EP-4741957-A2 - SAFETY-TYPE CONTROLLER APPLICABLE TO ENGINEERING MACHINERY, CONTROL METHOD, AND ENGINEERING MACHINE

Abstract

This application discloses a safety-type controller applicable to engineering machinery, a control method, and an engineering machine in the engineering machinery field. The safety-type controller includes a multi-core processor including first, second and third processing cores. The first processing core is configured to run a BootLoader program. The second processing core is configured to run an application program to input or output a safety-related signal and read or write a safety-related or non-safety-related memory. The third processing core is configured to run an application program to input or output a non-safety-related signal, read or write a non-safety-related memory, and read a safety-related memory. The BootLoader program, the functional safety-related application program, and the non-functional-safety-related application program are run by separate cores in an isolated manner, thereby ensuring operating efficiency while improving safety.

Inventors

• ZHANG, CHEN
• GAO, Can
• LIU, YANG

Assignees

• Jiangsu Advanced Construction Machinery Innovation Center Ltd.

Dates

Publication Date

20260513

Application Date

20251022

Claims (10)

1. A safety-type controller applicable to engineering machinery, characterized in that the controller comprises a multi-core processor; the multi-core processor comprises a first processing core, a second processing core, and a third processing core; the first processing core is configured to run a BootLoader program; the second processing core is configured to run an application program to input or output a safety-related signal and read or write a safety-related or non-safety-related memory; and the third processing core is configured to run an application program to input or output a non-safety-related signal, read or write a non-safety-related memory, and read a safety-related memory.
2. The safety-type controller applicable to engineering machinery according to claim 1, characterized in that the multi-core processor adopts a multi-core MCU chip.
3. The safety-type controller applicable to engineering machinery according to claim 1, characterized in that the second processing core acquires a dual-signal result from each same signal source by using a dual-signal acquisition channel, performs error check on the dual-signal result, and determines, in the case that an error falls within a preset error range, that the signal acquisition is successful.
4. The safety-type controller applicable to engineering machinery according to claim 3, characterized in that in the case that the error falls outside the preset error range, the second processing core determines that the signal acquisition fails, and cuts off an output signal of the second processing core directed to the signal source or cuts off all output signals of the second processing core.
5. The safety-type controller applicable to engineering machinery according to claim 1, characterized in that the output signal of the second processing core reaches a controlled device through a load driver module; the load driver module comprises a main switch, a group switch, and a sub-switch group; an input terminal of the main switch is externally connected to a power source; an output terminal of the main switch is connected to an input terminal of each group switch; an output terminal of the group switch is connected to one load through one sub-switch group; and the output signal of the second processing core is connected to control terminals of the main switch, the group switch, and the sub-switch group.
6. The safety-type controller applicable to engineering machinery according to claim 1, characterized in that the third processing core acquires a single-signal result from each same signal source by using a single-signal acquisition channel.
7. The safety-type controller applicable to engineering machinery according to claim 1, characterized in that a watchdog circuit and a bus communication circuit are further connected to the multi-core processor.
8. A control method of a safety-type controller applicable to engineering machinery, characterized in that the controller is the safety-type controller according to any one of claims 1 to 7, and the control method comprises: entering, by the safety-type controller, the BootLoader program in response to the safety-type controller being powered on, and running, by the first processing core, the BootLoader program, and determining whether a program update is required; entering the application program in the case that no program update is required; running, by the second processing core, the application program to input or output the safety-related signal and read or write the safety-related or non-safety-related memory; and running, by the third processing core, the application program to input or output the non-safety-related signal, read or write the non-safety-related memory, and read the safety-related memory.
9. The control method of a safety-type controller applicable to engineering machinery according to claim 8, further comprising: entering the application program after completion of the program update in the case that the program update is required.
10. An engineering machine, characterized in that the engineering machine comprises the safety-type controller according to any one of claims 1 to 7.

Description

TECHNICAL FIELD This application relates to the technical field of engineering machinery, and in particular, to a safety-type controller applicable to engineering machinery, a control method, and an engineering machine. BACKGROUND A controller is an apparatus for controlling or regulating mechanical, electrical, or other systems, and is typically implemented using technologies such as a smart chip, program control, or a sensor. Controllers are widely used in the fields such as engineering machinery, household appliances, and automotive electronics, and are an indispensable part of modern production and life. Controllers are categorized into combinational logic controllers and microprogrammed controllers. Each type of the controllers exhibit their respective advantages and disadvantages. A combinational logic controller is characterized by a simple design structure, fast execution, and high reliability. However, once the design is finalized, a combinational logic controller is not modifiable or expansible. A microprogrammed controller allows easy modification of control logic, and can be modified by just modifying the program of the controller. However, the reliability of the microprogrammed controller is considerably affected by the quality of the program code and the circuit design of the controller, making the controller prone to reliability problems. Currently, a controller is used as a core controller unit of a main machine in the field of engineering machinery, such as for excavators, loaders, cranes, and aerial work platforms. As the functions of the main machine become more complex and new demands arise frequently, microprogrammed controllers are universally used for developing a control system of the main machine in the engineering machinery field. An engineering main machine operates in environments that require high safety and reliability. A conventional controller uses a single channel to acquire and execute controller signals, lacking feedback signal monitoring for an execution channel, thereby being prone to cause controller failure. Once a failure occurs, protective handling and execution functionality are lacking. Therefore, it is essential to develop a safety-type controller and system applicable to engineering machinery. SUMMARY An objective of this application is to provide a safety-type controller applicable to engineering machinery, a control method, and an engineering machine to overcome disadvantages in the prior art and solve the problem that conventional controllers are unable to meet the safety and reliability requirements of an operating environment of an engineering main machine. To achieve the above objective, this application puts forward the following technical solutions: According to a first aspect, this application provides a safety-type controller applicable to engineering machinery. The controller includes a multi-core processor. The multi-core processor includes a first processing core, a second processing core, and a third processing core. The first processing core is configured to run a BootLoader program. The second processing core is configured to run an application program to input or output a safety-related signal and read or write a safety-related or non-safety-related memory. The third processing core is configured to run an application program to input or output a non-safety-related signal, read or write a non-safety-related memory, and read a safety-related memory. Optionally, the multi-core processor adopts a multi-core MCU chip. Optionally, the second processing core acquires a dual-signal result from each same signal source by using a dual-signal acquisition channel, performs error check on the dual-signal result, and determines, in the case that an error falls within a preset error range, that the signal acquisition is successful. Optionally, in the case that the error falls outside the preset error range, the second processing core determines that the signal acquisition fails, and cuts off an output signal of the second processing core directed to the signal source or cuts off all output signals of the second processing core. Optionally, the output signal of the second processing core reaches a controlled device through a load driver module. The load driver module includes a main switch, a group switch, and a sub-switch group. An input terminal of the main switch is externally connected to a power source. An output terminal of the main switch is connected to an input terminal of each group switch. An output terminal of the group switch is connected to one load through one sub-switch group. The output signal of the second processing core is connected to control terminals of the main switch, the group switch, and the sub-switch group. Optionally, the third processing core acquires a single-signal result from each same signal source by using a single-signal acquisition channel. Optionally, a watchdog circuit and a bus communication circuit are further connected