Using Bit variable in saftey critical application

Hi, I have doubt regarding bit fields in Keil C. Suppose I am having variable alaram:

bit Alaram=0;

Alaram=P0^1;

if(Alaram==1)
{
 produceAlaram();
}


whether there is any chance of bit toggling in the software....
whether the alaram bit will changed to 1 even the P0^1 is 0...is there any possiblility?

so I change the code as.

unsigned char Alrm=P0^1;

if(Alrm)
{
 Alaram=0xA5;
}
else
{
 Alaram=0xAA;
}
if(Alaram=0xA5)
{
 produceAlaram();
}


Alaram is changed to unsigned char so one bit change cant produce alarm erroneously...whether this approach is correct...if any mistake kindly tell me and give me some guidelines for programming safety critical application........

with regards,
G.Karthik Ragunath

Parents
  • Suppose I am having variable alaram:

    You need to check your code. It will not do what you want it to do (maybe it won't even compile). Hint: Outside of a sbit declaration, the caret (^) is considered an XOR operator by the C compiler.

    whether the alaram bit will changed to 1 even the P0^1 is 0...is there any possiblility?

    Cosmic rays would be a rare, but real possibility. Also, noise on the pin could change the read value (briefly) to 1.

    Alaram is changed to unsigned char so one bit change cant produce alarm erroneously...whether this approach is correct...

    No, this approach will not help with the problem. The code still relies on reading the pin just once, and if there is noise, a false alarm will be given.

    Also, in a _safety critical_ application, failure to report a true alarm is usually worse than reporting a false alarm, within some limits.

Reply
  • Suppose I am having variable alaram:

    You need to check your code. It will not do what you want it to do (maybe it won't even compile). Hint: Outside of a sbit declaration, the caret (^) is considered an XOR operator by the C compiler.

    whether the alaram bit will changed to 1 even the P0^1 is 0...is there any possiblility?

    Cosmic rays would be a rare, but real possibility. Also, noise on the pin could change the read value (briefly) to 1.

    Alaram is changed to unsigned char so one bit change cant produce alarm erroneously...whether this approach is correct...

    No, this approach will not help with the problem. The code still relies on reading the pin just once, and if there is noise, a false alarm will be given.

    Also, in a _safety critical_ application, failure to report a true alarm is usually worse than reporting a false alarm, within some limits.

Children
More questions in this forum