WO2013062844A1 - Safety component in a programmable components chain - Google Patents

Safety component in a programmable components chain Download PDF

Info

Publication number
WO2013062844A1
WO2013062844A1 PCT/US2012/060750 US2012060750W WO2013062844A1 WO 2013062844 A1 WO2013062844 A1 WO 2013062844A1 US 2012060750 W US2012060750 W US 2012060750W WO 2013062844 A1 WO2013062844 A1 WO 2013062844A1
Authority
WO
WIPO (PCT)
Prior art keywords
component
interface
cpld
programmable components
programmable
Prior art date
Application number
PCT/US2012/060750
Other languages
French (fr)
Inventor
Arie Gez
Original Assignee
Eastman Kodak Company
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/279,371 external-priority patent/US8362801B1/en
Priority claimed from US13/279,370 external-priority patent/US8441280B1/en
Application filed by Eastman Kodak Company filed Critical Eastman Kodak Company
Publication of WO2013062844A1 publication Critical patent/WO2013062844A1/en

Links

Classifications

    • HELECTRICITY
    • H03ELECTRONIC CIRCUITRY
    • H03KPULSE TECHNIQUE
    • H03K19/00Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits
    • H03K19/02Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components
    • H03K19/173Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components
    • H03K19/177Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components arranged in matrix form
    • H03K19/17748Structural details of configuration resources
    • H03K19/17768Structural details of configuration resources for security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]

