REVIEW - Owon SDS7102 - A look at the SDS series from Owon

[aghp]

About some problems with slow Horizontal speed area. (100ms/div - 100s/div)
Different modeswith this Horizontal speed area have some severe problems.
This problem do not affect speed area 50ms/div - 2ns/div speeds.

--------
What I know now:

Owon have regognized problem. They are working with this problem now.  After repair is tested and ready, I will inform immediatelly my customers.  There is coming repair to these scopes what have this issue.   Please be patient, help is coming.

Apologies about the problem what cause inconvenience to the users.

 

[marmad]

Final part of my video review of the Owon (sorry for the delay):

Edit: See Page 1

Also, I'm posting a video review of the Hantek DSO5000B series scopes - it will be in a new thread a little later today.

[tinhead]

small error at 6:13 "and then i used pass/fail function of the Hantek"

[rf-loop]

Around 16 captures per second is not so bad.
Absolute maximum is 50 captures per second with your settings 10M memory and 500Ms/s if there is one ideal theoretical zero dead time oscolloscope. This limit can not break with Agilent or R&S RTO.

Also trig out. It is sychronous trig out. But becouse it have fixed delay (this is not nice) it can not use with high speeds.
I have looked it with lower speeds with other scope. So that other scope look same signal what is going to Owon input. Other channel of other scope look Trig output. It is (rising edge) sychronous to trigger event but delayed. And becouse this and DSO architechture it is (also) related to wfrms/s speed. (of course). It is sychronous to captured signal trig point just this time when trig happends + delay time. But if it can use to some purpose it must be only with very slow signals. Maybe in single shot ot normal mode it can use just as indicator that there have happend event what have trigged scope. Ringing bell and you can walk near scope to look captured waveform.

Trig output is specified 5V level out, loadable maximum 1mA. Some datasheets and manual is wrong and it is not optically isolated floating output. After BNC, if need, it is extremely easy to do with just one component. (OptoMOS)

Before I think that there is not any useful aplication for this trig out:
But yes, I have find trig out is useful. It can ring bell after  something special happend what I have set with trigger settings (sometimes these things need wait long time.. After time  this have happend  and I get info  and can go to look lab room after I have finished my coffee and find what happend before and after this trig event. 

[marmad]

small error at 6:13 "and then i used pass/fail function of the Hantek"

Oops... 

[marmad]

Also trig out. It is sychronous trig out.

That's true - I was a bit tired when I taped that part and didn't describe the problem very well.  It IS synchronous - but it doesn't work like the normal Trigger Out works on other scopes - and how I expected it to work.  If the Trigger In is faster than the timebase setting, the Trigger Out frequency should be equal to the timebase setting (e.g. 1us/div * 20).

But becouse it have fixed delay (this is not nice) it can not use with high speeds.

Well, that's a bit of an understatement - unless you consider >25Hz as high speed.

But yes, I have find trig out is useful. It can ring bell after  something special happend what I have set with trigger settings (sometimes these things need wait long time.. After time  this have happend  and I get info  and can go to look lab room after I have finished my coffee and find what happend before and after this trig event. 

As I mentioned in the review, it IS usable in some circumstances.  But what you describe could also possibly be done with pass/fail - and using the buzzer.  That's what I used when glitch hunting with the Owon.

[Spiro]

Couple of questions.
It is good review but you didn't compare it wit Rigol as you
said you would in the beginning.

What good features Rigol have and Owon desn't? I don't
like Owon's FFT window. Does this Owon have zoomable FFT?
Can Rigol show signals over 135MHz?

Is it worth to give 130 euro more for Owon (€388,00 + free shipping)?
I find ATTEN ADS1102CML at xxxxx for same money as Owon.


What to buy? I wish there is 100MHz, 1GS/s, 1MS deep DSO with
good FFT for €350 but...

[Bored@Work]

What to buy? I wish there is 100MHz, 1GS/s, 1MS deep DSO with
good FFT for €350 but...

... but well http://cgi.ebay.es/270815430626 a Hantek DSO5102B approx. 345,42 Euro + 46,36 Euro shipping = 391,78,  excl. taxes, excl. fees. There are a few more such offerings on ebay, several ending up at approx 390 Euro, incl. shipping, excl. taxes, excl. fees.

I didn't closely follow the Hantek DSO5102B price, but I have the feeling the price went down recently, maybe in preparation for the introduction of the BM (or was it BV?) models.

[rf-loop]

What good features Rigol have and Owon desn't? I don't
like Owon's FFT window. Does this Owon have zoomable FFT?

What to buy? I wish there is 100MHz, 1GS/s, 1MS deep DSO with
good FFT for €350 but...

Prices are related also to customer care what you can get from seller. Warranty issues handling and other after sales customer care.
I know one place where you can buy fully tested Owons (in europe, so that every individual units are fully QC and tested with "burn in".  You can buy with full after sales customer care price (including 1'st year warranty repair service) or without and then price is different.

Owon basic FFT window is 1x. Multiplies (zoom) is 2x, 5x and 10x.  Other than 1x they are full screen wide.
1x window is 10div wide what is nice or not - I like it better than move zero to left and scale it to full screen so that agen there is some nice frequency steps per div.
I have never seen good FFT <2-3kEur oscilloscope. I have seen reasonable good FFT in one Agilent originally expensive digital oscilloscope from -90's. It was nearly as cheap real spectrum analyzers.
Also Owon FFT is not very bad. But there is FW bug in zoom so that cursors f are wrong. Owon is doing FW up for also this (under work now afaik just as also scroll speed memory and capture issue).

Owon FFT have acceptable accuracy with level differencies in FFT specially in dB mode. Absolute levels accuracy is very poor as all these cheap scopes FFT.  Owon sampling quality is far over Rigol, Hantek etc. So it makes also sense in FFT dynamics.
Owon FW can be better in FFT. Cleraly they have not put so much for FFT feature. If you read different opinions it is also good to think how seriously you listen. Real skills and experience for use test equipnments in real life and not only internet  is different and it can not always see easy. Imho Hantek FFT is better.

In this scope class do not think that if AD tell  1Gs/s and 1M memory that it means that you can capture 1M with 1Gs/s.
 Scope have both as maximums but not same time. (in most cases)
Afaik Owon is only what have whole memory full speed and memory is also not shared with channels.

Example Hantek have "1M" memory  and it is splitted 2x "512k" (these 1M and 512 are not exactly right values) if two channel use and it is not used at all with higher end of speeds. 

Owon is only one what have max 2 x 10M full speed memory But if you really want use only 1M you just simple select 1M for use.. High speed and 10M amount means lot of more samplerate in lower t/div speeds.  Low samplerate is also related to alias problems.  I have worked in real work long time and where I hit my head mostly... with older or cheap oscilloscopes. Too low samplerate! Yes  nearly all scopes have 1Gs/s  with fast t/div but who need always only fastest horizontal speeds.  Take 1ms period and 10ns wide  pulses. You want measure  pulses period and also some opinion that all pulses shape looks ok.

It is sad that there are not ANY rewievs with true lab testing with signals so that make real measurements and get real lab data and not only opinions with what ever matcbox made signals where nobody do not know anything real. No reference machines for test signals, no mesurements with enough reliable known signals. Where is data? Where are real measurements with reliable data?

But yesterday I  get something to my hand:

Tested Owon SDS7102 VGA, Serial: SDS71021137xxx
V.2.1.1


1MHz    +0dB    Owon display 302mV 6div  (used as 0dB reference level)
10   +0.06
20   +0.11
30   +0.17
40   +0.28
50   +0.28
60   +0.06
70   -0.17
80   -0.53
90   -0.85
100   -1.17

110   -1.64
120   -2.21
130   -2.52
140   -2.99
145   -2.99

150   -3.16
160   -3.49
170   -3.84
180   -4.21
190   -4.40
200   -4.50
210   -4.40
220   -4.40
230   -4.79
240   -5.20
250   -5.63
260   -5.63
270   -5.85
280   -6.08 
290   -6.80
300   -7.59
320   -9.09
350   -11.76
400   -18.00 

These are calculated dB values from Owon sisplayed Vp-p values.
There was used 60% level from Owon full Y scale. (6div)
Used with single channel.
Signal source HP8644B.  Measured  flatness is inside +-0.20dB window in this frequency area and measure error +-0.05dB.
Absolute level error is more but it have not meaning in this test.  Exact correlation table for all measured frequencies is not included.  These dB values need read as +-0.25dB for reasonable reliability. (+ opinon about 50ohm mismatcing over freq area but also this is not so meaningfull becouse most time peoples use this kind of bad matching in real life)
Termination is made with Tektronix 50ohm through in terminator (not high-end calibration quality) And between HP and Owon  around 1m RG223 cable.
Also scope input was measured with HP 8753C network analyzer and input looks very good. Measured 0.3 - 200MHz. Owon specs tell that 15pF +-5pF. In this device it was around 7.5 - 11pF (measuring system was calibtated to used cable  BNC end.)

