WO2015180932A1 - Procédé de test informatisé d'un système technique - Google Patents

Procédé de test informatisé d'un système technique Download PDF

Info

Publication number
WO2015180932A1
WO2015180932A1 PCT/EP2015/059816 EP2015059816W WO2015180932A1 WO 2015180932 A1 WO2015180932 A1 WO 2015180932A1 EP 2015059816 W EP2015059816 W EP 2015059816W WO 2015180932 A1 WO2015180932 A1 WO 2015180932A1
Authority
WO
WIPO (PCT)
Prior art keywords
test
technical system
test probe
data
database
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2015/059816
Other languages
German (de)
English (en)
Inventor
Joachim FRÖHLICH
Stefan Rothbauer
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Siemens Corp
Original Assignee
Siemens AG
Siemens Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG, Siemens Corp filed Critical Siemens AG
Publication of WO2015180932A1 publication Critical patent/WO2015180932A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/22Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
    • G06F11/26Functional testing
    • G06F11/27Built-in tests

Definitions

  • the invention relates to a method for computer-aided testing of a technical system and a technical system.
  • functions must be carried out reliably in real time. Testing of these systems will test the functionality and timeliness of mechanisms that implement the technical system for discovering and handling rare situations.
  • the tests check, for example, whether the technical system fails safely within a certain period of time after a permanent error or reaches a fail-safe mode of operation.
  • the tests must simulate events, especially temporally correlated in different parts of the system (distributed to different computer nodes), which should trigger the backup mechanism pinpoint, without affecting functions and running time of the tested technical system. Otherwise, test results are unreliable, since the system behaves differently in test mode when a fault occurs than in productive operation.
  • the object of the invention is to provide a method for computer-aided testing of a technical system, with which the technical system can be tested easily and quickly. This object is solved by the independent claims. Further developments of the invention are defined in the dependent claims.
  • the inventive method is used for computer-aided testing of a technical system, wherein based on a predetermined clock cyclically predetermined time slots are reserved, which are exclusively for testing the technical system can be used.
  • the method according to the invention is used for a time-controlled technical system which operates in a predetermined cycle and performs its functions only within correspondingly defined time slots.
  • time-controlled systems react to external events at precisely determinable times.
  • predetermined time slots within one clock cycle are used exclusively for testing the technical system.
  • the remaining time slots of the clock cycle serve to carry out the core functions of the technical system.
  • a test probe is integrated in one or more computer nodes of the technical system, wherein an internal test program is stored by a respective test probe during testing of the technical system, which is stored in the respective test probe, and wherein the test probe by means of the internal test program accesses a system database containing data in the form of state data of the technical system and in the computer nenknoten is stored, in which the respective test probe is integrated.
  • state data of the technical system is to be understood broadly and may include various data about the operating state of the technical system. State data includes not only the data on the system status but also signal data from individual sensors and / or actuators. In particular, it should be noted that by means of the status data, rare or critical operating states of the technical system can be set in the test mode by manipulation of the system database via the test probe and thereby simulated. Under computer nodes of the technical system are separate
  • Understand units with software and hardware.
  • these are networked with one another in a suitable manner via a communications infrastructure, such as Ethernet.
  • Examples of computer nodes are separate computers or sensors and / or actuators in the technical system.
  • the computer nodes are designed to fulfill security requirements at least partially redundant. Redundancy means that a computer node consists of at least 2 channels for checking the data integrity of the computer node and / or that one computer node can take on the task of another computer node as soon as the other computer node fails, for example if data integrity is breached.
  • the method according to the invention makes it possible to carry out tests quickly, reliably and with clock accuracy.
  • the result of the tests can be stored on the test probes or read out of them via an interface.
  • the read results can be output to a user via a user interface.
  • the user receives information about the behavior of the technical system during the test. For example, At the same time, the user receives the feedback via the user interface as to whether a test that injects errors into the technical system leads to a safety-critical state of the technical system.
  • the system database accessed by the respective test probe preferably comprises state data of the computer node in which the respective test probe is integrated.
  • the status data preferably also includes status data for further computer nodes of the technical system.
  • the system database further comprises state data on the respective test probe itself.
  • a respective test probe at least sometimes in a predetermined time slot by means of the internal test program.
  • These operations include reading data from the system database, evaluating the read data, and changing the data in the system database.
