fly316/PX4-Autopilot
7
0
Fork 0
mirror of https://gitee.com/mirrors_PX4/PX4-Autopilot.git synced 2026-04-14 10:07:39 +08:00
Code Issues Packages Projects Releases Wiki Activity
PX4-Autopilot/docs/en/debug/failure_injection.md
Matthias Grob 2cae8ee797
Improve documentation for motor failure injection and detection (#25756) 
* failure_injection: improve previously vague motor faulure

Reading it again I decided adding the sentance in 4d2170c13ea4d42c5b0b464dbbcbb68fb098cbcc is not clear enough.

* docs/safety: add a motor failure detection paragraph

The functionality is in my eyes pretty basic but so far completely undocumented so I went through the code and added a paragraph based on questions I received.

* Subedit

* Apply suggestion from @hamishwillee

---------

Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
2025-10-15 11:05:33 +11:00

101 lines
4.2 KiB
Markdown
Raw Blame History

# System Failure Injection
System failure injection allows you to induce different types of sensor and system failures, either programmatically using the [MAVSDK failure plugin](https://mavsdk.mavlink.io/main/en/cpp/api_reference/classmavsdk_1_1_failure.html), or "manually" via a PX4 console like the [MAVLink shell](../debug/mavlink_shell.md#mavlink-shell).
This enables easier testing of [safety failsafe](../config/safety.md) behaviour, and more generally, of how PX4 behaves when systems and sensors stop working correctly.
Failure injection is disabled by default, and can be enabled using the [SYS_FAILURE_EN](../advanced_config/parameter_reference.md#SYS_FAILURE_EN) parameter.
:::warning
Failure injection still in development.
At time of writing (PX4 v1.14):
- Support may vary by failure type and between simulatiors and real vehicle.
- It requires support in the simulator.
It is supported in Gazebo Classic
- Many failure types are not broadly implemented.
In those cases the command will return with an "unsupported" message.
:::
## Failure System Command
Failures can be injected using the [failure system command](../modules/modules_command.md#failure) from any PX4 [console/shell](../debug/consoles.md) (such as the [QGC MAVLink Console](../debug/mavlink_shell.md#qgroundcontrol-mavlink-console) or SITL _pxh shell_), specifying both the target and type of the failure.
### Syntax
The full syntax of the [failure](../modules/modules_command.md#failure) command is:
```sh
failure <component> <failure_type> [-i <instance_number>]
```
where:
- _component_:
- Sensors:
- `gyro`: Gyroscope
- `accel`: Accelerometer
- `mag`: Magnetometer
- `baro`: Barometer
- `gps`: Global navigation satellite system
- `optical_flow`: Optical flow.
- `vio`: Visual inertial odometry
- `distance_sensor`: Distance sensor (rangefinder).
- `airspeed`: Airspeed sensor
- Systems:
- `battery`: Battery
- `motor`: Motor
- `servo`: Servo
- `avoidance`: Avoidance
- `rc_signal`: RC Signal
- `mavlink_signal`: MAVLink data telemetry connection
- _failure_type_:
- `ok`: Publish as normal (Disable failure injection)
- `off`: Stop publishing
- `stuck`: Constantly report the same value which _can_ happen on a malfunctioning sensor
- `garbage`: Publish random noise. This looks like reading uninitialized memory
- `wrong`: Publish invalid values that still look reasonable/aren't "garbage"
- `slow`: Publish at a reduced rate
- `delayed`: Publish valid data with a significant delay
- `intermittent`: Publish intermittently
- _instance number_ (optional): Instance number of affected sensor.
0 (default) indicates all sensors of specified type.
## MAVSDK Failure Plugin
The [MAVSDK failure plugin](https://mavsdk.mavlink.io/main/en/cpp/api_reference/classmavsdk_1_1_failure.html) can be used to programmatically inject failures.
It is used in [PX4 Integration Testing](../test_and_ci/integration_testing_mavsdk.md) to simulate failure cases (for example, see [PX4-Autopilot/test/mavsdk_tests/autopilot_tester.cpp](https://github.com/PX4/PX4-Autopilot/blob/main/test/mavsdk_tests/autopilot_tester.cpp)).
The plugin API is a direct mapping of the failure command shown above, with a few additional error signals related to the connection.
## Example: RC signal
To simulate losing RC signal without having to turn off your RC controller:
1. Enable the [SYS_FAILURE_EN](../advanced_config/parameter_reference.md#SYS_FAILURE_EN) parameter.
2. Enter the following commands on the MAVLink console or SITL _pxh shell_:
```sh
# Fail RC (turn publishing off)
failure rc_signal off
# Restart RC publishing
failure rc_signal ok
```
## Example: Motor
To stop a motor mid-flight without the system anticipating it or excluding it from allocation effectiveness:
1. Enable the [SYS_FAILURE_EN](../advanced_config/parameter_reference.md#SYS_FAILURE_EN) parameter.
2. Enable [CA_FAILURE_MODE](../advanced_config/parameter_reference.md#CA_FAILURE_MODE) parameter to allow turning off motors.
3. Enter the following commands on the MAVLink console or SITL _pxh shell_:
```sh
# Turn off first motor
failure motor off -i 1
# Turn it back on
failure motor ok -i 1
```
Reference in New Issue View Git Blame Copy Permalink