/** * @file safety_manager.h * @brief Safety Manager — hill-hold, auto-apply, drive-away assist. * * @arch SWA-001 * @reqs SWE-007 SWE-008 SWE-009 SWE-010 SWE-011 SWE-012 * * ASIL: D. * * State Machine: * IDLE --(engine_off & v<0.5 & !APPLIED)--> AUTO_APPLY_ARMED * AUTO_APPLY_ARMED --(40 * 50ms = 2s)--> AUTO_APPLY_TRIGGERED * AUTO_APPLY_TRIGGERED --(state==APPLIED)--> IDLE * * IDLE --(grade>5% & v<0.5 & brake)--> HILL_HOLD_ARMED * HILL_HOLD_ARMED --(!brake)--> HILL_HOLD_ACTIVE * HILL_HOLD_ACTIVE --(v>2 km/h | state==APPLIED)--> IDLE * * IDLE --(APPLIED & gas>10% & gear_drive & engine & door & belt)--> DRIVE_AWAY * DRIVE_AWAY --(state==RELEASED|RELEASING)--> IDLE */ #ifndef SAFETY_MANAGER_H #define SAFETY_MANAGER_H #include "epb_types.h" typedef enum { SAFETY_IDLE = 0, SAFETY_HILL_HOLD_ARMED = 1, SAFETY_HILL_HOLD_ACTIVE = 2, SAFETY_AUTO_APPLY_ARMED = 3, SAFETY_AUTO_APPLY_TRIGGERED = 4, SAFETY_DRIVE_AWAY = 5 } SafetyState; typedef struct { bool engine_running; bool brake_pedal_pressed; float vehicle_speed_kmh; float grade_percent; EpbState current_state; /* from Apply Controller */ /* Drive-Away Assist Inputs (SWE-011, SWE-012) */ float gas_pedal_percent; /* 0..100 */ bool gear_in_drive; /* forward or reverse */ bool door_closed; /* driver door */ bool seatbelt_fastened; /* driver seatbelt */ } SafetyInputs; /* Thresholds as constants, so tests can access them. */ #define SAFETY_AUTO_APPLY_DELAY_50MS 40U /* 40 * 50ms = 2.0 s */ #define SAFETY_STANDSTILL_KMH 0.5f #define SAFETY_RELEASE_KMH 2.0f #define SAFETY_HILLHOLD_GRADE_PCT 5.0f #define SAFETY_DRIVE_INTENT_GAS_PCT 10.0f /* Throttle > 10% = drive-away intent */ EpbStatus safety_mgr_init(void); void safety_mgr_step_50ms(const SafetyInputs* in); bool safety_mgr_apply_requested(void); bool safety_mgr_release_requested(void); /* Drive-Away Assist */ SafetyState safety_mgr_get_state(void); #endif /* SAFETY_MANAGER_H */