Versions Compared

Version Old Version 44 New Version 45
Changes made by

Aryan Kashem

Aryan Kashem

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Validation Steps

Initial Conditions

Outputs

  •  Outputs correct for each output group

Check for each power state, ensure only the correct outputs are set

  •  POWER_FSM_OUTPUT_OFF
  •  POWER_FSM_OUTPUT_ON
  •  POWER_FSM_OUTPUT_DRIVE
  •  POWER_FSM_OUTPUT_FAULT

  •  LIGHTS_OUTPUT_BPS
  •  LIGHTS_OUTPUT_LEFT
  •  LIGHTS_OUTPUT_RIGHT
  •  LIGHTS_OUTPUT_HAZARDS

N/A

See Power Distribution Design doc for expected outputs

  •  FSM Initial State

On startup, output group enabled is POWER_FSM_OUTPUT_OFF

Initial Power On

Initial state is Power FSM OFF (BMS and Centre Console Outputs Enabled)

LOG: STATE = POWER_OFF

  •  POWER_OFF → TRANSMIT_BMS_CLOSE_RELAYS

Both centre console messages

  •  EE_CC_PWR_CTL_EVENT_BTN_AND_BRAKE and
  •  EE_CC_PWR_CTL_EVENT_BTN

should cause a transition to TRANSMIT_BMS_CLOSE_RELAYS. After 3sec with no relay message, we should return to POWER_OFF

From POWER_OFF send
cc_power_control_power_event == EE_CC_PWR_CTL_EVENT_BTN or BTN_AND_BRAKE

CAN TX: relay_request_set_relays == EE_RELAY_STATE_CLOSED

LOG: STATE = BMS_RELAYS

after 3 seconds

LOG: STATE = POWER OFF

OUTPUT: POWER_OFF

  •  POWER_OFF TO POWER_ON

If PD receives a PWR_CTL_EVENT_BTN and then a relays_closed state from BMS, we should transition to POWER_ON, and stay there

From POWER_OFF send
cc_power_control_power_event == EE_CC_PWR_CTL_EVENT_BTN

and battery_relay_info_state == EE_RELAY_STATE_CLOSED

CAN_TX:

  • power_info_power_state == EE_POWER_ON_STATE

LOG: Transitioned to DRIVE STATE

OUTPUT: POWER_ON

  •  POWER_ON to POWER_OFF

Centre console message

  •  EE_CC_PWR_CTL_EVENT_BTN

should cause a transition to POWER_OFF

From POWER_ON, send either of the two PWR_CTL_EVENTS to the controller board

CAN_TX:

  • power_info_power_state == EE_POWER_OFF_STATE

  • relay_request_set_relays == EE_RELAY_STATE_OPEN

LOG: Transitioned to OFF STATE

OUTPUT: POWER_OFF

  •  POWER_ON to TURN_ON_DRIVE_OUTPUTS

If we receive EE_CC_PWR_CTL_EVENT_BTN_AND_BRAKE in POWER_ON state, we should transition to TURN_ON_DRIVE_OUTPUTS. If we don’t receive a message from MCI, we should return to POWER_ON

From POWER_ON, send EE_CC_PWR_CTL_EVENT_BTN_AND_BRAKE. We should transition to TURN_ON_DRIVE_OUTPUTS which sets the output group to POWER_DRIVE, and then after 3 cycles return to POWER_ON

CAN_TX:

  • power_info_power_state == EE_POWER_ON_STATE (This should not change, as we have not completed transition to POWER_ON)

LOG: transition to TURN_ON_OUTPUTS

OUTPUT: POWER_DRIVE

*after 3 cycle timeout*

LOG: transition to POWER_ON

OUTPUT: POWER_ON

  •  POWER_OFF to POWER_DRIVE through POWER_ON

A successful transition to POWER_DRIVE from POWER_OFF requires the following in order:

  • EE_CC_PWR_CTL_EVENT_BTN received

  • battery_relay_info_state == EE_RELAY_STATE_CLOSED received

  • EE_CC_PWR_CTL_EVENT_BTN

Start in POWER_OFF, send 3 messages described

CAN_TX: (each updated state will send a new message)

  • power_info_power_state == EE_POWER_OFF_STATE

  • power_info_power_state == EE_POWER_ON_STATE

  • power_info_power_state == EE_POWER_DRIVE_STATE

  •  POWER_DRIVE to POWER_OFF

If we are in power drive, and we receive either PWR_CTL_EVENT, we should transition to POWER_ON. receiving a second event (EE_CC_PWR_CTL_EVENT_BTN without brake) will transition us to POWER_OFF

Start in POWER_DRIVE. Send:

  1. EE_CC_PWR_CTL_EVENT_BTN or EE_CC_PWR_CTL_EVENT_BTN_AND_BRAKE

  2. EE_CC_PWR_CTL_EVENT_BTN

CAN_TX: (each updated state will send a new message)

  • power_info_power_state == EE_POWER_DRIVE_STATE

  • power_info_power_state == EE_POWER_ON_STATE

  • power_info_power_state ==

  • EE_POWER_OFF_STATE

LOG (look for each state printed as we transition)

  • DRIVE

  • ON

  • OFF

  •  POWER_DRIVE to POWER_ON to POWER_DRIVE

If we are in power drive, and we receive either PWR_CTL_EVENT, we should transition to POWER_ON. Receiving EE_CC_PWR_CTL_EVENT_BTN_AND_BRAKE should send us back to POWER_DRIVE

Start in POWER_DRIVE. Send:

  1. EE_CC_PWR_CTL_EVENT_BTN or EE_CC_PWR_CTL_EVENT_BTN_AND_BRAKE

  2. EE_CC_PWR_CTL_EVENT_BTN_AND_BRAKE

Fault Conditions

Faults occur, only when we lose communication with BMS. For each state, we need to see that it successfully transitions to fault on not receiving the BMS Message

  •  POWER_OFF → POWER FAULT

On startup, if no BMS status message is received for 3 cycles we should automatically transition to the fault state

Start in POWER_OFF (automatically done on startup)

  •  BMS_RELAYS → POWER FAULT

if no BMS status message is received for 3 cycles we should automatically transition to the fault state

Start in BMS_RELAYS

  •  POWER_ON-> POWER_FAULT

if no BMS status message is received for 3 cycles we should automatically transition to the fault state

Start in POWER_ON

  •  TURN_ON_DRIVE_OUTPUTS → POWER_FAULT

if no BMS status message is received for 3 cycles we should automatically transition to the fault state

Start in TURN_ON_DRIVE_OUTPUTS

  •  POWER_DRIVE → POWER_FAULT

if no BMS status message is received for 3 cycles we should automatically transition to the fault state

Start in POWER_DRIVE


...