公开(公告)号：US07424641B2

公开(公告)日：2008-09-09

申请号：US11099871

申请日：2005-04-06

申请人： Padma Sundaram ,  Yulei Chen ,  Joseph G. D'Ambrosio

发明人： Padma Sundaram ,  Yulei Chen ,  Joseph G. D'Ambrosio

IPC分类号： G06F11/00

CPC分类号： G06F11/28 ,  G06F11/1004

摘要： A control system and a method for validating operation of the control system are provided. The control system has a first controller operably communicating with a second controller. The first and second controllers have first and second read-only memories, respectively. The method includes executing a first software program in the first controller that retrieves a first key value from the second controller. The method further includes retrieving a second key value from a table using the first key value as an index value. The table is stored in a memory that is accessible by the first software program. The method includes executing at least one mathematical operation in the first software program using at least the second key value to obtain a third key value. The method further includes sending the first and third key values from the first controller to the second controller. The method further includes determining a first validation value based on the first key value utilizing the second controller. The method further includes comparing the third key value to the first validation value using the second controller and indicating that the first software program has executed until completion when the third key value is equal to the first validation value.

摘要翻译： 提供了一种用于验证控制系统的操作的控制系统和方法。 控制系统具有与第二控制器可操作地通信的第一控制器。 第一和第二控制器分别具有第一和第二只读存储器。 该方法包括在第一控制器中执行从第二控制器检索第一键值的第一软件程序。 该方法还包括使用第一键值作为索引值从表中检索第二键值。 该表存储在可由第一个软件程序访问的存储器中。 该方法包括使用至少第二密钥值来执行第一软件程序中的至少一个数学运算以获得第三密钥值。 该方法还包括将第一和第三键值从第一控制器发送到第二控制器。 该方法还包括利用第二控制器基于第一密钥值来确定第一验证值。 该方法还包括使用第二控制器将第三密钥值与第一验证值进行比较，并且指示第一软件程序已经执行直到第三密钥值等于第一验证值时完成。

公开(公告)号：US20060236844A1

公开(公告)日：2006-10-26

申请号：US11099871

申请日：2005-04-06

申请人： Padma Sundaram ,  Yulei Chen ,  Joseph D'Ambrosio

发明人： Padma Sundaram ,  Yulei Chen ,  Joseph D'Ambrosio

IPC分类号： G09B15/02

CPC分类号： G06F11/28 ,  G06F11/1004

摘要： A control system and a method for validating operation of the control system are provided. The control system has a first controller operably communicating with a second controller. The first and second controllers have first and second read-only memories, respectively. The method includes executing a first software program in the first controller that retrieves a first key value from the second controller. The method further includes retrieving a second key value from a table using the first key value as an index value. The table is stored in a memory that is accessible by the first software program. The method includes executing at least one mathematical operation in the first software program using at least the second key value to obtain a third key value. The method further includes sending the first and third key values from the first controller to the second controller. The method further includes determining a first validation value based on the first key value utilizing the second controller. The method further includes comparing the third key value to the first validation value using the second controller and indicating that the first software program has executed until completion when the third key value is equal to the first validation value.

摘要翻译： 提供了一种用于验证控制系统的操作的控制系统和方法。 该控制系统具有与第二控制器可操作地通信的第一控制器。 第一和第二控制器分别具有第一和第二只读存储器。 该方法包括在第一控制器中执行从第二控制器检索第一键值的第一软件程序。 该方法还包括使用第一键值作为索引值从表中检索第二键值。 该表存储在可由第一个软件程序访问的存储器中。 该方法包括使用至少第二密钥值来执行第一软件程序中的至少一个数学运算以获得第三密钥值。 该方法还包括将第一和第三键值从第一控制器发送到第二控制器。 该方法还包括利用第二控制器基于第一密钥值来确定第一验证值。 该方法还包括使用第二控制器将第三密钥值与第一验证值进行比较，并且指示第一软件程序已经执行直到第三密钥值等于第一验证值时完成。

