CN116149253A - PLC online monitoring and debugging system and implementation method thereof - Google Patents

The invention belongs to the technical field of industrial control, and discloses a PLC (programmable logic controller) on-line monitoring and debugging system and an implementation method thereof, wherein the system comprises the following steps that S1, an upper computer sends a request message to a lower computer through a communication module; the communication module comprises an instant communication protocol and a data acquisition and analysis module, wherein the instant communication protocol prescribes the format, transmission and analysis of data; the data acquisition and analysis module performs packaging processing and analysis on the received data and then transmits the data to the lower computer; s2, the lower computer responds to the identification code and the command code in the request message to operate and returns a response request, and the request is packed and analyzed by the data acquisition and analysis module and then transmitted to the upper computer; s3, the upper computer receives the response request to realize on-line monitoring and debugging of the lower computer. The invention solves the problems of higher CPU resource occupancy rate, imperfect debugging function and incapability of flexibly adjusting the monitoring mode to meet different user demands in the prior art.

一种PLC在线监控与调试系统及其实现方法A PLC online monitoring and debugging system and its implementation method

技术领域technical field

本发明属于工业控制的技术领域，更具体地，涉及一种PLC在线监控与调试系统及其实现方法。The invention belongs to the technical field of industrial control, and more specifically relates to a PLC online monitoring and debugging system and an implementation method thereof.

背景技术Background technique

PLC的发展与计算机技术、半导体技术、控制技术、数字技术、通信网络技术等息息相关，这些技术共同推动了PLC(可编程逻辑控制器)技术的发展。虽然有上述技术作为发展支持，但由于PLC自身先天性存在数据处理和管理能力不足，人机交互性差等问题，无法满足更高的交互式控制要求。因此，把个人计算机与PLC进行数据通信，完善控制方法是工业控制领域的首选做法。将计算机作为调试和监控上位机与PLC控制系统进行有机结合，可以有效实现对PLC的调试和监控，同时计算机也可以记录或者显示各种控制数据或图表，极大的方便了控制人员的操作，但在调试或程序运行过程中对PLC内部数据的实时监控会占用较多CPU的资源，调试功能的单一也会降低程序的开发效率。The development of PLC is closely related to computer technology, semiconductor technology, control technology, digital technology, communication network technology, etc. These technologies jointly promote the development of PLC (programmable logic controller) technology. Although the above-mentioned technologies are used as development support, PLC cannot meet the higher interactive control requirements due to its inherent insufficient data processing and management capabilities and poor human-computer interaction. Therefore, it is the first choice in the field of industrial control to communicate data between personal computer and PLC and improve the control method. Combining the computer as the debugging and monitoring host computer with the PLC control system can effectively realize the debugging and monitoring of the PLC. At the same time, the computer can also record or display various control data or charts, which greatly facilitates the operation of the controller. However, real-time monitoring of PLC internal data during debugging or program running will take up more CPU resources, and the single debugging function will also reduce the development efficiency of the program.

虽然期间已经公开了多种PLC在线监控与调试的方案，但是依然无法实质性解决CPU资源浪费和调试功能单一且效率较低的技术问题：Although a variety of PLC online monitoring and debugging solutions have been disclosed during the period, they still cannot substantially solve the technical problems of CPU resource waste and single debugging function and low efficiency:

中国专利CN111142469A文献公开了一种PLC的组态程序的调试方法，针对每个代码行添加调试信息，将编辑后的目标代码编译为PLC能够运行的组态程序，并将该组态程序发送至PLC；在调试模式下，PLC在运行组态程序的每一个指令行之前，基于调试信息调用第一函数，由第一函数基于调试设备发送的断点信息和/或单步调试信息确定当前的指令行是否为有效停止行，如果当前的指令行不是有效停止行，则运行当前的指令行，如果当前的指令行为有效停止行，基于调试信息调用第二函数，由第二函数控制运行组态程序的任务进入睡眠状态，以停止运行组态程序，直至接收到继续运行指令；调试设备获取PLC运行组态程序的运行数据并进行显示。Chinese patent CN111142469A document discloses a debugging method of a PLC configuration program, adding debugging information for each line of code, compiling the edited target code into a configuration program that can be run by PLC, and sending the configuration program to PLC; in debug mode, before running each instruction line of the configuration program, the PLC calls the first function based on the debugging information, and the first function determines the current Whether the command line is a valid stop line, if the current command line is not a valid stop line, run the current command line, if the current command line is a valid stop line, call the second function based on the debugging information, and the second function controls the running configuration The task of the program enters the sleep state to stop running the configuration program until it receives an instruction to continue running; the debugging device obtains the running data of the PLC running the configuration program and displays it.

中国专利CN103218293A文献公开了一种PLC在线调试系统和方法，该系统由PLC后台控制模块和PLC通过通讯的方式，实现用户程序实时在线调试，包括相互通讯的PLC后台控制模块和PLC；其中PLC后台控制模块用于编写用户程序并进行编译，将编译后的用户程序发送至PLC，使能PLC进入PLC在线调试状态，调试并监控PLC中用户程序的运行数据；所述PLC用于接收PLC后台控制模块编译后的用户程序，下载至用户程序存储区，并根据PLC后台控制模块调试中生成的断点信息解析并执行所下载的用户程序，同时将监控的用户程序的运行数据反馈给PLC后台控制模块。Chinese patent CN103218293A discloses a PLC online debugging system and method. The system realizes real-time online debugging of user programs by means of communication between the PLC background control module and the PLC, including the PLC background control module and PLC that communicate with each other; the PLC background The control module is used to write the user program and compile it, send the compiled user program to the PLC, enable the PLC to enter the PLC online debugging state, debug and monitor the running data of the user program in the PLC; the PLC is used to receive the PLC background control The user program compiled by the module is downloaded to the user program storage area, and the downloaded user program is analyzed and executed according to the breakpoint information generated during the debugging of the PLC background control module, and the monitored user program running data is fed back to the PLC background control module.

中国专利CN104898546A文献公开了一种基于SOC的PLC在线调试系统和方法，上位机系统中的程序编译模块将待测试程序的代码转换成用户程序的代码输出至SOC系统中的存储器，用户程序由预设的二进制代码构成。上位机系统的第一调试模块响应外部输入向SOC系统中的嵌入式微处理器IP核发送调试指令或配置指令。嵌入式微处理器IP核响应配置指令对SOC系统中的PLC控制器IP核进行配置，或响应调试指令在调试模式下控制PLC控制器IP核从存储器中读取并执行用户程序的二进制代码，执行中遇到断点或完成调试指令后PLC控制器IP核暂停执行并向第一调试模块发送反馈。Chinese patent CN104898546A discloses a SOC-based PLC online debugging system and method. The program compilation module in the host computer system converts the code of the program to be tested into the code of the user program and outputs it to the memory in the SOC system. Set up binary code. The first debugging module of the upper computer system sends debugging instructions or configuration instructions to the embedded microprocessor IP core in the SOC system in response to external input. The embedded microprocessor IP core responds to the configuration command to configure the PLC controller IP core in the SOC system, or responds to the debugging command to control the PLC controller IP core in the debug mode to read and execute the binary code of the user program from the memory, execute After encountering a breakpoint or completing the debugging instruction, the PLC controller IP core suspends execution and sends feedback to the first debugging module.

以上方法使得测试人员能够监测调试的细节，但是调试功能相对单一，无法对程序进行精确的调试，无法在调试过程中对PLC的内部数据进行监控，虽然在系统开发难度和工作量较小，但是调试过程中监控用户程序导致CPU资源占用较大。因此，依然无法实现本发明所提出的技术问题。The above methods enable testers to monitor the details of debugging, but the debugging function is relatively single, and the program cannot be debugged accurately, and the internal data of the PLC cannot be monitored during the debugging process. Although the difficulty and workload of system development are small, but Monitoring user programs during debugging causes a large CPU resource usage. Therefore, still can't realize the technical problem proposed by the present invention.

发明内容Contents of the invention

本发明旨在克服上述现有技术的至少一种缺陷，提供一种PLC在线监控与调试系统及其实现方法。The present invention aims to overcome at least one defect of the above-mentioned prior art, and provides a PLC online monitoring and debugging system and its implementation method.

本发明详细的技术方案如下：Detailed technical scheme of the present invention is as follows:

本发明为了解决上述技术问题，提供了一种PLC在线监控与调试系统及其实现方法，以解决现有技术中无法实质性解决CPU资源浪费和调试功能单一且效率较低等问题：In order to solve the above technical problems, the present invention provides a PLC online monitoring and debugging system and its implementation method to solve the problems in the prior art that cannot substantially solve the problems of CPU resource waste and single debugging function and low efficiency:

一种PLC在线监控与调试系统的实现方法，其特征在于，包括：A method for implementing a PLC online monitoring and debugging system, characterized in that it comprises:

S1、上位机通过通信模块发送请求报文至下位机；所述通信模块包括即时通信协议、数据采集和解析模块，所述即时通信协议规定了数据的格式、传输和解析；所述数据采集和解析模块对接收到的数据进行打包处理和解析后传至下位机；S1, the upper computer sends a request message to the lower computer through the communication module; the communication module includes an instant communication protocol, data collection and analysis module, and the instant communication protocol specifies the format, transmission and analysis of data; the data collection and The parsing module packs and parses the received data and then transmits it to the lower computer;

S2、下位机响应请求报文中的标识码和命令码运行并返回响应请求，经所述数据采集和解析模块进行打包处理和解析传至上位机；S2, the lower computer responds to the identification code and the command code in the request message and returns the response request, which is packaged and analyzed by the data collection and analysis module and passed to the upper computer;

S3、上位机接收响应请求以实现对下位机的在线监控和调试。S3. The upper computer receives the response request to realize online monitoring and debugging of the lower computer.

所述数据采集和解析模块对接收到的数据进行打包处理具体包括：上位机发送请求数据，所述数据采集和解析模块将请求数据打包成数据包，并判断是否需要将数据包拆分，再经过数据转换把byteArray类型的数据包转换成二进制的数据流传出；The data collection and parsing module packs the received data and specifically includes: the upper computer sends request data, and the data collection and parsing module packs the request data into data packets, and judges whether the data packets need to be split, and then After data conversion, the byteArray type data packet is converted into a binary data stream and exported;

所述判断是否需要数据包拆分具体包括：首先判断封装好的数据包大小是否大于每帧发送数据最大长度(默认每帧发送数据最大长度为256个字节)，若大于，则分包处理，在每个小数据包后面添加序号码，若数据包发送失败则通过序号码确认丢失包，上位机重新发送该数据包(丢失包)，发送成功则结束；Described judging whether to need packet splitting specifically comprises: first judge whether the packaged packet size is greater than the maximum length of data sent per frame (the maximum length of data sent per frame is defaulted to be 256 bytes), if greater, then subpackage processing , add a sequence number after each small data packet, if the data packet fails to be sent, the lost packet will be confirmed by the sequence number, the host computer will resend the data packet (lost packet), and the transmission will end if the transmission is successful;

若不大于，则不进行分包处理，直接将数据包发送；若数据包发送失败则通过上位机重新发送整个数据包。If it is not greater than, the data packet will be sent directly without sub-packet processing; if the data packet fails to be sent, the entire data packet will be resent through the host computer.

