Epec Programming and Libraries Manual
Click here to see this page in full context

Supported platforms: CODESYS 3.5 SP19 SAFETY

S_SL8X1_Diagnostic (PRG)

Description

This program is a single-block solution for SL8X1 unit diagnostics.

 

 

The program includes following functionalities:

 

 

For more information and application examples, see How to use S Series and E Series HW diagnostics

 

Limitations

This program is SL8X specific. Do not use it with any other hardware.

 

The program is included in MultiTool Creator code template.

Initialization

This method is used to initialize the necessary static calculation parameters for the program. The method shall be called at least once before the actual program can be called, i.e. at the application initialization phase.

 

In case of an initialization error, the diagnostic is not run.

Inputs

 

Input variable name

Data type

Unit

 Range

Description
S_i_SupplyVoltageHighLimit SAFEDINT mV   Supply voltage: High voltage limit.
S_i_SupplyVoltageLowLimit SAFEDINT mV   Supply voltage: Low voltage limit.
S_i_SupplyVoltageDiagDelay SAFEUINT ms   Supply voltage: Diagnostic delay.
S_i_RefAInUse SAFEBOOL -   REF A: Control and diagnostic in use status.
S_i_RefAType5V SAFEBOOL -   REF A: Type, TRUE = 5V, FALSE = 10V.
S_i_RefAControlTolerance SAFEDINT 0 - 1000 REF A: Control tolerance for reference control diagnostic.
S_i_RefAControlDiagDelay SAFEUINT ms 0 - 100 REF A: Diagnostic delay time for reference voltage.
S_i_RefAControlChangeDiagDelay SAFEUINT ms - REF A: Diagnostic delay time for reference voltage after control change.
S_i_RefBInUse SAFEBOOL -   REF B: Control and diagnostic in use status.
S_i_RefBType5V SAFEBOOL -   REF B: Type, TRUE = 5V, FALSE = 10V.
S_i_RefBControlTolerance SAFEDINT 0 - 1000 REF B: Control tolerance for reference control diagnostic.
S_i_RefBControlDiagDelay SAFEUINT ms 0 - 100 REF B: Diagnostic delay time for reference voltage.
S_i_RefBControlChangeDiagDelay SAFEUINT ms - REF B: Diagnostic delay time for reference voltage after control change.
S_i_OutputGroup1HighVoltage SAFEDINT mV   Output group 1: High voltage limit.
S_i_OutputGroup1LowVoltage SAFEDINT mV   Output group 1: Low voltage limit.
S_i_OutputGroup1DiagDelay SAFEUINT ms 0 - 100 Output group 1: Diagnostic delay.
S_i_MCUTemperatureHighLimit SAFEDINT °C   MCU: High limit for temperature diagnostic.

S_i_MCUTemperatureLowLimit

SAFEDINT

°C

  

MCU: Low limit for temperature diagnostic.
S_i_MCUTemperatureDiagDelay SAFEUINT ms 0 - 10000 MCU: Diagnostic delay.
S_i_PCB1TemperatureHighLimit SAFEDINT °C   PCB1: High limit for temperature diagnostic.
S_i_PCB1TemperatureLowLimit SAFEDINT °C   PCB1: Low limit for temperature diagnostic.
S_i_PCB1TemperatureDiagDelay SAFEUINT ms 0 - 10000 PCB1: Diagnostic delay
S_i_PCB2TemperatureHighLimit SAFEDINT °C   PCB2: High limit for temperature diagnostic.
S_i_PCB2TemperatureLowLimit SAFEDINT °C   PCB2: Low limit for temperature diagnostic.

S_i_PCB2TemperatureDiagDelay

SAFEUINT

ms

 0 - 10000

PCB2: Diagnostic delay
Return value

Data type

Description

BOOL

TRUE = OK

 

 

Normal operation

In normal operation the program executes internal measurements and diagnostics. The enabling of diagnostics depends on FW diagnostic status and supply voltage measurement.

 

Firmware diagnostic status

Firmware diagnostic status is requested on each program cycle and its state is monitored.
The firmware diagnostic status is forwarded to application in output variable S_o_FWDiagnosticTaskStatus.

 

DiagnosticStatus

Allow measurements

Allow REF control

Startup ready

 Non-safe control Safe control

None

 

 

 

 

 

Uninitialized

X

X

 

 

 

FWStartupOk

X

X

X

X

 

Ok

X

X

X

X

X

Error

X

X

X

X

 

Undervoltage

X

X

X

X

X

UndervoltageShutdown

X

 

X

 

 

 

 

Safety switch startup test

Diagnostic program executes safety switch startup test with following conditions:

 

 

If startup test is successful, the firmware diagnostic status moves to OK state. The test is requirement for enabling the output group control and diagnostics.
 

Diagnostic enable states

Diagnostic program’s output variable o_DiagEnableStates contains enable flags for application use to detect when different diagnostics are running.


MeasurementsEnable is TRUE on following conditions:

 

Status is used by all measurements as common enable.

