Search

CN-121994090-A - Method for avoiding common cause failure of fuse protection device

CN121994090ACN 121994090 ACN121994090 ACN 121994090ACN-121994090-A

Abstract

The invention relates to a method for avoiding common cause failure of a fuse protection device, belongs to the field of control of fuse protection devices, and solves the problem that a three-level safety unit in the prior art has common cause failure. The method comprises the steps that a first-level unlocking completion signal and a second-level unlocking completion signal are fed back to a master controller and a slave controller by a unlocking state feedback circuit, the master controller sends a first-level confirmation signal to the slave controller based on the first-level unlocking completion signal and the second-level unlocking completion signal, the slave controller opens a third-level unlocking software lock based on the first-level confirmation signal, the first-level unlocking completion signal and the second-level unlocking completion signal, a third-level unlocking completion signal is fed back to the master controller and the slave controller by a hardware booster circuit, the master controller sends a second-level confirmation signal to the slave controller based on the third-level unlocking completion signal, and the slave controller opens a detonation software lock based on the second-level unlocking completion signal and the third-level unlocking completion signal. The fuse decryption method with high safety is realized.

Inventors

  • LIU ZHENGYU
  • SHI HAICHAO
  • LI SHUJING
  • XIAO WENFANG
  • LI BIN
  • WANG KUO

Assignees

  • 北京机械设备研究所

Dates

Publication Date
20260508
Application Date
20241106

Claims (10)

  1. 1. A method for avoiding co-cause failure of a fuse de-protection device, comprising: After the main controller releases the primary insurance of the hardware circuit, the primary protection state feedback circuit feeds back a primary protection completion signal to the main controller and the slave controller; The master controller releases the second-level insurance of the hardware circuit based on the first-level warranty completion signal and the second-level Jie Bao instruction; the master controller sends a first state confirmation signal to the slave controller based on the primary and secondary deprotection completion signals; The slave controller opens the three-level protection software lock based on the first state confirmation signal, the first-level protection completion signal and the second-level protection completion signal, and outputs a three-level protection control signal to release three-level protection; And the slave controller opens the detonating software lock based on the second state confirmation signal and the three-level unlocking completion signal.
  2. 2. The method of claim 1, wherein the master controller sending a first status confirmation signal to a slave controller based on the primary and secondary warranty completion signals, comprising: The master controller judges the time sequence and the validity of the primary and the secondary solution security completion signals, and the method comprises the step that if the master controller receives the primary solution security completion signal and the primary solution security completion signal are valid, the master controller sends a first state confirmation signal to the slave controller.
  3. 3. The method of avoiding co-cause failure of a fuse de-protection device of claim 2, wherein the slave controller opens a three-level de-protection software lock based on the first status confirmation signal, a one-level de-protection completion signal, and a two-level de-protection completion signal, comprising: The slave controller judges the time sequence and the validity of the first state confirmation signal, the first-stage protection completion signal and the second-stage protection completion signal, and if the slave controller sequentially receives the first-stage protection completion signal, the second-stage protection completion signal and the first state confirmation signal, and the first-stage protection completion signal, the second-stage protection completion signal and the first state confirmation signal are valid, the slave controller opens the third-stage protection software lock.
  4. 4. The method for avoiding co-cause failure of a fuse de-protection device of claim 3, wherein the master controller sending a second status confirmation signal to the slave controller based on the three-level de-protection completion signal comprises sending a second status confirmation signal to the slave controller if the three-level de-protection completion signal is valid; the secondary controller opens the detonation software lock based on the second state confirmation signal and the three-level unlocking completion signal, and the secondary controller opens the detonation software lock if the second state confirmation signal and the three-level unlocking completion signal are valid.
  5. 5. The method for avoiding co-cause failure of a fuse de-protection device of claim 4, further comprising: After the detonation software lock is opened, the slave controller outputs a detonation control signal to the detonation circuit based on the detonation instruction signal, and the detonation operation is completed.
  6. 6. The method for avoiding common cause failure of a fuse protection device according to any one of claims 1 to 5, wherein the three-stage protection software lock is a dynamic switch circuit, one end of the dynamic switch circuit is connected with a primary protection circuit through a secondary coil of a transformer in a booster circuit, the other end of the dynamic switch circuit is connected with a secondary Jie Bao circuit for controlling the transformer, and the transformer is used for charging a detonation circuit.
  7. 7. The method for avoiding co-occurrence failure of a fuse releasing device according to any one of claims 1 to 5, wherein the second level Jie Bao command is obtained based on external environment information, the external environment information including an acceleration signal and a radar signal of a device to be initiated.
  8. 8. The method for avoiding co-occurrence failure of a fuse de-protection device of any one of claims 1-5, wherein the three-level de-protection completion signal is a signal that a transformer has completed charging a detonation circuit.
  9. 9. The method of any one of claims 1-5, wherein the first status confirmation signal and the second status confirmation signal are PWM signals having the same frequency but different duty cycles.
  10. 10. The method for avoiding common cause failure of a fuse de-protection device according to claim 1, wherein the master controller is an ARM and the slave controller is a CPLD.

Description

Method for avoiding common cause failure of fuse protection device Technical Field The invention relates to the technical field of control of fuse protection devices, in particular to a method for avoiding common cause failure of a fuse protection device. Background The in-line detonation is used as a fifth generation fuze safe detonating system, the core component electronic safety and contact safety device is used as the core of the fuze electronic safety control system, the safety and protection releasing control, the high-voltage power charging and detonating functions are integrated, and the booster circuit is controlled to charge and store energy by judging the peripheral environment information and command signals to sequentially contact each level of insurance, so that the detonating function is completed. Because the device is the last checkpoint of detonation killing, a high reliability requirement is placed on the fuze and disallowing device. In the fuse disallowing device controller system, the conventional disallowing control strategy is single controller control and double controller control. When a single controller strategy is adopted, the controller faults can lead the three-level safety units to be in an out-of-control state, common cause failure occurs, and the reliability is low. When two controllers with the same principle and architecture are adopted as a control system, two controllers simultaneously fail, so that three-level safety units are in a runaway state and common cause failure occurs. At present, the prior art is designed aiming at the problem, for example, wang Cheng of Nanjing university of technology in 'fuze safety logic control Circuit optimization design', ARM is adopted as a module for realizing the A/D acquisition function of environmental information, and CPLD is utilized for judging the environmental information and controlling insurance. Zhang Zhaoxin of Nanjing university of science and technology is also designed based on ARM and CPLD dual controllers in a text of fuze electronic safety and control System design, but the CPLD is only used as a module for realizing the A/D acquisition function. Wang Shuaishuai based on Beihua aviation college in the design of fuze electronic safety and control System adopts a singlechip 8051 and a CPLD double controller as a control system, but the CPLD controller is only responsible for PWM pulse generation and sending out a detonation signal. The fuse protection device based on ARM and CPLD still has protection information coupling between controllers, so that two controllers cannot independently judge the state of the three-level protection unit, when any controller fails, the other controller cannot judge the current three-level protection release state, and the three-level protection unit is out of control. Disclosure of Invention In view of the above analysis, the embodiment of the invention aims to provide a method for avoiding common cause failure of a fuse releasing device, which is used for solving the problem that three-level safety units in the existing fuse releasing device have common cause failure. The specific method comprises the following steps: After the main controller releases the primary insurance of the hardware circuit, the primary protection state feedback circuit feeds back a primary protection completion signal to the main controller and the slave controller; The master controller releases the second-level insurance of the hardware circuit based on the first-level warranty completion signal and the second-level Jie Bao instruction; the master controller sends a first state confirmation signal to the slave controller based on the primary and secondary deprotection completion signals; The slave controller opens the three-level protection software lock based on the first state confirmation signal, the first-level protection completion signal and the second-level protection completion signal, and outputs a three-level protection control signal to release three-level protection; And the slave controller opens the detonating software lock based on the second state confirmation signal and the three-level unlocking completion signal. Based on a further improvement of the above method, the master controller sends a first status confirmation signal to the slave controller based on the primary and secondary deprotection completion signals, including: The master controller judges the time sequence and the validity of the primary and the secondary solution security completion signals, and the method comprises the step that if the master controller receives the primary solution security completion signal and the primary solution security completion signal are valid, the master controller sends a first state confirmation signal to the slave controller. Based on a further improvement of the above method, the slave controller opens a three-level unlock software lock based on the first state confirmation signal, the first