CN119065228A - A safe and redundant PLC communication control system - Google Patents
A safe and redundant PLC communication control system Download PDFInfo
- Publication number
- CN119065228A CN119065228A CN202411563033.7A CN202411563033A CN119065228A CN 119065228 A CN119065228 A CN 119065228A CN 202411563033 A CN202411563033 A CN 202411563033A CN 119065228 A CN119065228 A CN 119065228A
- Authority
- CN
- China
- Prior art keywords
- data
- plc
- unit
- communication control
- synchronization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B9/00—Safety arrangements
- G05B9/02—Safety arrangements electric
- G05B9/03—Safety arrangements electric with multiple-channel loop, i.e. redundant control systems
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Programmable Controllers (AREA)
Abstract
The invention relates to the technical field of PLC communication control and discloses a safe redundant PLC communication control system which comprises a communication redundancy module, a fault diagnosis module and a health monitoring module, wherein the communication redundancy module comprises a data synchronization unit, a switching unit and a strategy adjustment unit, the data synchronization unit is used for ensuring real-time synchronization of data between a main PLC unit and a secondary PLC unit, the switching unit is used for automatically switching to the secondary PLC unit when the main PLC unit fails, the strategy adjustment unit is used for adjusting redundancy strategies, the fault diagnosis module is used for carrying out fault test on the redundancy strategies and the PLC communication control, and the health monitoring module is used for diagnosing health of the PLC communication control, so that fault monitoring and health diagnosis of the safe redundant PLC communication control system are realized.
Description
Technical Field
The invention relates to the technical field of PLC communication control, and discloses a safe and redundant PLC communication control system.
Background
The PLC communication control system with high safety redundancy is designed to ensure high reliability and safety of the industrial automation system. Such systems increase the availability and fault tolerance of the system by using redundant configurations. However, even a highly redundant PLC system encounters some drawbacks in practical application and development, and the design of the redundant system needs to consider more factors, such as implementation of redundant logic, design of a switching mechanism, etc., which makes the design and implementation of the system more complex, and the redundant system relies on a master-slave switching mechanism to ensure that the slave system can take over seamlessly when the master system fails. If the switching mechanism is imperfect, it may cause switching failure or data loss, and in the redundant system, the fault diagnosis becomes more complicated because of the problem of determining whether the primary system or the backup system is needed, and the fault recovery time may be longer because it involves the troubleshooting and replacement of more components, and sometimes the fault recovery stack causes the PLC communication control health problem.
For example, the prior art China patent with the publication number CN114384792B discloses a safe and redundant PLC communication control system, which comprises a redundant PLC communication port, a safe filtering module, a redundant module, a communication module, a safe isolation module and a control module. The system comprises a safety filtering module, a redundancy module, a safety monitoring analysis module, a control module and a safety isolation module, wherein the safety filtering module is used for data monitoring, filtering and alarming, the redundancy module is used for copying, eliminating and reporting an abnormal state of a data frame hit with a preset flow type, the safety monitoring analysis module is used for monitoring the alarming and the abnormal state in real time and reporting the alarming and the abnormal state to the control module, the diagnosis control function of the control module can conduct guiding safety operation on the abnormal state and can selectively analyze abnormal data, and the safety isolation module is used for data isolation and exchange among the communication module, the control module and the safety monitoring analysis module and avoids direct connection among the modules. The system adopts a redundant and filtered safe transmission mechanism at the communication port, and a safe diagnosis control and safe isolation mechanism is added in the controller, so that the safety level and the reliability of the system are effectively improved.
However, the patent has the defects that the data security performance is poor, the redundancy strategy cannot be dynamically switched to adapt to a new data processing strategy, certain faults in the system can influence other modules in an imperceptible way in spite of the redundancy module and the safety isolation design, the safety diagnosis control means is single, the safety diagnosis cannot be interconnected with the health detection to cause mutual fracture, and the risk of fault propagation is increased.
Disclosure of Invention
This section is intended to outline some aspects of embodiments of the application and to briefly introduce some preferred embodiments. Some simplifications or omissions may be made in this section as well as in the description of the application and in the title of the application, which may not be used to limit the scope of the application.
