Safe <-> Normal Mode switch

[yudataguy]

Pull Request Title (e.g., Feature: Add user authentication)

Description

###Summary

• Add automatic safe mode entry/exit based on voltage thresholds (6.7V entry, 8.0V recovery with 10s debounce)
• Add unintended reboot detection via clean shutdown flag - enters safe mode with SYSTEM_FAULT reason
• Add SafeModeReason tracking (NONE, LOW_BATTERY, SYSTEM_FAULT, GROUND_COMMAND, EXTERNAL_REQUEST, LORA)
• Change forceSafeMode port to accept SafeModeReason parameter, allowing external components to specify why they're triggering safe mode
• Remove payload mode functionality (PAYLOAD_MODE enum, commands, events, telemetry)
• Suppress first-boot warning for expected missing state file

###Test plan

• Verify FORCE_SAFE_MODE command sets reason to GROUND_COMMAND
• Verify EXIT_SAFE_MODE clears reason to NONE
• Verify no auto-recovery when reason is GROUND_COMMAND
• Manual: Verify low voltage (<6.7V for 10s) triggers safe mode with LOW_BATTERY
• Manual: Verify voltage recovery (>8.0V for 10s) auto-exits safe mode when reason is LOW_BATTERY
• Manual: Verify unintended reboot (power cycle) triggers safe mode with SYSTEM_FAULT

Related Issues/Tickets

#106

This is part of the Mode Manager

How Has This Been Tested?

• Unit tests
• Integration tests
• Z Tests
• Manual testing (describe steps)

Screenshots / Recordings (if applicable)

Checklist

• Written detailed sdd with requirements, channels, ports, commands, telemetry defined and correctly formatted and spelled
• Have written relevant integration tests and have documented them in the sdd
• Have done a code review with
• Have tested this PR on every supported board with correct board definitions

Further Notes / Considerations

[Copilot]

Pull request overview

This PR implements safe <-> normal mode management with automatic entry/exit based on voltage thresholds, unintended reboot detection via a clean shutdown flag, and explicit SafeModeReason tracking. It updates the ModeManager interface and behavior, integrates ResetManager for clean reboot signaling, adjusts telemetry/packets, and adds integration tests and documentation to reflect the new logic.

• Add SafeModeReason enum and reason-aware forceSafeMode port; track CurrentSafeModeReason telemetry
• Implement voltage-based auto safe-mode entry (6.7V, 10s) and auto-exit (8.0V, 10s) with hysteresis and debounce
• Detect unintended reboots and enter safe mode with SYSTEM_FAULT; integrate ResetManager.prepareForReboot for clean shutdown marking

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
README.md	Adds instructions to run a single integration test via TEST parameter for developer ease-of-use.
Makefile	Enhances test-integration target to accept TEST=<name
FprimeZephyrReference/test/long/mode_manager_test.py	Aligns tests with new enum values and idempotent FORCE_SAFE_MODE behavior; minor doc/assert updates needed to remove payload mode mention.
FprimeZephyrReference/test/int/safe_mode_test.py	New integration tests validating safe mode reasons, manual commands, and manual scenarios for voltage-based auto-transitions and reboot detection.
FprimeZephyrReference/ReferenceDeployment/Top/topology.fpp	Wires ResetManager.prepareForReboot to ModeManager.prepareForReboot to support clean shutdown signaling.
FprimeZephyrReference/ReferenceDeployment/Top/ReferenceDeploymentPackets.fppi	Adds CurrentSafeModeReason to health packet for GDS visibility.
FprimeZephyrReference/Components/ResetManager/ResetManager.fpp	Introduces prepareForReboot output port to notify ModeManager before reboot.
FprimeZephyrReference/Components/ResetManager/ResetManager.cpp	Calls prepareForReboot before sys_reboot to set clean shutdown flag when connected.
FprimeZephyrReference/Components/ModeManager/docs/sdd.md	Updates SDD: reasons, thresholds, debounce, auto-recovery behavior, prepareForReboot flow, and load switch behavior.
FprimeZephyrReference/Components/ModeManager/ModeManager.hpp	Updates interface: reason-aware forceSafeMode, prepareForReboot handler, new constants and state; changes SystemMode mapping to SAFE_MODE=1, NORMAL=2.
FprimeZephyrReference/Components/ModeManager/ModeManager.fpp	Defines SafeModeReason enum, updates ports (ForceSafeModeWithReason), events (auto entry/exit, reboot detection), and CurrentSafeModeReason telemetry.
FprimeZephyrReference/Components/ModeManager/ModeManager.cpp	Implements voltage-based transitions, unintended reboot detection via persisted state, reason tracking, idempotent FORCE_SAFE_MODE, and updated load switch sequencing and telemetry.

[ineskhou]

Looks great! Just a few comments. Will run stuff with the voltage and command and stuff ASAP but might be after vibe test

[ineskhou]

Is safemodereason available across boots? Assuming that we reboot after safe mode is enabled, and later want to know why we are in safe mode, I think it could be useful to write to a file and with an event or telemetry read from the file.

[yudataguy]

Yes, SafeModeReason is already persisted across reboots. The implementation stores it in /mode_state.bin as part of the PersistentState structure

[ineskhou]

Is the file isn't writable the next boot will be unintended? What does that mean?

[yudataguy]

1. Logs StatePersistenceFailure warning
2. Continues without setting cleanShutdown flag
3. Next boot will be misclassified as unintended reboot → enters safe mode with SYSTEM_FAULT