SEGGER Introduces Fail-Safe Solution for Next Generation Embedded Systems
It uses the memory protection unit (MPU) or memory management unit (MMU) capabilities of the microcontroller to protect a system from the potential harm posed by errant threads. With embOS-MPU, the failure of a particular task will no longer impact on the entire system.
embOS-MPU enables the creation of an unlimited number of privileged and unprivileged tasks. Unprivileged tasks receive a set of restricted rights (such as memory write access, message box access, etc.). When an unprivileged task attempts to violate predefined limits, or causes a system error (such as stack overflow), the task is immediately terminated. Additionally, embOS-MPU enables the developer to install a callback function which is activated if an unprivileged task is terminated. This application-defined routine can take whatever action is necessary when this exceptional condition is triggered. For instance, it could log the problem and recover from the unexpected situation to restore full function. It could gracefully degrade system performance, or it could shut the entire system down in a failsafe manner.