A control circuit includes a latching relay, a power loss activation circuit, and a watchdog circuit. A microcontrol unit (MCU) communicates with the watchdog circuit in a normal operation of the control circuit. As an action of a failsafe precaution in the event of a main power loss or a component failure, the MCU stops communicating with the watchdog circuit, at which point the watchdog circuit instructs the power loss activation circuit to continue operation of the control circuit. The control circuit further operates to implement mitigation operations in the event of a main power loss or component failure.

A surgical robot comprising a surgical robot arm and a surgical robot arm controller. The surgical robot arm comprises a set of joints and a joint controller. The joint controller is configured to drive a joint of the set of joints. The surgical robot arm controller comprises a processor and watchdog circuitry. The processor is configured to send joint driving signals to the joint controller on a communication link. The watchdog circuitry is configured to: receive sequence values from the processor; determine whether each received sequence value matches a next expected value of a predetermined sequence; and if the received sequence value does not match the next expected value of the predetermined sequence, disable the communication link between the processor and the joint controller.

A power supply controller system includes a power supply portion, arithmetic processing portions, and first and second monitoring circuits configured to monitor an integrity of power supply of the power supply portion. The first monitoring circuit instructs a second arithmetic processing portion to stop an operation thereof when a first watchdog timer is not reset for a predetermined period of time. The second monitoring circuit instructs a first arithmetic processing portion to stop an operation thereof when a second watchdog timer is not reset for a predetermined period of time. The first monitoring circuit further includes a third watchdog timer periodically reset by any one of the first arithmetic processing portion and the second arithmetic processing portion and instructs another arithmetic processing portion to stop an operation thereof when the third watchdog timer is not reset for a predetermined period of time.

A semiconductor chip with functions implemented thereon in circuitry has a first region, in which a first group of safety-relevant base functions are implemented in circuitry, and a second region, which is separated from the first region using technological safety measures and in which a first group of monitoring functions that monitor the base functions are implemented in circuitry. It also contains a third region, which is formed on the semiconductor chip and is separated from the other regions using technological safety measures and in which a second group of monitoring functions that monitor the base functions are implemented in circuitry.

A multi-logic device system, an electronic engine controller, and a method of operating the multi-logic device system. The multi-logic device system includes a primary logic device which is more resilient to single event effects, and one or more secondary logic devices, each secondary logic device being powered by a respective power supply unit and being more susceptible to single event effects. The primary logic device is configured to run, for each secondary logic device, a respective watchdog timer. Each watchdog timer is restarted upon receipt of a restart signal from the respective secondary logic device. The primary logic device is also configured, in response to a watchdog timer timing out, to identify and reset the secondary logic device corresponding to the timed out watchdog timer.

A method may include receiving, by respective processing circuitry of one or more power modules of an industrial automation device, a control signal from a controller of the industrial automation device. The power modules may include driver circuitry and a power converter that may provide power to a motor based on the signal. The method may also include, detecting, by the respective processing circuitry, a lack of communication from the controller based on the signal, and, in response to detecting the lack of communication from the controller, transmitting, by the respective processing circuitry, a first command to gating signal enable circuitry to disable the driver circuitry, and transmitting, by the respective processing circuitry, a second command to driver power circuitry to prevent power from being provided to the driver circuitry.

A multi-logic device system, an electronic engine controller, and a method of operating the multi-logic device system. The multi-logic device system includes a primary logic device which is more resilient to single event effects, and one or more secondary logic devices, each secondary logic device being powered by a respective power supply unit and being more susceptible to single event effects. The primary logic device is configured to run, for each secondary logic device, a respective watchdog timer. Each watchdog timer is restarted upon receipt of a restart signal from the respective secondary logic device. The primary logic device is also configured, in response to a watchdog timer timing out, to identify and reset the secondary logic device corresponding to the timed out watchdog timer.

A method may include receiving, by respective processing circuitry of one or more power modules of an industrial automation device, a control signal from a controller of the industrial automation device. The power modules may include driver circuitry and a power converter that may provide power to a motor based on the signal. The method may also include, detecting, by the respective processing circuitry, a lack of communication from the controller based on the signal, and, in response to detecting the lack of communication from the controller, transmitting, by the respective processing circuitry, a first command to gating signal enable circuitry to disable the driver circuitry, and transmitting, by the respective processing circuitry, a second command to driver power circuitry to prevent power from being provided to the driver circuitry.

An arithmetic device and a control apparatus capable of executing a process according to an event occurring in one or more functional units connected through a communication circuit are provided. The arithmetic device configuring the control apparatus includes: a communication circuit for exchanging data with the functional units through the communication line; a processor for executing at least one of an arithmetic processing using data acquired from the functional units and a generation processing of data to be transmitted to the functional units; and a monitoring circuit connected to the communication circuit and the processor, and includes: a detection unit that detects an event occurring in the arithmetic device; a storage unit that stores a message associated with each event; and a start unit that gives an instruction to the communication circuit in accordance with the detected event to transmit a message associated with the detected event.

A power supply controller system includes a power supply portion, arithmetic processing portions, and first and second monitoring circuits configured to monitor an integrity of power supply of the power supply portion. The first monitoring circuit instructs a second arithmetic processing portion to stop an operation thereof when a first watchdog timer is not reset for a predetermined period of time. The second monitoring circuit instructs a first arithmetic processing portion to stop an operation thereof when a second watchdog timer is not reset for a predetermined period of time. The first monitoring circuit further includes a third watchdog timer periodically reset by any one of the first arithmetic processing portion and the second arithmetic processing portion and instructs another arithmetic processing portion to stop an operation thereof when the third watchdog timer is not reset for a predetermined period of time.