BMS carrier is the board which is responsible for monitoring and managing the main battery pack. It interfaces with the AFE (analog front end) board and the Current Sense board to get readings from the main pack.
Other Resources:
FWXIV BMS Carrier notes
...
Components
Current Sense - connected via I2C, and provides current readings and cell ambient temperature,
AFEs - 3 AFE boards, daisy-chained over iso-spi. These provide per-cell-unit voltage readings and Ambient cell temperature readings, as well as performing perform load balancing
Relays + killswitch monitoring - Positive and negative relays must both be closed for the battery to be connected to the rest of the car. Killswitch monitor reads state of manual killswitch to batteries
HV Neg relay
HV Pos Relay
HV Solar Relay
Fans - Used to provide cooling to batteries. Controlled via PWM and monitored for fault
Fault Conditions
These are all fault conditions which will trigger a BPS fault. They are split into Minor, in which the issue is likely to not be dangerous and the driver can take time coming to a stop, and Major in which the driver should exit the car as quickly as possible due to dangerous conditions or the potential for thermal runaway.
...
Undervoltage - One Cell Falls < 2.5V (minor)
Overvoltage - One cell > 4.5V (Major) Balance - Across entire pack, if difference between max and min cells is > 0.05V (Major)
Temperature - if any thermistor reads > 60deg 50deg (Major)
Note: If thermistors read > 45deg40deg, open solar relay to disable charging, but this is not a fault
...
Overcurrent - reading > 58.2A (Minor)Temp > 60Deg (major)
Communication Errors
If we lose communication with AFEs or Current sense, need to warn the driver. Registering a fault here has caused many issues in our system.
KillSwitch
Will shutoff batteries by itself, but we will treat it as a BPS fault (minor)
Operation
BMS carrier sends/receives messages, which help it start up and operate properly.
Startup
Car turns on to power main or power aux, BMS board receives power from Aux
On startup, do all initial checks that are possible
If everything checks out, start transmitting BPS heartbeat to indicate successful startup
Wait for message from Centre Console to close relays
Close relays
Continue to monitor and send BPS heartbeat messages, data, in normal operation
Shutdown
Centre console (when power off is pressed) will send a close relays message
Centre console will cut power to BMS via Power distribution once it has confirmed that relays are closed
Faults
AFEs
Current Sense
Fan Faults
Data Output
(this is just documentation on what was done in FW14, and is subject to change)
BMS Outputs the following over the CAN bus:
cell voltages
cell temperatures
avg current
avg voltage
relay states
fan states
...
to ensure relays don't close after letting go of the button
Fault Enum - Bold are major faults, so they are grouped together:
BMS_FAULT_OVERVOLTAGE
BMS_FAULT_UNBALANCE
BMS_FAULT_OVERTEMP_AMBIENT
BMS_FAULT_COMMS_LOSS_AFE
BMS_FAULT_COMMS_LOSS_CURR_SENSE
BMS_FAULT_OVERTEMP_CELL
BMS_FAULT_OVERCURRENT
BMS_FAULT_UNDERVOLTAGE
BMS_FAULT_KILLSWITCH
Operation
BMS Checks
These are the checks that are done at every cycle in each FSM state, at the highest frequency possible. They should happen as follows. If any error is detected, we should exit our check function and transition to fault immediately. We also set the requisite bit in bms_status_bms_faults signal.
Check for CS_FAULT state set to high
Trigger Cell Voltage conversions
Record start time, need to wait 10ms before reading back values
Perform current sense read and check
Perform AFE voltage sense and check
We also need to do an AFE Temp check, but this does not need to happen every cycle. We can reduce this to every 5 cycles.
Communication Loss: We will keep a running count of communication errors separately for AFEs and Current sense (CRC invalid, no data returned, etc). If 3 occur, we BPS fault.
Shared Memory
Readings from the AFEs and current sense should be stored into a struct shared between the BMS FSM and master task. This will allow for Fan monitor to access temp data, and any data broadcasting to happen from master task
Fan Monitor
This will be a function called from master task medium cycle which will:
Update fan PWM based on temp readings
Relay Sequence
These are the actions needed to achieve a certain relay state:
When the car turns on:
set HV_POS_RELAY_EN
set HV_NEG_RELAY_EN
set HV_SOLAR_RELAY_EN
Check all sense pins to verify relays closed
If we fault, we can open all at once (set *_EN to low). If we want to open the solar relay to prevent overcharging, we can set HV_SOLAR_RELAY_EN to low.
| Expand | ||
|---|---|---|
| ||
TX:
|
AFEs Additional info
The AFEs (analog front end) handle interactions with the main battery pack. There are multiple AFEs (LTC6811 chips) which handle reading cell voltages, reading thermistors to determine cell temperatures, and doing load balancing for the cells. These multiple AFE units are daisy-chained through one SPI interface. This SPI interface is interacted with the same as normal spi, but through hardware is translated to isoSPI and back to SPI for improved reliability. We do this because of the high potential differences and different grounds on BMS and AFE boards.
