On 4/29/20 6:46 PM, Lee Hart via EV wrote:
Peri Hartman via EV wrote:
- Is it a safety system, there to prevent damage and fires?
(battery SAFETY system)
Doesn't matter. It can still be handled by a poll from a master.
For this to work, both the master and all the slaves have to be
working. No failures. In a bus system (USB, CANbus, etc.) any failed
device takes out the entire system.
Actually not correct. CAN BUS works if a unit fails - UNLESS that unit
is blasting data on the bus.
In any case, if the bus fails, then system must stop.
In regard to your three example flavors, it seems that for a robust BMS
each individual cell monitor must do all three.
Yes. Most likely, there will be separate circuits for each, so one
failure doesn't take them all out.
Redundancy is a nice-to-have feature, but overkill for this purpose. If
you have a major failure that takes out the bus, then it is common sense
to stop the system.
I'm out of my domain here, but can't balancing be handled by checking
cell voltage?
Measuring cell voltage only tells you that there might be a problem.
It doesn't correct the problem, or even tell you what to do about it.
The fashionable way to balance is by switching a resistor (or some
equivalent) across the cells if they get high while charging. There
are issues with this, but it's generally the cheap way to do it. This
is the "balancing" part of the three. Common failures here are a) the
load didn't switch on when it should have, b) it didn't turn off when
it should have, c) the charger didn't cut back, so it overwhelms the
resistor and the cell overcharges anyway, d) the cells are too far out
of balance for a small resistor to correct, e) insuring that the
resistors aren't overheating due to excessive on-time.
Top-balancing works, but only if the cells were close to SoC in the
first place.
Where measuring cell voltage is useful is doing long-term analysis - and
this is done by a human (typically), using stored data over months of
collection. This is how you would determine that a cell is dying -
before it becomes a problem.
What needs to be done for safety?
The safety circuits need to detect these failures, stop the charger
(and driving, if regen could occur), and alter the driver that there's
a problem that must be fixed.
Besides these, it needs to watch for other failure modes. Things like
excessively high or low cell temperatures, excessively high or low
voltages, loose terminals (such as by high terminal temperatures), and
ground faults.
The safety circuits also need to be fail-safe. If something goes wrong
with them, they *shut down* the vehicle rather than let you keep
driving it unprotected.
Lee Hart
Completely agree with you, Lee.
I used the Elithion system for my first iteration of CALB battery pack.
I LOVED the data gathering aspect, but HATED the communication failures
that were all too common.
I then switched to the miniBMS, and it covered all of my needs - EXCEPT
for data gathering.
Both systems covered the safety aspects, just had different approaches
to how communication needed to work.
Elithion - RS232, miniBMS - open a circuit in case of trouble.
If we are to create a new system, we could definitely provide the data
monitoring as well as safety monitoring - as long as we are using a
robust communication transport. For me, that's either CAN BUS or
100BaseT1. Both are well proven in automotive environments.
Cheers, Peter
_______________________________________________
UNSUBSCRIBE: http://www.evdl.org/help/index.html#usub
ARCHIVE: http://www.evdl.org/archive/index.html
INFO: http://lists.evdl.org/listinfo.cgi/ev-evdl.org
Please discuss EV drag racing at NEDRA (http://groups.yahoo.com/group/NEDRA)
