AAC Microtec Sirius OBC User Manual Download | Manualshive

Page: 147 / 174

background image

Document number

205065

Version

Rev. N

Issue date

2019-02-04

Sirius OBC and TCM User Manual

www.aacmicrotec.com

Page

147

of

174

8.4. Boot images and boot procedure

8.4.1. Description

The bootrom is a small piece of software built into a read-only memory inside the System-
on-Chip. Its main function is to load a software image from the system flash to RAM and
start it by jumping to the reset vector (0x100). To make the system fault tolerant, there are
two logical images of the main software, designated Updated and Safe. Each logical image
is stored in three physical copies distributed over the system flash. By default the bootrom
will first try to load the Updated image and if that fails fall back to the Safe image. The image
to load can also be selected by setting the

Next FW

register in the Error Manager and doing

a soft reset (see section 5.3 for more details). Boot order of the logical images and their
physical copies is shown in Figure 8-1.

8.4.2. Block diagram

Figure 8-1 Software images in flash

8.4.3. Usage description

The locations in the system flash where the bootrom looks for software images are given in
Table 8.4. The first two 32-bit words of the image are expected to be a header with image
size and an XOR checksum, see Table 8.5. If the size falls within the accepted range, the
bootrom loads the image to RAM while verifying the checksum. Both the image size check
and the checksum is on top of the automatic EDAC on all flash data. The EDAC is handled
by hardware and calculates one extra byte of redundancy data for each true data byte
written to flash.

The bootrom loads the system flash bad block table from NVRAM offset 0x0E00

–

0x11FF.

If a flash block within the range to load from is marked as bad in the table, that block is
assumed to have been skipped when the image was programmed, so the bootrom
continues reading from the next block. If the image could be loaded from flash without error
and its checksum is correct, the bootrom jumps to the reset vector in RAM. If there is a flash
error when loading, if the checksum is incorrect, or if the image has an invalid size, the
bootrom steps to the next image by changing the

Next FW

field in the Error Manager and

doing a soft reset. If the image being loaded is the last available the bootrom will ignore
errors and attempt to start it anyway, in order to always have a chance of a working system.
To indicate to the software which image and copy is loaded, the

Running FW

field in the

Error Manager is updated before handing over execution.

«
...
145
146
147
148
149
...
»

Summary of Contents for Sirius OBC

Page 1: ...nd TCM User Manual Rev N ÅAC Microtec 2016 2019 ÅAC Microtec AB owns the copyright of this document which is supplied in confidence and which shall not be used for any purpose other than for which it is supplied and shall not in whole or in part be reproduced copied or communicated to any person without written permission from the owner ...

Page 2: ...ject info SCET Clarify threshold E 2017 03 01 Release with updates to the following sections ADC minor updates to clock div limits Setup and operation find debugger serial use of multiple debuggers F 2017 04 18 Release with updates to the following sections CCSDS new API Sirius TCM new timesync API NVRAM table updated new segment sizing for partitions G 2017 10 31 Release with updates to the follo...

Page 3: ...partition limits new PUS 2 2 service RMAP transid allocation recommendations limited direct partition utilisation recommendations M 2018 12 04 Release with updates to the following sections Software development how to build silent BSP TM TC structure and COP 1 new System on Chip defitions system flash bad block table reserved location in NVRAM NVRAM safe update area address corrections Sirius TCM ...

Page 4: ...Establish a debugger connection to the Sirius products 17 3 5 2 Setup a serial terminal to the device debug UART 18 3 5 3 Loading an application 19 3 5 4 Using multiple debuggers on the same PC 19 3 6 Programming an application boot image to system flash 20 3 7 Re initialising the NVRAM 21 4 SOFTWARE DEVELOPMENT 21 4 1 RTEMS step by step compilation 22 4 1 1 Compiling the BSP with debug output rem...

Page 5: ...scription 76 5 8 4 Limitations 77 5 9 CCSDS 78 5 9 1 Description 78 5 9 2 Non blocking 78 5 9 3 Blocking 79 5 9 4 Buffer data containing TM Space packets 79 5 9 5 RTEMS API 79 5 9 6 Usage description 86 5 10 ADC 88 5 10 1 Description 88 5 10 2 RTEMS API 89 5 10 3 Usage description 92 5 10 4 Limitations 93 5 11 NVRAM 94 5 11 1 Description 94 5 11 2 EDAC mode 94 5 11 3 Non EDAC mode 94 5 11 4 RTEMS ...

Page 6: ...rvices 126 7 11 1 PUS 130 Software upload 126 7 12 Spacewire RMAP 127 7 12 1 Input 127 7 12 2 Output 128 7 12 3 Status code in reply messages 129 7 12 4 RMAP input address details 129 7 12 5 RMAP output address details 144 7 13 Limitations 144 8 SYSTEM ON CHIP DEFINITIONS 145 8 1 Memory mapping 145 8 2 Interrupt sources 146 8 3 SCET timestamp trigger sources 146 8 4 Boot images and boot procedure ...

Page 7: ...zation 159 10 6 Telecommand format 159 10 6 1 Telecommand Transfer Frame 159 10 6 2 Transfer Frame Header 160 10 6 3 Transfer Frame Data Field 161 10 6 4 Frame Error Control Field 162 10 6 5 Telecommand Packet 162 10 7 Telemetry Format 164 10 7 1 Telemetry Transfer Frame 164 10 7 2 Transfer Frame Primary Header 164 10 7 3 Transfer Frame Secondary Header 165 10 7 4 Transfer Frame Data Field 166 10 ...

Page 8: ...Document number 205065 Version Rev N Issue date 2019 02 04 Sirius OBC and TCM User Manual www aacmicrotec com Page 8 of 174 12 MECHANICAL DATA 172 13 GLOSSARY 173 ...

Page 9: ...referred to as the Sirius products when both products are referred at the same time 1 1 Applicable releases This version of the manual is applicable to the following software releases Sirius OBC 1 5 0 Sirius TCM 1 5 1 1 2 Intended users This manual is written for software engineers using the ÅAC Sirius products The electrical and mechanical interface is described in more detail in the electrical a...

Page 10: ...tilization RD5 SNLS378B PC16550D Universal Asynchronous Receiver Transmitter with FIFOs RD6 AD7173 8 Rev A Low Power 8 16 Channel 31 25 kSPS 24 Bit Highly Integrated Sigma Delta ADC RD7 Edition 4 11 RTEMS BSP and Device Driver Development Guide RD8 CCSDS 132 0 B 2 TM Space Data Link Protocol RD9 CCSDS 232 0 B 2 TC Space Data Link Protocol RD10 205088 Sirius OBC electrical and mechanical ICD RD11 2...

Page 11: ...units UARTs RS422 and RS485 line drivers on the board with line driver mode set by software GPIOs Watchdog a fail safe mechanism to prevent a system lockup System flash 2 GB of EDAC protected flash for storing boot images in multiple copies Pulse command inputs for reset to a specific software image NVRAM for storage of metadata and other data that requires a large number of writes that shall surv...

Page 12: ...es are used Continuous EDAC scrubbing of SDRAM data with at least 1 bit error correction and 2 bit error detection for each 16 bit word Non correctable errors cause a processor interrupt to allow the software to handle the error differently depending on in which section of the memory it appeared unless the error appear in the execution path see below EDAC checking of instructions before execution ...

Page 13: ...on to the EDAC protection of the flash data encoded with a header for checksum and length Each boot image is stored in three copies to allow for an automatic fallback option if the ECC and or length check fails on one copy Watchdog tripping leads to automatic reboot of the device Advanced Error Manager keeping the detected failures during reset reboot for later analysis ...

Page 14: ...ing harness Recommended applications and software Installed serial communication terminal e g gtkterm or minicom GPG for encryption decryption of files containing sensitive data Host build system e g the debian package build essential The following software is installed by the ÅAC toolchain package o GCC C compiler for OpenRISC o GCC C compiler for OpenRISC o GNU binutils and linker for OpenRISC o...

Page 15: ... the Sirius products Figure 3 1 ÅAC Sirius OBC with connector naming Figure 3 2 ÅAC Sirius TCM with connector naming All products and ingoing material shall be handled with care to prevent damage of any kind JTAG RTL DEBUG SW SPW1 SPW2 UART0 2 PWR UART3 4 DIGITAL ANALOG JTAG RTL DEBUG SW UMBI SPW1 UART0 2 PWR TRX2 LVDS TRX1 RS422 DIGITAL PULSE SPW2 ...

Page 16: ...on how to update the SoC refer to Chapter 11 For connecting the SpaceWire interface connect the nano D connector to connector SPW1 or SPW2 For more detailed information about the connectors see RD10 and RD11 3 3 Installation of toolchain This chapter describes instructions for installing the aac or1k toolchain 3 3 1 Supported Operating Systems Debian 8 64 bit When installing Debian we recommend us...

