[Robotgroup] Safety Circuit Design Question
Michael Boswell
Michael at Hilltopcafe.net
Mon May 19 17:18:54 PDT 2008
Thanks for the info.
Michael Boswell
Austin End Of the Line Kite Team - Kite #4
http://Austineol.com
Picture Gallery at http://www.pbase.com/mboswell
-----Original Message-----
From: robotgroup-bounces at puremagic.com
[mailto:robotgroup-bounces at puremagic.com] On Behalf Of Mark Hinkle
Sent: Monday, May 19, 2008 9:37 AM
To: The Robot Group Mailing List
Subject: Re: [Robotgroup] Safety Circuit Design Question
Wow... have I ever been out of touch... Just so busy lately....
I am currently making a safety critical design at work that uses both
digital logic and relays.
The main point for digital logic is that you want all signal inputs
driven differentially. What I mean is that you will need two outputs
from your digital logic at opposite levels to cause a change on your
input port logic.
As far as latching relays go, don't use them; make your own. A proper
latching relay circuit can be made from a DPDT and a SPST relay. One
pole on the DPDT will be your latch. The SPST is in the latch circuit
path and acts as your latch reset. Wiring it is a bit convoluted.
However, the beauty of it is when power is lost to the relays they
become de-energized and open up.
Watch out on your relay specifications, though. The dropout voltages
can be very low. Some 5Vdc small signal relays won't drop out until
voltage is below 500mV!!!
In any case, make sure you are using a system voltage monitor and a
watchdog timer circuit on your CPU if any harm to humans could result
from your circuit or code going belly up. DO NOT PUT WATCHDOG CODE
INTO AN INTERRUPT ROUTINE or if your main code crashes, the interrupt
will still likely run and your watchdog will never reset the system.
The watchdog code should always be in your main code.
Don't get me started on safety critical usage of FPGAs. There is too
much...
Cheers,
Mark (aka Robomarkov)
---------[ Received Mail Content ]----------
Subject : Re: [Robotgroup] Safety Circuit Design Question
Date : Mon, 5 May 2008 19:06:46 -0500
From : "Michael Boswell"
To : "'The Robot Group Mailing List'"
Your right that I should get out the calculator and to the energy
calculations to see what the impact would really be. I have decided
that if
I do use a dual coil relay that I will allow the process to turn OFF
the
motor circuit but will not connect the SET coil to the microprocessor.
I too
have seen processors do some very improbable things when they crash
(random
code execution) or when the power is low so I don't want to give it a
chance
to energize the motor circuit. Once the motor circuit has been
disconnected
it should take a manual button push to reset it. If I go with a single
coil
non latching relay then it may be a bit trickier to allow the process
to
command a shutdown but the rest of the logic will be just as easy.
Thanks for yours and everyone else's thoughts and comments on the
design
elements.
Michael Boswell
Austin End Of the Line Kite Team - Kite #4
http://Austineol.com
Picture Gallery at http://www.pbase.com/mboswell
---------------------------------------------------------
My parents just came back from a planet where the
dominant lifeform had no bilateral symmetry,
and all I got was this stupid F-Shirt.
---------------------------------------------------------
_______________________________________________
Robotgroup mailing list
Robotgroup at puremagic.com
http://lists.puremagic.com/cgi-bin/mailman/listinfo/robotgroup
More information about the Robotgroup
mailing list