CN101604289A - A kind of error detection of embedded system and restorative procedure - Google Patents
A kind of error detection of embedded system and restorative procedure Download PDFInfo
- Publication number
- CN101604289A CN101604289A CNA2009101006127A CN200910100612A CN101604289A CN 101604289 A CN101604289 A CN 101604289A CN A2009101006127 A CNA2009101006127 A CN A2009101006127A CN 200910100612 A CN200910100612 A CN 200910100612A CN 101604289 A CN101604289 A CN 101604289A
- Authority
- CN
- China
- Prior art keywords
- instruction
- address
- module
- call
- check
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of error detection and restorative procedure of embedded system.At present the system of wireless sensor node can't avoid application program that the storage space of the system core is done the action of access, may allow system produce the mistake that can not expect.The present invention in the SOS system in the modification system architecture mode of minimum, a kind of storage access mistake of detecting has been proposed, and the mode that can use module the to replace method of being repaired, making the storage access mistake produce chance reduces, the information of collecting also can be more profitable, and is easy especially on maintenance system.Utilize the inventive method needn't worry whether the wireless sensor node on this detecting network when makes mistakes, and the sensor node that may make mistakes can be detected and initiatively repair, and does not need the people and waits at server end at any time.
Description
Technical field
The invention belongs to field of computer technology, particularly a kind of error detection and restorative procedure of embedded system.
Background technology
Because the fast development of embedded system, the embedded system development trend is the system architecture of the communication module and the low power supply of System on chip, low power consumption at present.Just stride forward towards Embedded System Design littler and more power saving, and the embedded system that wireless senser derives out just under this trend.Wireless sensor node has detecting and the ability of calculating, and communicates by letter by wireless mode, and the hardware of each sensor node is made up of embedded microprocessor, storer, sensor, wireless communication module and battery.
Wireless sensor node is resource-constrained embedded system, and microprocessor does not thereon have memory management unit.On radio sensing network, how to avoid memory error and cause system to make mistakes, certainly will become a major issue.Especially when dynamically insmoding storage space, easier generation mistake.Each application module that can dynamically be written into all has own accessible memory space ranges, and the place beyond it attempts the access legal range then is considered as mistake.
In actual applications, it is the place that is difficult to arrive that most wireless sensor node is dispersed in the people, replaces the human information of collecting needs in the place that is difficult to arrive.Because this characteristic, after the radio sensing network hardware device set up and finishes, the user just was not easy to arrive these in artificial mode and is dispersed in the action of doing wrong reparation on the outer node.When some system above the node occurs wrong and loses its function, the user of this system can't learn these mistakes at once, can only wait initiatively the take a walk data of detecting information or passback by the time of user wrong could the discovery to occur.Mistake appears in these passback data also can have influence on the correctness that gathers information.Microprocessor major part on the wireless sensor node does not have memory management unit at present, therefore the system on wireless sensor node can't avoid application program the storage space of the system core to be done the action of access, this dangerous play meeting has influence on the normal operation of this node, may allow system produce the mistake that can not expect.
Summary of the invention
Purpose of the present invention just provides a kind of error detection and restorative procedure of embedded system, avoids application program to occupy the affiliated storage space of operating system, or occupies the storage space under other application program.
The method of detecting embedded system mistake comprises static check and dynamic chek among the present invention.The concrete grammar of static check is:
Check the memory store instruction of all static given storage space address, described memory store instruction comprises direct call instruction and relative skip instruction; Function call in the same module adopts relative skip instruction, and the function call in the disparate modules adopts direct call instruction; Directly call instruction is as follows with relative skip instruction form:
| Instruction | Operation |
| Call k | PC=k |
| Jmp.+k | PC=PC+k |
| Jmp.-k | PC=PC-k |
If any one address that directly calls in the given address in back is not one of them legal value of system call skip list the inside, then this module is illegal, can not upload on the sensor node; If all directly calling all is legal value in the skip list, then this module is legal.
The concrete grammar of dynamic chek is:
Step (1). rewrite module contents, increase instruction, exactly the storage space address is passed in the precession attitude check system in order to calling as parameter; In when compiling, if the purpose address can't insert before given instruction and check and instruct, then will desire access the storage space address be made as parameter, be used for checking the legitimacy of this address; These instructions comprise three forms, are respectively indirect call, are written into and store, and order format is as follows:
| Instruction | Operation |
| icall | PC=Z(R31:R30) |
| ld Rd,X | Rd=[X(R27:R26)] |
| ld Rd,Y | Rd=[Y(R29:R28)] |
| ld Rd,Z | Rd=[Z(R31:R30)] |
| st X,Rr | [X(R27:R26)]=Rr |
| st Y,Rr | [Y(R29:R28)]=Rr |
| st Z,Rr | [Z(R31:R30)]=Rr |
Be written into continuously or storage instruction when occurring when one section, and its purpose address is continuous, the centre is not modified, then before first access instruction of this section consecutive access instruction, add the inspection of two address, it is respectively the beginning and end of this consecutive access storage space address, if determine that the inspection of two address is all legal, then the continuous access of this section is all legal.
Step (2). check and call the storage space address and check that storer is written into storing process that when an address that calls was imported into, this function was at first obtained the numbering of this module, the system function that originally provides in the using system; Check in regular turn then whether this address is the inlet point of system call, other modularity function inlet point or the inner jump of preengaging to system of module itself, if the inlet point of system call, in the jump of other modularity function inlet point of system reservation or module inside itself any one, then access is legal, returns; If not the inlet point of system call, in the jump of other modularity function inlet point of system's reservation or module inside itself any one, then for making a mistake.
The method of repairing built-in system mistake is specifically among the present invention:
Step (1) if. detect wrongly, then wrong module quits work immediately;
Step (2). send the request of replacing the module of makeing mistakes to server, after server is received request, check whether other version is arranged,, then another version is loaded on the sensor node, be used for replacing the work of original module if having; If no, then transmit original version and try again, if make mistakes once more, and do not find other version, it is invalid then to repair, and server stays record and informs the user.
The present invention in the modification system architecture mode of minimum, has proposed a kind of storage access mistake of detecting in the SOS system, and the mode that can use module the to replace method of being repaired.Can increase the availability of radio sensing network effectively, making the storage access mistake produce chance reduces, the information of collecting also can be more profitable, easy especially on maintenance system, needn't worry whether the wireless sensor node on this detecting network when makes mistakes, even if the sensor node that may make mistakes also can be detected and initiatively reparation, do not need the people and wait at server end at any time.
Embodiment
The present invention is used on the SOS operating system, and selected sensor node is Mica2 Mote, and the microprocessor on it is Atmega128L, and the instruction set of using is AVR Instruction Set.
The method of detecting embedded system mistake comprises static check and dynamic chek.
The concrete grammar of static check is:
Check the memory store instruction of all static given storage space address, described memory store instruction comprises direct call instruction and relative skip instruction; Function call in the same module adopts relative skip instruction, and the function call in the disparate modules adopts direct call instruction; Directly call instruction is as follows with relative skip instruction form:
| Instruction | Operation |
| Call k | PC=k |
| Jmp.+k | PC=PC+k |
| Jmp.-k | PC=PC-k |
If any one address that directly calls in the given address in back is not one of them legal value of system call skip list the inside, then this module is illegal, can not upload on the sensor node; If all directly calling all is legal value in the skip list, then this module is legal.Concrete grammar is: the beginning address of skip list is added that the order in skip list multiply by 2, after its value of checked address cuts the beginning address of skip list, should be worth again divided by 2, if integer is legal address; Otherwise it is illegal.
The concrete grammar of dynamic chek is:
Step (1). rewrite module contents, increase instruction, exactly the storage space address is passed in the precession attitude check system in order to calling as parameter; In when compiling, if the purpose address can't insert before given instruction and check and instruct, then will desire access the storage space address be made as parameter, be used for checking the legitimacy of this address; These instructions comprise three forms, are respectively indirect call, are written into and store, and order format is as follows:
| Instruction | Operation |
| icall | PC=Z(R31:R30) |
| ld Rd,X | Rd=[X(R27:R26)] |
| ld Rd,Y | Rd=[Y(R29:R28)] |
| ld Rd,Z | Rd=[Z(R31:R30)] |
| st X,Rr | [X(R27:R26)]=Rr |
| st Y,Rr | [Y(R29:R28)]=Rr |
| st Z,Rr | [Z(R31:R30)]=Rr |
Be written into continuously or storage instruction when occurring when one section, and its purpose address is continuous, the centre is not modified, then before first access instruction of this section consecutive access instruction, add the inspection of two address, it is respectively the beginning and end of this consecutive access storage space address, if determine that the inspection of two address is all legal, then the continuous access of this section is all legal.
Step (2). check and call the storage space address and check that storer is written into storing process that when an address that calls was imported into, this function was at first obtained the numbering of this module, the system function that originally provides in the using system; Check in regular turn then whether this address is the inlet point of system call, other modularity function inlet point or the inner jump of preengaging to system of module itself, if the inlet point of system call, in the jump of other modularity function inlet point of system reservation or module inside itself any one, then access is legal, returns; If not the inlet point of system call, in the jump of other modularity function inlet point of system's reservation or module inside itself any one, then for making a mistake.Concrete grammar is: at first check system is called inlet point, and earlier with the value of last inlet point and the address comparison of importing into, fiducial value is big leaps to next comparison domain.If it is also littler than the skip list beginning to import address into, then is mistake.Secondly check other modularity function, revise the loader on the node earlier, when insmoding to system's reservation, from the archives of module, obtain this module and preengage which function, information is noted, carry out when checking to system, if the function call that write down is then legal; Otherwise, illegal.Check the program area of module then, be stored in which section of system from the program area of loader acquisition module, obtain the beginning address and the program area size of this module, determine with these information whether this address that calls drops in the program area of this module itself, if it is drop in this program area, then legal; Otherwise, illegal.
The method of repairing built-in system mistake is specifically:
Step (1) if. detect wrongly, then wrong module quits work immediately;
Step (2). send the request of replacing the module of makeing mistakes to server, and flow process is jumped in the scheduling, avoid carrying out next wrong instruction.Server is the information of receiving that comprises module No., version number and node number, and operating platform is passed in packing.Receive server info when operating platform, judging whether can corresponding other version that uses, if do not pass a master earlier, and remembers repeat sign one time.If another version is arranged in the system, server sends a command to sensor node, the module that unloading is wrong.After server is finished the original module of unloading, then upload another identical function but the different module of version to this sensor node.If repeat request for the second time and still have only a version, that just notes this sensor node number and module No., informs the user.
Claims (1)
1, a kind of error detection of embedded system and restorative procedure comprise detecting embedded system mistake and repairing built-in system mistake, it is characterized in that:
The method of detecting embedded system mistake comprises static check and dynamic chek; The concrete grammar of described static check is:
Check the memory store instruction of all static given storage space address, described memory store instruction comprises direct call instruction and relative skip instruction; Function call in the same module adopts relative skip instruction, and the function call in the disparate modules adopts direct call instruction; Directly call instruction is as follows with relative skip instruction form:
If any one address that directly calls in the given address in back is not one of them legal value of system call skip list the inside, then this module is illegal, can not upload on the sensor node; If all directly calling all is legal value in the skip list, then this module is legal;
The concrete grammar of described dynamic chek is:
Step (1). rewrite module contents, increase instruction, exactly the storage space address is passed in the precession attitude check system in order to calling as parameter; In when compiling, if the purpose address can't insert before given instruction and check and instruct, then will desire access the storage space address be made as parameter, be used for checking the legitimacy of this address; These instructions comprise three forms, are respectively indirect call, are written into and store, and order format is as follows:
Be written into continuously or storage instruction when occurring when one section, and its purpose address is continuous, the centre is not modified, then before first access instruction of this section consecutive access instruction, add the inspection of two address, it is respectively the beginning and end of this consecutive access storage space address, if determine that the inspection of two address is all legal, then the continuous access of this section is all legal;
Step (2). check and call the storage space address and check that storer is written into storing process that when an address that calls was imported into, this function was at first obtained the numbering of this module, the system function that originally provides in the using system; Check in regular turn then whether this address is the inlet point of system call, other modularity function inlet point or the inner jump of preengaging to system of module itself, if the inlet point of system call, in the jump of other modularity function inlet point of system reservation or module inside itself any one, then access is legal, returns; If not the inlet point of system call, in the jump of other modularity function inlet point of system's reservation or module inside itself any one, then check out and make a mistake;
The method of repairing built-in system mistake is specifically:
Step (a) if. detect wrongly, then wrong module quits work immediately;
Step (b). send the request of replacing the module of makeing mistakes to server, after server is received request, check whether other version is arranged,, then another version is loaded on the sensor node, be used for replacing the work of original module if having; If no, then transmit original version and try again, if make mistakes once more, and do not find other version, it is invalid then to repair, and server stays record and informs the user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101006127A CN101604289B (en) | 2009-07-10 | 2009-07-10 | Error detection and repair method for embedded system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101006127A CN101604289B (en) | 2009-07-10 | 2009-07-10 | Error detection and repair method for embedded system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101604289A true CN101604289A (en) | 2009-12-16 |
| CN101604289B CN101604289B (en) | 2011-01-05 |
Family
ID=41470027
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101006127A Expired - Fee Related CN101604289B (en) | 2009-07-10 | 2009-07-10 | Error detection and repair method for embedded system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101604289B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110059391A (en) * | 2019-04-10 | 2019-07-26 | 北京中科寒武纪科技有限公司 | Device under test verifies device and Related product |
| CN110059390A (en) * | 2019-04-10 | 2019-07-26 | 北京中科寒武纪科技有限公司 | Device under test verifies device and Related product |
| CN110261758A (en) * | 2019-06-10 | 2019-09-20 | 北京中科寒武纪科技有限公司 | Device under test verifies device and Related product |
-
2009
- 2009-07-10 CN CN2009101006127A patent/CN101604289B/en not_active Expired - Fee Related
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110059391A (en) * | 2019-04-10 | 2019-07-26 | 北京中科寒武纪科技有限公司 | Device under test verifies device and Related product |
| CN110059390A (en) * | 2019-04-10 | 2019-07-26 | 北京中科寒武纪科技有限公司 | Device under test verifies device and Related product |
| CN110059390B (en) * | 2019-04-10 | 2022-12-09 | 中科寒武纪科技股份有限公司 | Device under test verification device and related product |
| CN110059391B (en) * | 2019-04-10 | 2022-12-09 | 中科寒武纪科技股份有限公司 | Device under test verification device and related product |
| CN110261758A (en) * | 2019-06-10 | 2019-09-20 | 北京中科寒武纪科技有限公司 | Device under test verifies device and Related product |
| CN110261758B (en) * | 2019-06-10 | 2021-09-21 | 中科寒武纪科技股份有限公司 | Device under test verification device and related product |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101604289B (en) | 2011-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100543693C (en) | Power-on self-detection method | |
| CN103458086B (en) | A kind of smart mobile phone and fault detection method thereof | |
| CN101699402B (en) | Multi-mode startup embedded system | |
| CN100458692C (en) | System and method for correcting fault of turn-on self-test | |
| CN102999423B (en) | A kind of method and apparatus of multinuclear test | |
| CN102279776A (en) | Error checking and correcting ability testing method and device | |
| CN101604289B (en) | Error detection and repair method for embedded system | |
| CN102207877A (en) | Method and system for re-pouring on-track program of space camera | |
| CN108132797A (en) | A kind of upgrade method of remote controler, SoC chip and its application program | |
| CN103247345A (en) | Quick-flash memory and detection method for failure memory cell of quick-flash memory | |
| CN109614119B (en) | Burning method, device, electronic equipment and medium | |
| CN102768331B (en) | The MCU test set of a kind of OTP type and testing method thereof | |
| JP4334598B1 (en) | Information processing apparatus and error correction method | |
| CN102831058A (en) | Testing method and testing device | |
| CN102622243A (en) | Method for executing solidified codes supporting various NAND flash memories | |
| CN102799494B (en) | A kind of method and apparatus verifying application program in internal memory | |
| CN102053874B (en) | Method for protecting standby data | |
| CN102623066A (en) | Saving and acquisition method for solidification code parameter table | |
| CN101441600B (en) | Apparatus and method for rapidly changing page in microprocessor verification | |
| CN100449498C (en) | Data storage device | |
| CN102981919B (en) | Memory management method of quickly positioning sources of errors | |
| CN102610279A (en) | Method for executing NAND flash memory by solidifying code | |
| CN107943543A (en) | A kind of method and computer equipment of WEB application heat deployment | |
| CN113672260A (en) | CPU initialization method for processor | |
| CN102609331A (en) | File format of loading code in NAND flash |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: HAIAN SERVICE CENTER FOR TRANSFORMATION OF SCIENTI Free format text: FORMER OWNER: HANGZHOU ELECTRONIC SCIENCE AND TECHNOLOGY UNIV Effective date: 20131021 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 310018 HANGZHOU, ZHEJIANG PROVINCE TO: 226600 NANTONG, JIANGSU PROVINCE |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20131021 Address after: 226600 No. 106 middle Yangtze Road, Haian County, Nantong, Jiangsu Patentee after: Haian Service Center for Transformation of Scientific Achievements Address before: Hangzhou City, Zhejiang province 310018 Jianggan District Xiasha Higher Education Park No. 2 street Patentee before: Hangzhou Electronic Science and Technology Univ |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110105 Termination date: 20180710 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |