In Class Exercise

The purpose of this exersize is to start thinking about a problem that is complex enough to have interesting trade-offs and design issues to consider. We will use this example for two closely related purposes: (1) to make system decomposition decisions and (2) figure out how these processes must communicate, which will lead us into a discussion of embedded networking.  This is an example of a closely coupled distributed control applications that you might find in a small power plant, in your car (which is a small power plant), a robot, or even in something as simple as a cell phone.

Problem Statement

Because of very short product lifecycles, it is imperative that your company begin writing the software for its products before the hardware design is finalized. This means that you don't know, as a programmer, how the tasks in your system will eventually be divided up among the processors on the circuit board. The idea is that you should be able to write and test your software before final partitioning decisions are made.

Here is a block diagram for a fuel cell power plant system that we discussed in class. 

The system must be in one of the following modes at any time:

This mode transition diagram is like a state transition diagram in logic design, except that each of the modes represents mode-dependent activities rather than state dependent outputs as in logic.. Your first job is to decompose this system into a set of logical tasks that sense, control, and maintain state. Here are some of the rules that must be satisfied.

  1. H2 valves should stay closed in Startup and Shutdown modes or any time that H2 has been sensed by the H2 Sensor
  2. At all times, the temperature of the systems should be maintained as close as possible to the setpoint temperature. If the system reaches a high or low threshold temperature, then the system should shutdown.
  3. In any state other than ONLINE the output voltage should be above a some value, say MINV, and the output current should be zero. The systems should enter shutdown otherwise.
  4. In the ONLINE state, violations of the maximum output current limit (MAXI) or the minimum output voltage limit should cause the system to enter the OFFLINE state.
  5. The system has two buttons: online/offline and power on/off. The mode diagram shows how the buttons affect system state.   
  6. System temperature should be maintained at a given setpoint using fan speed control. The system should shutdown if system temperature is either too high or too low.
  7. When the system is in the SHUTDOWN state, the fan should run at max speed for 10 seconds then the system should transition to the OFF state.
  8. When in the ONLINE state, the number of active "stacks" is a function of the load current. N = 1+(I/MAXSTACK). MAXSTACK is them maximum amount of current that should be provided by each individual stack. When a STACK is active, its H2 supply and MOSFET is enabled, otherwise they are disabled.
  9. Any time other than the STARTUP state, the system should enter the SHUTDOWN state if H2 is detected by the detectors (they need to warmup before they give reliable readings).
  10. The system should stay in the STARTUP state for one minute, which is long enough for the H2 sensors to stabilize. Then it should transition to the WARMUP state.
  11. During WARMUP state, the main output MOSFET is disabled and all stacks are activated to generate heat until the system reaches a minimum operating temperature threshold. When the threshold is reached all but one stack is de-activated and the system transitions to the OFFLINE state.
  12. In the OFFLINE state, the main output MOSFET is disabled and one stack remains active.
  13. In the OFF state, all MOSFETs are disabled, and the fan is off. The error code is stored in some non-volatile way, and then the power to the controller is disabled (MOSFET not shown)

List a set of task definitions (things that you thing should be grouped together) and make sure to identify communication that must occur between the tasks that you have defined. Your task definitions and communications should make no assumptions about which tasks are running on the same or different processors. Your definitions can be written in pseudo-code or in English. You must partition the system into at least four separate tasks.