Author Topic: Connecting MCU to the outside world - how safe should it be?  (Read 1580 times)

0 Members and 1 Guest are viewing this topic.

Offline ManxTopic starter

  • Contributor
  • Posts: 39
  • Country: pl
I'm building a device consisting of a couple of sub-devices. They will be connected to each other with cables. There is a serial connection via RS485 which provides a buffer between microcontroller pins and the outside world and thus makes me feel quite safe about this. But there are also other signals between the devices - between two MCUs or between MCU in one device and some chip in another.

For now, as I develop the project, these signals are connected directly. But something doesn't feel right to me when I think about letting it stay like this in the final version. It doesn't feel right to let MCU pins be connected to wires that go outside of the device's box.

Could you comment on that? What are best practices in this area? Should I use some buffers? Or can it stay like this? Or maybe I should go crazy and make some additional protection with diodes, filters and whatnot?
 

Offline martin1454

  • Regular Contributor
  • *
  • Posts: 95
  • Country: dk
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #1 on: May 14, 2019, 06:57:33 am »
Some ESD protection and a optocoupler then you cant go that much wrong
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9821
  • Country: 00
  • Display aficionado
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #2 on: May 14, 2019, 07:09:59 am »
It also depends on the microcontroller family. Something like that ATmegas are known to be fairly robust and endure abuse quite well, whereas some other families can be much more touchy. It's good to always assume the worst, but there's definitely differences in the amount of leeway you have.
 

Offline AndyC_772

  • Super Contributor
  • ***
  • Posts: 4315
  • Country: gb
  • Professional design engineer
    • Cawte Engineering | Reliable Electronics
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #3 on: May 14, 2019, 08:10:40 am »
I'd never just connect an MCU pin to the outside world directly. It's a mistake I made a long time ago, once.

MCU pins have very limited protection against ESD damage, and essentially no protection at all against being connected to voltages in excess of the MCU's own supply.

Think about what kinds of faults might occur outside the unit. How could the external signals be mis-wired? Could they be shorted together? Could a power supply be shorted to a signal pin? Could there be other signals in the same wiring loom which might end up being connected to your device as a result of a fault elsewhere?

A separate buffer might be a bit more robust, but it'll still fry in an instant if (say) someone connects 12V to a device powered from 3.3V. You need to think about what specific faults might occur, what voltages might appear on what pins as a result, and what the consequences might be.

Offline KL27x

  • Super Contributor
  • ***
  • Posts: 4108
  • Country: us
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #4 on: May 14, 2019, 08:38:11 am »
Quote
what the consequences might be.
You might sell more?  :-DD

I personally expect when you plug 12V into a 3V device that it should die. The more expensive the device, the more I expect this to happen. You gonna buy a $1000 laptop and plug it into 40V adaptor? Maybe someone will figure out how to plug it into mains, directly? Why would you worry about that? I'm more worried about the connector being idiot-proof, polarity and whatnot. Why would you or anyone else go plugging in random things to see if they fit?

ESD protection of the micro may not be any good at all, but I guess you have to determine that for yourself. 
« Last Edit: May 14, 2019, 08:51:24 am by KL27x »
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3925
  • Country: de
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #5 on: May 14, 2019, 10:07:25 am »
I would be also concerned by the excessive wire capacitance for the non RS485 signals. 3.3V/5V logic is not good for driving long stretches of wire and this is likely going to cause problems due to the distorted signal edges.

Also, if your devices are mains powered and are longer distance from each other (especially if in another building!), you need to consider that they may not be referenced to the same ground and you get huge voltages between the ground wires (easily in 70-100V range). If the building's wiring is poor (e.g. there is no protective earth to equalize these voltages), you may get this even between outlets in different rooms as long as they are connected to different phases. Such voltages will kill an unprotected MCU pretty reliably and interfere with the correct functioning of the system even if it is protected. This may kill even your RS485 transcievers unless they are capable of handling such common mode voltages.  Optoisolation or transformers are what you want in such case.

