Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

The power distribution system controls both LV and HV systems through the use of multiple LV power rails, some of which are considered protected. This means that they are powered by a supplemental battery, allowing system operation during a fault. This page covers how we handle the supplemental LV battery that powers those protected systems.

Supplemental Battery

By ASC regulations, we're allowed a single supplemental LV battery. Its use is very limited, and we're limited to non-lithium chemistries. We also need to have passive monitoring at a minimum, but a BMS would be ideal. Thus, we need to choose a chemistry and capacity that will safely handle the HV relay without being overly large and heavy. Our goal is to minimize the use of the supplemental battery other than initial connection of the HV battery relay and in fault scenarios.

In MSXI, we used a switch near the PJB that connected the supplemental battery as part of our power sequence. For MSXII, we have identified two strategies for managing the supplemental battery.

Strategy A

MSXII's firmware is designed to use an event-driven architecture, allowing the use of deep sleep modes. This allows us to sleep until an external event occurs, such as a button press or CAN message.

As a result, a possible strategy is to leave the supplemental battery permanently attached, especially since we're planning on attaching a small BMS to the power distribution board that can charge it during normal operation. When the car is off, most systems will be inactive and in a deep sleep state, so the average power consumption should be in the microamp range. This will keep all protected systems active. Thus, we can initiate the car's startup through the driver input board. Pressing the start button should wake up the driver input board, which then sends the power distribution board a CAN message to switch over to the DC-DC and begin the startup procedure. To recover the system in the case of a fault, pressing the start button again would reset the BMS.

This is similar to the approach we took in MSXI, although MSXI's implementation was much less granular and would drain the supplemental battery relatively quickly. Realistically, Chaos is the only board that truly requires an off state, as the other protected systems (Lights, Themis, Plutus) just delegate work to unprotected systems or react to events over CAN. Since it already requires active and fault states, the addition of an off state should not add too much extra work.

Strategy B

Using the start button as the physical connection between the supplemental battery and the power distribution board ensures that power will not be used unless the car is active or in a fault condition. The LV network would only ever be powered when the driver has pressed the start button, removing the need for an off state within the firmware of protected boards.

This strategy completely removes the need for an off state and ensures that the LV network will be inactive unless the driver has started the car. As a trade-off, it requires running another pair of wires up to the driver for the switch. It also requires modifying the fault logic of the supplemental BMS to differentiate between the disconnection of the supplemental battery to shut down the car and a low voltage fault. 

  • No labels