Add to collection(s) Add to saved
  1. Science
  2. Physics
  3. Electricity And Magnetism

TTIT07 Diskreta strukturer Situation 6 An elevator system

advertisement 
TTIT07 Diskreta strukturer
Situation 6
Ulf Nilsson
IDA, Liköpings universitet
2000-09-29
An elevator system
We consider an elevator system of a two story building. On each floor there is a button (Call1 and
Call2) which can be used to call the elevator to the floor. Inside the elevator there are buttons to go
to floor one (Down) and floor two (Up). There is an emergency stop (Stop) inside the elevator and
there is a sensor (DoorClosed) to detect if the elevator door is closed. There are two sensors, Floor1
and Floor2, to sense if the elevator is at floor 1 or 2. The elevator system also contains a controller.
We want to model the elevator system and verify some properties of the system. The whole system
is depicted in the following Figure:
Control Logic
floor 2
floor 1
Up
Down
Stop
DoorClosed
Floor2
Floor1
Call2
Call1
Motor Logic
ElevatorUp
MotorUp
ElevatorDown
MotorDown
ElevatorStop
The controller
The controller is responsible for controlling the movements of the elevator. The controller uses the
following boolean parameters as inputs:
Input variables
Informal translation
DoorClosed
The elevator door is closed
Floor1
The elevator is at floor one
Floor2
The elevator is at floor two
Input variables
Informal translation
Call1
The call button on floor one is pressed
Call2
The call button on floor two is pressed
Up
The up-button in the elevator is pressed
Down
The down-button in the elevator is pressed
Stop
The stop-button in the elevator is pressed
The inputs are used to control the movements of the actual elevator:
Output variables
Informal translation
ElevatorUp
Instruct the motor to raise the elevator
ElevatorDown
Instruct the motor to lower the elevator
ElevatorStop
Instruct the motor to stop
The following table summarizes the control logic of the particular controller in this example:
DoorClosed Floor1 Floor2 Call1 Call2 Up Down Stop ElevatorUp ElevatorDown ElevatorStop
T
T
F
-
-
T
-
-
T
-
-
T
T
F
-
T
-
-
-
T
-
-
T
F
T
-
-
-
T
-
-
T
-
T
F
T
T
-
-
-
-
-
T
-
-
-
-
-
-
-
-
T
-
-
T
F
-
-
-
-
-
-
-
-
-
T
The first row of the table states that the motor should raise the elevator (ElevatorUp=T) if
•
the door is closed (DoorClosed=T), and
•
the elevator is on floor one (Floor1=T), and
•
the elevator is not already on floor two (Floor2=F), and
•
the up-button is pressed inside the elevator (Up=T).
Likewise, the second row states that the motor should raise the elevator (ElevatorUp=T) if
•
the door is closed (DoorClosed=T), and
•
the elevator is on floor one (Floor1=T), and
•
the elevator is not already on floor two (Floor2=F), and
•
the call button on floor two is pressed (Call2=T).
We make two further assumptions about the controller: we assume that the elevator is never on two
floors simultaneously, and that at most one of the outputs is on simultaneously.
The motor controller
The motor controller is constructed by means of electromagnetic switches. There are two kinds of
switches depicted below:
X
Y
X
Z
Y
Z
The first switch short-circuits Y and Z when X is on; if X is off the connection between Y and Z is
broken. The second switch behaves dually: the switch short-circuits Y and Z if X is off; when X is
on, Y and Z are not necessarily equal. The motor controller is constructed as follows:
0
ElevatorUp
1
MotorUp
ElevatorUp
ElevatorStop
ElevatorStop
ElevatorDown
MotorDown
0
ElevatorDown
0
The requirements
The controller logic and the motor logic is to be composed into a single system that must satisfy
certain requirements. The properties that must be verified are divided in two groups; properties that
the elevator system should possess (so-called functional properties), and properties that the system
must not possess (safety properties). The following safety properties have to be verified:
1.
If the door is open or the emergency stop is pressed, the elevator must not move.
2. If the elevator is on floor one it must not go down.
3. If the elevator is on floor two the elevator must not go up.
The following functional requirements are to be verified:
4. If the elevator is on floor one, the emergency stop is not pressed and the door is closed, pressing either of the buttons Up or Call2, makes the elevator go up.
5. If the elevator is on floor two, the emergency stop is not pressed and the door is closed, pressing either of the buttons Down or Call1, makes the elevator go down.
6. If the door is closed, the elevator is neither on the first nor on the second floor, the button Stop
is not pressed, and either Call1 or Down is pressed, then the elevator moves down.
Related documents
Name: Date: ______ Period
Name: Date: ______ Period
Business Plan
Business Plan
Elevator Speech Worksheet
Elevator Speech Worksheet
Download
advertisement