If your wiring is outside, you may also want to ensure some lightning protection - not so much against a direct hit (that would fry everything regardless) but induced voltage spikes if it hits nearby, or even just atmospheric electricity. A long cable is a fairly good antenna and you can get a pretty nasty jolt out of it when there is a lot of charge in the air. Again, optos, MOVs, spark gaps and similar are your friend.
 

Offline ManxTopic starter

  • Contributor
  • Posts: 39
  • Country: pl
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #6 on: May 14, 2019, 04:45:28 pm »
Ok, thanks very much guys. So my intuition was right that I'd need drivers. You've also made me realize some additional protection will also be useful.

This will be only a couple of meters of cable inside a building and from a single power supply. But it will be around AC motors and welding machines, so I guess there is a potential for interference.

Thanks again for sharing your knowledge and experience!
 

Offline mitrynicolae

  • Contributor
  • Posts: 45
  • Country: ro
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #7 on: May 14, 2019, 06:59:13 pm »
Hi Manx,

From my point of view, MCU should not have in any way dirrect connections to outside world, and let me tell you why. First of all, I am a software engineer and I do electronics as a hobby, but I like to integrate the software concepts in everything that I do. For example in software there are some principles called SOLID. Let me tell you how you can use these smart principles even in hardware (if not in day to day tasks)
Single responsability  - tell that a method or a class should not be responsible for more than one thing. For example if one of the MCU pins is responsible at a moment for blinking a led but ten seconds later it should read an analog signal then you have a problem (I am not telling that this is not done, I am just telling that from my point of view this should not happen)
Open-closed principle states that a class should be open for expansion but closed for modification. This mean that you should build your hardware in such way that later you can add functionalities to it without the need to rebuild the PCB. For example by exposing multiple i2c ports, or by using some multiplexers for digital output ports and so on
Interface segregation is referring to the fact that an interface should not contain more than is necessary (this will enforce the class that will implement this interface to implement method or properties that are not their responsability) This is also true for micro controllers. A microcontroller should talk to outside world to an interface. If it is an digital port then it should be protected by an optocupler. If it is an analog port then it should be protected by a buffer and so on. By implementing this interface with the outside world you force the outside world to obey the rules of the interface. The interface state, no signal above 10V should be allowed on digital input. Someone want to hack your device and put 11V. In this case either the interface will reject the input or the interface will be fried. In either case (depending on the design) the MCU will be safe. The interface say, no more than 500mA can be used from a single output (for example from ULN2003). This means that if I try to draw more current either the driver will fail or it will enter in a halt mode (depending on the design).

More over if you consider all the solid principles you will see that every "interface" from a board will have its own purpose and you will know how to isolate your components on the PCB based on their functionalities.

Long story short, MCU pins should not be exposed directly to outside world but by using interfaces. An interface forces an implementation and is "public" available while some functionalities are "private". For example if you will have an analog input through a buffer then for sure this will be linked to MCU, otherwise there is no reason to put that interface to a board which mean that the analog input connector will be "public" available (for everyone that will use your board). In the same time the crystal functionality is a private functionality since it will not be exposed to the outside world.

It is the interfaces responsability to adapt and protect the input and output signals and not the MCU responsability. Consider the case when you switch the MCU with one that does not support anymore 5V on the input but instead 3.3V. In this case if the inputs are dirrectly available to the outside world then all the connections to the MCU should be changed. Otherwise by using interfaces then you should slightly adapt your interfaces in such way that they will work with the new MCU. For examply I like to design the analog inputs not as a buffer but using differential amplifiers. In this case I have the possibility to shunt all the resistors and I have a buffer or place some of them and I have one type of amplifier.
« Last Edit: May 14, 2019, 07:09:07 pm by mitrynicolae »
 

Online rstofer

  • Super Contributor
  • ***
  • Posts: 9963
  • Country: us
Re: Connecting MCU to the outside world - how safe should it be?
« Reply #8 on: May 14, 2019, 08:46:31 pm »
Programmable Logic Controllers (PLCs) have been around for decades.  I suspect they have the interface issues worked out.  Maybe try to find some reference information and do what they do.

Google has a LOT of hits for 'plc i/o module schematic'
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf