| Title of Invention | A VEHICLE DIAGNOSTIC SYSTEM |
|---|---|
| Abstract | The invention relates to a vehicle diagnostic system, comprising a first control module that comprises a first processor and that controls a transmission of a vehicle; and a second control module that controls an engine of the vehicle and that validates that functionality of the first processor of the first control module wherein if the second control module determines that the first processor of the first control module is faulty, the second control module shuts down the first control module, and wherein the first and second control modules are distributed and located remotely with respect to each other. |
| Full Text | FIELD OF THE INVENTION The present invention relates to vehicle diagnostic systems, and more particularly to a diagnostic system for reducing control module operation faults. BACKGROUND OF THE INVENTION The statements in this section merely provide background information related to the present disclosure and may not constitute prior art. Referring now to figure 1, one or more control modules 10 control various subsystems of a vehicle. A control module 10 typically includes a primary processor 12 that includes an arithmetic logic unit (ALU) that is capable of calculating results for a wide variety of arithmetical computations. The calculated results are used by software to control the various electrical and/or mechanical components of the subsystem. Some conventional control modules 10 includes a secondary processor 14. The purpose of the secondary processor 14 is to provide a security check for the ALU of the primary processor 12. For example, the secondary processor 14 can periodically transmit an arithmetic request to the primary processor 12. The primary processor 12 answers by transmitting a calculated result. The secondary process 14 compares the calculated result to an expected result. When the calculated result equals the expected result, the secondary processor 14 determines that the ALU of the primary processor 12 is operating correctly. Otherwise, when the calculated result does not equal the expected result, the ALU of the primary processor 12 is determined to be faulty. The secondary processor 14 disables the primary processor 12 by switching off the power to the primary processor 12 from a power supply 16. This type of security check is required for most real time embedded control systems. Providing a secondary processor adds to the overall cost of producing the control module 10. SUMMARY OF THE INVENTION Accordingly, a vehicle diagnostic system is provided. The system includes: a first control module that includes a first processor and that controls a first vehicle subsystem; and second control module that controls a second vehicle subsystem and that validates the functionality of the first processor of the first control module wherein if the second control module determines that the first processor of the first control module is faulty, the second control module shuts down the first control module. Further, a method of detecting a faulty, arithmetic logic unit (ALU) of a first control module via a second control module is provided. The method includes: the second control module, transmitting an arithmetic request to the first control module; receiving a response including a result to the arithmetic request from the first control module; and sending a signal to shut down the first control module when the response does not equal a predetermined result. Further areas of applicability will become apparent from the description provided herein. It should be understood that the description and specific examples are intended for purposes of illustration only and are not intended to limit the scope of the present disclosure. BRIEF DESCRIPTION OF THE ACCOMPANYIN DRAWINGS The drawings described herein are for illustration purposes only and are not intended to limit the scope of the present disclosure in any way. Figure 1 is a block diagram of an arithmetic logic unit (ALU) security check system of a control module according to the prior art. Figure 2 is a block diagram of an exemplary vehicle including a distributed ALU security check system. Figure 3 is a detailed block diagram of a distributed ALU security check system. Figure 4 is a flowchart illustrating a method performed by a second control module of the distributed ALU security check system. Figure 5 is a flowchart illustrating a method performed by a first control module of the distributed ALU security check system. DETAILED DESCRIPTION OF THE INVENTION The following description is merely exemplary in nature and is not intended to limit the present disclosure, application, or uses. It should be understood that throughout the drawings, corresponding reference numerals indicate like or corresponding parts and features. As used herein, the term module refers to an application specific integrated circuit (ASIC), an electronic circuit, a processor (shared, dedicated, or group) and memory that execute one or more software or firmware programs, a combination logic circuit and/or other suitable components that provide the described functionality. Referring now to Figure 2, a vehicle 20 includes an engine 22, a transmission 24, and a torque converter 26. The engine 22 combusts an air and fuel mixture within cylinders (not shown) to produce drive torque. Air is drawn into the engine through a throttle 28. The torque converter 26 transfers and multiplies torque from the engine 22 to the transmission 24. The transmission 24 includes one or more gear sets that transfer torque to a driveline (not shown) based on a desired speed. The vehicle 20 further includes two or more control modules that control various subsystems within the vehicle. The processor of one control module can be used to