From b6c78ca3f24a55c513f5e93559bec76e54e4c57c Mon Sep 17 00:00:00 2001 From: ttechnick Date: Tue, 7 Apr 2026 15:41:52 +0200 Subject: [PATCH 1/4] feat(failure_detector): unite motorfailure offsets --- docs/en/config/safety.md | 8 ++++---- .../HealthAndArmingChecks/checks/escCheck.cpp | 4 ++-- .../HealthAndArmingChecks/checks/escCheck.hpp | 3 +-- .../HealthAndArmingChecks/esc_check_params.yaml | 17 +++-------------- 4 files changed, 10 insertions(+), 22 deletions(-) diff --git a/docs/en/config/safety.md b/docs/en/config/safety.md index b3b8b3c3d751..d7ad1ded117c 100644 --- a/docs/en/config/safety.md +++ b/docs/en/config/safety.md @@ -320,16 +320,16 @@ Motor failures are non-latching: if the failure condition clears, the failure is The undercurrent and overcurrent conditions are defined by: ```text -undercurrent: {esc current} < {MOTFAIL_C2T} * {motor command [0,1]} - {MOTFAIL_LOW_OFF} -overcurrent: {esc current} > {MOTFAIL_C2T} * {motor command [0,1]} + {MOTFAIL_HIGH_OFF} +undercurrent: {esc current} < {MOTFAIL_C2T} * {motor command [0,1]} - {MOTFAIL_OFF} +overcurrent: {esc current} > {MOTFAIL_C2T} * {motor command [0,1]} + {MOTFAIL_OFF} ``` | Parameter | Description | | ----------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [FD_ACT_EN](../advanced_config/parameter_reference.md#FD_ACT_EN) | Enable/disable the motor failure trigger completely. | | [MOTFAIL_C2T](../advanced_config/parameter_reference.md#MOTFAIL_C2T) | Slope between normalized motor command [0–1] and expected steady-state current (FD_ACT_MOT_C2T at 100%) (A/%). | -| [MOTFAIL_LOW_OFF](../advanced_config/parameter_reference.md#MOTFAIL_LOW_OFF) | Undercurrent detection threshold offset (A). Subtracted from the expected current to form the lower bound. | -| [MOTFAIL_HIGH_OFF](../advanced_config/parameter_reference.md#MOTFAIL_HIGH_OFF) | Overcurrent detection threshold offset (A). Added to the expected current to form the upper bound. | +| [MOTFAIL_OFF](../advanced_config/parameter_reference.md#MOTFAIL_OFF) | Under/over-current detection threshold offset (A). Subtracted from the expected current to form the lower bound. | + | | [MOTFAIL_TIME](../advanced_config/parameter_reference.md#MOTFAIL_TIME) | Hysteresis time (s) for which the current threshold must remain exceeded before a motor failure is triggered. | | [CA_FAILURE_MODE](../advanced_config/parameter_reference.md#CA_FAILURE_MODE) | Configure to not only warn about a motor failure but remove the first motor that detects a failure from the allocation effectiveness which turns off the motor and tries to operate the vehicle without it until disarming the next time. | diff --git a/src/modules/commander/HealthAndArmingChecks/checks/escCheck.cpp b/src/modules/commander/HealthAndArmingChecks/checks/escCheck.cpp index 9fd5f76ede78..37e999e146bd 100644 --- a/src/modules/commander/HealthAndArmingChecks/checks/escCheck.cpp +++ b/src/modules/commander/HealthAndArmingChecks/checks/escCheck.cpp @@ -250,8 +250,8 @@ uint16_t EscChecks::checkMotorStatus(const Context &context, Report &reporter, c thrust = fabsf(actuator_motors.control[actuator_function_index]); } - bool current_too_low = current < (thrust * _param_motfail_c2t.get()) - _param_motfail_low_off.get(); - bool current_too_high = current > (thrust * _param_motfail_c2t.get()) + _param_motfail_high_off.get(); + bool current_too_low = current < (thrust * _param_motfail_c2t.get()) - _param_motfail_off.get(); + bool current_too_high = current > (thrust * _param_motfail_c2t.get()) + _param_motfail_off.get(); _esc_undercurrent_hysteresis[i].set_hysteresis_time_from(false, _param_motfail_time.get() * 1_s); _esc_overcurrent_hysteresis[i].set_hysteresis_time_from(false, _param_motfail_time.get() * 1_s); diff --git a/src/modules/commander/HealthAndArmingChecks/checks/escCheck.hpp b/src/modules/commander/HealthAndArmingChecks/checks/escCheck.hpp index 74f9a56d9d9b..ab7a2986c287 100644 --- a/src/modules/commander/HealthAndArmingChecks/checks/escCheck.hpp +++ b/src/modules/commander/HealthAndArmingChecks/checks/escCheck.hpp @@ -76,6 +76,5 @@ class EscChecks : public HealthAndArmingCheckBase (ParamBool) _param_fd_act_en, (ParamFloat) _param_motfail_c2t, (ParamFloat) _param_motfail_time, - (ParamFloat) _param_motfail_low_off, - (ParamFloat) _param_motfail_high_off); + (ParamFloat) _param_motfail_off); }; diff --git a/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml b/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml index a1170bc59277..b92453cc3cf7 100644 --- a/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml +++ b/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml @@ -26,21 +26,10 @@ parameters: unit: A/% decimal: 2 increment: 1 - MOTFAIL_LOW_OFF: + MOTFAIL_OFF: description: - short: Undercurrent motor failure limit offset - long: threshold = FD_ACT_MOT_C2T * thrust - FD_ACT_LOW_OFF - type: float - default: 10.0 - min: 0 - max: 30 - unit: A - decimal: 2 - increment: 1 - MOTFAIL_HIGH_OFF: - description: - short: Overcurrent motor failure limit offset - long: threshold = FD_ACT_MOT_C2T * thrust + FD_ACT_HIGH_OFF + short: Under/over-current motor failure limit offset + long: threshold = FD_ACT_MOT_C2T * thrust - FD_ACT_OFF type: float default: 10.0 min: 0 From 7c37755d2ae52a3ce08054cf6979af5b6284bc7b Mon Sep 17 00:00:00 2001 From: Nick <145654544+ttechnick@users.noreply.github.com> Date: Thu, 30 Apr 2026 08:57:06 +0200 Subject: [PATCH 2/4] Update docs/en/config/safety.md Co-authored-by: Hamish Willee --- docs/en/config/safety.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/config/safety.md b/docs/en/config/safety.md index d7ad1ded117c..8f204bd89ab9 100644 --- a/docs/en/config/safety.md +++ b/docs/en/config/safety.md @@ -314,7 +314,7 @@ The relevant parameters are shown below: ### Motor Failure Trigger -The failure detector can be configured to detect a motor failure while armed (and trigger an associated action) if the ESC current falls outside expected bounds for more than [MOTFAIL_TIME](#MOTFAIL_TIME) seconds. +The failure detector can be configured to detect a motor failure while armed (and trigger an associated action) if the ESC current falls outside expected threshold for more than [MOTFAIL_TIME](#MOTFAIL_TIME) seconds. Motor failures are non-latching: if the failure condition clears, the failure is cleared. The undercurrent and overcurrent conditions are defined by: From 587a936a1e91ef0894843364749fa4cafdd53232 Mon Sep 17 00:00:00 2001 From: Nick <145654544+ttechnick@users.noreply.github.com> Date: Thu, 7 May 2026 14:16:06 +0200 Subject: [PATCH 3/4] docs: update docs/en/config/safety.md Co-authored-by: Silvan Fuhrer --- docs/en/config/safety.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/config/safety.md b/docs/en/config/safety.md index a25546ad5f0c..63086749837f 100644 --- a/docs/en/config/safety.md +++ b/docs/en/config/safety.md @@ -353,7 +353,7 @@ overcurrent: {esc current} > {MOTFAIL_C2T} * {motor command [0,1]} + {MOTFAIL_O | ----------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [FD_ACT_EN](../advanced_config/parameter_reference.md#FD_ACT_EN) | Enable/disable the motor failure trigger completely. | | [MOTFAIL_C2T](../advanced_config/parameter_reference.md#MOTFAIL_C2T) | Slope between normalized motor command [0–1] and expected steady-state current (FD_ACT_MOT_C2T at 100%) (A/%). | -| [MOTFAIL_OFF](../advanced_config/parameter_reference.md#MOTFAIL_OFF) | Under/over-current detection threshold offset (A). Subtracted from the expected current to form the lower bound. | +| [MOTFAIL_OFF](../advanced_config/parameter_reference.md#MOTFAIL_OFF) | Under/over-current detection threshold offset (A). Added to the expected current to form the upper bound. Subtracted from the expected current to form the lower bound. | | | [MOTFAIL_TIME](../advanced_config/parameter_reference.md#MOTFAIL_TIME) | Hysteresis time (s) for which the current threshold must remain exceeded before a motor failure is triggered. | | [CA_FAILURE_MODE](../advanced_config/parameter_reference.md#CA_FAILURE_MODE) | Configure to not only warn about a motor failure but remove the first motor that detects a failure from the allocation effectiveness which turns off the motor and tries to operate the vehicle without it until disarming the next time. | From 32eea2083338a7590b2adb1b4cca9f91f16558a9 Mon Sep 17 00:00:00 2001 From: Nick <145654544+ttechnick@users.noreply.github.com> Date: Thu, 7 May 2026 14:16:45 +0200 Subject: [PATCH 4/4] docs: Update src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml Co-authored-by: Hamish Willee --- .../commander/HealthAndArmingChecks/esc_check_params.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml b/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml index b92453cc3cf7..09b77827d92b 100644 --- a/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml +++ b/src/modules/commander/HealthAndArmingChecks/esc_check_params.yaml @@ -29,7 +29,7 @@ parameters: MOTFAIL_OFF: description: short: Under/over-current motor failure limit offset - long: threshold = FD_ACT_MOT_C2T * thrust - FD_ACT_OFF + long: Check is triggered if `abs(FD_ACT_MOT_C2T * thrust - FD_ACT_OFF)` is above this value. type: float default: 10.0 min: 0