In order to solve the above technical problems, a main object of the present invention is to provide a PLC communication control system with safety redundancy, comprising:
the communication redundancy module comprises a data synchronization unit, a switching unit and a strategy adjustment unit, wherein the data synchronization unit is used for ensuring the real-time synchronization of data between the main PLC unit and the auxiliary PLC unit, the switching unit is used for automatically switching to the auxiliary PLC unit when the main PLC unit fails, and the strategy adjustment unit is used for adjusting a redundancy strategy;
The fault diagnosis module is used for performing fault test on the redundancy strategy and the PLC communication control;
and the health monitoring module is used for diagnosing the health of the PLC communication control.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
The data synchronization unit copies real-time data of the main PLC unit to the auxiliary PLC through a data transmission protocol and a synchronization mechanism, monitors a data synchronization result through a synchronization monitoring model, calculates a sample data difference value of the main PLC unit and the auxiliary PLC unit through the data synchronization difference value, judges a synchronization state through the sample data difference value, if the sample data difference value of the main PLC unit and the auxiliary PLC unit is larger than a data synchronization balance threshold value, the synchronization state is wrong, a data synchronization sensitivity coefficient is adjusted, and if the sample data difference value of the main PLC unit and the auxiliary PLC unit is not larger than the data synchronization balance threshold value, the synchronization state is normal.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
The data synchronization difference calculation expression is as follows:
Wherein, Data synchronization difference, M is the number of data groups, M is the total number of data groups,Is the m-th group of main PLC unit data,For the m-th set of slave PLC unit data,An average value of the data synchronization difference values;
The expression for judging the data synchronization state is as follows:
Wherein, For the data-synchronous sensitivity coefficient,For the data synchronization balance threshold, Z is the value for judging whether the data synchronization is wrong,Is the sample data difference;
The sensitivity coefficient is adjusted by moving step average, and the calculation expression is as follows:
Wherein, In order to adjust the sensitivity coefficient after the adjustment,For the data synchronization difference value for which the data synchronization sensitivity coefficient correction is not completed at time t,As an unadjusted sensitivity coefficient,For the total number of groups of data at time t,The number of data sets for which correction of the data synchronization sensitivity coefficient is completed at time t.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
The strategy adjustment unit comprises a load monitoring model, performance index detection and strategy adjustment logic;
Load data during operation of the system after collection and processing is used for establishing a load monitoring model for a data base, the load and the performance of the system are dynamically monitored through the load monitoring model, and a calculation expression of the load monitoring model is as follows:
Wherein, The load prediction value is output for the load monitoring model,For the ith convolution kernel weight,And (3) the actual load value of the PLC communication control system acquired for the j-th group, b is a bias term, f () is an activation function, and n is the total group number of the actual load value.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
the fault diagnosis module comprises redundant strategy fault monitoring, and the redundant strategy is monitored by establishing a safe redundant model;
The safety redundancy model is obtained by carrying out process modeling on the process of synchronizing the data of the main PLC unit with the data of the auxiliary PLC unit, and the data transfer matrix is the observed data from the data of the main PLC unit to the data of the auxiliary PLC unit.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
The data transfer matrix expression is as follows:
Wherein, In the case of a data transfer matrix,Synchronizing the secondary PLC unit first data for the primary PLC unit first data,Synchronizing the data of the s-th data of the auxiliary PLC unit for the data of the d-th data of the main PLC unit, wherein d is the data count of the main PLC unit, and s is the data count of the auxiliary PLC unit;
and constructing a safety redundancy model for describing the communication control data synchronization auxiliary PLC unit of the main PLC unit, and evaluating the fault probability of the safety redundancy PLC communication control system when executing the redundancy strategy through the conditional probability.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
The calculation expression of the fault probability is as follows:
Wherein, The probability of failure prediction is performed for the redundancy strategy under the call observation,In order to observe the prior probability of the data,In order to observe the marginal probability of the data,For the likelihood of the observed data collected after the redundancy strategy is performed,Q is a data transfer for failure behavior in executing redundancy policies.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
the fault behavior calculation expression for executing the redundancy strategy is as follows:
And y is the position of the communication control data synchronization auxiliary PLC unit of the main PLC unit executed by the redundancy strategy, p is the position of the communication control data synchronization, and lambda is the data transfer scale.