Looked also that probes with scope are just possible to compensate with 1kHz square to flat becouse probes compensation pF range limit. (this scope input capacitance is so low that probes adjust range low end was just near. If Owon use these probes and input capacitance is as low as measured there is posibility that some individual probe can not compensate if adjust limits vary.)

My measurement with around 70-75ps (yes picosecond) risetime specified pulsegenerator. (Tektronix 284)
Around 2.0ns. This was made with Fujikura RG55 80cm cable and poor  type BNC and one pipe termination to 50ohm (50 oh terminator is not high grade... but littlebit better than LAN quality what normally are poorest)

[marmad]

It is good review but you didn't compare it wit Rigol as you
said you would in the beginning.

Well, a couple of points:
I haven't had the Rigol in my hands for a month and a half now (not at all when I had the Owon) - and I didn't have a definite plan to review other scopes when I sent it back.  So what little comparison I could do was based on my memory of using the Rigol - or on checking back in the manual.
Secondly, to be perfectly fair, the scopes are not really exactly comparable - since the Owon (and Hantek as well) have much bigger screens then the Rigol - and we know how that affects the price of scopes - not only in the obvious expense of a bigger LCD - but in the added costs to capture and move the extra data (pixels) to it.  They just happen to be the only DSOs I've had my hands on in the last 2 months.

What good features Rigol have and Owon desn't?

Much of this you can determine by simply downloading the manuals and looking through them.  IMHO, as a programmer, the only thing the Rigol has that is sorely lacking on the Owon (as well as the Hantek) is the SCPI implementation and VISA driver - this should be a standard feature on EVERY piece of test equipment.

I don't like Owon's FFT window. Does this Owon have zoomable FFT?

I think rfloop just answered this in-depth.

Can Rigol show signals over 135MHz?

This is info you can certainly find elsewhere in this forum (or by asking in a new thread).

Is it worth to give 130 euro more for Owon (€388,00 + free shipping)?

As mentioned above, you're basically paying for extra hardware in the Owon: 8" 800x600 LCD (vs 5.7" 320X240 on the Rigol); 10Megs of memory per channel; VGA output; battery compartment and capability; and a silent fan.  If none of that extra hardware means much to you, than save your money and get the Rigol.

[rf-loop]

As mentioned above, you're basically paying for extra hardware in the Owon: 8" 800x600 LCD (vs 5.7" 320X240 on the Rigol); 10Megs of memory per channel; VGA output; battery compartment and capability; and a silent fan.  If none of that extra hardware means much to you, than save your money and get the Rigol.

Owon have 10Mpoints memory with full 1GSa/s  if single channel use.

With two channel use 2x 10M with maximum speed what is 500MSa/s per channel with not interleaved sampling. There is 2 pcs 500MHz ADC in single chip.

Rigol have 16kpoints memory with full 1GSa/s

Hantek have 4k full speed memory and math and averaging possible only with 4k.


Rigol have 8+8k if two channel use and then maximum 500MSa/s. Also Owon have max 500MSa/s with two channel but then it is with 10+10Mpoints with 500MSa/s

Rigol have one channel maximum 1Mpoints and 500MSa/s but two channel maximum 250MSa/s to 500k + 500k memory.

Hantek maximum with 1Mpoints memory with single channel is 100MSa/s and this 1M can use only with 400us/div or more slow.
512k can use for single channel with maximum 400MSa/s and for 2 channel 200MS/s

Maybe  FW/UI features are most good in Hantek but file handling is as poor as Owon.

It is big shame that Owon and Hantek have not SCPI. (Owon do not promise at all it later to this model, Hantek have give some kind of promises for SDK but... maybe endless "under design" status.

Owon can not command at all via USB.

I'm exactly same opinion with marmad. SCPI  need be as "standard".  This is very strong point in Rigol if need this.
Of course only small part of customers need it... but also it may be that there are more these customers who need it if this feature is implemented.

[tinhead]

Rigol have 16kpoints memory with full 1GSa/s
Hantek have 4k full

actually all these DSOs (except Rigol CA) are using too small FPGA to
capture whatever depth and full speed - in this case 2 x 4k or 2 x8k into FPGA memory.
This means here, both storing data into external SRAM (clocked at ADC clock freq., so for
Rigol 100MHz and Hantek 100/125MHz).
Sure, the sample rate is 1GSs for both, but you have to understand that writing
the information into external SRAM costs time, therefore Rigol is up to 3 times slower (wfrm/s).

And exact here Owon could be better (DDR2 vs. Synch SRAM), but probably it's not due
the typical DSO design (and the fact that they optimized design for 10Mpoints slowing
down by far the short memory mode).

Hantek have ... math and averaging possible only with 4k.

wrong, math (except FFT) works for 4k, 40k and 512k, avg only 4k
(i don't remember if Rigol was able to enable 1M and avgerage mode at same time, can someone test this?)

Sure Hantek could enable 40k (and deeper) for FFT, if i patch firmware i can run FFT even with 1M
and 400MSs, i can only gues that either their lazyness (there are many things which i can change in the firmware
without any negative influence on data quality or measurments error, why not everything is impelmented even
if the firmware/hardware would allow that can only be answered by HanTekway, but i guess lazyness)
was the reason to allow only 4k in FFT mode (as the span scale didn't match they would have to create
one per memory depth), or they didn't saw reason to fill FFT memory buffer with 400/200MSs
on 1GSs scope with 1024 points FFT.

I actually don't need here any magic or tuned memory depth, a FFT with 1/8/64k points would be better
than 1024 point based on what so ever memeory depth.

Hantek maximum with 1Mpoints memory with single channel is 100MSa/s and this 1M can use only with 400us/div or more slow.
512k can use for single channel with maximum 400MSa/s and for 2 channel 200MS/s

wrong, Hantek max. sample rate for 40k, 512k and 1M is 400MS/s for single channel
and 200MS/s for dual channel, these values are for 40us/div to 2ns/div.

Starting from 80us/div to 20s/div the sample rate is of course ging slower.

The SRAM is clocked with 100MHz (Rigol and Hantek), so Hantek is sampling 20% slower (8 x 100 vs 10 x 100)
but due the design (8 instead of 10 ADCs as in Rigol) the postprocessing time is shorter allowing
again faster updates (at least on paper).

I have no idea why Tekway changed right after they started with production firmware (a pre-production
firmware which was loaded on my unit was able to run with 500MSs when sampling with 1GSs) from 500 to 400MSs,
when i enable the 125MHz clock while in long memory mode my DSO does not have any issues to sample with 500MSs
(or 2 x 250MSs when 2 ch enabled). Maybe is was design decision to speed-up postprocessing.

Now knowing how Rigol and Hantek are made (amount of ADCs, FPGA clock, SRAM clock, phase shift for max. sample rate)
you can already see why they can't sample with 1GSs to SRAM, the max. sampling rate is actually given
by memory depth/2 when ADCs can be alligned properly -> so Hantek have 4 or 2 ADCs in phase with SRAM clock
to sample total with 400 or 200MSs, and on Rigol 5 or 2.5 ADCs for 500 or 250MSs.
Now when you measure on Rigol, which i did long time ago so don't blame me when this is not truth anymore,
the data is sampled only from 4 or 2 ADCs too, which means Rigols sample rate when in long memory
mode was for me 400 or 200MSs and not what in user manual.
(again, someone with current model could check that)


From what i can tell without any measurment, Owon is a winner here, their design can fill the long memory
with full ADC clock (however as above, somone could measure DDR2 clock to confirm that).

Hantek have give some kind of promises for SDK but... maybe endless "under design" status.

don't worry, it will be released soon for DSO1000B models (handhelds), but it is compatible
with Tekway DST1000B and Hantek DSO5000B.

