My question is a general question on how to boil down "system level" ASIL requirements down to MCU ASIL requirements.
I have the following situation with a customer: Initially, ASIL-B was defined as a requirement. We therefore proposed an ASIL-B capable product. (MPC574xG) In the meantime, the customer added ASIL-C requirements for some specific functions. ( in particular, some Digital I/Os and CAN communication is requested to be ASIL-C) .
Question: Do we require then an ASIL-C capable microcontroller?
It is my understanding that our safety concept does not address peripherals or I/Os functions, since the use of these is highly application dependent and therefore requires system-level strategies for fault monitoring.
Therefore, am I correct in thinking that even if we delivered an ASIL-C/D microcontroller, these I/O and CAN functions need to be dealt at system-level. Could we then keep the current ASIL-B product and tell the customer to strengthen the safety level of the ASIL-C functions by software or something else?