Safety features
Lynx implements multiple functions to enhance operational safety.
safetyopts Parameter
This bitwise parameter controls the enabling/disabling of safety features.
Disarming Block
The built-in safety system monitors various inputs and can disable the accelerator signal path (before entering the driver) and cruise function when safety risks are detected. This ensures the motor won't accelerate from accelerator input and cruise remains deactivated during potential safety risks. The system structure is illustrated below.
Disarm Reasons
Various sources can trigger safety risk conditions, resulting in device disarming. The following list details potential sources:
- Positive values: Device will recover from disarm state
- Negative values: Device remains disarmed until reboot
disarm_reason value | Description |
|---|---|
| 0 | Device armed |
| 1 | Initial state after device boot |
| 2 | Accelerator signal (sig_acc) is NaN |
| 10 | Seat switch activated |
| 11 | Reverse activation disarm |
| 12 | Map change disarm (mapopts&4) |
| 13 | BMS state disarm (undervoltage and others) |
| 14 | BMS charging indication |
| 15 | BMS error |
| 16 | Device shutdown in progress |
| 17 | Identrun in progress |
| 18 | Accelerator signal (sig_acc) NaN - permanent disarm (safetyopts&1) |
| 19 | Geofence message timeout |
| 20 | Geofence message disarm command |
| 21 | Driver error state |
| 23 | Step-up charging active |
| 24 | Device in slave configuration |
| 25 | Accelerator disarm braking (drvopts&128) |
| 26 | Brake signal (sig_brake) NaN (safetyopts&2) |
| 27 | Brake signal disarm !(drvopts&1) |
| 28 | Driver override |
| 29 | Device locked |
While most input reactions are hardcoded, the disarming block can be customized through the safetyopts, drvopts, and mapopts parameters.