S32K324 C40_IP Flash Array integrity Check

Daniel_Wax · ‎11-27-2023

Tesla Motors has hired BCS to create an ASIL-D steering angle monitor.

They are working on safety (100 pin package) and had some questions

I was looking at the Static FMEDA

regarding the Flash Array Integrity Check (FlashAI_CHECK):

And have some questions I hope you could help me with:

It seems like the FlashAI_CHECK is trying to prevent the same effects as other potential failures. In column E we have different failures, but all share the same effects. Shouldn’t it be enough to cover the effects once?
Looking at the column E for the FlashAI_CHECK, refers to voltage read. Seems to me that is related to the voltage used internally by the MCU to read the Flash. Is the Flash memory powered by a single source or are there different?

ehtesham_khan · ‎12-12-2023

Hi Daniel Wax,

1. Different failure modes in a flash generally have same effects which are erroneous access to flash memory and wrong instruction accessed. We apply safety mechanisms for a failure mode, not for the effects. Multiple failure modes can have same effects. For getting the sufficient diagnostic coverage, the corresponding safety mechanisms must be applied. Having single safety mechanism will not be sufficient.

2. Read voltage is the internally generated supply which is used to read the correct values of the flash memory block. This supply, V25, is internally generated by VDD_HV_A / VDD_HV_B. For more details, refer to the power management chapter in Reference Manual.

Regards,
Ehtesham

S32K324 C40_IP Flash Array integrity Check

S32K324 C40_IP Flash Array integrity Check

MCUs & MPUs

Photos