公开(公告)号：US20120330501A1

公开(公告)日：2012-12-27

申请号：US13228864

申请日：2011-09-09

申请人： Padma Sundaram ,  Dong Da

发明人： Padma Sundaram ,  Dong Da

IPC分类号： G06F7/00

CPC分类号： G05B23/0248

摘要： A method includes: receiving classification data for a hazard associated with a system of a vehicle, the classification data indicating a classification of the hazard under standard 26262 of the International Organization for Standardization (ISO); receiving fault tree data for a fault tree of the hazard; analyzing the fault tree data using a fault tree analysis (FTA) application; identifying a minimal cut-set for the hazard; retrieving standards data for the hazard based on the classification of the hazard, the standards data indicating a minimum value for minimal cut-sets under the 26262 standard; comparing a number of elements in the minimal cut-set with the minimum value; and indicating whether the minimal cut-set complies with the 26262 standard based on the comparison.

摘要翻译： 一种方法包括：接收与车辆系统相关的危险的分类数据，所述分类数据表示国际标准化组织（ISO）标准26262下的危险分类; 接收故障树的故障树数据; 使用故障树分析（FTA）应用分析故障树数据; 识别危害的最小限度; 根据危险分类，检索危害标准数据，标准数据表明26262标准下最小切割的最小值; 将最小切割中的多个元素与最小值进行比较; 并且基于比较来指示最小切割是否符合26262标准。

公开(公告)号：US07558661B2

公开(公告)日：2009-07-07

申请号：US11415543

申请日：2006-05-02

申请人： Padma Sundaram ,  Aleksander B. Hac

发明人： Padma Sundaram ,  Aleksander B. Hac

IPC分类号： G06G7/76

CPC分类号： B60W50/0205 ,  B60W2520/14

摘要： A vehicle stability control system diagnostic strategy, wherein the diagnostic strategy may be adaptively applied based upon the identified maneuver states of the vehicle. The diagnostic architecture contains three vehicle state observers (i.e., models) each based on inputs from only two of the three sensors (yaw rate, lateral acceleration, and hand wheel angle). More particularly, the first observer does not consider lateral acceleration input. The second observer does not consider yaw rate sensor input and the third does not consider hand wheel angle (UWA) sensor input in determining the vehicle state. However, estimated vehicle speed input is used by all the observers. For example, the first observer detects a maneuver state based on yaw rate and HWA and vehicle speed inputs. Then it diagnoses the lateral acceleration sensor failure based on the observer output.

摘要翻译： 一种车辆稳定性控制系统诊断策略，其中可以基于所识别的车辆的机动状态来自适应地应用诊断策略。 诊断架构包含三个车辆状态观测器（即，模型），每个车辆状态观测器基于仅来自三个传感器中的两个（偏航率，横向加速度和手轮角度）的输入。 更具体地，第一观察者不考虑横向加速度输入。 第二个观察者不考虑偏航率传感器输入，第三个观测者在确定车辆状态时不考虑手轮角（UWA）传感器输入。 然而，所有观察员都使用估计车速输入。 例如，第一观察者基于横摆率和HWA和车辆速度输入来检测机动状态。 然后根据观察者输出诊断横向加速度传感器故障。

公开(公告)号：US09409552B2

公开(公告)日：2016-08-09

申请号：US13598237

申请日：2012-08-29

申请人： Padma Sundaram ,  Mahesh Balike

发明人： Padma Sundaram ,  Mahesh Balike

IPC分类号： B60T8/174 ,  B60T8/17 ,  B60T7/04 ,  B60T7/08 ,  B60T7/10 ,  B60L7/26 ,  B60L15/20

CPC分类号： B60T7/042 ,  B60L7/26 ,  B60L15/2009 ,  B60L2240/12 ,  B60L2240/30 ,  B60L2250/26 ,  B60T7/085 ,  B60T7/107 ,  B60T7/12 ,  B60T17/228 ,  Y02T10/645 ,  Y02T10/72 ,  Y02T10/7275

摘要： An electronic park brake module for use with a vehicle is disclosed herein. In an embodiment, the electronic park brake module includes, but is not limited to, a processor and an electronic memory unit. The processor and the electronic memory unit are configured to cooperate to determine when a user has made a request for dynamic electronic park braking, to determine whether the user has a first intent or a second intent when requesting dynamic electronic park braking, to send a first command causing a first amount of braking force to be applied when the first intent has been determined, and to send a second command causing a second amount of braking force to be applied when the second intent has been determined.

