Electronic – eeprom data corruption during power failure

Let's assume you have some sort of a linear regulator that feeds your PIC. That regulator probably has lots of headroom (say it has 12V input and 3.3V output). The regulator will work fine in spite of the input being only 8V, for example.

You need to choose this cut-off point and feed it to a comparator that produces a logic signal called Power Good (PG). This signal will go off long before the regulator fails to regulate and the BOD kicks in.

Whenever PG is absent, you shouldn't be doing any EEPROM writes.

You should also store the setpoint with some check value. A simple scheme is use the 1s complement of speed. For example, for 0x88 speed, the 1s complement is 0x77. In C:

typedef struct {
  uint8_t speed;
  uint8_t speed_complement;
} SetpointSlot;

If a setpoint slot has invalid check value, you simply ignore it.

You should be storing an even multiple SetpointSlots - at least two. If your EEPROM is paged, the slots must not cross pages, and they must be spread across two pages (or more pages if they don't all fit on two pages). With 2 setpoints, you'll have each on its own page, for example.

When starting up:

1. Iterate the slots. Use the first valid one you encounter (where speed == ~speed_complement).
2. If no valid slots are found, use the defualt value.

When storing a new value, you would do the following:

1. Recall the currently used setpoint slot.
2. Erase the next setpoint slot (next in a round-robin fashion, alternating pages).
3. Write the new setpoint there.
4. Verify the written values. If they're wrong, zero them out to ensure they'll stay wrong, select the next setpoint slot and go to 1.
5. Zero-out (not erase) the current setpoint slot - but only if it's not the same slot as where the new value got stored. That could be the case if you had two slots and one of them was in a "bad" area of eeprom.