Definitions

  • This invention relates in general to programming a complex programmable logic device (CPLD) and in particular to programming a safety electronic circuit.
  • CPLD complex programmable logic device
  • Computer-to-plate (CTP) imaging devices use laser diodes for imaging on a substrate. Leakage of laser light from the imaging device during imaging operation may be hazardous to people in proximity to the device.
  • Interlock sensors are deployed in the device at various locations to notify of hazardous situations or to prevent, for example, opening the device door during operation.
  • the sensors are integrated with specific electronic circuitry as shown in FIG. 1. When one or more of the interlock and safety sensors goes off, indicating a potential leak of laser light, the laser sources are disabled and fault warning activated.
  • Safety devices are mandatory in potentially hazardous products, and are required to be installed by international safety standards. Safety measures in devices can be incorporated by various means such as software, electronic CPLD components or electro-mechanical components. In the case of CPLD components, the CPLD components are installed on an circuit board, which may include more than one CPLD component. One of the CPLD components may be used for safety.
  • CPLD components are programmable and the programming is done via a joint test action group (JTAG) port residing on the electronic board and connected typically to a personal computer by an appropriate cable.
  • JTAG joint test action group
  • the CPLD reprogramming may be done by service engineers in the field, therefore it is essential to prevent reprogramming of the CPLD components related to safety and make sure they are programmed only at the manufacturing site. Reprogramming of CPLDs which are intended for safety control in the field is dangerous since it may hinder safe operation of the product, and thus may cause irreversible harm to the product operators, during product operation.
  • FIG. 1 shows several CPLD components (124, 128, 132) residing on electronic board 100.
  • the JTAG interface is connected to each of the CPLD components by input and output pins (TDI, TDO) and timing and clock pins
  • TMS, TCK The signals TDI, TDO, TMS and TCK are used for accessing and programming of the CPLDs residing on electronic board 100.
  • the CPLD components are concatenated between each other via the input and output pins (TDI, TDO).
  • the TDI signal from JTAG interface 108 is connected to first CPLD 124 via its TDI line.
  • the output line TDO of CPLD 124 is further connected to the input line TDI of the next CPLD in the chain 128.
  • the output pin TDO of the last CPLD in the chain 132 is connected to the TDO line of JTAG interface 108 to form a complete chain of the CPLDs on electronic board 100.
  • the timing TMS and clock pin TCK are connected in parallel from JTAG interface 108 to all CPLDs (124, 128, 132) and controlled by timing and clock pins (TMS, TCK).
  • the programming of the CPLD components is performed by an external controller 104.
  • the programming data is delivered to JTAG interface 108 via interface lines 112.
  • the content of each of the CPLD components (124, 128, 132) can be independently programmed by controller 104.
  • CPLD 124 which is selected to serve safety measures, has to be treated with more caution than other CPLDs, therefore programming of CPLD 124 should be permitted only once and at the manufacturing site only. Programming at a customer site is unacceptable.
  • an electronic circuit includes a plurality of programmable components connected in an electronic chain.
  • An interface is adapted to connect the programmable components to an external controller wherein the controller is adapted to program the programmable components.
  • a component isolation element is connected to the interface at an input end and to the electronic chain of the programmable components at an output end wherein the isolation element is adapted to isolate one component of the programmable components from the electronic chain and wherein the one component is a safety component.
  • FIG. 1 is a prior art schematic showing several concatenated CPLD components
  • FIG. 2 is a schematic showing the first CPLD (safety CPLD) concatenated with several other CPLD components before programming; and
  • FIG. 3 is a schematic showing the first CPLD (safety CPLD) concatenated with several other CPLD components after programming.
  • FIG. 2 and FIG. 3 show an electronic board 200.
  • Board 200 is formed with a similar configuration to the prior art shown with board 100 in FIG. 1. The difference between board 100 and board 200 is in that board 200 is equipped with electronic means adapted to isolate CPLD 124 from the other CPLD in CPLDs chain (128, 132).
  • CPLD 124 which is the safety CPLD is achieved by addition of analog switches 204 and 212.
  • Analog switch 204 switches line TDI between CPLD 124 and the chain of the other CPLDs (128, 132).
  • analog switch 212 switches line TDO between CPLD 124 and the chain of the other CPLDs.
  • the isolation of CPLD component 124 when residing in board 200 enables CPLD 124 to be limited to singular programming, thus prevents any further programming that may negatively affect safety conditions of the device.
  • the CPLD components (124, 128, 132) are not programmed at its original state. At the first power up the IO pins are in a logical tri state.
  • FIG. 2 shows a pull down resistor Rl which sets IO pin into logical state "0" prior programming 224.
  • analog switch 204 connects input pin TDI to OUT1 via switch 208, whereas analog switch 212 connects output pin TDO to INI via switch 216.
  • Resistor R2 and capacitor CI act as delay circuit. This setup isolates CPLD 124 for programming since TDI and TDO are connected only to CPLD 124 via analog switches 204 and 212.
  • Program mode (program done) is represented by line 220.
  • Controller 104 programs CPLD 124 via JTAG interface 108.
  • FIG. 3 shows board 300 after programming of CPLD 124 is completed, IO pin of CPLD 124 is set to logical " state 312.
  • analog switch 204 will set switch to state 304 thus connecting TDI line to OUT2, whereas switch 212 will set to state 308 to connect TDO to IN2. This state will be kept forever;
  • CPLD 124 is programmed and is disconnected from the chain of all other CPLDs (128, 132).
  • any subsequent power up of the board at stage 300 will enable programming of any one of the CPLDs (128, 132) which are connected in the chain, thus enabling programming of those CPLDs for maintenance reasons in the field.
  • CPLD 124 will not be accessible for

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Programmable Controllers (AREA)

Abstract

An electronic circuit includes a plurality of programmable components connected in an electronic chain (128, 132). An interface (108) is adapted to connect the programmable components (124, 128, 132) to an external controller (104) wherein the controller (104) is adapted to program the programmable components (124, 128, 132). A component isolation element (204, 212) is connected to the interface (108) at an input end and to the electronic chain (128, 132) of the programmable components at an output end wherein the isolation element (204, 212) is adapted to isolate one component (124) of the programmable components from the electronic chain (128, 132) and wherein the one component (124) is a safety component.