As a preferred embodiment of the safety redundant PLC communication control system of the present invention, wherein:
Monitoring the communication health state of the PLC in real time through fault monitoring, and timely finding and reporting communication abnormality or fault;
The health monitoring model comprises health and unhealthy of the main PLC unit and health and unhealthy of the auxiliary PLC unit and health states of the whole system;
the health monitoring model calculation expression is as follows:
Wherein, The health probability for the PLC communication control,As the probability that the failure probability causes the health state,For the probability of health it is that,In the event of a failure condition,Is in a healthy state.
The invention has the beneficial effects that:
The system has high availability and continuity, ensures the efficient execution of main control tasks, ensures that even if a main PLC breaks down, an auxiliary PLC can take over seamlessly, reduces the shutdown time of the system, provides real-time fault detection and health diagnosis functions, helps to quickly locate and solve the problems, improves the stability and reliability of the system, simultaneously carries out real-time health monitoring on a communication control system, reduces the influence of faults on other modules, prevents data from being illegally accessed, tampered or stolen, and enhances the safety of the system.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. Wherein:
FIG. 1 is a system diagram of a safety redundant PLC communication control system of the present invention;
Fig. 2 is a flow chart of an implementation of a PLC communication control system for safety redundancy according to the present invention.
Detailed Description
In order that the above-recited objects, features and advantages of the present invention will become more readily apparent, a more particular description of the invention will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, but the present invention may be practiced in other ways other than those described herein, and persons skilled in the art will readily appreciate that the present invention is not limited to the specific embodiments disclosed below.
Further, reference herein to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic can be included in at least one implementation of the invention. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments.
Example 1
As shown in fig. 1, a PLC communication control system of safety redundancy includes:
the main control module comprises a main PLC unit and an auxiliary PLC unit;
the main PLC unit is responsible for main control function, and executes main control logic and data processing.
And the auxiliary PLC unit is used as a backup of the main PLC unit and can take over the functions of the main PLC unit when the main PLC unit fails.
The communication redundancy module comprises a data synchronization unit, a switching unit and a strategy adjustment unit;
the data synchronization unit is used for ensuring the real-time synchronization of data between the main PLC unit and the auxiliary PLC unit and reducing the risk of data loss or inconsistency.
Further, the data synchronization unit copies real-time data of the main PLC unit to the auxiliary PLC unit regularly through a data transmission protocol and a synchronization mechanism, monitors a data synchronization result through a synchronization monitoring model, calculates a sample data difference value of the main PLC unit and the auxiliary PLC unit through a data synchronization difference value, judges a synchronization state through the sample data difference value, if the sample data difference value of the main PLC unit and the auxiliary PLC unit is larger than a data synchronization balance threshold value, the synchronization state is wrong, a data synchronization sensitivity coefficient is adjusted, and if the sample data difference value of the main PLC unit and the auxiliary PLC unit is not larger than the data synchronization balance threshold value, the synchronization state is normal;
the data synchronization difference calculation expression is as follows:
Wherein, Data synchronization difference, M is the number of data groups, M is the total number of data groups,Is the m-th group of main PLC unit data,For the m-th set of slave PLC unit data,An average value of the data synchronization difference values,Is the sample data difference;
The expression for judging the data synchronization state is as follows:
Wherein, For the data-synchronous sensitivity coefficient,Z is a data synchronization balance threshold value, and Z is a data synchronization judgment error;
Further, the sensitivity coefficient is adjusted by moving step average, and the calculation expression is as follows:
Wherein, In order to adjust the sensitivity coefficient after the adjustment,For the data synchronization difference value for which the data synchronization sensitivity coefficient correction is not completed at time t,As an unadjusted sensitivity coefficient,For the total number of groups of data at time t,The number of data sets for which correction of the data synchronization sensitivity coefficient is completed at time t.
Judging the adjusted sensitivity by setting data synchronization state judgment, if the data synchronization correctly displays Fine, the sensitivity coefficient is correct, the sensitivity coefficient is not adjusted any more, and if the data synchronization incorrectly displays Error, the sensitivity coefficient is incorrect, and the sensitivity coefficient needs to be continuously adjusted;
The switching unit is used for automatically switching to the auxiliary PLC unit when the main PLC unit fails, so that the continuity and reliability of communication are ensured.
