From 50ad31d58ad8e7d10fbfbdccf25bd3a6b2f616e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20H=C3=BCttel?= Date: Tue, 2 Feb 2021 20:35:45 +0100 Subject: [PATCH] Issue #26: Add configuration for overtemperature flag to safety controller and include the config in the memory checking --- stm-firmware/calibration.c | 3 + .../reflow-controller/safety/safety-config.h | 5 ++ .../safety/safety-controller.h | 17 ++++- stm-firmware/safety/safety-controller.c | 68 +++++++++++++++++++ 4 files changed, 92 insertions(+), 1 deletion(-) diff --git a/stm-firmware/calibration.c b/stm-firmware/calibration.c index 432b580..3919a29 100644 --- a/stm-firmware/calibration.c +++ b/stm-firmware/calibration.c @@ -193,6 +193,7 @@ shellmatta_retCode_t calibration_sequence_shell_cmd(shellmatta_handle_t shell, c case CAL_START: /* Clear errors of PT1000 reading */ safety_controller_ack_flag(ERR_FLAG_MEAS_ADC_WATCHDOG); + safety_controller_ack_flag(ERR_FLAG_OVERTEMP); adc_pt1000_get_resistance_calibration(&offset, &sens_dev, &cal_active); if (cal_active) { shellmatta_printf(shell, "Already calibrated.\r\n\tOffset: %f\r\n\tSens: %f\r\n", offset, sens_dev); @@ -213,6 +214,7 @@ shellmatta_retCode_t calibration_sequence_shell_cmd(shellmatta_handle_t shell, c ret_val = SHELLMATTA_BUSY; shellmatta_printf(shell, "Measurement...\r\n"); safety_controller_ack_flag(ERR_FLAG_MEAS_ADC_WATCHDOG); + safety_controller_ack_flag(ERR_FLAG_OVERTEMP); data_buffer = calibration_acquire_data_start(512UL, &flag); break; } else if (stdin_data[i] == '\x03') { @@ -264,6 +266,7 @@ shellmatta_retCode_t calibration_sequence_shell_cmd(shellmatta_handle_t shell, c ret_val = SHELLMATTA_BUSY; shellmatta_printf(shell, "Measurement...\r\n"); safety_controller_ack_flag(ERR_FLAG_MEAS_ADC_WATCHDOG); + safety_controller_ack_flag(ERR_FLAG_OVERTEMP); data_buffer = calibration_acquire_data_start(512UL, &flag); break; } else if (stdin_data[i] == '\x03') { diff --git a/stm-firmware/include/reflow-controller/safety/safety-config.h b/stm-firmware/include/reflow-controller/safety/safety-config.h index 740365e..381723c 100644 --- a/stm-firmware/include/reflow-controller/safety/safety-config.h +++ b/stm-firmware/include/reflow-controller/safety/safety-config.h @@ -129,6 +129,11 @@ enum analog_value_monitor { #define SAFETY_EXT_WATCHDOG_RCC_MASK RCC_AHB1ENR_GPIODEN #define SAFETY_EXT_WATCHDOG_PIN (12) +/** + * @brief Default Limit of the overtemperature detection + */ +#define SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC (260.0f) + /** * @brief Key used to lock the safety flags coming from the measurment ADC from external ack'ing */ diff --git a/stm-firmware/include/reflow-controller/safety/safety-controller.h b/stm-firmware/include/reflow-controller/safety/safety-controller.h index 790d58d..0279164 100644 --- a/stm-firmware/include/reflow-controller/safety/safety-controller.h +++ b/stm-firmware/include/reflow-controller/safety/safety-controller.h @@ -250,7 +250,22 @@ int safety_controller_get_timing_mon_name_by_index(uint32_t index, char *buffer, * @brief Get the count of timing monitors * @return Timing monitor count */ -uint32_t safety_controller_get_timing_monitor_count(); +uint32_t safety_controller_get_timing_monitor_count(void); + +/** + * @brief Set the overtemperature limit and store it permanently in the EEPROM + * + * If no EEPROM is present, this will fail. The default value @ref SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC will be used. + * @param over_temperature Over temperature to set + * @return 0 if successfully saved and applied, negative if error + */ +int safety_controller_configure_overtemp_limit(float over_temperature); + +/** + * @brief Read the current overtemperature limit. + * @return Over temperature limit + */ +float safety_controller_get_overtemp_limit(void); #endif /* __SAFETY_CONTROLLER_H__ */ diff --git a/stm-firmware/safety/safety-controller.c b/stm-firmware/safety/safety-controller.c index 06c85fc..3a953c9 100644 --- a/stm-firmware/safety/safety-controller.c +++ b/stm-firmware/safety/safety-controller.c @@ -41,6 +41,7 @@ #include #include #include +#include /** * @brief Macro that checks if a given @ref error_flag is persistent @@ -144,6 +145,13 @@ struct analog_mon { uint64_t timestamp; }; +struct overtemp_config { + uint32_t crc_dummy_seed; + float overtemp_deg_celsius; + float overtemp_equiv_resistance; + uint32_t crc; +}; + /** * @brief All safety error flags. */ @@ -234,6 +242,45 @@ static volatile struct safety_weight IN_SECTION(.ccm.bss) flag_weights[COUNT_OF( */ static uint32_t IN_SECTION(.ccm.bss) flag_weight_crc; +/** + * @brief Configuration struct containing the overtemperature flag configuration + */ +static struct overtemp_config IN_SECTION(.ccm.bss) safety_controller_overtemp_config; + +/** + * @brief Configure the overtemperature flag's settings + * @param over_temperature Temperature to set the limit to. + */ +static void set_overtemp_config(float over_temperature) +{ + int result; + float resistance; + + result = temp_convertet_convert_temp_to_resistance(over_temperature, &resistance); + /* An error in this function is really bad... */ + if (result < -1) + panic_mode(); + + crc_unit_reset(); + safety_controller_overtemp_config.crc_dummy_seed = 0xA4F5C7E6UL; + safety_controller_overtemp_config.overtemp_deg_celsius = over_temperature; + safety_controller_overtemp_config.overtemp_equiv_resistance = resistance; + crc_unit_input_array((const uint32_t *)&safety_controller_overtemp_config, wordsize_of(struct overtemp_config) - 1); + safety_controller_overtemp_config.crc = crc_unit_get_crc(); +} + +static bool over_temperature_config_check(void) +{ + if (safety_controller_overtemp_config.crc_dummy_seed != 0xA4F5C7E6UL) + return true; + crc_unit_reset(); + crc_unit_input_array((const uint32_t *)&safety_controller_overtemp_config, wordsize_of(struct overtemp_config) - 1); + if (crc_unit_get_crc() != safety_controller_overtemp_config.crc) + return true; + + return false; +} + /** * @brief Convert a flag enum to the flag number. * @@ -721,6 +768,9 @@ void safety_controller_init() init_safety_flag_persistencies_from_default(); apply_config_overrides(); + /* Set the default limit of the overtemperature check */ + set_overtemp_config(SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC); + if (found_memory_state == SAFETY_MEMORY_INIT_CORRUPTED) safety_controller_report_error(ERR_FLAG_SAFETY_MEM_CORRUPT); else if (found_memory_state == SAFETY_MEMORY_INIT_VALID_MEMORY) { @@ -842,6 +892,7 @@ static void safety_controller_handle_safety_adc() * Aditionally, the default flag weights are restored from Flash. * 3) The flag persistency table is CRC checked. In case of an error, the @ref ERR_FLAG_SAFETY_TAB_CORRUPT flag is set. * Aditionally, the default values of the flag persistence is restored from Flash. + * 4) Check the Overtemperature flag configuration structure */ static void safety_controller_handle_memory_checks(void) { @@ -870,6 +921,12 @@ static void safety_controller_handle_memory_checks(void) safety_controller_report_error(ERR_FLAG_SAFETY_TAB_CORRUPT); init_safety_flag_persistencies_from_default(); } + + /* check overtemp struct */ + if (over_temperature_config_check()) { + safety_controller_report_error(ERR_FLAG_SAFETY_TAB_CORRUPT); + set_overtemp_config(SAFETY_DEFAULT_OVERTEMP_LIMIT_DEGC); + } } } @@ -1220,4 +1277,15 @@ int safety_controller_get_timing_mon_by_index(uint32_t index, struct timing_moni return 0; } +int safety_controller_set_overtemp_limit(float over_temperature) +{ + set_overtemp_config(over_temperature); + return 0; +} + +float safety_controller_get_overtemp_limit(void) +{ + return safety_controller_overtemp_config.overtemp_deg_celsius; +} + /** @} */