Index: firmware/App/Services/WatchdogMgmt.c =================================================================== diff -u -rd3819286869611f9c02add72a0f8e321598fdf42 -r3c1ca4197b63f7988fe3bf58cf80299e4481416a --- firmware/App/Services/WatchdogMgmt.c (.../WatchdogMgmt.c) (revision d3819286869611f9c02add72a0f8e321598fdf42) +++ firmware/App/Services/WatchdogMgmt.c (.../WatchdogMgmt.c) (revision 3c1ca4197b63f7988fe3bf58cf80299e4481416a) @@ -15,7 +15,9 @@ * ***************************************************************************/ -#include "CPLD.h" +#include "CPLD.h" +#include "InternalADC.h" +#include "OperationModes.h" #include "SystemCommMessages.h" #include "Timers.h" #include "WatchdogMgmt.h" @@ -28,9 +30,13 @@ // ********** private definitions ********** #define MIN_WATCHDOG_PET_INTERVAL_MS 45 ///< Minimum watchdog pet interval. -#define WATCHDOG_POST_TIMEOUT_MS 100 ///< Watchdog POST timeout in ms. -#define WATCHDOG_RECOVERY_TIME_MS 250 ///< Watchdog recovery time in ms. +#define WATCHDOG_POST_TIMEOUT_MS 500 ///< Watchdog POST timeout in ms. +#define WATCHDOG_RECOVERY_TIME_MS 750 ///< Watchdog recovery time in ms. + +#define MAX_24V_LEVEL_ON_WATCHDOG_EXPIRED 5.0 ///< Maximum voltage on 24V line when watchdog is expired. // TODO - check w/ Systems. Takes time for V to bleed off. Had to raise to 5V. +#define MIN_24V_LEVEL_ON_WATCHDOG_RECOVER 22.6 ///< Minimum voltage on 24V line when watchdog is recovered. + /// List of watchdog states. typedef enum Button_Self_Test_States { @@ -111,7 +117,8 @@ if ( PIN_SIGNAL_LOW == getCPLDWatchdogExpired() ) { // ignore expired watchdog until after watchdog POST - if ( WATCHDOG_SELF_TEST_STATE_COMPLETE == watchdogSelfTestState ) + if ( ( WATCHDOG_SELF_TEST_STATE_COMPLETE == watchdogSelfTestState ) || + ( getCurrentOperationMode() != DG_MODE_INIT ) ) { #ifndef DEBUG_ENABLED activateAlarmNoData( ALARM_ID_WATCHDOG_EXPIRED ); @@ -163,20 +170,42 @@ } if ( PIN_SIGNAL_LOW == getCPLDWatchdogExpired() ) { - watchdogSelfTestStatus = SELF_TEST_STATUS_PASSED; + F32 v24 = getIntADCVoltageConverted( INT_ADC_PRIMARY_HEATER_24_VOLTS ); + + // Verify 24V is down when w.d. expired + if ( v24 > MAX_24V_LEVEL_ON_WATCHDOG_EXPIRED ) + { + SET_ALARM_WITH_2_F32_DATA( ALARM_ID_DG_WATCHDOG_POST_TEST_FAILED, 2.0, v24 ); + watchdogSelfTestStatus = SELF_TEST_STATUS_FAILED; + } } else { - activateAlarmNoData( ALARM_ID_DG_WATCHDOG_POST_TEST_FAILED ); + SET_ALARM_WITH_1_U32_DATA( ALARM_ID_DG_WATCHDOG_POST_TEST_FAILED, 1 ); watchdogSelfTestStatus = SELF_TEST_STATUS_FAILED; } - watchdogSelfTestTimerCount = getMSTimerCount(); - watchdogSelfTestState = WATCHDOG_SELF_TEST_STATE_RECOVER; + watchdogSelfTestTimerCount = getMSTimerCount(); + watchdogSelfTestState = WATCHDOG_SELF_TEST_STATE_RECOVER; break; case WATCHDOG_SELF_TEST_STATE_RECOVER: if ( TRUE == didTimeout( watchdogSelfTestTimerCount, WATCHDOG_RECOVERY_TIME_MS ) ) { + if ( getCPLDWatchdogExpired() == PIN_SIGNAL_HIGH ) + { + F32 v24 = getIntADCVoltageConverted( INT_ADC_PRIMARY_HEATER_24_VOLTS ); + + // Verify 24V is down when w.d. recovered TODO - ask EE team why 24V does not quite recover all the way to 22.6V even after 750 ms. How long should it take? +// if ( v24 < MIN_24V_LEVEL_ON_WATCHDOG_RECOVER ) +// { +// SET_ALARM_WITH_2_F32_DATA( ALARM_ID_DG_WATCHDOG_POST_TEST_FAILED, 3.0, v24 ); +// watchdogSelfTestStatus = SELF_TEST_STATUS_FAILED; +// } +// else + { + watchdogSelfTestStatus = SELF_TEST_STATUS_PASSED; + } + } result = watchdogSelfTestStatus; watchdogSelfTestState = WATCHDOG_SELF_TEST_STATE_COMPLETE; }