Problem
When the OPC UA plugin loses its connection to the server (PLC powered off, cable/network fault, session drop), the poller sets snapshot_.connected = false and enters its reconnect-with-backoff loop (opcua_poller.cpp reconnect arm, ~L849), and the connected flag is surfaced on the x-plc-status view (opcua_plugin.cpp, j["connected"]). But no fault is raised on /faults.
So a controller going dark is invisible to /faults consumers: an operator watching the fault list sees nothing, even though the plugin has just gone blind to everything that PLC was reporting. The only signal is the connected boolean on a status endpoint that fault consumers do not watch. ISA-18.2 treats loss of communication with a controller as an alarm-worthy condition.
Proposal
Raise a single, component-scoped comms-lost fault:
- Fault code
PLC_COMMS_LOST, severity ERROR (configurable).
- Raised on the PLC component (the plugin's root PLC component/source), not per data point.
- Debounced: only raise once the connection has been continuously down for a configurable window (default ~5s), so a brief blip during a normal reconnect does not flap a fault. Idempotent (raise once, not every poll cycle).
- Cleared on successful reconnect.
- Config knobs:
comms_lost_fault_enabled (default true), comms_lost_debounce_ms (default 5000).
This is a connection-state transition, so it belongs in the poller's reconnect arm using the existing report_fault / clear_fault path, not the value-evaluation path.
Notes
report_fault / clear_fault clients already exist (opcua_plugin.cpp), and the PLC component the fault should attach to already exists (opcua_plugin.cpp, "PLC runtime connected at ...").
- Keeps
/faults semantics uniform across PLC sources.
Problem
When the OPC UA plugin loses its connection to the server (PLC powered off, cable/network fault, session drop), the poller sets
snapshot_.connected = falseand enters its reconnect-with-backoff loop (opcua_poller.cppreconnect arm, ~L849), and theconnectedflag is surfaced on thex-plc-statusview (opcua_plugin.cpp,j["connected"]). But no fault is raised on/faults.So a controller going dark is invisible to
/faultsconsumers: an operator watching the fault list sees nothing, even though the plugin has just gone blind to everything that PLC was reporting. The only signal is theconnectedboolean on a status endpoint that fault consumers do not watch. ISA-18.2 treats loss of communication with a controller as an alarm-worthy condition.Proposal
Raise a single, component-scoped comms-lost fault:
PLC_COMMS_LOST, severityERROR(configurable).comms_lost_fault_enabled(default true),comms_lost_debounce_ms(default 5000).This is a connection-state transition, so it belongs in the poller's reconnect arm using the existing
report_fault/clear_faultpath, not the value-evaluation path.Notes
report_fault/clear_faultclients already exist (opcua_plugin.cpp), and the PLC component the fault should attach to already exists (opcua_plugin.cpp, "PLC runtime connected at ...")./faultssemantics uniform across PLC sources.