Electronic Lock design problem

[MicroScratch]

Hello

I’m designing an electronic lock and I'm running into a problem.


It is basically a solenoid driven by a MOSFET. A pulse is sent to the solenoid which unlock the mechanism. Once the system is unlocked, the solenoid return to its idle position and the mechanism remains unlocked.

I’m driving my MOSFET highside via a voltage doubler to prevent accidental triggering (VCC + square signal needed). It is crucial because a single pulse can unlock the mechanism. No action need from the user, no handle or anything.

here is the simplified schematic:




My problem is :

 I thought that the voltage doubler would be enough to prevent accidental triggering since it requires a square signal to work but actually, just the turning the MCU pin of the voltage doubler high lets enough current flow through the MOSFET to power the solenoid.

Is there a simple way to improve this voltage doubler solution ? Or a similar simple solution that requires at least one action that can’t happen accidentally because of EMC problems, cosmic rays...

Thanks

[ledtester]

I would try this...



The differences are:

- use the MOSFET as a low-side switch -- should result in more predictable switching behavior
- use a high value resistor to pull the MOSFET gate low

R5 will keep the MOSFET off during power-up. It will also discharge C6 when the GPIO pin is high impedance.

R6/C6 will require a long signal (several milliseconds) from the GPIO pin in order to turn the MOSFET on.

You might find that just R5 is enough to protect against EMC and cosmic rays.

[gnuarm]

So how about some details?  What voltage is the relay rated for?  What is the pull in voltage?  What is the MCU voltage?  What voltage is the square wave?  What is the threshold voltage on the FET?

You may not realize your gate voltage needs a pull down resistor to remove the charge on the output capacitor.  If you add that resistor between the gate and ground it can also provide a voltage divider which will allow you to set an idle voltage that won't trip the FET and relay. 

You might also want to pick a FET that has a higher threshold voltage so the resulting voltage on the relay coil is not high enough to turn it on.  But to know if that is even possible requires knowing more about all the components.

[MicroScratch]

yes Gnuarm,  I was a little short on detail. the solenoid is rated for 5V 1.1A. The MCU works on 3.3V. the square wave will be 3.3V too but I don't have a definitive frequency for it.
the MOSFET is a IPZ40N04S5L and VGs(th) typ = 1.6V.

I picked this MOSFET because I had some spare from another project. I'll try another one but usually, the higher the threshold is, the bigger the MOSFET is. on Infineon, the MOSFET with a Typ VGS(TH) of 4v are 600V rated and huge.



Ledtester, I need to stick with highside switching because in electronic lock design, you don't want someone to be able to reach your soneloid - wire and ground it to open the lock.

[MadScientist]

Have 0V isolated , which it’s most is anyway   Hence “ grounding “ it won’t generate a circuit

[Someone]

Have 0V isolated , which it’s most is anyway   Hence “ grounding “ it won’t generate a circuit

Connect chassis to most positive supply rail, run low side switches.

[nctnico]

yes Gnuarm,  I was a little short on detail. the solenoid is rated for 5V 1.1A. The MCU works on 3.3V. the square wave will be 3.3V too but I don't have a definitive frequency for it.
the MOSFET is a IPZ40N04S5L and VGs(th) typ = 1.6V.

I picked this MOSFET because I had some spare from another project. I'll try another one but usually, the higher the threshold is, the bigger the MOSFET is. on Infineon, the MOSFET with a Typ VGS(TH) of 4v are 600V rated and huge.



Ledtester, I need to stick with highside switching because in electronic lock design, you don't want someone to be able to reach your soneloid - wire and ground it to open the lock.

In that case you'll need a P-channel MOSFET because your current N channel MOSFET isn't going to work. With 3.3V & 5V combined there has to be some level shifting as well. You might also want to think about circuit protection like a self-resetting fuse in case the solenoid gets shorted (so at least the MOSFET won't burn and the entire lock system won't be powered down). Likely using a dual pole relay is a cheaper option all things considered.

[ledtester]

A way to use a N-channel MOSFET as a high-side switch is the "MOSFET bootstrapping" technique:

MOSFET Bootstrapping -- 0033mer
https://youtu.be/zcQV_ZpK1W8

You can skip to 4:45 for a demo and explanation of the circuit.

[nctnico]

A way to use a N-channel MOSFET as a high-side switch is the "MOSFET bootstrapping" technique:

At the cost of more parts and it won't work for long durations due to leakage. All in all it is not a good solution for driving a solenoid which might be on for hours or even days (think about doors that need to unlock when there is a power outage for safety reasons).