Page 17: ... AAC OR1k toolchain PATH setup if f opt aac aac path sh then opt aac aac path sh dev null fi 3 4 Installing the Board Support Package BSP The BSP can be downloaded from http repo aacmicrotec com bsp Simply extract the tarball aac or1k xxx x bsp y tar bz2 to a directory of your choice xxx x depends on your intended hardware target Sirius OBC or Sirius TCM and y matches the current version number of...

Page 18: ... UART may be used as a debug interface for printf output etc A serial communication terminal such as minicom or gtkterm is necessary to communicate with the Sirius product using these settings Baud rate 115200 Data bits 8 Stop bits 1 Parity None Hardware flow control Off On a clean system with no other USB to serial devices connected the serial port will appear as dev ttyUSB1 However the numbering...

Page 19: ... using the gdb command file Make sure the application is in ELF format file path to binary_to_execute 4 Now it needs to be uploaded onto the target RAM load 5 In the gdb prompt type c to start to run the application 3 5 4 Using multiple debuggers on the same PC In order to use multiple debuggers connected to the same PC each instance of OpenOCD must be configured to connect to the specific debugge...

Page 20: ...pplication is then uploaded to the target and started just as an ordinary application using gdb The maximum allowed size for the boot image for is 16 MB The nandflash_program application can be found in the BSP The below instructions assume that the toolchain is in the PATH see section 3 3 for how to accomplish this 1 Compile the boot image binary according to the rules for that program 2 Ensure t...

Page 21: ...case loss of start and end location in a completely full partition if cleared The following steps are required in order to clear and re initialise the NVRAM 1 Compile and run the nvram_clear application using the debugger This application is located in the src example directory in the OBC S or TCM S BSP the steps for compiling it are described in section 4 1 This will clear the NVRAM 2 Program a b...

Page 22: ... that the toolchain described in chapter 3 3 needs to have been installed and the BSP unpacked as described in chapter 3 4 The following instructions detail how to build the RTEMS environment and a test application 1 Enter the BSP src directory cd path to bsp aac or1k xxx x bsp src 2 Type make to build the RTEMS target make 3 Once the build is complete the build target directory is librtems 4 Set ...

Page 23: ...figuraition 4 2 Software disclaimer of warranty This source code is provided as is and without warranties as to performance or merchantability The author and or distributors of this source code may have made statements about this source code Any such statements do not constitute warranties and shall not be relied on by the user in deciding whether to use this source code 5 RTEMS 5 1 Introduction T...

Page 24: ...Document number 205065 Version Rev N Issue date 2019 02 04 Sirius OBC and TCM User Manual www aacmicrotec com Page 24 of 174 ...

Page 25: ...etal driver The device can only be opened once at a time Argument name Type Direction Description filename char in The absolute path to the file that is to be opened Watchdog device is defined as RTEMS_WATCHDOG_DEVICE_NAME dev watchdog oflags int in A bitwise or separated list of values that determine the method in which the file is to be opened whether it should be read only read write Return val...

Page 26: ...dog and setting of the timeout Argument name Type Direction Description fd Int in File descriptor received at open cmd Int in Command to send val Int in Data to write Command table Val interpretation WATCHDOG_ENABLE_IOCTL 1 Enables the watchdog 0 Disables the watchdog WATCHDOG_SET_TIMEOUT_IOCTL 0 255 Number of seconds until the watchdog barks Return value Description 0 Command executed successfull...

Page 27: ...User Manual www aacmicrotec com Page 27 of 174 Figure 2 RTEMS driver usage description All calls to RTEMS driver are blocking calls 5 2 3 2 RTEMS application example In order to use the watchdog driver on the RTEMS environment the following code structure is suggested to be used ...

Page 28: ..._APPLICATION_NEEDS_ERROR_MANAGER_DRIVER must be defined in order to initialise the error manager and enable board reset on watchdog timeout include bsp h include fcntl h include unistd h include errno h include bsp wdt_rtems h define CONFIGURE_APPLICATION_NEEDS_WDT_DRIVER define CONFIGURE_APPLICATION_NEEDS_CLOCK_DRIVER define CONFIGURE_MAXIMUM_DRIVERS define CONFIGURE_MAXIMUM_TASKS 2 Idle Init def...

Page 29: ...ster accesses are performed using ioctls The driver exposes a message queue for receiving interrupt driven events such as power loss non fatal multiple errors generated by the RAM EDAC mechanism 5 3 2 1 int open Opens access to the device it can only be opened once at a time Argument name Type Direction Description filename char in The absolute path to the file that is to be opened Error manager d...

Page 30: ...r on 0x1 Programmable FW Backup copy 0x2 Programmable FW Backup copy 0x3 Safe FW 0x4 Safe FW Backup copy 0x5 Safe FW Backup copy ERRMAN_GET_SCRUBBER_IOCTL Gets the state of the memory scrubber 0 Scrubber is disabled 1 Scrubber is enabled ERRMAN_GET_RESET_ENABLE_IOCTL Gets the reset enable state 0 Soft reset is disabled 1 Soft reset is enabled ERRMAN_GET_WDT_ERRCNT_IOCTL Gets the watchdog error cou...

Page 31: ...a software reset The reset enable state is required to be 1 On ERRMAN_SET_SCRUBBER_IOCTL Sets the state of the memory scrubber 1 On 0 Off The scrubber is a vital part of keeping the SDRAM free from errors ERRMAN_SET_RESET_ENABLE_IOCTL Sets the reset enable state 0 Soft reset is disabled 1 Soft reset is enabled ERRMAN_SET_WDT_ERRCNT_IOCTL Sets the watchdog error count register The counter width is ...

Page 32: ... write a 1 5 ERRMAN_SEOTHFLG R W A previous RAM EDAC Single Error Reset has been detected for critical data Clear flag by write a 1 4 ERRMAN_MECRIFLG R W A previous RAM EDAC Multiple Error Reset has been detected for non critical data Clear flag by write a 1 3 ERRMAN_SECRIFLG R W A previous RAM EDAC Single Error Reset has been detected for critical data Clear flag by write a 1 2 ERRMAN_WDTFLG R W ...

Page 33: ...r counter overflow has occurred 0 No CF set 1 Counter overflow Cleared by write 1 2 ERRMAN_WDTCFLG R W Carry flag set when Watch Dog Timer counter overflow has occurred 0 No CF set 1 Counter overflow Cleared by write 1 1 ERRMAN_RFCFLG R W Carry flag set when Manual Reset counter overflow has occurred 0 No CF set 1 Counter overflow Cleared by write 1 0 RESERVED 5 3 2 3 3 Single EDAC error register ...

Page 34: ...n the RTEMS API defined in subchapter 5 2 2 And if desired the access can be closed when not needed Figure 5 3 RTEMS driver usage description Interrupt message queue The error manager RTEMS driver exposes a message queue service which can be subscribed to The name of the queue is E M G R This queue emits messages upon power loss and single correctable errors A subscriber must inspect the message a...

Page 35: ...e name RTEMS_ERROR_MANAGER_DEVICE_NAME CONFIGURE_APPLICATION_NEEDS_ERROR_MANAGER_DRIVER must be defined for using the error manager driver By defining this as part of RTEMS configuration the driver will automatically be initialised at boot up 5 3 4 Limitations Many of the error mechanisms are currently unverifiable outside of radiation testing due to the lack of mechanisms of injecting errors in t...

Page 36: ...em and for time synchronization between these SCETs each SCET has the ability to receive and or transmit PPS signals using two PPS signals which is intended for off chip use The first signal pps0 is an input only and intended to be used with a time aware component such as a GPS device for synchronizing the SCET counter to real time The second signal pps1 is bidirectional and intended for use in a ...

Page 37: ...onizing the time counter with the incoming pps0 signal Should the PPS signal on pps0 disappear for some reason it will revert back to normal master mode and continue issuing PPS signals on pps1 5 4 3 4 Slave mode In this mode the SCET will synchronize the time counter with pps1 using the bidirectional multi drop PPS network as an input Should the PPS pulse disappear for some reason it will revert ...

Page 38: ...turn value Description 0 A file descriptor for the device on success 1 see errno values errno values EALREADY Device already opened for writing EIO Internal RTEMS error 5 4 4 2 Function int close Closes access to the device Argument name Type Direction Description fd int in File descriptor received at open Return value Description 0 Device closed successfully 5 4 4 3 Function ssize_t read Reads th...

Page 39: ...nt name Type Direction Description fd int in File descriptor received at open buf const void in Pointer to a 6 byte buffer where the adjustment difference values are stored The first four bytes are the difference value for the seconds and the last two bytes are the difference value for the subseconds count size_t in Number of bytes to write must be set to 6 Return value Description 0 Number of byt...

Page 40: ...S_O_EN_IOCTL Returns whether the pps0 or pps1 signal is input and if pps1 is input or output 0 pps1 is input default 1 pps0 is input pps1 is output SCET_SET_PPS_THRESHOLD_IOCTL Input value configures the PPS threshold window where the PPS pulse is allowed to arrive without being deemed lost Defined in number of subseconds 0 65535 0 is default SCET_GET_PPS_THRESHOLD_IOCTL Returns the currently conf...

Page 41: ...sition falling edge 0 is default SCET_SET_GP_TRIGGER_ENABLE_IOCTL Input bit field selects which GP trigger s to enable Bit 0 is trigger 0 Bit N is trigger N Bit 7 is trigger 7 All triggers are disabled by default 0 SCET_GET_GP_TRIGGER_ENABLE_IOCTL Returns which GP triggers that are enabled Bit 0 is trigger 0 Bit N is trigger N Bit 7 is trigger 7 SCET_GET_GP_TRIGGER_COUNTER_IOCTL Input value select...

Page 42: ... will fall back to Free running mode and Master mode with time synchronization will revert back to Master mode When in PPS source is set to internal If an incoming PPS is detected the PPS found interrupt is asserted Typically a number of these PPS found interrupts should be investigated by the application and once the PPS is deemed stable enough the PPS source should be set to external if external...

Page 43: ...ated messages with a prefix of SCET_INTERRUPT_STATUS_ Table 5 2 Driver message queue message types Event name Description PPS_ARRIVED An external PPS signal has arrived PPS_LOST The external PPS signal is lost PPS_FOUND The external PPS signal was found S G T n handles messages sent from the general purpose trigger n with the number n ranging from 0 to up to the maximum defined for the particular ...

Page 44: ...2_t secs_to_adjust 10 static const int16_t subsecs_to_adjust 1000 Adjust SCET time 10 seconds backwards and 1000 subseconds forwards rtems_task Init rtems_task_argument ignored int result int scet_fd uint32_t old_seconds uint16_t old_subseconds uint32_t new_seconds uint16_t new_subseconds uint8_t read_buffer 6 uint8_t write_buffer 6 scet_fd open RTEMS_SCET_DEVICE_NAME O_RDWR assert scet_fd 0 resul...

Page 45: ...t be defined for using the SCET driver By defining this as part of RTEMS configuration the driver will automatically be initialized at boot up 5 4 6 Limitations None secs_to_adjust subsecs_to_adjust memcpy write_buffer secs_to_adjust sizeof uint32_t memcpy write_buffer sizeof uint32_t subsecs_to_adjust sizeof uint16_t result write scet_fd write_buffer 6 assert result 6 result read scet_fd read_buf...

Page 46: ...hanged to instead mean 1 character 1 4 of the FIFO is full 1 2 of the FIFO is full and the FIFO is 2 characters from the given buffer depth top This results in the IP being fully backwards compatible since a buffer depth of 16 characters would yield the same trigger levels as those given in RD5 5 5 2 RTEMS API This API represents the driver interface of the module from an RTEMS user application s ...

Page 47: ...e Description dev uart0 Ordinary UART default mode RS422 dev uart1 Ordinary UART default mode RS422 dev uart2 Ordinary UART default mode RS422 dev uart3 Ordinary UART default mode RS422 dev uart4 Ordinary UART default mode RS422 dev uart5 Ordinary UART default mode RS422 dev uart_psu_control PSU Control RS485 only dev uart_safe_bus Safe bus RS485 only 5 5 2 2 Function int close Closes access to th...

Page 48: ...er of characters to read Return value Description 0 Number of characters that were read 0 A parity framing overflow error occurred The RX data path has been flushed Data was lost 1 see errno values errno values EIO Failed to get internal resource 5 5 2 4 Function ssize_t write Write data to the UART The write call is blocking until all data have been transmitted Argument name Type Direction Descri...

Page 49: ...te of the line interface Possible values UART_B375000 UART_B153600 UART_B115200 default UART_B76800 UART_B57600 UART_B38400 UART_B19200 UART_B9600 UART_B4800 UART_B2400 UART_B1200 UART_IOCTL_MODE_SELECT uint32_t in Set the mode of the interface Possible values UART_RTEMS_MODE_RS422 default UART_RTEMS_MODE_RS485 UART_RTEMS_MODE_LOOPBACK TX connected to RX internally UART_IOCTL_RX_FLUSH uint32_t in ...

Page 50: ...lt UART_IOCTL_GET_TRIGGER_LEVEL uint32_t out Get the current trigger level Return value Description 0 Command executed successfully 1 see errno values errno values EBADF Bad file descriptor for intended operation EINVAL Invalid value supplied to IOCTL 5 5 3 Usage description The following define needs to be set by the user application to be able to use the UARTs CONFIGURE_APPLICATION_NEEDS_UART_DR...

Page 51: ...bits only 1 stop bit only No hardware flow control support 5 6 Mass memory 5 6 1 Description This section describes the mass memory driver s design and usability This API represents the driver interface from a user application s perspective for the RTEMS driver The driver functionality is accessed through RTEMS POSIX API for ease of usage In case of failure on a function call errno value is set fo...

Page 52: ...hen manually injecting errors when writing to the the mass memory Type Name Purpose uint8_t edac_error_injection Bits to be XOR ed with generated EDAC byte uint32_t data_error_injection Bits to be XOR ed with supplied data 5 6 2 3 Struct massmem_ioctl_spare_area_args_t This struct is used by the RTEMS API as the target when reading from spare area and data simultaneously Type Name Purpose uint32_t...

Page 53: ...device can only be opened once at a time Argument name Type Direction Description filename char in The absolute path to the file that is to be opened Mass memory device is defined as MASSMEM_DEVICE_NAME oflags int in Device must be opened by exactly one of the symbols defined in Table 5 4 Return value Description 0 A file descriptor for the device 1 see errno values errno values EBADF The file des...

Page 54: ... The file descriptor fd is not an open file descriptor 5 6 3 3 off_t lseek Sets page offset for read write operations Argument name Type Direction Description fd int in File descriptor received at open offset off_t in Page number whence int in Must be set to SEEK_SET Return value Description offset Page number 1 see errno values errno values EBADF The file descriptor fd is not an open file descrip...

Page 55: ...size_t in Number of bytes to read into buf Return value Description 0 Number of bytes that were read 1 see errno values errno values EBADF The file descriptor fd is not an open file descriptor EINVAL Page offset set in lseek is out of range or nbytes is too large and reaches a page that is out of range EBUSY Device is busy with previous read write operation 5 6 3 5 ssize_t write Writes requested s...

Page 56: ...in EIO Failed to write data Block should be marked as a bad block 5 6 3 6 int ioctl Additional supported operations via POSIX Input Output Control API Argument name Type Direction Description fd int in File descriptor received at open cmd ioctl_command_t in Command specifier varies varies varies Command specific argument The following return and errno values are common for all commands except Retu...

Page 57: ...scription MASSMEM_IO_RESET n a n a n a Command Value type Direction Description MASSMEM_IO_READ_DATA_STATUS uint32_t out Pointer to variable in which status data is to be stored Command Value type Direction Description MASSMEM_IO_READ_CTRL_STATUS uint8_t out Pointer to variable in which control status data is to be stored Command Value type Direction Description MASSMEM_IO_READ_EDAC_STATUS uint8_t...

Page 58: ...ultiple of 4 The data or EDAC buffer is NULL The data or EDAC buffer is not 4 byte aligned EIO Reading timed out or read status indicated failure 5 6 3 7 Write spare area Writes the given data to the spare area Command Value type Direction Description MASSMEM_IO_READ_SPARE_AREA massmem_ioctl_spare_area_args_t in out Pointer to struct with input page number specifier and destination buffers where s...

Page 59: ...tatus from a block Note that this only gives information about factory bad blocks subsequent bad block status is not included in this information Return value Description 0 Block is marked ok 1 Block is marked as bad EINVAL The page number is out of range buffers are NULL or not 4 byte aligned 5 6 3 7 2 Error Injection Injects errors in page write command call The purpose is to test error correcti...

Page 60: ...SP is compiled with BSP_AAC_MASSMEM_ENABLE_32GB defined the value will differ based on the chip type in use but will always be less or equal to the static define MASSMEM_PAGE_BYTES_MAX This is provided in order to support the runtime determined size usage mode see 5 6 4 5 5 6 3 9 Get spare area bytes Get the available spare area size in bytes If the BSP is compiled without BSP_AAC_MASSMEM_ENABLE_3...

Page 61: ...must be in its reset value If there is data that was previously written to a page the block where the page resides must first be erased in order to clear the page to its reset value Note that the whole block is erased not only the page It is the user application s responsibility to make sure any data the needs to be preserved after the erase block operation must first be read and rewritten after t...

Page 62: ... time This usage mode is only available if the RTEMS BSP is compiled without the BSP_AAC_MASSMEM_ENABLE_32GB define set In order to use the mass memory flash driver in RTEMS environment with the same size usage mode the following code structure is suggested to be used include bsp h include fcntl h include unistd h include errno h include bsp massmem_flash_rtems h define CONFIGURE_APPLICATION_NEEDS...

Page 63: ...SMEM_ENABLE_32GB define set If the driver is compiled without the BSP_AAC_MASSMEM_ENABLE_32GB define set the mass memory and corresponding available page and spare area size will always be exposed as 16GB regardless of the chip type at runtime This can be useful for migrating applications to the runtime determined size usage mode without removing support for the same size usage mode If the driver ...

Page 64: ... related definitions Inclusion of bsp bsp_confdefs h is required to initialise the driver at boot up CONFIGURE_APPLICATION_NEEDS_MASSMEM_FLASH_DRIVER must be defined for using the mass memory driver This will automatically initialise the driver at boot up include bsp h include fcntl h include unistd h include errno h include bsp massmem_flash_rtems h define CONFIGURE_APPLICATION_NEEDS_MASSMEM_FLAS...

Page 65: ...rleaved over the mass memory chips This is done transparently from the user perspective except when writing the error injection vector Looking at the massmem_error_injection_t struct defined in 5 6 2 2 the data_error_injection member is an uint32_t Bit 0 of byte 0 1 2 3 affects the first data word Bit 1 of byte 0 1 2 3 affects the second data word Bit 7 of byte 0 1 2 3 affects the eight data word ...

Page 66: ... 1 int open Opens a file descriptor associated with the named device and registers with the corresponding logic address Each unique device may only be opened once for read only and once for write only at the same time or alternatively opened only once for read write at the same time The device name must be set with a logical address number as described in the usage description in subchapter 5 7 3 ...

Page 67: ...cessfully 1 see errno values errno values EBADF The file descriptor fd is not and open file descriptor 5 7 2 3 ssize_t read Reads a packet when available Note This call is blocked until a package for the logic address is received In addition only one task must access one file descriptor at a time Multiple task accessing the same file descriptor is not allowed Note buf reference must be aligned to ...

Page 68: ...than SPWN_MAX_PACKET_SIZE or buffer is NULL EIO Internal RTEMS resource error EBUSY Receive descriptor not currently available EOVERFLOW Packet size overflow occurred on reception ETIMEDOUT Timeout received Received packet is incomplete 5 7 2 4 ssize_t write Transmits a packet Note This call is blocked till the package is transmitted Argument name Type Direction Description fd int in File descript...

Page 69: ...ontrol API Argument name Type Direction Description fd int in A file descriptor received at open cmd int in Command defined in subchapter 5 7 2 6 value void in The value relating to command operation as defined in subchapter 5 7 2 6 5 7 2 6 Mode setting Sets the device into the given mode Note The mode setting affects the SpaceWire device and therefore all file descriptors registered to it Return ...

Page 70: ...r 205065 Version Rev N Issue date 2019 02 04 Sirius OBC and TCM User Manual www aacmicrotec com Page 70 of 174 EBADF The file descriptor fd is not an open file descriptor EINVAL Invalid command or invalid mode value ...

Page 71: ... logic addresses may be registered at the same time But each individual logic address may only be registered for read and write once at the same time Logical addresses between 0 31 and 255 are reserved by the ESA s ECSS SpaceWire standard RD2 and cannot be registered to Note A reception packet buffer must be aligned to 4 bytes in order to handle the packet s reception correctly It is therefore rec...

Page 72: ...ntl h and unistd h are required for using the POSIX functions open close read and write and ioctl functions for accessing the driver Inclusion of errno h is required for retrieving error values on failures Inclusion of bsp spacewire_node_rtems h is required for driver related definitions Inclusion of bsp bsp_confdefs h is required to initialise the driver at boot up CONFIGURE_APPLICATION_NEEDS_SPA...

Page 73: ...nality is enabled the driver will automatically adjust the setting of the paired pin to output mode as well The pins are paired in logical sequence which means that pin 0 and 1 are paired as are pin 2 and 3 etc Thus in differential mode it is recommended to operate on the lower numbered pin only to avoid confusion Pins can be set in differential mode on specific pair only i e both normal single en...

Page 74: ...ment name Type Direction Description fd int in File descriptor received at open Return value Description 0 Device closed successfully 1 See errno values errno values EINVAL Invalid options 5 8 2 3 Function ssize_t read Reads the current value of the specified GPIO pin If no edge detection have been enabled this call will return immediately With edge detection enabled this call will block with a ti...

Page 75: ...ee errno values errno values EINVAL Invalid options 5 8 2 5 Function int ioctl The input output control function can be used to configure the GPIO pin as a complement to the simple data settings using the read write file operations Argument name Type Direction Description fd int in File descriptor received at open cmd int in Command to send val void in out Data according to the specific command Co...

Page 76: ...isabled 1 timestamp enabled GPIO_IOCTL_GET_DIFF_MODE uint32_t out Get differential mode status of the pin 0 normal single ended mode 1 differential mode GPIO_IOCTL_SET_DIFF_MODE uint32_t in Set differential mode configuration of the pin 0 normal single ended mode 1 differential mode GPIO_IOCTL_GET_EDGE_TIMEOUT uint32_t out Get the edge trigger timeout value in ticks Defaults to zero which means wa...

Page 77: ...RE_APPLICATION_NEEDS_GPIO_DRIVER define CONFIGURE_APPLICATION_NEEDS_CLOCK_DRIVER define CONFIGURE_APPLICATION_NEEDS_CONSOLE_DRIVER define CONFIGURE_USE_IMFS_AS_BASE_FILESYSTEM define CONFIGURE_MAXIMUM_DRIVERS 15 define CONFIGURE_MAXIMUM_SEMAPHORES 20 define CONFIGURE_LIBIO_MAXIMUM_FILE_DESCRIPTORS 30 define CONFIGURE_RTEMS_INIT_TASKS_TABLE define CONFIGURE_MAXIMUM_TASKS 20 define CONFIGURE_INIT in...

Page 78: ...described chapters below Up to 8 virtual channels for telemetry are supported by the CCSDS IP and driver In the current configuration two virtual channels VC0 and VC1 are supported For telecommands 64 virtual channels are supported 5 9 2 Non blocking In non blocking mode for the RTEMS driver a write access is done without waiting for aresponse from the IP before returning from the write call Durin...

Page 79: ...r interface from a user application s perspective for the RTEMS driver The driver functionality is accessed through the RTEMS POSIX API for ease of use In case of failure on a function call errno value is set for determining the cause Access to the CCSDS driver from an application is provided by different device files dev ccsds that is used for configuration and status for common TM and TC functio...

Page 80: ...vailable interrupts are enabled 5 9 5 1 Datatype dma_transfer_cb_t For TM devices operated in non blocking mode see 5 9 2 a message with content below are send to the message queue CCSQ for reporting of transfer status Element Type Description adress uint32_t The start address in SDRAM that is fetched during transfer length uint16_t The length of the transfer Can be maximum 65535 vc uint8_t The vi...

Page 81: ...d Solomon encoder 0 No bypass 1 Bypass 5 9 5 3 Data type tc_config_t This datatype is a struct for configuration of the TC path The elements of the struct are described below Element Type Description tc_derandomizer_bypassed uint8_t Bypassing of TC derandomizer 0 No bypass 1 Bypass 5 9 5 4 Data type tm_status_t This datatype is a struct to store status parameters of the TM The elements of the stru...

Page 82: ...1024 bytes cpdu_line_status uint16_t Bits 0 11 show if the corresponding pulse command line was activated by the last command cpdu_bypass_cnt uint8_t Indicates the number of accepted commands Wraps at 15 5 9 5 7 Data type tc_error_cnt_t This datatype is a struct to store error counters of the TC path The elements of the struct are described below Element Type Description tc_overflow_cnt uint8_t In...

Page 83: ... file is to be opened whether it should be read only read write whether it should be cleared when opened etc See a list of legal values for this field at the end mode int in A bitwise or separated list of values that determine the mode of the opened device If the flag LIBIO_FLAGS_NO_DELAY is set the device is opened in non blocking mode Otherwise it is opened in blocking mode For further info see ...

Page 84: ...ue of the driver See 5 9 2 Argument name Type Direction Description fd Int in File descriptor received at open buf void in Character buffer to read data from nbytes size_t in Number of bytes 0 65535 to write to the device Return value Description 0 or greater number of bytes that were written 1 see errno values errno values EIO Device not ready for write or write operation is not supported on devi...

Page 85: ...NFIG dev ccsds tm tm_config_t Returns the configuration of the TM path CCSDS_SET_TC_CONFIG dev ccsds tc tc_config_t Sets a configuration of the TC path CCSDS_GET_TC_CONFIG dev ccsds tc tc_config_t Returns the configuration of the TC path CCSDS_GET_RADIO_STATUS dev ccsds radio_status_t Gets radio status CCSDS_GET_TM_STATUS dev ccsds tm tm_status_t Gets status of TM path CCSDS_GET_TM_ERR_CNT dev ccs...

Page 86: ...6 2 RTEMS Receive Telecommands 1 Open the device dev ccsds tm dev ccsds tc0 and dev ccsds Set up the TC path by ioctl call CCSDS_SET_TC_CONFIG on device dev ccsds tc or or ioctl CCSDS_INIT on device dev ccsds 2 Do a read from dev ccsds tc0 This call will block until a new TC has been received CCSDS_INIT dev ccsds N A Sets a default configuration of CCSDS IP See 5 9 1 CCSDS_SET_CLCW dev ccsds tm ui...

