The present invention relates to a method and/or architecture for implementing microcontrollers and systems that execute firmware generally and, more particularly, to a method and/or architecture for recovery from circuit stress conditions in a microcontroller.
Conventional approaches to robust operation in the presence of severe environmental stresses include specifying high device immunity to stress conditions. While elecrostatic discharge (ESD) immunity levels are typically specified for all parts, they do not provide robust operation in the presence of all stress conditions. ESD tests normally provide immunity for powered off conditions (i.e., protection during handling), and as a natural consequence, provide protection during some operation stresses (i.e., over/under voltages or currents). However, the trip level of ESD protection may not prevent other modes of failure that occur at lower levels. For example, an ESD protection circuit may trip at 8V overstress on the pin of a 5V part. However, the ESD protection circuit will not trip for a 7V overstress that allows a hazardous noise glitch. Additional devices are implemented to increase noise immunity (i.e., adding bypass capacitors to relevant signals) that have associated cost and space penalties.
Other conventional approaches include watchdog reset circuits to reset a device that is no longer in the normal operating mode. Watchdog reset circuits can allow recovery from a fault condition caused by an overstress. Watchdog reset circuits are effective in cases of significant failure that places the device in a recognized fault mode. Such resets occur when program code is vectored to an illegal location, which causes code execution to halt until the watchdog reset occurs.
However, a stress condition can cause faulty operation that is not recognizable by the watchdog reset device. For example, a device can vector to an unintended part of code, resulting in faulty operation. The device can continue to operate within legal parts of the code and is unable to detect that a problem has occurred. In another example, corruption of memory (i.e., RAM) that occurs during an event is undetected and causes failure at another event.
The present invention concerns a method for circuit recovery from overstress conditions, comprising the steps of (A) is detecting an event and (B) resetting a device when the event is a first predetermined type and providing recovery when the event is a second predetermined type.
The objects, features and advantages of the present invention include providing a method and/or architecture for implementing microcontrollers and systems that execute firmware to provide recovery from stress conditions that may (i) detect over-stresses to increase the robustness of device operation, (ii) implement a device that may either directly reset itself or monitor itself and take appropriate recovery action when stress conditions occur, (iii) provide flexibility in response to stress conditions, (iv) call for a quick and complete reset after stress conditions, (v) perform self checking, issue warnings, perform back-up operations, shut-down, or other recovery steps before or in place of a full reset in response to a predetermined criteria, (vi) register and monitor stress conditions, and/or (vii) allow a device to take any appropriate action when stress conditions are occurring.