Sev-1: Interlock miswire / fail-safe issue #1
Description
Environment / Build
HW Rev A | PLC v0.9 | FW v0.9 | HMI v0.9 | Site: Lab | Date: 2026-01-02
Symptom / What happened
During cycle start, opening the access door did not immediately latch the safety chain. Motion continued briefly and the expected alarm was delayed/missing.
Expected behavior (fail-safe)
Immediate safe-state: motion stop, outputs de-energized, safety chain drops, alarm raised, and cycle cannot resume until reset criteria are met.
Steps to reproduce
- Start TC-010_INTERLOCK_DOOR_OPEN from docs/test/test_cases/
- Begin basic cycle
- Open access door during motion
- Observe safety chain response + alarm behavior
Suspected root cause
No response
Interface impact
Signals impacted: DOOR_OPEN, SAFETY_CHAIN_OK, ESTOP_OK (as applicable)
Artifacts: data/sample/io_map.csv and docs/interfaces/ICD_OVERVIEW.md
Containment / immediate mitigation
Stop bring-up activities. Apply LOTO. Disable motion enable until interlock behavior is verified. Require 2-person check for any power-on.
Verification plan (evidence)
- Verify wiring and polarity at input card/safety relay
- Update IO map if mismatch found; rerun validator
- Re-run TC-010_INTERLOCK_DOOR_OPEN and attach logs/screenshots
- Record evidence under docs/evidence/ (include date/time)