BMS_INTERLOCK_CHECKED seems pointless

[GustavVaeridion]

Hello,

The substate BMS_INTERLOCK_CHECKED inside [bms.c] BMS state IDLE seems to be pointless. I would highly recommend including BMS_CHECK_ERROR_FLAGS_INTERLOCK and BMS_INTERLOCK_CHECKED into BMS_CHECK_ERROR_FLAGS, for example:

} else if (bms_state.substate == BMS_CHECK_ERROR_FLAGS_INTERLOCK) {
    if (BMS_IsBatterySystemStateOkay() == STD_NOT_OK) {
        bms_state.timer     = BMS_STATEMACH_SHORTTIME;
        bms_state.state     = BMS_STATEMACH_OPEN_CONTACTORS;
        bms_state.nextState = BMS_STATEMACH_ERROR;
        bms_state.substate  = BMS_ENTRY;
        break;
    } else {
        bms_state.timer    = BMS_STATEMACH_SHORTTIME;
        bms_state.substate = BMS_INTERLOCK_CHECKED;
        break;
    }
} else if (bms_state.substate == BMS_INTERLOCK_CHECKED) {
    bms_state.timer    = BMS_STATEMACH_SHORTTIME;
    bms_state.substate = BMS_CHECK_ERROR_FLAGS;
    break;
} else if (bms_state.substate == BMS_CHECK_ERROR_FLAGS) {
    if (BMS_IsBatterySystemStateOkay() == STD_NOT_OK) {
        bms_state.timer     = BMS_STATEMACH_SHORTTIME;
        bms_state.state     = BMS_STATEMACH_OPEN_CONTACTORS;
        bms_state.nextState = BMS_STATEMACH_ERROR;
        bms_state.substate  = BMS_ENTRY;
        break;

---

Identical result:

/*Check interlock and error state*/
if (bms_state.substate == BMS_CHECK_ERROR_FLAGS) {
    if (BMS_IsBatterySystemStateOkay() == STD_NOT_OK) {
        bms_state.timer     = BMS_STATEMACH_SHORTTIME;
        bms_state.state     = BMS_STATEMACH_OPEN_CONTACTORS;
        bms_state.nextState = BMS_STATEMACH_ERROR;
        bms_state.substate  = BMS_ENTRY;
        break;

This should help streamline the state machine logic and contribute to ASIL D certification.

[foxBMS]

Dear @GustavVaeridion ,

Thank you for your feedback. We will have a look at this.

Best regards,
The foxBMS Team