JTAG is the core interface for debugging ARM chips, and its architecture achieves instruction transparency from the host to the chip through a layered design. This article will focus on the ARM JTAG debugging architecture, clarifying its key components at the physical and protocol layers.
1. Three Major Modules of ARM JTAG Debugging Structure
① Debug Host
Function: The PC side running the debugging software, sending high-level commands (such as breakpoints, memory read/write).
Tools: ADW (Windows) or arm-elf-gdb (Linux) from the ARM SDT/ADS suite.
② Protocol Converter
Core Role: Converts high-level commands from the host into low-level signals recognizable by the JTAG scan chain.
Communication Medium: Supports physical interfaces such as USB, Ethernet, RS-232, etc.
Protocol Standards:
The mainstream uses the ARM Angel protocol (refer to SDT/ADS documentation).
Third-party solutions (such as Abatron BDI, EPI Jeeni) may use proprietary protocols.
③ JTAG Macrocell
Hardware Implementation: Integrated into ARM7TDMI and other cores, including:
3 scan chains: handling instruction registers, data registers, and bypass signals respectively.
TAP state machine: controls JTAG timing (such as Shift-IR, Shift-DR state transitions).
2. Working Principle
The host sends commands (such as “step execution”) through the debugging software.
The protocol converter breaks down the commands into bit streams recognizable by the JTAG scan chain.
The TAP state machine drives the scan chain to complete command injection or data return.
This article is an original piece by Wanyi Education, please indicate the source when reprinting!