• State Verified Answer
  • Replies 7 replies
  • Subscribers 74 subscribers
  • Views 1991 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 318954
Options

NCS: POF (Power-fail comparator)

Pawel(embeddedsolutions.pl)

Setup: 
NCS v.2.4.1

nRF52840DK

Hello, I am seeking guidance on safeguarding the nRF flash from power failures during writing or erasing. However, I am uncertain if I have correctly interpreted the specifications outlined in the documentation (https://infocenter.nordicsemi.com/pdf/nRF52840_PS_v1.7.pdf).

Quoting from the specification: "If the power failure warning is enabled, and the supply voltage is below the threshold, the power-fail comparator will prevent the NVMC from performing write operations to the flash."

I have enabled and set the threshold as follows:

nrf_power_pofcon_set(NRF_POWER, true, NRF_POWER_POFTHR_V27);

Based on the chart provided, my expectation is that when the VDD voltage drops below 2.7V, EVENTS_POFWARN will be generated and set until the voltage rises above 2.7V + Vhyst. Beyond that value, EVENTS_POFWARN will be cleared.

My questions are:

  1. Does the automatic clearing of EVENTS_POFWARN happen by the hardware itself?
  2. How is flash memory protected? Is the flash driver responsible for checking if the event is asserted, and if so, where can I find that check? Or does it happen automatically without any software action?



Additionally, I am contemplating the use of nrfx_power (specifically, nrfx_power_pof_init and nrfx_power_pof_enable) in conjunction with ERRATA 242 ("NVMC operations during POFWARN cause the CPU to hang"). I am concerned that the nrfx_power_irq_handler might clear EVENTS_POFWARN, which is checked by the suspend_pofwarn() function introduced by the errata. Since these two processes are not synchronized, there's a possibility that the event is cleared just before the check made by suspend_pofwarn(). Consequently, writing or erasing might be permitted even when it shouldn't be.

  • 0

    Hi pwpot,

    Does the automatic clearing of EVENTS_POFWARN happen by the hardware itself?

    None of the events are cleared automatically. Application should always clear this event in the interrupt handler.

    • Does the automatic clearing of EVENTS_POFWARN happen by the hardware itself?
    • How is flash memory protected? Is the flash driver responsible for checking if the event is asserted, and if so, where can I find that check? Or does it happen automatically without any software action?

    The quote is from the product specification for the hardware, so it will happen automatically that the POF will not allow any NVMC to gain flash write access. Nothing needs to be done from the software side for this.

  • 0 in reply to Susheel Nuguru

    Okay, so does it also mean that flash protection does not rely on the EVENTS_POFWARN flag but on some other indicators? In other words, the EVENTS_POFWARN flag does not have to be set to "enable" flash protection. Is that correct?

    Consider the following example: The voltage is about 3V, then it drops to 2.5V. The POFWARN threshold is set to 2.7V. EVENTS_POFWARN is generated, and the flag is cleared by the interrupt handler. At this moment, the voltage is below 2.7V, and the EVENTS_POFWARN flag is not set. Is it true that NVMC does not allow writing to flash in the described scenario?

  • 0 in reply to Pawel(embeddedsolutions.pl)
    Pawel(embeddedsolutions.pl) said:
    Okay, so does it also mean that flash protection does not rely on the EVENTS_POFWARN flag but on some other indicators? In other words, the EVENTS_POFWARN flag does not have to be set to "enable" flash protection. Is that correct?

    No, it means that the hardware internals will prevent NVMC getting access to the Flash with write access when EVENTS_POFWARN is set automatically by hardware. You normally do not need to set any events as these are supposed to be used as status registers. You only clear the events when you read them.

    Pawel(embeddedsolutions.pl) said:
    Consider the following example: The voltage is about 3V, then it drops to 2.5V. The POFWARN threshold is set to 2.7V. EVENTS_POFWARN is generated, and the flag is cleared by the interrupt handler. At this moment, the voltage is below 2.7V, and the EVENTS_POFWARN flag is not set. Is it true that NVMC does not allow writing to flash in the described scenario?

    If the voltage is still 2.5V and you clear the EVENTS_POFWARN, then it will be set to 1 again immediately after you exit from the interrupt handler. So the NVMC will never get access to flash writes as long as the voltage is still below the threshold. You do not need to do anything and clearing the event still does not give NVMC access to flash in write mode.

  • 0 in reply to Susheel Nuguru

    Partly understood, but I have got one another question regarding your answer.
    Assume that we are still on the 2.5V voltage level.
    If hardware internals are going to set the EVENTS_POFWARN automatically after exiting from the interrupt handler it means that the whole application will stuck in interrupt handler by calling it all the time.

    As far as I understood the product specification and the chart provided, the next event will be generated when the voltage raises above Vpof(2.7V) + Vhyst and then drops below Vpof(2.7V). 
    So during that time the EVENTS_POFWARN will be cleared and I am not sure if NVMC will be informed that it still should protect the flash.

  • +1 in reply to Pawel(embeddedsolutions.pl)

    pwpot, You were right. The below description is wrong from my end.

    Susheel Nuguru said:
    If the voltage is still 2.5V and you clear the EVENTS_POFWARN, then it will be set to 1 again immediately after you exit from the interrupt handler.

    The POFWARN event is only set while

    1. The voltage is crossing from Vpof from higher to lower, and
    2. when the voltage is already lower than Vpof at the time you enable POF.

    So to answer your question which I verified internally, POF will still continue to limit NVMC access to flash as long as the voltage is lower than Vpof irrespective of you clear the event or not.

    Once you clear the event in the interrupt handler, the event is not set again unless the voltage goes higher than Vpof and lower again.

Related
Terms of service