STR extensions #798
@ -22,6 +22,8 @@ will consitute of a breaking change warranting a new major release:
|
|||||||
CFDP interface.
|
CFDP interface.
|
||||||
- Proper back pressure handling for the CFDP handler, where the `LiveTmTask` is able to throttle
|
- Proper back pressure handling for the CFDP handler, where the `LiveTmTask` is able to throttle
|
||||||
the CFDP handler.
|
the CFDP handler.
|
||||||
|
- The EIVE system will command the payload OFF explicitely again when receiving the
|
||||||
|
`power::POWER_LEVEL_CRITICAL` event.
|
||||||
|
|
||||||
## Fixed
|
## Fixed
|
||||||
|
|
||||||
@ -36,6 +38,11 @@ will consitute of a breaking change warranting a new major release:
|
|||||||
is not in normal mode.
|
is not in normal mode.
|
||||||
- MPSoC debug mode.
|
- MPSoC debug mode.
|
||||||
|
|
||||||
|
## Changed
|
||||||
|
|
||||||
|
- Added a 3 second delay in the EIVE system between commanding all PL components except the SUPV,
|
||||||
|
and the SUPV itself OFF when the power level becomes low or critical.
|
||||||
|
|
||||||
# [v7.1.0] 2023-10-11
|
# [v7.1.0] 2023-10-11
|
||||||
|
|
||||||
- Bumped `eive-tmtc` to v5.8.0.
|
- Bumped `eive-tmtc` to v5.8.0.
|
||||||
|
@ -70,6 +70,9 @@ void EiveSystem::performChildOperation() {
|
|||||||
}
|
}
|
||||||
pdecRecoveryLogic();
|
pdecRecoveryLogic();
|
||||||
i2cRecoveryLogic();
|
i2cRecoveryLogic();
|
||||||
|
if (forcePlOffState != ForcePlOffState::NONE) {
|
||||||
|
forceOffPayload();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ReturnValue_t EiveSystem::initialize() {
|
ReturnValue_t EiveSystem::initialize() {
|
||||||
@ -203,10 +206,14 @@ void EiveSystem::handleEventMessages() {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case power::POWER_LEVEL_LOW: {
|
case power::POWER_LEVEL_LOW: {
|
||||||
forceOffPayload();
|
forcePlOffState = ForcePlOffState::FORCE_ALL_EXCEPT_SUPV_OFF;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case power::POWER_LEVEL_CRITICAL:
|
case power::POWER_LEVEL_CRITICAL: {
|
||||||
|
// Force payload off in any case. It really should not be on when the power level
|
||||||
|
// becomes critical, but better be safe than sorry..
|
||||||
|
forcePlOffState = ForcePlOffState::FORCE_ALL_EXCEPT_SUPV_OFF;
|
||||||
|
// Also set the STR assembly to faulty, which should cause a fallback to SAFE mode.
|
||||||
CommandMessage msg;
|
CommandMessage msg;
|
||||||
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
||||||
ReturnValue_t result = MessageQueueSenderIF::sendMessage(
|
ReturnValue_t result = MessageQueueSenderIF::sendMessage(
|
||||||
@ -216,6 +223,7 @@ void EiveSystem::handleEventMessages() {
|
|||||||
<< std::endl;
|
<< std::endl;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
@ -403,37 +411,45 @@ void EiveSystem::pdecRecoveryLogic() {
|
|||||||
|
|
||||||
void EiveSystem::forceOffPayload() {
|
void EiveSystem::forceOffPayload() {
|
||||||
CommandMessage msg;
|
CommandMessage msg;
|
||||||
|
ReturnValue_t result;
|
||||||
// set PL to faulty
|
// set PL to faulty
|
||||||
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
||||||
|
|
||||||
ReturnValue_t result = commandQueue->sendMessage(plPcduQueueId, &msg);
|
if (forcePlOffState == ForcePlOffState::FORCE_ALL_EXCEPT_SUPV_OFF) {
|
||||||
if (result != returnvalue::OK) {
|
result = commandQueue->sendMessage(plocMpsocQueueId, &msg);
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PL PCDU failed" << std::endl;
|
if (result != returnvalue::OK) {
|
||||||
|
sif::error << "EIVE System: Sending FAULTY command to PLOC MPSOC failed" << std::endl;
|
||||||
|
}
|
||||||
|
result = commandQueue->sendMessage(cameraQueueId, &msg);
|
||||||
|
if (result != returnvalue::OK) {
|
||||||
|
sif::error << "EIVE System: Sending FAULTY command to PL CAM failed" << std::endl;
