Currently involved in a long-running, er, Classic Foxtrot, involving a device that Must Not Fail, Ever. (Not our design. We're working on something that connects to it.)
One of our associates, who's working remotely, was having difficulty communicating with the device's main board.
Turns out he could get it working by pressing the reset button.
Apparently, if prime power comes up a little too slowly - and the rise time in question is not what I'd call slow - the main processor fails to wake up, and it doesn't have a watchdog timer that forces recovery from this situation.
Many years ago, my occasional colleague Boris and I standardized on a particular POR/watchdog chip because it, and no other (at the time) would generate repeated reset pulses as long as the processor failed to come up and feed the watchdog within (IIRC) 1 second.
Some better watchdog chips have come out since then... and perhaps some worse ones.
But here we have a safety-related product that doesn't even have a proper power-on reset, never mind a does-not-fail watchdog.
Yikes?
Comments