A watchdog can be an important part of a product and you should include one in your next design.
[This is an actual dog and not a watchdog circuit. He is much cuter than a circuit.] A watchdog is a special chip, circuit or part of a microcomputer chip. Its’ purpose is to reset the product if the product ever becomes ‘lost’, stuck or erratic. Generally this circuit is used in embedded computer systems like that in a microwave oven or piece of medical equipment such as a blood pressure monitor (rather than in a consumer PC or laptop). Part of a watchdog system is computer software to monitor correct operation of the product. The computer watches the system and the watchdog watches the computer. Sometimes the watchdog is also called a watchdog timer because of the electrical circuit used to implement it.
AirVac Pers 2400a
Why do we need a watchdog timer to reset a product? If a piece of medical equipment or other embedded equipment were to hang or get stuck it could present a threat in an emergency. PC application freezing up, such as a word processor, are generally more benign. Watchdogs, or watchdog timers are frequently used in critical equipment to help monitor the correct operation of the microcomputer chip. Watchdog timers are used in non-critical consumer equipment also. Here they are designed in to provide the customer with a better product experience. A PC could benefit from a watchdog timer in many dedicated applications, but they are not generally used because the office applications that generally run on the PC’s are not designed to implement them and most office applications do not require them.
Why would equipment operation freeze, hang or become erratic? Embedded equipment can freeze or get stuck for a number of reasons. An electrostatic discharge may cause this in equipment not specifically designed to resist such events. An electrostatic discharge can occur when your rub your feet across a rug and touch a product in dry weather. Moreover, it can occur around high voltage equipment. In general there has been more and more pressure to put more circuitry in smaller packages. With the smaller packages comes the difficulty of designed products that are ESD resistant thus the impetus to let a watchdog timer recover from the event rather than circumvent it with an ESD resistant design.
Another event that may be of concern is inappropriate connections to equipment, or data input that the equipment was not designed to handle. These can cause the computer programs or other hardware in equipment with embedded processor to hang or freeze. Hardware failures in the computer chip or system can also cause the microcontrollers in equipment to malfunction or hang. A Watchdog timer may be able to reset the system out of this problem or provide diagnostics.
Finally, programming errors or bugs can be ‘caught’. The most difficult types of bugs to catch are those that occur very infrequently and cause some catastrophic problem like the product operation to freeze. A functioning watchdog timer may be able to reset out of such an event without the customer even knowing that there was a problem. This brings us to another issue with watchdog timers.
What happens after the watchdog timer detects that the microchip or other parts of the product are not functioning properly? These circuits are hardwired to first cause a system level reset. This is to bring the system back to a known state. It is important for the whole system to reset together so that all parts of the equipment are always in ‘sync’. After this reset the design of the equipment can proceed in two directions. Between these two directions there are an infinite number of possibilities. The two directions are:
Stop the equipment. Something bad happened. Possibly inform customer equipment malfunctioning.
Try to proceed as if nothing happened from where the equipment was before the watchdog event. If designed for upfront, the customer may never know something different even happened.
The exact system response to a watchdog, and choices, are dependant on the product and applications. For instance in some products it may be critical that certain tasks continue uninterrupted in the case of a watchdog event. Be aware that it may not be possible for a watchdog to resume operation in 100% of the products operating modes, or it may not be economically feasible to even try. On the other hand, a properly implemented watchdog function can be a strong selling point for a product. Although the consumer may not specifically care about a watchdog circuit, they may understand the ensuing security and confidence that are the product benefit if properly explained.
In many systems diagnostics are collected and stored by the computer to help diagnose watchdog events. This is of benefit to the manufacturer in improving the product. Important information to collect may be the subroutine or sub-program the computer chip was running when the problem occurred, external levels, pressures, and other collected data, internal voltages and the states of internal switches and nodes. The time and date of the event may be collected and a history can even be built. The data can be valuable in a redesign or for equipment forensics and liabilities.
Perhaps in your next design you will consider including a watchdog timer and properly applying it to the chip and system.