The strategy adjustment unit is used for adjusting the redundancy strategy according to the real-time situation, for example, dynamically adjusting the redundancy strategy when the load changes so as to optimize the performance;
The strategy adjustment unit comprises a load monitoring model, performance index detection and strategy adjustment logic;
Further, a load monitoring model is established for a data base according to the load data of the collected and processed system during operation, the system load and performance are dynamically monitored through the load monitoring model, the redundancy level is adjusted through an algorithm to adapt to actual requirements, meanwhile, the stability of the system is not affected by strategy adjustment, and the redundancy strategy is timely adjusted according to the system requirements;
further, the load monitoring model calculation expression is as follows:
Wherein, The load prediction value is output for the load monitoring model,For the ith convolution kernel weight,And (3) the actual load value of the PLC communication control system acquired for the j-th group, b is a bias term, f () is an activation function, and n is the total group number of the actual load value.
Predicting the load of the PLC communication control system at the time t+1 through a load monitoring model, and ensuring that a predicted value is as close to an actual value as possible through a minimum loss function, thereby realizing the prediction and performance detection of the load of the PLC communication control system;
the loss function calculation expression is as follows:
Wherein, The loss value is output for the loss function,Outputting a load predicted value of the PLC communication control system for the load monitoring model,The load actual value of the PLC communication control system is N, the total load data of the PLC communication control system is N, and i is the load data set number of the PLC communication control system;
As shown in fig. 2, the flow implemented by the system of the present invention includes:
s1, a main PLC unit and an auxiliary PLC unit work normally;
s2, calculating a data synchronization difference value, and judging the data synchronization condition;
s3, adjusting the data synchronization speed and the content capacity through adjusting the sensitivity;
s4, monitoring the load of the PLC communication control system, and fitting a load monitoring model through a loss function;
s5, monitoring safety redundancy and fault monitoring of the PLC communication control system through a safety redundancy model, and performing health diagnosis on the PLC communication control system;
The performance index detection is used for monitoring the system performance after adjustment, so that the effectiveness of the strategy is ensured;
the policy adjustment unit needs to execute the following logic:
When the load increases or decreases, the system needs to dynamically adjust the redundancy strategy, if the load is high, the redundancy node is added or adjust the load balancing strategy to disperse the load, and if the load is low, the redundancy node is reduced to save resources and reduce the cost.
The high availability of the system is ensured by the redundant configuration of the primary and secondary PLC units and the switching unit in the communication redundancy module. The data synchronization and policy adjustment unit ensures the validity of the redundant system.
A security module including data encryption, access control, and periodic testing;
Data encryption is used to encrypt communication data to prevent unauthorized access or tampering of the data.
Further, by encrypting the transmission of data in the network by using SSL/TLS protocol, the security of the data in the transmission process is ensured, and sensitive data stored in a database or a file system is encrypted to prevent the data from being revealed by physical access;
Access control enforces a strict access control policy that ensures that only authorized users can access and modify the system configuration.
The periodic test is used for periodically performing security test to find and repair potential security holes;
scanning network vulnerabilities and application vulnerabilities in the system through an automation tool;
Wherein the network vulnerability scanning is used to detect known vulnerabilities in network devices and services;
application vulnerability scanning is used to check security flaws in application code and configuration;
The safety of communication data is guaranteed through data encryption and access control, and regular testing helps to discover and repair safety problems in time.
