from the S32k1xx Safety Manual we have : "Assumption: [SM_085] Software must not disable the direct transition by the RCM into a safe state due to an overvoltage or undervoltage indication. [end]"
I have two questions :
Q1 : how can an OVERvoltage event cause ( be related to ) a DIRECT rcm transition to safe state ? Overvoltage is monitored only externally so there should not even exist any DIRECT rcm transitions related to that fault.
Q2 : for undervoltage fault , in case of VLVR and VLVR_LP there is always a reset generated by RCM ( only the tresholds are sw selectable ) and there is no disabling possibility by SW. So how should the mentioned Assumption be interpreted ?