Tool/software:
I’m looking for recommendations on how to handle bootloader corruption with Hercules processors, particularly when the bootloader is stored in user flash and may be susceptible to corruption (e.g., due to radiation).
In other processor families, I’ve seen mechanisms like OTP (One-Time Programmable) memory that holds a primary bootloader or boot mode pins that an external supervisor can manipulate to boot from an alternate location if the flash-based bootloader becomes corrupted.
With Hercules processors, however, it seems that the reset always jumps to address 0, which forces execution of the flash-based bootloader with no built-in option for redirection. There doesn’t appear to be an internal supervisor (e.g., in OTP) or an external mechanism (e.g., boot pin manipulation) to detect and handle bootloader corruption.
Given these constraints, what design strategies or system-level workarounds can be used to mitigate the risk of bootloader corruption on Hercules processors?
