CPC title
- G06F11/0772Primary
Means for error signaling, e.g. using interrupts, exception flags, dedicated error registers · CPC title
in a data processing system embedded in automotive or aircraft systems · CPC title
Error or fault reporting or storing · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9891978B1 cover?
- A system and method may ensure certified operation of a safety-critical avionics system incorporating a multi-core processor (MCP) aboard an aircraft via external architectural mitigation. A redundant processing element (RPE) may be associated with a processing core of the MCP and with safety-critical applications configured to execute on the core. The critical applications generate critical re…
- Who is the assignee on this patent?
- Rockwell Collins Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F11/0772. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 13 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).