CheckReceivedSRDO (FUN)
FUNCTION CheckReceivedSRDO : BOOL
Check if an SRDO contains valid data.
This function is getting a pointer to SRDO data from the safety-, as well as from the unsafe stack. Both are necessary to check all requirements which are specified for the consistency of an SRDO.
If there was an error or the SRDO was not, yet, completely received, the function returns FALSE. Only if it was received completely, and the constistency was successfully checked, it returns TRUE.
If there was an error, this is indicated by the additional output xError, which becomes TRUE only in this case.
If the parameter pUnsafeSRDO is NULL, the data is not fully checked for consistency, but only the SCT timing is checked. This way, an SCT expiration can be detected here, even if the caller didn’t receive anything, yet.
SCT Checks are only done when the SRDO is active. Inactive means, that the safety link is not up, yet. So when it’s inactive, we have no reference time to check against.
Generally the following checks are implemented:
Config SRDO not linked If the safe SRDO has no config linked to it, the following output is set: - result := FALSE - xError := TRUE - SRDO_STATE := INTERNAL_ERROR
SCT Timeout based on current time The last receive time of the SRDO is compared against the current system time, passed in the parameter dwCurrentTime. If the difference expires the configured SCT the following outputs are set: - result := FALSE - xError := TRUE - SRDO_STATE := SCT_TIMEOUT
SRVT Timeout based on current time If SRDO1 was already received, but SRDO2 not, yet, the SRVT is calculated as the difference between the recieve time of SRDO1 and the current time. If the SRVT expired, the following outputs are set: - result := FALSE - xError := TRUE - SRDO_STATE := SRVT_TIMEOUT
Sequence Consistency SRDO2 should be newer or equally old as SRDO1. Further more, the last receive time of the SRDOs has to be older than the current receive time of the SRDO. If this is not the case, the following outputs are set: - result := FALSE - xError := TRUE - SRDO_STATE := RECEIVE_ERROR
SRDO Header Consistency Check if: - the length is in a valid range between 1 and 8 - the length is equal between SRDO1 and SRDO2 - the cobIDs of SRDO1 and SRDO2 are matching the
configured cobIDs
If this is not the case, the following outputs are set: - result := FALSE - xError := TRUE - SRDO_STATE := DATA_ERROR
SRDO Data Consistency Check if the data of SRDO2 is the inverse equivalent of SRDO1. If it’s not, the following output is set: - result := FALSE - xError := TRUE - SRDO_STATE := DATA_ERROR
SCT Timeout The last receive time of the SRDO is compared against the currently checked SRDO. If the difference expires the configured SCT the following outputs are set: - result := FALSE - xError := TRUE - SRDO_STATE := SCT_TIMEOUT
SRVT Timeout The SRVT is calculated as the difference between the recieve time of SRDO1 and the receive time of SRDO2. If the SRVT expired, the following outputs are set: - result := FALSE - xError := TRUE - SRDO_STATE := SRVT_TIMEOUT
The following operation modes are implemented, doing the corresponding checks:
pUnsafeSRDO = 0 - SCT Timeout based on current time
SRDO1 or SRDO2 not fully received - SCT Timeout based on current time - SRVT Timeout based on current time
SRDO1 and SRDO2 fully received - Sequence Consistency - SRDO Header Consistency - SRDO Data Consistency - SCT Timeout - SRVT Timeout
- InOut:
Scope
Name
Type
Initial
Comment
Return
CheckReceivedSRDOBOOLInput
dwCurrentTimeDWORDTimestamp of current time (used for checking timing conditions)
pUnsafeSRDOPOINTER TO CST.SRDO_DATA
Pointer to unsafe SRDO; null if only SCT should be checked
pSafeSRDOPOINTER TO CST.SAFE_SRDO_RECEIVED
Pointer to SRDO in safe SRDO buffer
Output
xErrorBOOLTRUE
returns true if error occured; Note: In error case CheckTxSRDO always returns false.