Home
Patent Search
IMT Blog
REGISTER
|
SIGN IN
United States Patent
6473660
Thibault
October 29, 2002
Title
Process control system and method with automatic fault avoidance
Abstract
A control system incorporates components that automatically switch information sources in response to actual or potential degradation of information generated by them. Thus, a control system has first and second control components that generate first and second "source" signals, respectively, representing substantially identical or related process control variables. A third control component, which normally processes the first source signal, responds to actual or potential degradation of that signal for processing the second source signal in lieu of the first.
Inventors:
Thibault; Richard L.
(Plainville,
MA
)
Assignee:
The Foxboro Company
(Foxboro,
MA
)
Appl. No.:
454053
Filed:
December 3, 1999
Current U.S. Class:
700/79
714/37
700/20
700/21
Current International Class:
G05B 9/03 (20060101)
Field of Search:
700/79,2-3,82,83,19-20,21 709/210,211 714/2,6,11,37
U.S. Patent Documents
3810119
May 1974
Zieve et al.
3825905
July 1974
Allen, Jr.
4096566
June 1978
Borie et al.
4276593
June 1981
Hansen
4302820
November 1981
Struger et al.
4312068
January 1982
Goss et al.
4323966
April 1982
Whiteside et al.
4347563
August 1982
Paredes et al.
4410942
October 1983
Milligan et al.
4423486
December 1983
Berner
4428044
January 1984
Liron
4435762
March 1984
Milligan et al.
4456997
June 1984
Spitza
4466098
August 1984
Southard
4471457
September 1984
Videki, II
4488226
December 1984
Wagner, Jr. et al.
4493027
January 1985
Katz et al.
4609995
September 1986
Hasebe
4615001
September 1986
Hudgins, Jr.
4628437
December 1986
Poschmann et al.
4641276
February 1987
Dunki-Jacobs
4648064
March 1987
Morley
4649479
March 1987
Advani et al.
4663704
May 1987
Jones et al.
4672530
June 1987
Schuss
4675812
June 1987
Capowski et al.
4682304
July 1987
Tierney
4683530
July 1987
Quatse
4692859
September 1987
Ott
4692918
September 1987
Elliott et al.
4703421
October 1987
Abrant et al.
4709325
November 1987
Yajima
4719593
January 1988
Threewitt et al.
4727477
February 1988
Gavril
4733366
March 1988
Deyesso et al.
4742349
May 1988
Miesterfeld et al.
4750109
June 1988
Kita
4790762
December 1988
Harms et al.
4805107
February 1989
Kieckhafer et al.
4816996
March 1989
Hill et al.
4817094
March 1989
Lebizay et al.
4872106
October 1989
Slater
4897777
January 1990
Janke et al.
4910658
March 1990
Dudash et al.
4910691
March 1990
Skeirik
4918690
April 1990
Markkula, Jr. et al.
4958277
September 1990
Hill et al.
4959774
September 1990
Davis
4965717
October 1990
Cutts, Jr. et al.
4965742
October 1990
Skeirik
4965880
October 1990
Petitjean
4991170
February 1991
Kem
5008805
April 1991
Fiebig et al.
5050165
September 1991
Yoshioka et al.
5068778
November 1991
Kosem et al.
5122948
June 1992
Zapolin
5129087
July 1992
Will
5131092
July 1992
Sackmann et al.
5134574
July 1992
Beaverstock et al.
5136704
August 1992
Danielsen et al.
5138708
August 1992
Vosbury
5146589
September 1992
Peet, Jr. et al.
5151978
September 1992
Bronikowski et al.
5151981
September 1992
Westcott et al.
5159673
October 1992
Sackmann et al.
5162986
November 1992
Graber et al.
5163055
November 1992
Lee et al.
5166685
November 1992
Campbell, Jr. et al.
5168276
December 1992
Huston et al.
5175829
December 1992
Stumpf et al.
5193175
March 1993
Cutts, Jr. et al.
5212784
May 1993
Sparks
5233615
August 1993
Goetz
5245704
September 1993
Weber et al.
5255367
October 1993
Bruckert et al.
5258999
November 1993
Wernimont et al.
5271013
December 1993
Gleeson
5283729
February 1994
Lloyd
5289365
February 1994
Caldwell et al.
5295258
March 1994
Jewett et al.
5297143
March 1994
Fridrich et al.
5302952
April 1994
Campbell, Jr. et al.
5303227
April 1994
Herold et al.
5303375
April 1994
Collins et al.
5303392
April 1994
Carney et al.
5307372
April 1994
Sawyer et al.
5307463
April 1994
Hyatt et al.
5317726
May 1994
Horst
5335221
August 1994
Snowbarger et al.
5347181
September 1994
Ashby et al.
5349343
September 1994
Oliver
5352033
October 1994
Gresham et al.
5359721
October 1994
Kempf et al.
5381529
January 1995
Matsushima
5390321
February 1995
Proesel
5398331
March 1995
Huang et al.
5400140
March 1995
Johnston
5410717
April 1995
Floro
5428769
June 1995
Glaser et al.
5428781
June 1995
Duault et al.
5434997
July 1995
Laundry et al.
5444851
August 1995
Woest
5450403
September 1995
Ichii et al.
5450425
September 1995
Gunn et al.
5450764
September 1995
Johnston
5451939
September 1995
Price
5457797
October 1995
Butterworth et al.
5459839
October 1995
Swarts et al.
5463735
October 1995
Pascucci et al.
5469570
November 1995
Shibata
5475856
December 1995
Kogge
5481741
January 1996
McKaskle et al.
5483660
January 1996
Yishay et al.
5485620
January 1996
Sadre et al.
5490276
February 1996
Doli, Jr. et al.
5491625
February 1996
Pressnall et al.
5504902
April 1996
McGrath et al.
5509811
April 1996
Homic
5513095
April 1996
Pajonk
5513192
April 1996
Janku et al.
5513354
April 1996
Dwork et al.
5517655
May 1996
Collins et al.
5519701
May 1996
Colmant et al.
5522044
May 1996
Pascucci et al.
5530643
June 1996
Hodorowski
5539909
July 1996
Tanaka et al.
5544008
August 1996
Dimmick et al.
5550980
August 1996
Pascucci et al.
5551047
August 1996
Mori et al.
5555213
September 1996
DeLong
5555437
September 1996
Packer
5555510
September 1996
Verseput et al.
5559963
September 1996
Gregg et al.
5568378
October 1996
Wojsznis
5570300
October 1996
Henry et al.
5572673
November 1996
Shurts
5576946
November 1996
Bender et al.
5579220
November 1996
Barthel et al.
5579487
November 1996
Meyerson et al.
5581760
December 1996
Atkinson et al.
5586112
December 1996
Tabata
5586156
December 1996
Gaubatz
5586329
December 1996
Knudsen et al.
5586330
December 1996
Knudsen et al.
5587899
December 1996
Ho et al.
5594899
January 1997
Knudsen et al.
5596331
January 1997
Bonaffini et al.
5596752
January 1997
Knudsen et al.
5598536
January 1997
Slaughter, III et al.
5600845
February 1997
Gilson
5604871
February 1997
Pecone
5611057
March 1997
Pecone et al.
5613148
March 1997
Bezviner et al.
5617540
April 1997
Civanlar et al.
5627979
May 1997
Chang et al.
5629949
May 1997
Zook
5630056
May 1997
Horvath et al.
5630152
May 1997
DeLuca et al.
5642511
June 1997
Chow et al.
5649121
July 1997
Budman et al.
5655092
August 1997
Ojala
5659680
August 1997
Cunningham et al.
5664101
September 1997
Picache
5664168
September 1997
Yishay et al.
5671374
September 1997
Postman et al.
5676141
October 1997
Hollub
5680404
October 1997
Gray
5680409
October 1997
Qin et al.
5682476
October 1997
Tapperson et al.
5687316
November 1997
Graziano et al.
5701414
December 1997
Cheng et al.
5708779
January 1998
Graziano et al.
5715178
February 1998
Scarola et al.
5719761
February 1998
Gatti et al.
5726912
March 1998
Krall, Jr. et al.
5727128
March 1998
Morrison
5732218
March 1998
Bland et al.
5737529
April 1998
Dolin, Jr. et al.
5742762
April 1998
Scholl et al.
5748467
May 1998
Qin et al.
5751574
May 1998
Loebig
5752007
May 1998
Morrison
5752008
May 1998
Bowling
5752246
May 1998
Rogers et al.
5754772
May 1998
Leaf
5758073
May 1998
Liang et al.
5758075
May 1998
Graziano et al.
5761518
June 1998
Boehling et al.
5764906
June 1998
Edelstein et al.
5768119
June 1998
Havekost et al.
5768510
June 1998
Gish
5774378
June 1998
Yang
5774670
June 1998
Montulli
5777874
July 1998
Flood et al.
5787272
July 1998
Gupta et al.
5790791
August 1998
Chong et al.
5793963
August 1998
Tapperson et al.
5796602
August 1998
Wellan et al.
5797038
August 1998
Crawford et al.
5801770
September 1998
Paff et al.
5801942
September 1998
Nixon et al.
5805442
September 1998
Crater et al.
5805922
September 1998
Sim et al.
5822220
October 1998
Baines
5828851
October 1998
Nixon et al.
5831669
November 1998
Adrain
5832418
November 1998
Meyer
5838920
November 1998
Rosborough
5841360
November 1998
Binder
5841963
November 1998
Nakamikawa et al.
5844601
December 1998
McPheely et al.
5847957
December 1998
Cohen et al.
5854944
December 1998
Catherwood et al.
5862052
January 1999
Nixon et al.
5864773
January 1999
Barna et al.
5867704
February 1999
Tanaka
5872992
February 1999
Tietjen et al.
5873089
February 1999
Regache
5874990
February 1999
Kato
5880775
March 1999
Ross
5909586
June 1999
Anderson
5930768
July 1999
Hooban
5938775
August 1999
Damani et al.
5956487
September 1999
Venkatraman et al.
5975737
November 1999
Crater et al.
5980078
November 1999
Krivoshein et al.
5980090
November 1999
Royal, Jr. et al.
5982362
November 1999
Crater et al.
5994998
November 1999
Fisher et al.
6014591
January 2000
Ikeda
6014612
January 2000
Larson et al.
6026352
February 2000
Burns et al.
6035264
March 2000
Donaldson et al.
6047222
April 2000
Burns et al.
6049578
April 2000
Senechal et al.
6049775
April 2000
Gertner et al.
6055633
April 2000
Schrier et al.
6061603
September 2000
Papadopoulos et al.
6070250
May 2000
Yeager et al.
6078320
June 2000
Dove et al.
6094600
July 2000
Sharpe, Jr. et al.
6115468
September 2000
De Nicolo
6139177
October 2000
Venkatraman et al.
6140911
October 2000
Fisher et al.
6151625
November 2000
Swales et al.
6176421
January 2001
Royal, Jr. et al.
6201996
March 2001
Crater et al.
6218930
April 2001
Katzenberg et al.
6298454
October 2001
Schleiss et al.
6356857
March 2002
Qin et al.
Foreign Patent Documents
WO 96/12993
Feb., 1996
WO
WO 96/12993
May., 1996
WO
WO 96/23377
Aug., 1996
WO
WO 96/31047
Mar., 1996
WO
WO 97/07486
Feb., 1997
WO
WO 98/20649
May., 1998
WO
WO 98/36518
Aug., 1998
WO
WO 98/54843
Dec., 1998
WO
Other References
"Agenda," ISA/SP50--1988-180, ISA Draft. .
Capetta, L., et al. "From Current Actuators and Transmitters Towards Intelligent Actuation and Measurement: PRIAM Approach," BIAS 93. .
Editing Committee Draft Application Layer, Version 8, May 1991. .
Editing Committee Draft Application Layer, Version 12, Oct. 1991. .
Esprit Project 6188, "PRIAM Dictionary: Major Terms and Definitions Used in the PRIAM Project," Prenormative Requirements for Intelligent Actuation and Measurement, May 1995. .
Fieldbus Standard for Use in Industrial Control Systems. Part 2: Physical Layer Specification and Service Definition. (1992) ANSI/ISA-S50.02. .
Furness, Harry. "Fieldbus: The Differences Start From the Bottom Up," Control Engineering (Mar. 1994), pp. 75-77. .
Holding, David and Wood, Graham. "Communications in microprocessor industrial implementation," Microprocessors and Microsystemsvol. 3 No. 10 (Dec. 1979), pp. 443-451. .
Johnson, Dick. "Pressure Sensing Advances: Are They in Your Process' Future?" Control Engineering (Apr. 1995), pp. 67-72. .
Lenhart, Gerald W. "Fieldbus-Based Local Control Networks," INTECH (Aug. 1994), pp. 31-34. .
Meeting Minutes, SP50, International Electrotechnical Commission, Technical Committee No. 65: Industrial-Process Measurement and Control, Sub-Committee 65C: Digital Data Communications for Measurement and Control and Working Group 6: Field Bus Standard for Use in Industrial Control Systems, Feb. 28-Mar. 4, 1988, Scottsdale, AZ. .
Meeting Minutes, Windows Working Group of Application Subcommittee, Mar. 1-3, 1989, New Orleans, LA. .
Meeting Minutes, Ad Hoc Function Block Meeting, Jun. 14, 1990 Chapel Hill, NC. .
Meeting Minutes, Process Control Working Group of SP50. 4, Jan. 21-23, 1991, Atlanta, GA. .
Mirabella, Orazio. "A Short Presentation of IEC Fieldbus Application Layer," Informatics and Communication Institute, Engineering Faculty, University of Catania, Italy. .
"NCR Fieldbus Slave Controller Advance Information," ISA-SP50-1988-161, ISA Draft. .
NOAH: Network Oriented Application Harmonisation based on General Purpose Field Communication System. Project description rev. 1.0, Oct. 25, 1995, P-NET, PROFIBUS, WorldFIP. .
Nobuhiko, Tsuji, et al. "An Advanced Optical Fieldbus Instrumentation System Using 16 x 16 Reflection Type Optical Star Coupler and Low Powered Transmitter," pp. 755-764. .
Output to Valve, Revision No. 1.4, Jan. 18, 1991, (Draft Document), Instrument Society of America. .
Owen, S., et al. "A modular reconfigurable approach to the creation of flexible manufacturing cells for educational purposes," Fast Reconfiguration of Robotic and Automation Resources (Colloquium) Oct. 20, 1995, The Institution of Electrical Engineers, Digest No. 95/174. .
Pace, Hugh W. "Valve Actuators Ready for Fieldbus," Control Engineer (Oct. 1995), pp. 65-73. .
Pfeifer T. and Fussel B. "Sensorbetriebssystem fur messtechnische Problemstellungen in der Produktionstechnik," Technisches Messen vol. 58 (1991) Nos. 7/8. .
Phinney, Thomas L. "An Analysis of Contending Proposals in ISA SP-50 for an ISA/IEC Field Instrument Bus," ISA (1988) Paper #88-1489. .
Product Specification, I/A Series.RTM. RBATCH II. .
PROWAY-LAN Industrial Data Highway. (Approved Feb. 3, 1986) ISA-S72.01-1985. .
"Radio Field Bus," ISA/SP50--1988-184, ISA Draft. .
Report from IEC SC65 Working Group 6 Function Block, May 1, 1995. .
Schuur, C. "Comments on `Analysis and Suggestions for ISA-SP50` as submitted to the SP50 Committee by Honeywell Inc." (Mar. 11, 1988) ISA-SP50-1988-155, ISA Draft. .
Schuur, Chris and Warrior, Jay. "Philips Token Passing Field Bus Controller Timed Token Mode," ISA/SP50--1988-186, ISA Draft. .
"SDRD Using 1553B Data Link Services," ISA/SP50-1988-243 (1988). .
Skabowski, E. L. "Recommendations for Consideration at Oct., 1988 Application Layer Subcommittee Meeting," (Oct. 3, 1986). .
Strothman, Jim and Ham, John, "Alliances, Fieldbus, Windows Stir ISA/94 Anaheim Pot," INTECH (Dec. 1994), pp. 32-35. .
Strothman, Jim and Ham, John. "ISA/95 New Orleans: `Open`, NT winds (not Opal) blow strong," INTECH (Nov. 1995), pp. 45-48. .
Table of Contents, Automation & Technology Department, 1995. .
Table of Contents, Automation & Technology Department, 1993. .
Table of Contents, Industrial Computing Society (no date). .
Table of Contents, Proceedings of the Industrial Computing Conference, vol. 3, Sep. 19-24, 1993, Chicago, IL. Industrial Computing Society. .
[Table of Contents], Proceedings of the 20th International Conference on Industrial Electronics Control and Instrumentation, vols. 1-3, Sep. 5-9, 1994, Bologna, Italy. .
[Table of Contents], Proceedings of the 7th Mediterranean Electrotechnical Conference, vol. 1, Apr. 12-14, 1994, Antalya, Turkey. .
Table of Contents, ISA/88, Houston, MA, (no date). .
Table of Contents, ISA/89, (no date). .
Tobin, David. "Southeast Paper Installs Largest Foxboro Distributed Control System." .
"User Layer Structure," SP-50 Technical Report (Jul. 25, 1990). .
"User Layer Technical Report," ISA/SP50--1990-389C, ISA Draft. .
Weinert, A., et al. "RT/OS--realtime programming and application environment for the COSY control system," Nuclear Instruments and Methods in Physics Research A vol. 352 (1994), pp. 277-279. .
WG1 List of Criteria (Appendix 1), (Oct. 21, 1988) ISA/SP50-1988-242, ISA Draft. .
Wood, G. G. "The Argus CONSUL System for On-Line Computer Control," Electrical Engineering Transactions (Mar. 1969), pp. 114-118. .
Wood, G. G. "Current Fieldbus activities," computer communications vol. 11 (Jun. 1988) No. 3, pp. 118-123. .
Wood, Graeme G. "Data Transmission, Processing and Presentation," pp. 46-54. .
Wood, G. G. "Evolution of communication standards for the process industry," Measurement+ Control vol. 19 (Jul./Aug. 1986), pp. 183-188. .
Wood, Graeme. Fieldbus Status 1995, Computing & Control Engineering Journal (Dec. 1995), pp. 251-253. .
Wood, Graeme, G. "Standardisation Work for Communication Among Distributed Industrial Computer Control Systems--A Status Report," INRIA (1984), pp. 67-69. .
Wood, G. G. "Towards digital information control," Measurement+ Control vol. 21 (Jul./Aug. 1988), pp. 179-180. .
Stapleton, N. "802.3 Working Group DTE Power via MDI Call for interest," 3Com Jul. 1999. .
Berge, Jonas. "Using Ethernet is a no-brainer," In Tech: The International Journal for Measurement and Control Jul. 2000, pp. 36-39. .
"Tour an actual TribeLink via WebManage," web page print-out from http://www.tribe.com/products/webmanage/quick.sub.13 view.htm. (1 page). .
"Tribe Launches Innovative Remote Management Solution; New WebManage Technology Provides Network Management Via the World Wide Web," web page print-out (Jul. 12, 1999) from http://www.tribe.com/products/webmanage/wm_pr. (1 page). .
"TribeRoute," web page print-out (Jul. 12, 1999) from http://www.tribe.com/products/tr/index. (3 pages). .
"TribeStar," web page print-out from http://www.tribe.com/products/tribestar/index.htm (3 pages). .
"CMU SCS Coke Machine: Current Status," web page print-out (Feb. 12, 1999) from http://www.cs.cmu.edu/.about.coke/ (1 page). .
"The Switzerland coke Machine Credits," web page print-out (Feb. 12, 1999) from http://www-swiss.ai.mit.edu/htbin/coke/ (1 page). .
"Peter Beebee's Home Page," web page print-out (Feb. 12, 1999) from http://www-swiss.ai.mit.edu/htbin/ptbbgate/jwz/?fetch+personal%2Fmain. text.html (2 pages). .
"bsy's List of Internet Accessible Coke Machines," web page print-out (Feb. 12, 1999) from http://www-cse.ucsd.edu/users/bsy/coke.html (1 page). .
"I/A Series Model 51 FoxRemote II Installation and Configuration Guide," Apr. 8, 1998 (Preliminary), pp. i-iv, 1-2. .
"New State-Logic Microcontroller," News Release, Control Technology Corp., Jun. 1, 1996, (DialogWeb search result). .
"New at IPC/92! Ethernet link provides Global PLC Registers" New Release, Control Technology (US), Nov. 20, 1992, (DialogWeb search result). .
"New at IPC/92! High-Capacity Integrated Motion Controller," News Release, Control Technology (US) Nov. 20, 1992 (DialogWeb search result). .
"Dual-Axis Servo Module for Small Controller," News Release, Control Technology (US), Sep. 11, 1990, (DialogWeb search result). .
"Innovative Small Controller Family offers Full Integration," News Release, Control Technology, Aug. 17, 1989, (DialogWeb search result). .
AC I/O Modules Available for Low-Cost Automation Controller, News Release, Control Technology Corporation, Jun. 28, 1989, (DialogWeb search result). .
"New Small Automation Controller features Precision Analog I/O Modules, " News Release, Control Technology (US), May 30, 1989, (DialogWeb search result). .
"Inexpensive Automation Controller features Message Display Capability," News Release, Control Technology (US), May 19, 1989, (DialogWeb search result). .
"Small Multi-Tasking Controller for Cost-sensitive Applications," News Release, Control Technology US, Nov. 8, 1988, (DialogWeb search result). .
"CAD/CAM Software creates Automation `Programming Environment`," News Release, Control Technology (US), Oct. 3, 1988, (DialogWeb search result). .
"Automation Programming Environment runs On IBM (R)--PC," News Release, Control Technology (US), Mar. 29, 1988, (DialogWeb search result). .
"Low-Cost Automation Controller features Motion Control, Communications," News Release, Control Technology (US), Mar. 7, 1988, (DialogWeb search result). .
"System Provides Stepping Motor Control in Workcell Environment," News Release, Control Technology Corp., Dec. 5, 1986, (DialogWeb search result). .
"Multi-Tasking Controller provides High-level Instructions for Motion Control, Sequencing," News Release, Control Technology Corporation, Aug. 22, 1986, (DialogWeb search result). .
"Operator's Console creates `Friendly` Machines," News Release, Control Technology (US), May 19, 1986, (DialogWeb search result). .
"Automation Controller features fast 80186 Processor, Integrated Software," News Release, Control Technology (US), Apr. 22, 1986, (DialogWeb search result). .
"Plug-Compatible Controls and Actuators Speed System Development," News Release, Control Technology (US), Jan. 13, 1986, (DialogWeb search result). .
"Modular Valve Assemblies Connect to Controller with Ribbon Cable," New Product Release, Control Technology (US), Jan. 8, 1986, (DialogWeb search result). .
"Linear Actuators offer Plug-Compatibility with Controller," News Release, Control Technology (US), Nov. 21, 1985, (DialogWeb search result). .
"Compact System combines Motion Control, Machine Control," News Release, Control Technology, May 28, 1985, (DialogWeb search result). .
"Automation Controller accepts Customization," News Release Control Technology, Jul. 12, 1985, (DialogWeb search result). .
"SECS-11 Communication Board Plugs into Automation Controller," News Release, Control Technology, Aug. 26, 1985, (DialogWeb search result). .
"Operator's Console for Automated Machines," News Release, Control Technology, Aug. 15, 1985, (DialogWeb search result). .
"Programmable Controller offers control of Stepping and Servo Motors," News Release, Control Technology, May 31, 1985, (DialogWeb search result). .
Taylor, Ken and Trevelyan, James, "A Telerobot on the World Wide Web," printed from http://telerobot.mech.uwa.edu.au/ROBOT/telerobo.htm (14 pages). .
"On-Line Vending Machine and Catalog Product Icons," IBM TDB, v. 38, n. 4 (Apr. 1995), pp. 113-116. .
Tinham, Brian, "Getting SCADA by web browsner? Supervisory Control and Data Acquisition," Control and Instrumentation, No. 12, vol. 28, Dec. 1996, p. 5. .
"Wizards wheel over SCADA systems; Supervisory Control and Data Acquisition," Control and Instrumentation, No. 12, vol. 28, Dec. 1996, p. 23. .
Fulcher, Jim and Dilger, Karen Abramic, "Soft control, Internet spark ISA/96," Manufacturing Systems, vol. 14, No. 12, Dec. 1996, pp. 40-46. .
"Information technology in manufacturing," Manufacturing Systems, vol. 14, No. 12, Dec. 1996, pp. 54-78. .
"A sensation in supervisory control," Manufacturing Systems (Windows NT in manufacturing Supplement), Oct. 1996, pp. 12A-24A. .
Demetratekes, Pam. "Go with the info flow; state-of-the-art automation in the food industry; includes related article on computer software for food processors," Food Processing, vol. 57, No. 7, Jul. 1996, p. 47. .
"New Products Provide Interactive Graphics Over Web Using Netscape Plug-Ins and Java," PR Newswire, May 20, 1996. .
"Integrated Systems; Industry's top embedded operating software supports Java," M2 Presswire, Mar. 4, 1996. .
"Ergo Tech upgrades ErgoCim; First `plug and play` component software for manufacturing," Business Wire, Feb. 15, 1996. .
"Embedded Systems Conference Addresses the Increasing Complexity of Electronic Systems Design; Technical Program and Exhibits Help Embedded Systems Design Professionals Keep Pace with Rapid Change," PR Newswire, Dec. 27, 1995. .
"Industry's top embedded operating software supports Java; pSOSystem enables Embedded Internet applications and Low-cost Internet appliances," Business Wire, Feb. 1, 1996. .
"Gensym introduces G2 WebMiner for accessing and reasoning about data from the World Wide Web," Business Wire, May 15, 1996. .
"Gensym introduces Internet connectivity for its G2 family of intelligent real-time software," Business Wire, Mar. 18, 1996. .
"Gensym Announces Its Initiative for Leveraging Intelligent Systems with Internet/Intranet Technology," Business Wire, Oct. 7, 1997. .
"At Interop, Will ToasterNet Be on the Hot List?" Data Communications, vol. 19, No. 13, Oct. 1990, p. 214. .
Zeff, Joe. "Maui Sunset in Real Time (Modems not Optional)," The New York Times, Nov. 27, 1995, Section D, col. 2, p. 5. .
Toner, Mike. "Web's view of world far and wide," The Houston Chronicle, Nov. 5, 1995, p. 6. .
"Internet windows to the world," New Media Age, Oct. 26, 1995, p. 4. .
Foster, Kirsten. "surf's up; lights, camera, but no action; Steve is a Tech-Nomad. He wanders the streets with a camera on his head. And he wants you to join him," The Independent (London), Aug. 13, 1995, p. 10. .
Henry, Jim, Ph.D., P.E. "Implementation of Practical Control Systems: Problems and Solutions," web page print-out from http://chem.engr.utc.edu/Documents/MACSCITECH/MACSCITECHpaper1.html (22 pages). .
"Jim Henry's 1996 ASEE Paper," web page print-out from http://chem.engr.utc.edu/Documents/ASEE-96-full.html (5 pages). .
Henry, Jim, Ph.D., P.E. "LabVIEW Applications in Engineering Labs: Controls, Chemical, Environmental," ASEE Conference, Anaheim, CA, Jun. 25-28, 1995, web page print-out from http://chem.engr.utc.edu/Documents/ASEE-95-full.html (22 pages). .
"Breaking News for Invensys Software Systems Employees; iBaan and FactorySuite 2000 Integration Announced," internal e-mail dated Mar. 23, 2001. .
Gertz, Matthew, et al. "A Human-Machine Interface for Distributed Virtual Laboratories," IEEE Robotics & Automation Magazine 1 (Dec. 1994), No. 4 (New York) pp. 5-13. .
Soreide, N. N., et al. "Mosaic access to real-time data from the TOGA-TAO array of moored buoys," Computer Networks and ISDN Systems 28 (1995), pp. 189-197. .
Goldstein, Ira and Hardin, Joseph. "Guest editorial," Computer Networks and ISDN Systems 28 (1995) p. 1. .
Slater, A. F. "Controlled by the Web," Computer Networks and ISDN Systems 27 (1994) pp. 289-295. .
Goldberg, Ken, et al. "Beyond the Web: manipulating the real world," Computer Networks and ISDN Systems 28 (1995) pp. 209-219. .
Goldstein, Ira and Hardin, Joseph, "Guest editorial," Computer Networks and ISDN Systems 28 (1995) p. 1. .
Goldberg, Ken, et al. "Desktop Teleoperation via the World Wide Web," IEEE International Conference on Robotics and Automation, pp. 654-659..~
Primary Examiner:
Black; Thomas
Assistant Examiner:
Hartman, Jr.; Ronald D
Attorney, Agent or Firm:
Powsner; David J. Nutter McClellen & Fish LLP
Claims
In view of the foregoing, what is claimed is:
1. A control system comprising a first set comprising plural control components, each control component generating a source signal representative of control variable, an identifier signal identifying that control variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, a second set comprising at least one control component that processes a selected source signal and that responds to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the first and second sets have any of zero, one or more control components in common.
2. A control system according to claim 1, wherein at least the control component that generates the selected source signal is self-validating.
3. A control system according to claim 2, wherein the self-validating control component generates the confidence signal to be representative of any of a status of a value represented by the corresponding source signal and a status of the control component.
4. A control system according to claim 1, comprising one or more registries that are coupled to the control components in the first and second sets for storing the identifier signals.
5. A control system according to claim 4, comprising a plurality of distributed registries.
6. A control system according to claim 1, wherein the control components of the first and second sets are coupled by any of a bus, a network and other communications media.
7. A control system according to claim 6, wherein the control components of the first and second sets are coupled by communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
8. A control system comprising a first set comprising plural control components, each control component generating a source signal representative of control variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, one or more registries that store identifier signals, each identifying a control variable and any of a control signal or control component corresponding thereto, a second set comprising at least one control component that processes a selected source signal and that responds to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the first and second sets have any of zero, one or more control components in common, wherein the registries, the control components of the first set and the control components of the second set are coupled by communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
9. A process control system comprising a first set comprising plural process control components, each process control component generating a source signal representative of process variable, an identifier signal identifying that process variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, a second set comprising at least one process control component that processes a selected source signal and that responds to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the first and second sets have any of zero, one or more process control components in common.
10. A process control system according to claim 9, wherein at least the process control component that generates the selected source signal is a self-validating process control component.
11. A process control system according to claim 10, wherein the self-validating process control component generates the confidence signal to be representative of any of a status of a value represented by the corresponding source signal and a status of the process control component.
12. A process control system according to claim 9, comprising one or more registries that are coupled to the process control components in the first and second sets for storing the identifier signals.
13. A process control system according to claim 12, wherein the registries are distributed.
14. A process control system according to claim 9, wherein the process control components of the first and second sets are coupled by any of a bus, a network and other communications media.
15. A process control system according to claim 14, wherein the process control components of the first and second sets are coupled by communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
16. A process control system comprising a first set comprising plural process control components, each process control component generating a source signal representative of process variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, one or more registries that store identifier signals, each identifying a process variable and any of a control signal or process control component corresponding thereto, a second set comprising at least one process control component that processes a selected source signal and that responds to any of actual and potential degradation of that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the first and second sets have any of zero, one or more process control components in common, wherein the registries, the process control components of the first set and the process control components of the second set are coupled by communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
17. A method of operating a control system, comprising generating, with each control component in a first set of plural control components, a source signal representative of a control variable and confidence signals indicative of any of actual and potential degradation of that source signal, storing, in one or more registries, one or more identifier signals that identify control variables and any of control signals and control component corresponding thereto, with a control component of a second set that comprises at least one control component, processing a selected source signal and responding to any of actual and potential degradation that selected source signal by (i) identifying from the identifier signals in the registries an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the first and second sets have any of zero, one or more control components in common, transferring information among any of the registries and the control components via a communications medium operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
18. A method of operating a process control system, comprising generating, with each process control component in a first set of plural process control components, a source signal representative of process variable, an identifier signal identifying that process variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, with a process control component in a second set comprising at least one process control component, processing a selected source signal and responding to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the first and second sets have any of zero, one or more process control components in common.
