Flaw in 1-Wire protection circuit

[unpaid-bill]

As Stephen has highlighted in his videos, the spring finger connection must be protected against a situation where the alignment is not perfect.
The zener D9 in the mobo schematic is to protect against 24v applied to pin 5 of J5 (the spring fingers), and is specified to dissipate 311mW in this fault state, as specified in the design note.

In this fault state, the current through the zener is limited by R14. With KVL the voltage dropped by this 220R resistor is 24V-3.3V = 20.7V.
This means that this resistor must dissipate (20.7)^2 / 220 = 1.95W, so would not survive the fault condition.

You could increase the value R14 to decrease the current, though that would impact the performance of the low pass filter that R14 is a part of.
Note: the total capacitance of D9 is ~100-200pF, as per the datasheet, which limits the size of the resistor for a desired corner frequency.

The 1-wire communication is also a bit of a tricky one with both sides of the signal being pulled to GND or to Vcc at different strengths at different times in the waveform, so perhaps a RC LPF doesn't make the most sense here anyway. I don't have HW to check the effectiveness of this circuit, but the LPF can probably be completely removed as a short term solution. EDIT: Removal of the LPF would also make D9 completely ineffective as there's no mechanism to limit the current that it shunts. So the whole protection and filtering of this input needs to be redesigned.

[sphawes]

thank you for the super detailed notes @unpaid-bill!!

I am also concerned about putting too much in series with 1-Wire and affecting communication. I like your suggestion of increasing the value of R14 to reduce the current, but in order to prevent fault on a 1/8 Watt resistor, we'd need ~3.4k Ohms. Maxim Application Note 148 only ever recommends 150 Ohms maximum in series, so I highly doubt such a large resistance would be acceptable.

I'll look to see if there are other industry-accepted methods of protecting a 1-Wire line without attenuating the signal too much. Thanks again for the note!!

[warasilapm]

I'm not sure this is a problem, and there are some cheap mitigations that can be done to improve the situation slightly with the existing design.

First, mechanically, it seems to be that it would be exceedingly unlikely that there would ever be 24 V continuous on pin 5 of the feeder fingers. For this to happen, the feeder interface would have to be touched completely backwards or in some other exceedingly awkward (and obviously not correct) position. With the design of the floor plastic this seems unlikely. On the other hand, if the IDC cable (which is also keyed, by the way) is wired backwards, GND and 24 V show up on the RS-485 lines. This begs the question of what happens to the RS-485 circuit under these conditions, the answer to which is almost certainly "nothing good". More on that later.

Second, if what is being considered are brief touches of the pin to the 24 V source as it is being seated, I'm not sure this is an issue either. the duty cycle should be sufficiently low not to actually cause 2 W of dissipation continuous.

That said, there's no reason we can't do better without forcing a redesign. The RZ circuit is a good first line defense for this sort of condition. The first thing we can do is simply increase the size of the resistor. A standard 1206 is already a doubling of improvement in the power dissipation and we can always go bigger!

The next thing we can do is be sure to use a 150 C rated part to give more temperature rise headroom. Most are already rated to this temperature but it's good to check. Additionally, adding some thermal vias to the plane on the backside will increase the thermal dissipation to the environment. There are already some vias from U4 nearby but why not add some more.

Another thing that could be done is to abuse the fact that PA8 on the STM32F031 is a 5V tolerant pin. This means that a 4.5 V zener is sufficient to protect the pin. This saves you a very small amount of power dissipation on R14 but is probably more trouble than it's worth since it opens up a whole other issue of current injection via R1 to the 3.3 V rail. More of a fun thought than anything.

All in all, this is an FMEA question to me. Is continuous injection of 24 V on the 1-wire pin really an expected failure mode, and how severe is it? I don't think it is, and even if it does occur, having the failure mode be an easily replaced, affordable resistor seems like a reasonable compromise in a value optimized product like this. Let's do the math:

• Severity: Moderate. The resistor will be the only real casualty so the feeder will not know which slot it is in, but the MCU will be safe, the feeder can still feed, and communication with the RS-485 bus is not impaired. 6
• Probability: Moderately low Low. Conservatively think maybe one in 10,000 insertions would suffer a failure long enough to cause resistor failure. 4
• Detection: Almost certain. The Photon firmware can absolutely detect this failure mode when it cannot communicate with the EEPROM over 1-wire and report the failure. 1

That leaves us with an RPN of 24. Not bad.

I actually think the RS-485 is a more concerting point of failure for this sort of problem, if we're going to look at continuous faults to 24 V. The TVS is only rated for pulse currents not continuous dissipation, and a rotation of the IDC connector could connect RS-485+ to 24 V. Once the TVS dies, the transceiver is next, hopefully stopping there.

[unpaid-bill]

I agree that a misalignment of the spring fingers is highly unlikely now the geometry has been redesigned to prevent that.
Though I do think that if this failure mode is to be addressed in the circuit, it should not be treated as a momentary failure. In this case I think it's better to not design a solution for - especially a solution that is itself able to fail.

[warasilapm]

I don't agree with removing this protection. It's always better to have a resistor fail than the pins on the processor.

[Magpie-81]

Another trick to spread the thermal load of the resistors could be to put some in parallel.

[warasilapm]

Or in series, as may be easier in this case due to the routing.

[willyvmm]

The failure mode of Zener Diode is "SHORTING" that mean, if diode parameters are exceeded it will most likely to SHORT. You may think of the zener as a cheap CROWBAR protection in this case. Replacing the resistor with smaller housing 0402 will decrease the power dissipation capability thus the resistor will work as a cheap fuse with the Zener crowbar.

Also, the 3.6V zener has a very bad characteristic. I used to call them soft zener diodes and I recommend avoiding these diodes if possible.

The mentioned above 5V tolerant pin requires also some explanation. Digging into ST documentation reveal that 5V tolerant pins are actually ca. 7.6V (IIRC) tolerant. And more importantly, the 5V tolerant pins do not have clamping diodes.

Finally, what is the failure scenario? Is it physically possible for 24V to appear on the 1wire PIN?
NO. Except for very intentional user actions. (Did I miss something? Please correct me.)

Therefore I would recommend replacing the Zener diode with a 5v6 version (more common and cheaper) and replacing the 220Ohm resistor with a smaller 0402 housing. Just in case. It will never be activated. In case of some disaster, Dode and Resistor will burn out, and the MCU should survive. There is no reason to overcomplicate a protection circuit in this case.

[qwertymodo]

Since this is a protection circuit, and it would likely be prohibitive to fix in a robust enough manner to withstand the failure without negatively impacting the nominal performance of the properly working case, I don't see a problem with a sacrificial design. If you do reduce the size of the resistor to make the failure mode more fast-acting, I would try to increase the trace width going into the pads to try and force the thermal failure to occur in the removable component and attempt to save the pads and traces, for a lower impact repair in the case of a failure.