FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

[SM_043, SPI]S32K118

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

[SM_043, SPI]S32K118

‎05-20-2020 11:33 PM
549 Views
mohammed_al-hun
Contributor I

Good Morning 

I have two questions about the safety manual of the microcontrollers S32Kxx

1- SM_043: This safety mechanism is about error monitoring and say "The overall system needs to include measures to monitor error flags in registers of the MCU and move the system to a Safe statesystem when an error is indicated." but in what way can be done ? can be enough ax external watchdog timer time-window or is needed something else? 

2-SPI bus: in our application we have an internal SPI bus that is part of the safety path, in safety manual i see that is recommended to use somethis like a redundancy on flexIO, considering that we have to monitor both data lines MISO and MOSI is possible to do it with a single istance of flexIO(in S32k118 there is only one) ?

Thank you

Regards 

Labels (1)
Labels
Tags (1)
0 Kudos
Reply
3 Replies

‎06-08-2020 04:54 AM
502 Views
aarul
NXP Employee
NXP Employee

Hi

1. For SM_043, yes this indication could be through an external watch dog monitor. My understanding is that if an error is encountered in any register then the external watch dog monitor will timeout and take system into safe state.

2. For communication, we recommend application specific measures (such as redundant communication) to ensure that data is transmitted/received correctly. If you are using LPSPI as safety function and can use FlexIO as redundant channel to monitor the data transmitted over LPSPI, then that is OK. Please do make sure that this redundancy meets your requirements for the safety integrity required.

Let me know if you have more questions.

Regards

-Aarul

Reply

‎06-08-2020 05:32 AM
502 Views
mohammed_al-hun
Contributor I

Hello Aarul 

Thank you for your answers, i need more clarification: 

1- Is mandatory to have a window watchdog or is enough a time-out watchdog or is needed a window watchdog?

2-In our case the SPI is safety relevant for also input and output data, and the "other side" of SPI is a chip that have a possibility to repeat the data in input, so our idea is to connect to FLEX IO Serial Clock, Chip Select and MISO in this way when the microcontroller send data we read it due to the fact that the other side repeat the message in input and when the microcontroller receive the data we have the redundancy, you think that can work in this way?

Thank You

Regards 

Al Hunaiti Mohammed

0 Kudos
Reply

‎06-13-2020 03:17 AM
502 Views
aarul
NXP Employee
NXP Employee

1. In general, window watchdog is better as it also covers failures where the code execution causes an unintended early watchdog service. Depending on the complexity of your application and safety analysis performed on software/application you can decide which mode you wish to use.

2. Sorry but I could not completely understand what you mean by "chip that have a possibility to repeat the data in input"? In general, if you do a failure mode analysis at system level for this communication interface you will figure out if the system is safe or not. As an example, if the communication line is stuck or open then how will the safety architecture you have detect or prevent it and how do you take the system into safe state or control this failure.

Regards

-Aarul

0 Kudos
Reply