There are several types of error that can occur in a SpaceWire link:
- Disconnect error – the link is disconnected is one or both directions, so data or Nulls are not received.
- Parity error – a received character contains a parity error.
- Escape error – an Escape character is received which is followed by another Escape, an EOP, or EEP, which are character sequences that are not allowed.
- Credit error – an N-Char arrives when there is no room for it in the receive FIFO.
Link disconnection is detected when following reception of a data bit no new data bit is received within a link disconnect timeout window (850 ns). Once a disconnection error has been detected, the link attempts to recover from the error.
Parity errors occurring within a data or control character are detected when the next character is sent, since the parity bit for a data or control character is contained in the next character. Once a parity error has been detected, the link attempts to recover from the error.
Following an error or reset the link attempts to re-synchronise and restart using an “exchange of silence” protocol (see Figure 42). The end of the link that is either reset or that finds an error, ceases transmission. This is detected at the other end of the link as a link disconnect and that end stops transmitting too. The first link resets its input and output for 6.4 µs to ensure that the other end detects the disconnect. The other end also waits for 6.4 µs after ceasing transmission. Each link then waits a further 12.8 µs before starting to transmit. These periods of time are sufficient to ensure that the receivers at both ends of the link are ready to receive characters before either end starts transmission. The two ends of the link go through the NULL/FCT handshake (see Figure 40) to re-establish a connection and ensure proper character synchronisation.
Figure 42 Link Restart
Recovery from errors is controlled by the state machine in the SpaceWire interface. The complete state machine is shown in Figure 43.
Figure 43 SpaceWire Interface State Machine Error Recovery
The error conditions that can occur are shown in red. Any error that is detected results in a transition to the ErrorReset which starts the error recovery cycle.
RxErr is a Disconnect Error, Parity Error, or Escape Error.
Disconnect Error detection is enabled following link reset, only after the first bit has been received.
An RxErr can be detected in any state, except ErrorReset, and will result in a transition to ErrorReset.
In the ErrorWait, Ready and Started states it should not be possible to receive an FCT, N-Char or time-code, because the link has not yet been fully initialised. If any of these characters are received it is an error and results in a transition to the ErrorReset state.
In the Connecting state it should not be possible to receive N-Chars or time-codes as the link is only partially connected, an FCT must be received before any of these other characters, finishing link initialisation and causing a transition to the Run state. If any N-Chars or time-codes are received in the Connecting state, it is an error and the state machine moves to the ErrorReset state.
Detection of Parity Error, Escape Error, gotFCT, gotN-Char, and gotTime-Code are only enabled after the first Null has been received, i.e. gotNULL asserted.
Thus
RxErr OR gotFCT OR gotN-Char OR gotTime-Code
is really
RxErr OR (gotNULL AND (gotFCT OR gotN-Char OR gotTime-Code)).