Hi All,

I have to design and implement a smart sensor for instance a magnetic odometer with "Intrinsic safety" parameters. That means
the voltage should not exceed 1.8v and the current is limited to 2uA.
A protection circuit barrier should be placed between Master and slave to guarantee these parameters as shown in the block diagram below.

The master is a MK22fn512vlh12 kinetis MCI have to find out an appropriate slave MCU which consumes less than 1.8v (preferably less than 1.7 v) in active mode.The clock speed should be
fast enough to deliver data each second (I believe is not an issue), the rest of the time the slave MCU can be in sleep or another low-consumption mode.
The key point is to guarantee the correct operation under the safety parameters.

The communication protocol intended to be implemented is 1-wire communication because it is desired that the Master only uses one pin to record the data coming from the odometer. However 1-wire protocol is not a must and other options can be considered.

The implementation shall be adaptable for multi-slave operation.

I am particularly confused about the current constrain in regard to the MCU current consumption.
Does the slave MCU have to operate with  max 2uA? or
The current which arrives to the slave MCU shall be no more than 2uA?.
Can a MCU generate more than 2uA in order carry out its functionalities?. If so can still the system be considered as Intrinsically safe?

Which MCU could suit these specifications?

Is 1-wire protocol a good approach?. Are there good alternatives?

As you can see the kind of questions shows a lack of knowledge and inexperience regarding this topic.
I would appreciate very much your comments and also some references where to find out more answers about this topics.

#InstrinsicSafetySystem

#OneWire

Thanks in advance for your help.

Intrinsic safety is an additional safety provided over a system to avoid ignition in a specified zone. There are various zones, Zone 0, Zone 1, Zone 2... where explosive gases / liquids are present (like Hydrogen, Propane, etc..). The product if deployed in those zone should not cause ignition during normal functionality or even in case of failure. The product will be made to operate with limited voltage, limited current, limited power, limited energy and limited temperature, which are the primary cause for ignition.

The power to such system cannot be directly connected, it should be connected through barriers and signals to and from such product also go through the barriers.

In your case, the master MCU is in the safe zone, (normal zone) and the slave unit will be in a specified zone like zone 0, or 1 or 2, depending on what the meter is measuring. (For eg. if it is measuring Hydrogen / ethylene it is zone 0).

The interconnection between these two will go through a protection unit called barrier. Also there will be one more protection unit inside the slave.

The barriers and protection circuits are made of resistors of appropriate wattages fuses, to limit current, zener diodes, to limit voltages, diodes to prevent reverse connection protection and the protection circuit is deigned such that if one fails there will be one more to take care of protection (redundancy). Also it has to be done in such a way that even in case of worst failure the temperature should not go beyond 135 deg C (T4 level).

When all such things are implemented it has to be approved by  authority like Factory
Mutual / Canadian standards association / Underwriters laboratory / Atex directive in
Europe. Also there are separate Russian / Brazil standards if product is to be
sold internationally.

You can get more details with this link:http://aegex.com/images/uploads/white_papers/Intri...

Regards,

BV Ramesh.