Filter
Top Products
258 Self-tests and data reliability
Section 6: Meter operation Reference, Installation, and Operations Manual
June 2013 3-9000-743 Rev S
6.9 Self-tests and data reliability
The Mark III electronics has extensive built-in self-test and monitoring features that ensure
reliable system operation. These features are a generation leap beyond those found in the
Mark II and other existing industry products:
6.9.1 RAM integrity
The Mark III utilizes "ECC" (Error Correction Code) SDRAM memory. Every 4 bytes of system
memory have 7 bits of a CRC-like "Hamming code" stored with it. This code is checked every
time any byte of system SDRAM memory is accessed. Additionally, this code is sufficiently
advanced that it can correct single bit memory errors on-the-fly and flag multi-bit memory
errors with a non-maskable interrupt.
This type of check is an enterprise and server class; type of integrity monitoring and goes far
beyond a simple start-up “walking one's” memory test.
6.9.2 Program integrity
All Mark III firmware is stored with a CRC code in non-volatile FLASH memory. The firmware is
only executed if the CRC code calculated on start-up matches the one stored with each firmware
program.
The CRC code is also checked for new firmware downloads before any firmware upgrades are
made in the Mark III. Additionally, after each firmware upgrade, the Mark III firmware upgrade
task double-checks the integrity of the stored program against the downloaded program file.
6.9.3 Stored data integrity
All Mark III non-volatile data is stored with CRC codes in the non-volatile memory. Additionally,
all data is stored in the form of write "transactions". Thus, not only is the integrity of any
individual data guaranteed, but also the associativity of multiple data written together is
guaranteed across power fails. Thus if power fails in the middle of any transaction, either all of
the older data or all of the newer data is guaranteed to be present in the system. Under no
situation will part old and part new data be present when power is restored. This functionality
has been thoroughly tested by performing thousands of asynchronous power fail cycles while
storing data in the system.
6.9.4 Hardware watchdog
The Mark III electronics contains a hardware watchdog circuit that must be reset periodically by
the firmware. A watchdog task monitors the health of the system. Any detected anomaly or in-
advertent lockup of the firmware will always cause a warm start. Thus the meter will never
remain in a non-performing situation (say due to a transient) for more than a few tens of
seconds.
6.9.5 Program execution integrity
The Mark III utilizes a microprocessor with a hardware MMU (Memory Management Unit). This
MMU is fully utilized by an enterprise-class “protected-mode” operating system- Linux.
This combination allows for increased operation reliability of the entire system as critical tasks
are protected from any non-critical task erroneous operation.