Hello,
I came to this topic quite late, but I see quite a few problems regarding the regulation loop topology. Note these problems are already in all the "orignal" Korad 3003/3005/...
First the regulation loops, both for voltage as well as current, are extremely long with many gain stages. That means the response can not be that fast or it requires high speed opamps, which then pose their own stability problems. The original "dumped" everything by killing the loop gain directly at the output by a huge output tank capacitor, which requires to have really high capacitance and certain nonzero ESR. The consequence is, the current limit is not able to protect more delicate devices against hot miswiring (connecting the load in reverse while the output is ON,...) or a short circuit while there is voltage at the output, because just the energy within this capacitor is sufficient to kill anything more sensitive connected to it.
You may design a current limitting device (e.g. the negative is separated by a diode, anode towards the capacitor, cathode towards the OUT-, biased in forward by some 10's mA via some power resistor from e.g. VBUS).
But to me a better choice is to add there a fast acting AC path from OUT- towards the Q11 base, in form of a (small) capacitor from the OUT-, to a cathode of an auxiliary diode and a bias resistor (~ 1/10 of the current flowing through R36 should be enough) towards GND, anode of this auxiliary diode is then connected to the base of Q11. As the diode is biased, it has low AC impedance, so keep that capacitor connected between OUT- and the base of Q11. Then the output voltage is formed by just an emitter follower darlington cascade to the output, so maintaining the voltage pretty close without the need of any big capacitor on the output. That way there is no component storing any excessive energy in it able to cause the damage.
The "complication" with the extra diode and resistor is there o allow that capacitor to be disconnected from the Q11 once the output gets shorted, so the I-limit has to act.
And it is connected to VOUT- and not SENSE-, to ensure it maintains the voltage on the start of the power path, so it is not influenced by the impedances from OUT to the load point, the capacitances there and line back via the SENSE line.
Then I would put a resistor into the line you have drawn between D10 anode and Q11 base (so it has about 200mV drop, given the R36 current), so the opamp output is HC separated from the point where the capacitor added before injects the VOUT- signal. That drop will then dictate, along with the resistances in the emitters of the power transistor, how far the output overshoots/undershoots when the load changes.
Similar way I would also add an AC path from OUT- towards the top of C28, e.g. by a capacitor of about C28/10. This then forms a capacitive divider, so provide faster feedback path directly towards the V-regulation opamp, going around the first differential amplifier, so mainly the C26 filtering won't impede the feedback.
Then the output disconnect is, according to me, at a wrong place. When disconnected, the feedback sees the output below what desired, so charges the feedback network capacitors (C29 and C38) to voltages corresponding to the output (Q11 base) fully ON, causing huge overshoot once the relay is turned ON (the reg. loop has to drive the Q11 back down). Better idea to me would be a transistor shorting the base of Q11 to GND. That way both the feedback networks are discharged, so the loop starts them from zero, so entering regulation (either voltage or current) "from below", so without any huge overshoot. The base of this transistor then has to be driven to the +12V by a pull up resistor towards +12V supply and actively pulled low by the CPU, in order to make sure the output remains OFF during power up and CPU starting.
Another issue I see with the opamps and their supply connection. This is a power supply, not a calibrator, so it does not need as precise opamps, with as bad side effects and overload recovery response. With opamps, you should always keep in mind, what is their reference point for the internal frequency compensation. With practically all pure bipolar technology OPAMPs it is their negative supply line. With the complex rail-to-rail CMOS it depends on the actual output current direction (which of the output transistors is biased so carries the signal), so in short very unpredictable.
Why is that important? Because above the GBW, this is the supply from where the opamp has virtually 0dB PSRR, in other words all mess on that supply line passes to its output. From the other supply the PSRR uses to be very high, even way above the range where the opamp has any gain.
Therefore it is better idea to use obipolar pamps with their negative supply being your signal GND and which are able to operate from 0V then.
LF358 is a good example here.
Yes, it has some input current. So match the impedances on their inputs so it does not cause extra offset.
Yes, the output can not go below ground. But this circuit does not need that at all.
When you maintain some load current from their output to GND (to keep their upper output transistor biased; see their internal schematic in the datasheet), they may easily drive down to nearly zero.
And the inputs work well around, or even up to 200mV below zero, so again sufficient for this design.
Yes, they may exhibit some voltage offset. But remember., these are pure bipolar devices, so their offset, whatever it is, is proportional to the thermodynamic (absolute) temperature, so quite well predictable and so possible to calibrate out (you just need a temperature sensor around them so the CPU calibration routine knows what to use for that). And for normal lab temperature it is quite constant (a 10mV offset opamp will drift less than 1mV in the temperature range of 10..40degC), so you won't even need the temperature compensation.
You may still use some precission amplifier in the current sense (the only place where the 1mV drift would be of any problem). There the offset compensated amp could be used, as there it won't be overloaded (or there is already a huge problem anyway). This would mean only a single opamp would need the negative supply, so once properly filtered, there is no risk of crosstalk and parasitic feedbacks (causing oscillations,...) via that supply line.
The sense line connections and stability:
I like to add a series resistor of about 100..1kOhm (don't forget to calculate that in for the V-sense amp) to each voltage sense line and use an extra ~100nF capacitor coupling directly the OUT signal high speed component to the feedback. That way you eliminate the inductance of the wiring towards the load.
And as you have already quite powerful microprocessor there, I would even go to the analog part working only with OUT terminals, use separate V-sensing amplifier to feed just the ADC and implement the remote sense feedback by DSP within the CPU. In this way you may easily apply restriction on the allowed voltage drop across the wiring (e.g. shut down when the difference is greater than e.g. 0.5V), so have the instrument inherently safe even against virtually any feedback fault (missing wire, the shorting strap not tightened on the terminals,...), without any need for the extra diodes between the Force/Sense (which do not cover all faults).
Plus it allows to control the response dynamics by the user, so allows the user to select between fast response with restricted load capacitance to keep it stable or have it stable with a large load capacitance where longer response time could be tolerated.