perform an ALU security check on the processor of the other control module and vice versa. For example, as shown in Figure 2, an engine control module 30 controls the operation of the engine 22. A transmission control module 32 controls the operation of the transmission 24 and/or torque converter 26. The engine control module 30 and the transmission control module 32 communicate via a controller area network (CAN) 34. As can be appreciated, various communication protocols may be used to facilitate the communication between the control modules 30 and 32. The transmission control module 32 performs the ALU security check for the engine control module 30 and vice versa. Therefore, the ALU security check system is distributed amongst two or more control modules thereby eliminating the need for a secondary processor within each control module 30 and 32. Referring now to Figure 3, a distributed ALU security system is illustrated in greater detail. A first control module 40 electronically communicates with a second control module 42 via a communications network 44. The first control module 40 includes a first processor 46 and a first ALU 48. The second control module 42 includes at least a second processor 52 and a second ALU 50. The second control module 42 can be an independent secure system including a secondary processor (not shown) for performing its own ALU security check. In various other embodiments, the second control module 42 relies on the distributed ALU security check system to diagnose the second ALU 50. For ease of discussion, the second control module of Figure 3 will be discussed as a secure system. The first control module 40 calculates various arithmetic results that control a first vehicle subsystem. The second control module 42 operates 5 similar to the first control module 40 and controls a second vehicle subsystem. The second control module 42 transmits a request signal requesting a predetermined result to a predetermined equation, formula and/or function. The first control module 40 calculates the result and transmits the answer to the second control module 42. The second control module 42 compares the answer to a predetermined result. When the calculated result does not equal the expected result, the second control module 42 determines the first ALU 48 to be faulty. Thereafter, the second control module 42 may turn off the voltage supply to the first control module 40, forcing the first subsystem to operate in a default mode. In various embodiments, the second control module 42 can shut down the first control module 40 by an internal but independent process within the first control module 40 (not shown) or by an external method, separate from the first control module 40, as shown in Figure 3. In various other embodiments, the second control module 42 may command a running reset to the first control module 40 causing the first subsystem to reset. Referring now to Figure 4, Figure 4 is a flowchart illustrating a method performed by the second control module 42 of the distributed ALU security check system. The method can be run periodically while the vehicle 20 is turned on. In various other embodiments the method may be run upon initiation by an external request. For example, a vehicle technician may connect a diagnostic tool to the vehicle and generate an ALU validity check request which initiates the method. Control transmits a request to calculate a predetermined arithmetic operation at 100. Control receives an answer to the request including a calculated result at 110. Control compares the calculated result with a predetermined expected result at 120. If the calculated result equals the expected result, control determines the first ALU to be operating properly. When the calculated result does not equal the expected result, control determines the ALU functionality of the first control module to be faulty. A fault counter is incremented at 130. If the fault counter exceeds a predetermined threshold at 140, control disables the first control module at 150. Figure 5 is a flowchart illustrating a method run by the first control module of the distributed ALU security check system. The method can be initiated based on the request received from the second control module. Control receives a request to perform a predetermined calculation at 200. Control calculates an answer based on the predetermined calculation at 210. Control transmits the predetermined calculation at 220. Once the ALU of the first control module is determined to be faulty, a diagnostic code indicating the fault can be set. In various embodiments, the diagnostic code can be retrieved by a service technician via a tech tool connected to the vehicle. In various other embodiments, the diagnostic code can be transmitted wirelessly to a remote technician. In various other embodiments, an audio or visual warning signal may be generated via an instrumentation panel of the vehicle to indicate to the driver that a malfunction of the vehicle has occurred. Those skilled in the art can now appreciate from the foregoing description that the broad teachings of the present disclosure can be implemented in a variety of forms. Therefore, while this invention has been described in connection with particular examples thereof, the true scope of the invention should not be so limited since other modifications will become apparent to the skilled practitioner upon a study of the drawings, the specification and the following claims. WE CLAIM: 1. A vehicle diagnostic system, comprising: a first control module that comprises a first processor and that controls a transmission of a vehicle; and a second control module that controls an engine of the vehicle and that validates that functionality of the first processor of the first control module wherein if the second control module determines that the first processor of the first control module is faulty, the second control module shuts down the first control module, and wherein the first and second control modules are distributed and located remotely with respect to each other. 2. The vehicle diagnostic system as claimed in claim 1, wherein the first processor comprises an arithmetic logic unit (ALU) and wherein the second control module validates the functionality of the ALU of the first processor. 3. The vehicle diagnostic system as claimed in claim 2, wherein the second control module sends an arithmetic request to the first control module, receives a response to the request from the first control module, and detects a faulty ALU when the response does no equal a predetermined result. 4. The vehicle diagnostic system as claimed in claim 3, wherein the second control module repeats the sending of an arithmetic request to the first control module and receiving a response to the request from the first control module and wherein the second control module detects a faulty ALU when the response does not equal a predetermined result a predetermined number of times. 5. The vehicle diagnostic system as claimed in claim 2, wherein the first control module receives an arithmetic request, calculates a response based on the request, and transmits the response to the second control module. 6. The vehicle diagnostic system as claimed in claim 1, wherein the second control module performs shuts down the first control module by tuning off a voltage to the first control module via a system external to the first control module. 7. The vehicle diagnostic system as claimed in claim 1, wherein the second control module shuts down the first control module by turning off a voltage supply to the first control module via sending a signal to a system internal to the first control module. 8. The vehicle diagnostic system as claimed in claim 1, wherein the second control module commands a resest of the first control module. 9. The vehicle diagnostic system as claimed in claim 1, wherein the second control module sets a diagnostic code when the first processor is determined to be faulty. 10. The vehicle diagnostic system as claimed in claim 1, wherein the second control module sends a signal to illuminate an indicator lamp when the first processor is determined to be faulty. 11. The vehicle diagnostic system as claimed in claim 1, wherein the second module sends a signal to initiate an audio warning signal when the first processor is determined to be faulty. 12. The vehicle diagnostic system as claimed in claim 9, wherein the second control module transmits the diagnostic code to a remote location according to a wireless protocol. ABSTRACT TITLE: A VEHICLE DIAGNOSTIC SYSTEM The invention relates to a vehicle diagnostic system, comprising a first control module that comprises a first processor and that controls a transmission of a vehicle; and a second control module that controls an engine of the vehicle and that validates that functionality of the first processor of the first control module wherein if the second control module determines that the first processor of the first control module is faulty, the second control module shuts down the first control module, and wherein the first and second control modules are distributed and located remotely with respect to each other. |
|---|
00933-kol-2007-correspondence others 1.1.pdf
00933-kol-2007-correspondence others 1.2.pdf
00933-kol-2007-correspondence others 1.3.pdf
00933-kol-2007-correspondence others.pdf
00933-kol-2007-description complete.pdf
00933-kol-2007-priority document.pdf
933-KOL-2007-(06-03-2012)-ABSTRACT.pdf
933-KOL-2007-(06-03-2012)-AMANDED CLAIMS.pdf
933-KOL-2007-(06-03-2012)-AMANDED PAGES OF SPECIFICATION.pdf
933-KOL-2007-(06-03-2012)-DESCRIPTION (COMPLETE).pdf
933-KOL-2007-(06-03-2012)-DRAWINGS.pdf
933-KOL-2007-(06-03-2012)-EXAMINATION REPORT REPLY RECEIVED.pdf
933-KOL-2007-(06-03-2012)-FORM-1.pdf
933-KOL-2007-(06-03-2012)-FORM-2.pdf
933-KOL-2007-(06-03-2012)-FORM-3.pdf
933-KOL-2007-(06-03-2012)-OTHERS.pdf
933-KOL-2007-(06-03-2012)-PETITION UNDER RULE 137.pdf
933-KOL-2007-(14-12-2012)-ABSTRACT.pdf
933-KOL-2007-(14-12-2012)-CLAIMS.pdf
933-KOL-2007-(14-12-2012)-CORRESPONDENCE.pdf
933-KOL-2007-(14-12-2012)-DESCRIPTION (COMPLETE).pdf
933-KOL-2007-(14-12-2012)-DRAWINGS.pdf
933-KOL-2007-(14-12-2012)-FORM-1.pdf
933-KOL-2007-(14-12-2012)-FORM-2.pdf
933-KOL-2007-(14-12-2012)-OTHERS.pdf
933-KOL-2007-CANCELLED PAGES.pdf
933-KOL-2007-CORRESPONDENCE OTHERS-1.4.pdf
933-KOL-2007-CORRESPONDENCE-1.5.pdf
933-KOL-2007-CORRESPONDENCE.pdf
933-KOL-2007-EXAMINATION REPORT.pdf
933-KOL-2007-GRANTED-ABSTRACT.pdf
933-KOL-2007-GRANTED-CLAIMS.pdf
933-KOL-2007-GRANTED-DESCRIPTION (COMPLETE).pdf
933-KOL-2007-GRANTED-DRAWINGS.pdf
933-KOL-2007-GRANTED-FORM 1.pdf
933-KOL-2007-GRANTED-FORM 2.pdf
933-KOL-2007-GRANTED-FORM 3.pdf
933-KOL-2007-GRANTED-FORM 5.pdf
933-KOL-2007-GRANTED-SPECIFICATION-COMPLETE.pdf
933-KOL-2007-PETITION UNDER RULE 137.pdf
933-KOL-2007-REPLY TO EXAMINATION REPORT.pdf
933-KOL-2007-TRANSLATED COPY OF PRIORITY DOCUMENT.pdf
| Patent Number | 256929 | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Indian Patent Application Number | 933/KOL/2007 | ||||||||||||
| PG Journal Number | 33/2013 | ||||||||||||
| Publication Date | 16-Aug-2013 | ||||||||||||
| Grant Date | 13-Aug-2013 | ||||||||||||
| Date of Filing | 28-Jun-2007 | ||||||||||||
| Name of Patentee | GM GLOBAL TECHNOLOGY OPERATIONS, INC. | ||||||||||||
| Applicant Address | 300 GM RENAISSANCE CENTER, DETROIT, MICHIGAN | ||||||||||||
Inventors:
|
|||||||||||||
| PCT International Classification Number | G05B23/02; G07C5/00 | ||||||||||||
| PCT International Application Number | N/A | ||||||||||||
| PCT International Filing date | |||||||||||||
PCT Conventions:
|
|||||||||||||