  • a quick execution of appropriate tests with local evaluation of the data allows. This variant contributes to the clock-specific execution of the tests.
  • the access of a respective test probe to the system database is based on instructions of the following instruction types:
  • command type for changing data in the system database.
  • these types of commands are exemplified as “monitor” and “manipulate”.
  • the respective test probe also carries out commands of a command type by means of the internal test program, which checks whether predetermined statements (also referred to below as test statements) about states of the technical system stored in the system database are met.
  • This type of command is exemplified as "assert" in the specific description.
  • a respective test probe also carries out, by means of the internal test program, commands of command types with which the operation of the computer node in which the respective test probe is integrated is stopped and / or with which the operation of the computer node in which the respective test probe is integrated is, continues. Operation can be stopped temporarily. However, only the test probe remains in operation.
  • the command "stop” is used as an example in the special description, as well as the operation of the computer node can be permanently stopped and ended.This command is exemplarily labeled with "exit" in the special description.
  • predetermined conditions are specified for at least a part of the commands of the command types, and especially all commands of the command types.
  • the predetermined conditions may for example be stored in the corresponding commands or be stored in separate registers.
  • the predetermined conditions can be specified via relational expressions and Boolean expressions.
  • the above-mentioned predetermined test statements about relational expressions and Boolean expressions are also specifiable.
  • Relational expressions relate two components in a condition or statement. Examples of relational expressions can be found in the specific description.
  • the test tone can evaluate individual and compound relational and Boolean expressions in time with the system under test. This allows for clock-accurate test statements.
  • one or more command registers are provided for each command type, in which the respective commands of the corresponding command type to be executed in the current time slot are contained.
  • one or more further databases with data in the form of status data of the technical system are provided for at least a portion of the test probes in each case in addition to the system database further or further test database are stored in the computer node, in which the respective test probe is integrated, and wherein the respective test probe accesses the further or further test databases by means of the internal test program.
  • another test database can be used to prepare an operating scenario preparatory to carrying out a test by modifying the data in this test database, which is then used later in the test.
  • the preparation of tests via test databases is used in particular when extensive manipulations in the state data are required (too extensive to perform individually in real time in a timeslot).
  • the use of multiple test probe-specific databases i.e., the system database and at least one test database has the advantage of improving the timing of the tests.
  • this test can transfer large amounts of data from one or more test databases to the system database within one cycle.
  • the respective test probe can switch over from the system database to at least one further test database and / or vice versa by means of the internal test program and / or data from at least one further test database into the system database and / or data from the system database transferred to at least one other test database.
  • the recorded data can also be stored permanently in the corresponding database in which they were recorded. This is achieved in the special description by way of example with the command "save.”
  • an external test component with an external test program running on it is connected to the technical system the external test component does not perform core functions of the technical system outside the test mode.
  • the external test component communicates with at least a portion of the test probes and controls the at least a portion of the test probes via the external test program. In this way distributed tests can be realized over several test probes.
  • the external test component preferably communicates with the corresponding test probes via a separate communication infrastructure, which is independent of the communication infrastructure of the technical system.
  • the method according to the invention can be used for a wide variety of time-controlled technical systems. Preferably, the method is used in a system for process automation and / or plant control and / or building management and / or in a system for controlling and distributing energy and / or in a means of transport (motor vehicle, train, aircraft, spacecraft) and / or in a traffic flow control system.
  • the invention further relates to a technical system in whose operation, based on a predetermined clock cyclically predetermined time slots are reserved, which are exclusively for testing the technical system can be used, and integrated in one or more computer nodes of the technical system each have a test probe is.
  • the technical system is designed in such a way that an internal test program, which is stored in the respective test probe, is executed by a respective test probe during testing of the technical system, wherein the test probe uses the internal test program to access a system database which stores data in the form of state data of the technical system and stored in the computer node in which the respective test probe is integrated.
