• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Microcontroller Tips

Microcontroller engineering resources, new microcontroller products and electronics engineering news

  • Products
    • 8-bit
    • 16-bit
    • 32-bit
    • 64-bit
  • Applications
    • 5G
    • Automotive
    • Connectivity
    • Consumer Electronics
    • EV Engineering
    • Industrial
    • IoT
    • Medical
    • Security
    • Telecommunications
    • Wearables
    • Wireless
  • Learn
    • eBooks / Tech Tips
    • EE Training Days
    • FAQs
    • Learning Center
    • Tech Toolboxes
    • Webinars/Digital Events
  • Resources
    • Design Guide Library
    • DesignFast
    • LEAP Awards
    • Podcasts
    • White Papers
  • Videos
    • EE Videos & Interviews
    • Teardown Videos
  • EE Forums
    • EDABoard.com
    • Electro-Tech-Online.com
  • Engineering Training Days
  • Advertise
  • Subscribe

What happens when an MCU powers up?

May 27, 2022 By Jeff Shepard

MCU start up is a highly structured process designed to ensure proper operation. Numerous elements are involved including initial power/voltage sequencing and regulation, oscillator startup, the use of a vector table, boot loaders (including possible secure boot), and application initialization. This FAQ walks step-by-step through the various elements involved during the start-up of an MCU.

When power is first applied, the MCU waits for two things; the voltage to stabilize an oscillator to generate a stable signal. Crystal oscillators take a finite amount of time to stabilize. MCUs can address that delay with an oscillator start-up timer (OST). When power is applied, the initial oscillations have unstable amplitudes and periods, but after a brief time (or a given number of oscillator clock cycles), operation stabilizes (Figure 1). If the MCU begins loading software before the oscillator stabilizes, its operation can be negatively impacted. The OST can be invoked every time the oscillator is restarted such as on a power-on reset, brown-out reset, or waking up from sleep mode, not just at the initial power up. If there are multiple oscillators, each can have an independent OST with different timing criteria.

Figure 1: MCUs delay bootup for a fixed number of cycles, or a fixed time period, to enable an external oscillator to become stabilized. (Image: Microchip)

After the power source voltage and oscillator output have stabilized, the MCU uses the reset vector (in the vector table) for the location of where the start-up instructions (the boodloader) are in Flash memory. The reset vector, sometimes called the reset handler function, also performs hardware initialization including:

  1. Disables all interrupts
  2. Initializes data segment
  3. Initialize the .Bss segment
  4. Initialize stack segment

When an MCU is powered off, the program code and data is stored in non-volatile memory. When the MCU starts up, or is reset, the bootloader is used to initialize the system and load program code and other essential data. While there are many specific implementations of bootloaders, they generally share four major elements (Figure 2):

  • Branching code (green) that decides whether the bootloader or the application is loaded.
  • Application code (blue) is executed if the branching code determines that the bootloader is not needed and that the application code is safe to execute.
  • Bootloader code (red) is the key during startup and begins by initializing the peripherals that are required in order for the bootloader to perform all of its functions. These peripherals are typically the system clock, interrupt service routines and tables, a communication peripheral and perhaps a state-machine or basic task scheduler.
  • Code shared by the bootloader and the application to reset the system (orange)
Figure 2: The bootloader process includes branching code (green), application code (blue), bootloader code (red), and code shared by the bootloader and the application to reset the system (orange). (Image: Beningo Engineering)

The bootloader code is responsible for preparing the runtime environment for the application. Once the bootloader has completed its primary tasks, the installation verification test (IVT) routine is run. The IVT confirms that the installation of the application server profile was correct. The profile contains all the files needed to define the runtime environment Next, the application code and other data are loaded onto RAM and the MCU begins running the application program.

Secure boot

A basic bootloader is suitable when security is not a major concern. The explosion in the use of connected devices in business-critical systems has increased the number of threat vectors making it important to secure device operation. When there are concerns related to security that need to be addressed, a secure bootloader process is employed. During a secure bootloader process, the operating system images, code and other elements of the runtime environment are authenticated before they can be used by the boot process. The hardware uses trusted security credentials to authenticate the bootloader code to ensure they have not been tampered with or altered by any outside source.

A secure bootloader prevents an adversary from installing a different bootloader, or compromising the operating system or executable code. Without the use of a secure bootloader, any malicious code inserted into the device could enable a malicious actor to take control of the system, accessing sensitive data, making the device part of a botnet, or even physically damaging system operation. The use of a secure bootloader includes security checks during booting or rebooting that identify unauthorized code, prevents it from running, alerts the user and/or takes other remedial actions.

A secure bootloader goes through a series of process steps designed to guarantee the integrity and authenticity of the boot process and the application software (Figure 3). Verification that the bootloader is authentic and unmodified is the first step. That verification is performed using public/private keys. During the development of the secure bootloader, the code is digitally signed with the manufacturer’s private key. Its authenticity is checked when the bootloader code is run by checking it against an embedded public key of the device. The same process is used very time the device boots and every time an update is installed. After the bootloader has been confirmed to be authentic, the operating system, runtime environment and applications are also verified using a public/private key process. The system starts running only after all of the elements have been confirmed to be authentic.

Figure 3: A secure bootloader goes through a structured process using public/private keys to ensure the authenticity of the bootloader code and other system elements. (Image: Keyfactor)

Summary

When an MCU starts running, the first thing that happens is that the start-up process pauses until the basic power rail(s) and the oscillator have stabilized to ensure proper operation. Once the system is electrically stabilized the bootloader is used to initialize the runtime environment of the device. Next, the IVT confirms that the installation of the application server profile was correct, enabling the startup of the application software. In a growing number of connected systems, the basic bootloader is replaced by a secure bootloader using public/private key technology to ensure that none of the system elements, including the bootloader itself, have been tampered with or altered by any outside source.

References

Bootloader Design for Microcontrollers in Embedded Systems, Beningo Engineering
Interrupt vector table, Wikipedia
Oscillator start-up time, Microchip
What is Secure Boot? It’s Where IoT Security Starts, Keyfactor
Why Would You Use a Secure Element for Secure Boot?, Microchip

 

 

You may also like:


  • MCU Bits and Bytes: sizes, types, and uses

  • 8-, 16- and 32-bit MCUs…are more bits better?

  • Security for embedded systems – Virtual Roundtable (part 1 of…

  • Securing embedded systems in a hostile world
  • secure IoT
    Billions of reasons to build a trusted safe and secure…

Filed Under: Embedded, FAQ, Featured, Software Tagged With: FAQ

Primary Sidebar

Featured Contributions

Five challenges for developing next-generation ADAS and autonomous vehicles

Securing IoT devices against quantum computing risks

RISC-V implementation strategies for certification of safety-critical systems

What’s new with Matter: how Matter 1.4 is reshaping interoperability and energy management

Edge AI: Revolutionizing real-time data processing and automation

More Featured Contributions

EE TECH TOOLBOX

“ee
Tech Toolbox: 5G Technology
This Tech Toolbox covers the basics of 5G technology plus a story about how engineers designed and built a prototype DSL router mostly from old cellphone parts. Download this first 5G/wired/wireless communications Tech Toolbox to learn more!

EE Learning Center

EE Learning Center

EE ENGINEERING TRAINING DAYS

engineering
“bills
“microcontroller
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for EE professionals.

DesignFast

Design Fast Logo
Component Selection Made Simple.

Try it Today
design fast globle

Footer

Microcontroller Tips

EE World Online Network

  • 5G Technology World
  • EE World Online
  • Engineers Garage
  • Analog IC Tips
  • Battery Power Tips
  • Connector Tips
  • DesignFast
  • EDA Board Forums
  • Electro Tech Online Forums
  • EV Engineering
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips

Microcontroller Tips

  • Subscribe to our newsletter
  • Advertise with us
  • Contact us
  • About us

Copyright © 2025 · WTWH Media LLC and its licensors. All rights reserved.
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media.

Privacy Policy