sprint-8: EKF + adaptive tuner + HWID + SHA-256 audit hash-chain

- heading_ekf.py: 2-state Kalman filter fusing PGN 127250 heading and
  127251 ROT with shortest-arc innovation and symmetric covariance update
- adaptive_tuner.py: gradient-descent outer-loop Kp/Ki adjuster bounded
  to ±adaptive_max_deviation_pct; oscillation vs steady-state detection
- hwid.py: HMAC-SHA256 activation token (verify side); hwid_from_mac_words
  converts three Modbus uint16 MAC words to 12-char hex HWID
- audit.py: SHA-256 hash-chain -- each JSONL line carries prev_hash and
  line_hash; verify_chain() detects tampering, deletion, insertion
- firmware/system/hwid.h+cpp: esp_efuse_mac_get_default wrapper + FNV-32
  hash + "AA:BB:CC:DD:EE:FF" formatter
- modbus_registers.yaml + generated .h/.py: HWID_MAC_01/23/45 at
  input addrs 9/10/11 (three 16-bit words = 6-byte MAC)
- modbus_slave.cpp: INPUT_HWID_MAC_01/23/45 cases read eFuse MAC
- main.cpp: logs HWID string + FNV-32 hash at boot (activation traceability)
- tests: 72 new tests (audit signing, EKF, adaptive tuner, HWID) -- 398 total

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-20 03:07:27 -04:00
parent 5f9b445572
commit 45642fda0e
15 changed files with 1217 additions and 5 deletions
@@ -77,7 +77,7 @@ constexpr uint16_t COIL_CMD_ACK_ALL_ALARMS = 2;
constexpr uint16_t COIL_CMD_KNOB_ARM = 3;
// ----- Input registers (read-only words) -----
constexpr uint16_t INPUT_COUNT = 36;
constexpr uint16_t INPUT_COUNT = 39;
constexpr uint16_t INPUT_MAX_ADDR = 65;
// Firmware major version
@@ -102,6 +102,12 @@ constexpr uint16_t INPUT_FREE_HEAP_KB = 7;
// Minimum free heap since boot
// unit=KiB
constexpr uint16_t INPUT_MIN_FREE_HEAP_KB = 8;
// Hardware ID bytes [0..1] (MAC eFuse high word)
constexpr uint16_t INPUT_HWID_MAC_01 = 9;
// Hardware ID bytes [2..3] (MAC eFuse mid word)
constexpr uint16_t INPUT_HWID_MAC_23 = 10;
// Hardware ID bytes [4..5] (MAC eFuse low word)
constexpr uint16_t INPUT_HWID_MAC_45 = 11;
// Filtered rudder angle, deg * 100 (-3500..+3500)
// unit=deg, scale=0.01
constexpr uint16_t INPUT_RUDDER_ANGLE_DEG_X100 = 16;
@@ -35,6 +35,7 @@
#include "nmea2000_consumer.h"
#include "../hal/knob_encoder.h"
#include "../safety/safety_monitor.h"
#include "../system/hwid.h"
namespace arautopilot::protocols::modbus {
@@ -97,6 +98,17 @@ uint16_t read_input_register(uint16_t addr) {
case INPUT_FREE_HEAP_KB: return (uint16_t)(ESP.getFreeHeap() / 1024U);
case INPUT_MIN_FREE_HEAP_KB: return (uint16_t)(ESP.getMinFreeHeap() / 1024U);
// Sprint 8: Hardware ID (MAC eFuse, 3 × uint16)
case INPUT_HWID_MAC_01:
case INPUT_HWID_MAC_23:
case INPUT_HWID_MAC_45: {
uint8_t mac[6] = {};
system::hwid_get_mac(mac);
if (addr == INPUT_HWID_MAC_01) return (uint16_t)((mac[0] << 8) | mac[1]);
if (addr == INPUT_HWID_MAC_23) return (uint16_t)((mac[2] << 8) | mac[3]);
return (uint16_t)((mac[4] << 8) | mac[5]);
}
case INPUT_RUDDER_ANGLE_DEG_X100: {
auto r = hal::rudder_sensor_latest();
int v = (int)(r.angle_deg * 100.0f);