If you buy any kind of electronic gadget today, chances are it’s powered by a microcontroller with a program stored in its internal flash ROM. That program’s code is often jealously guarded by the manufacturer, who will try their best to make sure you can’t just read back the chip’s contents by using lock bits or some sort of encryption. Things were more laid back in the 1970s and ’80s, when code was stored unencrypted in standard EPROM chips, or, for high-volume applications, in mask ROMs integrated in microcontrollers. Reading back the code of such micros was still very difficult because chips simply didn’t have a way of dumping their contents. [Andrew Menadue] ran into this issue when trying to repair an old HP calculator printer, and had to apply a clever hack to dump the contents of its Mostek MK3870 chip.
The main trick [Andrew] used was one discovered by [Sean Riddle] and explained on his website. It makes use of the fact that the MK3870 has a TEST pin that can be used to disable the mask ROM and load alternative program code directly into the micro’s processing core. By setting up a LOAD instruction pointing at a ROM location and briefly disabling test mode while that instruction is executed, the ROM’s contents can be read out by the externally loaded program.
Simple as this hack may seem, actually implementing it was tricky enough because of the strict timing requirements between signals on the clock pins, the data bus, and the TEST pin. [Andrew] got it to work on his Raspberry Pi Pico setup most of the time, but somehow the micro still returned a plainly wrong value every few hundred bytes. Not willing to spend too much time debugging this issue, [Andrew] applied a rather crude hack to his code: instead of reading each byte once, it runs the read cycle 200 times, and only returns a result when all 200 runs return the same value. Dumping the entire 4 kB of ROM now takes several minutes, but this isn’t much of an issue since [Andrew] only has one chip to read out.
If you do have a bucketload of MK3870 chips that you need to dump, you might want to try and optimize the code on [Andrew]’s GitHub page. It’s a lucky coincidence that the ‘3870 has the exploitable TEST feature; often, the only way to get inside mask ROM code is by decapping the chip and optically reading the bits one by one. Mask ROMs are great for very long term data storage, however.
Yay! Finally an interesting article again! Good work! 😃👍
Careful; you’re showing your curmudgeon age… The other articles may not be interesting to you, but they may be to someone else. There are articles for all skill ranges here.
Several times now I’ve followed links about someone discovering some obscure ssh feature or such that sounds interesting to me only to realize once I read it that it’s something I’ve been using daily for over a decade.
Kids are rediscovering things that us curmudgeons have known for a while now. Who are we to rain on their parade, huh?
“Kids are rediscovering things that us curmudgeons have known for a while now.”
Just wait till they discover hills, both ways and snow.
Woah, that reminds me of the leaf thing from “Silent Running”.. Also from same era of that microcontroller here.
https://m.youtube.com/watch?v=6WVspvb3c3o
I like his coffee machine. It’s look like an art installation.
But for good coffee you need 97°C, not boiling water.
https://www.youtube.com/watch?v=3Q8w3QBo2f4
“But for good coffee you need 97°C”
Isn’t that dependent on altitude?
No, it’s really more dependent on attitude ;-)
Sometimes it is really the temperature. Last year i had a leak around the valve of my bialetti (mocca maker). And steam goes out to early, so the water heat up more and more.
The same coffee change their taste from dark chocolate to more sour one. To much temperature disolves more not really tasty flavours out the coffee.
Fun fact. The region ceylon was know for Coffee, but of the Coffee fungus and Mono culture all plants die. And they switched to the tea plant.
At one time, many years ago, I worked as a consultant to Bunn-O-Matic. I designed an electronic thermostat to replace the old mechanical version maintaining the tank temperature in their institutional coffee makers. They had done extensive testing to optimize the temperature for brewing the best coffee. 212F drew out certain oils that made the resultant cup more bitter. The optimum brewing temperature was determined by them to be 197F.
That is 91,66 celcius.
Interesting, but doesn’t water start to boil at 100°c ?
