Kill Switch / Safety

/in /by

Written by: Fabian Suske

Edited and Approved by: Carolina Barrera

Table of Contents

Intro:

In order to fulfill the L2-12 subsystem requirement “Safety/Kill switch” a test has been carried out. This test followed the Verification and Validation Test Plan.

 

Test Objective:

The test criteria that needs to be tested in this inspection is the following:

 

“Test Objective:  To successfully verify the L2-12 (Safety) requirement, the Prosthetic Arm shall implement an electronic kill switch allowing the user to shut-off the system in case of an emergency “[1]

 

Before the MCU is integrated, a basic functionality test has to be carried out.

Test Method

The test was set up in the following way:

  • Power supply
  • PCB
  • Teensy
  • C Algorithm to control the enable pin

The PCB was hooked up to the power supply. The Enable jumper was shorted, and the system powered up. When the jumper is removed, the power in the PCB should shutdown.

Afterwards the MCU should be able to control the Enable pin.

The Teensy MCU was connected to the PCB. Once connected, the PCB was powered up. The MCU sends a high signal to the Enable Pin of the 14-12V LDO. Upon the successful reading of the high signal, the Enable Jumper was removed. Setting the Enable pin to low the power should cause the LDO to turn OFF.

 

Test Conclusion:

The first test was performed successfully. When the Enable Pin was shorted, the LDO provided power to all subsystems and Power was available on the 12V and 5V outputs. Once the jumper was removed, the power in the outputs dropped, and the system works as designed. An oscilloscope was hooked up to the PCB to measure the performance of the power off.

The following time was measured:

  • Reaction time of the LDO
  • Shutdown time
  • Total time of shutdown

The time after the Enable signal drops (the reaction time- blue/Ch3) until the Voltage drops(green/CH2) obtained in the measurements was 4ms roughly.

The shutdown time -the time it takes the system to drop from 12 to 0V, was measured, and 5ms were obtained.

The total time of shutdown was calculated as the sum of the two previous times. Hence, it can be concluded that the system shuts down completely 9ms after the Enable was set to low.

 

After this, a second test was performed. In order to control the Enable pin through software, the MCU was connected to the PCB, but in this part of the testing we had the PCB behaving unusual.

When the MCU was connected to the board, and the Enable jumper was removed from the board, the system stayed ON. Another option to shut the system down was to force the output in the Enable pin to low, but that didn’t work either. After a couple of tries, the MCU was not programmable anymore. It’s unclear up to this point what could have occasioned the malfunction. Probably the Pin design to pull the Enable pin down was shorted to 12V by accident. As a result, the MCU fried, and was left inoperable.

In conclusion, the Hardware implementation of this power off works. When the MCU was introduced to control, the action of powering off the system didn’t do what it was supposed to, and a short might have left the MCU broken presumably. Therefore, the test failed but it was still completed around 50%.

Resources

[1] https://drive.google.com/drive/folders/0B3qlnfB-grPcVzJOTTZyemZ2R3c