AFE Configuration
The AFE operation revolves around two main data structures.
...
The storage struct holds the information from the settings, as well as memory for all of the readings taken.
AFE Readings
AFE readings are taken via the daisy-chain method, meaning that a read of a certain register on one AFE will be replied to with the values of all of the AFEs connected. (For example, the reading of the voltage register A of one of the AFE will be replied to with x 64 bit readings, where x is the number of AFEs connected)
Cell Sense
Cell sense readings happen in ltc_afe_impl_read_cells. Essentially, we iterate through the number of voltage registers (4) and for each we read the 3 uint16_t voltages and one 16-bit Packet Error Check from each of the AFEs at this register. These results are then placed at the correct position in the cell_voltages array based on the cell_bitset and cell_result_lookup
Aux Sense
Aux sense, used for the thermistors, is done on a per-cell basis. Essentially, each read is done for an individual input thermistor. Due to the daisy-chain, this result will be the width of readings*x afes.
This reading must be initiated repeatedly for the number of thermistors connected to the afes
AFE FSM
The LTC AFE FSM is responsible for handling the different states required for generating cell sense and a data (cell voltages) as well as aux data (thermistor readings). Once it is initialized, it will start reading cell sense values from the ltc6811, processing these values, and then doing the same for thermistor values in a continuous cycle.
LTC AFE Driver FSM Structure:
States:
LTC_AFE_IDLE (TBD)
Only needed if we need to execute error functionality while not running commands on the ltc6811
LTC_AFE_TRIGGER_CELL_CONV
Trigger conversion of voltage values
Output:
Send command to start conversion of cell voltage values
Input func:
Check to see if 10ms has passed
Transition to read cells
LTC_AFE_READ_CELLS
Output function:
SPI exchange to read/store all cell values, store in results array
Check for faults in readings
Input function transitions to aux conversion assuming no faults
LTC_AFE_TRIGGER_AUX_CONV
Output:
Send command to start read temperature values of a cell (we should maybe change to set of cells)
Input
Transition to read aux if 6 ms have passed
LTC_AFE_READ_AUX
Output:
Read current cell, increment cell number
Input
if cell number == number of cells, aux is done reading → transition to complete
else transition back to trigger aux conversion for next conversion
LTC_AUX_COMPLETE
Fault Behaviour:
Just transition to Idle for now. We will signal main BMS if an error occurs
Transitions:
LTC_AFE_TRIGGER_CELL_CONV → LTC_AFE_READ_CELLS
LTC_AFE_READ_CELLS → LTC_AFE_TRIGGER_AUX_CONV
LTC_AFE_READ_CELLS → LTC_AFE_READ_CELLS
LTC_AFE_TRIGGER_AUX_CONV → LTC_AFE_READ_AUX
LTC_AFE_READ_AUX → LTC_AFE_TRIGGER_AUX_CONV
LTC_AFE_READ_AUX → LTC_AFE_AUX_COMPLETE
LTC_AFE_READ_AUX → LTC_AFE_READ_AUX
LTC_AFE_AUX_COMPLETE → LTC_AFE_TRIGGER_CELL_CONV
Transitions continue in this loop format for the entirety of the time that BMS is operational.
The states should also be able to transition to and from LTC_AFE_STATE_IDLE if this is how we decide to operate our error states.
AFE Discharge/Load Balancing
Based on the results received, we iterate through and determine what the minimum and maximum voltage values are per cell. We are checking for a difference Cell Balancing
The goal of cell balancing is to ensure that we fully utilize the capacity of our pack. It is most important while charging, since the pack stops charging when the highest cell voltage reaches the charge limit. Thus, we don’t want to stop charging when once cell reaches the limit but a bunch of other cells are far below the limit. The cells are therefore balanced by discharging cells that have voltages which are too high, allowing all cells to come up to full charge.
Under high current load, differences between the internal resistance of the cells can cause the voltages to read different values when not actually at different states of charge. Based on the above, the proposed behaviour is as follows:
Min cell voltage < 4.0V or pack current draw > 10A
Balance to within 25mV (discharge everything 25mV above min voltage)
Min cell voltage < 4.15V
Balance to within 10mV (discharge everything 10mV above min voltage)
Min cell voltage > 4.15V
Balance to the highest possible accuracy (set to 2mV for now, can tune later)
Aux Voltage Sense
The voltage measurement for the aux battery will be on the carrier to comply with the requirement that “battery protection circuitry” must be in the battery enclosure. Voltage goes through a voltage divider circuit into an ADC pin. Firmware calculates the input voltage of the circuit.