Makes me wonder, on which planet did they were “brewing” the best coffee ? 🙂
Depent on what you like. I like mine out a Jura. Bought used and repaired it. It ground itself the beans, brews with pressure ( alot of tiny Bubbles, the crema), so even the cheapest Coffee tastes great. A like the average American beans, the robusta more for espresso (better crema, because more oil in the beans) and the arabica beans more for the everyday Coffee (tastes more flavorfull).
But you have keep in mind the average u.s. american coffee are made with robusta beans. And in average they tastes stronger or more bitter. They are great for espresso. But the taste depent on which beans are used, how long roasted, how long rested, how fine grinded ( depend which machine are used, or Coffee want made), than pressure, filtered water, temperature…. that all make really a difference.
Sorry guys, i have a really good coffee roaster in town, which learned in hamburg and knows different Coffee farmers in the world personally. He Orders from there, roast itself and over the last 15 years i drank alot there. The only think is, he can not make a turkish Coffee, dont know why because it isnt that complicated.
“But you have keep in mind the average u.s. american coffee are made with robusta beans. [..]”
Thanks, as an European I admit I didn’t know that and learned something new.
I assumed Arabica was popular all alike.
Anyway, it’s better that way, since monocultures of plants aren’t exactly a good thing. So a bit of diversity is nice.
(If I had been a little bit mean, I would have argued that American coffee drinking habits do fit their fast-food taste perfectly. 😉 But kidding aside, every place has its own preferences some times. Some places prefer traditional black bread over white bread, despite white bread being of finer quality.)
I like that the comment section is turned into similar to knife sharpening religion.
Like i will take a sharpening stone with me for hiking. If i get lost in the woods, i only need to start sharpening, somebody will come to explain what i am doing wrong. :)
That reminds me, Microvision game system still do not have dumped ROM, 44 years after its original release. Due to odd design, CPU are built into game cart rather than on the console, and the game were embedded into CPU. TMS1100 CPU and Intel 8021 were used. I don’t know why they choose this rather than having CPU on the main system and ROM chip on the cart as that would have saved some money. Microvision never achieved popularity like many other consoles of the late 70s and early 80s and mostly faded into obscurity. Seven total games were made and released, one of them having 2 different variations being Star Trek and non Star Trek labeled.
AFAIK they do not have convenient test pin that can be exploited to dump the ROM. So maybe make TMS1100 and Intel 8021 a future project to poke into and find a way to make it spill it’s ancient secret? Working Microvision base can be rather pricey due to problem with LCD and keypad.
It looks like some work has been done on this:
https://mbmicrovision.blogspot.com/
Sean Riddle (whose work this M3870 work is based on) has also dumped the microvision games, or at least has die photos of the ROMs and one dump:
https://seanriddle.com/tms1100.html
He has done a lot of work in this area.
ooo some progress then! Still, reading the die photo and manually re-assembling ROM image bit by bit is going to be a lot of work. Assuming this person manages to decode ROM correctly, we can finally have emulator working with the ROMs.
I haven’t seen issues with the keypad so don’t know of any fixes off hand, but there have been two different drop-in replacement LCDs brought to market in recent years.
One of those LCDs has a backlight option (requires additional wiring, I believe). No idea of the stock situation with the LCDs.
Back to the subject of the article…
The MK3870 was one of the most capable single-chip computers of the era (4 TTL I/O ports; single +5v; low power; scratchpad RAM & executable RAM; vectored interrupt system; 4 different timebase options; 70 instructions…), and the MK38P70 was one of the most elegant, if not the most elegant solution to the development of a single-chip microprocessor design: a package which would accept a 24 or 28-pin, externally-programmable EPROM which plugged right onto the top of the package. This configuration was inexpensive enough and compact enough that it could also be used–and was, in very many cases–in production (remember that the charge–by an IC manufacturer–for a mask-programmed ‘anything’ can be ~ $100,000. Or more) .
See
https://hirokun.jp/MK3870.pdf
for the full data sheet.
Simply type “Mostek MK3870P” into your favorite search engine for really good pictures.