CAN BUS Off Error Handling

20. March 2016 20:40 by Christian in
v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VM

CAN Bus Error Handling

Error handling is built into in the CAN protocol. Each node maintains two error counters: the Transmit Error Counter and the Receive Error Counter. Using the error counters, a CAN node can not only detect faults but also perform Error Confinement.

 

CAN Bus Error Detection Mechanisms

1. Bit Monitoring.

2. Bit Stuffing.

3. Frame Check.

4. Acknowledgement Check.

5. Cyclic Redundancy Check.

 

CAN Bus Error Confinement

 

The CAN bus is capable to distinguish between temporary erratic errors and continual erratic errors.

A node starts out in Error Active mode. When any one of the two Error Counters raises above

127, the node will enter a state known as Error Passive and when the Transmit Error Counter raises above 255, the node will enter the Bus Off state.

 

Error Active              node will transmitActive Error Flags when it detects errors.

Error Passive            node will transmit Passive Error Flags when it detects errors.

Bus Off                      node is disabled from transmit/receive operations.

 

Transmit errors give 8 error points

Receive errors give 1 error point

 

Correctly transmitted and/or received messages causes the counter(s) to decrease.

 

Whenever a node tries to transmit a message, if for whatever reason fails it will increases its Transmit Error Counter by 8 and transmits an Active Error Flag. Then it will attempt to retransmit the message, and if it fails will increment by 8 points the Transmit counter. Above 127 (i.e. after 16 attempts), this node goes Error Passive and from this moment it will transmit Passive Error Flags on the bus. A Passive Error Flag will not affect other bus traffic, the other nodes won’t hear the faulty node complaining about bus errors. However, the faulty node continues to increase its Transmit Error Counter and once above 255 it will go into Bus Off.

 

Error state of a node unit

Transmit error counter (TEC)

Receive error counter (REC)

Error active state

0 – 127

AND

0 – 127

Error passive state

128255

OR

128255

Bus off state

Minimum 256

 






For every active error flag that transmitted by a faulty node, the other nodes will increase their Receive Error Counters by 1. By the time that a faulty node goes Bus Off, the other nodes will have their Receive Error Counters below Error Passive limit (127). This count will decrease by one for every correctly received message the faulty node being in Bus off state.

 

 

 

Transmit/receive error counter change conditions

Transmit error counter (TEC)

Receive error counter (REC)

1

When the receive unit has detected an error, except when the receiveunit detected a bit error while it was sending an active-error flag or overload flag.

 

 

+1

2

When the receive unit has detected a dominant level in the firstbit that it received after sending an error flag.

 

 

+8

3

When the transmit unit has transmitted an error flag 1)

+8

4

When the transmit unit has detected a bit error while sending an active-error flag or overload flag

 

+8

 

5

When the receive unit has detected a bit error while sending an active-error flag or overload flag

 

 

+8

6

When any unit has detected a dominant level in 14 consecutive bits from the beginning of an active-error or an overload flag, and each time the unit has detecteda dominant level in 8 consecutive bits thereafter.

 

For a transmit unit

+8

 

Fora receive unit

+8

7

When any unit has detected a dominant level in additional 8 consecutive bits after a passive-error flag, and each time the unit has detected a dominant level in 8 consecutive bits thereafter.

 

For a transmit unit

+8

 

Fora receive unit

+8

8

When the transmit unit has transmitted a message normally (ACK returned and no errors detected until completion of EOF).

-1

±0 whenTEC = 0

 

9

When the receive unit has received a message normally (no errors detected untilACK slot and the unit was able to return ACK normally).

 

 

–1 when 1 REC 127

±0 when REC = 0

WhenREC > 127, a valuebetween 119 to 127 is set in REC

10

When  the unit  in  a  bus-off state  has detected  a  recessive  level in 11 consecutive bits 128 times.

Cleared to TEC =0

Cleared to REC = 0

 

1) The transmit error counter does not change in the following cases:

  •  When the transmit unit while in an error-passive state has detectedan ACK error for reasons that ACK was not detected and has detected no dominant levelswhile sending a passive-error flag.
  • When the transmit unit has encountered a stuffing error during arbitration (dominant level is detected although it transmitted a recessive level as bit stuffing).

