EmbeddedRelated.com
Forums
Memfault Beyond the Launch
   Forums    More Forums    comp.arch.embedded  

micro self-check of checksum

Started by Thomas Magma September 23, 2005
Reply by Henrik Johnsson September 27, 20052005-09-27
Richard <nospam@thanks.com> wrote:

>> I am not familiar with PICs, and somebody already pointed out that at
>> least some PICs can't read their code space as data.  But the general
>> idea of performing a checksum on a binary image is a pretty simple
>> one, especially if the image is in a single contiguous chunk of
>> memory.
> 
> Now, assuming you find an error...what do you do?  You have just proven the
> code is not trust worthy, so you cannot rely on the code to make the system
> safe in any way.   Or in fact do anything predictably  So is the test worth
> while?  (playing devils advocate).


The OP wanted to test the integrity more or less directly after power
on and in those cases it should be quite easy. The hardware shall be
designed in a way that it is in a safe state (provided it is not
broken) after reset. If the CPU fails to even fetch the reset vector
(or whatever it does first depending on architecture) nothing bad must
happen. If there is a checksum failure there is no sense in going
further, entering an eternal loop takes a minimum of code which makes
it less likely to be affected by the code being corrupted.

Usually I design the hardware so that if there is an error indication
it is activated at power on and switched off by the software when it
is up and running. We also usually have watchdogs that are enabled by
software to avoid repeated resets if the software is halted due to
checksum failure. The watchdog is enabled after the checksum is
verified and then it can not be disabled.

So, in short, if detecting a checksum failure in an early stage after
reset, doing nothing is often the most sensible action.

/Henrik

--
Reply by R Adsett September 30, 20052005-09-30
In article <dhbnhs$ni4$1@news.al.sw.ericsson.se>, 
henrik.johnsson@emw.ericsson.se says...

> R Adsett <radsett@junk.aeolusdevelopment.cm> wrote:
> [snip]
> > This sort of leads to the question 
> > 
> > How often have you (anyone using code checksums) seen these catch field 
> > failures?
> 
> I've had quite a few. Equipment installed in cellular towers may get
> its fair share of lightning surges. Even with pretty hefty protection 
> schemes some voltage spikes will get through, something that can cause 
> partial Flash PROM erase, sometimes only a single bit error.


OK, so we have a vote each for 0, 1 and many :)  So apparently you can 
get field failures that are detectable and still react. 

Even small amounts of real data trump speculation.

Robert
You might also like... (promoted content)
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
Memfault Beyond the Launch