SM3.FCCU_MON

HeebeomPark · ‎03-05-2024

With MCU Internal architectures, please share the followings :

- failure modes and the failure effects of the corresponding failure modes covered by the safety mechanism " SM3.FCCU_MON".

HeebeomPark · ‎03-25-2024

The minute of the meeting is as below.

Date : 25.03.2024

Participants : Omar Mahboob, Dave Fantl, Ajay Patil , Raymund Belz, Srivnaas Modi, Yanchen Shang, Jeremy M Donovan, Victor Reis, Kunal Tipnis, Iasac Salians, Heebeom Park,

Further Action

NXP will check whether the failure modes and DFA Failure modes mitigated by SM3.FCCU_MON can be shared to VNE or not. By Victor By 28.03.2023
The way to share the information shall be checked whether it can be shared or it shall be reviewed at NXP. By Victor By 28.03.2023

Yashwant_Singh · ‎03-15-2024

Hi Heebeom,

As stated before the SM3.FCCU_MON is the monitoring of the FCCU output pins by the PMIC. EOUTs indicate the error sate of MCU to the PMIC. As such it is an integral part of the safe state handling (see Chapter 5 of the Safety Manual) and an intrinsic element of the fault reaction and fault recovery flow assumed by all safety mechanism (see sections 2.7 and 2.8 within the Safety Concept chapter of the Safety Manual) and the overall Safety Concept.

The SM3.FCCU_MON covers the random hardware failures of the EOUT pins(as shown in the FMEDA) but apart from the random hardware failures there is also the case of Dependent failures such as common clock or power for the modules in the fault reaction part which are handled using EOUT assertion.

Any fault occurrence has to be serviced within FTTI and in case of fault reaction timeout, the EOUT is asserted so the external system monitoring the EOUT signal knows that system safe state has to be achieved within FTTI.

NXP’S safety concept recommends the reaction for faults associated with the fault recovery concept and related dependencies are listed in the AoU(s) associated with this concept (e.g. master safety core).

Hope this helps!

-Yashwant