One key element in emulation is ROM dumping. This is the process by which we are able to extract the contents of a memory chip such as an EPROM or the internal memory of a microcontroller.
When I started to learn emulation, I did not have access to proper ROM dumping equipment, so I resorted to building my own ROM dump circuitry around the Arduino. The result was a tangle of wires in a breadboard. It worked OK yielding valid results, but it was a slow procedure requiring manual post-processing of the data and it had to be reassembled from scratch everytime I needed to dump something. I would not trust a bunch of messy wires left aside for a week in a breadboard. I would prefer to spend something around 15 minutes to half an hour reassembling the circuit to be sure it was in good condition to be used.
The process of designing my own ROM dumper and building it from scratch (several times) was, for sure, aligned with the DIY mindset and helped me grasp the technology. But I needed something more reliable so that I could move on to other larger emulation challenges. So I went after a pre-assembled, commercial unit and I found a nice review of the Minipro TL866CS at the EEVBlog.
I was aware that it would only work with the crappy proprietary host application provided by the chinese manufacturer, but I was willing to delve into USB sniffer-based reverse engineering in order to write my own tools to use it, so I ordered one of these, anyway.
While I was waiting for the package to arrive from China, though, I discovered that the Ukrainians were faster and a hacker had already reverse engineered the protocol and released a free software program to operate the TL866CS. Yay!!! 🙂
So, this has been a very handy tool to me, since then. It is able to both dump and also write to an enourmous variety of memory chips (including the internal memory of several models of microcontroller chips). The fact that it operates over USB is very handy for modern computers. The older dumping/programming devices used to rely on interfaces such as serial and/or parallel ports, or other proprietary interfaces which are not easily accessible anymore nowadays.
And as the TL866CS is small and lightweigh, I always carry it (and a USB cable) on my backpack, so I’m ready to dump whatever cool device I may stumble upon in a casual day 🙂
The ZIF (Zero Insertion Force) socket on top of the TL866CS allows me to work with chips in DIP packaging. There were some situations in which I had to dump chips with other packaging types, such as the 8051 microcontroller used in the Ultratec Minicom IV, which is a PLCC44 chip. For that, I have bought the PLCC44 to DIP40 adapter shown below:
There are other adapters available for other packages such as PLCC32, TSOP, etc. But some of these are pretty much expensive, so I only plan to buy them whenever I really need them.
I am extremely happy with this programmer/dumper. There is only one pending issue with it, in my opinion. It is great that it operates with free software (“free as in freedom”) under GNU/Linux, on the command line. It would be nice to have a graphical user interface, but not really essential. The tricky problem that really still remains to be solved is the fact that all of the “intelligence” of the device is actually inside its firmware and not in the host application.
The algorithms for supporting the dumping and programming of the several thousands of chips supported are implemented in the internal firmware, running on a PIC microcontroller. And in some cases we may need to deal with chips that are not yet officially supported by the TL866CS proprietary firmware. I think it would be great to have a free software implementation of firmware for the TL866CS, so that we could add support for other chips. Also, by having free firmware, the TL866CS could potentially be used for other purposes as well. One idea would be to use it as a testing bench for verifying if a chip is properly working.
