Versions Compared

Version Old Version 9 New Version 10
Changes made by

Mitchell Langdon Ostler

Mitchell Langdon Ostler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Overcurrent - reading > 58.2A (Minor)

  • Temp > 60Deg (major)

Communication Errors

  • If we lose communication with AFEs or Current sense, need to BPS fault

KillSwitch

  • Will shutoff batteries by itself, but we will treat it as a BPS fault (minor)

Fault Enum - Bold are major faults, so they are grouped together:

BMS_FAULT_OVERVOLTAGE
BMS_FAULT_UNBALANCE
BMS_FAULT_OVERTEMP_AMBIENT
BMS_FAULT_COMMS_LOSS_AFE
BMS_FAULT_COMMS_LOSS_CURR_SENSE
BMS_FAULT_OVERTEMP_CELL
BMS_FAULT_OVERCURRENT
BMS_FAULT_UNDERVOLTAGE
BMS_FAULT_KILLSWITCH

Operation

FSM

BMS carrier sends/receives messages, which help it start up and operate properly.

Startup

  1. Car turns on to power main or power aux, BMS board receives power from Aux

  2. On startup, do all initial checks that are possible

  3. If everything checks out, start transmitting BPS heartbeat to indicate successful startup

  4. Wait for message from Centre Console to close relays

  5. Close relays

  6. Continue to monitor and send BPS heartbeat messages, data, in normal operation

Shutdown

  1. Centre console (when power off is pressed) will send a close relays message

  2. Centre console will cut power to BMS via Power distribution once it has confirmed that relays are closed

Faults

AFEs

Current Sense

Fan Faults

Data Output

(this is just documentation on what was done in FW14, and is subject to change)

BMS Outputs the following over the CAN busThe FSM has 3 states. RELAYS_OPEN (Off), RELAYS_CLOSED (On) and FAULT. When AUX is connected, BMS will be enabled and in Each state has a similar input function, in which all the checks for BMS are done. In the output functions of each function we will update the relay states depending on which transition is occurring.

RELAYS_OPEN:

  • Input:

    • Run all BMS checks (see below)

    • If checks return non-zero (fault has occurred) transition to FAULT

    • If we have received a close relays request from PD, transition to ON_STATE

  • Output

    • Relay sequence to open relays

RELAYS_CLOSED:

  • Input

    • BMS checks

    • If checks return non-zero (fault has occurred) transition to FAULT

    • If we have received an open relays request from PD, transition to ON_STATE

  • Output

    • Relay sequence to close relays

FAULT

  • Input

    • Continue to run BMS checks. We may need to upgrade a minor fault to a major fault

    • There is not transition out of FAULT, the car must be restarted

  • Output

    • Relay sequence to open relays

BMS Checks

These are the checks that are done at every cycle in each FSM state, at the highest frequency possible. They should happen as follows. If any error is detected, we should exit our check function and transition to fault immediately. We also set the requisite bit in bms_status_bms_faults signal.

  • Check for CS_FAULT state set to high

  • Trigger Cell Voltage conversions

    • Record start time, need to wait 10ms before reading back values

  • Perform current sense read and check

  • Perform AFE voltage sense and check

We also need to do an AFE Temp check, but this does not need to happen every cycle. We can reduce this to every 5 cycles.

Communication Loss: We will keep a running count of communication errors separately for AFEs and Current sense (CRC invalid, no data returned, etc). If 3 occur, we BPS fault.

Shared Memory

Readings from the AFEs and current sense should be stored into a struct shared between the BMS FSM and master task. This will allow for Fan monitor to access temp data, and any data broadcasting to happen from master task

Fan Monitor

This will be a function called from master task medium cycle which will:

  • Check for fan faults based on the state of the fan fault pins

  • Update fan PWM based on temp readings

Relay Sequence

These are the actions needed to achieve a certain relay state:

OFF->ON:

CAN Messages

BMS Status:

  • 16-bit fault bitset corresponding to ENUM above

  • 8-bit relay state (OFF/ON)

  • 8-bit Fan status fault bitset for Fan1 + 2

BMS Data - TBD:

The idea is to transmit data points for storage/telemetry:

  • cell voltages

  • cell temperatures

  • avg current

  • avg voltage

  • relay states

  • fan states

AFEs Additional info

The AFEs (analog front end) handle interactions with the main battery pack. There are multiple AFEs (LTC6811 chips) which handle reading cell voltages, reading thermistors to determine cell temperatures, and doing load balancing for the cells. These multiple AFE units are daisy-chained through one SPI interface. This SPI interface is interacted with the same as normal spi, but through hardware is translated to isoSPI and back to SPI for improved reliability.

...

AFE readings are taken via the daisy-chain method, meaning that a read of a certain register on one AFE will be replied to with the values of all of the AFEs connected. (For example, the reading of the voltage register A of one of the AFE will be replied to with x 64 bit readings, where x is the number of AFEs connected)

Cell Sense

Cell sense readings happen in ltc_afe_impl_read_cells. Essentially, we iterate through the number of voltage registers (4) and for each we read the 3 uint16_t voltages and one 16-bit Packet Error Check from each of the AFEs at this register. These results are then placed at the correct position in the cell_voltages array based on the cell_bitset and cell_result_lookup

...

This reading must be initiated repeatedly for the number of thermistors connected to the afes

Expand
titleOld design

AFE FSM

The LTC AFE FSM is responsible for handling the different states required for generating cell sense and a data (cell voltages) as well as aux data (thermistor readings). Once it is initialized, it will start reading cell sense values from the ltc6811, processing these values, and then doing the same for thermistor values in a continuous cycle.

LTC AFE Driver FSM Structure:

States:

  • LTC_AFE_IDLE (TBD)

    • Only needed if we need to execute error functionality while not running commands on the ltc6811

  • LTC_AFE_TRIGGER_CELL_CONV

    • Trigger conversion of voltage values

    • Output:

      • Send command to start conversion of cell voltage values

    • Input func:

      • Check to see if 10ms has passed

      • Transition to read cells

  • LTC_AFE_READ_CELLS

    • Output function:

      • SPI exchange to read/store all cell values, store in results array

      • Check for faults in readings

      • Input function transitions to aux conversion assuming no faults

  • LTC_AFE_TRIGGER_AUX_CONV

    • Output:

      • Send command to start read temperature values of a cell (we should maybe change to set of cells)

    • Input

      • Transition to read aux if 6 ms have passed

  • LTC_AFE_READ_AUX

    • Output:

      • Read current cell, increment cell number

    • Input

      • if cell number == number of cells, aux is done reading → transition to complete

      • else transition back to trigger aux conversion for next conversion

  • LTC_AUX_COMPLETE

Fault Behaviour:

Just transition to Idle for now. We will signal main BMS if an error occurs

Transitions:

LTC_AFE_TRIGGER_CELL_CONV → LTC_AFE_READ_CELLS

LTC_AFE_READ_CELLS → LTC_AFE_TRIGGER_AUX_CONV

LTC_AFE_READ_CELLS → LTC_AFE_READ_CELLS

LTC_AFE_TRIGGER_AUX_CONV → LTC_AFE_READ_AUX

LTC_AFE_READ_AUX → LTC_AFE_TRIGGER_AUX_CONV

LTC_AFE_READ_AUX → LTC_AFE_AUX_COMPLETE

LTC_AFE_READ_AUX → LTC_AFE_READ_AUX

LTC_AFE_AUX_COMPLETE → LTC_AFE_TRIGGER_CELL_CONV

Transitions continue in this loop format for the entirety of the time that BMS is operational.

The states should also be able to transition to and from LTC_AFE_STATE_IDLE if this is how we decide to operate our error states.

AFE Discharge/Load Balancing

Based on the results received, we iterate through and determine what the minimum and maximum voltage values are per cell. We are checking for a difference