Danish Ali

Soft Errors with STM32F7

Discussion created by Danish Ali on Jul 11, 2017
Latest reply on Jul 11, 2017 by Clive One

I am in the process of moving from stm32f4 to stm32f7, which has the addition of dedicated ITCM RAM for fast execution of code (e.g. interrupt handlers, vectors). I guess the same will apply for stm32h7.

With my stm32f4 projects I could get adequate performance with all my code and vectors in FLASH, but I am very tempted to put some code/vectors in ITCM RAM for the f7.

But I am struggling to work out how I might best follow the advice of AN4750 "Handling of soft errors in STM32 applications". The application note says that any RAM can become corrupt.

"Live" data, buffer-contents, caches and the like will work their way out.

State-machines need be written to cope with deadlock.

But what do we do when the vectors or machine-code might also get corrupted? As far as I know, the only mechanism currently in my system is the watchdog which will reset everything.


My development environment (Rowley Crossworks, which uses gcc) automatically copies any stuff intended for ITCM RAM from FLASH at startup. But code could be running for days, and a rarely-executed (but high-peformance) routine or vector entry could have been corrupted some time ago. And I'll only find out when I need the fast response!

Do any of you periodically refresh the ITCM RAM? Does your development environment support this or do you have to go low-level? What else might be done in a one-processor system?


Have any of you experienced failures where the only credible explanation is a soft error? How did you tell?

(Crashes in my code are very rare, but I think bugs are more likely to be the cause than soft errors).


 - Danish