I’m in Tampa for a few days of scuba diving and touring the area. I was able to dive the Crystal River north of Tampa for two days. It’s a really cool place to learn to dive. There’s no current, it’s not very deep and the water’s clear. In addition to all that you sometimes will run into a Manatee or a Dolphin. And if you show up in November the river is loaded with hundreds of Manatee’s. But that attracts a lot of tourists so there’s really no peace and quiet in the water.

In the midst of that I worked in a few customer teleconferences. Diagnostics was a very hot topic on yesterday’s call. Specifically it was about our CAN protocols; DeviceNet, J1939 and CANopen. The architecture of all these protocols is the same. They are simply formatted application layer
protocols that ride inside CAN messages.

Think about TCP. EtherNet/IP Explicit messages ride inside a TCP packet. Profinet IO acyclic messages ride inside a TCP packet. Those protocols are just specific ways to format the bytes inside a TCP message.

It’s almost exactly the same with CAN. DeviceNet, J1939 and CANopen are ways of formatting the messages that ride inside of a CAN message. The CAN controller chips which are now usually part of the silicon of the microprocessor move CAN messages from place to place just like TCP messages are moved around an Ethernet network. The controllers (Ethernet or CAN) know nothing at all about what is in those messages, they just know to move them from point A to point B.

And just like Ethernet, CAN messages have a CRC to verify the validity of a message. A receiver knows that the message is valid because the message doesn’t get received by the target node unless it is valid.

In CAN it’s even a little stronger than that. CAN messages use a recessive bit to identify valid messages. A zero, the recessive bit, in the ACK bit field indicates that devices on the network have validated the message and found it to be valid. Any node that doesn’t think it is valid writes a one, a dominant bit. No other node that thinks the message is valid can override that dominant bit from the node that disqualified it.  IN a CAN network every valid message has to be accepted by every node on the network to be valid.

I described this in our discussion yesterday and my customer still didn’t think that was enough validation. I described how our entire line of gateway products (Modbus, Ethernet, Profinet IO gateways) all have diagnostics screens. And these diagnostic data that can be accessed from any network. They can tell a target node what nodes are online and what have failed, what nodes are online but experiencing problems and so on. The RTA Gateways Diagnostics are pretty powerful.

They decided in the end to do a full loop check in addition to all the diagnostic data available to both sides in an RTA gateway. With this full loop check, a device that writes data through our gateway is going to be able to read that value back to check that it was written. This is largely not part of our gateway but has to be programmed at the application level by our customers devices.

To implement full loop diagnostics like this, one side will write a value. Our gateway will send that value on the other network. The receiving device will accept that value, validate it as a valid application layer value and then send it back to the original sender through the RTA gateway.

In mission critical systems like this, this truly is the best way to make sure that a message is received by the target. It’s just like diving. It’s mission critical that you don’t run out of air and that you make a decompression stop if you dive below a certain limit. That’s how you stay alive. And that’s how you make sure that your mission critical applications stay online.