• State Verified Answer
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 75 subscribers
  • Views 1287 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 256176
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Potted sensor with soldered primary battery and soft errors

deknoob

Hello,

My sensor based on nRF52833 will have soldered non-rechargeable battery and it will be potted in resin compound to insure waterproofing.

I wonder, what if for some reason CPU gets stuck - hypothetically speaking, but due to possible soft errors in RAM it may happen during sensor life span which shall be at least 10 years. As you can see, in my case I can't simply power cycle to recover. For this reason I included reed switch connected to reset pin on sensor PCB, such that I can recover sensor state by use of magnet.

But - reset pin is software configurable and in worst case scenario it's possible to get soft RAM error such that CPU gets bezerk and one of the effects of this is that reset pin gets reconfigured as GPIO.

What do you think, is it possible?

Parents
  • 0

    Hi 

    Have you looked into using the Watchdog peripheral?

    Then you can setup your code to reset the system if you don't reload the watchdog after a certain amount of time. 

    The watchdog also has a feature where you can enable multiple watchdog registers in parallel, allowing you to watch multiple threads simultaneously (if you're using some kind of real time OS). 

    Best regards
    Torbjørn

  • 0 in reply to ovrebekk

    Hi,

    Yes, of course I consider watch dog, but it's not 100% safe under my worst case scenario.
    I was considering using hardware timer which is occasionally restarted by application. When expired this timer would generate interrupt which I can use to restart application from ISR callback.
    I would prefer if hardware timer can generate CPU reset directly when expired, is that possible? 

  • +1 in reply to deknoob

    Hi 

    deknoob said:
    Yes, of course I consider watch dog, but it's not 100% safe under my worst case scenario.

    In what scenario do you consider the hardware timers 100% safe when the watchdog is not? 

    deknoob said:
    I was considering using hardware timer which is occasionally restarted by application. When expired this timer would generate interrupt which I can use to restart application from ISR callback.
    I would prefer if hardware timer can generate CPU reset directly when expired, is that possible? 

    This is the way the watchdog works. The TIMER or RTC modules does not have this capability so you would need to enable the interrupt and run a soft reset from the interrupt handler. 

    That said, it is theoretically possible to connect a separate GPIO pin to the RESET pin, and pull this pin low when the timer expires. You can use the PPI and GPIOTE modules to have a pin pulled low automatically when a timer compare event occurs. 
    Just note that this is not a common use case, and has not been properly tested by us, so I don't know if it is a reliable way to reset the device. 

    Best regards
    Torbjørn

  • 0 in reply to ovrebekk

    Hi

    "In what scenario do you consider the hardware timers 100% safe when the watchdog is not? "

    Well, this is all theoretical scenario, but I presumed software based watchdog based on RTC would rely on RAM which can be corrupted, while hardware timer is more reliable.

    Yes, hardware watchdog is exactly what I need. Thanks for reminding me that it exists in nrf52 Blush

Reply Children
Related
Terms of service