Real-Time Robotics Framework

User Tools

Site Tools

You are here: EEROS Wiki » EEROS Architecture » Safety System
eeros_architecture:safety_system:start

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
eeros_architecture:safety_system:start [2016/11/03 17:27] – [Events] grafeeros_architecture:safety_system:start [2023/02/26 17:59] (current) – [How it works] ursgraf
Line 8: Line 8:
      - has a unique name      - has a unique name
      - defines the state of all critical outputs      - defines the state of all critical outputs
-     - defines conditions of the critical inputs, which are proofed periodically by an inspection task +     - defines conditions for the critical inputs, which are checked periodically by an inspection task 
-     - can have accept certain events +     - can accept certain events 
      - can cause events      - can cause events
   * The order of the safety level numbering corresponds to the potential damage in case of an error   * The order of the safety level numbering corresponds to the potential damage in case of an error
Line 20: Line 20:
 Events are exclusively received and handled by the safety system. An event can cause a change of the safety level. Such a change can happen only if this specific event was registered for the current level. The next figure shows a couple of safety levels together with associated events causing a level change. Events are exclusively received and handled by the safety system. An event can cause a change of the safety level. Such a change can happen only if this specific event was registered for the current level. The next figure shows a couple of safety levels together with associated events causing a level change.
 {{ .:safetysystemevents1.png?300 | //Typical safety levels and associated events//}} {{ .:safetysystemevents1.png?300 | //Typical safety levels and associated events//}}
 +
 +  * If the safety system itself causes an event leading to a change of the safety level, this level change takes place only after the safety system completes this run. 
 +  * Multiple events fired during a single safety period would lead to ambiguities. The event leading to a lower prioritized safety level wins, while the other events are cancelled. 
 +
 +===== What does the Safety System do ? =====
 +The most important function of the safety system is its run method. This method is called periodically by the executor. Here's how it works:
 +<code cpp>
 +  void SafetySystem::run() {
 +
 +    // 1) Read inputs and check them
 +    for(auto ia : level->inputAction) {
 +      if(ia != nullptr) ia->check(&privateContext);
 +    }
 +    
 +    // 2) Execute level action
 +    if(level->action != nullptr) level->action(&privateContext);
 +    
 +    // 3) Set outputs
 +    for(auto oa : level->outputAction) {
 +      if(oa != nullptr) oa->set();
 +    }
 +  }
 +</code>
  
 If you want to learn more about the individual parts of the safety system, look at the links below: If you want to learn more about the individual parts of the safety system, look at the links below:
-  *[[.:hal|HAL (Hardware Abstraction Layer)]]\\ + 
-  *[[.:properties|Safety Properties]] \\ +  *[[.:properties|Safety Properties]]  
-  *[[.:io_actions|Input / Output Actions]]\\ +  *[[.:io_actions|Input / Output Actions]] 
-  *[[.:usage|Creation]]+  *[[.:usage|Setup a Safety System]] 
eeros_architecture/safety_system/start.1478190429.txt.gz · Last modified: 2016/11/03 17:27 (external edit)