Versions Compared

Version Old Version 16 New Version 17
Changes made by

Aryan Kashem

Aryan Kashem

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Other Resources:
FWXIV BMS Carrier notes

BMS AFE Description

...

Components

  • Current Sense - connected via I2C, and provides current readings and cell temperature,

  • AFEs - 3 AFE boards, daisy-chained over iso-spi. These provide per-cell-unit voltage readings and Ambient temperature readings, as well as performing load balancing

  • Relays + killswitch monitoring - Positive and negative relays must both be closed for the battery to be connected to the rest of the car. Killswitch monitor reads state of manual killswitch to batteries

    • HV Neg relay

    • HV Pos Relay

    • HV Solar Relay

  • Fans - Used to provide cooling to batteries. Controlled via PWM and monitored for fault

Fault Conditions

These are all fault conditions which will trigger a BPS fault. They are split into Minor, in which the issue is likely to not be dangerous and the driver can take time coming to a stop, and Major in which the driver should exit the car as quickly as possible due to dangerous conditions or the potential for thermal runaway.

...

  • Undervoltage - One Cell Falls < 2.5V (minor)

  • Overvoltage - One cell > 4.5V (Major)

  • Balance - Across entire pack, if difference between max and min cells is > 0.05V (Major)

  • Temperature - if any thermistor reads > 60deg 50deg (Major)

    • Note: If thermistors read > 45deg40deg, open solar relay to disable charging, but this is not a fault

...

  • Overcurrent - reading > 58.2A (Minor)Temp > 60Deg (major)

Communication Errors

  • If we lose communication with AFEs or Current sense, need to BPS faultwarn the driver. Registering a fault here has caused many issues in our system.

KillSwitch

  • Will shutoff batteries by itself, but we will treat it as a BPS fault (minor) to ensure relays don't close after letting go of the button

Fault Enum - Bold are major faults, so they are grouped together:

BMS_FAULT_OVERVOLTAGE
BMS_FAULT_UNBALANCE
BMS_FAULT_OVERTEMP_AMBIENT
BMS_FAULT_COMMS_LOSS_AFE
BMS_FAULT_COMMS_LOSS_CURR_SENSE
BMS_FAULT_OVERTEMP_CELL
BMS_FAULT_OVERCURRENT
BMS_FAULT_UNDERVOLTAGE
BMS_FAULT_KILLSWITCH

Operation

FSM

The FSM has 3 states. RELAYS_OPEN (Off), RELAYS_CLOSED (On) and FAULT. When AUX is connected, BMS will be enabled and in Each state has a similar input function, in which all the checks for BMS are done. In the output functions of each function we will update the relay states depending on which transition is occurring.

RELAYS_OPEN:

  • Input:

    • Run all BMS checks (see below)

    • If checks return non-zero (fault has occurred) transition to FAULT

    • If we have received a close relays request from PD, transition to ON_STATE

  • Output

    • Relay sequence to open relays

RELAYS_CLOSED:

  • Input

    • BMS checks

    • If checks return non-zero (fault has occurred) transition to FAULT

    • If we have received an open relays request from PD, transition to ON_STATE

  • Output

    • Relay sequence to close relays

FAULT

...

Input

  • Continue to run BMS checks. We may need to upgrade a minor fault to a major fault

  • There is not transition out of FAULT, the car must be restarted

Output

...

BMS Checks

These are the checks that are done at every cycle in each FSM state, at the highest frequency possible. They should happen as follows. If any error is detected, we should exit our check function and transition to fault immediately. We also set the requisite bit in bms_status_bms_faults signal.

...

This will be a function called from master task medium cycle which will:

  • Check for fan faults based on the state of the fan fault pins

  • Update fan PWM based on temp readings

...

These are the actions needed to achieve a certain relay state:

OFF->ONWhen the car turns on:

  1. set HV_POS_RELAY_EN

  2. set HV_NEG_RELAY_EN

  3. set HV_SOLAR_RELAY_EN

...

  2. Check all sense pins to verify relays closed

If we fault, we can just open all at once (set *_EN to low). If we want to open the solar relay to prevent overcharging, we can set HV_SOLAR_RELAY_EN to low.

CAN Messages

BMS Status:

  • 16-bit fault bitset corresponding to ENUM above

  • 8-bit relay state (OFF/ON)

  • 8-bit Fan status fault bitset for Fan1 + 2

BMS Data - TBD:

The idea is to transmit data points for storage/telemetry:

...

cell voltages

...

cell temperatures

...

avg current

...

Expand
titleCAN Signals

TX:

  • battery_status

    • Fault bitset from ENUM

    • Aux Battery Voltage

    • AFE Status (Comms loss)

  • battery_info

    • Max Cell Voltage

    • Min Cell Voltage

  • battery_vt

    • Pack Voltage

    • Pack Current

    • Pack Temperature

    • Battery Percentage

  • AFE_Status_[1,2,3]

    • ID

    • AFE Temperature reading

    • Cell 1 Voltage

    • Cell 2 Voltage

    • Cell 3 Voltage

AFEs Additional info

The AFEs (analog front end) handle interactions with the main battery pack. There are multiple AFEs (LTC6811 chips) which handle reading cell voltages, reading thermistors to determine cell temperatures, and doing load balancing for the cells. These multiple AFE units are daisy-chained through one SPI interface. This SPI interface is interacted with the same as normal spi, but through hardware is translated to isoSPI and back to SPI for improved reliability.

...

The voltage measurement for the aux battery will be on the carrier to comply with the requirement that “battery protection circuitry” must be in the battery enclosure.

Aux Sense

Aux sense, used for the thermistors, is done on a per-cell basis. Essentially, each read is done for an individual input thermistor. Due to the daisy-chain, this result will be the width of readings*x afes.

This reading must be initiated repeatedly for the number of thermistors connected to the afes

...

titleOld design

AFE FSM

The LTC AFE FSM is responsible for handling the different states required for generating cell sense and a data (cell voltages) as well as aux data (thermistor readings). Once it is initialized, it will start reading cell sense values from the ltc6811, processing these values, and then doing the same for thermistor values in a continuous cycle.

LTC AFE Driver FSM Structure:

States:

  • LTC_AFE_IDLE (TBD)

    • Only needed if we need to execute error functionality while not running commands on the ltc6811

  • LTC_AFE_TRIGGER_CELL_CONV

    • Trigger conversion of voltage values

    • Output:

      • Send command to start conversion of cell voltage values

    • Input func:

      • Check to see if 10ms has passed

      • Transition to read cells

  • LTC_AFE_READ_CELLS

    • Output function:

      • SPI exchange to read/store all cell values, store in results array

      • Check for faults in readings

      • Input function transitions to aux conversion assuming no faults

  • LTC_AFE_TRIGGER_AUX_CONV

    • Output:

      • Send command to start read temperature values of a cell (we should maybe change to set of cells)

    • Input

      • Transition to read aux if 6 ms have passed

  • LTC_AFE_READ_AUX

    • Output:

      • Read current cell, increment cell number

    • Input

      • if cell number == number of cells, aux is done reading → transition to complete

      • else transition back to trigger aux conversion for next conversion

  • LTC_AUX_COMPLETE

Fault Behaviour:

Just transition to Idle for now. We will signal main BMS if an error occurs

Transitions:

LTC_AFE_TRIGGER_CELL_CONV → LTC_AFE_READ_CELLS

LTC_AFE_READ_CELLS → LTC_AFE_TRIGGER_AUX_CONV

LTC_AFE_READ_CELLS → LTC_AFE_READ_CELLS

LTC_AFE_TRIGGER_AUX_CONV → LTC_AFE_READ_AUX

LTC_AFE_READ_AUX → LTC_AFE_TRIGGER_AUX_CONV

LTC_AFE_READ_AUX → LTC_AFE_AUX_COMPLETE

LTC_AFE_READ_AUX → LTC_AFE_READ_AUX

LTC_AFE_AUX_COMPLETE → LTC_AFE_TRIGGER_CELL_CONV

Transitions continue in this loop format for the entirety of the time that BMS is operational.

The states should also be able to transition to and from LTC_AFE_STATE_IDLE if this is how we decide to operate our error states.

AFE Discharge/Load Balancing

...

Voltage goes through a voltage divider circuit into an ADC pin. Firmware calculates the input voltage of the circuit.