Safety Manual S32k116

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Safety Manual S32k116

632 Views
Sushmitha_V
Contributor I

Working on S32K116 Part Number , have questions on the safety mechanism applicable for this particular part number and on the implementation assumption. Referring to excel attached in safety manual "S32K1XX_HW_Safety_Measure_ReactionTime"

Sushmitha_V_0-1718775142753.png

1) System OSC Clock monitoring enabled as per the sheet it's mentioned to be applicable for S32K14X Family so should this applicable for S32K116

If SOSC clock is not applicable for S32K116 then below should be removed from FMEDA and should not be considered for S32K116

SM_075
SM_076
Validate clock using FlexRay and/or CAN communication within FTTI

 

2) FIRC SWTest Safety measure is not mentioned is FMEDA so is this applicable for the above part number 

3) CMU(FIRC) SM is used for FIRC has S32K116 does have SPLL? and there is no safety assumption in that list should it be referred to SM_083

4) PLL Monitoring is Not applicable for S32K116?

Sushmitha_V_2-1718778041379.png

5) Under power supply what are the first(Core, Clock, NVM and Input Voltage Supply Low Voltage Detectors) and last(Supply ball redundancy) safety measures are for and is it applicable for S32k116 and if so what are safety assumptions to be referred for

Sushmitha_V_3-1718778789893.png

6) Software core self test - As per manual there is a library for the list of assumption and measure where is this manual placed and can i get the details of it and this is applicable for S32K116 ?

7) No information on Parity , is this applicable for s32K116?

Sushmitha_V_4-1718779350159.png

As per FMEDA the ECC and reporting enabled safety measure is used but there is no safety assumption mapped to it 

9) As per FMEDA "CHECK ECC reporting path inside FTTI" is not implemented so is this applicable for S32K116

10) Security engine is marked as not implemented in FMEDA so is it applicable?

Sushmitha_V_6-1718780298257.png

11) No information on the EIM, ECC_EDC safety measures, can you provide this details

 

0 Kudos
6 Replies

59 Views
Sushmitha_V
Contributor I

If SOSC clock is not applicable for S32K116 then below should the below also be marked as NOT applicable for  S32K116

SM_075
SM_076
Validate clock using FlexRay and/or CAN communication within FTTI

 

Pertaining to above query can you provide the confirmation on "Error injection reporting path" SM  and if this recommended what would be the DC for it .

And Also since FIRC SW test is software measure should this have same DC has CMU 

 

0 Kudos

473 Views
chokor
NXP Employee
NXP Employee

Hi,

1) SOSC clock is not applicable for S32K116, FMEDA does not use them as well

2) it is applicable 

 
  chokor_0-1723029251816.png

 


3) The S32K11x variants does not have SPLL, S32K11x devices includes CMU which monitors only FIRC which is a main
source of System Clock.Refer to SM_083

4) no

5) Low voltage detectors are They are voltage monitors of logic units. refer to SM_084. Ball redundancy to avoid open/short circuits, refer to SM_142

6) Structural Core Self-Test (SCST) Library | NXP Semiconductors

7) Parity not applicable for S32K116

refer to SM_111

9) no

10) it is applicable, refer to SM_118

11) EIM allows to induce single-bit and multi-bit inversions on read data when accessing the System RAM, refer to SM_111. For Error Dectetion Code refer to SM_112. Here are Diag coverages: 

chokor_1-1723031213581.png

 

BR,

Abbas CHOKOR

 

0 Kudos

472 Views
Sushmitha_V
Contributor I

Thanks for Answering all those queries, Just a follow up question

1) The CMU would already check for the faults in FIRC , do we additionally need to do FIRCSW test aswell and what the need for this test, why is there a two recommended safety measures CMU(FIRC) and FIRC SW test. I see for FIRC  SM_074 and SM_073 is used.

2) When we are checking for ECC and reporting path shouldnt we check if the error reporting path as an issue or not, but in safety manual Safety measures SM_119 is recommended. Can you just brief on this

0 Kudos

415 Views
chokor
NXP Employee
NXP Employee

Hi,

1)The CMU FIRC test checks for latent faults as it runs at startup, while the FIRC SW test runs cyclicly each FTTI to increase integrity of FIRC since a fault in FIRC frequency might end up in failures in several safety measures.

2) This is exactly what is recommended by SMM_119

0 Kudos

415 Views
chokor
NXP Employee
NXP Employee
Hi,

1)The CMU FIRC test checks for latent faults as it runs at startup, while the FIRC SW test runs cyclicly each FTTI to increase integrity of FIRC since a fault in FIRC frequency might end up in failures in several safety measures.

2) This is exactly what is recommended by SMM_119
0 Kudos

352 Views
Sushmitha_V
Contributor I

Thanks Again.

last query on Error reporting part check, as per the last reply you mentioned that "Error injection reporting path" is Not applicable for S32k116 , but SM_119 recommends for this check so what is the conclusion on this SM

0 Kudos