None Lab_3

Table of Contents

Motivation

In order to safely operate your workstation motor inertia module, you will need to implement a safety control system. OK, so there isn't much chance of serious injury with the rig we have given you. However, it is true that you don't want the motor to run when you are not expecting it, especially if you are making adjustments with your fingers close to potentially rotating parts. A safety system that ensures that the plexiglass shield is closed while the motor is running can help with this, and may also save you from broken workstation parts. Large machines will have exactly the same kind of safety systems when their operation carries substantial risk of injury. With all of these factors in mind, it is important to understand how FSM programming could provide a framework to build a robust safety system.

Challenge

Your safety system will use the relay to control the overall operation of the motor such that:

  • The motor cannot be energized by simply closing a single switch or pressing a single button.
  • There will be a warning period that will require the user to press and hold down two buttons before the motor is allowed to move and keeps the motor from starting if either of the buttons are released.
  • If the safety guard is lifted or an emergency stop button is pressed, the motor will be de-energized. The resulting 'faults' will need to be cleared, and the system will need to be manually reset before the motor can be restarted.

The motor will be controled by the relay we have already used in Labs 1 and 2. When this relay is energized, the motor will be connected to a power source. If the relay is not energized the motor will be disconnected from the power source and therefore will not be allowed to spin.

Controller Design: Safety Controls and Display

You will use your workstation's safety control section and the LCD panel to control the operation and display the status of your system. The safety control section consists of the buttons, switch and LEDs at the bottom of the circuit board below the breadboard. They, and an example of the LCD output are pictured below. All of the switches, buttons and LEDs in the Safety Control Section are connected to the Arduino through the circuit board and the pin numbers for each of them can be found in the hardware resource: Arduino Mega Pin Mapping. Note that the black buttons (BTN1, BTN2, etc) are momentary switches that only change state while being pressed. The E-Stop button is a "mechnically latching" button that will stay pressed until pressed again.

Safety_Controls.png

image.png

Controller Design: Specifications

  • The SAFE and READY conditions are controlled by the Stop/Safe-Ready slide switch in the center of the safety controls. By its design, the switch will be in one condition or the other and both cannot be true at the same time.
  • When the system is in SAFE mode the motor will be disconnected and the READY/WARNING green LED (Pin 41) will be constantly illuminated.
  • To enter READY mode, the system must be in SAFE mode and the slide switch must change from Stop/Safe to Ready. The READY mode cannot be entered if there is a fault (defined below). While in the READY mode the READY/WARNING green LED (Pin 41) will flash indicating the system is in the ready mode.
  • If the system is in READY mode and user holds down both RUN (RUN1 and RUN2) buttons continuously for 2 seconds, the system will enter RUNNING mode. During those 2 seconds, the system will be in WARNING mode which will be indicated by flashing the READY/WARNING red LED (Pin 39).
  • WARNING mode will be terminated and the system will return to READY mode if either RUN button is released before the 2 seconds has passed.
  • Once in RUNNING mode, the RUN buttons can be released and the motor will stay connected. In running mode, RUN/FAULT blue LED (Pin 43) will be be constantly illuminated.
  • The relay is used to connect the power to the motor. The relay coil is only energized (on) when the system is in RUNNING mode.
  • A fault is defined as a condition in which the safety shield limit switch is not closed (the safety shield has been lifted out of place) or the E-Stop button has been pressed.
  • A fault will cause the system to leave its current mode and enter FAULT mode no matter what other mode the system was in. In FAULT mode the RUN/FAULT red LED (Pin 45) will be flashing RED.
  • The system can only go to SAFE mode from FAULT mode. To enter SAFE from FAULT, the cause of the fault must be cleared (close safety shield and release the E-stop button) and the Stop/Safe-Ready switch must be cycled from the Ready position to the Stop/Safe position.
  • If the slider switch is moved to Stop/Safe at any time, the system will leave its current mode and go to SAFE mode, except if there is a fault. Moving the switch to Stop/Safe in FAULT mode will not change the mode until the faults are cleared.
  • Initially, the program starts in FAULT mode regardless of the positions of the limit switch or the E-Stop button. It remains in this state until the system enters SAFE mode as described below.