Page 87: ...unistd h are required for using the POSIX functions open close read write and ioctl to access the CCSDS device Inclusion of errno h is required for retrieving error values on failures Inclusion of bsp ccsds_rtems h is required for data types definitions of IOCTL of device CCSDS The define CONFIGURE_APPLICATION_NEEDS_CCSDS_DRIVER must be defined to use the CCSDS driver from the application ...

Page 88: ...12 Temperature Temp 13 The following ADC channels are available for the Sirius TCM Parameter Abbreviation ADC channel Regulated 1 2V 1V2 8 Regulated 2 5V 2V5 9 Regulated 3 3V 3V3 10 Input voltage Vin 11 Input current Iin 12 Temperature Temp 13 The TCM S FM board does not contain any input ADC channels When data is read from a channel the lower 8 bits contains the channel status information and the...

Page 89: ...ty is accessed through the RTEMS POSIX API for ease of usage In case of a failure on a function call the errno value is set for determining the cause 5 10 2 1 Enum adc_ioctl_sample_rate_e Enumerator for the ADC sample rate Enumerator Description ADC_IOCTL_SPS_31250 SPS 31250 ADC_IOCTL_SPS_15625 SPS 15625 ADC_IOCTL_SPS_10417 SPS 10417 ADC_IOCTL_SPS_5208 SPS 5208 ADC_IOCTL_SPS_2597 SPS 2597 ADC_IOCT...

Page 90: ...ice on success 1 See errno values errno values EEXISTS Device not opened EALREADY Device is already open EINVAL Invalid options 5 10 2 3 Function int close Closes access to the device Argument name Type Direction Description Fd int in File descriptor received at open Return value Description 0 Device closed successfully 1 See errno values errno values EFAULT Device not opened 5 10 2 4 Function ssi...

Page 91: ...ue to write or a pointer to a buffer where data will be written Command table Type Direction Description ADC_SET_SAMPLE_RATE_IOCTL uint32_t in Set the sample rate of the ADC chip see RD6 ADC_GET_SAMPLE_RATE_IOCTL uint32_t out Get the sample rate of the ADC chip see RD6 ADC_SET_CLOCK_DIVISOR uint32_t in Set the clock divisor of the clock used for communication with the ADC chip Minimum 4 and maximu...

Page 92: ...nistd h are required for using the POSIX functions open close ioctl Inclusion of errno h is required for retrieving error values on failures Inclusion of bsp adc_rtems h is required for accessing the ADC include bsp h include fcntl h include unistd h include errno h include bsp adc_rtems h define CONFIGURE_APPLICATION_NEEDS_ADC_DRIVER include bsp bsp_confdefs h include rtems confdefs h define CONF...

Page 93: ...nual www aacmicrotec com Page 93 of 174 5 10 4 Limitations Only one ADC channel can be enabled at a time To switch channels disabling the old and enabling the new channel is required Setting the clk divisor to something else than the default 255 might yield that some ADC reads returns 0 ...

Page 94: ... mode which is the normal mode of operation all write and read transactions are protected by EDAC algorithms All NVRAM addresses containing EDAC are hidden by the IP The address space is given by the table below Area Range start Range end Safe 0x0000 0x0FFF Update 0x1000 0x3FFF 5 11 3 Non EDAC mode Non EDAC mode is a debug mode that allows the user to examine the EDAC bytes The purpose of this mod...

Page 95: ...ag Return value Description fd A file descriptor for the device on success 1 See errno values in RD13 5 11 4 3 Function int close Closes access to the device Argument name Type Direction Description fd int in File descriptor received at open Return value Description 0 Device closed successfully 1 See errno values in RD13 5 11 4 4 Function ssize_t read Read data from the SPI RAM The call block unti...

Page 96: ...ten into the SPI RAM Argument name Type Direction Description fd int in File descriptor received at open buf void in Pointer to character buffer to read data from count size_t in Number of bytes to write Must be a multiple of 4 Return value Description 0 Number of bytes that were written 1 See errno values errno values EINVAL Invalid options ENODEV Internal RTEMS resource error 5 11 4 6 Function i...

Page 97: ...US_IOCTL uint32_t out Get EDAC status for previous read operations SPI_RAM_GET_DEBUG_DETECT_IOCTL uint32_t out Get Debug detect status EDAC Status Description SPI_RAM_EDAC_STATUS_MULT_ERROR Multiple errors detected SPI_RAM_EDAC_STATUS_DOUBLE_ERROR Double error corrected SPI_RAM_EDAC_STATUS_SINGLE_ERROR Single error corrected Debug Detect Status Description SPI_RAM_DEBUG_DETECT_TRUE Debugger detect...

Page 98: ...sing the POSIX functions open close ioctl Inclusion of errno h is required for retrieving error values on failures Inclusion of bsp spi_ram_rtems h is required for accessing the SPI_RAM include bsp h include fcntl h include unistd h include errno h include bsp spi_ram_rtems h define CONFIGURE_APPLICATION_NEEDS_SPI_RAM_DRIVER include bsp bsp_confdefs h include rtems confdefs h define CONFIGURE_INIT...

Page 99: ... Name Purpose uint32_t page_num What page to read write Values 0 SYSFLASH_MAX_NO_PAGES 1 uint32_t raw Ignored parameter programming is always done with EDAC and interleaving active uint8_t data_buf Pointer to buffer in which the data is to be stored or to the data that is to be written uint32_t size Size to read write in bytes Values 1 SYSFLASH_PAGE_SPARE_AREA_SIZE 5 12 3 RTEMS API This API repres...

Page 100: ...ceived at open Return value Description 0 Device closed successfully 1 see errno values errno values EBADF The file descriptor fd is not an open file descriptor 5 12 3 3 Function off_t lseek Sets page offset for read write operations NOTE The interface is not strictly POSIX as the offset argument is expected to be given in pages and not bytes Argument name Type Direction Description fd int in File...

Page 101: ...ffset set in lseek is out of range or nbytes is too large and reaches a page that is out of range ENODEV Semaphore not available EBUSY Flash controller busy EIO Semaphore error or internal driver error 5 12 3 5 Function ssize_t write Writes requested size of bytes to the device starting from the offset set in lseek NOTE For iterative write operations lseek must be called to set page offset before ...

Page 102: ...3 6 1 to The following return and errno values are common for all commands Return value Description 0 Operation successful 1 See errno values errno values EBADF The file descriptor fd is not an open file descriptor EINVAL Invalid command EIO Internal driver semaphore error 5 12 3 6 1 Reset System flash Resets the system flash chip 5 12 3 6 2 Read chip status Reads the chip status register 5 12 3 6...

Page 103: ...e or Buffer is NULL 5 12 3 6 7 Write spare area Writes the data to the given page spare area Command Value type Direction Description SYSFLASH_IO_READ_ID sysflash_cid_t out Pointer to struct in which ID is to be stored see 5 6 2 1 Command Value type Direction Description SYSFLASH_IO_ERASE_BLOCK uint32_t in Block number to erase Command Value type Direction Description SYSFLASH_IO_READ_ SPARE_AREA ...

Page 104: ...In NAND flash the memory area is divided into pages that have a data area and a spare area The pages are grouped into blocks Before data can be programmed to a page it must be erased all bytes are 0xFF The smallest area to erase is a block consisting of a number of pages so if the block contains any data that needs to be preserved this must first be read out The driver defines some constants for t...

Page 105: ...F64G08AFAAA both types will be presented as having the same size parameters 5 12 4 2 Usage The RTEMS driver provides the application software with a POSIX file interface for accessing the functionality of the bare metal driver However unlike the POSIX calls where the offset is given in bytes the Sysflash driver expects the offset to be in pages The read and write calls provide an abstraction to th...

Page 106: ...utomatically initialise the driver at boot up 5 12 5 Debug detect Erasing blocks programming pages to the first half of the flash memory lower addresses only works when the debug detect signal is high indicating debugger is connected If erase program operations to that area are attempted when the debug detect signal is low they will appear to succeed from a software perspective but the controller ...

Page 107: ...age from the Sirius OBC to the Sirius TCMTM or vice versa the routing address will be 1 3 In addition to this each end node Sirius OBC or Sirius TCM has one or more logical address es to help distinguish between different applications or services running on the same node The logical address complements the path address and must be included in a SpaceWire packet Example If a packet is to be sent fr...

Page 108: ... network The Sirius TCM supports both live TM transmissions directly to ground as well as storage of TM to the Mass Memory for later retrieval or download to ground during ground passes The Sirius TCM is highly configurable to be adaptable to different customer needs and missions and currently supports SpaceWire SpW using the Read Memory Access Protocol RMAP UART interfaces pulse commands as well ...

Page 109: ...th the external ports depicted 7 3 TCM S application overview The TCM S application is partitioned into several software modules who each handles a specific functional part An overview of the software architecture of the TCM S is presented in Figure 7 2 A main design driver of the TCM S software architecture is the ability to pass along data between the different handlers without copying since tha...