SCPI  need be as "standard".  This is very strong point in Rigol if need this

full ack.

[rf-loop]

There is something wrong in Hantek FW110806.0

This 1M memory do not work right.

If I look dots. 400us/div and then stop
100Ms/s
200us/div and it do not accept 1M selection and then 80us accept agen. Before I test I make my note to paper that 1M selection up to 400us/div and becouse 200us/div do not accept 1M, I simply draw x to my table and did not go more fast.
IF I have selected 1M and I go to 200us/div it do not change my selection but 806 have this common problem that it change memory without showing it in meny selection.

So If I make selection 1M with 400us it captures 100Ms/s
then I change to 200us, still 100Ms/s and menu mark is still 1M but it is not real.
But If I stay 200us/div and make memory selection..agen  it do not accept 1M
Too fast I make my test and draw to paper that this is border. (I was surprice becouse I did not remember this from some older FW but also I did not find any ral test that what was real samplerates with all memory settings. I have some hantek table but there was not 512 and 1M sampling speeds in table for every t/div settings.

Math, yes my mistake: math FFT do not work but basic +-x/ works. And then average do not work.

Overall this memory amount and settings is somehow bad in this version.

So 1M works 400Ms/s with Hantek but with UI need be careful so that if scope drop out 1M it need select agen, even is scope menu show that 1M is selected. Basic math work with long memory, but not FFT and not average.

[tinhead]

There is something wrong in Hantek FW110806.0

This 1M memory do not work right.

right, all versions starting from 110728 to 110808 have this bug.
They should probably be never installed on production unit (except Hantek did it for reason, i mean cutted the
long memeory capability in 8ns/div to 2ns/div, but for me seems to be just a bug resulting from changed fine timebase
procedure).

I think i will make the 110531.1 downgrade firmware public available as long they not published the latest
one ( >= 110908.0 which have all these memory bugs fixed).

[rf-loop]

This small example show what means long full speed memory. 2 x 10M.

Test setting:
Pulse generator generate 3 pulses  out from two channel.
1. Channel 15ns wide pulse every 5ms
2. Channel 5ns wide pulse every 5ms  and delayed 50ns after Channel 1.

I want capture this one random time coming three pulses so that all three come visible to display at once.
I set oscilloscope time 1ms/div and single shot and trigger to reasonable level. Scope is waiting.
After I trig pulse generator it generate these pulses one sigle "burst"

1. All three pulses are on the display, scope is now stopped after capture and waveform is in memory.
2. I want look first pulses. Shift horizontally
3. Zoom in with Sec/div and there they are.
4. Zoom in more.
5. Shift so that all can display and zoom in to 5ns/div. Yes pulses are ok. Total "zoom" is now 1:200000.
6. Scope run continuous and signal generator in continuous mode. Only for show what it looks continuous mode. (now there is Sin(x)/x on)
Captured 1ms/div single shot and then zoomed in so that 5ns/div. (of course it can littlebit more, 2ns/div but pulses can not display in one screen becouse delay time was 50ns)

This example show clearly what is Owon strong point in practice.
Simply with other scopes like Hantek, Rigol, Atten, GW, Siglent, Uni-Toy etc can not do it becouse lack of enough amount fast speed memory.

Of course this is only one special thing  but in this, Owon is extremely strong.

Also you can try this with Agilent or Tektronix and look what model can do it.

[rf-loop]

Here is example from Owon.
Front end. Over whole this input attenuator/amplifier area is normally soldered metal can and it cover area what are inside gold plated outer GND traces.

Also there are components behind PCB and also there is soldered metal can over area.

They have used very intresting  RF amplifiers. Specially just before ADC

[0xdeadbeef]

A little offtopic, but is there any info if the "new" MSO (MSO7102TD, MSO8102T, MSO8202T) and PDS (PDS8102T/PDS8202T) scopes, which have a 2M point record length, have a full speed memory like in the SDS series?

According to the manual they have "2M points on each channel for the record length" - there is no word of "max" or limitations regarding the sampling rate. In contrary, the record length for the logic anayzer part is specified as "4M max storage for each channel" and later on there is a detailed specification which record length is possible for which frequency.

This sounds as if the 2M record length in scope mode was full speed (which is good) and can't be lowered for faster updates (which is not so good).