摘要翻译： 本文公开了一种用于车辆的电子驻车制动模块。 在一个实施例中，电子驻车制动模块包括但不限于处理器和电子存储器单元。 处理器和电子存储器单元被配置为协作以确定用户何时做出动态电子驻车制动的请求，以在请求动态电子驻车制动时确定用户是否具有第一意图或第二意图，以发送第一 命令，当确定了第一意图时，施加第一量的制动力，并且当确定了第二意图时，发出施加第二量制动力的第二指令。

公开(公告)号：US08543286B2

公开(公告)日：2013-09-24

申请号：US13228864

申请日：2011-09-09

申请人： Padma Sundaram ,  Dong Da

发明人： Padma Sundaram ,  Dong Da

IPC分类号： G01M17/00

CPC分类号： G05B23/0248

摘要： A method includes: receiving classification data for a hazard associated with a system of a vehicle, the classification data indicating a classification of the hazard under standard 26262 of the International Organization for Standardization (ISO); receiving fault tree data for a fault tree of the hazard; analyzing the fault tree data using a fault tree analysis (FTA) application; identifying a minimal cut-set for the hazard; retrieving standards data for the hazard based on the classification of the hazard, the standards data indicating a minimum value for minimal cut-sets under the 26262 standard; comparing a number of elements in the minimal cut-set with the minimum value; and indicating whether the minimal cut-set complies with the 26262 standard based on the comparison.

摘要翻译： 一种方法包括：接收与车辆系统相关的危险的分类数据，所述分类数据表示国际标准化组织（ISO）标准26262下的危险分类; 接收故障树的故障树数据; 使用故障树分析（FTA）应用分析故障树数据; 识别危害的最小限度; 根据危险分类，检索危害标准数据，标准数据表明26262标准下最小切割的最小值; 将最小切割中的多个元素与最小值进行比较; 并且基于比较来指示最小切割是否符合26262标准。

公开(公告)号：US08380392B2

公开(公告)日：2013-02-19

申请号：US12832310

申请日：2010-07-08

申请人： Christopher J. Trush ,  Padma Sundaram

发明人： Christopher J. Trush ,  Padma Sundaram

IPC分类号： G06F17/00

CPC分类号： G07C5/0808 ,  B60W50/04 ,  B60W2050/0006

摘要： A processor integrity system in a vehicle includes m main processor modules that control at least m respective functions of the vehicle, where m is n integer greater than or equal to one. A monitoring processor module controls at least one function of the vehicle, communicates with the m main processor modules over a distributed vehicle network, selectively transmits a query to at least one of the m main processor modules over the distributed vehicle network, receives an answer from the at least one of the m main processor modules over the distributed vehicle network, that verifies integrity of the at least one of the m main processor modules based on the answer.

摘要翻译： 车辆中的处理器完整性系统包括m个主处理器模块，其控制车辆的至少m个功能，其中m是大于或等于1的整数。 监视处理器模块控制车辆的至少一个功能，通过分布式车辆网络与m个主处理器模块通信，通过分布式车辆网络选择性地将查询发送到m个主处理器模块中的至少一个，从 分布式车辆网络上的m个主处理器模块中的至少一个，其基于答案来验证m个主处理器模块中的至少一个的完整性。

公开(公告)号：US20070260383A1

公开(公告)日：2007-11-08

申请号：US11415543

申请日：2006-05-02

申请人： Padma Sundaram ,  Aleksander Hac

发明人： Padma Sundaram ,  Aleksander Hac

IPC分类号： G06G7/76

CPC分类号： B60W50/0205 ,  B60W2520/14

摘要： A vehicle stability control system diagnostic strategy, wherein the diagnostic strategy may be adaptively applied based upon the identified maneuver states of the vehicle. The diagnostic architecture contains three vehicle state observers (i.e., models) each based on inputs from only two of the three sensors (yaw rate, lateral acceleration and hand wheel angle). More particularly, the first observer does not consider lateral acceleration input. The second observer does not consider yaw rate sensor input and the third does not consider hand wheel angle (HWA) sensor input in determining the vehicle state. However, estimated vehicle speed input is used by all the observers. For example, the first observer detects a maneuver state based on yaw rate and HWA and vehicle speed inputs. Then it diagnoses the lateral acceleration sensor failure based on the observer output. The diagnostics are based on vehicle dynamics correlations that hold in steady state linear range conditions. Similarly, the other two observers detect maneuver state and diagnose the respective signals. Advantageous variants include the use of a proactive sensor diagnostics strategy that provides increased coverage during steady state linear range maneuvers while simultaneously detecting faults within the required fault response time.

