[En-Nut-Discussion] Robust Ethernet bootloader

Uwe Bonnes bon at elektron.ikp.physik.tu-darmstadt.de
Tue Jun 5 12:30:41 CEST 2018 

>>>>> "Philipp" == Philipp Burch <phip at hb9etc.ch> writes:

    Philipp> Hi everyone, I'm in a project where we will soon have to deploy
    Philipp> some boards running Nut/OS into "the field". Those boards are
    Philipp> all connected to a local computer using Ethernet, but the
    Philipp> computer itself is usually only accessible over the net. In the
    Philipp> first prototype, we simply put a J-Link into the machine to be
    Philipp> able to update the MCU firmware (or even debug it), in case a
    Philipp> problem arises, but this definitely is no productive
    Philipp> solution. We use Ethernet to have a robust and isolated
    Philipp> connection after all, which USB and JTAG is not.

    Philipp> Our target platform is a TIVA TM4C1294NCPDT processor, which
    Philipp> has an integrated Ethernet MAC and PHY. My primary concern is
    Philipp> robustness of the bootloader, it should be rather hard to brick
    Philipp> the device. I see that there is some Ethernet-based bootloader
    Philipp> functionality in the ROM of this MCU, but as far as I can tell,
    Philipp> this must be invoked from the application code. So in case the
    Philipp> update fails, there will most likely be no way to re-flash the
    Philipp> firmware without local intervention. What I would prefer is a
    Philipp> small self-contained bootloader that always runs when the
    Philipp> firmware starts (after power-on, watchdog-reset, hard-fault,
    Philipp> etc.), validates the firmware image and then starts the
    Philipp> application. In case the validation fails, it should sit there
    Philipp> and wait for a new image to be downloaded.

    Philipp> My questions:

    Philipp> - What are your experiences and suggestions for Ethernet
    Philipp> bootloaders?

    Philipp> - Did I miss anything important?

    Philipp> - Does Nut/OS offer some functionality for this?

Hello Phillip,

I have a CAN bootloader deployed to several STM32F303 boards. It behaves the
same as the Can Bootloader I used for several hundred ATCan128
board running for some year now without major problem.

Some functionality needed for that task is probably already in the main
tree, while I probably did not abstract most other helper functions to be of
general meaning so it is not in the main tree. I can send the project is
wanted.

A general Ethernet bootloader is also needed by some other of my projects.
So I am also interested in your work. I looked at the present bootloader,
but it was not clear to me what was needed to bring it up and hwo to talk to
it.  I thought of modifying some of the http upload examples, like
httpd_upload.c to transfer the new firmware.

Bye

-- 
Uwe Bonnes                bon at elektron.ikp.physik.tu-darmstadt.de

Institut fuer Kernphysik  Schlossgartenstrasse 9  64289 Darmstadt
--------- Tel. 06151 1623569 ------- Fax. 06151 1623305 ---------

More information about the En-Nut-Discussion mailing list