People often ask me questions about embedded software. Sometimes they are complex; other times they are simple. But frequently, the simplest ones are what leads to an interesting train of thought. The one that set my brain working recently was something like this: “I have some non-volatile memory in my design, which is used to retain specific parameters through power cycling. The first time the device is used, the memory contains garbage and needs to be initialized. When the software starts up, how can I detect that this is the first time it has run and an initialization sequence needs to be run?”
My first thought was to suggest that simple inspection of the data would show whether it was valid or not. In some applications, that would certainly be true. In others, perfectly valid data could look like a jumble of ones and zeros. There must a be simple, reliable way to make it clear that the memory/data has been initialized …
There are probably several ways to solve this problem. Do comment or email me if you have any suggestions. But I think the best approach is to dedicate a tiny part of the non-volatile memory to be a “signature”.
A signature is simply a quickly recognizable sequence of bytes which cannot occur randomly. Of course, this ideal is impossible, as any sequence of bytes, however long, could occur randomly. It is just a matter of minimizing that possibility, whilst still making the check quick and easy. If the signature is just 4 bytes, there is a 4 billion to 1 chance of it occurring randomly. I think that for almost any application I can imagine, that is good enough. And a 32-bit value may be checked very quickly.
By careful choice of the signature values, the chances of an accidental occurrence may be reduced. Intuitively, a sequence of consecutive numbers [say 1, 2, 3, 4] would feel more unlikely that a “random” set. After all, when did the lottery last yield a consecutive sequence of digits? Of course, such a sequence is just as unlikely as any other. However, by thinking about how memory works, the unlikelihood of a specific sequence may be increased. What values might memory have when it is first powered up? I can think of 4 possibilities:
- totally random
- all zeros
- all ones
- some regular pattern reflecting the chip architecture [like alternate 1 and 0]
If it is (1), then any signature will give us the 4 billion to 1 chance. Any of the others can be detected by use of the right signature. I would suggest the following: 0x00, 0xff, 0xaa, 0x55. This should cover all of (2), (3) and (4) and still be just 32 bits.
Some care is needed with the initialization sequence. It is essential to set up valid data and then initialize the signature as the very last thing in the procedure.
Of course, the use of a signature does not guarantee the integrity of the data. It may be wise to use a checksum or CRC for error checking or even a mechanism for self-correction of data. This results in the start-up sequence:
if signature invalid initialize else if data invalid initialize endif endif
Posted May 16th, 2011, by Colin Walls
- The Repair Café
- IoT keynote, software support and more …
- Go bike!
- Embedded software video blogging – are you interested?
- Six of the best: my photographs
- Testing RTOS API code