It is time to study a basic system consisting of a control system and a safety system. The control system encompasses a few blocks and one of their signals will be written to an output. As we do not have any real output we will use a simulator, see simulator. Please build and install it. Further, you have to make sure that your example application is able to find the simulator library, see Deploying.
In the EEROS library you will find a directory with examples. Open a shell in the build directory of your EEROS library and run

$ ./examples/system/systemTest1 -c examples/system/SystemTest1Config.json

This example encompasses a safety system and a control system. The control system has one time domain running several blocks

Control system of the example

A constant value is amplified by a gain block and added up by the integrator block. The switch is configured to automatically switch to the second input as soon as the input value reaches 20.0 ± 0.1. The signal after the switch block is finally output onto a peripheral output block.

Upon switching the block also triggers a safety event. The safety system has four safety levels. The system will start in level initializing. The system stays for three seconds in the second level. After that the cycle restarts.

The time domain is still in the stopped state and hence, the signal value of the output of the gain block is NaN. After three seconds the system switches to level running and the output signal is the value of the constant block times the gain of the gain block.

1. In order to test what happens if you read from an unconnected input comment line number 44 and recompile. This removes the connection between the constant block and the gain block. As soon as the time domain tries to run the gain block a NotConnectedFault is thrown. This causes the time domain to trigger a go to emergency event. In the safety level emergency the time domain is stopped to prevent further faults.
2. Please add line 44 and remove line 39, recompile and run the test. The constant block has no value assigned to it. This causes the time domain to calculate the peripheral output value to be NaN and a NaNOutputFault is thrown. This causes the time domain to trigger a go to emergency event. In the safety level emergency the time domain is stopped to prevent further faults.

There is another example examples/controlsystem/BlockTest2. This example encompasses a safety system and a control system. It demonstrates what happens …

1. if you forget to connect an input to an output
2. if you try to write a NaN value to a peripheral output

The system uses an output. For this reason you will need to install a simple simulator, see simulator. The following command will run the example

The control system consists of three blocks, a constant block, a gain block, and a peripheral output block. the safety system encompasses three safety levels as show below. The system will start in level initializing. The time domain is still in the stopped state and hence, the signal value of the output of the gain block is NaN. After three seconds the system switches to level running and the output signal is the value of the constant block times the gain of the gain block.

1. In order to test what happens if you read from an unconnected input comment line number 44 and recompile. This removes the connection between the constant block and the gain block. As soon as the time domain tries to run the gain block a NotConnectedFault is thrown. This causes the time domain to trigger a go to emergency event. In the safety level emergency the time domain is stopped to prevent further faults.
2. Please add line 44 and remove line 39, recompile and run the test. The constant block has no value assigned to it. This causes the time domain to calculate the peripheral output value to be NaN and a NaNOutputFault is thrown. This causes the time domain to trigger a go to emergency event. In the safety level emergency the time domain is stopped to prevent further faults.