Abstract: Even when a priority frame and a non-priority frame are provided as communication frames, real-time performance and security of communications are both provided. A rule verification portion 7 tests a communication frame in accordance with a test rule and determines whether the communication frame is an invalid frame. Verification status hold portions 4 and 5 hold status information that indicates a status of the test by the rule verification portion 7. An interception control portion 8 controls interception of the communication frame based on a determination result of the rule verification portion 7. When an I/F portion 1 receives a fragment of a non-priority frame, the rule verification portion 7 tests the fragment to test the non-priority frame, when ending the test on the fragment, interrupts the test on the non-priority frame, and when the I/F portion 1 receives a next fragment, resumes the test on the non-priority frame based on status information.

Abstract: Conventional security measures are generally intended for an IT system, and it has been difficult to satisfy a real-time property and availability requested to a control system. Furthermore, since a time-division type time slot communication method is not taken into consideration, such time slot communication has problems in efficient utilization of computer resources and decrease in availability. In order to solve the above-described problems, the present invention specifies a time slot from characteristics of a communication packet received by a reception unit 133 by using a time slot characteristic storage unit 130, and selects, in accordance with the specified time slot, an inspection pattern stored in an inspection pattern storage unit 136 by using an inspection pattern selection unit 131.

Abstract: Provided are a control system and an authentication device capable of detecting abnormality of a development device for distributing a control program and of preventing destruction and tampering of the program caused by the abnormality. To solve the above problem, there is provided: a control device that controls a controlled object; a development device that manages a plurality of control programs executed by the control device and sends the predetermined control program and information accompanying the control program to the network; and an authentication device having an authentication list storing the information accompanying the control program in association with the control program.

Abstract: Provided are a control system and an authentication device capable of detecting abnormality of a development device for distributing a control program and of preventing destruction and tampering of the program caused by the abnormality. To solve the above problem, there is provided: a control device that controls a controlled object; a development device that manages a plurality of control programs executed by the control device and sends the predetermined control program and information accompanying the control program to the network; and an authentication device having an authentication list storing the information accompanying the control program in association with the control program.

Abstract: The objective of the present invention is to provide a security monitoring system and a security monitoring method which is capable of a quick operation when an unauthorized access, a malicious program, and the like are detected, while the normal operation of the control system is not interrupted by an erroneous detection. The security monitoring system 100 obtains communication packets in segments 3 which constitutes a control system 1, and extracts a communication packet which has a characteristic value different from a normal value among the obtained communication packets to generate communication event information 150. The security monitoring system 100 predicts a degree of influence on the control system 1 by the communication packet extracted as the communication event information 150 by verifying the communication event information 150 with event patterns which indicate characteristics of the unauthorized access and the like.

Abstract: The invention contemplates to improve versatility or flexibility of a system for managing a controller. In a data format converter, a computer constitutes reception unit for acquiring input information containing a program, etc, of a first data format and outputted from a programmer unit, direction extract unit for extracting a convert direction of a data format contained in the input information so acquired, data conversion rule acquisition unit for acquiring a conversion rule of a data format corresponding to the convert direction so extracted and convert execution means for converting the program, etc, of the first data format to a second data format. The program, etc, of the second data format converted is outputted to the controller. The program, etc, can be created in this way in an arbitrary data format different from the data format of the controller.

Abstract: A receiving device including: a receiver receiving two frames, each including substantially same data attached thereto with a data error detection code, a frame error detection code, and safety flag information indicating a safety function or not, respectively; a first detector connected to the receiver for performing error detection of the frames by use of the frame error detection code, respectively; a second detector connected to the receiver for performing error detection of the data by use of the data error detection code, respectively; and a Direct Memory Access Controller (DMAC) connected to the first and second detectors for outputting one among the data included in the two frames under a condition of the safety function in the two frames when no error is detected in the frame and data error detections.

Abstract: Processed results are received when processors make compatible computations on data of a common object. A computation command signal is generated and fed to the processors in response to a start signal from any one of the processors so that the processors can make computations with different operation timings. Then, the results of the computations made by the processors are compared with each other. Thus, apparatus capable of small size, high performance and safety at the same time can be achieved by the above construction using the processors.

Abstract: A processing module to use for a processing system having a plurality of processing modules connected via a communication line is comprising mounting position information for the processing module in the communication line; a unique logical address to indicate the processing module; a database to correspond with a physical address of the processing module in the communication line; a position identification device to identify the mounting position information in the communication line of the processing module; a unique/physical address conversion device to fetch the physical address corresponding to the unique logical address from the database using a data packet having the unique logical address as a destination; and a position/physical address conversion device for searching for the physical address from the mounting position information.

Abstract: An initialization data generator includes a task database in which task descriptions for initializing a computer are specified related with task IDs and an initialization database in which initialization data descriptions for initializing a computer are stored related with initialization data IDs. The initialization data generator takes input of the computer ID of a computer to be initialized and task data, reads task descriptions and initialization data descriptions according to task ordering related with the task data from the task database and the initialization database, based on the task IDs, task ordering, and the initialization data IDs for software modules which are loaded into the computer to be initialized by the tasks corresponding to the task IDs, specified in the task data, and generates and transfers initialization data to the computer to be initialized, thereby initializing the computer to be initialized.

Abstract: An input/output control apparatus including: a unit that controls input/output of data relating to a computation of a plurality of processors in response to an access request from a second input/output unit and an access request from a first input/output unit which requires higher reliability than said second input/output unit, and orders at least one of a plurality of processors to perform a computation relating to the access request from said first input/output unit away from the computation relating to the access request from said second input/output unit in case of that said first input/output unit issued an access request, so that a same computation is made by said plurality of processors; a unit that compares the results of said computations relative to the access request from said first input/output unit provided from said plurality of processors; and a unit that allows the data associated with said computations of said processors to be output on the basis of said compared results.

Abstract: A modular computer system formed by connecting a processing module having a processor mounted thereon and a plurality of I/O modules in a stacked form via connectors, where differing ones of the plurality of I/O modules being differing types of I/O modules from one another, which operate with mutually differing types of bus-layout configurations. In accordance with the association of I/O modules with identification information, for each differing type of I/O module stacked via the connectors, said processing module selects from differing preset bus-layout configurations and device drivers from a memory, to dynamically reconfigure the reconfigurable generic bus for accessing the differing type of I/O module.

Abstract: A receiving device including: a receiver receiving two frames, each including substantially same data attached thereto with a data error detection code, a frame error detection code, and safety flag information indicating a safety function or not, respectively; a first detector connected to the receiver for performing error detection of the frames by use of the frame error detection code, respectively; a second detector connected to the receiver for performing error detection of the data by use of the data error detection code, respectively; and a Direct Memory Access Controller (DMAC) connected to the first and second detectors for outputting one among the data included in the two frames under a condition of the safety function in the two frames when no error is detected in the frame and data error detections.

Abstract: The information processor includes a device communication performance management module. The device communication performance management module includes: a communication performance evaluation unit that measures and evaluates the communication performance with respect to a device to be used when it is used by a device-use application; a device naming rule management unit that manages a naming rule for incorporating the communication performance evaluated by the communication performance evaluation unit into the name of the device file for a device as the target of evaluation; and a device file management unit that creates a device file for a device as the target of evaluation in accordance with the naming rule based on the result of communication performance evaluation. The result of communication performance evaluation by the communication performance evaluation unit is incorporated into the name of a device file and the evaluation result is thereby provided to a device-use application.

Abstract: A computer system, being a stack bus system in which a plurality of computer modules are stacked and connected to one another and being capable of automatically matching and allocating bus resources such as clocks and interrupts, is provided. In the computer system including one system module and n peripheral modules, each peripheral module includes an interrupt selector, a clock selector, an arbitration signal selector, a resource decision unit, and a position identification unit. The position identification unit cooperates with a position configuration unit present in the system module to identify a position of the module, which includes the position identification unit, in the computer system, and autonomously decides bus resources used by the module. By allowing the interrupt selector, the clock selector, and the arbitration signal selector to select and use the decided bus resources, each peripheral module can match and configure the bus resources in the computer system.

Abstract: The system has, provided in a sending device, a generator generating transmission data including data, a data error detection code generated from the data and a safety flag indicating a degree of reliability, and transmission data; has, provided in a receiving device, a plurality of components of extracting transmission data, a safety flag, and a data error detection code from a received frame, and detecting a data error, a comparator comparing the matching of a plurality of received frames, and a selector selecting one received frame, from the frame error detection result, the safety flag, the data error detection result, and the matching comparison result; and determines the validity of transmitted data by the detection corresponding to the degree of reliability set with the safety flag.

Abstract: The invention contemplates to improve versatility or flexibility of a system for managing a controller. In a data format converter, a computer constitutes reception unit for acquiring input information containing a program, etc, of a first data format and outputted from a programmer unit, direction extract unit for extracting a convert direction of a data format contained in the input information so acquired, data conversion rule acquisition unit for acquiring a conversion rule of a data format corresponding to the convert direction so extracted and convert execution means for converting the program, etc, of the first data format to a second data format. The program, etc, of the second data format converted is outputted to the controller. The program, etc, can be created in this way in an arbitrary data format different from the data format of the controller.

Abstract: The invention contemplates to improve versatility or flexibility of a system for managing a controller. In a data format converter, a computer constitutes reception unit for acquiring input information containing a program, etc, of a first data format and outputted from a programmer unit, direction extract unit for extracting a convert direction of a data format contained in the input information so acquired, data conversion rule acquisition unit for acquiring a conversion rule of a data format corresponding to the convert direction so extracted and convert execution means for converting the program, etc, of the first data format to a second data format. The program, etc, of the second data format converted is outputted to the controller. The program, etc, can be created in this way in an arbitrary data format different from the data format of the controller.

Abstract: Input-output devices are prevented from conducting false output due to faulty operation by providing an input-output control apparatus configured to store input-output values to be used by a processor to conduct arithmetic operation in a mode having a relatively high safety requirement, in a first storage area, store input-output values to be used by the processor to conduct arithmetic operation in a mode having a relatively low safety requirement, in a second storage area, and restrict copying to the first storage area, copying from the first storage area, copying to the second storage area, or copying from the second storage area according to the mode concerning the safety requirement.

Abstract: The information processor includes a device communication performance management module. The device communication performance management module includes: a communication performance evaluation unit that measures and evaluates the communication performance with respect to a device to be used when it is used by a device-use application; a device naming rule management unit that manages a naming rule for incorporating the communication performance evaluated by the communication performance evaluation unit into the name of the device file for a device as the target of evaluation; and a device file management unit that creates a device file for a device as the target of evaluation in accordance with the naming rule based on the result of communication performance evaluation. The result of communication performance evaluation by the communication performance evaluation unit is incorporated into the name of a device file and the evaluation result is thereby provided to a device-use application.