Description

SAFETY COMPONENT IN A PROGRAMABLE COMPONENTS CHAIN
FIELD OF THE INVENTION
This invention relates in general to programming a complex programmable logic device (CPLD) and in particular to programming a safety electronic circuit.
BACKGROUND OF THE INVENTION
Computer-to-plate (CTP) imaging devices use laser diodes for imaging on a substrate. Leakage of laser light from the imaging device during imaging operation may be hazardous to people in proximity to the device.
Various safety measures may be required as high power invisible laser (IR) beams are present at least in the optical fibers of the device during operation and could cause eye damage if they leaked from the device. Interlock sensors are deployed in the device at various locations to notify of hazardous situations or to prevent, for example, opening the device door during operation. The sensors are integrated with specific electronic circuitry as shown in FIG. 1. When one or more of the interlock and safety sensors goes off, indicating a potential leak of laser light, the laser sources are disabled and fault warning activated.
Safety devices are mandatory in potentially hazardous products, and are required to be installed by international safety standards. Safety measures in devices can be incorporated by various means such as software, electronic CPLD components or electro-mechanical components. In the case of CPLD components, the CPLD components are installed on an circuit board, which may include more than one CPLD component. One of the CPLD components may be used for safety.
CPLD components are programmable and the programming is done via a joint test action group (JTAG) port residing on the electronic board and connected typically to a personal computer by an appropriate cable. The CPLD reprogramming may be done by service engineers in the field, therefore it is essential to prevent reprogramming of the CPLD components related to safety and make sure they are programmed only at the manufacturing site. Reprogramming of CPLDs which are intended for safety control in the field is dangerous since it may hinder safe operation of the product, and thus may cause irreversible harm to the product operators, during product operation.
FIG. 1 shows several CPLD components (124, 128, 132) residing on electronic board 100. The JTAG interface is connected to each of the CPLD components by input and output pins (TDI, TDO) and timing and clock pins
(TMS, TCK). The signals TDI, TDO, TMS and TCK are used for accessing and programming of the CPLDs residing on electronic board 100. The CPLD components are concatenated between each other via the input and output pins (TDI, TDO). The TDI signal from JTAG interface 108 is connected to first CPLD 124 via its TDI line. The output line TDO of CPLD 124 is further connected to the input line TDI of the next CPLD in the chain 128. The output pin TDO of the last CPLD in the chain 132 is connected to the TDO line of JTAG interface 108 to form a complete chain of the CPLDs on electronic board 100. The timing TMS and clock pin TCK are connected in parallel from JTAG interface 108 to all CPLDs (124, 128, 132) and controlled by timing and clock pins (TMS, TCK).
The programming of the CPLD components is performed by an external controller 104. The programming data is delivered to JTAG interface 108 via interface lines 112. The content of each of the CPLD components (124, 128, 132) can be independently programmed by controller 104. CPLD 124, which is selected to serve safety measures, has to be treated with more caution than other CPLDs, therefore programming of CPLD 124 should be permitted only once and at the manufacturing site only. Programming at a customer site is unacceptable.
SUMMARY OF THE INVENTION
Briefly, according to one aspect of the present invention an electronic circuit includes a plurality of programmable components connected in an electronic chain. An interface is adapted to connect the programmable components to an external controller wherein the controller is adapted to program the programmable components. A component isolation element is connected to the interface at an input end and to the electronic chain of the programmable components at an output end wherein the isolation element is adapted to isolate one component of the programmable components from the electronic chain and wherein the one component is a safety component. The invention and its objects and advantages will become more apparent in the detailed description of the preferred embodiment presented below.
BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a prior art schematic showing several concatenated CPLD components;
FIG. 2 is a schematic showing the first CPLD (safety CPLD) concatenated with several other CPLD components before programming; and
FIG. 3 is a schematic showing the first CPLD (safety CPLD) concatenated with several other CPLD components after programming.
DETAILED DESCRIPTION OF THE INVENTION
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the disclosure. However, it will be understood by those skilled in the art that the teachings of the present disclosure may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the teachings of the present disclosure.
FIG. 2 and FIG. 3 show an electronic board 200. Board 200 is formed with a similar configuration to the prior art shown with board 100 in FIG. 1. The difference between board 100 and board 200 is in that board 200 is equipped with electronic means adapted to isolate CPLD 124 from the other CPLD in CPLDs chain (128, 132).
The isolation of CPLD 124 which is the safety CPLD is achieved by addition of analog switches 204 and 212. Analog switch 204 switches line TDI between CPLD 124 and the chain of the other CPLDs (128, 132). Similarly analog switch 212 switches line TDO between CPLD 124 and the chain of the other CPLDs. The isolation of CPLD component 124 when residing in board 200 enables CPLD 124 to be limited to singular programming, thus prevents any further programming that may negatively affect safety conditions of the device.
The CPLD components (124, 128, 132) are not programmed at its original state. At the first power up the IO pins are in a logical tri state. FIG. 2 shows a pull down resistor Rl which sets IO pin into logical state "0" prior programming 224. At this state analog switch 204 connects input pin TDI to OUT1 via switch 208, whereas analog switch 212 connects output pin TDO to INI via switch 216. Resistor R2 and capacitor CI act as delay circuit. This setup isolates CPLD 124 for programming since TDI and TDO are connected only to CPLD 124 via analog switches 204 and 212. Program mode (program done) is represented by line 220.
The next step is to program the safety CPLD 124. Controller 104 programs CPLD 124 via JTAG interface 108. FIG. 3 shows board 300 after programming of CPLD 124 is completed, IO pin of CPLD 124 is set to logical " state 312. At this stage analog switch 204 will set switch to state 304 thus connecting TDI line to OUT2, whereas switch 212 will set to state 308 to connect TDO to IN2. This state will be kept forever; CPLD 124 is programmed and is disconnected from the chain of all other CPLDs (128, 132).
At this stage, any subsequent power up of the board at stage 300 will enable programming of any one of the CPLDs (128, 132) which are connected in the chain, thus enabling programming of those CPLDs for maintenance reasons in the field. CPLD 124 will not be accessible for
programming at stage 300 in the field, thus ensuring that the safety CPLD is not mutative any more.
PARTS LIST
100 electronic board
104 controller
108 JTAG interface
112 interface lines
124 first CPLD
128 second CPLD
132 last CPLD in chain
200 board before programming of CPLD 124
204 IN lines analog switch
208 switch 204 at OUTl state: CPLD 124 before programming
212 OUT lines analog switch
216 switch 212 at INI state: CPLD 124 before programming
220 program mode line (program done)
224 IO pin at CPLD 124 before programming state
300 board after programming of CPLD 124
304 switch 204 at OUT2 state: CPLD 124 after programming
308 switch 212 at IN2 state: CPLD 124 after programming
312 IO pin at CPLD 124 after programming state
TDI input pin
TDO output pin
TMS timing pin
TCK clock pin

