Fault Manager

Priority-based fault reporting with latching, retry, and degrade mode.

Header: core/ecu_fault.h

enum ecu_fault_severity_t

Fault severity levels (ascending priority).

Values:

enumerator FAULT_SEV_INFO: Informational — logged only.

enumerator FAULT_SEV_WARNING: Warning — triggers degrade mode.

enumerator FAULT_SEV_CRITICAL: Critical — latched, requires shutdown.

enumerator FAULT_SEV_FATAL: Fatal — immediate safe shutdown.

enum ecu_fault_action_t

System-level action required by a fault.

Values:

enumerator FAULT_ACTION_NONE: No action required.

enumerator FAULT_ACTION_DEGRADE: Reduce power / limit RPM.

enumerator FAULT_ACTION_SHUTDOWN: Initiate safe shutdown sequence.

void ecu_fault_init(ecu_fault_mgr_t *mgr)

Initialise the fault manager.

Parameters:

mgr – [out] Fault manager context.

void ecu_fault_report(ecu_fault_mgr_t *mgr, uint16_t code, ecu_fault_severity_t severity, ecu_fault_action_t action, ecu_time_t now)

Report a fault.

Parameters:

mgr – [inout] Fault manager context.
code – [in] Fault code.
severity – [in] Severity level.
action – [in] Required action.
now – [in] Current timestamp (ms).

void ecu_fault_clear(ecu_fault_mgr_t *mgr, uint16_t code)

Clear a non-latched fault.

Parameters:

mgr – [inout] Fault manager context.
code – [in] Fault code to clear.

ecu_fault_action_t ecu_fault_get_action(const ecu_fault_mgr_t *mgr)

Get the highest-priority action required.

Parameters:

mgr – [in] Fault manager context.

Returns:

Highest action across all active faults.

bool ecu_fault_is_active(const ecu_fault_mgr_t *mgr, uint16_t code)

Check whether a specific fault is active.

Parameters:

mgr – [in] Fault manager context.
code – [in] Fault code.

Returns:

true if active.

int ecu_fault_count(const ecu_fault_mgr_t *mgr)

Get the number of active faults.

Parameters:

mgr – [in] Fault manager context.

Returns:

Active fault count.

bool ecu_fault_try_retry(ecu_fault_mgr_t *mgr, uint16_t code)

Attempt a retry for a retriable fault.

Parameters:

mgr – [inout] Fault manager context.
code – [in] Fault code.

Returns:

true if a retry is permitted.

void ecu_fault_set_retries(ecu_fault_mgr_t *mgr, uint16_t code, uint8_t max_retries)

Set the maximum retry count for a fault code.

Parameters:

mgr – [inout] Fault manager context.
code – [in] Fault code.
max_retries – [in] Maximum retry attempts.

FAULT_MAX_ACTIVE: Maximum concurrently active faults.

FAULT_LOG_SIZE: Circular log capacity.

struct ecu_fault_t

#include <ecu_fault.h>

Single fault record.

Public Members

uint16_t code: Unique fault code.

ecu_fault_severity_t severity: Severity classification.

ecu_fault_action_t action: Required action.

ecu_time_t timestamp: Time of first report (ms).

bool latched: Cannot be cleared without reset.

bool active: Currently active.

uint8_t retry_count: Retries attempted so far.

uint8_t max_retries: Maximum allowed retries.

struct ecu_fault_mgr_t

#include <ecu_fault.h>

Fault manager context.

Public Members

ecu_fault_t active[16]: Active fault slots.

int active_count: Number of active faults.

ecu_fault_t log[32]: Circular fault log.

int log_head: Next write position in log.

int log_count: Total entries logged.

ecu_fault_action_t highest_action: Highest priority action needed.