The fault diagnosis module is used for performing fault test on the redundancy strategy and the PLC communication control;
The fault diagnosis module comprises redundancy strategy fault monitoring, and the redundancy strategy is monitored by establishing a safety redundancy model;
Further, the safety redundancy model is obtained by performing process modeling on the process of synchronizing the data of the main PLC unit with the data of the auxiliary PLC unit, and the data transfer matrix is the transfer condition of the data from the data of the main PLC unit to the data of the auxiliary PLC unit, and the expression of the data transfer matrix is as follows:
Wherein, In the case of a data transfer matrix,Synchronizing the secondary PLC unit first data for the primary PLC unit first data,Synchronizing the data of the s-th data of the auxiliary PLC unit for the data of the d-th data of the main PLC unit, wherein d is the data count of the main PLC unit, and s is the data count of the auxiliary PLC unit;
by constructing the probability of all data synchronization, other modules can be influenced in an imperceptible way by avoiding certain faults;
Further, the primary PLC unit includes a plurality of communication controls, and the secondary PLC unit includes a plurality of backup units;
The method comprises the steps of constructing a safety redundancy model for describing a main PLC unit communication control data synchronization auxiliary PLC unit, and evaluating the fault probability of a safety redundancy PLC communication control system when executing a redundancy strategy through conditional probability, wherein the calculation expression of the fault probability is as follows:
Wherein, The probability of failure prediction is performed for the redundancy strategy under the call observation,In order to observe the prior probability of the data,In order to observe the marginal probability of the data,For the likelihood of the observed data collected after the redundancy strategy is performed,Q is data transfer for failure behavior in executing redundancy policies;
the marginal probability calculation expression of the observed data is as follows: wherein the marginal probability of the observed data is used to represent the number and position probabilities of the observed data in Q (p);
the failure behavior calculation expression for executing the redundancy strategy is as follows:
wherein y is the position of the communication control data synchronization auxiliary PLC unit of the main PLC unit executed by the redundancy strategy, p is the position of the communication control data synchronization, and lambda is the data transfer scale;
Each time the PLC communication control system executes the redundancy strategy, the redundancy strategy is a father node, wherein the father node comprises nodes and edges, the nodes are fault states of the safety redundancy PLC communication control system executing the redundancy strategy, the edges are used for describing conditional dependence relations of data synchronization of a main PLC unit communication control and a secondary PLC unit when the safety redundancy PLC communication control system executes the redundancy strategy, and the directions of the edges are used for representing causal relations, including reasons of executing the redundancy strategy faults and the like;
The health monitoring module is used for diagnosing the health of the PLC communication control;
and monitoring the communication health state of the PLC in real time through fault monitoring, and timely finding and reporting communication abnormality or fault.
The recovery module comprises automatic recovery and manual switching;
when the system fails, the safe redundant PLC communication control system automatically restores to a normal state, for example, by automatically switching to the auxiliary PLC unit;
by automatically switching to the standby component, the system is ensured to continue to operate without being influenced, and the system is switched seamlessly, so that a user is prevented from feeling obvious service interruption;
the restoration process includes restoring the system state to normal operating conditions. For example, restore data from a backup, restart failed components, etc.;
during the fault occurrence and recovery process, the system should send notifications and reports to an administrator or maintenance personnel to timely learn about the fault condition and recovery.
In case manual intervention is required, a manual switching function is provided so that the technician can adjust according to the actual situation.
The manual switching comprises manual intervention, a manual switching interface and verification and test;
when the automatic recovery mechanism fails to solve the problem, the system needs to provide a manual switching option to be adjusted by a technician according to the actual situation, and the manual switching typically includes selecting a spare component, performing a recovery operation, and the like;
the manual switching interface is used for a user-friendly interface or console for a technician to perform manual switching operation. The interface should provide clear information and operation guidance to avoid operation errors.
The verification and test include that after the manual switching is completed, technicians need to verify whether the system has successfully recovered to normal operation, and the test includes checking aspects of system functions, data integrity, performance and the like.
Example two
Based on the previous embodiment, the health monitoring module is used for diagnosing the health of the PLC communication control;
the health monitoring model comprises health and unhealthy of the main PLC unit, health and unhealthy of the auxiliary PLC unit and health states of the whole system, and the calculation expression of the health monitoring model is as follows:
Wherein, The health probability for the PLC communication control,As the probability that the failure probability causes the health state,For the probability of health it is that,In the event of a failure condition,Is in a healthy state;
Further, the method comprises the steps of, Wherein, gamma is a regulating factor;
The health monitoring model comprehensively considers the health and fault state of the system and provides more accurate monitoring and early warning capability.
It is important to note that the construction and arrangement of the application as shown in the various exemplary embodiments is illustrative only. Although only two embodiments have been described in detail in this disclosure, those skilled in the art who review this disclosure will readily appreciate that many modifications are possible, for example, variations in sizes, dimensions, structures, shapes and proportions of the various elements, values of parameters (e.g., temperature, pressure, etc.), mounting arrangements, use of materials, colors, orientations, etc., without materially departing from the novel teachings and advantages of the subject matter described in this application. For example, elements shown as integrally formed may be constructed of multiple parts or elements, the position of elements may be reversed or otherwise varied, and the nature or number of discrete elements or positions may be altered or varied. Accordingly, all such modifications are intended to be included within the scope of present application. The order or sequence of any process or method steps may be varied or re-sequenced according to alternative embodiments. Any means-plus-function clause is intended to cover the structures described herein as performing the function and not only structural equivalents but also equivalent structures. Other substitutions, modifications, changes and omissions may be made in the design, operating conditions and arrangement of the exemplary embodiments without departing from the scope of the present applications. Therefore, the application is not limited to the specific embodiments, but extends to various modifications that nevertheless fall within the scope of the appended claims.
Furthermore, in an effort to provide a concise description of the exemplary embodiments, all features of an actual implementation may not be described (i.e., those not associated with the best mode presently contemplated for carrying out the invention, or those not associated with practicing the invention).
It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions may be made. Such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.
It should be noted that the above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made thereto without departing from the spirit and scope of the technical solution of the present invention, which is intended to be covered by the scope of the claims of the present invention.
Claims (9)
1. A safety redundant PLC communication control system, comprising:
the communication redundancy module comprises a data synchronization unit, a switching unit and a strategy adjustment unit, wherein the data synchronization unit is used for ensuring the real-time synchronization of data between the main PLC unit and the auxiliary PLC unit, the switching unit is used for automatically switching to the auxiliary PLC unit when the main PLC unit fails, and the strategy adjustment unit is used for adjusting a redundancy strategy;
The fault diagnosis module is used for performing fault test on the redundancy strategy and the PLC communication control;
and the health monitoring module is used for diagnosing the health of the PLC communication control.
2. A safety redundant PLC communication control system according to claim 1, wherein:
The data synchronization unit copies real-time data of the main PLC unit to the auxiliary PLC through a data transmission protocol and a synchronization mechanism, monitors a data synchronization result through a synchronization monitoring model, calculates a sample data difference value of the main PLC unit and the auxiliary PLC unit through the data synchronization difference value, judges a synchronization state through the sample data difference value, if the sample data difference value of the main PLC unit and the auxiliary PLC unit is larger than a data synchronization balance threshold value, the synchronization state is wrong, a data synchronization sensitivity coefficient is adjusted, and if the sample data difference value of the main PLC unit and the auxiliary PLC unit is not larger than the data synchronization balance threshold value, the synchronization state is normal.
3. A safety redundant PLC communication control system according to claim 2, wherein:
The data synchronization difference calculation expression is as follows:
;
Wherein, Data synchronization difference, M is the number of data groups, M is the total number of data groups,Is the m-th group of main PLC unit data,For the m-th set of slave PLC unit data,An average value of the data synchronization difference values;
The expression for judging the data synchronization state is as follows:
;
Wherein, For the data-synchronous sensitivity coefficient,For the data synchronization balance threshold, Z is the value for judging whether the data synchronization is wrong,Is the sample data difference;
The sensitivity coefficient is adjusted by moving step average, and the calculation expression is as follows:
;
Wherein, In order to adjust the sensitivity coefficient after the adjustment,For the data synchronization difference value for which the data synchronization sensitivity coefficient correction is not completed at time t,As an unadjusted sensitivity coefficient,For the total number of groups of data at time t,The number of data sets for which correction of the data synchronization sensitivity coefficient is completed at time t.
4. A safety redundant PLC communication control system according to claim 3, wherein:
The strategy adjustment unit comprises a load monitoring model, performance index detection and strategy adjustment logic;
Load data during operation of the system after collection and processing is used for establishing a load monitoring model for a data base, the load and the performance of the system are dynamically monitored through the load monitoring model, and a calculation expression of the load monitoring model is as follows:
;
Wherein, The load prediction value is output for the load monitoring model,For the ith convolution kernel weight,And (3) the actual load value of the PLC communication control system acquired for the j-th group, b is a bias term, f () is an activation function, and n is the total group number of the actual load value.
