There are watchdogs and the there are WATCHDOGS

Back to Subject List

Old thread has been locked -- no new posts accepted in this thread

???
03/15/07 21:52
Read: times

Msg Score: +1
+1 Informative

#135066 - There are watchdogs and the there are WATCHDOGS
Responding to: ???'s previous message

There is a continuum of watchdogs from the very simple, where a single software instruction resets the watchdog. The next step is where it requires two actions, like setting an output and clearing an output. The next step is a windowed watchdog which requires the two actions to happen within a certain window. The most secure is one where there is a specific sequence of events before the watchdog is reset.

If at all possible, I believe you should avoid the first kind since it is a single action. In writing resilient code, several authors make the point that it would be nice to know if both the foreground and the interrupt are occurring, and if possible in the correct sequence. You can get some security by doing this in software and only clocking the watchdog in one place. On the other hand if you have the second type, you can set the pin in the normal course of events, and reset it in the interrupt routine. In that way, if either section of code stops running, the watchdog will not get kicked.

Here are some artciles that pertain to the subject. Some are readily available, and some not. If you want tyo push this further, I could probably scan the stuff that is in print only.

-Aubrey

Born to Fail by Jack Ganssle, Embedded Systems Programming, December 2002: http://www.embedded.com/story/OEG20021211S0032

Li’l Bow Wow by Jack Ganssle, Embedded Systems Programming, January 2003: http://www.embedded.com/story/OEG20030115S0042

Watching the Watchdog by Jack Ganssle, Embedded Systems Programming, February 2003: http://www.embedded.com/story/OEG20030220S0037

Pedigree Protection- Watchdog Circuits by Bob Perrin, Circuit Cellar Online, July 1999: http://i.cmpnet.com/chipcente...9cdpdf.pdf

Protection Techniques Ensure uC Reliabilty in Power Control Circuits by Richard J. Valentine, EDN October 1996
http://www.edn.com/archives/...+Valentine

Designing Microcontroller Systems for Electrically Noisy Environments by Tim Williamson, Intel Application Note AP-125.

Fault-tolerant software in real-time single-chip microcontroller systems by N. Q. Burnham and C.F. Cowling, Electronic Components and Applications, Vol 6: No. 1, 1984.

Designing Reliable Software for Automotive Applications by Barry Yarkoni and John Wharton, Intel article reprint AR-102.

Fault Tolerant Electronic Systems by George Novacek, Circuit Cellar, January 2004
4. Born to Fail by Jack Ganssle, Embedded Systems Programming, December 2002: http://www.embedded.com/story/OEG20021211S0032

Software fault tolerance staves off the errors that besiege uP systems by Dick Jarrett, Electronic Design August 9, 1984.

List of 23 messages in thread

Topic Author Date
Where to kick the watchdog              01/01/70 00:00
   Not being the consummate embedded guy, ...              01/01/70 00:00
   Be kind to animals              01/01/70 00:00
      I thought that as well, stray main loop =badness              01/01/70 00:00
      Sort of              01/01/70 00:00
   There are watchdogs and the there are WATCHDOGS              01/01/70 00:00
   I doubt the usefulness of normal watchdog              01/01/70 00:00
      watchdog IS expensive...              01/01/70 00:00
         i suppose arguments for and against having a dog              01/01/70 00:00
            bugs happen...              01/01/70 00:00
               Not having quite the same budget as NASA              01/01/70 00:00
                  the case for the internal dog              01/01/70 00:00
   It's obvious I need to learn about WDT              01/01/70 00:00
      the WD would not care, but if you reset it in e.g.              01/01/70 00:00
      if your main function goes of to play in the weeds              01/01/70 00:00
      I wouldn't have thought about that.              01/01/70 00:00
         one more reason to KISS              01/01/70 00:00
      there is nothing like "frozen" microcontroller...              01/01/70 00:00
         You would be surprised...              01/01/70 00:00
            Apply ESD to your micro and look what happens...              01/01/70 00:00
            I am not surprised...              01/01/70 00:00
               be reasonable              01/01/70 00:00
                  therac              01/01/70 00:00

Back to Subject List

Topic	Author	Date
Where to kick the watchdog		01/01/70 00:00
Not being the consummate embedded guy, ...		01/01/70 00:00
Be kind to animals		01/01/70 00:00
I thought that as well, stray main loop =badness		01/01/70 00:00
Sort of		01/01/70 00:00
*There are watchdogs and the there are WATCHDOGS*		01/01/70 00:00
I doubt the usefulness of normal watchdog		01/01/70 00:00
watchdog IS expensive...		01/01/70 00:00
i suppose arguments for and against having a dog		01/01/70 00:00
bugs happen...		01/01/70 00:00
Not having quite the same budget as NASA		01/01/70 00:00
the case for the internal dog		01/01/70 00:00
It's obvious I need to learn about WDT		01/01/70 00:00
the WD would not care, but if you reset it in e.g.		01/01/70 00:00
if your main function goes of to play in the weeds		01/01/70 00:00
I wouldn't have thought about that.		01/01/70 00:00
one more reason to KISS		01/01/70 00:00
there is nothing like "frozen" microcontroller...		01/01/70 00:00
You would be surprised...		01/01/70 00:00
Apply ESD to your micro and look what happens...		01/01/70 00:00
I am not surprised...		01/01/70 00:00
be reasonable		01/01/70 00:00
therac		01/01/70 00:00