进一步地，所述S2具体包括：下位机将接收到的数据解析，提取数据包的标识码和命令码，判断是否需要校验数据：Further, said S2 specifically includes: the lower computer parses the received data, extracts the identification code and command code of the data packet, and judges whether the verification data is needed:

若不需要校验，则下位机直接执行请求报文；若校验不成功，则数据包接收错误则下位机返回异常响应；若校验成功，则数据包接收完成且正确，且根据数据包中的标识码和命令码下位机执行相应操作，并返回对应的请求响应；If no verification is required, the lower computer directly executes the request message; if the verification is unsuccessful, the lower computer returns an abnormal response if the data packet is received incorrectly; if the verification is successful, the data packet is received and correct, and according to the The identification code and command code in the lower computer executes the corresponding operation and returns the corresponding request response;

下位机返回对应的请求响应后，将PLC的请求响应数据进行打包，判断是否需要数据包拆分，然后数据包经过数据转换，转换成二进制数据流，上位机将接收到的数据包解析，提取数据包的标识码和命令码，并判断是否需要校验数据：After the lower computer returns the corresponding request response, it packs the PLC request response data to determine whether the data packet needs to be split, and then the data packet is converted into a binary data stream through data conversion, and the upper computer parses the received data packet and extracts The identification code and command code of the data packet, and determine whether the data needs to be verified:

若不需要校验，则上位机直接执行请求响应；若校验不成功，则数据包接收错误则上位机提示接收错误；若校验成功，则数据包接收完成且正确，且根据数据包中的命令码上位机执行结束响应、接收数据并将返回的数据存入RECVDATA数组中、异常响应或调试结束等操作。If no verification is required, the upper computer directly executes the request response; if the verification is unsuccessful, the upper computer prompts a reception error if the data packet is received incorrectly; if the verification is successful, the data packet is received and is correct, and according to the The command code of the upper computer executes the end response, receives the data and stores the returned data in the RECVDATA array, abnormal response or debugging end and other operations.

进一步地，所述S3的在线监控具体包括轮询监控方式和手动监控方式，所述轮询监控：下位机会按照设置的轮询周期向上位机返回响应请求，上位机接收并在监控图表界面进行实时数据刷新。在轮询监控下可以设置轮询周期；所述手动监控：上位机通过串口中断发送监控请求报文，监控请求报文发送结束，将上位机恢复为接收状态准备接收下位机的应答报文：所述串口中断的由手动选择。Further, the online monitoring of S3 specifically includes a polling monitoring mode and a manual monitoring mode. The polling monitoring: the lower machine returns a response request to the upper computer according to the polling period set, and the upper computer receives and performs the monitoring on the monitoring chart interface. Real-time data refresh. The polling cycle can be set under the polling monitoring; the manual monitoring: the upper computer sends a monitoring request message through the serial port interrupt, the monitoring request message is sent, and the upper computer is restored to the receiving state to prepare to receive the response message of the lower computer: The serial port interrupt is manually selected.

具体的，所述串口中断的方法具体为：串口中断进入，判断是下位机是否接收到串口中断；若下位机接收到串口中断，则启动定时器，将SENDING标志位置为1，代表上位机接收并组装下位机返回的数据帧，若数据没有接收结束则复位定时器，等待接收并组装数据帧；若接收结束将SENDING标志位置为0，则代表上位机接收结束，串口中断返回；若下位机没有接收到串口中断，则启动定时器，上位机重新发送串口中断请求；若上位机没有收到下位机返回的数据帧请求，则显示串口中断接收异常。Specifically, the method of serial port interruption is as follows: the serial port interrupt enters, and it is judged whether the lower computer receives the serial port interrupt; And assemble the data frame returned by the lower computer. If the data has not been received, reset the timer, wait for the reception and assemble the data frame; If the serial port interrupt is not received, start the timer, and the upper computer resends the serial port interrupt request; if the upper computer does not receive the data frame request returned by the lower computer, it will display the serial port interrupt reception exception.

进一步地，所述在线监控还包括全局监控功能、I/O监控功能和自定义监控功能，所述全局监控：对程序内的所有变量、正在使用的地址和指令进行监控；Further, the online monitoring also includes a global monitoring function, an I/O monitoring function and a custom monitoring function, and the global monitoring: monitors all variables, addresses and instructions in use in the program;

所述I/O监控：监控所有正在使用的I点和Q点的状态，监控图表显示程序使用到的I点和Q点并通过0或1来判断该I点和Q点接通状态，1为接通，0为断开。The I/O monitoring: monitor the status of all the I points and Q points in use, the monitoring chart shows the I points and Q points used by the program and judge the connection status of the I points and Q points by 0 or 1, 1 is on, 0 is off.

所述自定义监控包括：①对单个数据地址监控：获取指定数据地址的值(比如某个位、某个字节或某个双字节)并可以在上位机监控图表上实时显示；②对连续数据地址监控：获取一段连续数据地址的值，该段连续的数据地址存放数据的类型相同；③对数据块监控：可以获得某块指定数据块的值，该数据块存放数据的类型相同；The self-defined monitoring includes: 1. monitoring of a single data address: obtaining the value (such as a certain bit, a certain byte or a certain double byte) of a specified data address and displaying it in real time on the upper computer monitoring chart; 2. Continuous data address monitoring: obtain the value of a segment of continuous data addresses, which store data of the same type; ③ data block monitoring: obtain the value of a specified data block, which stores data of the same type;

所述全局监控功能、I/O监控功能和自定义监控功能与所述轮询监控方式和手动监控方式可结合形成六种监控模式：The global monitoring function, I/O monitoring function and custom monitoring function can be combined with the polling monitoring mode and manual monitoring mode to form six monitoring modes:

监控模式1：在使用轮询监控的方式下，开启全局监控功能，会按照轮询周期返回全局监控的变量、寄存器、地址和指令的值或状态；Monitoring mode 1: In the polling monitoring mode, the global monitoring function is turned on, and the values or statuses of the variables, registers, addresses and instructions of the global monitoring will be returned according to the polling cycle;

监控模式2：在使用轮询监控的方式下，开启I/O监控功能，会按照轮询周期返回监控的I点和O点的状态；Monitoring mode 2: In the polling monitoring mode, the I/O monitoring function is turned on, and the status of the monitored I point and O point will be returned according to the polling cycle;

监控模式3：在使用轮询监控的下，开启自定义监控功能分为三种子模式；Monitoring mode 3: When polling monitoring is used, the custom monitoring function is opened and divided into three sub-modes;

子模式1会按照轮询周期返回指定单个数据地址的值；子模式2会按照轮询周期返回一段连续数据地址的值；子模式3会按照轮询周期返回数据块地址的值；Submode 1 will return the value of a single data address according to the polling period; submode 2 will return the value of a continuous data address according to the polling period; submode 3 will return the value of the data block address according to the polling period;

监控模式4：在手动监控的方式下，开启全局监控，当下位机收到全局监控的命令，返回一次全局监控的变量、寄存器、地址和指令的值或状态；Monitoring mode 4: In the manual monitoring mode, the global monitoring is turned on. When the lower computer receives the command of the global monitoring, it returns the value or status of the variables, registers, addresses and instructions of the global monitoring once;

监控模式5：在手动监控的方式下，开启I/O监控功能，下位机收到I/O监控的命令，返回一次监控的I点和O点的状态；Monitoring mode 5: In the manual monitoring mode, the I/O monitoring function is turned on, the lower computer receives the I/O monitoring command, and returns the status of the I point and the O point of the monitoring once;

监控模式6：在手动监控的方式下、开启自定义监控功能分为三种子模式：子模式1，下位机收到单个数据地址监控命令，返回一次指定单个数据地址的值；子模式2，下位机收到连续数据地址监控命令，返回一次一段连续数据地址的值；子模式3，下位机收到数据块地址监控命令，返回一次数据块地址的值。Monitoring mode 6: In the mode of manual monitoring, the custom monitoring function is divided into three sub-modes: sub-mode 1, the lower computer receives a single data address monitoring command, and returns the value of a specified single data address once; sub-mode 2, the lower The computer receives the continuous data address monitoring command, and returns the value of a continuous data address at a time; in sub-mode 3, the lower computer receives the data block address monitoring command, and returns the value of the data block address once.

所述S3的调试包括：断点和断点向量表的实现、梯级的控制和梯级向量表的实现、虚拟调试系统的搭建和调试、多种调试功能的实现；所述断点在调试功能的图形化设计界面上中需要将程序暂停在某个梯形图位置；所述断点向量表是一个由序号、程序号和行号组成的结构体数组；所述序号为断点在断点向量表中的排序，所述程序号和行号是指断点所在的程序的序号、程序号和行号。The debugging of said S3 includes: the realization of breakpoint and breakpoint vector table, the control of steps and the realization of step vector table, the construction and debugging of virtual debugging system, the realization of various debugging functions; In the graphical design interface, the program needs to be suspended at a certain ladder diagram position; the breakpoint vector table is a structure array composed of sequence number, program number and line number; the sequence number is the breakpoint in the breakpoint vector table For sorting in , the program number and line number refer to the sequence number, program number and line number of the program where the breakpoint is located.

所述断点和断点向量表的实现具体为：点击添加断点，首先对断点向量表进行遍历判断是否重复添加，重复添加则显示断点已存在，不重复添加则将该行梯形图程序的程序号和行号加入到断点向量表中；点击删除断点，对断点向量表进行遍历，存在断点则将该断点信息删除，不存在则显示删除失败；The implementation of the breakpoint and the breakpoint vector table is specifically as follows: click to add a breakpoint, first traverse the breakpoint vector table to determine whether to add repeatedly, if repeatedly added, it will display that the breakpoint already exists, if not repeatedly added, the row ladder diagram The program number and line number of the program are added to the breakpoint vector table; click Delete Breakpoint to traverse the breakpoint vector table. If there is a breakpoint, the breakpoint information will be deleted, and if it does not exist, the deletion failure will be displayed;

所述梯级的控制和梯级向量表的实现具体为：进入梯级指令会根据梯级向量表定位到程序中下一处调用函数或者子程序的位置，首先将调用函数或子程序此行程序下一行梯形图程序的梯级信息加入到梯级向量表中，然后再进入函数或子程序中，同时梯级号加1；当跳出梯级、函数执行完成或子程序执行完成后，程序返回上一梯级时只需将梯级号减1，根据此时的梯级号查询梯级向量表，找到此时梯级号对应的梯级信息，根据梯级信息中的程序号和行号，跳转到指定位置后删除梯级向量表中此条梯级信息，以此实现调试中对程序的梯级控制；所述梯级号就相当于是梯级向量表中的索引(在查询梯级向量表时会首先查询梯级向量表中的梯级号，找到对应的梯级号，就能知道该梯级号所对应的程序号和行号来确定程序运行到那个位置)。其中，所述梯级向量表是一个由程序号、行号和梯级号组成的结构体数组；所述梯级信息包括程序号和行号，所述梯级向量表的程序号、行号和梯级号是指梯形图程序的程序号、行号和梯级号。The realization of the control of the step and the step vector table is specifically: entering the step instruction will locate the position of the next calling function or subroutine in the program according to the step vector table, and at first will call the function or subroutine the next row of the program The ladder information of the program in the figure is added to the ladder vector table, and then enters the function or subroutine, and the rung number is increased by 1 at the same time; Decrease the step number by 1, query the step vector table according to the step number at this time, find the step information corresponding to the step number at this time, jump to the specified position according to the program number and line number in the step information, and delete this item in the step vector table Step information, so as to realize the step control of the program during debugging; the step number is equivalent to the index in the step vector table (when querying the step vector table, first query the step number in the step vector table, and find the corresponding step number , you can know the program number and line number corresponding to the rung number to determine where the program runs to). Wherein, the step vector table is a structure array composed of program number, line number and step number; the step information includes program number and line number, and the program number, line number and step number of the step vector table are Refers to the program number, line number and rung number of the ladder diagram program.