|
||||||
|
}
|
||||||
|
result = commandQueue->sendMessage(scexQueueId, &msg);
|
||||||
|
if (result != returnvalue::OK) {
|
||||||
|
sif::error << "EIVE System: Sending FAULTY command to SCEX failed" << std::endl;
|
||||||
|
}
|
||||||
|
result = commandQueue->sendMessage(radSensorQueueId, &msg);
|
||||||
|
if (result != returnvalue::OK) {
|
||||||
|
sif::error << "EIVE System: Sending FAULTY command to RAD SENSOR failed" << std::endl;
|
||||||
|
}
|
||||||
|
result = commandQueue->sendMessage(plPcduQueueId, &msg);
|
||||||
|
if (result != returnvalue::OK) {
|
||||||
|
sif::error << "EIVE System: Sending FAULTY command to PL PCDU failed" << std::endl;
|
||||||
|
}
|
||||||
|
forcePlOffState = ForcePlOffState::WAITING;
|
||||||
|
supvOffDelay.resetTimer();
|
||||||
}
|
}
|
||||||
|
|
||||||
result = commandQueue->sendMessage(plocMpsocQueueId, &msg);
|
if (forcePlOffState == ForcePlOffState::WAITING and supvOffDelay.hasTimedOut()) {
|
||||||
if (result != returnvalue::OK) {
|
forcePlOffState = ForcePlOffState::FORCE_SUPV_OFF;
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PLOC MPSOC failed" << std::endl;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
result = commandQueue->sendMessage(plocSupervisorQueueId, &msg);
|
if (forcePlOffState == ForcePlOffState::FORCE_SUPV_OFF) {
|
||||||
if (result != returnvalue::OK) {
|
result = commandQueue->sendMessage(plocSupervisorQueueId, &msg);
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PLOC SUPERVISOR failed" << std::endl;
|
if (result != returnvalue::OK) {
|
||||||
}
|
sif::error << "EIVE System: Sending FAULTY command to PLOC SUPERVISOR failed" << std::endl;
|
||||||
|
}
|
||||||
result = commandQueue->sendMessage(cameraQueueId, &msg);
|
forcePlOffState = ForcePlOffState::NONE;
|
||||||
if (result != returnvalue::OK) {
|
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PL CAM failed" << std::endl;
|
|
||||||
}
|
|
||||||
|
|
||||||
result = commandQueue->sendMessage(scexQueueId, &msg);
|
|
||||||
if (result != returnvalue::OK) {
|
|
||||||
sif::error << "EIVE System: Sending FAULTY command to SCEX failed" << std::endl;
|
|
||||||
}
|
|
||||||
|
|
||||||
result = commandQueue->sendMessage(radSensorQueueId, &msg);
|
|
||||||
if (result != returnvalue::OK) {
|
|
||||||
sif::error << "EIVE System: Sending FAULTY command to RAD SENSOR failed" << std::endl;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -22,6 +22,12 @@ class EiveSystem : public Subsystem, public HasActionsIF {
|
|||||||
[[nodiscard]] MessageQueueId_t getCommandQueue() const override;
|
[[nodiscard]] MessageQueueId_t getCommandQueue() const override;
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
enum class ForcePlOffState {
|
||||||
|
NONE,
|
||||||
|
FORCE_ALL_EXCEPT_SUPV_OFF,
|
||||||
|
WAITING,
|
||||||
|
FORCE_SUPV_OFF
|
||||||
|
} forcePlOffState = ForcePlOffState::NONE;
|
||||||
enum class I2cRebootState {
|
enum class I2cRebootState {
|
||||||
NONE,
|
NONE,
|
||||||
SYSTEM_MODE_BOOT,
|
SYSTEM_MODE_BOOT,
|
||||||
@ -37,6 +43,7 @@ class EiveSystem : public Subsystem, public HasActionsIF {
|
|||||||
bool alreadyTriedI2cRecovery = false;
|
bool alreadyTriedI2cRecovery = false;
|
||||||
|
|
||||||
uint8_t frameDirtyErrorCounter = 0;
|
uint8_t frameDirtyErrorCounter = 0;
|
||||||
|
Countdown supvOffDelay = Countdown(3000);
|
||||||
Countdown frameDirtyCheckCd = Countdown(10000);
|
Countdown frameDirtyCheckCd = Countdown(10000);
|
||||||
// If the PDEC reset was already attempted in the last 2 minutes, there is a high chance that
|
// If the PDEC reset was already attempted in the last 2 minutes, there is a high chance that
|
||||||
// only a full reboot will fix the issue.
|
// only a full reboot will fix the issue.
|
||||||
|
Loading…
Reference in New Issue
Block a user