View Single Post
  #34   Spotlight this post!  
Unread 19-04-2012, 11:37
techhelpbb's Avatar
techhelpbb techhelpbb is offline
Registered User
FRC #0011 (MORT - Team 11)
Team Role: Mentor
 
Join Date: Nov 2010
Rookie Year: 1997
Location: New Jersey
Posts: 1,624
techhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond repute
Re: TI and future Jaguars

Quote:
Originally Posted by Levansic View Post
Perhaps a command to checksum the installed firmware would be a good solution, rather than one-time write? I would hate to make the module useless if the communication protocol changed or a new feature was added next year. The new Jaguar firmware this year gave even the oldest ones an automatic voltage ramp capability that they did not posses before, as well as a more graceful re-enable after brown-out.

--Len
I agree. I was thinking maybe we could sort of 'give' FIRST a connector of maybe 4 wires they could use as they like. Perhaps one is an enable/disable. Perhaps the rest are for some sort of communications. Perhaps we can use it for double duty as an in-circuit programming port as well but it'll need about 8-10 pins then. On the upside if FIRST can read every bit in the device then they can absolutely confirm the authorized firmware.

Maybe they need it or maybe they don't. So for example on the 'custom circuit module' they'll very probably need it for a safe enable/disable. However on a CAN enabled module they could sneak their checks in over the CAN so we don't always need more wire. I'm honestly not sure about the PWM (maybe they can sneak some one-wire over the power). Obviously CAN can be upgraded through the CAN bus but I'm not so sure you'd be able to firmware upgrade over just one-wire like you might be able to sneak with PWM.

Between that and the option to walk up and test the firmware checksum on the otherwise unused 4 wire connector I would think that's pretty good diligence to the concern.

(Could get crazy with it and actually make a inductive coupler and literally let them read through the case with the hand held tester.)

Still if maybe we pour some industrial epoxy on the unpopulated in-circuit programming port pads up to that section of the MCU that might just be enough. If someone chips or melts it off it's DQed for FIRST use (still would work fine though we'd give them the in-circuit components anyway, maybe provide a service where they can swap for a FIRST module and we can QA and recycle). If we did the epoxy perhaps we can even stick a stamp like wax or little paper disc with the FIRST logo into it before it cures. Course that won't help with a firmware upgrade unless you swap the modules.

Perhaps there's a way around the firmware upgrade when the in-circuit port is covered with the epoxy. It's possible with both AVR and PIC to use a boot loader. So basically most of the code can be upgraded through the 4 wire FIRST connector using some serial protocol and then the rest you'd need to remove the epoxy for. FIRST would probably be only able to verify the section of code you could write as well (because they couldn't access the ICSP port either) unless we put a bit of code in the bootloader to call into the uploaded code and then read back into the bootloader as well (sort of a section of code at an absolute memory address like a buffer overflow exploit). This has another added advantage because like this you probably won't be able to set the programming flags on the MCU. So they won't accidentally be able to put it in low voltage, watchdog, oscillator options or other modes that could induce hard to diagnose results via the FIRST port. If they really want to play with that they can just remove the epoxy.

Makes sense or is clear as mud?

You know if you make the 4 wire port for FIRST: enable/disable, RS232-RX, RS232-TX and ground. You could upgrade the firmware with a USB-RS232 adapter, an RS232 port or...if you're not using them for FIRST...you could put an RS422 adapter on them and program them from more than a thousand feet away if you like. In short that might be really handy to more than just FIRST (I have a picture in my head of a hundred of them connected to advertising or CNC machines with CAT5e split out to provide RS-485 for the control data and the 4 wires for the FIRST port...use the enable/disable for area wide emergency stop).

Last edited by techhelpbb : 19-04-2012 at 12:48.
Reply With Quote