KW40Z OTAP safety for no battery devices

cancel
Showing results for 
Search instead for 
Did you mean: 

KW40Z OTAP safety for no battery devices

375 Views
lucianfiran
Contributor V

KW40Z_Connectivity_Software_1.0.1 (KSDK_1.3.0); IAR 7.50;

As OTAP upload can take from 3 to 5 minutes or more to upload new image software to external SPI flash eeprom, and then 16 seconds to actually update MKW30Z flash from SPI - it is possible to have a power down event.

How safe is using the OTAP and bootloader software update in a system tied to direct wall mount power supply ?

What happens if there is a power down event, worst case scenario ?

(in battery systems it is easier to check for battery status before updating)

4 Replies

35 Views
jorge_a_vazquez
NXP Employee
NXP Employee

Hi Lucian

What happens if there is a power down event, worst case scenario ?

In the case of the external flash, the worst case scenario is that the image is corrupted, but it will never be loaded to the internal flash, so it does't represent a big problem. in the case that you power down in the load to the internal flash, your application will be corrupted, but if you erase your flash, it should recover its normal operation


Hope this information helps you
Have a great day,
Jorge Alcala

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos

35 Views
lucianfiran
Contributor V

The bootloader will remain unchanged after OTAP programming ?

The bootloader soft should disable the rest pin and/or SWD pins ?

Should some retry be added ?

            /* Erase Flash sector */
            if (FLASH_OK != FLASH_EraseSector(flashAddr))
                gHandleBootError_d();

like

            if (FLASH_OK != FLASH_EraseSector(flashAddr))
                if (FLASH_OK != FLASH_EraseSector(flashAddr))
                    gHandleBootError_d();

The boot switch is contained in gpBootInfo struct.

I think bootloader will retry to write the image until gpBootInfo switches are set.

On the gpBootInfo struct some counter should be added to keep count of how many erases cycles were performed (Cycling endurance minim 10 000 typical 50 000 cycles.) ?

0 Kudos

35 Views
jorge_a_vazquez
NXP Employee
NXP Employee

Hi Lucian

About your questions

The bootloader will remain unchanged after OTAP programming ? Do you mean the OTAP Client?, Yes, it remains as service available.

The bootloader soft should disable the rest pin and/or SWD pins ? No, it is not needed

Should some retry be added ? No, it is not needed

Best Regards

Jorge Alcala

35 Views
lucianfiran
Contributor V

Yes the OTAP client.

0 Kudos