Page 110: ... Handler Error Mgr ADC SCET Driver Access Function Module Helper Module Message Router Figure 7 2 TCM S software application overview 7 4 Configuration The TCM S can be configured for specific missions by parameters in NVRAM described in Table 7 1 toTable 7 8 The parameters from NVRAM are read during initialization of the TCM S application If reading from NVRAM fails a set of fallback parameters a...

Page 111: ...annel 0 or 1 to be used for downloading of the data in the partition 11 UINT8 Segment size for the partition 1 16 kbyte 2 32 kbyte 3 N A 4 64 kbyte 12 UINT32 The data source identifier for the partition Can be used to set a custom identifier of a data producer to a partition Setting of this value is not required to successfully configure a partition Data from different sources can be routed to the...

Page 112: ... 6 Safe Bus Bitrate UINT8 UART bitrate 10 375000 baud 9 153600 baud 8 115200 baud default 7 75600 baud 6 57600 baud 5 38400 baud 4 19200 baud 3 9600 baud 2 4800 baud 1 2400 baud 0 1200 baud Mode UINT8 UART mode 0 RS422 mode 1 RS485 mode 2 Loopback Reserved UINT8 Reserved for padding and future use Paths on SpW network are specified by table Table 7 4 below Table 7 4 NVRAM SpW path storage Data Typ...

Page 113: ... APID Routing Byte Type Description 0 1 UINT16 APID or lower APID in APID range Bit15 0 Single APID Routing 1 APID range Bit14 0 Ext APID 1 TCM S APID Bit13 11 Not used Bit10 0 APID 2 3 UINT16 Upper APID in APID range Bit15 0 Single APID Routing 1 APID range Bit14 0 Ext APID 1 TCM S APID Bit13 11 Not used Bit10 0 APID 4 5 UINT16 The index of the SpW path of the APID See Table 7 4 6 7 UINT16 Reserv...

Page 114: ... 1 Enable Idle Frames Bit2 0 Disable MCFC 1 Enable MCFC Bit1 0 Disable FECF 1 Enable FECF Bit0 0 Disable CLCW 1 Enable CLCW Configuration of the TC path is described in Table 7 7 below Table 7 7 TC_CONFIG Data Type Description TC Config UINT32 Configuration of TC path Bit1 0 Disable BCH Decoder 1 Enable BCH Decoder Bit0 0 Disable Derandomizer 1 Enable Derandomizer Configuration of the TC handler A...

Page 115: ... config name is the name of the source configuration file for example src nv_config src nv_config_example exe Load and run the resulting binary RTEMS application using the debugger unit and GDB Success is indicated via the output NVRAM programming finished System can be power cycled 7 4 2 Fallback NVRAM parameters If reading from NVRAM fails during initialisation of TCM Core Application a set of f...

Page 116: ... 0xFE 0 1 0x01 0x01 0x03 0xFE 0 2 0x02 0xFE 0 Table 7 13 Fallback APID Routing APID Routing Lower APID Upper APID SpW Path Index Reserved 0 0xC00A 0xC150 Internal APID for TCM 0 1 0x8151 0x8300 0 0 2 0x8301 0x8450 1 0 3 0x8451 0x8600 2 0 Table 7 14 Fallback TM Configuration Parameter Value Description TM Clk divisor 250 The resulting TM bitrate will be 100 kbit s TM Config 0x4F Configuration of TM...

Page 117: ...6 Telecommands Telecommands can be received on the RS422 TRX1 the LVDS TRX2 or the umbilical UMBI interface The TCM actively searches for Command Link Transmission Units CLTU i e telecommands on all three inputs simultaneously as long as they are enabled When a telecommand start sequence is detected the other inputs are ignored during telecommand reception The search will restart once the entire t...

Page 118: ...action from software A pulse command is decoded directly in hardware and it sets an output pin according to the pulse command parameters The CPDU_DURATION_UNIT is defined to 12 5 ms and the output is hence a multiple of this signal length The CPDU function can e g be used to reset modules in a spacecraft and also choose which software image to boot an updated version or the safe image The last exe...

Page 119: ...is sent on VC0 The rate of timestamp generation is configurable through an RMAP command and the latest timestamp is readable on the same interface See 7 12 4 11 and 7 12 4 12 for further info 7 8 Error Management and System Supervision The Error Manager in the TCM S provides information about different errors and operational status of the system such as EDAC single error count EDAC multiple error ...

Page 120: ...ss memory is divided into logical partitions where each partition is configured by its mode type segment size and TM virtual channel for downloading All partitions have an address space of 4 Gbytes regardless of their physical size and this is also the maximum size of a partition Reading and writing to partitions behaves slightly different between different types of partitions but when a partition...

Page 121: ... Circular mode with additional automatic segment padding see 7 9 1 4 For both Continuous and Circular mode with or without automatic padding an internal cache of one page is used to hold any data that does not fit a page As soon as the cache is filled the data is written to physical memory Any restarts or power cycling will result in loss of any data only written into this cache If loss of cache d...

Page 122: ... of two types PUS see RD4 and raw Partitions of type PUS requires that each segment will begin with a PUS packet and unless auto padding is used it is up to the software writing into the mass memory to maintain this segmentation There are no limitations on the number of PUS packets that can be contained in one segment but if the written data doesn t fit exactly into the segment size it must be pad...

Page 123: ...rn such that written data never overlaps a segment boundary and is fit for download Adjusted write Written Pad Free space Written data Before write Segment boundary Segment 1 Segment 2 Result of write Free space Requested write Figure 7 7 Illustration of auto padding of a requested write No examination or validation of data contents are done in the padding process and if a write command with data ...

Page 124: ...ensure that the partition data range is continuous which is required in order for the partition to be usable If a discontinuity is discovered the recovery process will erase data blocks from the highest logical partition address and downwards until a continuous range of data is left on the partition Such discontinuities can for example occur due to corrupt blocks or if a partition is configured to...

Page 125: ...d Execution Complete Table 7 17 Telecommand Acceptance Report Success 1 1 Packet ID Packet Sequence Control UINT16 UINT16 Table 7 18 Telecommand Acceptance Report Failure 1 2 Packet ID Packet Sequence Control Code UINT16 UINT16 UINT8 0 Illegal APID 1 Invalid packet length 2 Incorrect CRC 3 Illegal packet type 4 Illegal packet subtype 5 Illegal application data 7 10 2 PUS 2 Distributing Register Lo...

Page 126: ... S by a telecommand One device command per telecommand is supported UART devices have a fixed configuration of 8 data bits and 1 stop bit Table 7 22 Distributing Device Command Device Address Bitrate Mode Parity 0xFF04000100 UART0 0xFF04000101 UART1 0xFF04000102 UART2 5 octets 10 375000 baud 9 153600 baud 8 115200 baud default 7 75600 baud 6 57600 baud 5 38400 baud 4 19200 baud 3 9600 baud 2 4800 ...

Page 127: ...ned fields for routing Field Value Target Spw Address 0x01 0x03 Reply Address 0x01 0x03 7 12 1 Input The RMAP commands supported by the Sirius TCM are specified in the table below See chapter 7 12 4 for details on each specific command Note The Sirius TCM uses the RMAP Transaction ID to separate between outstanding replies to different units When several nodes are addressing the Sirius TCM they ne...

Page 128: ... writes data from to a partition The extended address field determine the partition number The address field is used differently on different types of partitions see command details MMDataRange 0xFF 0x0500010n R Address ranges of all stored data in partition n MMPartitionConfig 0xFF 0x0500030n R Configuration of partition n MMPartitionSpace 0xFF 0x0500040n R Space available in partition n MMDownlo...

Page 129: ...4 RMAP input address details The chapters below contain the detailed information on the data accesses to the given RMAP addresses 7 12 4 1 TMStatus Reads the latest telemetry status Table 7 28 TMStatus data Byte Type Description 0 UINT8 0x00 No Error 0x01 FIFO error 1 UINT8 0x00 No transfer in progress 0x01 Transfer in progress RMAP reply status Table 7 29 TMStatus reply status codes Status code D...

Page 130: ... 0x00 Disabled default 0x01 Enabled 8 UINT8 Pseudo Randomization Control 0x00 Disabled default 0x01 Enabled RMAP reply status Table 7 31 TMConfig reply status codes Status code Description 0 Success EINVAL The driver for the TM device has not been initialized EIO I O error The TM device cannot be accessed 7 12 4 3 TMControl Controls generation of telemetry Table 7 32 TMControl data Byte Type Descr...

Page 131: ...zed or the argument is out of range EIO I O error The TM device cannot be accessed 7 12 4 5 TMMCFCControl Controls the Master Channel Frame Counter generation for transfer frames Table 7 36 TMMCFCControl data Byte Type Description 0 UINT8 0x00 Disabled 0x01 Enabled default RMAP reply status if a reply is requested Table 7 37 TMMCFCControl status codes Status code Description 0 Success EINVAL The d...

