Introduction
The monolithic integrated circuit application system’s antijamming may divide into the software and the hardware two aspects specifically, the software antijamming by its design nimble, the economical hardware source, reduces superiority and so on cost to obtain the widespread use more and more. The software antijamming technology mainly has “the instruction redundant technique”, “the software trap technology”, “the software watch-dog technology”, “the digital filtering technology” and so on. This article with realizes the method on the software trap technology to the monolithic integrated circuit application system antijamming’s principle to carry on the discussion and the research specifically, gives realizes the software trap technology two forms, and uses successfully this technology in many actual monolithic integrated circuit application system, guarantee system’s reliability service.
1 procedure runs flies with the software trap technology outline
When procedure normal operation, program counter PC aims at this instruction next instruction first byte program memory unit address which throughout carries out, had like this guaranteed the monolithic integrated circuit can read each instruction correctly each byte, namely CPU reads the operation code first, then reads the operand (, if has operand byte). In the MCS-51 series monolithic integrated circuit, the program counter PC addressing range is 0000H~FFFFH, altogether 64 KB. In the user application procedure, according to the system request, has stipulated the program run only way. This manifests after the system the electricity, program counter PC has the only change course, had guaranteed the procedure is normal, order movement. After the procedure runs flies is refers to the system receives some kind of disturbance, the program counter PC value deviated the only change course which assigns, causes the program run deviation normal operating path. The procedure runs flies the factor and the consequence often may not estimate.
In many situations, after the procedure will run will fly, the system to enter the endless loop to cause to halt. By now, should adopt the procedure which the effective action guidance runs flies to withdraw from the endless loop and the rapid replacement as soon as possible. The practice proved that the software trap technology can guide the procedure which runs flies to withdraw from the endless loop and the rapid replacement as soon as possible effectively.
2 two kind of software trap technology comparative analysis
When monolithic integrated circuit application system’s CPU receives the disturbance, adverse effect’s main form includes:①Unusual updated program counter PC indicator;②Rewrites the programmable output port’s condition;③Unusual revision important data area data. The above three aspect’s adverse effect can cause the monolithic integrated circuit application system procedure out of control, the control state malfunction, its consequence is very serious, it will even cause the system to collapse, creates the serious industrial accident. The above several aspect’s adverse effect may use the software trap technology to solve. Presently realizes this technology the method induction summary is two kinds.
2.1 software trap technology realizes one of forms
The monolithic integrated circuit application system’s user application procedure generally is composed of recurrent structure’s master routine and the interrupt servicing subroutine, master routine structure as shown in Figure 1. Will insert (question which the following software trap segment how to insert to the user application procedure in following 3rd to hit the mark detailed discussion), namely will not need the region in the user application program memory to read in the code “OO00020000H”.
NOP
NOP
LJMP O000H
When the monolithic integrated circuit application system work is normal, monolithic integrated circuit’s CPU not executive software trap segment; But, when the monolithic integrated circuit application system receives the disturbance, but after the procedure runs flies, because the program counter PC value is wrong, destroyed the normal instruction format, causes to carry out the unusual instruction, thus the executive software trap segment, falls into the software trap, will run the pre-computed course which flies to replacement entry point address 0000H. In the software trap segment’s continual 2 NOP instruction is to strengthen “LJMP 0000H” ability which catches, namely “IJMP0000H” will not be washed out, when after the procedure will run will fly, will obtain carries out completely, will thus cause the procedure which will run flies to integrate the mal orbit.
2.2 software trap technology realizes second form
Although the above software trap technology can realize the reliable reply function, but has two aspect serious hidden dangers. First, the hidden danger is mainly to the interrupt in processing: First, the procedure runs very possibly flies is occurs in the interrupt servicing subroutine, next, some use’s interrupt has been very impossible, because the procedure runs flies is activated wrongly, but was only by now the procedure which lets run simply flies from the beginning starts to move, cannot close already the interrupt which activates, like this, monolithic integrated circuit’s interruption system will think that the procedure in the processing interrupt, will again still respond the same level interrupt. Second, majority of monolithic integrated circuit application system after on electricity replacement initialization, did not hope after the procedure runs flies uses the software trap reply initializes.
In order to solve the first hidden danger, when the procedure runs flies, if certainly wants the means closure possibly to occur the interrupt, then carries out the user application procedure again. As everybody knows, when after CPU enters the interrupt, can only use the RETI instruction to close the interrupt. Solves the first hidden danger concrete method is, changes the software trap segment: After the procedure runs flies, will run the procedure which flies to direct 0202H place, then completes the closure interrupt in 0202H place the work, namely does not need the region in the user application program memory to read in the code “0000020202H”. What needs to pay attention, the program memory does not use region the final two memory cell, certainly must read in the code separately “00H”.
NOP
NOP
LJMP 0202H; The front continual 2 NOP instruction is for
; The enhancement “LJMP 0202H” ability which catches
But the program memory unit which starts in 0202H carries on the following programming:
ORG 0202H
MOVDPTR,#ERRl
PUSH DPL
PUSH DPH
RETI; Closes the 1st level of interrupt, and skips to ERRl place
ERRl: CLR A
PUSH ACC
PUSH ACC
RETI; Closes the 2nd level of interrupt, the software replies 0000H place
Thus, had guaranteed, regardless in any situation, may close 2 levels of interrupts. Certainly, when did not have the interrupt activated to move this section of procedures, also will have any adverse effect.
In order to solve the second hidden danger, may, in the system master routine entrance adds a software switch to distinguish that is on the electricity replacement enters 0000H directly, enters 0000H after the software trap reply, according to different distinction result execution different procedure.
On when monolithic integrated circuit application system electricity, on the electricity reset circuit can cause the monolithic integrated circuit to be at the reset state. This is called the cold start generally.
, the software trap technology causes to run flies the procedure which replies master routine entry point address 0000H, affects special function register SFR the significant digit. Solves the second hidden danger concrete method is, establishes answers by telegram the marker beacon will. For example, takes on the electricity flag bit by PSW.5, when PSW.5=0, the expression is on the electricity replacement; When PSW.5=l, the expression is the software trap reply. After Figure 2 is on the electricity replacement and the procedure run fly, the software trap reply initialization processing diagram. 0000H is the MCU replacement entrance, after the procedure start, the first judgment is on the electricity replacement, after the procedure runs flies, the software trap reply. On the electricity replacement is the starting operation, must establish the electricity to symbolize, and carries on the system completely to initialize. After the procedure runs flies, the software trap reply to carry on the related resources the inspection and the repair, prevents the systems operation to make a mistake. Moreover, according to the system characteristic, needs to retain some process data, do not carry on initializes completely.
In order to solve the above two hidden dangers, has the following concrete programming. The system part initialization which and the related resources inspection and the repair procedure entrance and, START0 is on the system the electricity replacement initialization in the procedure entrance, after ER-ROR is completely the procedure runs flies, the software trap reply should carry on, LOOP is the user application program function module entrance.
ORG0000H
LJMP START
ORG 0100H
START: MOV C, PSW.5
JC ERROR
SETB C
MOV PSW.5, C
LCALL STARTO
LJMP LOOP
ERROR: ……
L00P: ……; Application program function module
LJMP LOOP
ORG 0200H
NOP
NOP
MOV DPTR,#ERRl
PUSH DPL
PUSH DPH
RETl; Closes the 1st level of interrupt, and skips to ERRl place
CRRl: CLR A
PUSH ACC
PUSH ACC
RETI; Closes the 2nd level of interrupt, the software replies 0000H place
3 software traps in user application procedure arrangement position
The software trap segment may insert to the master routine in or in the interrupt servicing subroutine. According to the practical application situation, may have 5 ways to the software trap segment’s position arrangement.
(1) between master routine application functional module
When monolithic integrated circuit application system programming, places between scattered each application functional module the software trap segment in the idle program memory unit. When user application procedure normal operation, these software trap segment will carry out, but, when monolithic integrated circuit application system’s CPU is disturbed will cause the procedure out of control, once the program counter PC indicator falls these trap area, may run the procedure which will fly to pull back immediately to the correct track. This method is indeed very effective. Software trap’s how many decides generally based on the user application procedure size, generally the 1KB user application procedure had 2~3 software traps to be possible, the concrete method was as follows:
Application functional module 1
Software trap segment
Application functional module 2
Software trap segment
(2) in idle use EPROM/Flash ROM space
In idle use’s EPROM/Flash the ROM space establishment software trap, namely space has not written all over the code in these idle use’s EPROM/Flash the ROM “0000020202H”. It is noteworthy that finally two memory cells must certainly read in the code separately “OOH”. After the procedure runs flies enters this area, then by the software trap rapidly will be pulled back the mal orbit.
(3) in interrupt servicing subroutine
The software watch-dog (soltware watchdog) in fact is a software trap application example. Take the MCS-5l series monolithic integrated circuit as the example, when system initialization establishes MCU internal timer/counter T0 as the timer, and establishes to fixed time overflow trap as the high-level interrupt. If the system uses 6 MHz clocks, may use the following initialization segment to cause TO fixed time approximately 130 ms to form the software watch-dog:
MOV TMOD, #01H; The T0 establishment is 16 timers
SETB ETO; Permits to interrupt
SETB PTO; Establishes to fixed time overflow trap as the high-level interrupt
MOV TH0,#0; Bestows on the starting value to, fixed time approximately 130/ms
MOV TLO,#0
SETB TR0; Starts T0 to start fixed time
SETB EA; Permits the CPU interrupt
Moreover, to overflow trap service subroutine programming is fixed time as follows:
INTO-PRo; MOV A,#02H
PUSH ACC
PUSH ACC
RET1; The interrupt returns to the 0202H unit
When the user application program run is normal, in is smaller than in 130 ms time, CPU should be prompt “feeds the dog” 11 to carry out the clear dog instruction “MOV THO,#0″ and “MOV TLO,#0″. Thus, TO will not produce fixed time overflows, thus the T0 overflow trap service subroutine will not be carried fixed time out. But, when monolithic integrated circuit application system’s CPU is disturbed causes the procedure out of control, CPU promptly will not carry out the clear dog instruction, has to fixed time overflow trap, may run the procedure which flies to pull back immediately to the correct track. Realizes prompt “feeds the dog” the concrete method is in the user application procedure appropriate position insertion instruction “MOV TH0,#0″ and “MOV TLO,#O”. In fact, to fixed time overflow trap service subroutine is a software trap, once carries out the T0 fixed time overflow trap service subroutine, is the procedure which runs flies pulls back forcefully to the 0202H program memory unit. May know by the front analysis, already ran the procedure which flies to be possible to integrate rapidly the correct track.
(4) in use program memory address space
Speaking of the MCS-51 series monolithic integrated circuit, the program counter PC addressing range is 0000H~FFFFH, altogether 64 KB; However, in the actual monolithic integrated circuit application system, has not used generally to 64 KB program memories, like this can in addition the massive program memory address space. For example, in the system only selected 1 piece 2764 to take the program memory, its address space was 8 KB. Is left unused some 56 KB program memory address space. when CPU receives the disturbance to cause program counter PC to aim at these the program memory address space which leaves unused, after CPU takes the instruction-code which the instruction obtains is “0FFH” (this conclusion may act according to shown in Figure 3 circuit analysis, obtains). This code is “MOV R7, A” the instruction machine code. Obviously, when monolithic integrated circuit application system’s CPU is disturbed causes the procedure out of control, once the program counter PC indicator falls these time the program memory address space which leaves unused, CPU will carry out this instruction not only wrongly to revise register R7 the content, will be unable the procedure which will run flies to integrate the correct track. May use following software trap technology to solve this problem.
As shown in Figure 3, the EPROM chip 2764 address spaces are 0000H~lFFFH, decoder 74LSl38 output Y0 are it select patches or strips of land as worth saving for seed the signal, 2000H~FFFFH are the use program memory space. When the program counter PC value falls into the 2000H~FFFFH space, certainly has Y0 is the high electricity; When takes the instruction operation, PSEN is the low level, then the 74LS244 gating signal is effective, therefore 74LS244 is selected. Further analysis shown in Figure 3 the electric circuit to be possible to know, when user application procedure out of control, but the program counter PC direction is left unused when program memory address space 2000H~FFFFH, main line driver 74LS244 is selected, by now CPU the instruction machine code which read in through the main line was 020202H, happen to was a branch instruction “LJMP0202H”, like this, caused program counter PC to aim at the 0202H program memory unit. May know by the front analysis, already ran the procedure which flies to be possible to integrate rapidly the correct track.
(5) pair of exterior RAM writes operates the solid flag ornament monitoring protection to establish the software trap
The middle data which generally when in monolithic integrated circuit application system’s exterior data-carrier storage RAM, has preserved massive pre-placed data and program run produces. Exterior data-carrier storage RAM read-in is the instruction completes by “MOVX@DPTR, A”. When CPU is disturbed the procedure to run flies, but has carried out time by mistake this instruction, will rewrite in RAM the content, will cause in RAM the important data missing. In order to reduce in this kind of RAM the data missing possibility, should before exterior RAM writes the operation, to writes the operation to carry on the condition judgment. If the condition satisfies only then carries out the write operation; If the condition is dissatisfied, the write operation shield, and will cause the procedure to fall into a trap, enters the endless loop. After the procedure falls the person endless loop trap, then can only (for example watch-dog technology) cause the system by other software and hardware antijamming technology to withdraw from the endless loop trap, thus causes the system recovery to be normal. The concrete source program code as follows (might as well supposes needs to read in exterior RAM the content to deposit in accumulator A, wants write data the exterior RAM unit address to deposit in DPTR):
MOV 6EH, #55H
MOV 6FH, #OAAH
LCALL WRlTE
RET
WRITE:NOP
CINE 6EH,#55H, TRAP
; Reads in the condition is (6EH)=#55H
CJNE 6FH,#OAAH, TRAP and (6FH)=#OAAH
MOVX @DPTR, A
NOP
M0V 6EH,#00H
M0V 6FH,#OOH
RET
TRAP, SJMP TRAP; Falls into the endless loop trap
4 conclusions
Compares with the 1st form’s software trap technology, the 2nd form’s software trap technology eliminated two serious hidden dangers, therefore, the 2nd form’s software trap technology is one kind of effective practical monolithic integrated circuit application system antijamming technology. This article introduced the software trap technology has used successfully in many actual monolithic integrated circuit application system, has guaranteed system’s reliability service.
