For each safety level all the critical inputs must be checked and all the critical outputs must be driven with a signal.
With every single critical input signal we can specify one of the following actions.
ignore(eeros::hal::Input<T>* input);
The ignore action simply ignores the given input. There is no action to be taken by the safety system. As an example, the level slOff ignores the state on the signal emergencyStop.
slOff.setInputActions({..., ignore(emergencyStop), ...});
Instead of passing a vector of actions you could also add the necessary actions one by one:
slOff.setInputAction(ignore(emergencyStop));
check(eeros::hal::Input<T>* input, T value, SafetyEvent& event);
The check action compares the value of the parameter value with the value of the system input. If the values are not the same an event is fired. The example below shows how a limit switch is checked. If the switch is true a doEmergency event is fired, which leads to a change of the safety level.
slMoving.setInputActions({..., check(slLimitSwitchQ0p, false, doEmergency), ...});
range(eeros::hal::Input<T>* input, T min, T max, SafetyEvent event, bool offRange = false);
The range action checks if the value of the input is in the range of min to max, and if this is not the case, an event is fired. If the parameter offRange
is set to true, the range action checks if the value is lower then min or higher than max.
In the following example the range action tests whether the value of q0 is in the interval from 0.0 to 6.283. If not, the event doMotionStopping is fired, which causes a transition to the level slMotionStopping.
slMoving.setInputActions({..., range(q0, 0.0, 6.283, doMotionStopping), ...});
For each critical output several actions might be taken. They are:
set(eeros::hal::Output<T>* output, T value);
The set action sets an output to a certain value, e.g.:
slOff.setOutputActions({..., set(enable0, false), ...});
leave(eeros::hal::Output<T>* output);
The leave action does not change the current state or value of an output. This is particularly helpful if a certain safety level can be reached from various other levels with outputs set in those levels, and the current level does not want to change a certain output.
slMotionStopped.setOutputActions({..., leave(brake0), ...});
toggle(eeros::hal::Output<T>* output);
The toggle action changes thew current state each time the safety system runs. Please keep in mind that the safety system runs with the highest priority and highest frequency of the whole system. toggle is generally used to deliver a watchdog signal.
slRunning.setOutputActions({..., toggle(watchdog), ...});