所述虚拟调试系统的搭建和调试：采用将下位机中原程序在flash中进行备份后，将原系统作为虚拟调试系统进行调试操作。在调试结束后将所有的调试信息包括调试运行的程序全部清除，将备份的原程序写入到原系统，程序恢复正常运行，虚拟调试系统恢复为原系统；The construction and debugging of the virtual debugging system: After the original program in the lower computer is backed up in flash, the original system is used as the virtual debugging system for debugging. After the debugging is completed, all the debugging information including the debugging and running programs will be cleared, and the backup original program will be written into the original system, the program will resume normal operation, and the virtual debugging system will return to the original system;

所述多种调试功能的实现包括：程序控制和梯级控制；所述程序控制包括：单步执行、连续执行、暂停、结束调试、添加断点、清除断点；所述梯级控制包括：进入梯级、下一梯级、跳出梯级；The implementation of the various debugging functions includes: program control and ladder control; the program control includes: single-step execution, continuous execution, pause, end debugging, adding breakpoints, and clearing breakpoints; the ladder control includes: entering the ladder , next rung, jump out of rung;

本发明还公布了一种PLC在线监控与调试系统，其特征在于，包括：通过通信模块通信的上位机和下位机；所述上位机设备发出请求消息至通信模块，经通信模块处理发送至下位机进行运行，所述下位机运行结束后发出响应请求至通信模块，再经通信模块处理发送至上位机；The present invention also discloses a PLC online monitoring and debugging system, which is characterized in that it includes: an upper computer and a lower computer communicating through a communication module; the upper computer device sends a request message to the communication module, which is processed and sent to the lower computer The computer runs, and the lower computer sends a response request to the communication module after the operation is completed, and then sends it to the upper computer through the communication module;

所述通信模块包括即时通信协议和数据采集和解析模块，所述即时通信协议规定了数据的格式、传输和解析；所述数据采集和解析模块对接收到的数据进行打包处理和解析；The communication module includes an instant communication protocol and a data collection and analysis module, the instant communication protocol specifies the format, transmission and analysis of data; the data collection and analysis module packs and analyzes the received data;

所述上位机包括监控模块和调试模块，所述监控模块实现一种PLC在线监控与调试系统的实现方法中对下位机的监控，所述调试模块实现一种PLC在线监控与调试系统的实现方法中对下位机的调试。The upper computer includes a monitoring module and a debugging module, the monitoring module realizes the monitoring of the lower computer in a method for implementing a PLC online monitoring and debugging system, and the debugging module realizes a method for realizing a PLC online monitoring and debugging system Debugging of the lower computer.

所述数据采集和解析模块包括数据处理单元、数据转换单元和数据解析单元；The data acquisition and analysis module includes a data processing unit, a data conversion unit and a data analysis unit;

所述数据处理单元负责数据包的拆分和将数据打包成一整个数据包；The data processing unit is responsible for splitting data packets and packing data into a whole data packet;

所述数据转换单元负责将bytearray类型数据包转换为二进制数据流；The data conversion unit is responsible for converting the bytearray type data packet into a binary data stream;

所述数据解析单元负责将接收到的数据包进行解析，先判断是否需要CRC校验，需要校验则校验后解析并传输至上位机或下位机；不需要校验则直接解析并传输。The data parsing unit is responsible for parsing the received data packets, first judging whether CRC verification is required, if verification is required, then parsing and transmitting to the upper computer or lower computer after verification; if no verification is required, it is directly parsed and transmitted.

与现有技术相比，本发明的有益效果为：Compared with prior art, the beneficial effect of the present invention is:

(1)本发明提供的一种PLC在线监控与调试系统及其实现方法，具有全局监控、I/O监控和自定义监控三种监控功能，支持轮询监控和手动监控两种监控方式，可以自由组合成六种监控模式，减少CPU资源的浪费；并且可根据不同的调式和监控场景，可以灵活的调整轮询周期，在满足用户需求的前提下，降低CPU的负载。(1) A kind of PLC online monitoring and debugging system and its implementation method provided by the present invention have three kinds of monitoring functions of global monitoring, I/O monitoring and self-defined monitoring, and support two monitoring modes of polling monitoring and manual monitoring, which can Freely combine into six monitoring modes to reduce the waste of CPU resources; and according to different debugging and monitoring scenarios, the polling cycle can be flexibly adjusted to reduce the CPU load on the premise of meeting user needs.

(2)本发明提供的一种PLC在线监控与调试系统及其实现方法，本系统调试功能齐全包括单步执行、连续执行、暂停、结束调试、添加断点、清除断点、进入梯级、下一梯级和跳出梯级等调试命令。在调试过程中可以调用监控图表查看调试过程中正在运行指令的实时状态、使用到的各触点的值或指定数据地址的值，可以精确定位到程序问题所在，提高程序开发效率。(2) A PLC online monitoring and debugging system and its implementation method provided by the present invention have complete debugging functions including single-step execution, continuous execution, pause, end debugging, adding breakpoints, clearing breakpoints, entering steps, descending Debug commands such as one rung and step out of rung. During the debugging process, you can call the monitoring chart to view the real-time status of the running instructions, the value of each contact used or the value of the specified data address during the debugging process, which can accurately locate the program problem and improve the efficiency of program development.

(3)本发明提供的一种PLC在线监控与调试系统及其实现方法，可配置通信事件的优先级，当系统中因为故障等原因造成通信负载较重时，可以对需要传输的不同信息分配不同的优先权，紧急事件可以分配较高的优先权，使其在多个任务并发执行的情况下，免于排队，优先完成传输，从而改善监控的实时性能力。(3) A PLC online monitoring and debugging system and its implementation method provided by the present invention can configure the priority of communication events. When the communication load is heavy due to faults and other reasons in the system, different information that needs to be transmitted can be allocated. With different priorities, emergency events can be assigned a higher priority, so that when multiple tasks are executed concurrently, they are exempted from queuing and the transmission is completed first, thereby improving the real-time performance of monitoring.

(4)本发明提供的一种PLC在线监控与调试系统及其实现方法，对于较大的数据包采取数据分包技术，根据程序的大小，可以动态更改每帧数据的最大长度，提高数据包传输效率；本系统多数情况下发送较短的报文，针对数据拥塞问题如果采用接收缓冲区来存储没有及时接收的数据，会比较浪费内存资源，因此本系统通过根据每帧数据的最大长度，动态更改数据包发送的延时时间解决数据拥塞问题。(4) A kind of PLC on-line monitoring and debugging system and its implementation method provided by the present invention adopt data subcontracting technology for larger data packets, and according to the size of the program, the maximum length of each frame of data can be changed dynamically, improving the data packet Transmission efficiency; in most cases, the system sends shorter messages. For data congestion, if the receiving buffer is used to store the data that is not received in time, it will waste memory resources. Therefore, according to the maximum length of each frame of data, the system Dynamically change the delay time of data packet sending to solve the problem of data congestion.

(5)本发明提供的一种PLC在线监控与调试系统及其实现方法，采用将原程序在FLASH中备份后，将原系统作为虚拟调试系统进行调试操作，在调试结束后将虚拟调试系统恢复为程序正常运行的原系统，相比于直接在原系统调试程序可靠性更高，相比于额外搭建一个虚拟的调试系统用来调试程序，开发成本更低。(5) A kind of PLC on-line monitoring and debugging system and its implementation method provided by the present invention adopt after the original program is backed up in FLASH, the original system is used as the virtual debugging system to carry out the debugging operation, after the debugging finishes, the virtual debugging system is restored The original system for the normal operation of the program is more reliable than debugging the program directly on the original system, and the development cost is lower than building an additional virtual debugging system to debug the program.

(6)本发明提供的一种PLC在线监控与调试系统及其实现方法，本系统对函数或子程序的控制统一为梯级控制，通过查询梯级向量表实现梯级控制。每进入一次梯级，梯级向量表中梯级号加1，每跳出一次梯级，梯级号减1，通过梯级信息可实现程序的直接跳转，方法简单且效率较高。(6) A kind of PLC on-line monitoring and debugging system and its implementation method provided by the present invention, the control of this system to function or subroutine is unified as cascade control, realizes cascade control by querying the cascade vector table. Every time a step is entered, the step number in the step vector table is increased by 1, and every time a step is jumped out, the step number is decreased by 1. The direct jump of the program can be realized through the step information, and the method is simple and efficient.

附图说明Description of drawings

图1是本发明系统框架图。Fig. 1 is a system frame diagram of the present invention.

图2是本发明实施例1中即时通讯协议框架图。Fig. 2 is a frame diagram of the instant messaging protocol in Embodiment 1 of the present invention.

图3是本发明实施例1中数据包传输流程图。Fig. 3 is a flow chart of data packet transmission in Embodiment 1 of the present invention.

图4是本发明实施例2中监控模块框架图。Fig. 4 is a frame diagram of a monitoring module in Embodiment 2 of the present invention.

图5是本发明实施例2中监控流程图。Fig. 5 is a flow chart of monitoring in Embodiment 2 of the present invention.

图6是本发明实施例2中中断流程图。Fig. 6 is a flow chart of interruption in Embodiment 2 of the present invention.

图7是本发明实施例3中调试信息图。Fig. 7 is a diagram of debugging information in Embodiment 3 of the present invention.

图8是本发明实施例3中断点向量表结构图。FIG. 8 is a structural diagram of a breakpoint vector table in Embodiment 3 of the present invention.

图9是本发明实施例3中梯级向量表结构图。Fig. 9 is a structural diagram of a ladder vector table in Embodiment 3 of the present invention.

图10是本发明实施例3中梯级控制流程图。Fig. 10 is a flow chart of cascade control in Embodiment 3 of the present invention.

图11是本发明实施例3中调试流程图。Fig. 11 is a flowchart of debugging in Embodiment 3 of the present invention.

图12是本发明实施例3中虚拟调试系统运行流程图。Fig. 12 is a flowchart of the operation of the virtual debugging system in Embodiment 3 of the present invention.

图13是本发明实施例3中调试功能图。Fig. 13 is a diagram of debugging functions in Embodiment 3 of the present invention.

具体实施方式Detailed ways

下面结合附图与实施例对本发明做进一步说明。The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

应该指出，以下详细说明都是示例性的，旨在对本发明提供进一步的说明。除非另有指明，本文使用的所有技术和科学术语具有与本发明所属技术领域的普通技术人员通常理解的相同含义。It should be noted that the following detailed description is exemplary and intended to provide further explanation of the present invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.

需要注意的是，这里所使用的术语仅是为了描述具体实施方式，而非意图限制根据本发明的示例性实施方式。如在这里所使用的，除非上下文另外明确指出，否则单数形式也意图包括复数形式，此外，还应当理解的是，当在本说明书中使用术语“包含”和/或“包括”时，其指明存在特征、步骤、操作、器件、组件和/或它们的组合。It should be noted that the terminology used here is only for describing specific embodiments, and is not intended to limit exemplary embodiments according to the present invention. As used herein, unless the context clearly dictates otherwise, the singular is intended to include the plural, and it should also be understood that when the terms "comprising" and/or "comprising" are used in this specification, they mean There are features, steps, operations, means, components and/or combinations thereof.

在不冲突的情况下，本发明中的实施例及实施例中的特征可以相互组合。In the case of no conflict, the embodiments and the features in the embodiments of the present invention can be combined with each other.

