Temporal and Spatial Isolation and Protection of Program Modules for an Embedded System-on-Chip
MetadataShow full item record
Nordic Semiconductor ASA wishes to improve its product value by enabling Bluetooth Low Energy functionality on their new Cortex-M0 based radio microcontrollers.The new device will be single-chip, thereby evolving their current dual-chip solution.% using a single chip, thereby evolving their current dual-chip solution. This report handles the challenge of protecting the radio subsystem from the user applications since they now must reside on the same microcontroller.The Bluetooth Low Energy protocol is a new specification that is expected to be embraced by the industry. The protocol is very comprehensive and is therefore presented in a brief manner with a focus on the timing of events. The default scenario pictured is that of a connection event between a connected slave and master.Example use cases of products applying Bluetooh Low Energy are presented. The motivation is to provide a clear picture of constraints and demands that solutions must account for. It is important to leave enough execution time for both the protocol and the user application. This makes the consequent restrictions highly product dependent.To solve the issue of temporal protection, the implications of an operating system or environment is explored. Available real-time operating systems for the Cortex-M0 are presented, along with common operating system mechanisms. Specifically, the scheduling aspect of the operating system is essential, while the added value of other features are application dependent. The scheduling can separate the protocol and applications into tasks that are run according to priorities and deadlines. Alternatively, a simpler context switcher can be used to insure that the protocol is run, thereby relieving the user of using an operating system and its paradigms. To solve the issue of spatial protection, the memory management aspects of embedded systems are studied. Embedded systems benefit from smaller hardware memory protection units that only focuses on granting or not granting access to memory areas. Memory maps are used to determine access rights of the current instruction. Earlier papers and Nordic Semiconductor ASA have ideas on how to achieve this.Nordic Semiconductor ASA's in-development memory protection unit proves to coincide well with the state of the art.It is concluded that the isolation of protocol and user application is achievable by combining the memory protection unit and some form of operating environment.An operating system enables efficient and scalable scheduling, but a smaller interrupt based solution is also sufficient to satisfy the overall goals of the project.