  • the technical system according to the invention is preferably designed such that one or more preferred variants of the method according to the invention can be carried out with the technical system.
  • FIG. 1 shows a schematic representation of an embodiment of a technical system with test probes integrated therein according to an embodiment of the invention.
  • FIG. 1 shows a schematic representation of a platform which is integrated in a technical system in the form of an electric vehicle and which permits the execution of a allows variant of the method according to the invention.
  • Platform comprises a central computer R, via which various functions of the electric vehicle are electrically or electronically controlled, such as e.g. such functions conventionally realized via mechanical coupling, e.g. a steering function in the electric vehicle.
  • the central computer R is indicated by a dashed rectangle.
  • the central computer contains redundant computers Rl and R2. Further, a variety of
  • Sensors and actuators provided, wherein in the following without limitation of generality only reference is made to the sensor and actuator units shown SA1, SA2, SA3 and SA4, which are assigned to respective wheels Wl to W4 of the vehicle. Depending on the configuration, these units can perform different functions on the wheel. For example, they can measure the wheel speeds and use a corresponding actuator to trigger braking on the wheel.
  • the computers R1 and R2 and the sensor and actuator units SA1 to SA4 represent embodiments of computer nodes in the sense of the claims.
  • the computer nodes comprise software and hardware for controlling the technical system and can communicate with one another, as indicated by the solid lines in FIG is.
  • the communication between the compute nodes may e.g. run based on ethernet.
  • the computer nodes each comprise at least one test probe T.
  • test probe T is provided for each of the sensor and actuator units SA1 to SA4.
  • test probes T are integrated in each computer Rl and R2.
  • the individual computers each comprise two channels Cl and C2, which monitor each other. For each of the channels there is a test probe T.
  • the platform shown in FIG. 1 is time-controlled, which means that cyclically predetermined time slots are provided, in which the platform can in each case perform certain functions in individual computer nodes and thus can also respond to predetermined events. It is in one System clock one or more predetermined time slots reserved exclusively for performing tests using the test probes T shown. The remaining time slots of a system clock are used to perform other functions via the platform. Due to the dedicated time slots and the integration of the test probes into the platform, the tests performed are non-intrusive.
  • the method according to the invention is characterized by a local control of the individual test probes T in the computer nodes. This will be clarified with reference to FIG. 2. This figure shows in detail by way of example the channel Cl of the computer Rl.
  • the computer Rl thereby represents a master computer which performs corresponding functions of the electric vehicle in normal operation. Parallel to this runs the so-called slave computer R2, which assumes its functions in case of failure of the computer Rl.
  • the test probe T which is realized in the form of software and hardware, is controlled according to FIG. 2 via an internal program ITP deposited in the test probe T. There are several internal test programs installed in the test probe T, which are not executed simultaneously. In other words, only one internal test program ever controls the test probe of a computer node. For this purpose, the internal test program is loaded into the program memory PS shown.
  • the test probe T is caused to exchange data with a system database S-DB, as indicated by the arrows P.
  • the system database S-DB contains status data on the technical system, not only on the computer node Rl itself, but also on the other computer nodes that can communicate with the computer node Rl.
  • the state of the technical system, as seen by the computer node Rl, is thus shown in the system database S-DB.
  • the status data in the system database S-DB can be designed differently and relate in particular to information with regard to up, whether or which other computer nodes of the technical system are in operation or are defective or failed.
  • the entries of the system database can be manipulated during the test and real, especially rare or critical scenarios and error cases can be simulated thereby. In other words, data in the system database S-DB may deviate from the actual states and received and transmitted signals according to a test target.
  • test data beacons explained above, which are used to prepare tests, are also stored in the computer node R1.
  • the test databases are designated by the reference symbol T-DB.
  • the interaction of the test databases T-DB with the test probe T is indicated by the arrows P '.
  • the test probe T comprises a command memory BR which is used for test control commands and comprises at least two command registers containing the commands which the test probe is to carry out in the current test, as explained in more detail below.
  • test probes T are used in the individual computer nodes of the system for testing the technical system. These test probes are independently controlled by internal test programs which access local databases for mapping the state of the technical system. In this way, tests can be performed with exact timing, since internal test programs control the test probe to the beat of the system and therefore data does not have to be transmitted over long distances from or to an external test system. Nevertheless, in addition, external control of the test probes may be performed using an external test system, as described in more detail below.
