Fail-safe EEPROM based rewritable boot system

US 5,432,927 A
Filed: 11/17/1994
Issued: 07/11/1995
Est. Priority Date: 06/17/1992
Status: Expired due to Fees

First Claim

Patent Images

1. A method of reprogramming computer software instructions in a computer system including a processor with an address base to which the computer software instructions are mapped, said method comprising the steps of:

(a) providing a writable, non-volatile memory device having a base memory region and an auxiliary memory region;

(b) loading a first set of initialization instructions including a boot routine into said base memory region;

(c) selectively operating said system (i) in a normal mode in which said initialization instructions most recently loaded into said base memory region are mapped to the address base of the processor or (ii) in an auxiliary mode in which initialization instructions copied into said auxiliary memory region are mapped to the address base of the processor, to facilitate initialization of the system;

(d) monitoring said normal mode of operation to determine if an initialization fault is detected and issuing a reset signal to said processor if an initialization fault is detected;

(e) copying said most recently loaded initialization instructions from said base memory region into said auxiliary memory region if no fault is detected and no reset signal is issued, and then loading an updated set of initialization instructions including a boot routine to said base memory region, and repeating steps (c) through (e) until an initialization fault is detected; and

(f) if an initialization fault is detected, switching the operation of said system to the auxiliary mode in response to said reset signal.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer boot strap loading system employs dual, separable EEPROM units to facilitate safe reprogramming of bootstrap loader software. Both EEPROMs are adapted for storing bootstrap loading code. One of these two EEPROM areas is designated as the unit for which the code content will govern operation of the next reboot sequence. Circuitry is provided to monitor progress of a reboot to determine if a defect in the presently utilized reboot sequence is provided. Such a defect triggers a reboot from the other EEPROM as well as to provide a back-up copy of the bootstrap loading code most recently determined to be effective.

Citations

18 Claims

1. A method of reprogramming computer software instructions in a computer system including a processor with an address base to which the computer software instructions are mapped, said method comprising the steps of:
- (a) providing a writable, non-volatile memory device having a base memory region and an auxiliary memory region;
  
  (b) loading a first set of initialization instructions including a boot routine into said base memory region;
  
  (c) selectively operating said system (i) in a normal mode in which said initialization instructions most recently loaded into said base memory region are mapped to the address base of the processor or (ii) in an auxiliary mode in which initialization instructions copied into said auxiliary memory region are mapped to the address base of the processor, to facilitate initialization of the system;
  
  (d) monitoring said normal mode of operation to determine if an initialization fault is detected and issuing a reset signal to said processor if an initialization fault is detected;
  
  (e) copying said most recently loaded initialization instructions from said base memory region into said auxiliary memory region if no fault is detected and no reset signal is issued, and then loading an updated set of initialization instructions including a boot routine to said base memory region, and repeating steps (c) through (e) until an initialization fault is detected; and
  
  (f) if an initialization fault is detected, switching the operation of said system to the auxiliary mode in response to said reset signal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 12)
- - 2. The method of claim 1, wherein said writable, non-volatile memory device is an EEPROM (electrically erasable programmable read only memory) device.
  - 3. The method of claim 2, wherein said EEPROM device is a flash EEPROM device.
  - 4. The method of claim 1, further comprising the step of comparing the most recently loaded initialization instructions copied from said base memory region into said auxiliary memory region to the initialization instructions currently residing in said base memory region.
  - 5. The method of claim 4, further comprising the step of selectively mapping initialization instructions in said base memory region or said auxiliary memory region, in said normal or auxiliary modes, respectively, to the address base of the processor, using a memory address decoder.
  - 6. The method of claim 5, wherein said timer device is a counter, and said counter issues a reset signal to said processor upon detection of an initialization fault to disrupt initialization of the system in the normal mode.
  - 7. The method of claim 6, wherein said counter issues said reset signal after a predetermined time period elapses.
  - 8. The method of claim 6, wherein said counter is reset at the beginning of each occurrence of said normal mode of operation.
  - 9. The method of claim 4, wherein said step of monitoring said normal mode of operation to determine if an initialization fault is detected is performed by a timer device.
  - 12. The device of claim 1, wherein said EEPROM device is a flash EEPROM device.

10. A device for reprogramming computer software instructions in a computer system including a processor with an address base to which the computer software instructions are mapped, said device comprising:
- (a) a writable, non-volatile memory device electrically connected to said processor, said non-volatile memory device having a base memory region and an auxiliary memory region;
  
  (b) circuitry electrically connected to said memory device for loading a first set of initialization instructions including a boot routine into said base memory region;
  
  (c) circuitry electrically connecting the processor and said memory device for selectively operating said system (i) in a normal mode in which said initialization instructions most recently loaded into said base memory region are mapped to the address base of the processor, or (ii) in an auxiliary mode in which initialization instructions copied into said auxiliary memory region are mapped to the address base of the processor, to facilitate initialization of the system;
  
  (d) circuitry electrically connected to the processor for monitoring said normal mode of operation to determine if an initialization fault is detected and issuing a reset signal to said processor if an initialization fault is detected;
  
  (e) circuitry electrically connected to said memory device for copying said most recently loaded initialization instructions from said base memory region into said auxiliary memory region if no fault is detected and no reset signal is issued, and for then loading an updated set of initialization instructions including a boot routine to said base memory region, and for operating said system in said normal mode until an initialization fault is detected; and
  
  (f) switching circuitry electrically connected to said memory device for switching the operation of said system to the auxiliary mode if an initialization fault is detected in response to said reset signal.
- View Dependent Claims (11, 13, 14, 15, 16, 17, 18)
- - 11. The device of claim 10, wherein said writable, non-volatile memory device is an EEPROM (electrically erasable programmable read only memory) device.
  - 13. The device of claim 10, wherein said circuitry for selectively operating said system in the normal mode or the auxiliary mode includes a memory address decoder.
  - 14. The device of claim 10, further including circuitry for comparing the most recently loaded initialization instructions copied from said base memory region into said auxiliary memory region to the initialization instructions currently residing in said base memory region.
  - 15. The device of claim 10, wherein said circuitry for monitoring said normal mode of operation to determine if an initialization fault is detected is performed by a timer device.
  - 16. The device of claim 15, wherein said timer device is a counter for issuing a reset signal to said processor upon detection of an initialization fault to disrupt initialization of the system in the normal mode.
  - 17. The device of claim 16, wherein said counter issues said reset signal after a predetermined time period elapses.
  - 18. The device of claim 16, wherein said counter is reset at the beginning of each occurrence of said normal mode of operation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Eaton Corp. (Wisconsin) (Eaton Corporation PLC.)
Original Assignee
Eaton Corp. (Wisconsin) (Eaton Corporation PLC.)
Inventors
Grote, Jack A., Lydic, John W. Jr.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Tu, T.

Application Number

US08/340,803
Time in Patent Office

236 Days
Field of Search

395/575, 364/243, 364/243.3, 364/243.4, 364/244.6, 364/242.3, 364/247, 364/928, 364/965, 364/965.76, 364/964.1, 364/975.2, 364/280.2, 364/280.3, 364/285. 2, 365/230.01, 365/240, 365/201, 365/189, 365/226, 371/12
US Class Current

713/2
CPC Class Codes

G06F 11/00   Error detection; Error corr...

G06F 11/1417   Boot up procedures

G06F 9/4403   Processor initialisation

G11C 29/74   using duplex memories, i.e....

Fail-safe EEPROM based rewritable boot system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Fail-safe EEPROM based rewritable boot system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links