I've been doing a lot of reverse engineering on a C161PI-based alarm control board (Brinks BHS-4000). I've already figured out a lot about the system just by experimenting with the panel itself, as well as looking at firmware dumps I've made. But when I try loading the dumped firmware into the uVision simulator, it just hangs whenever it waits for Flash writes to complete. In addition, I've often seen it overwriting bits of code in memory at addresses that wouldn't be overwritten on the actual system, like Flash programming control messages.
I've heard that the uVision simulator emulates peripherals, including Flash memory, but I don't see the options for Flash memory emulation anywhere. I'd like it to emulate an AM29F160DB/DT chip, which is what the actual system uses, or a compatible one. Does anyone know how I can get it to do that?
Here's the system info:
Infineon C161PI processor AM29F160DB EEPROM (2MB, 0x0-0x1FFFFF) IS62C1024AL SRAM (128KB, 0x400000-0x41FFFF) Firmware dump: www.filedropper.com/20766a
Anyone know how I can get this running?
Also, does anyone know of any other C16x emulation software, that's open source? Or any open-source C16x tools for that matter--it's been really frustrating only being able to find proprietary stuff, often that isn't even available to download. Not even the GCC toolchain someone made years ago is open source, despite the GPL requiring it. (And it's not on their site anymore, and the links on archive.org don't work, of course. -_-)