SAFETY
FIRST
Eventually,
it comes time to update the bootloader, which
is ideally done via the bootloader. This is
normally a risky process. If the bootloader
update fails, there’s no way to get back in
the bootloader to fix it. However, the LUB solves
this easily. The ATmega88’s resident tinyloader
is never updated because it’s so simple. Instead,
the more complex bootloader is stored in the
DataFlash memory, where there is room for a
backup. Now there are two bootloaders present,
so you always have a functional bootloader.
The process is shown in Figure 1.
|
(Click
here to enlarge)
|
Figure
1—The upper left corner of the lubloader’s
layout is the current executable loaded
in the ATmega88 microcontroller. The outside
files are in the AT45DB041 DataFlash. I’m
in the process of updating bootloader copy
2. |
At
start-up, the tinyloader will ask the computer
which bootloader to enter. If the first one
doesn’t work, it’s easy to ask the tinyloader
to load the backup bootloader, known as the
“safe mode” bootloader. The PC software stops
you from updating both bootloaders simultaneously,
which should stop you from causing any trouble.
The
AT45DB041B DataFlash has a hardware write protection
feature. So, you can be sure that faulty software
won’t have a big window in which it could overwrite
the AT45DB041B. To ensure that data was reliably
written to the AT45DB041B, a checksum of the
AT45DB041B’s DataFlash content is performed
locally. This value is sent back to the computer.
This is considerably faster than most bootloader
verification, which sends every byte back to
the computer. However, the checksum doesn’t
ensure that the proper data is written from
the DataFlash to the AVR or FPGA at start-up,
which is a possible point of failure.
