diff --git a/stm-firmware/Makefile b/stm-firmware/Makefile
index 4ac92ae..f184317 100644
--- a/stm-firmware/Makefile
+++ b/stm-firmware/Makefile
@@ -47,7 +47,7 @@ CFILES += fatfs/diskio.c fatfs/ff.c fatfs/ffsystem.c fatfs/ffunicode.c fatfs/shi
CFILES += pid-controller.c oven-driver.c
CFILES += settings/settings.c settings/settings-sd-card.c
-CFILES += safety/safety-adc.c
+CFILES += safety/safety-adc.c safety/safety-controller.c safety/watchdog.c
DEBUG_DEFINES = -DDEBUGBUILD
RELEASE_DEFINES =
diff --git a/stm-firmware/include/reflow-controller/safety/safety-adc.h b/stm-firmware/include/reflow-controller/safety/safety-adc.h
index 675f374..17082eb 100644
--- a/stm-firmware/include/reflow-controller/safety/safety-adc.h
+++ b/stm-firmware/include/reflow-controller/safety/safety-adc.h
@@ -18,6 +18,11 @@
* If not, see .
*/
+/**
+ * @addtogroup safety-adc
+ * @{
+ */
+
#ifndef __SAFETY_ADC_H__
#define __SAFETY_ADC_H__
@@ -68,3 +73,5 @@ float safety_adc_get_temp();
float safety_adc_get_vref();
#endif /* __SAFETY_ADC_H__ */
+
+/** @} */
diff --git a/stm-firmware/include/reflow-controller/safety/safety-config.h b/stm-firmware/include/reflow-controller/safety/safety-config.h
new file mode 100644
index 0000000..c7a496d
--- /dev/null
+++ b/stm-firmware/include/reflow-controller/safety/safety-config.h
@@ -0,0 +1,38 @@
+/* Reflow Oven Controller
+*
+* Copyright (C) 2020 Mario Hüttel
+*
+* This file is part of the Reflow Oven Controller Project.
+*
+* The reflow oven controller is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License version 2 as
+* published by the Free Software Foundation.
+*
+* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with the reflow oven controller project.
+* If not, see .
+*/
+
+#ifndef __SAFETY_CONFIG_H__
+#define __SAFETY_CONFIG_H__
+
+/**
+ * @brief Magic key used to reset the watchdog using the @ref watchdog_ack function
+ */
+#define WATCHDOG_MAGIC_KEY 0x1a2c56F4
+
+/**
+ * @brief If one, the watchdog is halted whenever the core is halted by the debugger.
+ *
+ * This is only applicable in a debug build. In release mode, the watchdog stays always enabled
+ */
+#define WATCHDOG_HALT_DEBUG (1)
+
+#define WATCHDOG_PRESCALER 4
+
+#endif /* __SAFETY_CONFIG_H__ */
diff --git a/stm-firmware/include/reflow-controller/safety/safety-controller.h b/stm-firmware/include/reflow-controller/safety/safety-controller.h
new file mode 100644
index 0000000..81c1925
--- /dev/null
+++ b/stm-firmware/include/reflow-controller/safety/safety-controller.h
@@ -0,0 +1,26 @@
+/* Reflow Oven Controller
+*
+* Copyright (C) 2020 Mario Hüttel
+*
+* This file is part of the Reflow Oven Controller Project.
+*
+* The reflow oven controller is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License version 2 as
+* published by the Free Software Foundation.
+*
+* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with the reflow oven controller project.
+* If not, see .
+*/
+
+#ifndef __SAFETY_CONTROLLER_H__
+#define __SAFETY_CONTROLLER_H__
+
+
+
+#endif /* __SAFETY_CONTROLLER_H__ */
diff --git a/stm-firmware/include/reflow-controller/safety/watchdog.h b/stm-firmware/include/reflow-controller/safety/watchdog.h
new file mode 100644
index 0000000..9938aa2
--- /dev/null
+++ b/stm-firmware/include/reflow-controller/safety/watchdog.h
@@ -0,0 +1,43 @@
+/* Reflow Oven Controller
+*
+* Copyright (C) 2020 Mario Hüttel
+*
+* This file is part of the Reflow Oven Controller Project.
+*
+* The reflow oven controller is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License version 2 as
+* published by the Free Software Foundation.
+*
+* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with the reflow oven controller project.
+* If not, see .
+*/
+
+#ifndef __WATCHDOG_H__
+#define __WATCHDOG_H__
+
+#include
+#include
+
+/**
+ * @brief Setup the watchdog for the safety controller
+ * @param Prescaler to use for the 32 KHz LSI clock
+ * @return 0 if successful
+ * @note Once the watchdog is enabled, it cannot be turned off!
+ */
+int watchdog_setup(uint8_t prescaler);
+
+/**
+ * @brief Reset watchdog counter
+ * @param magic Magic value to prevent this fuinction from being called randomly
+ * @return 0 if successful
+ */
+int watchdog_ack(uint32_t magic);
+
+
+#endif /* __WATCHDOG_H__ */
diff --git a/stm-firmware/safety/safety-adc.c b/stm-firmware/safety/safety-adc.c
index 7467f1f..cadc9d6 100644
--- a/stm-firmware/safety/safety-adc.c
+++ b/stm-firmware/safety/safety-adc.c
@@ -18,6 +18,11 @@
* If not, see .
*/
+/**
+ * @addtogroup safety-adc
+ * @{
+ */
+
#include
#include
#include
@@ -186,3 +191,5 @@ float safety_adc_get_vref()
{
return safety_vref;
}
+
+/** @} */
diff --git a/stm-firmware/safety/safety-adc.dox b/stm-firmware/safety/safety-adc.dox
new file mode 100644
index 0000000..5406cac
--- /dev/null
+++ b/stm-firmware/safety/safety-adc.dox
@@ -0,0 +1,8 @@
+/**
+@defgroup safety-adc Safety ADC
+@ingroup safety
+
+The safety ADC continuously monitors the microcontrollers internal core temperature (and therefore the whole device's temperature) and the external reference voltage compared to its
+internal bandgap reference voltage.
+
+*/
diff --git a/stm-firmware/safety/safety-controller.c b/stm-firmware/safety/safety-controller.c
new file mode 100644
index 0000000..350c7b8
--- /dev/null
+++ b/stm-firmware/safety/safety-controller.c
@@ -0,0 +1,21 @@
+/* Reflow Oven Controller
+*
+* Copyright (C) 2020 Mario Hüttel
+*
+* This file is part of the Reflow Oven Controller Project.
+*
+* The reflow oven controller is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License version 2 as
+* published by the Free Software Foundation.
+*
+* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with the reflow oven controller project.
+* If not, see .
+*/
+
+#include
diff --git a/stm-firmware/safety/safety.dox b/stm-firmware/safety/safety.dox
new file mode 100644
index 0000000..d6b7d22
--- /dev/null
+++ b/stm-firmware/safety/safety.dox
@@ -0,0 +1,6 @@
+/**
+
+@defgroup safety Safety Module
+@brief Safety Supervisor Module
+This is the safety module which ensures safe operation of the reflow controller
+*/
diff --git a/stm-firmware/safety/watchdog.c b/stm-firmware/safety/watchdog.c
new file mode 100644
index 0000000..845198a
--- /dev/null
+++ b/stm-firmware/safety/watchdog.c
@@ -0,0 +1,99 @@
+/* Reflow Oven Controller
+*
+* Copyright (C) 2020 Mario Hüttel
+*
+* This file is part of the Reflow Oven Controller Project.
+*
+* The reflow oven controller is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License version 2 as
+* published by the Free Software Foundation.
+*
+* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with the reflow oven controller project.
+* If not, see .
+*/
+
+/**
+ * @addtogroup watchdog
+ * @{
+ */
+
+#include
+#include
+
+/**
+ * @brief This key is expected by hardware to be written to the IWDG_KR register in order to reset the watchdog
+ */
+#define STM32_WATCHDOG_RESET_KEY 0xAAAA
+
+/**
+ * @brief This key is expected by hardware to be written to the IWDG_KR register in order to enable the watchdog
+ */
+#define STM32_WATCHDOG_ENABLE_KEY 0xCCCC
+
+/**
+ * @brief This key is expected by hardware to be written to the IWDG_KR register in order to enable access to config
+ * registers
+ */
+#define STM32_WATCHDOG_REGISTER_ACCESS_KEY 0x5555
+
+int watchdog_setup(uint8_t prescaler)
+{
+ uint32_t prescaler_reg_val;
+
+ /** - Activate the LSI oscillator */
+ RCC->CSR |= RCC_CSR_LSION;
+ __DSB();
+ /** - Wait for the oscillator to be ready */
+ while (!(RCC->CSR & RCC_CSR_LSIRDY));
+
+ if (prescaler == 4)
+ prescaler_reg_val = 0UL;
+ else if (prescaler == 8)
+ prescaler_reg_val = 1UL;
+ else if (prescaler == 16)
+ prescaler_reg_val = 2UL;
+ else if (prescaler == 32)
+ prescaler_reg_val = 3UL;
+ else if (prescaler == 64)
+ prescaler_reg_val = 4UL;
+ else if (prescaler == 128)
+ prescaler_reg_val = 5UL;
+ else
+ prescaler_reg_val = 6UL;
+
+ /** - Unlock registers */
+ IWDG->KR = STM32_WATCHDOG_REGISTER_ACCESS_KEY;
+
+ /** - Write prescaler value */
+ IWDG->PR = prescaler_reg_val;
+
+ /** - Set reload value fixed to 0xFFF */
+ IWDG->RLR = 0xFFFU;
+
+ /** - Write enable key */
+ IWDG->KR = STM32_WATCHDOG_ENABLE_KEY;
+
+ return 0;
+}
+
+int watchdog_ack(uint32_t magic)
+{
+ int ret = -1;
+
+ /** - Check if magic key is correct */
+ if (magic == WATCHDOG_MAGIC_KEY) {
+ /** - Write reset key to watchdog */
+ IWDG->KR = STM32_WATCHDOG_RESET_KEY;
+ ret = 0;
+ }
+
+ return ret;
+}
+
+/** @} */
diff --git a/stm-firmware/safety/watchdog.dox b/stm-firmware/safety/watchdog.dox
new file mode 100644
index 0000000..c18cb47
--- /dev/null
+++ b/stm-firmware/safety/watchdog.dox
@@ -0,0 +1,9 @@
+/**
+@defgroup watchdog Independent Watchdog
+@ingroup safety
+
+The independet watchdog module enusres that the safety controller run continuously and the whole formware does not lock.
+The watchdog is entirely controlled by the safety controller and must not be used by the rest of the firmware
+
+
+*/