ASF-Nabd/ASF_01_sys_sw_arch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
bedcd373f5c515b0eafdde1c201845316f2feb64
ASF_01_sys_sw_arch/System Design/Gap Analysis and Solutions Documentation/Proposed Solution Guide_ Industrial ASF.md
mahmamdouh 0daead7821 analysis
2026-01-25 17:17:08 +01:00

3.6 KiB
Raw Blame History

Proposed Solution Guide: Industrial ASF

Introduction

This guide explains the "Proposed Solution" for the ASF project in simple terms. It is designed to help anyone understand how the system works, the background behind the decisions, and why these "industrial" patterns are used instead of simpler "maker" methods.

1. The "Brain" and its Security (ESP32-S3)

Background

The ESP32-S3 is a powerful microcontroller. In a "maker" project, you just upload code and it runs. In an industrial project, we must ensure the code hasn't been tampered with and that no one can steal the "secret sauce" (your intellectual property).

How it Works

  • Secure Boot: Think of this as a digital signature check. Every time the device starts, it checks the signature of the code. If it doesn't match, it won't run.
  • Flash Encryption: This scrambles the data stored on the chip. If someone desolders the chip and tries to read it, they will only see gibberish.

2. Talking to the World (MQTT & TLS)

Background

Devices need to send data to a central server. Using simple "web requests" (HTTP) can be slow and unreliable on a farm.

How it Works

  • MQTT: This is like a post office. The device "publishes" a message to a "topic" (like a mailbox), and the server "subscribes" to it. It's very lightweight and stays connected even if the signal is weak.
  • TLS (mTLS): This is the "S" in "HTTPS," but stronger. Both the device and the server have "ID cards" (certificates). They check each other's IDs before talking. This ensures no one can "pretend" to be your device or your server.

3. Updating the Software (OTA)

Background

When the devices are out on a farm, you can't go to each one with a USB cable to update the software. You need to do it over the air (OTA).

How it Works

  • A/B Slots: The device has two "slots" for software. While it's running from Slot A, it downloads the new version into Slot B.
  • The Safety Net: After downloading, it tries to start Slot B. If Slot B crashes or can't connect to the internet within 60 seconds, the device says "Oops!" and automatically switches back to the working Slot A. This prevents "bricking" the device.

4. Handling Sensors (The SAL)

Background

Sensors can be finicky. Sometimes they give wrong readings, and sometimes the company stops making a specific model.

How it Works

  • The "Translator" (SAL): Instead of the main code talking directly to a "Sensirion SCD41" sensor, it talks to a "CO2 Sensor Translator." If you switch to a different brand of sensor later, you only change the translator, not the whole system.
  • The "Rule of Two": For important things (like CO2 or Temperature), we use two different sensors. If one fails or gives a crazy reading, the system can detect it and use the other one.

5. Saving Data (SD Cards)

Background

SD cards are great for storage but they "wear out" if you write to them too often in the same spot.

How it Works

  • Batch Writing: Instead of writing every single heartbeat to the SD card, the system collects them in memory and writes them all at once in a big "chunk." This makes the SD card last much longer.
  • Power Loss Protection: The system "listens" to the power. If the power starts to drop, it uses a tiny bit of stored energy (from a capacitor) to quickly finish writing the last bit of data before it shuts down.

Summary for Dummies

In short, we are moving from a system that "just works" to a system that "keeps working" even when things go wrong (bad power, bad sensors, bad hackers, or bad internet).