Indicator operations

  • The SAFE and RUNNING LEDs are illuminated continuously when the system is in those modes.
  • When in READY, WARNING or FAULT mode, the appropriate LED flashes at 2 Hz.
  • The LCD display will be used to display the current state, the condition of the two run buttons, and whether the motor is connected or disconnected. The display format is given below.
    • You will display the name of the current mode in the first row of the LCD panel.
    • You will display the status of the RUN1 button in the first column of the second row of the LCD panel. If the switch is pressed the display will show "*" if not pressed it will show "-".
    • You will display the status of the RUN2 button in the last column of the second row of the LCD panel. If the switch is pressed the display will show "*" if not pressed it will show "-".
    • If the relay is energized (the motor is connected) the LCD will display "CONN" in columns 2-5 of the second row. If the relay is not enegrized the LCD will display "DISC" in columns 2-5 of the second row.
    • Because the LCD display "flickers" when you update it too frequently, it is beneficial to wait about 100 milliseconds between updates to ensure the display can be read. HOWEVER, using the command delay() to achieve this is unacceptable in this application because it would mean the entire program STOPS processing for 100 ms. If a fault occured in that time, the program will not be able to respond! Therefore, you will need to make use of a timer to output to the LCD at an interval of your choice without pausing the entire program.

Motor operation

  • For this test of the safety system, setup the H-bridge to output a continuous 2.5 Volts in RUNNING mode. The direction the motor runs is not important to the demonstration of the safety system.

Controller Design: Motor Inertia Module

You will be using the Inertial Module for this lab, but you won't be connecting the inertia mass to the motor yet. Remove your gate module and reattach the Inertial Model using the two thumbscrews hardware resource: ME 480 Portable Workstation. Notice that the extension on the motor inertial shield contacts the shield limit switch when it is fully closed.

image-3.png

Confirm the motor is still connected to the MOTOR2 socket and the wires coming from the inertia module are connected to the MOTOR1 socket. We won't use the electronics on the inertia module in this lab, but this will keep the wires away from the motor and get you set up for lab 4.

Controller Design: Failsafe Relay

The same relay we used in lab 1 and 2 also connects the motor to the second H-bridge. So the same pin on the arduino will be used to control the relay to turn the motor on and off.

A solid state switch, like a transistor, could have been used instead of a relay. However, as a safety feature, the relay is a better choice because the motor is physically disconnected from the circuit so there is no chance current could "leak" across the relay. Solid state electronics can fail such that current can pass unexpectedly. Additionally, a relay is less expensive, dissipates less heat, and allowes us to easily run current in both directions through the motor. A relay was also an appropriate choice because it is not expected to switch at high frequencies or for a large number of cycles over its design life cycle in this application.

Finally, your relay is also designed to "FAIL SAFE" by staying in the open position, and stopping the motor, if it loses power.

Controller Design and Validation: Workstation Safety System

  • Develop a State Transition Diagram for this system
  • Develop a State Transition Table for this system
  • Using the four block structure, code a FSM program to run the motor on your rig according to the controller specifications

Place your STATE TRANSITITION DIAGRAM in the cell below.

Ensure the diagram and table are consistent with each other and they are both consistent wtih your final program

YOUR ANSWER HERE

Place your STATE TRANSITITION TABLE in the cell below.

Ensure the diagram and table are consistent with each other and they are both consistent wtih your final program

YOUR ANSWER HERE

We will provide a script for you to follow to demonstrate your system. Please take a video of the demonstration and put a link to the video in the cell below

YOUR ANSWER HERE

Place your PROPERLY FORMATTED Arduino Code in the cell below.

YOUR ANSWER HERE

In [ ]: