8.2 Critical Variable

Some of the variables are critical to the application operating correctly. There are redundant copies of the variables to ensure they remain uncorrupted. If a malfunction causes one of the variables to mismatch, the system treats this as a system failure.

There are three variables this applies to – the system state variable (sysState) in fusa.c, alarmLowVal (SENSOR.c) and alarmHighVal (SENSOR.c). Since alarmLowVal and alarmHighVal are values that change simultaneously, only the XOR of these two values is stored. If one of the values changes, the computed XOR will mismatch and trigger a system failure alarm.