What is a programming domain

The present invention is in the field of automation technology, in particular industrial automation technology, and relates to a method for sequence control of program modules. The present invention also relates to a real-time operating system, a control unit, a control device and a computer program product.

A change is foreseen in automation technology, from the use of classic programming languages ​​to the use of high-level languages.

So far, for example, the IEC 61131 standard has regulated the syntax and semantics of programming languages ​​for programmable controllers. A unified suite of programming languages ​​for programmable controllers is proposed. This suite has two text languages ​​(Instruction List and Structured Text) and two graphic languages ​​(Ladder Diagram and Function Block Diagram). In addition, the IEC 61131 standard defines features that simplify communication between program controllers and other components of an automated system.

Current topics such as Industry 4.0, the Internet of Things or the VDI's CPS agenda show that automated systems will be characterized by a high proportion of networking and software in the future. There will be a change from classic IEC 61131-3 programming to modern high-level languages. By 2018, the code used should be around 70% outside of the languages ​​defined by IEC. The existing requirements, such as real-time capability and consistency, are supplemented by greater flexibility, more security and better maintainability.

As a result, there will also be technical changes in the future in the manufacture of programmable logic controllers and / or runtime environments.

describes a control method and a method for executing multiple programs on multiple processing devices operating in parallel. In this case, a time signal generator is assigned to each of several processing devices operating in parallel, and when it is run on the assigned processing device, a control method for executing programs is carried out.

However, the use of a time signal generator has the disadvantage that the speed of processing data in a real-time operating system can be reduced.

It is an object of the present invention to provide a solution for improving sequence controls for real-time operating systems.

According to the invention, this object is achieved by the features of claim 1. Furthermore, the object is achieved by a real-time operating system according to claim 13, a control device according to claim 14, a control device according to claim 15 and a computer program product according to claim 16. Further refinements result from the subclaims.

In the method according to the invention for sequence control of program modules, provision of a control device and provision of a description file including configuring the description file for controlling a program sequence are provided. The method further includes providing a plurality of program modules that can be executed by a real-time operating system, the program modules being created using one or different programming languages. Furthermore, the method has selected program modules triggered by the control device executing specifications in the description file.

The control device can be designed as an execution and synchronization manager or Execution and Synchronization Manager (ESM).

The use of such a control device enables programs from different programming domains to be treated or executed in an equivalent manner.

For example, program modules can be executed that are each programmed in at least one of the programming languages ​​according to the IEC 61131 standard, in Matlab / Simulink, C ++, C # or JAVA or Python. Other programming languages ​​are also possible. According to the IEC 61131 standard (edition 3.0, 2013-02), two text languages, namely Instruction List (IL) and Structured Text (ST) and two graphic languages, namely Ladder Diagram (LD) and Function Block Diagram (FBD) specified. These programming languages ​​can be used together with high-level programming languages ​​in a sequence control.

The control device allows a simple configuration of tasks similar to IEC 61131-3, which allows the integration of program instances in different programming languages. For this purpose, the control device uses a number of operating system processes and threads in order to enable high-performance integration into the underlying real-time operating system.

Accordingly, a single programming language can be used for all program modules. It is also possible to use different programming languages ​​for two or more program modules.

When the program modules are triggered, the description file, which can also be referred to as a configuration file, is no longer addressed. Such a response would take too much time and slow down processing. Rather, the configuration file (s) is read when the system is started and only executed during the processing phase. In this case, the control device provides for the information from the description file to be executed. Thus, specifications for the execution of the program modules result from the content of the description file. These specifications are provided by configuring the description file. As a result, the program modules are triggered under Execute configuration defined in the description file.

The program modules are controlled, for example, with the aid of a programming interface, in particular with an API (API = application programming interface). The description file, which can be provided, for example, as an XML file (XML = Extensible Markup Language File), is used to configure when the programs are addressed and thus executed. With the help of the control device, program modules can be executed and status information on the program sequence, e.g. task runtimes, can be recorded.

The control device can itself be initialized and controlled by a PLC manager (PLC = Programmable Logic Controller). This, for example, sets the controller to RUN / STOP and carries out restarts. During operation, the control device is triggered cyclically by events (software or hardware) in order to process an execution logic.

A large number of description files or configuration files can also be used for flow control. Further description files can contain a configuration of additional tasks and their assigned program modules. For example, a description file, for example in the form of an XML file, could describe a main task (Task-Main), another description file could describe a control task (Task-Crtl) and another description file could describe a synchronization task (Task-Sync). The configuration files can simply be merged into one configuration if this does not result in any contradictions. For this reason, the control device or a control device in the function of a master (ESM master) should know and read in all configurations.

