1. Home
  2. Embedded Programming
  3. Where would you protect this control system?
  4. Page 2

Where would you protect this control system?

"Software crashes"??

Sorry, we don't do s/w crashes.

Steve

formatting link

Reply to
Steve at fivetrees
Loading thread data ...

Yes, Bill. Now come down out of the tree.

> 
--
  Keith
Reply to
krw

Yes. Whether the watchdog sensors are duplicates of the control loop encoders, or simpler binary sensors (like limit switches), the loss of any control loop sensors or s/w problems will be caught by the watchdog. That's the point of keeping the watchdog seperated from the control loop.

--
Paul Hovnanian     mailto:Paul@Hovnanian.com
------------------------------------------------------------------
Programmers don't die, they just GOSUB without RETURN.
Reply to
Paul Hovnanian P.E.

Or add extra encoders for 'keep out' positions and slam the valves shut when in these positions. Might not be possible, but it could be simple.

Thomas

Reply to
Zak

yes, that too would work, but remember encoders are WAY more expensive than CPLDs, and also much harder to re-configure.

To beef up the CPLD integrity, I'd add a wdog on the Absolute encoder LSB, which covers the likely things like cables unplugged, loss of power to the encoder etc.

-jg

Reply to
Jim Granville

I vote for a simple L-C frequency filter, to detect the watchdog "tickle" signal. As simple as it gets: I used such a scheme on a railway wagon once, where failure could have derailed the train. Just peak-rectify the filtered signal (it's now a sinewave), & apply to a point as far down the output chain as possible. We used it to bias-on a FET in series with the outputs (ours were safe when off).

Thus, the WDT must include

This was used on the old 14-inch disk drives, where a head crash on to the disk was invariably catastrophic. Loss of spindle speed fired an SCR, which dumped the supply capacitors into the voice coil, slamming the head carriage back into its stop. You learned, working on those,

*never* to put your hand in way of the carriage...
Reply to
David R Brooks

Hi! Worst case scenario, (big sign of APPLAUSE! goes up and MR.Murphy takes a bow), is when your timing goes bunkers and valves and pistons occupy the same volume for few turns. I would recommend an ability of resting engine to have ALL valves in, relaxed, closed position till recognising the flywheel timing sensor to start the timings. Then on ANY possible fault in the working of the system "relax" the activating of valves. At least it will stop the mechanical damage. (Note: Why don't you use an old style engine where those things were unknown till the time that you have working(?) system?) To sense and recognise whatever fault in a system which includes multitude of electrical, mechanical and electronic components is the proverbial "rocket science". (Shuttle?) Been there, done it and bellieve me KISS has its value.

Good luck and have fun.

Stanislaw Slack user from Ulladulla.

Reply to
Stanislaw Flatto

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.