摘要翻译： 一种车辆稳定性控制系统诊断策略，其中可以基于所识别的车辆的机动状态来自适应地应用诊断策略。 诊断架构包含三个车辆状态观测器（即，模型），每个车辆状态观测器基于仅三个传感器中的两个（偏航率，横向加速度和手轮角度）的输入。 更具体地，第一观察者不考虑横向加速度输入。 第二观察者不考虑偏航率传感器输入，第三观测器在确定车辆状态时不考虑手轮角（HWA）传感器输入。 然而，所有观察员都使用估计车速输入。 例如，第一观察者基于横摆率和HWA和车辆速度输入来检测机动状态。 然后根据观察者输出诊断横向加速度传感器故障。 诊断基于保持在稳态线性范围条件下的车辆动力学相关性。 类似地，其他两个观察者检测机动状态并诊断相应的信号。 有利的变型包括使用主动传感器诊断策略，其在稳态线性范围操作期间提供增加的覆盖，同时在所需的故障响应时间内检测故障。

公开(公告)号：US20110257833A1

公开(公告)日：2011-10-20

申请号：US12832310

申请日：2010-07-08

申请人： Christopher J. Trush ,  Padma Sundaram

发明人： Christopher J. Trush ,  Padma Sundaram

IPC分类号： G07C5/10

CPC分类号： G07C5/0808 ,  B60W50/04 ,  B60W2050/0006

摘要： A processor integrity system in a vehicle includes m main processor modules that control at least m respective functions of the vehicle, where m is n integer greater than or equal to one. A monitoring processor module controls at least one function of the vehicle, communicates with the m main processor modules over a distributed vehicle network, selectively transmits a query to at least one of the m main processor modules over the distributed vehicle network, receives an answer from the at least one of the m main processor modules over the distributed vehicle network, that verifies integrity of the at least one of the m main processor modules based on the answer.

摘要翻译： 车辆中的处理器完整性系统包括m个主处理器模块，其控制车辆的至少m个功能，其中m是大于或等于1的整数。 监视处理器模块控制车辆的至少一个功能，通过分布式车辆网络与m个主处理器模块通信，通过分布式车辆网络选择性地将查询发送到m个主处理器模块中的至少一个，从 分布式车辆网络上的m个主处理器模块中的至少一个，其基于答案来验证m个主处理器模块中的至少一个的完整性。

公开(公告)号：US20070005203A1

公开(公告)日：2007-01-04

申请号：US11471259

申请日：2006-06-20

申请人： Padma Sundaram ,  Song You ,  Laci Jalics ,  Joseph D'Ambrosio

发明人： Padma Sundaram ,  Song You ,  Laci Jalics ,  Joseph D'Ambrosio

IPC分类号： G06F19/00

CPC分类号： B60W10/18 ,  B60W10/20 ,  B60W50/0205 ,  B60W50/04

摘要： A vehicle diagnostic system and a method for monitoring vehicle controllers are provided. The method includes generating a first message having a fault status value when a fault condition is detected, utilizing a first controller. The first controller controls a first device. The method further includes receiving the first message at a supervisory controller and sending a second message from the supervisory controller to a second controller indicating a second operational state for the second controller, in response to the first message. The method further includes transitioning an operational state of the second controller from a third operational state to the second operational state in response to the second message.

摘要翻译： 提供车辆诊断系统和监视车辆控制器的方法。 该方法包括利用第一控制器产生具有故障状态值的第一消息，该故障状态值在检测到故障状态时。 第一个控制器控制第一个设备。 该方法还包括响应于第一消息，在管理控制器处接收第一消息并将第二消息从监督控制器发送到指示第二控制器的第二操作状态的第二控制器。 该方法还包括响应于第二消息将第二控制器的操作状态从第三操作状态转换到第二操作状态。