In a preferred embodiment, the method has a multiple triggering of at least one of the program modules by the control device.

Addressing the description file is not necessary for this, so that processing times can be kept short. Other task types or task types such as event and idle task can also be supported. The description file or the multiplicity of description files are advantageously only read for the initial configuration, but not during execution.

In a further preferred embodiment of the method it is provided that the control device is designed to trigger at least some of the program modules in such a way that they can be executed in different processes managed by the real-time operating system.

In this way it is possible to use only the program modules that are required and also to execute processes in parallel in order to use time resources efficiently.

In a further development of the method, it is provided that the real-time operating system is designed to execute the processes and / or program modules as a function of predetermined priorities.

By setting priorities, control tasks can be processed according to their importance or urgency.

Furthermore, in one embodiment of the method, recording and evaluation of the sequence control by the real-time operating system can be provided.

For recording and evaluation, additional marker points can be recorded and statistics generated.

In a further embodiment, the method can provide for an expansion of the sequence control by means of an additional program module without restarting a control system.

A control system describes a sequence control in which program modules can typically be loaded, started, debugged, stopped and unloaded. The control system is based on the real-time operating system.

It is advantageous that the control system can be expanded without having to interrupt the control system for a restart. In this way, operations can continue.

In a further embodiment, the method can have a division of the sequence control into different processes.

Such a distribution can better utilize the advantages of different processes of the real-time operating system, e.g. memory protection mechanisms.

Furthermore, in a further embodiment of the method, a statistical evaluation can be created using profiling information.

Here, marks or markings can be introduced into the control device in order to generate the profiling information. Profiling information is understood to be information for analyzing the runtime behavior of software. According to this, statistical data can be evaluated to improve the process control and used for statistical purposes.

In a further embodiment, the method comprises introducing at least one recording mark into a program module for providing an application diagnosis.

A recording mark can be understood as a location in a program module which makes it possible to obtain information relating to its execution via a specific part of a program module. This information can then be used to create a diagnosis in order to evaluate the executed application. This can be a single application or the entire application of the control task.

In a further embodiment, the method comprises using the control device as a master and providing at least one further control device as a slave, which is subordinate to the control device as a master.

The use of a slave can then be used to advantage if a program module is to be executed in a further process. If the entire application runs in a single process, there is no need for a slave.

Tasks are an organizational unit for the execution of programs. OS processes and OS threads (OS = Operating System or Operating System) can be used for the technical implementation of these organizational administrative units. Here it is desirable to enable synchronized processing of tasks across OS process limits. It is generally not possible for the master to create OS threads in other OS processes. For this reason, this can be done by a slave in every participating OS process. The master can take over the execution of the programs or program modules. If, on the other hand, only one OS process is used, all programs and threads can be executed without slaves.

For example, the master and slave can communicate via interprocess communication if they run on the same device. The communication is advantageously implemented on the lowest level with basic functionalities of the operating system. If the master and slave run in different devices, these devices can be linked to one another via a data connection.

Furthermore, in a further preferred embodiment, the method can have the control device assigning individual tasks defined in the description file to program modules.

Accordingly, the control device can distribute individual tasks within the control system in order, for example, to improve the utilization of the control system. A task or a multiplicity of these can be a subset of a process within a control task.

Furthermore, the object of the present invention is achieved with a real-time operating system for sequence control of program modules comprising a control device. Here, the real-time system has a description file stored in a memory device which defines a program sequence. Furthermore, a plurality of program modules that can be executed by the real-time operating system are provided, which are created using one or different programming languages, the control device being designed to trigger the program modules by executing specifications from the description file.

The real-time operating system (RTOS) is an operating system that is able to meet the real-time requirements of applications. In this context, compliance with defined response times in the field of automation technology is of particular importance in order to avoid damage to an installed and controlled system.

The object of the present invention is achieved with a control device for sequence control of program modules in one or different programming languages ​​in a real-time operating system. For this purpose, the control device has a processor and a memory for performing the method according to the invention.

The control device can be designed in the form of an execution and synchronization manager or Execution and Synchronization Manager (ESM). The control device can prioritize central tasks of the control, distribute them to existing program modules and receive information from the individual program modules and analyze this information.

Furthermore, the object of the present invention is achieved by a control device for sequence control of program modules in different programming languages ​​in a real-time operating system. For this purpose, the control device has a control device according to the invention, a processor, a memory, and at least one interface to an automation device.

Here, a control device can be a control device that is installed in an automation system. Here, the control device according to the invention is part of the control device according to the invention. It is also possible to distribute the control device to several computer cores or cores of a multicore processor.

Furthermore, the object of the present invention is achieved with a computer program product. For this purpose, the computer program product has program code means for performing the method according to the invention, the computer program product running on a computer system in a real-time operating system.

The computer program product can, for example, be a data carrier that is made available in an automation system in order to carry out the method according to the invention.

Overall, the proposed control technology offers a flexible solution that can dynamically adapt to future developments in the field of automation technology. Due to its openness, the proposed control architecture, in contrast to previously closed systems, allows the desired applications to be implemented individually and still set up on a stable basis. This can be ensured not only for the target group of high-level language programmers, but also for previously installed automation systems in the context of IEC 61131-3 programming.

Some exemplary embodiments of the invention are shown purely schematically in the drawings and are described in more detail below. It shows:

  • 1 an embodiment for controlling an overall application in an automation system according to the present invention;
  • 2 an embodiment of the present invention of a schematic structure with a control device as a master and two further control devices as a slave; and
  • 3 an embodiment according to the present invention of a control of a program flow by a control device.

1 shows an embodiment for controlling an overall application 10 in an automation system according to the present invention.

In this context, an overall application is understood to mean all programs or program modules, tasks or tasks and configuration settings that are required for execution on a control device. It is irrelevant whether the control unit or the controller is the only one or is one of several devices.

The cyclical processing of programs or program modules is typical for automation. A feedback to the user orUser is typically not given as part of these cycles.

In 1 is a schematic structure of three tasks 20, 30, 40 or tasks are shown, which a total of four programs or program modules 21, 31, 32, 41 Execute synchronized from the domains IEC 61131-3, C ++ and Matlab / Simulink. The program module 21 is a CPP filter and programmed in the programming language C ++. The program module 31 is an IEC Prepare program and programmed in one of the programming languages ​​according to the IEC standard. The program module 32 is a SIM-CTRL program, i.e. a control program, and is programmed in the programming language Matlab / Simulink. The program module 41 is an IEC sync program, i.e. a synchronization program, and is programmed in one of the programming languages ​​according to the IEC standard. In this context, the terms “program” and “program module” are used interchangeably.

After the end of the procedure or process of the program module 30 is via an interface 33 via a communication link 34 the task 40 with the program module 41 causes to start.

The tasks 20, 30, 40 the 1 have to run the entire application 10 different priorities, with the task 20 the task has the lowest priority as the main task 30 as a control task or Ctrl task has a medium priority and the task 40 has the highest priority as an event task or event task with synchronization tasks. It also has the task 20 a cycle time of 5 ms (ms = milliseconds), and the task 30 of 30 ms. The task 40 runs once and ends when the program module 41 or the program has been processed in the program module (event: proc_end).

2 shows an embodiment of the present invention of a schematic structure with a control device 50 as a master, a control device subordinate to the master 60 as the first slave and a further control device subordinate to the master 70 as a second slave. This is where the master component and slave components 50, 60, 70 used to coordinate program modules from different program domains in different processes. Furthermore, in 2 different operating system processes or OS processes 11, 12, 13 shown, the respective OS threads 14, 15, 16, 17, 18 exhibit.

The procedure according to the invention allows the composition of heterogeneous task contents. The processing sequence within a task can be freely selected, is not specified by the system and a consistent data exchange between program instances is possible.

The configuration of the master 50 and its tasks 20, 30, 40 takes place using one or more description files, here in the form of one or more XML files, which allow configuration instead of programming. This means that the function of a system can be changed during runtime without the individual application parts having to be recompiled. The description file or the XML-based configuration also allows the user to make adjustments directly to the control or to use their own external tools and toolchains.

The structure of the description file, in particular in the form of an XML file, can be specified by clearly defined schema files, which enable the configuration to be checked quickly. The specification of tasks and the associated program instances in several description files or XML configuration files allows the overall application to be split up 10 into functional modules that can be created by different developer groups or suppliers. This not only facilitates the development of a complex system control, but also the step-by-step expansion of a running system. The overall application must therefore 10 are not available from the start, but can be composed of sub-modules.

Every task 20, 30, 40 can also be assigned to a processor core, a group or to all processor cores of the controller by defining parameters in the description file or XML file.

A flexible system of master and slave components 50, 60, 70 also allows the user to run programs across process boundaries. This is an advantageous prerequisite for the separation of programs from different users, which are executed in this way in encapsulated memory areas. The memory protection mechanisms of the underlying real-time operating system can serve as the basis for this. For security reasons, it is therefore possible to restrict the access of programs or program modules according to the user rights.

In 2 configures the master 50 via active compounds 51, 52 one program module each 21, 41 of a slave 60, 70. Here, configuration refers to the provision of priority information by the master 50. Furthermore, in 2 Communication links 53, 54, 57, 58 present to switch between the individual program modules 21, 31, 32, 41 and a task 20, 30, 40 Exchange commands and information or feedback. The information is sent back and forth between the master and slave instances or received. Commands are, for example, trigger commands (“triggers”) from the task 20, 40 to the program module 21, 41. Feedback is received from the program modules, for example 21, 41 to the tasks 20, 40 sent ("reports"). Furthermore, trigger commands ("triggers") are also issued by the task 30 each to the program modules 31, 32 over the communication links 55, 56 sent, communication taking place within an OS thread.

With the proposed procedure, it is possible to transfer the known tasks from the IEC standardization to the world of high-level languages. The control device therefore currently supports cyclic tasks, idle tasks and event-based tasks, which are mapped onto the priority-controlled processes and threads of the real-time operating system. In addition to this priority-controlled execution, the control device also enables the task to be executed in response to the occurrence of a special event. With this freely configurable system it is therefore possible to mix program instances from different programming domains within one task and to execute them together. This also opens the process models known from IEC 61131-3 for other domains.

By the degrees of freedom that the task execution with the control device 50 however, the complexity of configuration and analysis also increases. Therefore, the control device offers 50 Integrated mechanisms for detailed profiling based on available extensions of the real-time operating system. The user is thus given the opportunity to observe, evaluate and record different properties of the task execution and the operating system. These properties include the execution times of the tasks and program instances, the frequency of task displacement, latency and jitter, system load or watchdog monitoring. With the help of dynamic ring buffers, this information can also be evaluated for post mortem analyzes after an error.

In addition, the central storage of the profiling information offers the control device 50 the possibility to carry out statistical evaluations or to make this data available for further analyzes via remote server services.

3 shows an embodiment according to the present invention of a control of a program flow by a control device 50. The control device 50 can also access auxiliary instances to carry out an automation task, such as a slave or several slaves, as in 2 shown.

3 shows a simplified representation of a coordination or control of control tasks by a control device 50such as in 2 is shown. Here are the tasks described 20, 30, 40 the 1 by the control device 50 controlled. With this control or its evaluation, it can be clearly understood when the individual programs and tasks are being displaced by higher-level processes. These higher processes are reserved for the operating system and are called OS processes 19 in 3 shown.

3 shows the time on the x-coordinate and processes or priority of the process on the y-coordinate. Thus, as already has to 1 explained the task 20 the lowest priority and the task 40 the highest priority. RTOS is a high priority thread 90 of the real-time operating system (RTOS), which has the highest priority. The high priority thread 90 or high priority OS thread 90 is therefore part of the real-time operating system.

So the first task is temporal 20 with the program module 21 executed, however, by a real-time process 19 the operating system is interrupted. The task is then processed 30 with the program modules 31 and 32. Following this is the task 40 with the program module 41 processed. Here, too, there are temporal interruptions in the program modules due to real-time processes 19. After the higher priorities have been processed, the task begins again 20 and following that is the task 30 executed so that a cyclical processing of the tasks in 3 is indicated.

Overall, a functionality is made possible according to the invention as a component of a new firmware architecture, on the basis of which new industrial controls are implemented. This architecture is initially implemented for use on a device or control device. However, the architecture is designed in such a way that expansion to multiple devices is possible. This is the case, for example, in a redundancy system in which two controls are synchronized with one another.

The aim here is to supplement the classic programming of controls with high-level languages. For this purpose, a smooth transition between IEC 61131-3 and the world of high-level languages ​​is sought. In addition to the support of such languages, this also requires seamless integration of the various programming domains. These include Matlab / Simulink, C ++, C #, JAVA, Python and the languages ​​of IEC 61131-3. For such a seamless integration, the controller should be able to transfer the sequence known from IEC 61131-3 with program instances and tasks to the sequence of the other programming domains. Despite these more complex requirements for technical implementation, aspects of data security, usability, flexibility and, above all, performance are also guaranteed.

List of reference symbols

10
Overall application
11
OS process
12
OS process
13
OS process
14
OS thread
15
OS thread
16
OS thread
17
OS thread
18
OS thread
19
OS process
20
Task or task
21
Program module
30
Task or task
31
Program module
32
Program module
33
End of procedure
34
Communication interface
40
Task or task
41
Program module
50
Control device or ESM
51
Operative connection
52
Operative connection
53
Communication link
54
Communication link
55
Communication link
56
Communication link
57
Communication link
58
Communication link
60
first slave
70
second slave
80
OS process
90
high priority OS thread

QUOTES INCLUDED IN THE DESCRIPTION

This list of the documents listed by the applicant was generated automatically and is included solely for the better information of the reader. The list is not part of the German patent or utility model application. The DPMA assumes no liability for any errors or omissions.

Patent literature cited

  • EP 2504738 B1 [0006]