-
Diving into JTAG — Security (Part 6)
The JTAG interface is an important tool for debugging and testing embedded systems, providing low-level access to the internal workings of microcontrollers and other integrated circuits. However, this powerful interface also presents significant security threats. In the sixth and final part of this Diving into JTAG article series, we will focus on security issues related to JTAG and the Debug Port.
-
Diving into JTAG — Usage Scenarios (Part 5)
In previous articles, we have considered the primary uses of JTAG, including debugging and testing boards in production. For firmware developers, the first - debugging - is the most common. In this article, I want to look at two uses of JTAG Boundary Scan, which are also common tasks for a firmware developer: board bring-up and reverse engineering.
-
Diving into JTAG — BSDL (Part 4)
In the previous article of this series, we briefly touched on how
.bsd
files written in Boundary Scan Description Language (BSDL) describe the structure of the boundary scan chain and the instruction set. In this article, we will examine this language’s syntax more closely before seeing how.bsd
files are leveraged in JTAG testing in the next article. -
Diving into JTAG — Boundary Scan (Part 3)
In the third installment of this JTAG deep dive series, we will talk in-depth about JTAG Boundary-Scan, a method used to test interconnects on PCBs and internal IC sub-blocks. It is defined in the IEEE 1149.1 standard. I recommend reading Part 1 & Part 2 of the series to get a good background on debugging with JTAG before jumping into this one!
-
Diving into JTAG — Debugging (Part 2)
In this second part of a JTAG deep-dive series, we take an in-depth look at interacting with a microcontroller’s memory and engaging with the processor core and debug registers. While the use of JTAG in testing is fairly standardized when it comes to debugging, each processor architecture has its unique nuances. With that in mind, this article will focus on debugging using JTAG on the ARM Cortex-M architecture, specifically with the STM32F407VG microcontroller.
-
A Guide to Using ARM Stack Limit Registers
by Jon KurtzWe will explore using the MSP Limit and the PSP Limit Registers on the ARM Cortex-M33 architecture to detect stack overflows. We will walk through an implementation on the Renesas DA1469x and look at practical examples of detecting stack overflows. Additionally, we will look at supplementary options for scenarios that the MSPLIM and PSPLIM features fall short.
-
Tools we use: installing GDB for ARM
In this mini article, I’ll be going on a few strategies and nuances around getting a copy of GDB installed for debugging ARM chips.
-
Peeking inside CMSIS-Packs
In this article, we’ll take a look at what CMSIS-Packs are, and how they can be useful!
-
Introduction to ARM Semihosting
This post introduces semihosting and shows how to use it and integrate it into your own embedded projects.
-
ARM Cortex-M33 Instruction Tracing Without a Debugger
In this post we will explore how to perform instruction tracing without a debugger by using the ARM Cortex-M33 Micro Trace Buffer (MTB). We will walk through a few practical examples of how to configure the MTB with Dialog Semiconductor’s DA14695 MCU.
-
Faster Debugging with Watchpoints
In this post we will explore how to save time debugging by making the most of watchpoints. We will walk through a few classic use cases of watchpoints by debugging an example application with GDB. Then, we will dive into how watchpoints are implemented for ARM Cortex-M based MCUs with the Data Watchpoint & Trace (DWT) unit and explore some advanced features.
-
Step-through debugging with no debugger on Cortex-M
This week we explore how to debug running systems with ARM Cortex-M’s DebugMonitor exception handler. We cover how to configure the MCU to operate in this mode and walk through an example of installing breakpoints and single-stepping on a running device!
-
How do breakpoints even work?
In this article, we will discuss the basic types of breakpoints (hardware and software) and how they are utilized by the GNU Project Debugger, GDB. We will then explore how to configure hardware breakpoints on an ARM Cortex-M MCU using the Flash Patch and Breakpoint Unit (FPB) and examine a real-world configuration with an example application.
-
Profiling Firmware on Cortex-M
In this post, we explore different techniques that can be used to profile firmware applications running on ARM Cortex-M microcontrollers. To profile our Mandelbrot application on STM32, we start with a naive debugger-based sampling method, and eventually discover ITM, DWT cycle counters, and more!
-
A Guide to Watchdog Timers for Embedded Systems
In this article we will discuss the last line of defense in embedded systems – watchdogs. We will walk through a step-by-step example of how to implement a watchdog subsystem, incorporating a “hardware” and “software” watchdog, and examine effective strategies for root causing the underlying problems leading to these hangs.
-
How to debug a HardFault on an ARM Cortex-M MCU
In this article, we explain how to debug faults on ARM Cortex-M based devices. In the process, we learn about fault registers, how to automate fault analysis, and figure out ways to recover from some faults without rebooting the MCU. We include practical examples, with a step by step walk-through on how to investigate them.
-
From Zero to main(): Bootstrapping libc with Newlib
In this post, we will add RedHat’s Newlib to our firmware and highlight some of its features. We will implement syscalls, learn about constructors, and finally print out “Hello, World”! We will also learn how to replace parts or all of the standard C library.
-
ARM Cortex-M RTOS Context Switching
In this article we will explore how context switching works on ARM Cortex-M MCUs. We will discuss how the hardware was designed to support this operation, features that impact the context switching implementation such as the Floating Point Unit (FPU), and common pitfalls seen when porting an RTOS to a platform. We will also walk through a practical example of analyzing the FreeRTOS context switcher,
xPortPendSVHandler
, utilizinggdb
to strengthen our understanding. -
A Practical guide to ARM Cortex-M Exception Handling
In this article we will dive into the details of how the ARM Cortex-M exception model supports the handling of asynchronous events. We will walk through different exception types supported, terminology (i.e. NVIC, ISR, Priority), the configuration registers used & common settings, advanced topics to be aware of regarding exceptions and a few examples written in C.
-
From Zero to main(): How to Write a Bootloader from Scratch
In this post, we will explain why you may want a bootloader, how to implement one, and cover a few advanced techniques you may use to make your bootloader more useful.
-
A Deep Dive into ARM Cortex-M Debug Interfaces
In this article we will walk up through the hardware and software stack that enables debugging on
ARM Cortex-M
devices, demystify what is actually happening and go through a step-by-step example, tracing a basic debugger operation end to end using a logic analyzer.