FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Safety moudle without safety mechanism

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Safety moudle without safety mechanism

‎11-30-2020 06:27 PM
182 Views
sfjia
Contributor II

Hello,  

1. In S32K144 FMEDA Core part, there are modules like: Miscellaneous Control Module (MCM), System Mode Controller (SMC), Reset Control Module(RCM), and Test Logic. What’s the function of these modules. MCM, SCM, and RCM are single point failures, but without safety mechanisms. What are the corresponding failure modes and how to handle/consider them?

2. In S32K144 FMEDA Clock part, there is module SCG, what’s the difference with XOSC and PLL? What’s the function of PCC, SIM and CCM modules? And these modules are single point failures, but without safety mechanisms. What are the corresponding failure modes and how to handle/consider them?

Why these moudles are signle point failure? such as RCM, this is only registers for reset sources indicaiton and reset parameters e.g. delay time settings.  

0 Kudos
Reply
1 Reply

‎12-14-2020 08:16 AM
151 Views
aarul
NXP Employee
NXP Employee

Hi

Please find replies below for your queries.

  1. The MCM, SMC and RCM are global MCU control and configuration modules. These modules are not direct part of the assumed safety function, but maybe can impact the safety function, to be on the safe side, we added the failure rate of this modules to the dangerous failure rate. Some of these failures will be detected by other Safety Mechanism, but we have no confirmed coverage, therefore we add 0% to be on the safe side. But all modules are part of the FMEDA calculation, this calculation confirms that the Core module reach the required Safety Architecture matric target for ASIL-B.
  2. The SCG, PCC, SIM and CCM are global clock configuration and distribution modules, in these modules the configuration registers for the PLL an XOSC are present. A low percentage of the failure rate will be able to impact the Safety Function, to be on the safe side we added all failure to the FMEDA,  Some of these failures will be detected by other Safety Mechanism, but we have no confirmed coverage, therefore we add 0% to be on the safe side. But all modules are part of the FMEDA calculation, this calculation confirms that the Clock module reach the required Safety Architecture matric target for ASIL-B.

Regards

-Aarul

0 Kudos
Reply