  • the invention preserves the Features and advantages of known, integrated in technical systems probes. However, the probes are substantially extended to new capabilities and therefore referred to as test probes.
  • a particularly preferred application of the invention are distributed software-intensive real-time systems.
  • the platform of Figure 1 illustrates such a system.
  • the systems perform functions timed and thus behave inherently deterministically.
  • the systems are preferably redundant, ie they not only comprise one computer node, but several computer nodes, so that functional computer nodes can replace nonfunctioning computer nodes in productive operation.
  • a respective one interacts
  • Test probe T with a system database S-DB This database decouples the computer nodes of the tested technical system.
  • the computer nodes in the technical system exchange data exclusively via the system database.
  • the system database holds the data for at least one system clock.
  • the data in the system database describe the data flow between different computer nodes and within a computer node.
  • Each computer node in the tested system contains at least one test probe T. From the point of view of the tested system, the test probe T behaves like any other component in the technical system.
  • the system under test carries out functions of the test probe in a time-controlled manner, as well as scheduling the functions of other components. The time-controlled execution of the functions is achieved by the allocation of corresponding time slots, as described above.
  • the test probe carries out test control commands by means of the internal test program.
  • a test probe can read the entries in the system database for all computer nodes, overwrite these entries and check.
  • the read command is referred to as "monitor”
  • the write command as "manipulate”
  • the check command as "assert.”
  • the check command checks a test statement for state data in the system database (true value on fulfillment of the test Statement and value "false” if the test statement is not fulfilled.)
  • the "assert" command can be used, for example, to determine that the failure of a test is detected if the corresponding statement is met.
  • the test probe can also read, write and test its own data in the system database.
  • the test control commands are stored in the test memory BR ( Figure 2) of the test probe.
  • the instruction memory consists of at least one instruction register for each instruction type, i. from a register for the "monitor” command, for the instruction “manipulate” and the command “assert.”
  • the instruction memory may also comprise a plurality of similar instruction registers for specifying a plurality of instructions of the same instruction type Test probe until a new test control command replaces a test command of the same command type, or until a test command clears a command register of the specified command type, for example, by commands in the form of "clear monitor,” “clear manipulate,” and “clear assert.”
  • a computer node contains, in addition to the system database S-DB, further test databases T-DB.
  • the test commands "load” and “save” can be used to transfer data between the test database and the system database.
  • the test control command “switch” allows to switch between the test database and the system database within exactly one clock
  • the test database contains the same type of data as the system database
  • a test database can be used for example parallel to the execution of a test by manipulation of data in this test database, a specific operating scenario is generated, which is then transferred to the system database. then the test will test the generated operating scenario.
  • a test probe can stop the associated computer node with the test control command "stop.” It can also continue the halted computer node with the test control command "continue”. In addition, there is also the possibility not only to temporarily stop a stopped or running node, but to stop its operation.
  • the test control command "exit” is used for this.
  • Test control commands have a mechanism for triggering when appropriate conditions are met (so-called “guarding condition” or “condition trigger”).
  • the test control commands are triggered clock-accurate when data in the system database meets these conditions, e.g. when signal data reaches certain limits or state variables indicate certain states.
  • the conditions that trigger test control commands are either part of a test control command or are in control registers.
  • Each command register of the corresponding command type (“monitor”, “manipulate”, “assert") can be assigned a control register ("control monitor”, “control manipulate”, “control assert”).
  • Conditions that trigger test control statements can include both Boolean expressions (and, or, not) and relational expressions.
  • the operands in the conditions may thus include Boolean and relational expressions.
  • the conditions include values of the system database and possibly constants. The number of operands for describing a condition is only limited by the length of the instruction registers or control registers.
  • the tested technical system behaves the same in test mode and in productive operation.
  • System resources that use the test probes during test operation are not used by other tasks during productive operation. This is achieved by the allocation of time slots described above.
  • the test probes are integrated into the tested system from the beginning. They will not be retrofitted for testing.
  • the internal test procedures performed by the internal test programs described above control the test probes.
  • the internal test procedures are sequences of the test control commands described above.
  • an external test control is provided. This runs on a node outside the tested system.
