Power-Fail

Embedded devices do not have the luxury of sophisticated disk recovery programs, as PC-compatible devices do. If an embedded device’s file system becomes corrupted because an erase or write operation is unexpectedly terminated, what will happen to the system? Lost sectors? Loss of the whole device? How do you repair it? Robust is not enough in many cases: the system should be designed to restore your file system from whatever point it failed. The TINY file system does this!!  

 

The basic method of operation is quite simple: a complete new file system must be available for use before any information is erased. In this way, if the worst happens, the system can be rebuilt either in its pre-write form (as if the write had never started) or with the new modifications included. It’s not possible to guarantee this with a DOS-compatible file system (hence the prevalence of disk recovery software) and with many other file systems.

 

While the concept is relatively simple, an efficient implementation with flash devices that require sectors to be erased before writing is definitely complex, and even more so for a system with minimal ROM and RAM. Write and erase times can be relatively long on flash devices, and therefore it is extremely important to ensure that the number of these operations is minimized. TINY is crafted to manage flash devices with small erasable sectors very efficiently.

 

One of the main methods of verification is through PC simulation of the file system, where thousands of test cases can be run relatively easily; in this mode the code runs with simulated flash devices. The code is stopped at random or at selected points and it is checked to make sure that the system reliably restarts and that no data are lost.

 

Further testing has been done with real devices by repeatedly breakpointing the code at any point, and then restarting the system and verifying that the operation is correct and no data have been lost to the system.