[ledtester]

You're right about leakage, but the OP mentioned this:

I’m driving my MOSFET highside via a voltage doubler to prevent accidental triggering (VCC + square signal needed). It is crucial because a single pulse can unlock the mechanism.

so it still might work for them.

[nctnico]

One way or another: it is an ugly hack which is better to be avoided from the start.

[MicroScratch]

thanks guys,

I'll first try to keep the highside voltage doubler driving but just use a voltage divider on the GPIO VCC pin to prevent the idle voltage from turning the MOSFET on.

I'll check the MOSFET bootstrapping too, it might just be enough since I'm just sending pulses from time to time to the solenoid, never more than a second.

[Ian.M]

Your ideas for 'security' are fundamentally flawed.  If a single bit flip can cause execution to enter the unlock routine after the code has been validated, or can set a flag indicating the code has been validated, it doesn't matter how many operations the MCU must perform or how complex the circuit is to activate the solenoid - its equally insecure.   Also consider magnetic field attacks. e.g:


TLDR: single solenoid electronic 'locks' are fundamentally insecure! 

There are also idiocies like this to avoid:

[nctnico]

Your ideas for 'security' are fundamentally flawed.  If a single bit flip can cause execution to enter the unlock routine after the code has been validated, or can set a flag indicating the code has been validated, it doesn't matter how many operations the MCU must perform or how complex the circuit is to activate the solenoid - its

Basically you need two circuits: one that reads the credentials on the outside and one that processes & controls the lock at the inside. You can not have the circuit that controls the lock at the outside in a secure system.

[Jester]

Put a FET switch in both legs of the solenoid. One requiring a high and the other a low drive signal. Obviously use two different drive pins from uC.

[gnuarm]

thanks guys,

I'll first try to keep the highside voltage doubler driving but just use a voltage divider on the GPIO VCC pin to prevent the idle voltage from turning the MOSFET on.

I'll check the MOSFET bootstrapping too, it might just be enough since I'm just sending pulses from time to time to the solenoid, never more than a second.

There is nothing wrong with a high side switch, even an NPN, in general.  The trouble is driving the gate high.  You never answered my questions about the relay characteristics.  A relay should be rated in terms of two voltages (or sometimes currents).  One is the minimum level that must be applied to assure the relay will activate (pull-in) .  The other is the maximum level that you must be below to assure the relay turns off (drop-out).  These are the numbers you design your circuit around.

As you have seen, it takes much less than 5V to activate the relay.  I'm surprised your relay activates with only 3.3V applied to the gate of the FET.  I believe you said the Vth of your FET is 1.6V, so that only leaves 1.7V on the relay!  That is a bit surprising.  Once you know the pull-in and drop-out voltages of the relay, you can design a driver circuit.  These are not necessarily the actual voltages for any given relay, rather numbers that guarantee every relay of this model will work in your design. 

I would ditch the voltage doubler and use a small P channel FET or a PNP transistor to drive your N-FET.  This will make the circuit work with a 3.3V MCU... if you work at it a bit.  Using a P-FET to drive the relay makes this easier and simpler.  Or, if the MCU has 5 volt tolerant outputs and it can run open collector/drain, the MCU can drive the gate directly with only a pullup resistor. 

BTW, you seemed to ignore my point about the FET gate in your present design needing a pull down resistor.  Once the voltage doubler has created a higher voltage on the output cap, it will remain and not bleed off easily.  So you need a resistor to do that. 

Like the others, I think the voltage doubler makes the design more complicated.  If you want some sort of redundancy for security, use two FETs in series with separate gate driving circuits.  Then no single fault in either circuit would cause the relay to be activated...  other than a short between gate and source.  That can be fixed by using a high value resistor in series with the gate (R1 in your drawing), large enough that it can't provide enough current to switch the relay. 

What about the relay failing shorted?  That is common for relays when the contacts weld together.  It doesn't take much to make them stick. 

[gnuarm]

A way to use a N-channel MOSFET as a high-side switch is the "MOSFET bootstrapping" technique:

MOSFET Bootstrapping -- 0033mer
https://youtu.be/zcQV_ZpK1W8

You can skip to 4:45 for a demo and explanation of the circuit.

That circuit is essentially half of the voltage doubler.  That's why it won't remain high for too long, it doesn't continue to switch driving an output cap to hold the doubled voltage.