FCCU on A53

Hi Daniel,

Please find answer below:

1. What is the impact on FMEDA when we set up the FCCU code on A53s instead of CM4(as suggested in the Safety manual)?
   • It is recommended to use CM7 as master safety core. The master safety core performs a number of different roles within the safety concept. It configures the chip during boot, then it checks the configuration of all safety mechanisms, including the FCCU configuration. It manages FCCU fault indications, and services the external watchdog. Using the A53 as master safety core is not recommended. The majority of NXP SAF SW tests run on the M7 core. See the extract of the S32G safety manual below.
   • M7_0 is physically different from other cores on the S32G, as the associated SWT is connected directly to the RGM rather than routed to the FCCU.

     NXP validation has only tested that the M7_0  fulfils the master safety core requirements.

     
2. S32G3 safety manual states that HW lockstep can be enabled between Cluster 0 & 1. Is there a possibility to enable it with SW for specific cores instead of cluster-level? We might be looking for extra compute and checking if it's possible to enable just 2 cores in lockstep(For ASIL D applications) and use the remaining 4 cores w/o lockstep(for ASIL B applications).
   • Either the clusters will be in lockstep or decoupled mode. There is no provision to split it as mentioned above.
3. From the safety manual we state by running Safety By Software that performance can be increased.  How is this done?  Aren't all core in lockstep with Safety By Software?  What is defined as "performance"?  Please eloborate
   • Please refer RM S32G3_RM_Rev2_DraftB and Chapter 74 Safety by Software (SBSW) for more details.