5. The safety redundant PLC communication control system of claim 4 wherein:
the fault diagnosis module comprises redundancy strategy fault monitoring, and monitors the redundancy strategy by establishing a safety redundancy model;
The safety redundancy model is obtained by carrying out process modeling on the process of synchronizing the data of the main PLC unit with the data of the auxiliary PLC unit, and the data transfer matrix is the observation data from the data of the main PLC unit to the data of the auxiliary PLC unit.
6. The safety redundant PLC communication control system of claim 5 wherein:
The data transfer matrix expression is as follows:
;
Wherein, In the case of a data transfer matrix,Synchronizing the secondary PLC unit first data for the primary PLC unit first data,Synchronizing the data of the s-th data of the auxiliary PLC unit for the data of the d-th data of the main PLC unit, wherein d is the data count of the main PLC unit, and s is the data count of the auxiliary PLC unit;
and constructing a safety redundancy model for describing the communication control data synchronization auxiliary PLC unit of the main PLC unit, and evaluating the fault probability of the safety redundancy PLC communication control system when executing the redundancy strategy through the conditional probability.
7. The safety redundant PLC communication control system of claim 6 wherein:
The calculation expression of the fault probability is as follows:
;
Wherein, The probability of failure prediction is performed for the redundancy strategy under the call observation,In order to observe the prior probability of the data,In order to observe the marginal probability of the data,For the likelihood of the observed data collected after the redundancy strategy is performed,Q is a data transfer for failure behavior in executing redundancy policies.
8. The safety redundant PLC communication control system of claim 7 wherein:
the fault behavior calculation expression for executing the redundancy strategy is as follows:
;
And y is the position of the communication control data synchronization auxiliary PLC unit of the main PLC unit executed by the redundancy strategy, p is the position of the communication control data synchronization, and lambda is the data transfer scale.
9. The safety redundant PLC communication control system of claim 8 wherein:
Monitoring the communication health state of the PLC in real time through fault monitoring, and timely finding and reporting communication abnormality or fault;
The health monitoring model comprises health and unhealthy of the main PLC unit and health and unhealthy of the auxiliary PLC unit and health states of the whole system;
the health monitoring model calculation expression is as follows:
;
Wherein, The health probability for the PLC communication control,As the probability that the failure probability causes the health state,For the probability of health it is that,In the event of a failure condition,Is in a healthy state.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202411563033.7A CN119065228A (en) | 2024-11-05 | 2024-11-05 | A safe and redundant PLC communication control system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202411563033.7A CN119065228A (en) | 2024-11-05 | 2024-11-05 | A safe and redundant PLC communication control system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN119065228A true CN119065228A (en) | 2024-12-03 |
Family
ID=93644968
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202411563033.7A Pending CN119065228A (en) | 2024-11-05 | 2024-11-05 | A safe and redundant PLC communication control system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN119065228A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN120276364A (en) * | 2025-06-03 | 2025-07-08 | 北京机械工业自动化研究所有限公司 | Dual-PLC redundancy backup method and system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050243959A1 (en) * | 2004-04-30 | 2005-11-03 | Ashley Jonathan J | Method and apparatus for synchronization mark detection with DC compensation |
| CN103512751A (en) * | 2013-07-03 | 2014-01-15 | 辽宁大学 | Bearing health state identification method based on probabilistic neural network |
| CN115358437A (en) * | 2022-06-30 | 2022-11-18 | 桂林电子科技大学 | Power supply load prediction method based on convolutional neural network |
| CN115437233A (en) * | 2022-09-06 | 2022-12-06 | 中铁宝桥集团有限公司 | Bidirectional driving system of tourist coach based on redundant PLC |
| CN115434690A (en) * | 2021-06-04 | 2022-12-06 | 中国科学院沈阳自动化研究所 | Unsupervised online mutation point detection and fusion method for pumping unit based on Bayes |