19. A method according to claim 18, wherein at least the process control component that generates the selected source signal is a self-validating process control component.
20. A method according to claim 19, comprising generating, with the self-validating process control component, the confidence signal to be representative of any of a status of a value represented by the corresponding source signal and a status of the self-validating process control component.
21. A method according to claim 18, comprising storing the identifier signals in one or more registries.
22. A method according to claim 21, wherein the registries are distributed about the process control system.
23. A method according to claim 18, comprising transferring information among any of the process control components via any of a bus, a network and other communications media.
24. A method according to claim 23, comprising transferring information among any of the process control components via communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
25. A method of operating a process control system comprising generating, with each process control component in a first set of plural process control components, a source signal representative of process variable and a confidence signal indicative of any of actual and potential degradation of that source signal, storing identifier signals in one or more registries, each identifying a process variable and any of a control signal or process control component corresponding thereto, with a process control component in second set comprising at least one process control component, processing a selected source signal and responding to any of actual and potential degradation of that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, transferring information among any of the registries and the control components via a communications medium operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard, wherein the first and second sets have any of zero, one or more process control components in common.
26. A control system comprising a first control component generating a first source signal, a third control component that is in at least selective communication with the first control component, the third control component processing the first source signal and responding to any of actual and potential degradation of that signal by selectively processing a second source signal, generated by a second control component, in lieu of the first source signal, such selective processing being in response to an identifier signal identifying the second source signal as representative of a control variable that is any of substantially identical to and related to a control variable represented by the first source signal.
27. A control system according to claim 26, wherein the first control component generates a confidence signal indicative of any of actual and potential degradation of the first source signal.
28. A control system according to claim 27, wherein the first control component is self-validating.
29. A control system according to claim 27, wherein the first source signal is a measurement.
30. A control system according to claim 29, wherein the first control component is self-validating sensor.
31. A control system according to claim 27, wherein the second control component generates an identifier signal identifying a control variable represented by the second source signal.
32. A control system according to claim 31, wherein the third control component processes the second source signal in lieu of the first source signal in response to a confidence signal indicative of any of actual and potential degradation of the first control signal and in response to an identifier signal identifying the second source signal as representative of a control variable that is any of substantially identical to and related to a control variable represented by the first source signal.
33. A control system according to claim 31, comprising a registry that stores the identifier signal.
34. A control system according to claim 33, wherein the third control component obtains the identifier signal from the registry.
35. A process control system comprising a first process control component generating a first source signal, a third process control component that is in at least selective communication with the first process control component, the third process control component processing the first source signal and responding to any of actual and potential degradation of that signal by selectively processing a second source signal, generated by a second process control component, in lieu of the first source signal, such selective processing being in response to an identifier signal identifying the second source signal as representative of a control variable that is any of substantially identical to and related to a control variable represented by the first source signal.
36. A process control system according to claim 35, wherein the first process control component generates a confidence signal indicative of any of actual and potential degradation of the first source signal.
37. A process control system according to claim 36, wherein the first process control component is self-validating.
38. A process control system according to claim 36, wherein the first source signal is a measurement.
39. A process control system according to claim 38, wherein the first process control component is self-validating sensor.
40. A process control system according to claim 36, wherein the second process control component generates an identifier signal identifying the process variable represented by the second source signal.
41. A process control system according to claim 40, wherein the third process control component processes the second source signal in lieu of the first source signal in response to a confidence signal indicative of any of actual and potential degradation of the first control signal and in response to an identifier signal identifying the second source signal as representing a process variable that is any of substantially identical or related to the process variable represented by the first control signal.
42. A process control system according to claim 40, comprising a registry that stores the identifier signal.
43. A process control system according to claim 42, wherein the third process control component obtains the identifier signal from the registry.
44. A process control system comprising a first field device generating a first source signal, a process control component in communication with the first field device, the process control component processing the first source signal and responding to any of actual and potential degradation of that signal by selectively processing a second source signal, generated by a second process control component, in lieu of the first source signal, such selective processing being in response to an identifier signal identifying the second source signal as representative of a control variable that is any of substantially identical to and related to a control variable represented by the first source signal.
45. A process control system according to claim 44, wherein the process control component is a controller.
46. A process control system according to claim 44, wherein the process control component is coupled with any of the first field device and the second field device by any of a bus, a network and other communications media.
47. A process control system according to claim 46, wherein process control component is coupled with any of the first field device and the second field device by communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
48. A process control system according to claim 44, wherein the first source signal and the second source signal represent a characteristic of a same process element and a same process control component.
49. A process control system according to claim 48, wherein the first source signal and the second source signal represent related characteristics of any of a same process element and a same process control component.
50. A process control system according to claim 49, wherein the first field device generates a confidence signal indicative of any of actual and potential degradation of the first source signal.
51. A process control system according to claim 50, wherein the first field device is self-validating.
52. A process control system according to claim 50, wherein the first source signal is a measurement.
53. A process control system according to claim 52, wherein the first field device is self-validating sensor.
54. A process control system according to claim 50, wherein the second field device generates an identifier signal identifying the process variable represented by the second source signal.
55. A process control system according to claim 54, wherein the process control component processes the second source signal in lieu of the first source signal in response to a confidence signal indicative of any of actual and potential degradation of the first control signal and in response to an identifier signal identifying the second source signal as representing a process variable that is any of substantially identical or related to the process variable represented by the first control signal.
56. A process control system according to claim 54, comprising a registry that stores the identifier signal.
57. A process control system according to claim 56, wherein the process control component obtains the identifier signal from the registry.
58. A method of operating a control system, comprising the steps of generating, with a first control component, a first source signal, with a third control component processing the first source signal and responding to any of actual and potential degradation of that signal by selectively processing a second source signal in lieu of the first source signal, such selective processing being in response to an identifier signal identifying the second source signal as representative of a control variable that is any of substantially identical to and related to a control variable represented by the first source signal.
59. A method of operating a control system according to claim 58, comprising the step of generating, with the first control component, a confidence signal indicative of any of actual and potential degradation of the first source signal.
60. A method of operating a control system according to claim 59, wherein the first control component is self-validating.
61. A method of operating a control system according to claim 59, comprising the step of generating the first source signal as a measurement.
62. A method of operating a control system according to claim 61, wherein the first control component is self-validating sensor.
63. A method of operating a control system according to claim 59, comprising the step of generating, with the second control component, an identifier signal identifying the control variable represented by the second source signal.
64. A method of operating a control system according to claim 63, comprising the step of responding to a confidence signal indicative of any of actual and potential degradation of the first control signal and to an identifier signal identifying the control variable represented by the second source signal as any of substantially identical and related to the control variable represented by the first source signal, by processing, with the third control component, the second source signal in lieu of the first source signal.
65. A method of operating a control system according to claim 63, comprising the step of storing the identifier signal in a registry.
66. A method of operating a control system according to claim 65, comprising the step of using the third control component to obtain the identifier signal from the registry.
67. A method of operating a process control system, comprising the steps of generating, with a first process control component, a first source signal, with a third process control component, processing the first source signal and responding to any of actual and potential degradation of that signal by selectively processing a second source signal in lieu of the first source signal, such selective processing being in response to an identifier signal identifying the second source signal as representative of a control variable that is any of substantially identical to and related to a control variable represented by the first source signal.
68. A method of operating a process control system according to claim 67, comprising the step of generating, with the first process control component, a confidence signal indicative of any of actual and potential degradation the first source signal.
69. A method of operating a process control system according to claim 68, wherein the first process control component is self-validating.
70. A method of operating a process control system according to claim 68, comprising the step of generating the first source signal as a measurement.
71. A method of operating a process control system according to claim 70, wherein the first process control component is self-validating sensor.
72. A method of operating a process control system according to claim 68, comprising the step of generating, with the second process control component, an identifier signal identifying the process variable represented by the second source signal.
73. A method of operating a process control system according to claim 72, wherein the third process control component processes the second source signal in lieu of the first source signal in response to a confidence signal indicative of any of actual and potential degradation the first control signal and to an identifier signal identifying the second source signal as representing a process variable that is any of substantially identical and related to the process variable represented by the first source signal.
74. A method of operating a process control system according to claim 72, comprising the step of storing the identifier signal in a registry.
75. A method of operating a process control system according to claim 74, wherein the third process control component obtains the identifier signal from the registry.
76. A method of operating a process control system comprising generating, with a first field device, a first source signal, with a process control component, processing the first source signal and responding to any of actual and potential degradation of that signal by selectively processing a second source signal in lieu of the first source signal, such selective processing being in response to an identifier signal identifying the second source signal as representative of a control variable that is any of substantially identical to and related to a control variable represented by the first source signal.
77. A method of operating a process control system according to claim 76, wherein the process control component is a controller.
78. A method of operating a process control system according to claim 76, comprising communicating between the process control component and any of the first field device and the second field device by way of any of a bus, a network and other communications media.
79. A method of operating a process control system according to claim 78, comprising communicating between the process control component and any of the first field device and the second field device by communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
80. A method of operating a process control system according to claim 76, wherein the first and second source signals represent like characteristics of any of a same process element and a same process control component.
81. A method of operating a process control system according to claim 80, wherein the first and second control signals represent related characteristic of any of a same process element and a same process control component.
82. A method of operating a process control system according to claim 81, comprising generating with the first field device a confidence signal indicative of any of actual and potential degradation the first source signal.
83. A method of operating a process control system according to claim 82, wherein the first field device is self-validating.
84. A method of operating a process control system according to claim 82, comprising the step of generating the first source signal as a measurement.
85. A method of operating a process control system according to claim 84, wherein the first field device is self-validating sensor.
86. A method of operating a process control system according to claim 82, comprising generating with the second field device an identifier signal identifying the process variable represented by the second source signal.
87. A method of operating a process control system according to claim 86, comprising responding to a confidence signal indicative of any of actual and potential degradation the first control signal and to an identifier signal identifying the second source signal as representing a control variable that is any of substantially identical to and related to the control variable represented by the first source signal, by processing, with the process control component, the second source signal in lieu of the first source signal.
88. A method of operating a process control system according to claim 86, comprising the step of storing the identifier signal in a registry.
89. A method of operating a process control system according to claim 88, comprising the step of using the process control component to obtain the identifier signal from the registry.
90. A control system comprising a plurality of field devices, each generating a source signal representative of a control variable, an identifier signal identifying that control variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, at least one block that processes a selected source signal and that responds to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the field devices and blocks are coupled by any of a bus, a network and other communications media.
91. A control system according to claim 90, wherein the block executes within a field device.
92. A control system according to claim 90, wherein the field devices comprise any of a flow sensor, pressure sensor, temperature sensor, level sensor, valve, recorder, positioner, other sensor, and other actuator.
93. A control system according to claim 90, wherein at least one field device is self-validating.
94. A control system according to claim 93, wherein the self-validating field device generates the confidence signal to be representative of any of a status of a value represented by the corresponding source signal and a status of that self-validating field device.
95. A control system according to claim 90, comprising one or more registries that store the identifier signals.
96. A control system according to claim 95, comprising a plurality of distributed registries.
97. A control system according to claim 90, wherein the communications media is operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
98. A process control system comprising a plurality of field devices, each generating a source signal representative of a control variable, an identifier signal identifying that control variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, wherein the field devices comprise any of flow sensors, pressure sensors, temperature sensors, level sensors, valves, recorders, positioners, other sensors and other actuators, one or more registries that store the identifier signals, at least one process control block that processes a selected source signal and that responds to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the field devices, registries and control blocks are coupled by a network comprising one or more buses operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
99. A process control system according to claim 98, wherein any of a process control block and a registry are resident within a field device.
100. A process control system according to claim 98, wherein at least one field device is self-validating.
101. A process control system according to claim 98, wherein the self-validating field device generates the confidence signal to be representative of any of a status of a value represented by the corresponding source signal and a status of that self-validating field device.
102. A process control system according to claim 101, comprising plural registries that are distributed within the process control system.
103. A method of operating a control system comprising generating, with each field device in a set of plural field devices, a source signal representative of a control variable, an identifier signal identifying that control variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, with at least one block, processing a selected source signal and responding to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, wherein the field devices and blocks are coupled by any of a bus, a network and other communications media.
104. A method of operating a control system according to claim 103, comprising executing the block within a field device.
105. A method of operating a control system according to claim 103, wherein the field devices comprise any of a flow sensor, pressure sensor, temperature sensor, level sensor, valve, recorder, positioner, other sensor and other actuator.
106. A method of operating a control system according to claim 103, wherein at least one field device is self-validating.
107. A method of operating a control system according to claim 106, comprising generating, with the self-validating field device, the confidence signal to be representative of any of a status of a value represented by the corresponding source signal and a status of that self-validating field device.
108. A method of operating a control system according to claim 103, comprising storing the identifier signals in one or more registries.
109. A method of operating a control system according to claim 103, comprising storing the identifier signal in plural registries that are distributed about the control system.
110. A method of operating a control system according to claim 103, comprising transferring information among the field devices and blocks with a communications media operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
111. A method of operating a process control system comprising generating, with each field device in a set of plural field devices, a source signal representative of a control variable, an identifier signal identifying that control variable, and a confidence signal indicative of any of actual and potential degradation of that source signal, wherein the field devices comprise any of flow sensors, pressure sensors, temperature sensors, level sensors, valves, recorders, positioners, other sensors and other actuators, one or more registries that store the identifier signals, with at least one block, processing a selected source signal and responding to any of actual and potential degradation that source signal by (i) identifying from the identifier signals an alternate source signal, and (ii) processing that alternate source signal in lieu of the selected source signal, transferring information among the field devices, registries and control blocks via a communications medium comprising one or more buses operable in accord with any of a Foundation Fieldbus standard, a Profibus standard, a DeviceNet.TM. standard, an InterBus.TM. standard and a Modbus.RTM. standard.
112. A method of operating a process control system according to claim 111, comprising the step of executing a process control block within a field device.
113. A method of operating a process control system according to claim 111, wherein at least one field device is self-validating.
114. A method of operating a process control system according to claim 111, comprising generating, with the self-validating field device, the confidence signal to be representative of any of a status of a value represented by the corresponding source signal and a status of that self-validating field device.
115. A method of operating a process control system according to claim 114, comprising plural registries that are distributed within the process control system.
Description
BACKGROUND OF THE INVENTION
The invention pertains to control and, more particularly, to methods and apparatus for avoidance of faults in process and other control systems.
The terms "control" and "control systems" refer to the control of a device or system by monitoring one or more of its characteristics. This is used to insure that output, processing, quality and/or efficiency remain within desired parameters over the course of time. In many control systems, digital data processing or other automated apparatus monitor the device or system in question and automatically adjust its operational parameters. In other control systems, such apparatus monitor the device or system and display alarms or other indicia of its characteristics, leaving responsibility for adjustment to the operator.
Control is used in a number of fields. Process control, for example, is typically employed in the manufacturing sector for process, repetitive and discrete manufactures, though, it also has wide application in electric and other service industries. Environmental control finds application in residential, commercial, institutional and industrial settings, where temperature and other environmental factors must be properly maintained. Control is also used in articles of manufacture, from toasters to aircraft, to monitor and control device operation.
Reliability is among the key requirements of any control system. A controlled manufacturing process, for example, that occasionally produces a bad batch is wholly unacceptable for many purposes. Given the expense of manufacturing individual process control components that achieve satisfactory levels of reliability, designers have turned to redundancy. This typically involves using two or more control elements in place of one. The duplicated units can be sensors, actuators, controllers or other components in the control hierarchy.
Thus, for example, U.S. Pat. No. 4,347,563 discloses an industrial control system in which redundant processing units serve as bus masters "of the moment," monitoring status information generated by primary processing units. If a redundant unit detects that a primary has gone faulty while executing an applications program, the redundant unit loads that program and takes over the primary's function. A shortcoming of these and many other prior art redundancy schemes is their imposition of undue computational or hardware overhead. U.S. Pat. No. 4,058,975, for example, has the disadvantage of requiring a computer to continually compare the outputs of multiple temperature sensors monitoring a gas turbine.
Implementing such solutions can be difficult in some situations and impossible in others. The latter may prove true if the control elements or configuration do not support communications or processing necessary to implement the necessary redundancy protocols.
The self-validating sensors described in U.S. Pat. Nos. 5,570,300 and 5,774,378 (assigned to the assignee hereof and the teachings of which are incorporated herein by reference) represent a significant advance in the art. Such sensors provide not only estimates of control variables (e.g., pressure or temperature) being monitored, but also information about the uncertainty and reliability of those estimates. Thus, for example, a sensor can generate a validated measurement signal (VMV) representing a best estimate of a control variable being monitored, a validated uncertainty signal (VU) identifying the uncertainty in VMV, a status signal (MV) indicating the status of VMV (e.g., "clear," "blurred," "dazzled," "blind,"), and a device status signal indicating a status of the sensor itself.
Notwithstanding the advent of self-validating sensors, still more flexible mechanisms for avoiding fault are desired. This is increasingly so as the art shifts to control architectures that permit the "hot" insertion or replacement of control elements.
An object of this invention is to provide improved methods and apparatus for control and, more particularly, improved such methods and apparatus that provide for avoidance of detected faults.
A further object of the invention is to provide such methods and apparatus as facilitate maintaining continuous operation of a process, environmental, industrial or other control system in the face of actual or potential degradation of a sensor or other control element.
A still further object of the invention is to provide such methods and apparatus for use with self-validating control elements and particularly, for example, with self-validating sensors.
SUMMARY OF THE INVENTION
The foregoing are among the objects attained by the invention which provides, in one aspect, a control system with components that respond to actual or potential faults, e.g., in sensors or other field devices, by automatically switching to other sources of desired control or process variables.
Thus, in one aspect, the invention provides a control system with first and second control components that generate first and second "source" signals, respectively, representing substantially identical or related process control variables. A third control component, which normally processes the first source signal, responds to actual or potential degradation of that signal (or the control component that generated it) for processing the second source signal in lieu of the first.
By way of example, a process control system according to this aspect of the invention can have a first sensor that generates a temperature reading of a reactor vessel and a second sensor that generates a pressure reading of that same vessel. A control processor can be arranged to process the reading generated by the first sensor, e.g., as part of a temperature control loop. In response to indications of actual or potential degradation of the first sensor, the control processor can process readings from the second sensor, e.g., in lieu of those from the first.
Further aspects of the invention provide a control system as described above in which the first control component (e.g., the first sensor in the above example) generates a confidence signal indicative of actual or potential degradation of the first sensor. Where the first component is a self-validating sensor, that confidence can be a measurement value (MV) status signal and/or a device status signal, both as described above. The third control component (e.g., the control processor in the example) can identify actual or potential degradation of the first control component from that confidence signal.
Still further aspects of the invention provide a control system as described above in which the second control component (e.g., the second sensor in the example) generates a signal identifying the control variable (e.g., temperature or pressure) output by it. The second component can transmit that signal, e.g., to a distributed registry, for storage. The third control component can retrieve the identifier signal from the registry in the event of actual or potential degradation of the first source signal, thus, permitting identification of the second source signal as a potential substitute for the first.
Yet still further aspects of the invention provide a control system as described above in which the control components and/or registry are coupled via bus, a network and other communications media, by way of non-limiting example, compatible with any of Foundation Fieldbus, Profibus, DeviceNet.TM., InterBus.TM. and Modbus.RTM. standards, among others.
Other aspects of the invention provide process, environment, industrial control systems and methods in accord with the foregoing.
These and still other aspects of the invention are evident in the drawings and in the description that follows.
BRIEF DESCRIPTION OF THE DRAWINGS
A more complete understanding of the invention may be attained by reference to the drawings, in which:
FIG. 1 depicts a digital data processing system of the type with which apparatus and methods according to the invention may be practiced;
FIG. 2 illustrates controlled processes, along with a fault-avoidance process control system according to the invention for controlling them; and
FIG. 3 is a flowchart depicting operation of a fault-avoidance process control system according to the invention.
DETAILED DESCRIPTION OF THE ILLUSTRATED EMBODIMENT
FIG. 1 depicts a digital data processing system of the type with which apparatus and methods according to the invention may be practiced. The system includes one or more controllers 10A, 10B or other digital data processors that monitor and/or control one or more manufacturing, industrial or other processes 12A, 12B. The illustrated controllers 10A, 10B represent hardware or software processes executing on workstations, microprocessors, embedded processors, "smart" field devices, or other digital data processing apparatus of the types commercially available in the marketplace, constructed and operated in accord with the teachings herein to achieve fault-avoidance in process control.
Workstation 11 represents a personal computer, mainframe computer or other digital data processing device that can be used, e.g., by an operator, to monitor and/or administer controllers 10A, 10B. While workstation 11 can be independent of the other devices shown in the drawing, it can alternatively incorporate functionality of controllers 10A, 10B. Conversely, monitoring and/or administrative functionality of workstation 11 can be contained in microprocessors, embedded processors, controllers, "smart" field devices that serve other functions in the control system.
Network 14 provides a communications medium for the transfer of data and control information among components of the control system, including, controllers 10A, 10B, workstation 11, blocks 32-42, and field devices. Though illustrated to represent a LAN, WAN, or global network (Internet), those skilled in the art will appreciate that element 14 may comprise a bus or other communications medium through which information may be transferred. In preferred embodiments, at least portions of the network 14 comprise buses compatible with industry standards such as, by non-limiting example, Foundation Fieldbus, Profibus, DeviceNet.TM., InterBus.TM. and/or Modbus.RTM..
FIG. 2 illustrates in greater detail processes 12A, 12B and a control system according to the invention for controlling them. In the illustration, exemplary process 12A is a manufacturing process including conventional processing equipment, such as by way of non-limiting example conveyors, aeration tanks, and so forth. Control of the process 12A is effected through flow sensors, pressure sensors, temperature sensors, level sensors, valves, recorders, positioners, or other sensors or actuators operating with outputs and inputs in the range of 4-20 mA or 1-5 V dc, or otherwise, per proprietary or industry protocol (collectively, "field devices"). In the illustrated embodiment, these include valve 24 that governs the rate of fluid flow to a reactor vessel 25, whose temperature and pressure are monitored by sensors 16, 18. These also include flow sensor 20 that monitors the outflow of vessel 25 to tank 21. In a preferred embodiment, one or more of the sensors are "smart" field devices, i.e., sensors or actuators that include embedded processors, microprocessors or other digital data processing capacity, operating in accord with the teachings herein.
Whether of the "smart" variety or otherwise, one or more of the sensors 16, 18, 20 can be of the self-validating variety that output estimates of measured process variables (e.g., pressure, temperature, flow, respectively), along with information about the uncertainty and reliability of those estimates. Preferred self-validating sensors include, by way of non-limiting example, those taught in incorporated-by-reference U.S. Pat. Nos. 5,570,300 and 5,774,378. Such sensors generate a validated measurement signal (VMV) representing a best estimate of a process variable being monitored, a validated uncertainty signal (VU) identifying the uncertainty in VMV, a status signal (MV) indicating the status of VMV (e.g., "clear," "blurred," "dazzled," "blind,"), and a device status signal indicating a status of the sensor itself.
Monitoring and control of processes 12A, 12B is further effected through controllers 10A, 10B that are coupled to field devices 16-30, as well as to one another, via network 14. The controllers execute control strategies in the conventional manner known in the art as modified in accord with the teachings herein.
To this end, the controllers 10A, 10B comprise blocks and/or other executable software components (collectively, "blocks") 32-42 that model field devices, processing apparatus and other aspects of the controlled process 12A and that monitor and/or control the states and interactions therebetween, e.g., via execution of control algorithms (or portions thereof) or otherwise. In the illustrated embodiment, blocks 32-42 comprise blocks of the type utilized in the I/A Series.RTM. systems marketed by the assignee hereof and/or objects of the type disclosed in co-pending commonly assigned patent applications 60/139,071, filed Jun. 11, 1999, entitled "Omnibus and Web Control," 60/144,693, filed Jul. 20, 1999, entitled "Omnibus and Web Control," 60/146,406, filed Jul. 29, 1999, entitled "Bi-Directional Entities for Maintaining Block Parameters and Status in a Process Control System," and 60/149,276, filed Aug. 17, 1999, entitled "Methods and Apparatus for Process Control (AutoArchitecture)," the teachings of all of which are incorporated herein by reference. The blocks 32-42 may represent other software and/or hardware components capable of executing on or in connection with controllers 10A, 10B. For example, the blocks may be various types of function blocks, or the like, as defined and executed within the aforementioned Foundation Fieldbus, Profibus, DeviceNet.TM., InterBus.TM. and Modbus.RTM. or other industry standards.
Blocks 32-42 operate in the conventional manner known in the art, as modified in accord with the teachings herein for fault avoidance. Thus, for example, controller 10A includes supervisor 32, temperature controller 34 and flow controller 36, each of which may include further blocks (not shown). Supervisor component 32 initiates process control functions, including activation and execution of blocks 34, 36. Block 32 also generates a temperature supervisory set point, e.g., based on operator input. Block 34 is a temperature controller that utilizes a proportional-integral-derivative (PID) or other control algorithm to generate a flow set point based on the temperature set point from the supervisor object 32 and on temperature readings from sensor 18. Block 36 serves as a flow controller that, too, utilizes a PID or other control algorithm to set a flow level, e.g., for valve 24, based on the flow set point from block 34 and on flow readings from sensor 20.
In process control terminology, supervisor 32 is referred to as a "source" for temperature controller 34 and, more accurately, for the temperature set point parameter used by controller 34. Temperature sensor 18 is also a source for controller
34. The flow controller 36, conversely, is referred to as a "sink" for temperature controller 34 and, more accurately, for the flow set point parameter generated by it. Like terminology can be applied to the other elements and parameters that are sources (i.e., suppliers) or sinks (i.e., consumers) of information produced within the system.
The illustrated apparatus includes one or more registries 42-48 to maintain information about the field devices 16-32. These can be contained in memory or other data stores within workstation 11, within the processors 10A, 10B, within smart field devices 16-32, within stand-alone storage devices (as illustrated), or otherwise. Where more than one registry is provided, they can be distributed among domains and, indeed, among the field devices themselves. The registries can be implemented as pointers, symbols, objects, variables, vectors, tables, records, databases, files, or other data structures or stores. They can be implemented as stand-alone entities or, for example, within other system components such as function blocks, or the like, as defined and executed within the aforementioned Foundation Fieldbus, Profibus, DeviceNet.TM., InterBus.TM. and Modbus.RTM. or other industry standards.
The registries maintain information about the control or process variables monitored by sensor-type field devices. Thus, for example, entries in registry 42 can indicate that sensor 16 monitors the pressure of vessel 25 and that sensor 18
monitors the temperature of that vessel. Registry 44, by way of further example, can indicate that sensor 20 monitors flow in the conduit between vessel 25 and tank 21. The registries can also maintain information about process variables governed by actuator-type sensors. Other information can be maintained in the registries, as well, for example identifiers of sources and/or sinks of each of the elements in the process control system.
In the illustrated embodiment, each process control component 32-42 maintains, e.g., in its own dedicated store or in a registry, identities of the process variables supplied to it by the "sources." Identities and other information regarding the sources can be maintained as well. Thus, for example, temperature controller 34 maintains an internal store indicating that one of its sources, sensor 18, supplies the temperature of vessel 25.
FIG. 3 is a flowchart depicting how the process control system of FIG. 2 provides for fault-avoidance. In steps 50-52, each field device "registers" with the system upon "hot" insertion, installation or commencement of operation. In the illustrated embodiment, registration is performed by sensor-type field devices, e.g., pressure, temperature and flow sensors 16-20, and entails generating an identifier indicating which process variable is monitored by each sensor. Thus, for example, sensor 16 generates an identifier signal indicating that it monitors the pressure of vessel 25, while sensor 18 generates a signal indicating that it monitors the temperature of that vessel. These identifier signals are stored in registry 42, or elsewhere, as discussed above.
The identifier signal generated by the field device can be based, for example, on information stored in the sensor, or otherwise supplied to the system, e.g., by a field technician prior to (or concurrent with) insertion. Alternatively, by way of further non-limiting example, it can be based on keys, tags or other physical indicia installed on or in the field device.
In step 54, controllers 10A, 10B commence operation, monitoring and/or controlling operation of processes 12A, 12B.
In step 56, each component 32-42 (FIG. 2) monitors its sources to identify actual or potential degradation of the information supplied by them. Where the sources are self-validating field devices, as described above, the recipient component (or sink) utilizes the above-described status signals as means of determining actual or potential fault. In this regard, for example, temperature controller 34 can identify as faulty a source (e.g., sensor 18) generating an MV signal of "blurred," "dazzled," "blind."
For sources that are not self-validating, the recipient process control components, i.e., blocks 32-42, can monitor process variables, statistically or otherwise, to identify actual or potential degradation. Still other elements resident in the controllers and/or in the control system (e.g., other field devices) can monitor sources and notify recipients of actual or potential degradation. The detection of fault by recipient components or other elements can be based on principles paralleling those discussed in incorporated-by reference U.S. Pat. Nos. 5,570,300 and 5,774,378, or otherwise.
In step 58, processing continues in the normal course unless an actual or potential fault is detected in a source (e.g., temperature sensor 18). Upon detection of such a fault, the recipient component (e.g., temperature controller 34) seeks a replacement source. Step 60. Alternatively, another component or element in the system (e.g., supervisor component 32) seeks a replacement on behalf of the recipient.
In either event, the replacement is identified via a search of registries 42-48 for a source that provides an identical or related process variable to that identified as actually or potentially faulty. Thus, for example, in the event readings from temperature sensor 18 are detected as actually or potentially faulty, readings from another temperature sensor (not shown) on the same vessel 25 could be identified for use as replacements.
In the illustrated embodiment, pressure sensor 16 is deemed to provide a "related" process variable, since the temperature of the contents vessel 25 can be determined with acceptable accuracy from its pressure.
In still further embodiments, replacement readings are taken from sensors or other process control components that measure (or otherwise generate) an identical or related process variable but that normally output another process variable. Examples of this include multi measurement sensors, e.g., a flow sensor 20 implemented as a CFT10 Series I/A Series.RTM. mass flow transmitter of the type commercially available from the assignee hereof. Though such a sensor typically outputs a flow reading, it measures temperature (along with other flow-related variables) in order to normalize the flow reading. Upon determining that temperature readings from sensor 18 are actually or potentially faulty, temperature controller 34 can utilize the temperature readings generated by mass flow sensor 20 as replacements. This is likewise true of (i) multimeasurement sensors that measure or otherwise generate "related" process variables, such as pressure in the above example, and (ii) blocks and other process components that generate identical or related process variables by way of calculations performed during execution of a control algorithm or otherwise.
If no replacement source is found (step 62), the operator is notified. Step 64. System operation may nonetheless continue, depending on the nature of the fault.
If a replacement source is found (step 66), its outputs are coupled to the inputs of the recipient component. The manner in which this is accomplished varies in accord with the specific nature of source/sink coupling in controller 10A. For example, if each component (e.g., temperature controller 34) maintains pointers to its sources (e.g., temperature sensor 18), replacement is effected by substituting a pointer to the replacement element (e.g., pressure sensor 16) for that of the actually or potentially faulty element (e.g., temperature sensor 18). Alternatively, if source information is coded into component via a configurator (not shown), such a configurator may be employed to impart sufficient information to effect replacement. In the event that the replacement source does not provide identical information to that provided by the actually or potentially fault source, the recipient executes appropriate conversions (e.g., pressure-to-temperature conversions) and/or compensates for differences in uncertainty or accuracy, e.g., using alternate control algorit