The topic of my thesis is a bootloader program for the railroad management equipment, designed and produced by Prolan Process Control Co., called ProSigma. Safety is very important to such an equipment, that is why ProSigma must achieve the highest, SIL-4 safety integrity level. ProSigma communicates through IP-based networks, which is also the way on which the system can be controlled. Railroad lamps, barriers and switches are connected to the system. ProSigma is made up of three different types of cards, the communication card, the main card, which is also called logical card, and the peripheral input-output cards. The signals in the system go through three distinct paths and there are different types of microcontrollers on these ways. The bootloader program, starting from the logical card, has to update the main card first, where it performs the local firmware upgrade process, then it also has to upgrade the peripheral cards.
In the first part of my work I give an overview of the whole system, the safety requirements, the protocols and I also go into details of the architectural buildup. After these, I will review my own firmware’s basic structure, the software components and their differences between particular microprocessors. Furthermore, I highlight the main steps and the most important considerations before and during the design phase.
In addition to the aforementioned unit, I also write about the local firmware update which runs on the designated main card. I also elaborate on the distinctions of the firmware on the three microcontrollers and the realization of preplanned ideas. The memory map will also be mentioned here, which is necessary in view of the fact that the upgradable firmware is made up of two different components. Afterward I will describe the process of peripheral upgrading through the CAN bus.
Ultimately, I discuss the opportunities of future development and changes for the whole program and project.