June 2015
42
E
MBEDDED
C
OMPUTING
which comprises features such as the operat-
ing mode selector, con rmation switch, and
emergency stop. e highest level is that of
the human-machine interface, which in this
case is based on Windows. e developers at
KUKA distribute these four tasks among two
cores – because redundancy contributes to
meeting the safety requirements. is means
that two independent cores perform the same
safety-related computing operations. If their
results match when compared, the system is
operating safely.
e integrated safety control not only ensures
standard robot safety in accordance with ISO
10218 through emergency stop, operating
mode selector, and con rmation switch, but
also an extended safety level by monitoring
the safeness of operating spaces, speed and
acceleration levels, and stopping routines.
Safe protocol stacks for FailSafe over Ether-
CAT, Pro Safe over Pro net, and CIP-Safe
over Ethernet/IP are supplied entirely on the
so ware level, without any need for expen-
sive additional groups of switches. Detailed
descriptions of the safety requirements in
industrial robotics can be found in the ISO
10218 standard. It basically serves as the
in-house standard of KUKA with which virtu-
ally every development process is aligned. is
standard in turn refers to the more general
and thus superordinate safety requirements
of the IEC 61508 standard. e compliance
with the standards is certi ed by TÜV SÜD.
When planning their development schedules,
KUKA integrates the audits by this indepen-
dent testing institute from the start. But sim-
ply submitting a nished robot to TÜV will
not be su cient for earning their approval in
projects as complex as these. TÜV transpar-
ency requirements demand the documenta-
tion of all steps in the development process so
the auditors can comprehend the way the nal
product works. e robotic company knows
from long experience which documents are
needed and successively produces them as the
development proceeds.
e demands on the nished robot de ne the
demands which KUKA in turn places on the
suppliers of their safety-related components.
Suppliers who mainly produce safety-related
robot components usually document compli-
ance with these demands in a dedicated safety
manual based on the relevant standards. Man-
ufacturers who also cater to other industries
use di erent forms of documentation which
the robotic company then translates into their
in-house standard. is applies not only to
the Fujitsu mainboards, which are also used
in other branches of the embedded indus-
try such as digital signage and medical engi-
neering, but also the storage components and
Intel processors with which KUKA equip the
boards to t their special purposes.
If security is the protection of machines
from humans, this usually means protecting
machines from unauthorized remote access
from outside. In this respect, the current trend
towards web-based networking of manufac-
turing machines tends to open up new poten-
tial gateways for intruders. In order to prevent
this, KUKA encourages users not to connect
robot controls directly to the internet, thus
ruling out several risks from the outset. Nev-
ertheless, they o er several lines of defense: a
special TCP/IP stack (not Windows) functions
as the rst touch point with the outside world
(KUKA Line Interface). So ware-based bridg-
ing and Network Address Translation (NAT)
ensure that protocols and ports must expressly
be con gured and unlocked before they can be
opened. Other security measures for detecting
denial-of-service (DoS) attacks, that is, suspi-
cious access patterns, include Broadcast Storm
Detection and overload recognition in network
drivers. In addition, Computer Protection by
Certi cation (CPC) operates on the Windows
level. As a result, only certi ed, cleared EXEs
and DLLs registered with the control system
can be launched, whereas unregistered execut-
ables are blocked.
n
Figure 1. e new KUKA robot control KR C4
Figure 2. Overview of the communication of the robot control KR C4
Figure 3. e enclosure of the KR C4 contains
35% less hardware and 50% less connectors –
compared with the previous robot control.
Product News
n
ICOP: ICE Box-PC building block
system for extreme environments
Rugged computing is a must for lots of
new IoT, M2M and Big Data applications
deployed in extreme environmental con-
ditions. Hardly any embedded computing
hardware, however, is equipped to oper-
ate in - 60°C, let alone - 100 °C or to be
immersed in water. To enable passively
cooled standard hardware to nevertheless
be operated in such extreme environments,
ICOP Technology has developed the ICE
Box, a new modular building block sys-
tem with IP67 protection and active heat-
ing, which automatically activates if the
temperature drops below a con gurable
minimum temperature (standard value is
-20°C).