[Spiro]

I like this dso. I find it on e-bay for 375 euros with shipping.

[rf-loop]

I like this dso. I find it on e-bay for 375 euros with shipping.

And your country possible customs clearance fees (small) and VAT18%.
After this, your scope price is around 440 - 450 Eur.  Without any kind of customer care, without any kind of warranty. (yes you can send to Owon in China) Also if you want VGA version, check carefully what is seller selling.

With this or nearly this price you can buy it in european union area from reputable sellers who have import it and pay all taxes (VAT) and after then EU area no need pay VAT agen.  Also some seller may have some warranty repair service and/or some after sales customer care, example as FW update service and so on. Some sellers in European union also sell fully burn in  tested units. You know chinese factories QC is not best possible.

If you buy it directly from Owon as "1pcs sample order"  you may get it around 470 Euro, including your country VAT18%  and shipping with DHL and in this case if there is some problem, example DOA unit. You contact Owon and they change your unit as DOA units are ruled. You do not need gambling with these ebay sellers.  What you trust more? Unknown chinese eBay seller or.... how about if unit is bad after arrive or after 1 month. Of course most of units are ok. But there is some risks.

What is cheap?
Cheap is not always cheap.

many peoples are fooled ebay prices. But it is not always so simple.
Example VAT, customs, customs clearace fees etc.. then also PayPal, they take littlebit with very bad currency rate.
True price is this what you have tottally used your money before goods are in your hand.
Cheap things are more easy becouse no need pay any customes and VAT's.

[rf-loop]

Maybe there is
ADA4932

Relays, yes, same UD2-4.5 NU relays. Just same what also Rigol and Hantek etc have used. and they work - as they work. Where you can see test data where RF characteristics about these relays show problem? (yes, they are not best possible, but try make this kind of osciloscope  ready in gift box with ~<$200 including workers salaries.. you need save every cent with every component... )
http://datasheet.octopart.com/UD2-4.5NU-NEC-datasheet-17791.pdf

Front end have 3 voltage bands. 2 of these have compensation adj.

This LMH6518 include programmable BW. Also 20M BW reject is there... and also upper limits. In my mind it is "interesting" solution.

[tinhead]

This LMH6518 include programmable BW. Also 20M BW reject is there... and also upper limits. In my mind it is "interesting" solution.

Owon is actually not using Linux, and the firmware is per model, so it is not just a easy model change like
on Rigol or Tekway/Hantek. A complette firmware dump from higher model  (like on ATTEN or Tonghui)
will not work too becasue of the ADCs

What should work is firmware oatch to change the filter settings, i'm working on that right now.

Btw, if someone can find somewhere BSDL model for S3C2416 it would be great (file name something like s3c2416 jtag bsd)

[rf-loop]

Some department of Xiamen Lilliput Ltd have  some experience with WinCE and ARM..... becouse this conmpany do also some other things. Not only oscilloscopes.  If they have somewhere in company design team who have allready WinCE developing knowledge and experience and tools ... Is it possible that.....

Example in Xiamen Lilliput  GPS navigators they use ARM 400MHz and OS is WinCE.
Brand names are something like CARLIFES

[tinhead]

no, it is not WinCE.

In principle they compiled a kind of own microkernel/bootload, which contains yaffs driver (necessary to read/write the NAND itself).

The bootloader is actually able to respond to some secret combination on UART, which i don't need/care for now.
Maybe the most interessting part of the bootloader is the fact that this is exact (or maybe a bit changed) bootloader as on
older Owon DSOs (they using S3C2440 like Tekway/Hantek, i believe the PDS/MSO series). In principle when you
type the secret combination you can download fw, flash NAND, erase it and so on. It also contains the encryption for NAND.

The rest of the NAND, well the actuall yaffs file system is containing few files only:
help
menu
dso app itself
FPGA file
BMP file (the logo)
TXT files (they a kind of settings for actual fw)
PARAM files (for setup savings)
HZLIB file (which is the encryption i guess)

There is additionally copy of all these files (so each file have a copy too).

/flash/boot/paramcp - params copy
/flash/boot/param    - params file

/flash/boot/bmpcp   bmp copy
/flash/boot/bmp      bmp file
   
/flash/boot/txcp    txt copy
/flash/boot/tx       txt file

/flash/boot/mecp    menu copy
/flash/boot/me       menu file

/flash/boot/hlpcp   help copy
/flash/boot/hlp      help file

/flash/boot/hzcp    hzlib copy
/flash/boot/hz       hzlib file

/flash/boot/oscp    copy of DSO app
/flash/boot/os       DSO app itself

/flash/boot/fpcp    FPGA design copy
/flash/boot/fp       FPGA deisg file

The bootloader is in principle checking NAND, when something wrong copy will be used.
Now all these files, except the HZLIB, are sectored (2048 byte sectors).

These sectory are NOT the NAND OOB sectors, they are for the yaffs. Normally yaffs is storing
sector information in OOB area, Owon created (due the fast that they using own yaffs implementation and encyption)
additional own sectors.

Now these sectors are blank, but it should contain checksum (this is 20byte long, so 2028byte data + 20 byte crc per sector).
These CRC checksum is in the HZLIB file, so if you try to change something binary in the file you have to care about the
HZLIB too. For now this is not what i care about, crc can be always patched to valid. Maybe HZLIB is something else,
but it looks for me as CRC file.

What i'm doing now is to analyze the dso app itself to find what i need to patch first, when
this is done i will work on HZLIB/CRC. These blanks in code can be skipped for now, the code make sense
without them. I was only worrying that part of the data is in HZLIB, which is luckily not the case.

The hadrware itself contains also EEPROM, haven't checked what inside, but what i can see from NAND dump
the serial number is almost everywhere, so you can't just use firmware from higher model and re-flash
because you will get new serial number. However, this was anyway not what i was hoping to do, i think
it will be enough to find filter position in dso app, change the filter to well let say 650MHz (or maybe only 350MHz),
patch the HZLIB/CRC and reflash DSO.

Of course such modification will be overwritten when you do firmware update, but as Owon is anyway in
the opinion that the firmware is "mature" i don't think that many people will do updates monthly (like on other DSOs).

So for now i know what inside, where to look for what i wish to patch, where is the CRC - of course if this hack
will work not everybody will be able to hack Owon without proper tools.

You will need at least ARM JTAG (i still recomend H-JTAG), a driver for S3C2416/K9F1G08 NAND with OOB support
(which i wrote yesterday) and maybe a spare NAND when you worry about unexpected changes (it is always a good idea
to backup NAND, solder empty one, restore backup and work with that - EEPROM copy/backup make sense as well).

If someone have an Owon SDSxxxx and ARM JTAG and wish to play a bit, attached JTAG pinout.
In principle you don't have to disasseble everythign, it is enough to remove back cover to get access to
JTAG, sure when you wish to resolder NAND you have to remove all these f*** screws and PCBs.

Yeah, and of course every file is marked at begin and end with the name, so when you wish
to check/play with the DSO app itself, search for oscp, copy everything from there until you find
another one oscp marking, hex it looks like 01 FF FF FF 01 00 00 00 FF FF 6F 73 63 70.
As mentioned above you have then of course skip 20 bytes every 2028 bytes to get the real app dump,
aynway, have fun

[tinhead]

Btw, i'm still looking for the BSDL model for S3C2416 (file name something like s3c2416 jtag bsd).

This is because with that mode i can easily find on what pins the LMH6518 is connected to the S3C2416,
it can be GPIO/SPI and knowing what port is exactly used is what will help out to find the right
part of the DSO application itself to hack that baby to 350/650MHz ...

[tinhead]

Relays are the crappy NEC UD2-4.SNU: no specified insertion loss/capacitance, minimum contact rating 10 mV DC/10µA.
Definitely not RF relays!

well, i don't like these relays too, a good replacement are Omron G6K (mouser 653-G6K-2F-RF-DC4.5) ,
a really good replacement are Omron G6Y series (due no cap. load, they could be perfect for Tekway/Hantek,
but no SMD version available). All these relays costs a lot of money, remember you need 6pcs per DSO.

An aceptable alternative relay is FTR-B3GA4.5Z from Fujitsu, they have at least very low cap. values and
costs not that much. Rigol is using them for 300MHz models, i think you will find them too in Owon 350MHz model.

Minimum contact rating is not a big issue, most relays are working good with lower values.