实施例1Example 1

本实施例提供一种PLC在线监控与调试系统的实现方法，用以解决在调试或程序运行过程中对PLC内部数据的实时监控会占用较多CPU的资源，调试功能的单一也会降低程序的开发效率，如图1所示：This embodiment provides an implementation method of a PLC online monitoring and debugging system, which is used to solve the problem that the real-time monitoring of PLC internal data during debugging or program operation will occupy more CPU resources, and the single debugging function will also reduce the program. Development efficiency, as shown in Figure 1:

一种PLC在线监控与调试系统的实现方法，其特征在于，包括：A method for implementing a PLC online monitoring and debugging system, characterized in that it comprises:

S1、上位机(计算机)通过通信模块发送请求报文至下位机(PLC)；所述通信模块包括即时通信协议、数据采集和解析模块，所述即时通信协议规定了数据的格式、传输和解析；所述数据采集和解析模块对接收到的数据进行拆分、打包和解析后传至下位机；S1, upper computer (computer) sends request message to lower computer (PLC) through communication module; Described communication module comprises instant communication protocol, data acquisition and analysis module, and described instant communication agreement stipulates the format, transmission and analysis of data ; The data collection and parsing module splits, packs and parses the received data and sends it to the lower computer;

所述即时通信协议定义了本系统能够认识和使用的消息结构，而不管它们是经过哪种网络进行通信。所述即时通讯协议对应了请求消息、数据的结构、命令和应答方式，数据通讯采用主从方式，上位机发出请求消息，下位机接收正确消息后可以返回报文到上位机以响应请求；上位机也可以直接发消息修改下位机的数据，实现双向读写。所述即时通讯协议需要采用16位CRC(循环冗余校验码)对传输数据进行校验。另外，所述即时通信通信协议采用定时收发数据，在实际使用中如果某下位机断开后，上位机可以诊断出来，当故障修复后，通讯又可以自动接通。The instant messaging protocol defines the message structure that the system can recognize and use, no matter what kind of network they communicate through. The instant messaging protocol corresponds to the request message, data structure, order and response mode, and the data communication adopts a master-slave mode, the upper computer sends a request message, and the lower computer can return a message to the upper computer to respond to the request after receiving the correct message; The computer can also directly send a message to modify the data of the lower computer to realize two-way reading and writing. The instant messaging protocol needs to use 16-bit CRC (Cyclic Redundancy Check Code) to check the transmission data. In addition, the instant messaging communication protocol uses timing to send and receive data. In actual use, if a lower computer is disconnected, the upper computer can diagnose it, and when the fault is repaired, the communication can be automatically connected again.

当通讯命令由发送设备(上位机)发送至接收设备(下位机)时，符合相应终端地址的下位机接收通讯命令，并根据命令码执行相应的操作，如果CRC校验无误，则执行相应的任务，然后把执行结果(数据)返回给上位机。数据打包后的数据包的传输以及判断拆分流程如图3所示，包括：首先判断封装好的数据包大小是否大于每帧发送数据最大长度(默认每帧发送数据最大长度为256个字节)，若大于，则分包处理，在每个小数据包后面添加序号码，若数据包发送失败则通过序号码确认丢失包，上位机重新发送该数据包(丢失包)，发送成功则结束；若不大于，则不进行分包处理，直接将数据包发送；若数据包发送失败则通过上位机重新发送整个数据包。When the communication command is sent from the sending device (upper computer) to the receiving device (lower computer), the lower computer that matches the corresponding terminal address receives the communication command and executes the corresponding operation according to the command code. If the CRC check is correct, the corresponding operation is executed. task, and then return the execution result (data) to the host computer. The transmission and judgment splitting process of the packaged data packet is shown in Figure 3, including: firstly, it is judged whether the size of the encapsulated data packet is greater than the maximum length of data sent per frame (by default, the maximum length of data sent per frame is 256 bytes ), if it is greater than , then sub-packet processing, add a sequence number after each small data packet, if the data packet fails to be sent, then confirm the lost packet through the sequence number, the host computer resends the data packet (lost packet), and ends when the sending is successful ; If it is not greater than, the data packet will be sent directly without packet processing; if the data packet fails to be sent, the entire data packet will be resent through the host computer.

所述即时通讯协议具体包括：8位标识码、8位终端地址、8位命令码、16位数据地址(低位在前)、16位数据长度(低位在前)、16位帧数(低位在前)、n位数据位和16位CRC校验位(低位在前)。所述即时通讯协议规定了在本系统中所有通讯报文的格式，数据的传输和解析都需要按照即时通讯协议格式进行，如图2所示。具体每字节报文信息如下：Described instant messaging protocol specifically includes: 8-bit identification code, 8-bit terminal address, 8-bit command code, 16-bit data address (lower bit first), 16-bit data length (lower bit first), 16 frame numbers (lower bit first) front), n data bits and 16 CRC check digits (lower bits first). The instant messaging protocol specifies the format of all communication messages in the system, and data transmission and analysis must be performed according to the format of the instant messaging protocol, as shown in FIG. 2 . The specific message information per byte is as follows:

标识码：用来表示发送的指令，规定报文的格式，使协议只保留必要的信息，尽可能缩短报文的长度。包括调试指令、读指令和写指令，该位置长度为8byte；Identification code: It is used to indicate the instruction to send, to specify the format of the message, so that the protocol only retains the necessary information, and the length of the message is shortened as much as possible. Including debug command, read command and write command, the length of this position is 8byte;

终端地址：存在一个计算机连接多个PLC时，计算机向PLC发送的请求根据终端地址发送到对应的PLC，该位置长度为8byte；Terminal address: When there is a computer connected to multiple PLCs, the request sent by the computer to the PLC is sent to the corresponding PLC according to the terminal address, and the length of this location is 8 bytes;

命令码：不同的命令码对应不同的操作，包括但不限于：巡检、读取数据、写入数据、在线调试、响应结束、接收数据、异常响应和调试结束命令，该位置长度为8byte。不同的16进制数表示不同命令，本发明中不详细列举命令码具体的数值；Command code: Different command codes correspond to different operations, including but not limited to: inspection, read data, write data, online debugging, end of response, receive data, abnormal response and end of debugging command, the length of this position is 8bytes. Different hexadecimal numbers represent different commands, and the specific numerical values of the command codes are not listed in detail in the present invention;

数据地址：记录需要写入和读取数据的起始地址，长度为16byte，为了规范解析数据，采用小端模式，低8位在前，高8位在后；Data address: record the start address of the data to be written and read, the length is 16 bytes, in order to standardize and analyze the data, the little-endian mode is adopted, the lower 8 bits come first, and the higher 8 bits follow;

数据长度：当需要向下位机写入或读取数据时，会记录写入或读取数据的长度，该位置长度为16byte，为保证数据解析规范，采用小端模式，低8位在前，高8位在后；Data length: When it is necessary to write or read data to the lower computer, the length of the written or read data will be recorded. The length of this position is 16 bytes. In order to ensure the specification of data analysis, the little-endian mode is adopted, with the lower 8 bits first. The high 8 bits follow;

帧数：数据打包功能将数据封装数据包后，如果数据包较大时，会按照规定的每帧发送数据最大长度，将数据包划分为小包数据发送到下位机。该位置记录一共划分了多少个小数据包，该位置长度为16byte，采用小端模式，低8位在前，高8位在后；Number of frames: After the data packaging function encapsulates the data into data packets, if the data packet is large, it will send the data according to the specified maximum length of each frame, divide the data packet into small packets and send them to the lower computer. The location records how many small data packets are divided in total. The length of the location is 16bytes, and the little-endian mode is used, with the lower 8 bits first and the higher 8 bits after;

数据位：当需要写入或返回数据时，该位置存放需要写入或返回的数据，该位置长度为需要写入或返回数据的长度；Data bit: When data needs to be written or returned, this position stores the data that needs to be written or returned, and the length of this position is the length of the data that needs to be written or returned;

CRC校验：下位机或上位机发送数据包前，会将数据进行CRC校验，并将校验的结果存放到该位置。在进行CRC计算时只用8个数据位，起始位、停止位和奇偶校验位，都不参与CRC计算。该位置长度为16byte，采用小端模式，低8位在前，高8位在后。CRC check: Before the lower computer or the upper computer sends the data packet, the data will be checked by CRC, and the result of the check will be stored in this location. Only 8 data bits are used in the CRC calculation, and the start bit, stop bit and parity bit do not participate in the CRC calculation. The length of this position is 16 bytes, adopting the little-endian mode, the lower 8 bits come first, and the higher 8 bits follow.

当发送不同指令时发送报文的即时通讯协议的格式如下：The format of the instant messaging protocol for sending messages when sending different commands is as follows:

当发送调试指令时，发送报文格式为8位标识码，8位终端地址、8位命令码组成，无需16位数据地址、16位数据长度、16位帧数、n位数据位和CRC校验。命令码包括但不限于单步执行、连续执行、暂停、结束调试、添加断点、清除断点、进入梯级、下一梯级和跳出梯级命令。When sending debugging commands, the sending message format is composed of 8-bit identification code, 8-bit terminal address, and 8-bit command code, without 16-bit data address, 16-bit data length, 16-bit frame number, n-bit data bits and CRC test. Command codes include, but are not limited to, single-step, continue, pause, end debug, add breakpoint, clear breakpoint, enter rung, next rung, and exit rung commands.

当发送读指令时，发送报文格式为8位标识码，8位终端地址、8位命令码、16位数据地址和16位数据长度，无需16位帧数、n位数据位和16位CRC校验位。命令码包括但不限于读单个数据地址、读一片连续数据地址或读某个数据块地址。When sending a read command, the format of the sent message is 8-bit identification code, 8-bit terminal address, 8-bit command code, 16-bit data address and 16-bit data length, without 16-bit frame number, n-bit data bits and 16-bit CRC Check Digit. Command codes include but not limited to read a single data address, read a piece of continuous data address or read a certain data block address.

当发送写指令时，发送报文格式为8位标识码、8位终端地址、8位命令码、16位数据地址、16位数据长度、16位帧数、n位数据位和16位CRC校验位。命令码包括但不限于写单个地址数据、写一片连续数据地址或写某个寄存器的值。When sending a write command, the format of the sent message is 8-bit identification code, 8-bit terminal address, 8-bit command code, 16-bit data address, 16-bit data length, 16-bit frame number, n-bit data bits and 16-bit CRC check position. Command codes include but are not limited to write single address data, write a piece of continuous data address or write the value of a certain register.

当下位机返回读指令请求时，返回报文格式为8位标识码、8位命令码、16位数据地址、16位数据长度、16位帧数、n位数据位和16位CRC校验位，无需8位终端地址，返回的命令码与接收命令码相同。When the lower computer returns a read command request, the returned message format is 8-bit identification code, 8-bit command code, 16-bit data address, 16-bit data length, 16-bit frame number, n-bit data bits and 16-bit CRC check digit , no 8-digit terminal address is required, and the returned command code is the same as the received command code.

当下位机返回写指令请求时，返回报文格式为8位标识码、8位命令码，无需8位终端地址、16位数据地址，16位数据长度、16位帧数、n位数据位和16位CRC校验位，返回的命令码与接收命令码相同。When the lower computer returns a write command request, the returned message format is 8-bit identification code, 8-bit command code, without 8-bit terminal address, 16-bit data address, 16-bit data length, 16-bit frame number, n-bit data bits and 16-bit CRC check digit, the returned command code is the same as the received command code.

当下位机返回调试指令请求时，返回的命令码与接收命令码相同，命令码不同返回的报文格式不同。When the lower computer returns a debugging command request, the returned command code is the same as the received command code, and the returned message format is different if the command code is different.

进一步地，所述数据采集和解析模块具体流程为：计算机发送请求数据，数据打包功能将标识码、终端地址、命令码、数据地址、数据长度、帧数、数据或CRC校验码打包成数据包后，判断是否需要数据包拆分，再经过数据转换把byteArray类型的数据包转换成二进制的数据流发送出去。PLC将接收到的数据解析，提取数据包的标识码和命令码，判断是否需要校验数据：Further, the specific process of the data acquisition and analysis module is: the computer sends the request data, and the data packaging function packages the identification code, terminal address, command code, data address, data length, frame number, data or CRC check code into data After the packet is completed, it is judged whether the data packet needs to be split, and then the byteArray type data packet is converted into a binary data stream and sent out through data conversion. The PLC analyzes the received data, extracts the identification code and command code of the data packet, and judges whether the data needs to be verified:

若不需要校验，则PLC直接执行请求报文；若校验不成功，则数据包接收错误则PLC返回异常响应；若校验成功，则数据包接收完成且正确，且根据数据包中的标识码和命令码PLC执行相应操作，并返回对应的请求响应；If the verification is not required, the PLC directly executes the request message; if the verification is unsuccessful, the data packet is received incorrectly and the PLC returns an abnormal response; if the verification is successful, the data packet is received and correct, and according to the The identification code and command code PLC executes the corresponding operation and returns the corresponding request response;

PLC返回对应的请求响应后，将PLC的请求响应数据进行打包，判断是否需要数据包拆分，然后数据包经过数据转换，转换成二进制数据流，计算机将接收到的数据包解析，提取数据包的标识码和命令码，并判断是否需要校验数据：After the PLC returns the corresponding request response, the PLC request response data is packaged to determine whether the data packet needs to be split, and then the data packet is converted into a binary data stream, and the computer parses the received data packet and extracts the data packet The identification code and command code, and determine whether to verify the data:

若不需要校验，则计算机直接执行请求响应；若校验不成功，则数据包接收错误则计算机提示接收错误；若校验成功，则数据包接收完成且正确，且根据数据包中的命令码计算机执行结束响应、接收数据并将返回的数据存入RECVDATA数组中、异常响应或调试结束等操作。If the verification is not required, the computer directly executes the request response; if the verification is unsuccessful, the data packet is received incorrectly, and the computer prompts the receiving error; if the verification is successful, the data packet is received and correct, and according to the command in the data packet The code computer executes the end response, receives data and stores the returned data into the RECVDATA array, abnormal response or debugging end and other operations.

具体的，所述校验方法为crc校验，为本领域人员常规校验方法不再赘述。Specifically, the verification method is CRC verification, which is a conventional verification method for those skilled in the art and will not be repeated here.

所述数据采集和解析模块指令和命令包括：Described data acquisition and parsing module instruction and order comprise:

巡检指令：在系统开始运行前，上位机向下位机发送巡检命令，上位机如果收到返回报文则代表上位机和下位机可以正常通讯，标识码为01。Inspection command: Before the system starts to run, the upper computer sends an inspection command to the lower computer. If the upper computer receives a return message, it means that the upper computer and the lower computer can communicate normally, and the identification code is 01.

读取数据指令：上位机向下位机发送读取数据指令，该指令可以读取对应地址的数据或寄存器的状态，下位机接收成功后则返回对应报文。标识码为02，命令码包括：全局读取命令、I/O读取命令、单个数据地址读取命令、连续数据地址读取命令、数据块读取命令。Read data instruction: The upper computer sends a read data instruction to the lower computer, which can read the data of the corresponding address or the state of the register, and the lower computer returns the corresponding message after receiving it successfully. The identification code is 02, and the command codes include: global read command, I/O read command, single data address read command, continuous data address read command, and data block read command.

写入数据指令：上位机向下位机发送写入数据命令，该命令可以向对应地址的写入数据或强制写入某个寄存器的值，下位机接收并校验数据，校验成功后则进行写入操作，返回对应报文。标识码为03，命令码包括但不限于：单个数据地址写入命令、连续数据地址写入命令或寄存器写入命令。Write data command: The upper computer sends a write data command to the lower computer. This command can write data to the corresponding address or force the value of a register to be written. The lower computer receives and verifies the data. After the verification is successful, proceed Write operation, return the corresponding message. The identification code is 03, and the command code includes but not limited to: a single data address write command, a continuous data address write command or a register write command.

在线调试指令：上位机向下位机发送在线调试指令，打开虚拟调试系统，可以进行多种调试操作。标识码为04，命令码包括但不限于：单步执行命令、连续执行命令、调试结束命令、添加断点命令、暂停命令、清除断点命令、软复位命令、进入梯级命令、下一梯级命令和跳出梯级命令。Online debugging command: The upper computer sends online debugging commands to the lower computer to open the virtual debugging system, and various debugging operations can be performed. The identification code is 04, and the command code includes but not limited to: single-step execution command, continuous execution command, debugging end command, add breakpoint command, pause command, clear breakpoint command, soft reset command, enter rung command, next rung command and out of rung commands.

结束响应命令：下位机向上位机返回响应结束的命令，代表本次通讯已经结束。标识码与接收报文的标识码相同。End response command: The lower computer returns a response end command to the upper computer, which means that the communication has ended. The identification code is the same as the identification code of the received message.

接收数据命令：下位机向上位机返回对应地址的数据，上位机接收并校验数据是否正确，校验成功后则上位机将返回的数据存到RECVDATA数组中暂存，并调用相应的处理程序执行后续操作，标识码为05。Receive data command: the lower computer returns the data of the corresponding address to the upper computer, and the upper computer receives and verifies whether the data is correct. After the verification is successful, the upper computer stores the returned data in the RECVDATA array for temporary storage, and calls the corresponding processing program Perform follow-up operations, and the identification code is 05.

异常响应命令：下位机接收数据校验失败或返回报文失败，下位机则向上位机返回异常响应命令，标识码与接收报文的标识码相同。Abnormal response command: If the lower computer fails to receive data verification or return a message, the lower computer will return an abnormal response command to the upper computer, and the identification code is the same as the identification code of the received message.

调试结束命令：上位机向下位机发送调试结束命令，下位机收到报文，关闭虚拟调试系统，程序恢复正常运行后，返回调试结束命令，代表调试完成已结束，标识码为04。Debugging end command: The upper computer sends a debugging end command to the lower computer, the lower computer receives the message, closes the virtual debugging system, and returns to the debugging end command after the program resumes normal operation, which means that the debugging is over, and the identification code is 04.

所述接收报文的标识码为：接收的标识码是多少则返回该标识码的值(如：接收标识码是02则返回标识码是02)，即哪一步出了问题就返回哪一步的标识码。The identification code of described receiving message is: the identification code that receives is how much then returns the value of this identification code (as: receiving identification code is 02 then returns identification code and is 02), promptly which step goes wrong just returns which step identification code.

所述数据采集和解析模块包括以下功能：The data acquisition and analysis module includes the following functions:

所述数据采集和解析模块具有数据包拆分功能，如图4所示，具体数据包拆分流程为：首先判断封装好的数据包大小是否大于每帧发送数据最大长度(默认每帧发送数据最大长度为256个字节)，若大于，则分包处理，在每个小数据包后面添加序号码，若数据包发送失败则通过序号码确认丢失包，上位机重新发送该数据包(丢失包)；若不大于，则不进行分包处理，直接将数据包发送；若数据包发送失败则通过上位机重新发送整个数据包。如果用m表示数据包总长度，n表示每帧发送数据的最大长度，s表示数据分包的总数量，那么分包公式为：Described data acquisition and parsing module have data packet splitting function, as shown in Figure 4, concrete packet splitting process is: first judge whether the packaged packet size is greater than the maximum length of every frame sending data (default every frame sending data The maximum length is 256 bytes), if it is longer than that, it will be divided into packets, and a sequence number will be added after each small data packet. If the packet fails to be sent, the lost packet will be confirmed by the sequence number, and the host computer will resend the packet (lost package); if it is not larger, the data package will be sent directly without sub-packet processing; if the data package fails to be sent, the entire data package will be resent through the host computer. If m represents the total length of the data packet, n represents the maximum length of data sent per frame, and s represents the total number of data packets, then the packetization formula is:

其中，m％n表示数据包总长度对每帧数据的最大长度取模运算，如果结果为0则代表可以被整除，如果大于0则不能被整除。n-1表示每帧数据的最大长度减去1字节得到实际每个数据包中存放的数据长度，m/(n-1)表示对每帧数据的最大长度减去1字节的序号码进行取整运算；Among them, m%n represents the modulo operation of the total length of the data packet on the maximum length of each frame of data. If the result is 0, it means it can be divisible. If it is greater than 0, it cannot be divisible. n-1 represents the maximum length of each frame of data minus 1 byte to obtain the actual data length stored in each data packet, m/(n-1) represents the serial number of the maximum length of each frame of data minus 1 byte Carry out rounding operation;

所述数据采集和解析模块具有自定义调整每帧发送数据最大长度功能，在数据打包完成后，会将数据包按照默认的每帧发送数据最大长度，转换成数据流传出(默认每帧发送数据最大长度为256字节)，如果数据包过大时，增大每帧发送数据最大长度，可以适当提高发送效率，数据较小时，适当减小每帧发送数据最大长度，可以提高数据传输的准确率，进而提高数据的传输效率，因此根据实际应用中存在的干扰以及数据包的大小，动态每帧发送数据最大长度，保证数据传输的完整性，优化数据包传输效率；The data acquisition and parsing module has the function of customizing and adjusting the maximum length of data sent in each frame. After the data packaging is completed, the data packet will be converted into a data stream according to the default maximum length of data sent in each frame. The maximum length is 256 bytes), if the data packet is too large, increasing the maximum length of data sent per frame can appropriately improve the transmission efficiency; when the data is small, appropriately reducing the maximum length of data sent per frame can improve the accuracy of data transmission Therefore, according to the interference existing in the actual application and the size of the data packet, the maximum length of the data sent in each frame is dynamically ensured to ensure the integrity of the data transmission and optimize the transmission efficiency of the data packet;

所述数据采集和解析模块具有动态更改发送延时功能(默认50ms)，数据帧的发送、接收、数据包解析和将数据写入相对应的地址都需要时间，如果发送延时较小则会出现数据接收不完整进而导致程序崩溃，如果发送延时过大会出现较长的时间等待间隔进而导致发送速度较慢，因此根据不同类型的PLC，动态更改发送的延时时间，提高数据包传输效率；The data acquisition and analysis module has a function of dynamically changing the sending delay (default 50ms), and the sending, receiving, data packet parsing and writing of data to the corresponding address of the data frame will take time, if the sending delay is small, it will Incomplete data reception will cause the program to crash. If the sending delay is too long, there will be a long waiting interval and the sending speed will be slow. Therefore, according to different types of PLCs, dynamically change the sending delay time to improve the efficiency of data packet transmission. ;

所述数据采集和解析模块具有断点重发功能，如果数据包传输的过程中存在干扰，导致数据传输中断，下位机返回已接收数据包的序号码，上位机根据返回的序号码，定位到丢失的是哪一帧数据包，上位机重新发送该包数据；The data acquisition and analysis module has a breakpoint retransmission function. If there is interference in the process of data packet transmission, causing data transmission to be interrupted, the lower computer returns the sequence number of the received data packet, and the upper computer locates the location according to the returned sequence number. Which frame data packet is lost, the host computer resends the packet data;

所述通信模块具有配置通信事件的优先级功能：在上位机与下位机进行通信时可配置通信事件的优先级，数据采集和解析模块先对数据进行处理和分析，若存在优先级，则根据即时通信协议定义的优先级分配不同的优先权；若不存在优先级，则按照先后顺序传输。如果下位机存在通信负载较重的情况，对较为紧急的事件(比如某个寄存器的状态量变化、输出特定的值)分配较高的优先级，使该通信事件在多个任务并发的情况下，免于排队，优先完成传输。对于一些滞后传输也不会对PLC的运行造成很大影响的事件，可以分配较低的优先级。The communication module has a priority function for configuring communication events: when the host computer communicates with the lower computer, the priority of the communication events can be configured, and the data acquisition and analysis module first processes and analyzes the data, and if there is a priority, then according to Different priorities are allocated according to the priority defined by the instant messaging protocol; if there is no priority, it will be transmitted in sequence. If the lower computer has a heavy communication load, assign a higher priority to more urgent events (such as changes in the state of a certain register, outputting a specific value), so that the communication event can be processed in the case of multiple tasks concurrently. , avoid queuing, and complete the transmission with priority. A lower priority can be assigned to some events that delay the transmission and will not have a great impact on the operation of the PLC.

S2、下位机响应请求报文中的标识码和命令码运行并返回响应请求，经所述数据采集和解析模块进行打包处理和解析传至上位机；S2, the lower computer responds to the identification code and the command code in the request message and returns the response request, which is packaged and analyzed by the data collection and analysis module and passed to the upper computer;

下位机将接收到的数据解析，提取数据包的标识码和命令码，判断是否需要校验数据，如果数据包接收错误则下位机返回异常响应；若数据包接收完成且正确，下位机根据数据包中的标识码和命令码执行操作，并返回对应的请求响应。The lower computer analyzes the received data, extracts the identification code and command code of the data packet, and judges whether the data needs to be verified. If the data packet is received incorrectly, the lower computer returns an abnormal response; The identification code and command code in the package perform the operation and return the corresponding request response.

S3、上位机接收响应请求以实现对下位机的在线监控和调试。S3. The upper computer receives the response request to realize online monitoring and debugging of the lower computer.

本实施例还公布了一种PLC在线监控与调试系统，包括：通过通信模块通信的上位机和下位机；所述上位机设备发出请求消息至通信模块，经通信模块处理发送至下位机进行运行，所述下位机运行结束后发出响应请求至通信模块，再经通信模块处理发送至上位机；This embodiment also discloses a PLC online monitoring and debugging system, including: an upper computer and a lower computer communicating through a communication module; the upper computer device sends a request message to the communication module, which is processed and sent to the lower computer for operation , after the lower computer runs, it sends a response request to the communication module, and then sends it to the upper computer after being processed by the communication module;

所述通信模块包括即时通信协议和数据采集和解析模块，所述即时通信协议规定了数据的格式、传输和解析；所述数据采集和解析模块对接收到的数据进行打包处理和解析；The communication module includes an instant communication protocol and a data collection and analysis module, the instant communication protocol specifies the format, transmission and analysis of data; the data collection and analysis module packs and analyzes the received data;

所述上位机包括监控模块和调试模块，所述监控模块实现对下位机的监控，所述调试模块实现对下位机的调试。The upper computer includes a monitoring module and a debugging module, the monitoring module realizes the monitoring of the lower computer, and the debugging module realizes the debugging of the lower computer.

所述数据采集和解析模块包括数据处理单元、数据转换单元和数据解析单元；The data acquisition and analysis module includes a data processing unit, a data conversion unit and a data analysis unit;

所述数据处理单元负责数据包的拆分和将数据打包成一整个数据包；The data processing unit is responsible for splitting data packets and packing data into a whole data packet;

所述数据转换单元负责将bytearray类型数据包转换为二进制数据流；The data conversion unit is responsible for converting the bytearray type data packet into a binary data stream;

所述数据解析单元负责将接收到的数据包进行解析，先判断是否需要CRC校验，需要校验则校验后解析并传输至上位机或下位机；不需要校验则直接解析并传输。The data parsing unit is responsible for parsing the received data packets, first judging whether CRC verification is required, if verification is required, then parsing and transmitting to the upper computer or lower computer after verification; if no verification is required, it is directly parsed and transmitted.

实施例2Example 2

本实施例与实施例1基本相同，不同之处在于，步骤S3中在线监控的方法为：This embodiment is basically the same as Embodiment 1, except that the online monitoring method in step S3 is:

所述监控模块如图5所示，三种监控功能都通过通信读取地址当前的值信息，保存相应的地址信息，并且可以实时修改对应地址的值，达到对整个PLC的监控目的。本系统上位机对下位机的监控通过通信来完成，两者之间使用上文所述的即时通讯协议，以数据帧的形式交换数据信息。交换数据信息有两种情况：一是计算机作为上位机读取PLC内存单元的数据，二是计算机作为上位机把数据写入PLC。The monitoring module is shown in Figure 5. The three monitoring functions all read the current value information of the address through communication, save the corresponding address information, and can modify the value of the corresponding address in real time to achieve the purpose of monitoring the entire PLC. In this system, the upper computer monitors the lower computer through communication, and the instant messaging protocol mentioned above is used between the two to exchange data information in the form of data frames. There are two situations for exchanging data information: one is that the computer acts as the upper computer to read the data of the PLC memory unit, and the other is that the computer acts as the upper computer to write the data into the PLC.

所述监控模块描述了一种高效、快速和CPU负载较小的PLC状态查看方式，根据不同的用户需求，可实时反映PLC运行状况。所述监控模块具有全局监控、I/O监控和自定义监控三种监控功能，并且具有轮询监控和手动监控两种监控方式，可组合成六种监控模式。The monitoring module describes a high-efficiency, fast and less CPU-loaded PLC status viewing method, which can reflect the PLC operating status in real time according to different user requirements. The monitoring module has three monitoring functions of global monitoring, I/O monitoring and custom monitoring, and has two monitoring modes of polling monitoring and manual monitoring, which can be combined into six monitoring modes.

所述全局监控功能：对程序内的所有变量、正在使用的地址和指令进行监控；The global monitoring function: monitor all variables, addresses and instructions in use in the program;

所述I/O监控功能：监控所有正在使用的I点和Q点的状态，监控图表显示程序使用到的I点和Q点并通过0或1来判断该I点和Q点接通状态，1为接通，0为断开。The I/O monitoring function: monitor the status of all I points and Q points in use, the monitoring chart displays the I points and Q points used by the program and judges the connection status of the I points and Q points by 0 or 1, 1 is on, 0 is off.

所述自定义监控功能包括：①对单个数据地址监控：获取指定数据地址的值(比如某个位、某个字节或某个双字节)并可以在上位机监控图表上实时显示；②对连续数据地址监控：获取一段连续数据地址的值，该段连续的数据地址存放数据的类型相同；③对数据块监控：可以获得某块指定数据块的值，该数据块存放数据的类型相同。The self-defined monitoring function includes: 1. Monitoring of a single data address: obtaining the value of a specified data address (such as a certain bit, a certain byte or a certain double byte) and displaying it in real time on the monitoring chart of the upper computer; 2. Monitoring of continuous data addresses: obtain the value of a segment of continuous data addresses, which store data of the same type; ③Monitoring of data blocks: obtain the value of a specified data block, which stores data of the same type .

所述轮询监控方式：下位机会按照设置的轮询周期向上位机返回响应请求，上位机接收并在监控图表界面进行实时数据刷新。在轮询监控下可以手动的配置轮询周期，默认为500ms；The polling monitoring method: the lower machine returns a response request to the upper computer according to the set polling period, and the upper computer receives and refreshes the real-time data on the monitoring chart interface. The polling period can be manually configured under polling monitoring, the default is 500ms;

所述手动监控方式：上位机通过串口中断发送监控请求报文，监控请求报文发送完，将上位机恢复为接收状态准备接收下位机应答报文：接收过程中采用定时器，判断报文是否接收完成，当接收完某帧数据后，若规定时间内仍无新数据帧到来(即通信空闲时间结束)，则判断数据包接收结束。当中断结束后，监控处于暂停状态，上位机需要重新开启轮询监控或手动监控才能再次监控下位机数据。The manual monitoring method: the upper computer sends a monitoring request message through the serial port interruption, after the monitoring request message is sent, the upper computer is restored to the receiving state to prepare to receive the lower computer response message: a timer is used in the receiving process to judge whether the message is After receiving a certain frame of data, if no new data frame arrives within the specified time (that is, the communication idle time is over), it is judged that the data packet is received. When the interruption is over, the monitoring is in a suspended state, and the upper computer needs to restart the polling monitoring or manual monitoring to monitor the data of the lower computer again.

具体中断流程如图6所示：串口中断进入，判断是下位机是否接收到中断，如果接收到中断则启动定时器，将SENDING标志位置为1，上位机接收并组装数据帧，通过判断接收结束标志位是否为1判定是否接收完成，如果数据没有接收结束则复位定时器，等待接收并组装数据帧；如果接收结束将SENDING标志位置为0，则接收结束并且串口中断返回；The specific interrupt process is shown in Figure 6: when the serial port interrupt enters, it is judged whether the lower computer has received the interrupt. If the interrupt is received, the timer is started, the SENDING flag is set to 1, the upper computer receives and assembles the data frame, and the reception is completed by judging Whether the flag bit is 1 determines whether the reception is complete. If the data is not received, reset the timer, wait for reception and assemble the data frame; if the reception is complete, set the SENDING flag to 0, then the reception is complete and the serial port interrupt returns;

如果下位机没有接收到中断，则启动定时器，上位机重新发送中断请求，在规定时间内接收到中断请求则复位定时器，发送数据；如果没有收到中断请求则显示中断接收异常。If the lower computer does not receive the interrupt, it starts the timer, and the upper computer resends the interrupt request, and if the interrupt request is received within the specified time, the timer is reset and the data is sent; if the interrupt request is not received, the interrupt receiving exception is displayed.

所述组合的六种监控模式如下：The six monitoring modes for the combination are as follows:

监控模式1：在使用轮询监控的方式下，开启全局监控功能，会按照轮询周期返回全局监控的变量、寄存器、地址和指令的值或状态。Monitoring mode 1: In the polling monitoring mode, the global monitoring function is turned on, and the values or statuses of the variables, registers, addresses and instructions of the global monitoring will be returned according to the polling cycle.

监控模式2：在使用轮询监控的方式下，开启I/O监控功能，会按照轮询周期返回监控的I点和O点的状态。Monitoring mode 2: In the polling monitoring mode, the I/O monitoring function is turned on, and the status of the monitored I point and O point will be returned according to the polling cycle.

监控模式3：在使用轮询监控的下，开启自定义监控功能分为三种子模式。Monitoring mode 3: In the case of using polling monitoring, there are three sub-modes to enable the custom monitoring function.

子模式1会按照轮询周期返回指定单个数据地址的值；子模式2会按照轮询周期返回一段连续数据地址的值；子模式3会按照轮询周期返回数据块地址的值。Submode 1 will return the value of a single data address according to the polling period; submode 2 will return the value of a continuous data address according to the polling period; submode 3 will return the value of the data block address according to the polling period.

监控模式4：在手动监控的方式下，开启全局监控，当下位机收到全局监控的命令，返回一次全局监控的变量、寄存器、地址和指令的值或状态。Monitoring mode 4: In the manual monitoring mode, the global monitoring is turned on, and when the lower computer receives the command of the global monitoring, it returns the value or status of the variables, registers, addresses and instructions of the global monitoring once.

监控模式5：在手动监控的方式下，开启I/O监控功能，下位机收到I/O监控的命令，返回一次监控的I点和O点的状态。Monitoring mode 5: In the manual monitoring mode, the I/O monitoring function is turned on, and the lower computer receives the I/O monitoring command, and returns the status of the I point and the O point once monitored.

监控模式6：在手动监控的方式下、开启自定义监控功能分为三种子模式。子模式1，下位机收到单个数据地址监控命令，返回一次指定单个数据地址的值；子模式2，下位机收到连续数据地址监控命令，返回一次一段连续数据地址的值；子模式3，下位机收到数据块地址监控命令，返回一次数据块地址的值。Monitoring mode 6: In the mode of manual monitoring, there are three sub-modes for opening the custom monitoring function. Sub-mode 1, the lower computer receives a single data address monitoring command, and returns a value specifying a single data address; sub-mode 2, the lower computer receives a continuous data address monitoring command, and returns the value of a continuous data address at a time; sub-mode 3, The lower computer receives the data block address monitoring command and returns the value of the data block address once.

命令码字段包含但不限于以下命令：巡检命令、全局监控命令、I/O监控命令、读取或写入单个数据地址命令、读取或写入一段连续数据地址命令、读取或写入一次数据块地址命令，下位机返回命令码相同。The command code field includes but not limited to the following commands: patrol command, global monitoring command, I/O monitoring command, read or write a single data address command, read or write a continuous data address command, read or write A data block address command, the lower computer returns the same command code.

监控流程如图5所示，程序开始运行后，上位机发送对应的监控报文，下位机如果收到报文，解析监控标识码执行判断是否是读指令，如果是读指令，则解析命令码，执行相应的从PLC读取数据的操作。如果不是读指令则判断是否是写指令，如果是写指令，则解析命令码，则执行相应将数据写入PLC的操作，如果不是写指令则为其它指令(比如巡检指令，调试指令)，执行其它操作，下位机发送返回报文，监控通讯结束。如果没有收到报文，则重新发送报文，超过五次则判定报文发送失败。The monitoring process is shown in Figure 5. After the program starts running, the upper computer sends the corresponding monitoring message. If the lower computer receives the message, it parses the monitoring identification code and executes to determine whether it is a read command. If it is a read command, it parses the command code. , and perform the corresponding operation of reading data from the PLC. If it is not a read command, judge whether it is a write command. If it is a write command, analyze the command code, and then execute the corresponding operation of writing data to the PLC. If it is not a write command, it is other commands (such as inspection commands, debugging commands), Execute other operations, the lower computer sends a return message, and the monitoring communication ends. If no message is received, the message will be resent, and if it exceeds five times, it will be determined that the message has failed to be sent.

实施例3Example 3

本实施例与实施例1、实施例2基本相同，不同之处在于，本实施例为描述了一种在虚拟调试系统中利用断点向量表和梯级向量表的上位机对下位机的调试方法。所述方法中S3中调试的方法具体包括：断点和断点向量表的实现、梯级的控制和梯级向量表的实现、虚拟调试系统的搭建和调试、多种调试功能的实现。This embodiment is basically the same as Embodiment 1 and Embodiment 2. The difference is that this embodiment describes a method for debugging a lower computer by using a breakpoint vector table and a ladder vector table in a virtual debugging system. . The method of debugging in S3 in the method specifically includes: realization of breakpoint and breakpoint vector table, step control and realization of step vector table, construction and debugging of virtual debugging system, and realization of various debugging functions.

文中出现的程序包括主程序和子程序，主程序为子程序的入口，执行程序时可从主程序中调用子程序，在本领域属于公知常识。The programs appearing in this article include main programs and subroutines, the main program is the entry of the subroutines, and the subroutines can be called from the main program when the program is executed, which belongs to common knowledge in this field.

在调试功能的图形化设计界面上中需要将程序暂停在某个梯形图位置上，该位置称梯形图断点(断点)，所述调试功能的图形化设计界面为本领域常识。所述断点向量表是一个由序号、程序号和行号组成的结构体数组，如图7所示。在点击添加断点后会将该行梯形图调试信息中的程序号和行号加入到断点向量表中，比如(0，5)则代表在主程序中第五行处暂停，(1，10)则代表在子程序1中的第10行程序处暂停。本调试系统中支持查看断点向量表的数据，更加清晰简单的确定断点的位置，便于后续调试工作。In the graphical design interface of the debugging function, the program needs to be suspended on a certain ladder diagram position, which is called a ladder diagram breakpoint (breakpoint), and the graphical design interface of the debugging function is common knowledge in the art. The breakpoint vector table is a structure array composed of sequence number, program number and line number, as shown in FIG. 7 . After clicking to add a breakpoint, the program number and line number in the ladder diagram debugging information of this line will be added to the breakpoint vector table. For example, (0, 5) means to pause at the fifth line in the main program, (1, 10 ) means to pause at line 10 in subroutine 1. This debugging system supports viewing the data of the breakpoint vector table, and it is more clear and simple to determine the position of the breakpoint, which is convenient for subsequent debugging.

所述调试信息是包括程序号和行号的结构体，如图7所示。具体每行程序调试信息初始化过程为：主程序中的梯形图程序的程序号为0，子程序1中的所有梯形图程序的程序号为1，子程序2中的所有梯形图程序的程序号为2，按照递增顺序每次增加1。行号在主程序中第一行梯形图程序的行号为0，第二行梯形图程序为1，第二行梯形图程序为2，在子程序中第一行梯形图程序的行号为0，第二行梯形图程序为1，在不同的程序中梯形图行号会进行重置，从0开始每行增加1。梯级号在程序刚开始后梯级号默认为1，当进入程序中调用的函数或子程序时梯级号加1，当跳出函数或者子程序时梯级号减1，以此类推。The debugging information is a structure including a program number and a line number, as shown in FIG. 7 . The specific initialization process of each line of program debugging information is: the program number of the ladder diagram program in the main program is 0, the program number of all the ladder diagram programs in subroutine 1 is 1, and the program number of all ladder diagram programs in subroutine 2 is 2, and increases by 1 each time in increasing order. The line number of the first line of ladder diagram program in the main program is 0, the second line of ladder diagram program is 1, the second line of ladder diagram program is 2, and the line number of the first line of ladder diagram program in the subroutine is 0, the second line of the ladder diagram program is 1, and the ladder diagram line number will be reset in different programs, starting from 0 and increasing by 1 for each line. The rung number defaults to 1 after the program starts. When entering a function or subroutine called in the program, the rung number increases by 1. When exiting a function or subroutine, the rung number decreases by 1, and so on.

进一步地，所述断点和断点向量表的实现具体为：点击添加断点，首先对断点向量表进行遍历判断是否重复添加，重复添加则显示断点已存在，不重复添加则将该行梯形图程序的程序号和行号加入到断点向量表中；点击删除断点，对断点向量表进行遍历，存在断点则将该断点信息删除，不存在则显示删除失败；Further, the implementation of the breakpoint and the breakpoint vector table is as follows: click to add a breakpoint, first traverse the breakpoint vector table to determine whether to add repeatedly, if the repeated addition shows that the breakpoint already exists, if not repeatedly added, the The program number and line number of the ladder diagram program are added to the breakpoint vector table; click Delete Breakpoint to traverse the breakpoint vector table. If there is a breakpoint, the breakpoint information will be deleted, and if it does not exist, the deletion failure will be displayed;

所述梯级向量表是一个由程序号、行号和梯级号(默认为1)组成的结构体数组，如图9所示，此时梯级向量表中的梯级信息为(0，21，1)和(1，10，2)。通过梯级向量表的方式实现跳出梯级只需每次遍历梯级向量表且梯级向量表中的存储的梯级信息较少，每进入一次梯级添加一条梯级信息，每跳出一次梯级删除一条梯级信息(实际调试过程中可能只有1-5条梯级信息)，相比于每次跳出梯级都要先查看是否存在与其父梯级同级的下一梯级，直到到达母线(几何用语，属于本领域公知常识)处的方法更加简单直接，极大的节省了调试过程中梯级控制花费的时间。The step vector table is a structure array made up of program number, row number and step number (1 by default), as shown in Figure 9, the step information in the step vector table is (0,21,1) and (1, 10, 2). To jump out of a step by means of the step vector table, it is only necessary to traverse the step vector table each time and the step information stored in the step vector table is less. Add a step information every time you enter a step, and delete a step information every time you jump out of a step (actual debugging There may be only 1-5 step information in the process), compared to jumping out of a step every time, it is necessary to check whether there is a next step at the same level as its parent step, until it reaches the bus (geometric term, which belongs to common knowledge in this field) The method is simpler and more direct, which greatly saves the time spent on cascade control during debugging.

进一步地，所述梯级的控制和梯级向量表的实现具体为，如图10所示：进入梯级指令会根据梯级向量表定位到程序中下一处调用函数或者子程序的位置，首先将调用函数或子程序此行程序下一行梯形图程序的梯级信息加入到梯级向量表中，然后再进入函数或子程序中，同时梯级号加1；当跳出梯级、函数执行完成或子程序执行完成后，程序返回上一梯级时只需将梯级号减1，根据此时的梯级号查询梯级向量表，找到此时梯级号对应的梯级信息，根据梯级信息中的程序号和行号，跳转到指定位置后删除梯级向量表中此条梯级信息，以此实现调试中对程序的梯级控制。Further, the realization of the control of the steps and the step vector table is specifically as shown in FIG. 10: entering the step instruction will locate the next calling function or subroutine position in the program according to the step vector table, and first call the function Or subprogram The step information of the next line of the ladder diagram program in this line of the program is added to the step vector table, and then enters the function or subroutine, and the step number is increased by 1 at the same time; When the program returns to the previous step, it only needs to decrement the step number by 1, query the step vector table according to the step number at this time, find the step information corresponding to the step number at this time, and jump to the specified step according to the program number and line number in the step information After the location, delete this step information in the step vector table, so as to realize the step control of the program during debugging.

例如：进入梯级前，找到调用函数或子程序的位置，该行梯形图程序的程序号，行号和此时梯级号为(0，20，1)，当进入梯级之前会将该行梯形图程序的下一行梯形图程序的程序号、行号和此时梯级号存储到梯级向量表中，需要保存的程序号，行号和梯级号为(0，21，1)，然后进入梯级，首先进入到函数或者子程序中第一行的位置处(此处以进入子程序为例)，进入子程序中1中，此时程序号，行号和梯级号为(1，0，2)，如果想跳出梯级，只需在梯级减1，在向量表中找到梯级号为1的梯级信息，然后直接跳转到程序号和行号(0，21)的位置，然后将梯形向量表中(0，21，1)的梯级信息删除，依次类推来实现梯级控制。For example: before entering the ladder, find the position where the function or subroutine is called, the program number of the line of the ladder diagram program, the line number and the ladder number at this time are (0, 20, 1), and the ladder diagram of the line will be The program number, line number and step number of the next line of the ladder diagram program in the program are stored in the step vector table. The program number, line number and step number to be saved are (0, 21, 1), and then enter the step, first Enter the position of the first line in the function or subroutine (take entering the subroutine as an example here), and enter the subroutine 1, at this time, the program number, line number and step number are (1, 0, 2), if If you want to jump out of the ladder, you only need to subtract 1 from the ladder, find the ladder information with the ladder number 1 in the vector table, and then directly jump to the position of the program number and line number (0, 21), and then add (0 , 21, 1) the cascade information is deleted, and so on to realize the cascade control.

为保证调试的安全性，本系统采用将下位机中原程序在flash预留备份地址中进行备份后，将原系统作为虚拟调试系统进行调试操作，调试结束后虚拟调试系统恢复为原系统，如图11所示。In order to ensure the safety of debugging, this system adopts the method of backing up the original program in the lower computer in the backup address reserved in flash, and then uses the original system as a virtual debugging system for debugging operations. After the debugging, the virtual debugging system restores to the original system, as shown in the figure 11.

进一步地，所述虚拟调试系统的搭建和调试：将原程序在flash中进行备份后，将原系统作为虚拟调试系统进行调试操作。对备份的程序与原程序进行比较，验证是否备份正确，如果验证成功，则虚拟调试系统开始工作，在调试结束后将所有的调试信息包括调试运行的程序全部清除，将备份的原程序写入到原系统，程序恢复正常运行，虚拟调试系统恢复为原系统；如果备份程序验证失败则返回程序备份错误信息；Further, the construction and debugging of the virtual debugging system: after the original program is backed up in flash, the original system is used as the virtual debugging system for debugging. Compare the backup program with the original program to verify whether the backup is correct. If the verification is successful, the virtual debugging system will start to work. After the debugging, all the debugging information including the debugging running program will be cleared, and the backup original program will be written into Return to the original system, the program resumes normal operation, and the virtual debugging system returns to the original system; if the backup program verification fails, the program backup error message will be returned;

进一步地，所述多种调试功能的实现包括，如图13所示：程序控制和梯级控制；所述程序控制包括：单步执行、连续执行、暂停、结束调试、添加断点、清除断点；所述梯级控制包括：进入梯级、下一梯级、跳出梯级；所述多种调试功能可精确高效的控制每行梯形图程序，直观的显示调试过程中正在运行指令的状态和使用到的各触点的值，同时可以通过调用监控图表查看调试过程中内存地址的数据。Further, the realization of the various debugging functions includes, as shown in Figure 13: program control and ladder control; the program control includes: single-step execution, continuous execution, pause, end debugging, adding breakpoints, clearing breakpoints The ladder control includes: entering the ladder, the next ladder, and jumping out of the ladder; the various debugging functions can accurately and efficiently control each line of the ladder diagram program, and intuitively display the state of the running command and the various used commands during the debugging process. The value of the contact, and at the same time, you can view the data of the memory address during the debugging process by calling the monitoring chart.

优选地，所述虚拟调试系统工作流程如图12所示：首先对程序进行初始化，对每行程序赋予一个唯一的调试信息，等待调试命令(包括单步执行、连续执行、结束调试、添加断点、清除断点、暂停、清除断点、软复位、进入梯级、下一梯级和跳出梯级)。程序开始运行，在程序运行过程中有新的调试命令则执行新的调试命令，没有则继续运行；程序在运行到每行代码之前，将该行代码的程序号和行号与断点向量表中的程序号和行号进行比较，判断是否有断点，没有断点则执行下一行程序；有断点则程序暂停在此行，等待下一步的调试命令，直到调试结束；调试结束后删除原程序，虚拟调试系统恢复原系统。Preferably, the workflow of the virtual debugging system is shown in Figure 12: first, the program is initialized, a unique debugging information is given to each line of the program, and the debugging command (including single-step execution, continuous execution, end debugging, adding interrupt, etc.) is waited for. point, clear breakpoint, pause, clear breakpoint, soft reset, enter rung, next rung, and exit rung). The program starts to run, and if there is a new debugging command during the running of the program, it will execute the new debugging command, and if there is no new debugging command, it will continue to run; before the program runs to each line of code, the program number and line number of the line of code and the breakpoint vector table Compare the program number in the program with the line number to determine whether there is a breakpoint. If there is no breakpoint, the next line of program will be executed; if there is a breakpoint, the program will pause at this line and wait for the next debugging command until the debugging is over; delete it after debugging The original program, the virtual debugging system restores the original system.

梯形图在整个设计过程中是以梯级的形式存在，因此在线调试以此为依据分为对程序的控制和对梯级的控制。The ladder diagram exists in the form of steps in the whole design process, so the online debugging is divided into the control of the program and the control of the steps based on this.

在调试开始后，单步执行、连续执行、结束调试、添加断点、进入梯级、下一梯级和软复位使能打开，暂停、清除断点和跳出梯级使能关闭。After debugging starts, single stepping, continuous execution, end debugging, add breakpoint, step into rung, next rung, and soft reset are enabled, and pause, clear breakpoint, and step out of rung are turned off.

单步执行：点击单步执行后，发送调试指令和单步执行命令码(报文格式为标识码、终端地址和命令码，标识码为调试指令，终端地址为下位机地址，命令码为单步执行命令码)，需要返回报文，得到当前程序暂停的程序号和行号，无需对该行梯形图程序进行的断点检测(所述的断点检测，即将该梯形图程序的程序号和行号与断点向量表进行比较)直接进入到下一行梯形图程序并在此行程序暂停。Single-step execution: After clicking single-step execution, the debugging instruction and single-step execution command code are sent (the message format is identification code, terminal address and command code, the identification code is the debugging instruction, the terminal address is the address of the lower computer, and the command code is single step execution command code), it is necessary to return a message to obtain the program number and line number where the current program is suspended, and there is no need to perform a breakpoint detection on the ladder diagram program of the line (the above-mentioned breakpoint detection means the program number of the ladder diagram program) and compare the line number with the breakpoint vector table) to directly enter the next line of ladder diagram program and stop at this line.

连续执行：在没有添加断点的情况下(断点向量表为空时)，点击连续执行，发送调试指令和连续执行命令码，无需返回报文，不会进行断点检测，暂停、结束调试和软复位使能打开，其余使能关闭，程序正常运行到结尾处停止。在有添加断点的情况下，点击连续执行，会对每行程序检测其程序号和行号，暂停使能关闭，其余使能打开，程序最终会暂停在断点处。Continuous execution: When no breakpoint is added (when the breakpoint vector table is empty), click Continuous execution to send debugging instructions and continuous execution command codes without returning messages, no breakpoint detection, pause and end debugging and soft reset are enabled, and the rest are disabled, and the program runs normally until it stops at the end. In the case of adding a breakpoint, click on continuous execution, the program number and line number of each line of program will be detected, the pause enable will be turned off, and the rest will be turned on, and the program will eventually pause at the breakpoint.

暂停：只有在连续运行的时候暂停功能使能打开，点击暂停，发送调试指令和暂停命令码，需要返回报文，得到当前程序暂停的程序号和行号，程序暂停后，暂停使能关闭，其余使能打开。Pause: The pause function can only be enabled during continuous operation. Click Pause to send a debugging command and a pause command code. It needs to return a message to get the program number and line number of the current program pause. After the program pauses, the pause enable is turned off. The rest are enabled.

结束调试：点击结束调试，发送调试指令和调试结束命令码，返回报文，调试系统所有使能均关闭，删除所有的调试信息和调试程序，将备份的程序重新写入到原系统中，调试结束，程序恢复到正常运行。End debugging: Click End Debugging, send debugging instructions and debugging end command codes, return messages, disable all debugging system capabilities, delete all debugging information and debugging programs, rewrite the backup programs to the original system, and debug When finished, the program returns to normal operation.

添加断点：点击添加断点，发送调试指令和添加断点命令码，需要返回报文，得到当前断点的程序号和行号，将当前行梯形图程序的程序号和行号加入断点向量表。如果断点向量表中已有当前的行的断点信息则显示重复添加；如果断点设置成功，在调试系统界面的该行梯形图程序处增加断点标记，直观的显示出程序在此处暂停。Add breakpoint: click Add Breakpoint, send debugging instructions and add breakpoint command code, need to return message, get the program number and line number of the current breakpoint, add the program number and line number of the current line of ladder diagram program to the breakpoint vector table. If the breakpoint information of the current line already exists in the breakpoint vector table, it will display repeated addition; if the breakpoint is set successfully, a breakpoint mark will be added at the ladder diagram program of the line in the debugging system interface, and it will be intuitively displayed that the program is here pause.

清除断点：清除断点分为单行清除和全部清除。点击单行清除，发送调试指令和单行清除命令码，无需返回报文，会在断点向量表中删除指定行的程序号和行号，同时清除该行梯形图程序在调试系统界面的断点标记；点击全部清除，发送调试指令和全部清除命令码，无需返回报文，会删除断点向量表中所有的断点信息，同时清除调试系统中的所有断点标记。可以通过查看调试系统界面的断点标记或断点向量表中的断点信息是否被清除，判断是否清除成功。Clear breakpoints: Clear breakpoints are divided into single-line clear and all clear. Click single-line clear to send debugging instructions and single-line clear command codes without returning messages. The program number and line number of the specified line will be deleted in the breakpoint vector table, and the breakpoint mark of the ladder diagram program on the debugging system interface will be cleared at the same time. ;Click Clear All to send debugging instructions and clear all command codes without returning a message, and all breakpoint information in the breakpoint vector table will be deleted, and all breakpoint marks in the debugging system will be cleared at the same time. You can judge whether the clearing is successful by checking whether the breakpoint mark on the debugging system interface or the breakpoint information in the breakpoint vector table is cleared.

软复位：点击软复位，发送调试指令和软复位命令码，无需返回报文，暂停使能关闭，其余使能打开。断点信息将会被保留，程序恢复到调试准备状态，从主程序的第一行程序开始执行其他调试操作。Soft reset: Click soft reset to send debugging commands and soft reset command codes, no need to return messages, the pause enable is turned off, and the rest are turned on. The breakpoint information will be retained, the program will be restored to the debugging ready state, and other debugging operations will be performed from the first line of the main program.

进入梯级：点击进入梯级，发送调试指令和进入梯级命令码，需要返回报文，得到当前梯形图程序的梯级号，暂停使能关闭其余使能打开。进入梯级指令会自动找到所在程序中下一处调用函数或者子程序的位置，进入梯级之前会将该行梯形图程序的下一行梯形图程序的程序号、行号和此时的梯级号存储到梯级向量表中。进入到函数或者子程序中，在函数或子程序的第一行梯形图程序处暂停，梯级号加1，此时梯形图程序的梯级号为2(默认为梯级号为1，每进入一次梯级，梯级号加1)。如果所在程序中没有调用函数或者子程序则显示进入梯级失败。Enter the step: click to enter the step, send the debugging command and enter the step command code, need to return the message, get the step number of the current ladder diagram program, pause the enable and close the rest enable. Entering the step instruction will automatically find the next calling function or subroutine position in the program. Before entering the step, it will store the program number, line number and step number of the next line of the ladder diagram program in the ladder diagram program at this time. rung vector table. Enter the function or subroutine, pause at the first line of the ladder diagram program of the function or subroutine, and add 1 to the step number, at this time the step number of the ladder diagram program is 2 (the default step number is 1, every time you enter the step , step number plus 1). If there is no function or subroutine called in the program, it will display failure to enter the ladder.

下一梯级：点击下一梯级，发送调试指令和下一梯级命令码，需要返回报文，得到当前梯形图程序暂停的程序号、行号和梯级号，暂停使能关闭其余使能打开。进入梯级指令会自动找到所在程序中下一处调用函数或者子程序的位置并在此行暂停，如果所在程序中没有调用函数或者子程序则显示寻找下一梯级失败。Next rung: Click on the next rung, send the debugging command and the next rung command code, need to return the message, get the program number, line number and rung number of the current ladder diagram program pause, disable the pause enable and enable the rest. Entering the ladder instruction will automatically find the next calling function or subroutine in the program and pause at this line. If there is no function or subroutine calling in the program, it will display failure to find the next rung.

跳出梯级：点击跳出梯级，发送调试指令和跳出梯级命令码，需要返回报文，得到当前梯形图程序暂停的程序号、行号和梯级号，暂停使能关闭其余使能打开。跳出梯级、函数执行完或子程序执行完，返回上一梯级的程序中，是根据动态的梯级号完成的，梯级号减1，在梯级向量表中查询梯级号相同的梯级信息并跳转到该行程序。Jump out of the rung: click the jump out of the rung, send the debugging command and the jump out of the rung command code, need to return the message, get the program number, line number and rung number of the current ladder diagram program pause, disable the pause enable and enable the rest. After jumping out of a step, executing a function or a subroutine, returning to the program of the previous step is completed according to the dynamic step number, and the step number is decremented by 1, and the step information of the step with the same step number is queried in the step vector table and jumps to The line program.

本实施例所述的调试系统的图形化界面根据能流是否通过对指令进行颜色区分，有能流通过的指令进行高亮显示，没有能流通过的指令为暗灰色，将有能流通过的连接线样式设置为实线同时高亮显示，将没有能流通过的连接线样式设置为虚线同时颜色设置为暗灰色。图形化界面有单步执行、连续执行、添加断点、清除断点、暂停、进入梯级、下一级梯级、跳出梯级、暂停、软复位、调试结束、监控图表等按钮。The graphical interface of the debugging system described in this embodiment differentiates the instructions according to whether the power flow passes through. The instructions with power flow are highlighted, and the instructions without power flow are dark gray. Set the connecting line style to solid and highlight it, and set the connecting line style to dashed and color it to dark gray if there is no flow through it. The graphical interface has buttons for single-step execution, continuous execution, add breakpoint, clear breakpoint, pause, enter step, next step, exit step, pause, soft reset, end of debugging, monitor chart, etc.

监控图表：点击监控图表后会在调试的过程中打开监控图表，可选择六种监控模式，支持查看下位机内部数据地址或寄存器的值，所述寄存器及其作用为本领域的公知常识，不再赘述。Monitoring chart: After clicking the monitoring chart, the monitoring chart will be opened during the debugging process. Six monitoring modes can be selected, and it is supported to view the internal data address or register value of the lower computer. The register and its function are common knowledge in the field. Let me repeat.

显然，本发明的上述实施例仅仅是为清楚地说明本发明技术方案所作的举例，而并非是对本发明的具体实施方式的限定。凡在本发明权利要求书的精神和原则之内所做的任何修改、等同替换和改进等，均应包含在本发明权利要求的保护范围之内。Apparently, the above-mentioned embodiments of the present invention are only examples for clearly illustrating the technical solution of the present invention, rather than limiting the specific implementation manner of the present invention. All modifications, equivalent replacements and improvements made within the spirit and principle of the claims of the present invention shall be included in the protection scope of the claims of the present invention.