Problem: Super-loop firmware blocked on modem AT command responses. When the modem hung (twice per week), CAN bus paused 15–60 seconds. Field devices — flow controllers, pressure sensors, valve actuators — triggered false fault conditions and occasionally safety shutdowns.
Solution: FreeRTOS redesign: CAN bus task at highest priority, modem task at lower priority. Message queues between tasks — modem task drops outgoing messages if queue full rather than blocking. Each task supervised by hardware watchdog via a software watchdog task. Per-subsystem restart on missed check-in: modem restarts without touching CAN or Ethernet tasks.
Technology: FreeRTOS · STM32 · CAN bus · LTE modem · JTAG
Optimisation pattern: super-loop-blocking-to-rtos-task-isolation-with-watchdog-supervision
Outcomes:
CAN bus interruptions from modem faults: zero in 4-month field trial. Modem self-recovery without gateway restart: 94% of fault events. No stack overflows in 4-month trial. CE mark retained — IEC 61508 SIL 1 requirements met.