  • the external test control also uses test procedures with which the test probes of the individual computer nodes are additionally controlled. Using external test procedures, distributed tests can be implemented over several computer nodes of the tested technical system.
  • the test probes preferably communicate with the external test procedures via a separate communication infrastructure which is independent of the communication infrastructure of the tested technical system.
  • test procedures control exactly one test probe. Tests can be performed clock-accurate over several cycles on a computer node of the tested technical system. In this sense, the internal test procedures implement so-called built-in tests, which run autonomously on a computer node of the tested technical system. During a test covering multiple compute nodes of the technical system being tested, internal test procedures can execute test instructions in a state-specific and autonomous manner for a specific time, without any delays that would otherwise be caused by communication with a test device. ner external test procedure arise. In particular, with internal test procedures within a time slot, data can be read from the system database, subsequently evaluated and based on this, manipulations of data in the system database can be performed.
  • test procedures work time-controlled in time with the tested technical system. These test procedures send test control commands to the appropriate test probes.
  • a test probe transfers data read in a system clock and results of local tests to the test procedure.
  • the maximum size of the data packets received and transmitted by a test probe is limited and therefore deterministic, but preferably configurable.
  • test control commands (monitor”, “manipulate”, “assert”, “load”, “save"), and thus the size of instruction registers, are preferably configurable Command registers are the same size as the data packets received by a test probe and shipped.
  • clock-accurate tests of time-controlled technical systems can be carried out.
  • the invention is suitable for testing software-intensive timed systems that perform safety-related functions in real time.
  • These systems can be distributed and designed to be redundant, but also monolithic (ie the system contains only one computer node with corresponding test probe). If tests on several computer nodes of a distributed technical system are to attack at the same time, then the tests based on the test probes can tune and correct conditions of the computer nodes, test steps (simulation, observation and test) and test results in an exact time. This also works under real-time conditions, for rarely occurring and otherwise difficult to follow situations and errors, free from unwanted and uncontrollable time effects and destructive effects. non-intrusive, ie non-intrusive. The tests provide clear and reliable results even in these situations.
  • error hypotheses of a safety-critical system can be determined as deterministic
  • Tests are formulated. This simplifies the certification of safety-critical systems against safety standards requirements (for example, IEC 61508, EN 50128 and ISO 26262).
  • test probes rare situations in the system database of the technical system can be set to the exact timing ("manipulate” test control command) and the actual reaction of the tested system to the expected reaction can be automatically determined and checked ("monitor", "assert” commands). For this purpose, the tested technical system does not have to be subsequently changed, which would unduly change the time behavior of the tested technical system.
  • the test probes are built into the technical system from the beginning, ie during the development and test operation, so that their effects on Furthermore, the test probes built into the system under test are treated as ordinary components and are not otherwise used during productive operation In the case of external testing, a test coupler independent of the tested technical system is used Communication infrastructure used.
  • Test probes also avoid time delays by being able to independently evaluate more complex situations in the system database and respond to them using the mechanism for triggering test control commands.
  • Boolean and relational expressions appropriate conditions for triggering test control to be described.
  • This condition means that at a predetermined bad state of a computer node ("Degraded") and in the lack of availability of a sensor ("not
  • the condition is fulfilled, for example, the" assert “command can be triggered with this condition.
  • the condition can be stored in the control register described above.
  • this condition may represent a statement of the "assert" command that is validated by this command
  • a test may be configured such that in the event that said condition is met in the system database, the test probe has a Issues error.
  • the internal test procedure of the test probes can be transferred in a variant of remote data from a test database into the system database (command "load”) Furthermore, data from the system database can be transferred to the test database (command "save “). It is also possible to switch between the system database and the test database (command "switch”) In productive operation of the technical system, it is also possible to connect a black box to the test probe, which records certain data within a certain time window a communication port can be realized on the test probe.
  • test mode a system engineer can stop, analyze, modify and, if necessary, modify one or more compute nodes of the tested technical system with the aid of the test probes continue.
  • sequence of test control commands (indicated in extended Backus-Naur form EBNF) can be performed: ... stop ⁇ monitor
