EV.4.6 Brake System Encoder

EV.4.6 Brake System Encoder - BSE

Refer to T.4.3 for specific requirements of the BSE

Rules Reference - T.4.3

T.4.3 Brake System Encoder - BSE

T.4.3.1 The vehicle must have a sensor or switch to measure brake pedal position or brake system pressure

T.4.3.2 The BSE must be able to be checked during Technical Inspection by having one of:

A separate detachable connector(s) for any BSE signal(s) to the main ECU without affecting any other connections
An inline switchable breakout box available that allows disconnection of each BSE signal(s) to the main ECU without affecting any other connections

T.4.3.3 The BSE or switch signals must be sent directly to a controller using an analogue signal or via a digital data transmission bus such as CAN or FlexRay

Any failure of the BSE or BSE wiring that persists more than 100 msec must be detectable by the controller and treated like an implausibility and power to the (IC) electronic throttle / (EV) Motor(s) must be immediately stopped completely.

(EV only) It is not necessary to completely deactivate the Tractive System, the motor controller(s) stopping power to the motor(s) is sufficient.

T.4.3.4 When an analogue signal is used, the BSE sensors will be considered to have failed when they achieve an open circuit or short circuit condition which generates a signal outside of the normal operating range, for example <0.5 V or >4.5 V.

The circuitry used to evaluate the sensor must use pull down or pull up resistors to ensure that open circuit signals result in a failure being detected.

T.4.3.5 When any kind of digital data transmission is used to transmit the BSE signal:

a. The ETC Systems Form must contain a detailed description of all the potential failure modes that can occur, the strategy that is used to detect these failures and the tests that have been conducted to prove that the detection strategy works.

b. The failures modes must include but are not limited to the failure of the sensor, sensor signals being out of range, corruption of the message and loss of messages and the associated time outs.

c. In all cases a sensor failure must immediately shutdown power to the motor(s).

The above set of T.4.3 rules provides insight on the Brake System Encoder, which detects and measures input to determine information about the braking system. This encoder must be accessible for troubleshooting during Technical Inspection, and be interpreted by a controller which uses a threshold check to determine failure modes. Each section of this ruleset is elaborated upon as follows:

T.4.3.1 defines the BSE as a sensor or switch used to measure either the position of a brake pedal, or the pressure of the brake system.

Synopsis - Pedal Postion Sensor

In the case of a pedal position sensor, the component is usually located near the brake pedal arm or bracket. Its primary function is to detect the position of the brake pedal—whether it is at rest or depressed. There are several types of brake pedal position sensors, but a common type is a mechanical switch. When the brake pedal is not pressed, a spring or mechanical linkage keeps the switch in the open position. When the brake pedal is depressed, it pushes a plunger or lever on the sensor, causing it to close the electrical circuit. When the switch closes upon pressing the brake pedal, it completes an electrical circuit. This change in circuit status is detected by the vehicle’s electronic control unit (ECU) or brake control module.

Synopsis - Brake Pressure Sensors

The brake pressure sensors, however, are typically integrated into the brake hydraulic system, often near the master cylinder, or in some designs, specific brake calipers or wheel cylinders. The sensor operates on the principle of strain gauge technology. Sensors generate an electrical charge when subjected to mechanical stress (in this case, hydraulic pressure). Strain gauge sensors measure changes in resistance when subjected to mechanical stress. When the driver presses the brake pedal, hydraulic pressure is generated within the brake system. This pressure is transmitted to the brake pressure sensor. The sensor converts the hydraulic pressure into an electrical signal. The magnitude of the electrical signal corresponds to the pressure applied within the brake system.

Photo - Dual-Inline-Package

T.4.3.2 requires that the sensor must be able to be electrically isolated for troubleshooting and testing during the Technical Inspection. This can be achieved by using either a detachable connector that physically unplugs the sensor, or a breakout box which often uses a dual-inline-package (DIP) switch to isolate the signal from the Electronic Control Unit (ECU).

T.4.3.3 requires that the signals from the BSE or switch be sent to an Electronic Control Unit (ECU) using either analog or digital signal. In our case, the Controller is a Teensy2.0++ which is directly connected to our potentiometers. By requiring this direct connection, teams are prevented from routing to potentially unsafe user-made communication lines. This rule also requires that more than 100 milliseconds of any failure mode be met with an immediate loss of power to the EV Motor(s) and be treated as an implausibility, so as to ensure the vehicle is not operating outside of the driver's control. Furthermore, this loss of power does not need to come as a result of opening the Shutdown Circuit, which essentially allows for it to be carried out as a software-based function within a motor controller or Electronic Control Unit (ECU).

Graphic - Signal Calibration

T.4.3.4 addresses analog signals, requiring that the BSE sensors reach a fail condition if an open or short is detected which causes a signal to be read outside of the voltage threshold. It is reasonable to allow for calibration errors in this scenario, and also a good idea to set the 0% pedal position equal to a value greater than 0V.

If both of these are instituted, it will be easier to detect an open circuit fault before low voltage is powered, because the ground reference will be out of bounds. This is called a Live Zero State. Furthermore, allowing for minor errors (10% error total, 5% upper and 5% lower bounds) reduces the risk of false fault detection.

In order to detect the open circuit signals, we are required to use Pull-Type Resistors.

But what are Pull-Type Resistors?

Schematic - Pull-Type Resistors

Pull-up resistors are resistors which are used to ensure that a wire is pulled to a high logical level in the absence of an input signal, whereas pull-down resistors are resistors which are used to ensure that a wire is pulled to a low logical level in the absence of an input signal.

Pull-up and pull-down resistors are often used when interfacing a switch or some other input with a micro-controller or other digital gates. They provide a controlled current flow into a resistive sensor prior to analog to digital conversion of the sensor output voltage signal.

Table - Failure Modes

T.4.3.5 refers to digital data transmission, and requires that the Electronic Throttle Control (ETC) Systems Form contain a Failure Mode and Effects Analysis (FMEA). As per T4.3.5.a, A form is provided by Formula SAE Online to guide these analyses, but ultimately the potential failures, methods of detecting failures, and tests that justify that these methods work should be documented in-depth for troubleshooting in crisis.

Spreadsheet - FMEA and ETC Template

2022_ETC_FMEA_Template_(2).xls

T.4.3.5.b defines a few common modes of failure which must be considered, being an internal failure of the brake sensor, brake sensor signals being out of the voltage threshold, corruption of the serial communication message, or loss of messages and the associated time out messages. Further error considerations need to be made for each team's specific system.

Beyond that, T.4.3.5.c reiterates the point made by T.4.3.3 that cases of sensor failure must result in a shutdown of power to the motor (but don't need to open the shutdown circuit).

Last Rule in this Section

Next Rule in this Section

Page updated

Report abuse