 

CAN Bus Failure Modes (ISO 11898)

 

1. CAN_H interrupted (a)

2. CAN_L Interrupted (a)

3. CAN_H shorted to battery voltage (a)

4. CAN_L shorted to ground (a)

5. CAN_H shorted to ground (a)

6. CAN_L shorted to battery voltage (a)

7. CAN_L shorted to CAN_H wire (b)

8. CAN_H and CAN_L interrupted at the same location (c)

9. Loss of connection to termination network (a)

 

Expected behavior:

  • a)    bus survives with a reduced S/N ratio
  • b)    bus survives with a reduced S/N ratio (optional)
  • c)    the resulting subsystem survives

 

Whenever a CAN Tx error count reaches 255, a node will turn bus off and potentially reset itself. A good implementation will not continue resetting a node if the problem persists. In addition to this safety mechanism, ECU's (electric control units) evaluates the duration between valid transmissions of the messages they expect to receive. Therefore, if the engine controller goes offline, nearly every ECU in the vehicle will report "Lost Communication with the Engine Controller." Typically, these type of CAN problems are identified by DTC's (diagnostic trouble codes). Depending on the severity of the issue, the vehicle might enter a "limp home" mode, or might be totally disabled. Limp-home mode is the condition when all the ECUs fail in the car network. A set of default parameters are initialized and your car can continue running only for some time before it is properly serviced by the OEM.

 

A CAN bus node (ECU) automatically goesbus on after 128 x 11 bits, which is the equivalent for 128 messages.

The 11 bits is the recessive time between messages so even in a 100% loaded bus, a bus off node will go bus on again.

 

Accordingly with ISO 11898, “a node can start the recovery from «bus-off» state only upon a user request”; it can be the ECU software or the CAN bus controller, to avoid a complete soft CPU reset. The ability to select between auto-recovery andmanual recovery is CAN bus controller implementation defendant.

 

Scenario: Rx channel is damaged on Node 1 and rejects messages from Node 2. As result Node 2 will gobuss off, then it auto-recovers, then immediately Node 1 reject messages collapsing the whole communication. The automotive industry does not encourages the auto-bus-on feature.

 

Name

Baud rate

Specification

Application field

SAE J1939-11

250k

Two-wire shielded twisted pair

Truck, bus

SAE J1939-12

250k

Two-wire shielded twisted pair12 V supply

Agricultural machine

SAE J2284

500k

Two-wire twisted pair (non-shielded)

Automobile

(high-speed: power train system)

SAE J2411

33.3k, 83.3k

One-wire

Automobile (low-speed: body system)

NMEA-2000

62.5k, 125k, 250k, 500k,1M

Two-wire shielded twisted pair Power supply

Ship

DeviceNet

125 k, 250 k, 500 k

Two-wire shielded twisted pair24 V supply

Industrial equipment

CANopen

10k, 20k, 25k, 50k, 125k

250k, 500k, 800k, 1M

Two-wire twisted pair

Optional (shielded, power supply)

Industrial equipment

SDS

125k, 250k, 500k, 1M

Two-wire shielded twisted pairOptional (power supply)

Industrial equipment

 

Class

Communication speed

Purpose of use

Application range

CAN

Other protocols

Class A

Up to 10 kbps

(body system)

Lamp and light

Power window

Door lock

Power sheet

Keyless entry, etc.

Low-speed

 

 

 

 

 

High-speed

Each carmaker’s

original protocol

LIN

Class B

10 kbps to 125 kbps

(status information system)

Electronic meter

Drive information

Auto air-conditioner

Failure diagnosis, etc.

J1850

VAN

Class C

125 kbps to 1 Mbps

(real time control system)

Engine control

Transmission control

Brake control

Suspension control, etc.

Safe-by-Wire

Class D

5 Mbps and over (multimedia)

Car navi,

Audio

by-Wire, etc.

 

D2B optical

MOST

IEEE 1394

FlexRay


Christian Rosu
Comments are closed