  • test probes represent alternatives of test control commands that are performed in the respective cycles of the system clock. These control commands are executed on the basis of the prefix "stop” in the stopped state of a corresponding node.The operation of the node is subsequently continued by the command "continue”.
  • the test probes according to the invention enable the realization of efficient test suites from several tests. In test mode, test probes can terminate current compute nodes immediately when the test result is determined (exit command), and the test probes can be used to restart the tested system (all compute nodes) and run the next test, or a test probe between two consecutive tests Transfer a defined system state from a test database to the system database within one cycle (commands "load” or "switch").
  • tests can send outputs to an external test controller for presentation, evaluation or recording.
  • Internal test procedures can also react to changes in the behavior of the tested system within one cycle by passing the evaluation evaluation-specific test control commands to the test probe in one cycle after receiving and evaluating the data from the system database.
  • a test probe may optionally be controlled in one cycle by several instructions of the same instruction type.
  • several command registers for the corresponding command type are in the corresponding instruction memory provided.
  • a test probe may have two instruction registers for changing memory cells in the system database. Calling these command registers "manipulatel" and “manipulate2", the test procedure can control a test probe to "manipulate" simulation data to produce a rare situation of states of the technical system
  • Manipulate2 is an error that is used to test the behavior of a computer node of the system under test for an exceptional error in a rare situation in a precise and deterministic manner, again using the "assert" command. There is no unintended interaction between the test probes and the tested technical system.
  • the test probes are built into the tested technical system as planned and use a separate infrastructure for communication with external test systems.
  • test probe can use the same processor together with other components of the corresponding computer node.
  • the test probe can use a separate processor.
  • This separate processor includes a test control command memory, a system database memory area and, if applicable, one or more test databases, internal test procedure memory areas, and an I / O controller through which the test probe exchanges data packets with an external test controller.
  • test probe with separate processor allows the parallelization of test programs. This means that the data can be processed faster and, if necessary, more data as part of a test.
  • the visible area for a test in the system database will be expanded.
  • the influence of the test probes is reduced to the synchronization necessary for the deterministic tests to exchange data between the test probes and the tested system in a controlled manner.
  • Test probes, if necessary an external test system as well as the tested technical system are separated and thus fulfill a requirement from safety standards, namely the segregation of critical components.
  • the test probe is a safety-critical component due to its capabilities and potential impact on the functional safety of the technical system.
  • the inventive method can be used advantageously in any timed technical systems. Preferred applications have already been mentioned in the preceding.
  • the method can be used in industrial automation, in train control systems, electric vehicle controls and process controls, such as the control of rolling mills.
  • the method according to the invention can improve the testability of corresponding control units.
  • the method according to the invention is preferably used in train control systems which contain redundant computer nodes which are operated in so-called warm or hot standby mode so that they can be quickly switched on in the event of a computer node failure. It can by means of
  • Test probes e.g. to check whether the train's communication system is working reliably in accordance with the EN 50159 standard.
  • test probes can be e.g. Simply check mechanisms that implement communication systems to ensure data integrity, e.g. Checksums.
  • Incoming messages, as received, are stored in the system database.
  • the test probe can specifically fake message parts that belong to different protocols of a protocol hierarchy and check the handling of the computer nodes with the counterfeit data.
  • the method according to the invention is also used in distributed control systems. Just In such systems, pinpoint (location) and clock-accurate (time) reading and writing of data as well as testing of data properties are necessary. Test probes enable pinpoint and clock-accurate testing that is free from unintended side effects on the distributed control system under test.
  • test probes of the invention can inject errors and check for injected errors, with no side effects, nondestructive and in time with the system.
  • test probes according to the invention enable non-intrusive testing of fault hypotheses, which facilitates certification according to safety standards (for example according to standards of the IEC 61508 family).
  • test probes can already accompany the development process of the technical system continuously.
  • the technical system can thus be produced faster and at lower costs.
  • already delivered systems can be tested with the help of the test probes.
  • the tests interlock system development, system maintenance and safety certification. Because the test probes are programmable through the use of internal test programs, they may also be used for other purposes, e.g. as so-called watchdogs. In an electric vehicle, programmable test probes can easily be used to test e.g. Tachographs, driver information systems and automatic emergency call systems.

