Failsafes

Rover supports three failsafe mechanisms as described below.

Radio Failsafe (aka Throttle Failsafe)

../_images/rover-failsafe-rc.jpg

This failsafe is triggered if the connection between the user’s transmitter and the receiver on the vehicle is lost for at least FS_TIMEOUT seconds.

  • the loss of transmitter/receiver connection is detected by:
    • no signals being sent from the receiver to the autopilot board OR
    • the throttle channel (normally input channel 3) value falling below the FS_THR_VALUE parmeter value
  • set FS_THR_ENABLE to “1” to enable this failsafe
  • if FS_ACTION is “1”, the vehicle will RTL to home, if “2” the vehicle will Hold
  • once the transmitter/receiver connection is restored, the user may use the transmitter’s mode switch to re-take control of the vehicle in Manual (or any other mode)

GCS Failsafe (aka Telemetry Failsafe)

This failsafe is triggered if the vehicle stops receiving heartbeat messages from the ground station for at least FS_TIMEOUT seconds.

  • set FS_GCS_ENABLE to “1” to enable this failsafe
  • if FS_ACTION is “1”, the vehicle will RTL to home, if “2” the vehicle will Hold
  • use the transmitter’s mode switch to re-take control of the vehicle in Manual (or any other mode)

Crash Check

If enabled by setting the FS_CRASH_CHECK parameter to “1” (for Hold) or “2” (for Hold and Disarm) this failsafe will switch the vehicle to Hold and then (optionally) disarm the vehicle if all the following are true for at least 2 seconds:

  • the vehicle is in Auto, Guided, RTL or SmartRTL mode
  • velocity falls below 0.08m/s (i.e. 8cm/s)
  • the vehicle is turning at less than 4.5 deg/s
  • demanded throttle to the motors (from the pilot or autopilot) is at least 5%