Software Organization

The firmware uses Zephyr to handle Threads and Interrupts.

See zephyr documentation for general OS Feature Documentation.

Hold "Alt" / "Option" to enable pan & zoom

flowchart TD
    subgraph MainThread
        direction TB
        A8[Main Loop]
        A8a[FSM]
        A8b[Input Update]
        A8c[Error Evaluation]
        A8d[Statistic Update]
        A8 --> A8a
        A8 --> A8b
        A8 --> A8c
        A8 --> A8d
        A6[Cyphal Registry]
        A3[Usage Statistic Instance]

        subgraph CyphalInstance
            D1[Heartbeat Thread]
            D2[PnP Thread]
            D3[DFU Thread]
            D4[TX Thread]
            D5[RX Thread]
            D6["Cyphal Services (Callbacks)"]
            D6a[File Access]
            D6b[Register Access]
            D6c[Execute Command]
            D6d[GetInfo]
            D7[Diagnostic Record Publish]
            D5 --> D6
            D6 --> D6a
            D6 --> D6b
            D6 --> D6c
            D6 --> D6d
            D6 --> D6e
        end

        subgraph AnalogThread
            B1[Sensor Sampling Loop]
        end

        subgraph CyphalPublishThreads
            C1[BMS Data Publish]
            C2[Analog Publish]
        end
    end


    subgraph Workqueue
        E1[Watchdog Feed Loop]
        D4a[TimeSync Publish Loop]
    end

    MainThread --> Workqueue
    CyphalInstance --> Workqueue
    A6 --> |is used by| CyphalInstance
    CyphalPublishThreads ---> |uses| CyphalInstance

Zephyr OS has threads for

• Kernel Workqueue
  • Custom Tasks can be appended with specific timeouts
• Logging
• Drivers
  • custom LED driver updates LED states (e.g. for blinking effects)
• Idle (lowest priority, default OS feature)

The firmware application adds threads for

• Main application (sleeps for fixed time amount)
  • initialization of other threads and main components
• Analog sampling (sleeps for sampling period)
• Cyphal RX (using Zephyr MessageQueue + timeout)
• Cyphal TX (waiting for a Semaphore to take + timeout)
• Cyphal Heartbeat (sleeps for fixed interval)

• Cyphal DFU (spawns dynamically, using local Zephyr MessageQueue)

• Cyphal PnP (using Zephyr timeout and Zephyr MessageQueue)

• BMS Cyphal BMSData/Engage Publish (sleeps for sampling period)
• BMS Cyphal Analog Publish (sleeps for sampling period)

Interrupts are used by

• Several Zephyr Drivers
  • Input handle for Button (DTS defined)
• custom events like SCP

Workqueue tasks are generated by

• Cyphal image verification after DFU (executed once, 10s delay)
• Cyphal ExecuteCommand for system restart (allows return of ExecuteCommand response + logging)
• Cyphal ExecuteCommand for LED control (delayed write of LED at specific timepoint)
• Cyphal TimeSync (publish if this node is time master)
• Cyphal Callback for registry change -> NodeID set (allows return of registry access response)

• FileSystem Library for flash store operations

• SCP interrupt (delayed logging)

• Latch pin reset
• Cell balancing deactivation from Analog Thread (disable after timeout)
• Watchdog feed (periodically, spawned in main)
• BMS UsageMonitor analog + status data copy (periodically, spawned in main)
• Main initialization process (delayed init, interrupted/rescheduled workqueue tasks)

Bootloader: MCUBoot compatible image

This section applies if the device already has the MCUBoot bootloader and you want to either compile and flash an MCUBoot-compatible application to the primary slot (chain-loaded by the MCUBoot) or compile the application for the secondary slot. The Kconfig option CONFIG_BOOTLOADER_MCUBOOT=y in the conf/common.conf file enables this feature.

The flash partition layout is required to have:

• boot_partition: required by the MCUBoot
• slot0_partition: for primary image
• slot1_partition: for secondary image

Signing the application

The CONFIG_MCUBOOT_GENERATE_UNSIGNED_IMAGE=y option disables the use of cryptographic signatures for image verification instead only calculates the hash value (SHA256) of the image and stores in the TLV section.