| CN117370138A (en) * | 2023-10-26 | 2024-01-09 | 杭州杰普仕科技股份有限公司 | High capacity distributed storage system |
| CN118095891A (en) * | 2024-02-28 | 2024-05-28 | 国网江苏省电力有限公司宿迁供电分公司 | Active power distribution network payload prediction method and system considering source load meteorological characteristic decoupling |
| CN118400376A (en) * | 2024-06-26 | 2024-07-26 | 广东车海洋环保科技有限公司 | Dynamic balancing method and system for server load of self-service car washer |
-
2024
- 2024-11-05 CN CN202411563033.7A patent/CN119065228A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050243959A1 (en) * | 2004-04-30 | 2005-11-03 | Ashley Jonathan J | Method and apparatus for synchronization mark detection with DC compensation |
| CN103512751A (en) * | 2013-07-03 | 2014-01-15 | 辽宁大学 | Bearing health state identification method based on probabilistic neural network |
| CN115434690A (en) * | 2021-06-04 | 2022-12-06 | 中国科学院沈阳自动化研究所 | Unsupervised online mutation point detection and fusion method for pumping unit based on Bayes |
| CN115358437A (en) * | 2022-06-30 | 2022-11-18 | 桂林电子科技大学 | Power supply load prediction method based on convolutional neural network |
| CN115437233A (en) * | 2022-09-06 | 2022-12-06 | 中铁宝桥集团有限公司 | Bidirectional driving system of tourist coach based on redundant PLC |
| CN117370138A (en) * | 2023-10-26 | 2024-01-09 | 杭州杰普仕科技股份有限公司 | High capacity distributed storage system |
| CN118095891A (en) * | 2024-02-28 | 2024-05-28 | 国网江苏省电力有限公司宿迁供电分公司 | Active power distribution network payload prediction method and system considering source load meteorological characteristic decoupling |
| CN118400376A (en) * | 2024-06-26 | 2024-07-26 | 广东车海洋环保科技有限公司 | Dynamic balancing method and system for server load of self-service car washer |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN120276364A (en) * | 2025-06-03 | 2025-07-08 | 北京机械工业自动化研究所有限公司 | Dual-PLC redundancy backup method and system |
| CN120276364B (en) * | 2025-06-03 | 2025-08-26 | 北京机械工业自动化研究所有限公司 | Dual-PLC redundancy backup method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100388217C (en) | Dynamic threshold scaling method and system in communication system | |
| US7055062B2 (en) | Method, system and program product for establishing a self-diagnosing and self-repairing automated system | |
| CN101201786B (en) | Method and device for monitoring fault log | |
| CN117675522A (en) | A power communication fault diagnosis and prevention method and system | |
| CN119065228A (en) | A safe and redundant PLC communication control system | |
| CN112988444B (en) | Processing method, processing device and processing equipment for server cluster fault diagnosis, method for server fault diagnosis and computer-readable storage medium | |
| US7278048B2 (en) | Method, system and computer program product for improving system reliability | |
| CN117370970A (en) | Fault attack protection method based on random fault injection | |
| CN115098306A (en) | Embedded fault-tolerant self-healing structure, method and system applied to power industrial control terminal | |
| CN119003249B (en) | Automatic disaster recovery process management method and system for intelligent computing center | |
| Preschern et al. | Security analysis of safety patterns | |
| JP6972429B1 (en) | Plant management method and plant design equipment | |
| CN117194154A (en) | APM full-link monitoring system and method based on micro-service | |
| CN116340045A (en) | Database exception handling method, apparatus, device and computer readable storage medium | |
| CA3142334A1 (en) | Equipment failure diagnostics using bayesian inference | |
| US11662764B2 (en) | Method for controlling and automatically restarting a technical apparatus | |
| CN114253124A (en) | High-availability hot standby redundancy system and method | |
| CN111610778B (en) | Self-adaptive monitoring system for improving stability of industrial control system | |
| Santhosh et al. | Resilience Engineering: Principles, Methods, and Applications to Critical Infrastructure Systems | |
| Dodonov et al. | Analysis and Assessment of Functional Stability of Information Systems Supporting Management Processes. | |
| CN118885349B (en) | Target uncorrectable fault prediction model training method and related equipment | |
| TWI851084B (en) | Server system and diagnosis method thereof | |
| CN119557146B (en) | Abnormal restart protection method and system for electric vehicle display instrument | |
| US11687398B2 (en) | Method for controlling a technical apparatus | |
| Abidov | DIAGNOSTICS OF THE STATE AND RECOVERY OF REAL TIME SYSTEMS PERFORMANCE |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |