Add structure for safety controller config.

stm-firmware/Makefile

@@ -47,7 +47,7 @@ CFILES += fatfs/diskio.c fatfs/ff.c fatfs/ffsystem.c fatfs/ffunicode.c fatfs/shi
 CFILES += pid-controller.c oven-driver.c
 CFILES += settings/settings.c settings/settings-sd-card.c
 
-CFILES += safety/safety-adc.c safety/safety-controller.c safety/watchdog.c
+CFILES += safety/safety-adc.c safety/safety-controller.c safety/watchdog.c safety/safety-controller-config-default.c
 
 DEBUG_DEFINES = -DDEBUGBUILD
 RELEASE_DEFINES =

stm-firmware/include/reflow-controller/safety/safety-controller-config-default.h

@@ -0,0 +1,92 @@
+/* Reflow Oven Controller
+*
+* Copyright (C) 2020  Mario Hüttel <mario.huettel@gmx.net>
+*
+* This file is part of the Reflow Oven Controller Project.
+*
+* The reflow oven controller is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License version 2 as
+* published by the Free Software Foundation.
+*
+* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with the reflow oven controller project.
+* If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/**
+ * @defgroup safety-controller-config Safety Controller Setup
+ * @ingroup safety-controller
+ * @addtogroup safety-controller-config
+ * @{
+ */
+
+#ifndef __SAFETY_CONTROLLER_CONFIG_H__
+#define __SAFETY_CONTROLLER_CONFIG_H__
+
+#include <stdint.h>
+#include <stdbool.h>
+
+typedef enum {
+	ERROR_FLAG_NO_ERR = 0x55,
+	ERROR_FLAG_ERR = 0xAA,
+} error_flag_state;
+
+enum safety_flag {
+	ERR_FLAG_MEAS_ADC_OFF = 0,
+	ERR_FLAG_MEAS_ADC_OVERFLOW,
+	ERR_FLAG_MEAS_ADC_WATCHDOG,
+	ERR_FLAG_MEAS_ADC_UNSTABLE,
+	N_ERR_FLAG,
+};
+
+enum timing_monitor {
+	ERR_TIMING_PID = 0,
+	ERR_TIMING_MEAS_ADC,
+	N_ERR_TIMING
+};
+
+enum analog_value_monitor {
+	ERR_AMON_VREF = 0,
+	ERR_AMON_UC_TEMP,
+	N_ERR_AMON
+};
+
+
+struct error_flag_config {
+	bool clear_by_sw;
+	bool persistent;
+};
+
+struct timing_mon_config {
+	bool clear_by_sw;
+	bool persistent;
+	uint64_t max_delta;
+	uint64_t min_delta;
+};
+
+struct analog_mon_config {
+	bool clear_by_sw;
+	bool persistent;
+	float min;
+	float max;
+};
+
+struct safety_controller_config {
+	uint32_t flag_cnt;
+	struct error_flag_config flag_configs[N_ERR_FLAG];
+	uint32_t timing_mon_cnt;
+	struct timing_mon_config timing_configs[N_ERR_FLAG];
+	uint32_t analog_mon_cnt;
+	struct analog_mon_config analog_configs[N_ERR_AMON];
+};
+
+const struct safety_controller_config *safety_controller_default_config_get();
+
+#endif /* __SAFETY_CONTROLLER_CONFIG_H__ */
+
+/** @} */

stm-firmware/include/reflow-controller/safety/safety-controller.h

@@ -18,9 +18,37 @@
 * If not, see <http://www.gnu.org/licenses/>.
 */
 
+/**
+ * @addtogroup safety-controller
+ * @{
+ */
+
+
 #ifndef __SAFETY_CONTROLLER_H__
 #define __SAFETY_CONTROLLER_H__
 
+#include <reflow-controller/safety/safety-controller-config-default.h>
+
+
+/**
+ * @brief Initialize the safety controller
+ *
+ * After a call to this function the controller is iniotlaized and the watchdog is set up.
+ * You have to call safety_controller_handle
+ * If this function fails, it will hang, because errors in the safety controller are not recoverable
+ */
+void safety_controller_init();
+
+/**
+ * @brief Handle the safety controller.
+ * @note This function must be executed periodically in order to prevent the watchdog from resetting the firmware
+ * @return 0 if successful
+ */
+int safety_controller_handle();
+
+int safety_controller_report_error();
 
 
 #endif /* __SAFETY_CONTROLLER_H__ */
+
+/** @} */

stm-firmware/safety/safety-controller-config-default.c

@@ -0,0 +1,51 @@
+/* Reflow Oven Controller
+*
+* Copyright (C) 2020  Mario Hüttel <mario.huettel@gmx.net>
+*
+* This file is part of the Reflow Oven Controller Project.
+*
+* The reflow oven controller is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License version 2 as
+* published by the Free Software Foundation.
+*
+* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with the reflow oven controller project.
+* If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/**
+ * @defgroup safety-controller-config Safety Controller Setup
+ * @ingroup safety-controller
+ * @addtogroup safety-controller-config
+ * @{
+ */
+
+#include <reflow-controller/safety/safety-controller-config-default.h>
+
+static const struct safety_controller_config default_conf = {
+	.flag_cnt = N_ERR_FLAG,
+	.flag_configs = {
+		{.clear_by_sw = false, .persistent = false}, /* ERR_FLAG_MEAS_ADC_OFF */
+		{.clear_by_sw = true, .persistent = true}, /* ERR_FLAG_MEAS_ADC_OVERFLOW */
+		{.clear_by_sw = true, .persistent = true}, /* ERR_FLAG_MEAS_ADC_WATCHDOG */
+		{.clear_by_sw = false, .persistent = false}, /* ERR_FLAG_MEAS_ADC_UNSTABLE */
+	},
+	.timing_mon_cnt = N_ERR_TIMING,
+	.timing_configs = {
+		{}, /* ERR_TIMING_PID */
+		{}, /* ERR_TIMING_MEAS_ADC */
+	}
+};
+
+const struct safety_controller_config *safety_controller_default_config_get()
+{
+	return &default_conf;
+}
+
+
+/** @} */

stm-firmware/safety/safety-controller.c

@@ -18,4 +18,15 @@
 * If not, see <http://www.gnu.org/licenses/>.
 */
 
+/**
+ * @addtogroup safety-controller
+ * @{
+ */
+
 #include <reflow-controller/safety/safety-controller.h>
+#include <reflow-controller/safety/safety-config.h>
+
+
+
+
+/** @} */

stm-firmware/safety/safety-controller.dox

@@ -0,0 +1,7 @@
+/**
+@defgroup safety-controller Safety Controller
+@ingroup safety
+This is the main module for the safety part of the firmware. It monitors
+analog values, error states and timeouts of timing critical sections of the firmware.
+
+*/