Claims

CLAIMS:
1. An electronic circuit comprising:
a plurality of programmable components connected in an electronic chain;
an interface adapted to connect said programmable components to an external controller wherein said controller is adapted to program said programmable components; and
a component isolation element connected to said interface at an input end and to said electronic chain of said programmable components at an output end wherein said isolation element is adapted to isolate one component of said programmable components from said electronic chain and wherein said one component is a safety component.
2. The electronic circuit according to claim 1 wherein said interface is a joint test action group (JTAG) interface.
3. The electronic circuit according to claim 1 wherein said component isolation element comprises:
a pull down resistor adapted to force an output pin from said safety component to logical state zero at first power up of said electronic circuit;
a first analog switch adapted to link an input data line from said JTAG interface to said safety component before programming and to the chain of all the other programmable components after programming of said safety component; and
a second analog switch adapted to link an output data line from said safety component to said interface before programming and to the chain of all the other programmable components after programming of said safety component.
4. The electronic circuit according to claim 1 wherein said programmable component is a CPLD component.
5. A method for a singular programming a programmable component in an electronic circuit comprising:
providing a plurality of programmable components connected between each other in an electronic chain arrangement;
providing an interface adapted to connect said
programmable components to an external controller wherein said controller is adapted to program said programmable components;
isolating a safety component by setting an output pin in said safety component to logical state zero at first power up of said electronic circuit and wherein said logical state zero causes input data line and output data line from said interface to be connected just to said safety component;
programming said safety component; and
setting said output pin in said safety component to logical state one wherein said logical state one causes input data line and output data line from said interface to disconnect from said safety component and connect to said electronic chain of said plurality of programmable components excluding said safety component.
6. The method according to claim 5 wherein said interface is a joint test action group (JTAG) interface.
7. The method according to claim 5 wherein said programmable component is a complex programmable logic device (CPLD) component.
PCT/US2012/060750 2011-10-24 2012-10-18 Safety component in a programmable components chain WO2013062844A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US13/279,371 US8362801B1 (en) 2011-10-24 2011-10-24 Method of programming a safety component
US13/279,370 US8441280B1 (en) 2011-10-24 2011-10-24 Safety component in a programmable components chain
US13/279,370 2011-10-24
US13/279,371 2011-10-24

Publications (1)

Publication Number Publication Date
WO2013062844A1 true WO2013062844A1 (en) 2013-05-02

Family

ID=47190142

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/060750 WO2013062844A1 (en) 2011-10-24 2012-10-18 Safety component in a programmable components chain

Country Status (1)

Country Link
WO (1) WO2013062844A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109408088A (en) * 2018-10-09 2019-03-01 郑州云海信息技术有限公司 CPLD upgrade method, device, system and computer readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030212897A1 (en) * 2001-08-18 2003-11-13 Russell Dickerson Method and system for maintaining secure semiconductor device areas
US7345502B1 (en) * 2006-01-17 2008-03-18 Xilinx, Inc. Design security for configurable devices
US20100082928A1 (en) * 2008-09-30 2010-04-01 Infineon Technologies North America Corp. Secure Manufacturing of Programmable Devices

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030212897A1 (en) * 2001-08-18 2003-11-13 Russell Dickerson Method and system for maintaining secure semiconductor device areas
US7345502B1 (en) * 2006-01-17 2008-03-18 Xilinx, Inc. Design security for configurable devices
US20100082928A1 (en) * 2008-09-30 2010-04-01 Infineon Technologies North America Corp. Secure Manufacturing of Programmable Devices

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109408088A (en) * 2018-10-09 2019-03-01 郑州云海信息技术有限公司 CPLD upgrade method, device, system and computer readable storage medium

Similar Documents

Publication Publication Date Title
US8836338B2 (en) Switching circuits and methods of testing thereof
CA2762475A1 (en) Switching circuits and methods of testing
JP4870149B2 (en) Safety switching device for safe disconnection of electrical loads
US8418012B2 (en) Method of analyzing the safety of a device employing on target hardware description language based fault injection
JP2008544663A (en) Safety switching device and method in automated equipment
WO2007053240A3 (en) Tandem handler system and method for reduced index time
CN108701987A (en) False current limiter with self detection power electronic and trigger circuit
US8362801B1 (en) Method of programming a safety component
EP2905452B1 (en) Asil B-compliant implementation of automotive safety-related functions by means of a high diagnosability, quality managed-compliant integrated circuit
WO2013062844A1 (en) Safety component in a programmable components chain
CN107782208B (en) All-electronic fuze tester for parallel testing of multiple sets of fuzes and testing method thereof
US8441280B1 (en) Safety component in a programmable components chain
CN112771642A (en) Automatic synchronizer of circuit breaker
CN104898464B (en) A kind of control module of Insulation test
US10691079B2 (en) Secure electronic device
US7164277B2 (en) Method for circuit inspection
US10395869B2 (en) Relay circuit and method for performing self-test of relay circuit
US7089471B2 (en) Scan testing mode control of gated clock signals for flip-flops
US20140084951A1 (en) Method for detecting a device that generates spurious signals in an electrical network, an electrical system and an aircraft
WO2013029698A3 (en) Isolation adapter for a vehicle component test and test method for a vehicle component
US11289893B2 (en) Devices, systems and methods for avoiding fault propagation in safety systems
GB2479222A (en) Diagnostic Device for Testing a Television Set
KR101710683B1 (en) Apparatus and Method for Controling of Safety System Equipment Using Logic Gate Component in Nuclear Power Plant
CN106773641B (en) Module system for safety control of automation equipment
US20170227612A1 (en) Power Supply Arrangement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12787572

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12787572

Country of ref document: EP

Kind code of ref document: A1