This article on the basics of reset supervisors is a good refresher for engineers who've gotten rusty and a primer for managers who want to hone their technical skills.
Microprocessors are complex, state-driven devices that must start up in a consistent way to function properly. You can establish proper processor operation by supplying a reset input that is normally asserted until the system is ready to execute the boot-up firmware. When the reset signal is deasserted, some subset of the processor's registers (depending on the specific chip) will be initialized to default values and the processor will start executing from fixed location (also specific to the chip). It's crucial to design this reset circuit properly to avoid system lockup, erratic processor operation, and possible corruption of your nonvolatile memory. (For more details see my article "Avoid Corruption in Nonvolatile Memory," September 2003).
It's easy to trivialize reset circuits because their functional requirements are so simple: the reset input must be deasserted when all conditions are within the processor's specified operating range and must be asserted at all other times. The real difficulty is to define "asserted," "deasserted," and "specified operating region" and then design circuitry that meets all of requirements.
This is all complex enough that many companies now offer integrated circuit reset devices, commonly referred to as "reset supervisors." Good design practice suggests using these reset supervisors for most embedded systems because designing discrete reset circuitry is beyond the expertise of many embedded systems engineers. My personal experience has led me to rely on reset supervisors exclusively and ignore the various RC, transistor, and diode networks that are scattered throughout data books and shown in "example" circuits.
Once you've decided to incorporate a reset supervisor, there are still a number of system parameters that need to be resolved before you can select any particular part. Among the most relevant are the reset time, the reset output voltage level(s), brownout and glitch protection, reset-voltage thresholds, and multiple-supply support. Other features, such as temperature range, package type, and power dissipation, are also important but we'll skip those features to focus on the characteristics specific to reset circuitry.
Reset supervisors always specify reset times, with typical values from the microsecond range up to significant fractions of a second. The reset supervisor will hold its output in the reset asserted state for the specified amount of time after all the required inputs have reached the defined "operating state." The general rule regarding reset time is that more time is always better: the longer the clocks and power supplies can settle, the more reliable and stable the system. If you need to shorten the bootup time, make sure all the critical elements of the system will be stable before deciding on the reset time. Don't forget to allow time for the power supply (or supplies) and phase locked loops (PLLs) inside the microprocessor and other chips to stabilize, and allow time for programmable logic to configure itself. And of course, don't forget to make sure that the reset signal is asserted long enough for all the other chips that will be connected to or affected by the reset supervisor and processor's operation.
Brownout detection for the power supply is another feature that's easy to overlook. Some processor registers can get corrupted during momentary power dips and peripherals can lose their configuration and operating state. A reset supervisor with brownout protection will force the processor back into a safe state and then restart the processor. As a bonus, the unexpected system reset can give you some indication of an unusual condition that needs further investigation.
You need to match the reset supervisor's output signals to the processor's input requirements for both the reset asserted and deasserted states. You should examine operation in both domains to ensure that the supervisor's reset output meets the processor's reset input requirements for supply voltages that are significantly below the operating voltage range, up to the top end of the supply voltage. The sticky point here is defining "significantly below" the operating voltage. You won't find any specification for this in the data sheets, but a good guess for parts running at 3 or 5V is to cover the reset input voltage specification down to 1V for CMOS parts and around 1.5V for TTL parts. Ultra-low-voltage parts will need to meet the reset input requirements at even lower voltages than those listed above. The designer should also verify that the reset supervisor's reset output meets the processor's input requirements when deasserted (that is, when the system is running), from the bottom of the supervisor's active input voltage operating range up to the limit of the system power supply.
You should calculate the electrical load of all the components connected to the supervisor, not just the processor, in both the reset and running conditions. Avoid the common mistake of adding logic gates to the reset circuit to buffer or combine signals. You can only do this if all the new components are specified to operate down to the derived "significantly below" voltage threshold we discussed earlier.
Optional features might help you select from among the large variety of parts that still meet the design criteria. Some reset supervisors include "watchdog" timers, power-fail interrupts, battery backup switching, or chip-enable gating. Some of these features can greatly simplify your system design or improve stability and may be useful in protecting nonvolatile memory as well.
Figure 1: A simple reset circuit on a system with a 5V supply
If you've read this far, it's time for a test of your practical knowledge. Figure 1 shows a simple reset circuit on a system with a 5V supply. The reset generator chosen is a Maxim part, the MAX821P, tied to a Philips XA series microcontroller. This design, as simple as it seems, has at least three major design flaws and one minor one. Send me an e-mail, using the subject line "ESP problem", with the errors you find and I'll respond with my own list.
Christopher Leddy has been programming computers for more than 30 years and specializes in embedded systems hardware and software. He holds an MSEE from the University of Southern California and a BSEE from the State University of New York. Christopher is currently a senior principal systems engineer at Raytheon. His e-mail address is firstname.lastname@example.org.