Real-Time Robotics Framework

User Tools

Site Tools

You are here: EEROS Wiki » EEROS Architecture » Safety System » Safety Properties
eeros_architecture:safety_system:properties

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
eeros_architecture:safety_system:properties [2020/02/11 14:17] – [Safety Events] grafeeros_architecture:safety_system:properties [2026/04/12 14:47] (current) – [Entry Level] ursgraf
Line 30: Line 30:
   criticalInputs = {q0, runButton, ...};   criticalInputs = {q0, runButton, ...};
 </code> </code>
 +See [[eeros_architecture:safety_system:io_actions|]] how to handle the critical inputs and outputs.
 ===== Safety Levels ===== ===== Safety Levels =====
 Define safety levels. Each level has a unique number and a description. After this the levels have to be added. The order of adding the levels is highly important and determines their logical ordering. Add the lowest safety level first. If you forget to add some levels the safety system will not check its critical inputs and will therefore not run correctly! Define safety levels. Each level has a unique number and a description. After this the levels have to be added. The order of adding the levels is highly important and determines their logical ordering. Add the lowest safety level first. If you forget to add some levels the safety system will not check its critical inputs and will therefore not run correctly!
 <code c> <code c>
   SafetyLevel slOff("off");   SafetyLevel slOff("off");
 +  SafetyLevel slBoot("boot");
   SafetyLevel slIinitializing("initialize");   SafetyLevel slIinitializing("initialize");
   SafetyLevel slRunning("running");   SafetyLevel slRunning("running");
      
   addLevel(slOff);   addLevel(slOff);
 +  addLevel(slBoot);
   addLevel(slIinitializing);   addLevel(slIinitializing);
   addLevel(slRunning);   addLevel(slRunning);
Line 50: Line 52:
   SafetyEvent seStartRunning("start running");   SafetyEvent seStartRunning("start running");
  
-  slOff.addEvent(seStartInitializing, slIinitializing, kPublicEvent);+  slBoot.addEvent(seStartInitializing, slIinitializing, kPublicEvent);
   slIinitializing.addEvent(seStartRunning, slRunning, kPrivateEvent);   slIinitializing.addEvent(seStartRunning, slRunning, kPrivateEvent);
   slRunning.addEvent(seShutDown, slOff, kPublicEvent);   slRunning.addEvent(seShutDown, slOff, kPublicEvent);
Line 60: Line 62:
 <code c> <code c>
   // Add events to multiple levels   // Add events to multiple levels
-  addEventToLevelAndAbove(slPowerOn, seDoEmergency, kPublicEvent);+  addEventToLevelAndAbove(slPowerOn, seDoEmergency, slEmergency, kPublicEvent);
 </code> </code>
 Two more functions serve a similar purpose. Two more functions serve a similar purpose.
 <code c> <code c>
   // Add events to all levels equal or smaller than srcLevel   // Add events to all levels equal or smaller than srcLevel
-  addEventToLevelAndBelow(srcLevel, destLevel, event, kPublicEvent);+  addEventToLevelAndBelow(srcLevel, event, destLevel, kPublicEvent);
   // Add events to all levels in between lowerLevel and upperLevel (including lowerLevel and upperLevel)   // Add events to all levels in between lowerLevel and upperLevel (including lowerLevel and upperLevel)
-  addEventToAllLevelsBetween(lowerLevel, upperLevel, destLevel, event, kPublicEvent);+  addEventToAllLevelsBetween(lowerLevel, upperLevel, event, destLevel, kPublicEvent);
 </code> </code>
  
Line 77: Line 79:
 Define actions for the safety levels. Each level can cause no or one action. Define actions for the safety levels. Each level can cause no or one action.
 <code cpp> <code cpp>
-  slOff.setLevelAction([this](SafetyContext* privateContext) { +  slBoot.setLevelAction([this](SafetyContext* privateContext) { 
-    privateContext->triggerEvent(seDoSwInit);+    privateContext->triggerEvent(seStartInitializing);
   });   });
-  ... 
 </code> </code>
 The method //setLevelAction// accepts a function, which is used solely here and can be defined without giving it a name. In this example the function is a so called lambda function meaning that it can be passed as a parameter without prior declaration. It must take a parameter itself of type ''SafetyContext''. This ensures that the level function can trigger a private event. The method //setLevelAction// accepts a function, which is used solely here and can be defined without giving it a name. In this example the function is a so called lambda function meaning that it can be passed as a parameter without prior declaration. It must take a parameter itself of type ''SafetyContext''. This ensures that the level function can trigger a private event.
 +
 +=== Entry and Exit Actions ===
 +You also have the possibility to define an action which is executed when a safety level is entered. That means when the safety system switches to this level.
 +<code cpp>
 +  slIinitializing.setEntryAction([this](SafetyContext* privateContext) {
 +    // do anything
 +  });
 +</code>
 +
 +Further, you can define an action which is executed when a safety level is left. That means when the safety system switches from this level to another level.
 +<code cpp>
 +  slIinitializing.setExitAction([this](SafetyContext* privateContext) {
 +    // do anything
 +  });
 +</code>
  
 === Counter === === Counter ===
-Each time that the safety system runs in a certain level a counter named ''nofActivations'' is incremented. Whenever the safety level due to an event this counter will be reset to 0. This allows for measuring the time the system will run in a given safety level. The following example demonstrates this. +Each time that the safety system runs in a certain level a counter named ''nofActivations'' is incremented. Whenever the safety level changes due to an event this counter will be reset to 0. This allows for measuring the time the system will run in a given safety level. The following example demonstrates this. 
 <code cpp> <code cpp>
   slRunning.setLevelAction([this,period](SafetyContext* privateContext) {   slRunning.setLevelAction([this,period](SafetyContext* privateContext) {
Line 96: Line 112:
 As a last point, you have to specify with which level the system has to start. As a last point, you have to specify with which level the system has to start.
 <code c> <code c>
-  setEntryLevel(slOff);+  setEntryLevel(slBoot);
 </code> </code>
  
eeros_architecture/safety_system/properties.1581427048.txt.gz · Last modified: by graf