 

OutputGroup1_Diagnostic_Enable is TRUE on following conditions:

 


REF_<x>_Diagnostic_Enable is TRUE on following conditions:

 

 

Supply voltage measurement

The program measures supply voltage to enable diagnostic and control functionalities.

Supply voltage high/low diagnostic does not affect the enable states.

 

Supply voltage 5V
REF diagnostic		 5V
REF
control		 10V
REF
diagnostic		 10V
REF
control		 Nonsafe
control
 		 Safe control Safe
control
(PVEU)
 
<= 7V

 

 

 

   X    
>7V to 11V X X     X X  
>11V to 12V X X     X X  
>12V to 32V X X X X X X X
>32V to 36V X   X        
>36V              

 

Supply voltage enable states

Diagnostic program internally uses the REF5V and REF10V enabled conditions from supply voltage measurement.


Diagnostic program’s output variable o_SupplyVoltageEnableStates contains enable flags for application to use as output control conditions. Statuses are set TRUE according to the supply voltage measurement table. See also How to use S Series and E Series HW diagnostics.


NonsafeControl status should be used by application when controlling nonsafety outputs (i.e. outputs which are not affected by safety switch control).


SafeControl status should be used by application when controlling safety outputs (i.e. outputs which are affected by safety switch control).


SafeControl_PVEU status should be used by application when controlling PVEU valve with safety outputs (i.e. outputs which are affected by safety switch control).
 

Supply voltage diagnostics

Supply voltage high/low limits are diagnosed when MeasurementsEnable is TRUE.
Supply voltage diagnostic errors are indicated in program’s status output o_SupplyVoltageStatus.

 

Output group 1 control

Output group voltages are diagnosed when OutputGroup1_Diagnostic_Enable is TRUE.


Output group control can be set ON only once by application. The control is not activated before diagnostic is enabled.
The output group control is automatically set OFF by library when:

 

 

If the FW diagnostic error state is activated while output group is already controlled, the library will detect error when the voltage after switch drops due to FW setting the safety switch OFF. 

 

The output group diagnostic errors are indicated in program’s status output o_OutputGroup1ControlStatus.

 

REF A & REF B reference output

The diagnostic program supports up to 2 REF outputs (REF A and REF B). 5V and 10V REF types are supported.

Each REF has two measurement channels which are validated.


REF output diagnostic is enabled when REF_<x>_Diagnostic_Enable is TRUE (see Diagnostic enable states).


REF output control is activated with following conditions:

REF output is set OFF if error is detected by REF diagnostics.

 

REF diagnostic errors are indicated in program’s status outputs o_RefAControlStatus and o_RefBControlStatus.

 

REFOUT switch control

The REFOUT switch is controlled when i_RefoutSwitchControl is TRUE. The library shall set REFOUT switch OFF if either REF output detects persistent overvoltage error. The REFOUT switch FW errors are indicated in program’s output o_RefoutSwitchSystemError.

 

MCU temperature diagnostic

MCU temperature is diagnosed when MeasurementsEnable is TRUE.
MCU temperature diagnostic errors are indicated in program’s status output o_MCUTemperatureStatus.

 

PCB temperature diagnostic

PCB temperatures are measured and diagnosed when MeasurementsEnable is TRUE. Two PCB sensors are supported.
PCB temperature and diagnostic errors are indicated in program’s outputs.

 

Reacting to the user adjustable high/low PCB temperature errors is up to the application.

 

PCB1 (safety switch) temperature includes safe state diagnostics which affects Output group 1 control.

 

SL8X1 safe state limits for PCB1 are -45...140 °C.

 

Wire harness detection diagnostic

The diagnostic program compares node-id value saved in nonvolatile memory and node-id value which is detected from wire harness. Output status S_o_NodeIdCorrespondsSavedValue is TRUE when i_CableDetectionSavedNodeId = i_CableDetectionDetectedNodeId. 

 

Combined diagnostic status for nonsafe operation

The diagnostic program output status o_DiagStatusOk is TRUE if following conditions are fulfilled:

 

 

The status should be used by application when controlling nonsafety outputs (i.e. outputs which are not affected by safety switch control).

 

Combined diagnostic status for safe operation

Diagnostic program output status S_o_DiagStatusOk is TRUE if following conditions are fulfilled:

 

 

Status shall be used by application when controlling safety outputs (i.e. outputs which are affected by safety switch control). This condition is checked by application code template.

See also How to use S Series and E Series HW diagnostics.

 

Inputs

Input variable name

Data type

Range

Description

i_Reset

BOOL

 

Reset flag disables diagnostic blocks' operation. Error statuses are cleared after falling edge of reset input.
i_SupplyVoltageInPin DWORD   Filtered ADC value for supply voltage pin.
i_SwitchStartupTestEnable BOOL   Application gives permission to execute startup test.
i_OutputGroup1Control BOOL   Safety switch control status.
i_SupplyBeforeSafetySwitch1 DWORD   Filtered ADC value voltage before safety switch.
i_SupplyAfterSafetySwitch1 DWORD   Filtered ADC value voltage after safety switch.
i_RefoutSwitchControl BOOL   Control request status for refout switch.
i_RefAVoltageControl BOOL   Control request status for REF A reference output.
i_RefAChannel1 DWORD   Filtered ADC value for REF A reference output.
i_RefAChannel2 DWORD   Filtered redundant ADC value for REF A reference output.
i_RefBVoltageControl BOOL   Control request status for REF B reference output.
i_RefBChannel1 DWORD   Filtered ADC value for REF B reference output.
i_RefBChannel2 DWORD   Filtered redundant ADC value for REF B reference output.
i_MCUTemperature DINT   FW provided scaled value for MCU temperature [0,1°C].
i_PCBTemperatureChannel1 DWORD   Filtered ADC value for PCB temperature channel 1.
i_PCBTemperatureChannel2 DWORD   Filtered ADC value for PCB temperature channel 2.
i_CableDetectionSavedNodeId BYTE   Cable detection's node-id value saved to nonvolatile memory.

i_CableDetectionDetectedNodeId

BYTE

 

Cable detection's node-id value detected in wire harness.
Outputs

Output variable name

Data type

Range

Description

o_InitReady

BOOL

 

Initialization ready
o_InitError BOOL   Initialization error
o_DiagEnableStates DiagnosticEnableStates   Diagnostic specific enable states for application.
o_DiagStatusOk BOOL   Combined diagnostic status for nonsafe operation.
S_o_DiagStatusOk SAFEBOOL   Combined diagnostic status for safe operation.
o_OutputGroup1ControlStatus EPEC_SHWD.Status   Status for output group 1 control.
o_OutputGroup1Control_EC EPEC_DITF.EventCode   Event for output group 1 control.
S_o_OutputGroup1ControlVoltage SAFEDINT   Scaled and validated voltage after output group 1 safe switch [mV]
S_o_OutputGroup1Control SAFEBOOL   Used control for output group 1.

o_SupplyVoltageStatus

EPEC_SC.Status

 

Status for supply voltage pin.
o_SupplyVoltage_EC EPEC_DITF.EventCode   Event for supply voltage pin.
S_o_SupplyVoltage SAFEDINT   Scaled and validated voltage in supply pin [mV].
o_SupplyVoltageEnableStates SupplyVoltageEnableStates   Supply voltage measurement enable states for application controls.
o_RefAControlStatus EPEC_SHWD.Status   Status for REF A reference output.
o_RefAControl_EC EPEC_DITF.EventCode   Event code for REF A reference output.
S_o_RefAControl SAFEBOOL   Control state for REF A reference output.
S_o_RefAVoltage SAFEDINT   Scaled and validated voltage for REF A reference output [mV].
o_RefBControlStatus EPEC_SHWD.Status   Status for REF B reference output.
o_RefBControl_EC EPEC_DITF.EventCode   Event code for REF B reference output
S_o_RefBControl SAFEBOOL   Control state for REF B reference output.
S_o_RefBVoltage SAFEDINT   Scaled and validated voltage for REF B reference output [mV].
o_RefoutSwitchSystemError EPEC_SYSTEM.SYSTEM_ERROR_CODES   System status for refout switch control.
o_MCUTemperatureStatus EPEC_SHWD.Status   Status for MCU temperature.
o_MCUTemperatureEC EPEC_DITF.EventCode   Event code for MCU temperature.
S_o_MCUTemperature SAFEDINT   Scaled and validated MCU temperature [0.1°C].
S_o_PCBTemperatureChannel1 SAFEDINT   Scaled and validated PCB1 temperature [0.1°C]
o_PCBConversionCh1Status EPEC_SC.Status   Status for PCB temperature 1 conversion.
o_PCBDiagnosticCh1Status EPEC_SHWD.Status   Status for PCB temperature 1 diagnostic.
o_PCBSafeDiagnosticCh1Status EPEC_SHWD.Status   Status for PCB temperature 1 safe state diagnostic.
o_PCBTemperatureCh1_EC EPEC_DITF.EventCode   PCB temperature 1 event code.
o_PCBTemperatureCh1_SafeEC EPEC_DITF.EventCode   PCB temperature 1 event code for safe state diagnostic
S_o_PCBTemperatureChannel2 SAFEDINT   Scaled and validated PCB2 temperature [0.1°C].
o_PCBConversionCh2Status EPEC_SC.Status   Status for PCB temperature 2 conversion.
o_PCBDiagnosticCh2Status EPEC_SHWD.Status   Status for PCB temperature 2 diagnostic.
o_PCBTemperatureCh2_EC EPEC_DITF.EventCode   PCB temperature 2 event code
S_o_FWDiagnosticTaskStatus EPEC_IODRV.DIAGNOSTIC_TASK_STATUS   Status of the firmware diagnostic.
S_o_NodeIdCorrespondsSavedValue SAFEBOOL   Status is set TRUE if node-id saved to nonvolatile memory corresponds to value detected on bootup.

 

 

Function block diagnostics

The internal implementation of the program uses following POUs. All error situations, including the initialization errors, of each POU are described in their own specifications.

 

 

Example code

The program is included in MultiTool Creator code template.

 

See also

 

 

 

 

 

Source file S_SL8X1_Diagnostic_(PRG).htm

Last updated 21-Feb-2025