We updated the SM LIST as stakeholder requirements that the mandatory attribute of the requirement is ASIL. We need to put the ASIL based on the DC however the following doesnt have. So, we cannot estimate the ASIL. Can you let us know which ASIL shall be assigned, when you specify the requirement for the below SM(es)?
| SM1.XRDC | Memory Protection (provided by XRDC)
The Extended Resource Domain Controller (XRDC) provides an integrated, scalable architectural framework for access control, system memory protection, and peripheral isolation.
Reaction:
If a reference from a given domain has sufficient access rights, it is allowed to continue, else the access is aborted and error information captured. | | Used in DFA only |
| SM1.TempSense | On-chip Thermal Monitoring Unit (TempSense)
The Thermal Monitoring Unit (TempSense) monitors and reports the temperature from one or more remote temperature measurement sites located on chip.
| | Used in DFA only |
| SM1.CORE.MPU | Memory Protection (provided by Core MPU)
Core MPU provides memory protection and memory attributes
Reaction:
If a reference from a given domain has sufficient access rights, it is allowed to continue, else the access is aborted and error information captured. | | Used in DFA only |
| SM1.POR_WDG | POR_WDG monitors the chip for stuck or hang scenarios during reset and standby entry/exit sequences. It generates a chip power-on-reset event to recover the chip in case it remains stuck for a pre-configured period of time. | ISO26262-5, table D.8 clause D.2.7.2 | Used in DFA only |
| SM1.eDMA_TVF | Triple voted flops
Three flip-flops are implemented in place of one, and the outputs are connected with voting logic. A fault on a single flop is transparently corrected.
Reaction: no reaction, as correction is transparent to the application. | ISO26262-5, table D.2 clause D.2.1.3 (but relates to EE systems) | Used in FTA/DFA only |
| SM1.FCCU_DEBUG_MON | FCCU Monitoring of Unintended Debug Activation
A fault is signalled to the FCCU if debug mode is unintentionally activated. | ISO26262-5, table D.9 clause D.2.1.1 | Used in FTA and DFA only |
| SM1.FCCU_TEST_MON | FCCU Monitoring of Unintended Test Activation
A fault is signalled to the FCCU if LBIST/MBIST/DFT is unintentionally activated. | ISO26262-5, table D.9 clause D.2.1.1 | Used in FTA and DFA only |