Page 132: ... UINT8 0x00 Disabled default 0x01 Enabled RMAP reply status if a reply is requested Table 7 41 TMPRControl status codes Status code Description 0 Success EINVAL The driver for the TM device has not been initialized or the argument is out of range EIO I O error The TM device cannot be accessed 7 12 4 8 TMOCFControl Controls Operational Control Field inclusion in TM Transfer frames Table 7 42 TMOCFC...

Page 133: ...ange EIO I O error The TM device cannot be accessed 7 12 4 10 TMBRControl Sets the telemetry clock frequency divisor The telemetry clock is fed to the radio The frequency of the telemetry clock is the system clock 50 MHz divided by the divisor E g if the divisor value is set to 25 the telemetry clock frequency is 2 MHz Note If the convolutional encoding is disabled as defined in subchapter 7 12 4 ...

Page 134: ...alized EIO I O error The TM device cannot be accessed 7 12 4 12 TMTSStatus The latest timestamp of telemetry sent on virtual channel 0 Timestamping needs to be enabled before timestamps can be read See 7 12 4 11 Table 7 50 TMTSStatus data Byte Type Description 0 UINT32 Seconds counter sampled when the frame event triggered 4 UINT16 Subseconds counter sampled when the frame event triggered RMAP rep...

Page 135: ...r 0xFF 6 UINT8 Number of rejected telecommands Wraps after 0xFF 7 UINT8 Number of parity errors generated by checksums in the telecommand path Wraps after 0xFF 8 UINT8 Number of received telecommands Both TC and CPDU are counted Wraps after 0xFF 9 UINT16 Last CPDU pulse command Logic 1 indicates the last activated line Bit 15 12 Unused Bit 11 0 Line 11 0 11 UINT8 Number of accepted CPDU commands W...

Page 136: ...the housekeeping data Table 7 58 HKData data Byte Type Description 0 UINT32 SCET Seconds 4 UINT16 SCET Subseconds 6 UINT16 Input voltage mV 8 UINT16 Regulated 3V3 voltage mV 10 UINT16 Regulated 2V5 voltage mV 12 UINT16 Regulated 1V2 voltage mV 14 UINT16 Input current mA 16 INT32 Temperature mºC 20 UINT8 S W version 0 padding 21 UINT8 S W major version 22 UINT8 S W minor version 23 UINT8 S W patch ...

Page 137: ...ee 7 7 for details If set the seconds value will be updated at the next PPS hence the seconds value should normally be the current seconds count 1 The subseconds value is ignored for write commands Table 7 60 SCETTime data Byte Type Description 0 UINT32 SCETSeconds 4 UINT16 SCETSubSeconds RMAP reply status if a reply is requested Table 7 61 SCETTime status codes Status code Description 0 Success E...

Page 138: ...size 16 kbytes If the write would overwrite existing data or write at an invalid location an RMAP error status will be reported and no data will be written Writes to continuous or circular partitions needs to specify the size via the RMAP data size and must indicate use of the write pointer by setting the address to 0 Writes which pass the end of the partition logical address space will automatica...

Page 139: ...partition or Address is not 0 when writing to continuous or circular partition or Length is greater than INT32_MAX EEXIST Write operation to direct mode partition would overwrite existing data EALREADY Write to circular partition that is being downloaded 7 12 4 20 MMDataRange This command will return all data address ranges where data is written in this partition see Table 7 66 The range informati...

Page 140: ... RMAP reply message data format is described in Table 7 68 The available blocks in the flash mass memory ranges from 0 to 8191 Table 7 68 MMPartitionConfig data Byte Type Description 0 UINT32 Starting block number of the partition 4 UINT32 Ending block number of the partition inclusive 8 UINT8 Partition mode 0 Direct 1 Continuous 2 Circular 3 Auto padded Continuous 4 Auto padded Circular 9 UINT8 S...

Page 141: ... the beginning of a block when the initial write occurs or is about to occur hence the amount of free space may not correspond exactly to the amount of available fully freed blocks It is possible but not recommended during normal operation to re synchronize the write pointer by writing exactly the amount needed to end up at the start of a block and then erase up to the write pointer This will caus...

Page 142: ...ata A download will not automatically free any data The RMAP write command data format is described in Table 7 72 Table 7 72 MMDownloadPartitionData data Byte Type Description 0 3 UINT32 Address of the data to download 4 11 UINT64 Length in bytes to download The RMAP reply status if a reply is requested will be the first error encountered during a single segment download i e all segment downloads ...

Page 143: ...ch pass the end of the partition logical address space will automatically wrap Frees may start at unused addresses See also 7 9 for an illustration of how free affects the actual amount of memory free for writes Note that MMFree on a partition where a download is in progress is not allowed The RMAP write command data format is described in Table 7 74 Table 7 74 MMFree data Byte Type Description 0 ...

Page 144: ...artition number 7 12 5 RMAP output address details 7 12 5 1 TCCommand A fully formed PUS packet according to RD4 containing a TC packet to be routed 7 12 5 2 UARTData Routed data from UART Table 7 79 UARTData data Byte Type Description 0 nn Array of UINT8 Data received on UART 7 13 Limitations For performance reasons the current TCM S release calculates checksums on neither the incoming nor the ou...

Page 145: ...DC controller 0 0xB4000000 Reserved 0xB3000000 Mass memory flash controller Sirius TCM only 0xB2000000 System flash controller 0xB1000000 Reserved 0xB0000000 NVRAM controller 0xAC000000 Reserved for PCIe 0xAB000000 Reserved for CAN 0xAA000000 Reserved for USB 0xA9000000 0xA3000000 Reserved 0xA2000000 Reserved for redundant SpaceWire 0xA1000000 SpaceWire 0xA0000000 Reserved for Ethernet MAC 0x9C000...

Page 146: ...ignal 22 Spacewire SpaceWire interrupt signal 23 CCSDS CCSDS interrupt signal 24 Available reserved for Ethernet 25 GPIO GPIO interrupt signal 26 Available reserved for SPI 0 27 Available reserved for SPI 1 28 Available reserved for custom adaptation 29 Available reserved for custom adaptation 30 Available reserved for custom adaptation 8 3 SCET timestamp trigger sources Some of the peripherals in...

Page 147: ...ds of the image are expected to be a header with image size and an XOR checksum see Table 8 5 If the size falls within the accepted range the bootrom loads the image to RAM while verifying the checksum Both the image size check and the checksum is on top of the automatic EDAC on all flash data The EDAC is handled by hardware and calculates one extra byte of redundancy data for each true data byte ...

Page 148: ... of handing execution to a damaged software image if no other is available cannot be used 8 5 Reset behaviour The SoC has a clock and reset block that synchronizes the external asynchronous reset to each clock domain The internal soft reset which can be commanded by software follows the same design philosophy i e is also synchronized into the clock domain where it s used 8 6 General synchronize me...

Page 149: ...ich SoC version that is flashed on the board In a connected gdb prompt type x 3xw 0xC1000000 Table 8 6 Sirius SoC info Base address number Function Description 0x0 TIME_STAMP When building the SoC a Unix timestamp is taken and put into the system It is made as a 32 bit vector indicating seconds since 1970 01 01 UTC 0x4 PRODUCT_ID 0x00 0x01 OBC S BB OBC SR With SPW router 3 ports 0x08 0x09 OBC S FM...

Page 150: ... the CCSDS standard for TC and where the principal recipient would be the TCM S regardless of the end target The TCM S simply acts as a router in this case routing the PUS command to the intended source based on the PUS APID and the TCM S routing table Second would be the mechanism for distributing the image upload data to different recipients in a data handling system i e also the TCM S itself us...

Page 151: ...complete as PUS services 1 7 8 see RD4 if requested in the telecommand PUS header All reports are sent on the live telemetry virtual channel Recommended usage is to always request acceptance and execution complete reports so that the Ground Segment can keep track of the upload process All checksum parameters in the service are CRC32 with polynomial 0x04C11DB7 and seed value 0 The Telecommand Accep...

Page 152: ... currently 272 bytes including header and maximum image size is 16 Mbyte Table 9 2 Image transfer start command data structure Total number of bytes in image Reserved zero Reserved zero UINT32 UINT32 UINT32 A telecommand execution complete report if requested in the PUS header will return the values listed in Table 9 3 in case of a failure Table 9 3 Image transfer start telecommand execution failu...

Page 153: ...3 3 Subtype 3 Verify uploaded image This subtype calculates and compares the checksum of the uploaded software image with the checksum set in the command s payload data see Table 9 6 Table 9 6 Verify uploaded image argument Checksum UINT32 A telecommand execution complete report if requested in the PUS header will return the values listed in Table 9 7 in case of a failure Table 9 7 Verify uploaded...

Page 154: ...e used for extra verification after update of an image or whenever the flight image copies needs a verification The telecommand takes the image copy number as argument max value 6 seeTable 9 10 Image copy number 1 3 is for the non updateable safe image and 4 6 covers the updated image copies Table 9 10 Calculate CRC in flash command argument Image copy number UINT8 A telecommand execution complete...

Page 155: ...ge must be at least 272 bytes and at most 16777216 bytes including header but setting the argument to 0 is also allowed in order to abort an upload without starting a new one Argument name Type Direction Decription total uint32_t in Total size of the uploaded image Return value Description 0 Success EINVAL Invalid image size EBUSY Unable to open System Flash for writing 9 4 2 int32_t swu_segment_a...

Page 156: ... mlist uint16_t out An array of the first 10 missing segments If the image is complete no data will be entered into this variable If only the checksum is of interest this may be a NULL pointer mlength uint16_t out The amount of elements in the missing segment array If only the checksum is of interest this may be a NULL pointer Return value Description 0 Success ENODATA Not enough data some data se...

Page 157: ...ds of the number of images an error return code will be returned instead Argument name Type Direction Decription image_number uint8_t in Image number in flash to calculate the checksum of checksum uint32_t out The calculated checksum Return value Description 0 Success EINVAL Image number is too small or large or checksum is a NULL pointer EIO Read error in image EBUSY Unable to open flash device f...

Page 158: ...lemetry from spacecraft to ground Idle Frames are sent on VC7 10 4 Uplink Channel Coding Randomization and Synchronization 10 4 1 Channel Coding The Telecommand Code Block is BCH 63 56 and supports Single Error Correction mode BCH Decoding can be enabled disable by a configuration in NVRAM or by a RMAP command 10 4 2 Randomization Derandomization of telecommands can be enabled disabled by a config...

Page 159: ...5 2 Randomization Randomization of Telemetry Transfer Frames can be enabled disabled by a configuration in NVRAM or by a RMAP command 10 5 3 Synchronization The 4 byte synchronization pattern prepended to the Reed Solomon code block is 0x1ACFFC1D 10 6 Telecommand format This chapter describes the format of the TC Transfer frames and TC Packets the TCM S handles 10 6 1 Telecommand Transfer Frame Th...

Page 160: ...eptance Check of the FARM on TCM S When this flag is set to 1 the Frame Acceptance Check will be bypassed on the TCM S CONTROL COMMAND FLAG Set to 0 to indicate the Transfer Frame Data Field contains a Frame Data Unit Type D Ser to 1 to indicate the Transfer Frame Data field contains control information Type C In conjunction with BYPASS FLAG the frame types Type AD Type BD and Type BC are supporte...

Page 161: ...ntrol Field which results in a maximum length of 1017 octets of the Transfer Frame Data Field The Transfer Frame Data Field shall contain either a Frame Data Unit for Type D Transfer Frame or a control command for Type C Transfer Frames For Transfer Frames carrying a Frame Data Unit a Segment Header follows the Transfer Frame Primary Header see Figure 10 3 For Frame Data Units the user data shall ...

Page 162: ... over the whole TC Transfer Frame except the two last octets 10 6 5 Telecommand Packet All Telecommand Packets in Frame Data Units shall conform to the format in Figure 10 4 below Figure 10 4 Telecommand Packet Table 10 3 Packet Header Field Description Comment Version number Packet structure version number Shall be set to 0 Type Distinguishes telecommand packets and telemetry packets For telecomm...

Page 163: ... to 001 Ack Specifies level of reporting to ground by the receiving Application Process Currently the TCM S always send acceptance success failure reports and execution completion success failure reports regardless Service Type Indicates the service to which the packet relates Service Subtype Indicates the subtype of the service the packet relates to Source ID Not used Spare Not used Application d...

Page 164: ...r Frame Primary Header Field Description Comment TRANSFER FRAME VERSION NUMBER Set to 00 SPACECRAFT ID Mission specific identifier of the spacecraft VIRTUAL CHANNEL ID The TCM S use VC0 and VC1 to send data VC7 is reserved for idle frame OCF FLAG Indicates presence of Operation Control Field OCF in TM Transfer Frames It shall be 1 if the OCF is present It shall be 0 if the OCF is not present This ...

Page 165: ...rame Data Field It shall be 0 if octet synchronized 1 otherwise In the TCM S data is always inserted octet synchronized so this field is always set to 0 PACKET ORDER FLAG Packet Order Flag Always set to 0 in TCM S SEGMENT LENGTH ID Shall be set to 11 if Synchronization Flag is set to 0 Set to 11 in TCM S FIRST HEADER POINTER If the Synchronization Flag is set to 0 the First Header Pointer shall co...

Page 166: ... 1103 octets 1115 6 4 2 10 7 5 Operational control field The Operational Control Field contains a Command Link Control Word Figure 10 9 Command Link Control Word Table 10 7 Command Link Control Word Field Description Comment CONTROL WORD TYPE Is set to 0 CLCW VERSION NUMBER Is set to 00 STATUS FIELD Can be used for Mission specific status No specific setting by TCM S COP IN EFFECT Set to 01 VIRTUA...

Page 167: ...g Type A Transfer Frames RETRANSMIT Set to 1 indicates that one or more Type A Transfer Frames have been rejected Set to 0 indicates no outstanding Type A Transfer Frame rejections so far FARM B COUNTER Contains two least significant bits of FARM B Counter RESERVED SPARE Set to 0 REPORT VALUE Contains the value of the Next Expected Frame Sequence Number N R 10 7 6 Frame Error Control Field If used...

Page 168: ...he packet Grouping Flags Set to 11 to indicate stand alone packet The TCM S generates stand alone packet only Source Sequence Flags Source sequence counter Packet Length Number of octets in packet data field 1 10 7 9 Data Field Header Figure 10 11 Data Field Header Table 10 9 Data Field Header Field Description Comment Spare TM Source Packet PUS Version Numbers Set to 001 Spare Service Type Indica...

Page 169: ... packet to an integral number of word if needed 10 7 12 Packet Error Control Packet Error Control is used by TCM S and the checksum of the Packet Error Control Field shall be calculated using CRC with polynomial 0x8408 LSB first and initial value 0xFFFF over the whole TM Packet except the two last octets 10 8 FARM parameters COP 1 is supported on the TCM S 10 8 1 FARM_Sliding_Window_Width W In the...

Page 170: ...en key 2 Select option DSA and Elgamal and a keysize of 2048 bits 3 After successful generation of the key export the key by gpg export a o your_pub key 4 The generated key your_pub key in example above is to be sent to ÅAC if needed 11 4 Step by step guide The following instructions show the necessary steps that need to be taken in order to upgrade the FPGA firmware 1 Connect the FlashPro5 progra...

Page 171: ...ual www aacmicrotec com Page 171 of 174 Figure 11 1 Startup view of FlashPro Express 5 Once the file has loaded warnings might appear click RUN see Figure 11 2 Please note that the connected FlashPro5 programmed ID should be shown Figure 11 2 View of FlashPro Express with project loaded ...

Page 172: ...with the new firmware which might take a few minutes Once it is finalized the second last message should be Chain programming PASSED see Figure 11 3 Figure 11 3 View of FlashPro Express after program passed The Sirius FPGA image is now updated 12 Mechanical data The total size of the Sirius board is 183x136 mm Mounting holes are ø3 4 mm with 4 5 mm pad size ...

Page 173: ...r debugging the PCBs LVTTL Low Voltage TTL Minicom Is a text based modem control and terminal emulation program NA Not Applicable NVRAM Non Volatile Random Access Memory OBC On Board Computer OS Operating System PCB Printed Circuit Board PCBA Printed Circuit Board Assembly POSIX Portable Operating System Interface PUS Packet Utilization Standard RAM Random Access Memory however modern DRAM has not...

Page 174: ...751 83 Uppsala Sweden Phone 46 18 560130 info aacmicrotec com AAC Microtec North America Inc 5 Berry Patch Ln Columbia Illinois 62236 USA Phone 1 602 284 7997 info aacmicrotecus com AAC Microtec UK Ltd Atlas Building Harwell Campus Oxfordshire OX11 0QX UK Phone 44 7500 934829 info aacmicrotec com Clyde Space Skypark 5 45 Finnieston Street Glasgow G3 8JU UK Phone 44 0 141 946 4440 info aacmicrotec ...

Reviews:

No comments

Related manuals for Sirius OBC

Brand: Daikin Pages: 20

Brand: DFI Pages: 69

Brand: Avalue Technology Pages: 78

FieldGo PCATX-R9

Brand: BSi Pages: 40

Brand: Fujitsu Pages: 62

CELSIUS W370 E85+

Brand: Fujitsu Pages: 6

Brand: Fujitsu Pages: 9

Brand: Fujitsu Pages: 9

CELSIUS M4 Series

Brand: Fujitsu Pages: 94

Brand: Fujitsu Pages: 69

Brand: Fujitsu Pages: 105

DESKPOWER 500 Series

Brand: Fujitsu Pages: 80

Brand: Fujitsu Pages: 70

Brand: Fujitsu Pages: 86

Brand: Fujitsu Pages: 81

DESKPOWER 6000 Series

Brand: Fujitsu Pages: 105

Brand: Fujitsu Pages: 94

Brand: Fujitsu Pages: 80

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands