• State Resolved
  • Locked Locked
  • Replies 3 replies
  • Subscribers 23 subscribers
  • Views 626 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TPS 65381 transition to diagnostic state from active state

David Sabol
Genius 4850 points

Hi,

Is there a way to either transition to the diagnostic state from the active state, or if you are in the active state put the watchdog on hold so it doesn't need to be serviced (or prevent reset). 

 

The situation I am looking at is that the board is running, actively servicing the watchdog, and I need to flash the firmware, so I obviously don't want the TPS chip to cause a reset in the middle of that.

 

Thanks,

David

  • 0
    TI__Guru 60242 points
    David,

    The appropriate applications engineer has been notified of your question, and will respond accordingly.

    Regards,
    Eric
  • 0
    TI__Mastermind 20580 points

    Hi David,

    There is no software path from active to diagnostic state.  Below is a basic summary of some options for flashing devices while using the TPS65381. 

    The SW download, when programming device for the 1st time, is performed when device is in SAFE state:

    1. Start-up device with asserting CAN_WU or IGN

    2. While VDDx supplies ramp-up, NRES is driven low to keep MCU in reset state

    3. After reset extension, device enters DIAGNOSTIC state

    4. Since MCU does not contain any program code yet, MCU will not service TPS65381. Due to DIAGNOSTIC state timeout (after ~600 ms from entering DIAGNSOTIC state device enters SAFE state.

    5. SAFE state timeout function is by default disabled and TPS65381 remains in SAFE state

    6. Program/download MCU program

    7. After MCU programming is done, MCU sends SPI command to clear CAN Wakeup latch

      1. NOTE: If IGN is used to start-up device, toggle IGN input to force re-start

     

    For SW debug support or downloading updated program code to MCU, several things can be done

    • If using IGN to start-up system, developer should enable IGN POWER_LATCH and POST_RUN_RESET functions, and disable SAFE state timeout function

      • SAFE state should be used as a ‘trap’ state to debug any SW ‘break’ conditions enabled by SW debugger tool

        • With SAFE state timeout function disabled, developer has all time needed to debug the SW ‘break’ (or ‘trap’) condition, or to download a new code

      • IGN POWER_LATCH is enabled by setting bit IGN_PWRL bit in SAFETY_FUNC_CFG register

        • IGN power-latch keeps device powered-up even when IGN input is driven low

        • This saves time for new device/system re-start (no need to wait till VDDx rail ramp up)

      • POST_RUN_RESET is enabled through POST_RUN_RST bit in DEV_CFG2 register

        • With this feature enabled, developer can toggle IGN pin from high-low-high (starting from high state)

        • This IGN pin toggling generates a reset event, while keeping all VDDx regulators enabled

        • This reset event is used to force device transition out of SAFE state once debug of SW ‘break’ (or ‘trap’) condition is completed

    • If using CAN_WU to start-up system, disable SAFE state timeout function

      • SAFE state should be used as a ‘trap’ state to debug any SW ‘break’ conditions enabled by SW debugger tool

        • With SAFE state timeout function disabled, developer has all time needed to debug the SW ‘break’ (or ‘trap’) condition, or to download a new code

      • When code debug or code download is completed, MCU sends command to clear CAN_WU latch and restarts device

         

    Note, SW ‘break’ (or ‘trap’) routine should include condition for entering SAFE state

    • If device is in ACTIVE state, force MCU_ERROR pin failure

    • If device is in DIAGNOSTIC state force DIAGNOSTIC state time-out condition, or clear DIAG_EXIT_MASK while keeping WD_FAIL and ERROR_PIN_FAIL status bits in SAFETY_ERR_STAT register set.

    If you need to force a reset via software there are 4 options available in addition to the POST_RUN_RST method described above.

     

    Method 1: WD Timer forced failure (reset device by WD reset when WD_RST_EN is set to ‘1’)

      • In active or diagnostic mode with watchdog reset enabled (WD_RST_EN set) and just turn off the watchdog servicing routine of the MCU so the watchdog fail counter in TPS65381 will increment.  This will cause the watchdog fail counter to hit 7 and then the next bad event including a missing watchdog will reset the MCU by pulling NRES low (ie fail counter = 7 +1).

      • To speed up the reset time, you could program the open and closed windows to a low time so the failures will accumulate faster or “speed-up” sending of WD triggers to increment the WD Failure Counter faster and force the reset event faster.

     

    Method 2: Device in ACTIVE state and MCU ERROR pin is monitored, force MCU ERROR pin failure

      • Response time is fast and places device into SAFE state

    • SAFE state to RESET state transition is controlled by SAFE_TO settings in SAFETY_ERR_CFG register

       

    Method 3: MCU with bi-directional RESET

    • USE MCU application to create a ‘warm’ reset event that will drive NRES low

    • TPS65381 will detect it as ‘NRES’ driver error and transitions to reset state

     

    Method 4: If device was started by CAN_WU event

    • Send MCU WR_CAN_STBY command


    - Scott

  • 0 in reply to Scott Monroe
    Genius 4850 points
    Hi Scott,

    Thanks for the quick and detailed response.

    David