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Tests Of Electronic Circuits (AREA)

Abstract

L'invention concerne un procédé de test informatisé d'un système technique, dans lequel des fenêtres temporelles prédéterminées de façon cyclique sont réservées sur la base d'une horloge prescrite, lesquelles fenêtres sont exclusivement utilisées pour tester le système technique, et dans lequel une sonde de test (T) est à chaque fois intégrée dans un ou plusieurs nœuds informatiques (R1, R2, …, SA4) du système technique. Une sonde de test (T) respective permet d'exécuter lors du test du système technique un programme de test interne (ITP) qui est mémorisé dans la sonde de test (T) respective, la sonde de test (T) respective accédant par le biais du programme de test interne (ITP) à une base de données de système (S-DB) qui contient des données sous la forme de données d'état du système technique et qui est mémorise dans le nœud informatique (R1, R2, SA4) dans lequel la sonde de test (T) respective est intégrée.
PCT/EP2015/059816 2014-05-26 2015-05-05 Procédé de test informatisé d'un système technique Ceased WO2015180932A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102014209969.2 2014-05-26
DE102014209969.2A DE102014209969A1 (de) 2014-05-26 2014-05-26 Verfahren zum rechnergestützten Testen eines technischen Systems

Publications (1)

Publication Number Publication Date
WO2015180932A1 true WO2015180932A1 (fr) 2015-12-03

Family

ID=53189021

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2015/059816 Ceased WO2015180932A1 (fr) 2014-05-26 2015-05-05 Procédé de test informatisé d'un système technique

Country Status (2)

Country Link
DE (1) DE102014209969A1 (fr)
WO (1) WO2015180932A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3502875A1 (fr) * 2017-12-22 2019-06-26 Siemens Aktiengesellschaft Mise à niveau sans interruption et sans danger de systèmes logiciels intensifs pendant le fonctionnement

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109582573A (zh) * 2018-11-23 2019-04-05 江西洪都航空工业集团有限责任公司 测试弹载一体化制导机软件版本方法

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5638383A (en) * 1992-07-24 1997-06-10 Trw Inc. Advanced integrated avionics testing system
EP1178321A2 (fr) * 2000-08-03 2002-02-06 Siemens Aktiengesellschaft Procédé d'exploitation d'un composant comportant une partie logique et une partie mémoire

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102006047762B4 (de) * 2006-10-06 2008-10-16 Siemens Ag System zum Testen der Funktion eines Computernetzwerkes

