Safety Sboot Failure Transition and reference clock count

Irshad2225 · ‎05-28-2025

Hi,

As per the NXP S32G3 Safety Manual, when entering Normal Operation, Sboot shall be invoked.There is a hardware transition going back to the mode selector.

Question:
1. Based on the device safety flow, does the software have to restart the Mode Selector when sboot returns E_NOT_OK?
2. Is it Ok? If the mode selector is in the bootloader, and sboot is invoked in the application.
3. The reference clock count shall be taken 80? When ref_clk_cnt is configured for 100, it compares with the CMU LFREFR & HFREFR values calculated w.r.t 80(ref_clk_cnt).

Joey_z · ‎05-29-2025

hi，Irshad2225

Regarding your first question, did you use sBoot_CheckConfiguration function in the test and return E_NOT_OK?

BR

Joey

Irshad2225 · ‎06-02-2025

Hi Joey,
Yes, I have used sBoot_CheckConfiguration function and got the return E_NOT_OK.

Joey_z · ‎06-09-2025

hi，Irshad2225

Thank you for your reply.

Mode selection is based on data such as sCheck results, FCCU errors, BIST test results, and SRAM errors to check whether normal mode or degraded mode should be entered. The result of sBoot is not the basis for mode selection. After the mode is selected, the application initializes different modules. If normal mode is entered and application initialization is completed, sBoot should be called to check the configuration.

sBoot is designed to check whether the device is properly configured for safety execution. This should be done before the customer application runs and after mode selection. If any failure occurs during test execution, the application should not be allowed to start and execute its safety functions.

Hope it can help you.

BR

Joey

Irshad2225 · ‎06-09-2025

Hi Joey,

Thanks for the reply.

1. If sboot fails, the application won't start, but what should be the next step? FCCU fault and reset?

Could you please answer the below previously asked question?
CMU_FC Checks -
3. Should the reference clock count be 80? When ref_clk_cnt is configured for 100, it compares with the CMU LFREFR & HFREFR values calculated with regard to 80(ref_clk_cnt).
4. While CMU testing with "Enable Cmu Fc Check- True" for respective CMU, pCmu->GCR.B.FCE is not enabled in the plugins while running sboot stand-alone, should be done manually ?

Joey_z · ‎06-15-2025

hi，Irshad2225

If sBoot fails, FCCU fault will not be triggered. In fact, the reaction to sBoot failur depends on the user design. If sBoot check fails, sBoot_GetError should be called to analyze the failure, and the specific response for different faults depends on the user design.

BR

Joey

Joey_z · ‎06-12-2025

hi,

Thank you for your reply.

Refer to the Manual, The CMU_FC reference clock is 100 in default，it affects the LFREFR and HFREFR computations.

I am checking answer for your other questions.

BR

Joey

Irshad2225 · ‎06-18-2025

Hi Joey,
1. As per the user manual, the reference clock count is 100. Configured with 100, when debugged, it's observed that it's being compared with the LREF and HREF values calculated with RCCR-80. attaching snapshot below.
2. For CMU_FC_14, CMU_FC_15, and CMU_FC_21, the LREF and HREF values are too high to match the calculated values. LREF starts with zero, where I have observed that with the minimum frequency as zero, LREF can be 3. The values can be checked in the picture below.

Joey_z · ‎06-19-2025

hi，Irshad2225

Thank you for your reply.

I will help you to check this status. This does not seem quite right, the debug message does not see that your 100 is set correctly.

BR

Joey

Irshad2225 · ‎06-19-2025

Hi Joey,

I have configured RCCR as 100 for CMU_FC_0. The HTREF and LTREF are being calculated as per RCCR 100, but the reference is comparing these values with the values calculated with RCCR-80.
Snapshots for configuration and debugger values are provided below.
Refer to the table and the debugger snapshot to differentiate between RCCR-80(reference) and RCCR-100(actual)

CMU_FC_0
LFREF(RCCR - 100)	HFREF(RCCR-100)
91	76
LFREF(RCCR - 80)	HFREF(RCCR-80)
74	60

Configuration -

Debugger -

Joey_z · ‎06-20-2025

hi，Irshad2225

Thank you for your reply.

You set the CmuFcRefClkCnt = 100 in Configuration, but the RCCR=80 in Debugger, is it? CmuFcRefClkCnt is a reference value. You need to configure it according to your specific situation.

In addition, What is your f_reference_clk?

BR

Joey

Irshad2225 · ‎06-20-2025

Hi Joey,

I have set CmuFcRefClkCnt = 100 in Configuration, and the HFREF and LFREF calculations are getting updated as per CmuFcRefClkCnt = 100 in the sBoot_maxFreqsArray and Boot_minFreqsArray.

But, sBoot_maxFreqsArray and Boot_minFreqsArray are being compared with the sBoot_PtocmuFcArray(HFREF and LFREF values calculated as per 80), I think sBoot_PtocmuFcArray should get updated as per the configurations, but it's not happening.

f_reference_clk - 40Hz

Irshad2225 · ‎06-18-2025

snapshot for 1st point - RCCR - 80 instead of 100.

Joey_z · ‎06-22-2025

hi,Irshad2225

Thank you for your reply.

I can know your issue, but I cannot reproduce your question.

Could you share your code or tell me method to reproduce.

You can provide this information easier by creating a new case at https://support.nxp.com. Can attach this link: Safety Sboot Failure Transition and reference clock count - NXP Community inter to the new case. I will try my best to help you.

BR

Joey

Irshad2225 · ‎05-28-2025

Question-4. - While CMU testing with "Enable Cmu Fc Check- True" for respective CMU, pCmu->GCR.B.FCE is not being enabled in the plugins while running sboot stand-alone, should be done manually ?

Joey_z · ‎05-28-2025

hi,Irshad2225

Thank you for contacting us.

I will look for the answer for you and reply to you as soon as I have the result.

BR

Joey