• State Verified Answer
  • Replies 2 replies
  • Subscribers 75 subscribers
  • Views 2440 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 213447
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Softdevice : Memory and timing protection

himanshu pande

I have a question related to memory protection and configuration of device in relevance to soft device.

nrf52832, sdk15, soft device S132

Question 1 : How can I be sure that soft device will not corrupt flash/ROM of application during operation? Since soft device operates in ARM handler mode, I assume its execution is privileged.

Can I protect against soft device using MPU? Can I execute soft device in thread(non-privileged) mode?

Question 2 : How does soft device protect itself from corruption from other entities? E.g what if I try to write soft device RAM/ flash region using a pointer in privileged mode?

Question 3 : Is soft device execution time bound? Is there ever a scenario where soft device may get stuck? If it does, can I use watchdog to trigger it out from the stuck situation?

Thanks in advance,

Regards,

Himanshu.

  • +1

    HI Himanshu, 

    Q1: The SoftDevice and the application have separated FLASH and RAM sections, but share the call stack, so the application will not use the SD regions and vice versa for the SoftDevice.   However, if you are concerned then the application code can be protected from the Softdevice using the BPROT — Block protection peripheral and the MWU — Memory watch unit can be used to protect the RAM. 

    No, the SoftDevice reserves the highest interrupt levels for its timing critical operations, hence it will always preemt the application, see Interrupt model and processor availability and nterrupt priority levels in the S132 SDS. 

    Q2: The SoftDevice uses the Memory Watch Unit(MWU) to sandbox the RAM and peripherals used by the SoftDevice, see Memory isolation and runtime protection in the S132 SoftDevice Specification. The SoftDevice flash region can be protected using the BPROT — Block protection peripheral. 

    Q3: As far as I know the Softdevice is not execution time bound. Once scenario where the SD would hang is if you initialize if with the incorrect LFCLK soucr, i.e. if you configure it to use an external LFXO as the source, but this is not present in the PCB. Otherwise all unrecoverable failures (faults) detected by the SoftDevice will be reported to the application and hten handled accordingly.  Yes,  you can enable the WDT to recover from stuck code. 

    Best regards

    Bjørn 

  • 0 in reply to bjorn-spockeli

    Hi Bjorn,

    Thank you for your quick feedback. It helps. BPROT as protection mechanism is clear as wont allow contents of Flash to be changed. But I am unclear on MWU. Is it equivalent to MPU? What is the basis on which MWU generates an event(like priveledge or program status register settings in case of MPU)?

    Also, can I take the interrupt handler of MWU(MWU_IRQHandler) in application control instead of softdevice?

Related
Terms of service