Core responsibilities
- Developed safety-critical firmware for the stripper controller and driver subsystem of an 18 MeV medical cyclotron on PSoC 5LP.
- Implemented deterministic control flow for insert/retract operations with strict interlock checks.
- Integrated sensing and control interfaces:
- potentiometer-based position feedback through SAR ADC
- limit switch boundary checks
- I2C communication between master and slave boards
- Built local diagnostics with CLCD status outputs for fast onsite troubleshooting.
Reliability engineering work
- Upgraded communication from basic polling to a fault-tolerant “Safe-Link” approach.
- Added timeout-protected I2C wrappers to avoid infinite blocking loops.
- Implemented heartbeat signaling to detect “alive but frozen” slave logic.
- Added bus-recovery bit-banging (9 SCL pulses) for stuck-SDA conditions.
- Designed 3-strike escalation and quarantine logic to isolate failed slave nodes without full system reset.
- Integrated watchdog-safe delays to maintain system responsiveness during long operations.
Systems impact
- Reduced single-point failure risk by applying Triple Modular Redundancy (TMR) voting concepts for sensing reliability.
- Enabled automatic recovery paths for bus hangs and transient communication faults.
- Preserved master runtime context by preferring slave isolation over global reset when possible.
- Improved service continuity expectations for beam extraction workflows used in medical isotope production.
Learning outcomes
- Gained hands-on exposure to firmware constraints in accelerator instrumentation and medical systems.
- Strengthened hardware-software co-debugging skills with oscilloscope-based signal validation.
- Practiced designing for fail-safe behavior, recoverability, and operational uptime rather than best-effort behavior.
Stack
Embedded C PSoC 5LP I2C/EZI2C SAR ADC Watchdog Timer TMR Concepts Fault Isolation Oscilloscope Debugging