118 lines
3.6 KiB
C
118 lines
3.6 KiB
C
/**
|
|
* @file safety.h
|
|
* @brief Safety monitoring for temperature sensors.
|
|
*
|
|
* This module performs sanity checks on all temperature sensors and
|
|
* puts the system into a safe state if any sensor fails.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include "outputs.h"
|
|
#include "inputs.h"
|
|
|
|
#include "sdkconfig.h"
|
|
#include "esp_err.h"
|
|
|
|
#include <stdint.h>
|
|
|
|
/** @brief Maximum length of sensor name string. */
|
|
#define MAX_ERROR_STRING_SIZE 64U
|
|
|
|
/** @brief Number of sensors to monitor. */
|
|
#define NUMBER_OF_SENSOR_SANITY_CHECKS 4U
|
|
|
|
/** @brief Chamber sensor maximum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_CHAMBER_MAX (CONFIG_SENSOR_LIMIT_CHAMBER_MAX / 10.0f)
|
|
|
|
/** @brief Chamber sensor minimum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_CHAMBER_MIN (CONFIG_SENSOR_LIMIT_CHAMBER_MIN / 10.0f)
|
|
|
|
/** @brief Outdoor sensor maximum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_OUTDOOR_MAX (CONFIG_SENSOR_LIMIT_OUTDOOR_MAX / 10.0f)
|
|
|
|
/** @brief Outdoor sensor minimum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_OUTDOOR_MIN (CONFIG_SENSOR_LIMIT_OUTDOOR_MIN / 10.0f)
|
|
|
|
/** @brief Inlet flow sensor maximum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_INLET_MAX (CONFIG_SENSOR_LIMIT_INLET_MAX / 10.0f)
|
|
|
|
/** @brief Inlet flow sensor minimum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_INLET_MIN (CONFIG_SENSOR_LIMIT_INLET_MIN / 10.0f)
|
|
|
|
/** @brief Return flow sensor maximum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_RETURN_MAX (CONFIG_SENSOR_LIMIT_RETURN_MAX / 10.0f)
|
|
|
|
/** @brief Return flow sensor minimum temperature limit (°C). */
|
|
#define SENSOR_LIMIT_RETURN_MIN (CONFIG_SENSOR_LIMIT_RETURN_MIN / 10.0f)
|
|
|
|
/**
|
|
* @brief Sensor error state enumeration.
|
|
*/
|
|
typedef enum _SensorErrorState
|
|
{
|
|
SENSOR_NO_ERROR, /**< Sensor operating normally. */
|
|
SENSOR_TOO_HIGH, /**< Temperature above maximum limit. */
|
|
SENSOR_TOO_LOW, /**< Temperature below minimum limit. */
|
|
SENSOR_UNCHANGED, /**< Temperature unchanged for too long. */
|
|
SENSOR_NOT_FOUND /**< Sensor not responding. */
|
|
} eSensorErrorState;
|
|
|
|
/**
|
|
* @brief Overall safety state enumeration.
|
|
*/
|
|
typedef enum _SafetyState
|
|
{
|
|
SAFETY_NO_ERROR, /**< All sensors OK. */
|
|
SAFETY_SENSOR_ERROR, /**< At least one sensor failed. */
|
|
SAFETY_INTERNAL_ERROR /**< Internal module error. */
|
|
} eSafetyState;
|
|
|
|
/**
|
|
* @brief Function pointer type for sensor getter functions.
|
|
*/
|
|
typedef sMeasurement (*GetSensorValue)();
|
|
|
|
/**
|
|
* @brief Temperature sensor limits.
|
|
*/
|
|
typedef struct _TemperatureSensorLimit
|
|
{
|
|
float max; /**< Maximum temperature limit. */
|
|
float min; /**< Minimum temperature limit. */
|
|
} sTemperatureSensorLimit;
|
|
|
|
/**
|
|
* @brief Sensor sanity check state structure.
|
|
*/
|
|
typedef struct _SensorSanityCheck
|
|
{
|
|
eSensorErrorState state; /**< Current error state. */
|
|
char name[MAX_ERROR_STRING_SIZE]; /**< Sensor name for logging. */
|
|
sTemperatureSensorLimit sSensorLimit; /**< Temperature limits. */
|
|
float fSensorTemperatureLast; /**< Last temperature reading. */
|
|
uint32_t uUnchangedCounter; /**< Counter for unchanged readings. */
|
|
GetSensorValue getSensor; /**< Function to get sensor value. */
|
|
} sSensorSanityCheck;
|
|
|
|
/**
|
|
* @brief Initialize the safety module.
|
|
*
|
|
* Creates the safety monitoring task and sets initial safe state.
|
|
*
|
|
* @return ESP_OK on success, ESP_FAIL on error.
|
|
*/
|
|
esp_err_t initSafety(void);
|
|
|
|
/**
|
|
* @brief Get the current sensor sanity states.
|
|
* @param[out] pSensorSanityChecks Array to receive sensor states.
|
|
*/
|
|
void getSensorSanityStates(sSensorSanityCheck *pSensorSanityChecks);
|
|
|
|
/**
|
|
* @brief Get the overall safety state.
|
|
* @return eSafetyState indicating current safety status.
|
|
*/
|
|
eSafetyState getSafetyState(void);
|