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5638383A (en) * 1992-07-24 1997-06-10 Trw Inc. Advanced integrated avionics testing system
EP1178321A2 (fr) * 2000-08-03 2002-02-06 Siemens Aktiengesellschaft Procédé d'exploitation d'un composant comportant une partie logique et une partie mémoire

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3502875A1 (fr) * 2017-12-22 2019-06-26 Siemens Aktiengesellschaft Mise à niveau sans interruption et sans danger de systèmes logiciels intensifs pendant le fonctionnement
WO2019121516A1 (fr) * 2017-12-22 2019-06-27 Siemens Aktiengesellschaft Mise à niveau sans coupure et sécurisée de systèmes à fort usage de logiciels pendant le fonctionnement
CN111480142A (zh) * 2017-12-22 2020-07-31 西门子股份公司 在运行期间对软件密集型系统的无缝和安全升级

Also Published As

Publication number Publication date
DE102014209969A1 (de) 2015-11-26

Similar Documents

Publication Publication Date Title
EP2770389B1 (fr) Procédé de réalisation d'une configuration d'un système de test d'appareils de commande
DE102018113625A1 (de) Fehlerinjektionstestvorrichtung und -verfahren
EP0852759A1 (fr) Procede de conception pour systemes industriels et systemes de construction, et systeme de planification assiste par ordinateur a utiliser dans le cadre dudit procede
EP2987039B1 (fr) Procédé et dispositif de co-simulation de deux systèmes partiels
EP1449083B1 (fr) Procede de debogage d'architectures reconfigurables
WO2014138767A1 (fr) Procédé de traitement d'erreurs dans une unité de commande centrale et unité de commande
EP2685382A1 (fr) Procédé et dispositif de création et de test d'un programme d'appareil de commande
WO2004074955A1 (fr) Dispositif et procede de diagnostic embarque base sur un modele
EP3211533B1 (fr) Architecture de système tolérant aux pannes destinée à commander une installation physique, en particulier une machine ou un véhicule automobile
EP2770434B1 (fr) Procédé de réalisation d'un inventaire des composants matériels rattachés à un système de test d'appareils de commande
WO2012168215A1 (fr) Système de simulation, procédé permettant d'effectuer une simulation, système de guidage et produit de programme informatique
DE102017205832A1 (de) Verfahren zum Parametrieren eines Feldgeräts sowie parametrierbares Feldgerät
EP1703350B1 (fr) Diagnostic d'un système d'automatisation
WO2012168214A1 (fr) Système de simulation, procédé permettant d'effectuer une simulation, système de guidage et produit de programme informatique
EP4314962B1 (fr) Procédé et système de gestion des alarmes dans les installations de production modulaires
WO2015180932A1 (fr) Procédé de test informatisé d'un système technique
DE102011077317A1 (de) Simulationssystem, Verfahren zur Durchführung einer Simulation, Leitsystem und Computerprogrammprodukt
EP2083339A1 (fr) Dispositif et procédé destinés à l'exécution de tests à l'aide de dispositifs de test et d'expérimentation cascadés fonctionnellement
DE69217472T2 (de) Verfahren und Anordnung zur Prüfung der Normanpassung einer Zelle, eine Schaltung zur Übertragungsprotokollverwaltung darstellend
DE102009005399A1 (de) Verfahren und Kommunikationssystem zum Konfigurieren eines einen Logikbaustein enthaltenden Kommunikationsmoduls
EP2648103A2 (fr) Procédé et dispositif d'intégration de systèmes techniques
EP4148514B1 (fr) Système intégré de diagnostic pour stations de sortie de commande à distance basés sur la commande à mémoire programmable (sps)
DE102014002593A1 (de) Dynamisches speicherprogrammierbares Steuergerät
EP3739479B1 (fr) Procédé de dépannage dans la logique de programme d'un système du réseau programmable de portes distribué
DE69631508T2 (de) Sichere Datenübertragung zur Prozessausführung mit dem ARINC 629 Protokoll

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15723179

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15723179

Country of ref document: EP

Kind code of ref document: A1