SFFS619 December   2023 MSPM0L1304-Q1 , MSPM0L1305-Q1 , MSPM0L1306-Q1

 

  1.   1
  2. 1Introduction
    1.     Trademarks
  3. 2MSPM0L Hardware Component Functional Safety Capability
  4. 3Development Process for Management of Systematic Faults
    1. 3.1 TI New-Product Development Process
    2. 3.2 TI Functional Safety Development Process
  5. 4MSPM0L Component Overview
    1. 4.1 Targeted Applications
    2. 4.2 Hardware Component Functional Safety Concept
    3. 4.3 Functional Safety Constraints and Assumptions
  6. 5Description of Hardware Component Parts
    1. 5.1  ADC
    2. 5.2  Comparator
    3. 5.3  OPA
    4. 5.4  CPU
    5. 5.5  RAM
    6. 5.6  FLASH
    7. 5.7  GPIO
    8. 5.8  DMA
    9. 5.9  SPI
    10. 5.10 I2C
    11. 5.11 UART
    12. 5.12 Timers (TIMx)
    13. 5.13 PMU
    14. 5.14 CKM
  7. 6MSPM0L Management of Random Faults
    1. 6.1 Fault Reporting
    2. 6.2 Functional Safety Mechanism Categories
    3. 6.3 Description of Functional Safety Mechanisms
      1. 6.3.1  ADC1,DMA1,COMP1,GPIO2,TIM2,I2C2,IOMUX1,OA1,SPI2,UART2,SYSCTL5,REF1: Periodic read of static configuration registers
      2. 6.3.2  ADC2: Software test of function
      3. 6.3.3  ADC3: ADC trigger overflow check
      4. 6.3.4  ADC4: Window comparator
      5. 6.3.5  OA2: Test of OA using internal DAC8 as a driver
      6. 6.3.6  COMP3: Testing COMP using an external pin
      7. 6.3.7  CPU1: CPU test using software test library
      8. 6.3.8  DMA2: Software test of DMA function
      9. 6.3.9  SYSMEM1: Write to SRAM from CPU, read from DMA
      10. 6.3.10 SYSMEM2: Write to SRAM from DMA, read from CPU
      11. 6.3.11 SYSMEM5: SRAM March test
      12. 6.3.12 FXBAR1: CPU readback of known data from Flash
      13. 6.3.13 FXBAR2: DMA readback of known data from Flash
      14. 6.3.14 FLASH2: CRC check of flash content
      15. 6.3.15 GPIO1: GPIO test using pin IO loopback
      16. 6.3.16 WDT
      17. 6.3.17 TIM1: Software test of function
      18. 6.3.18 I2C1: Software test of I2C function using internal loopback mechanism
      19. 6.3.19 SPI1 : Software test of SPI function
      20. 6.3.20 SPI3: SPI periodic safety message exchange
      21. 6.3.21 UART1: Software test of UART function
      22. 6.3.22 SYSCTL1: MCLK monitor
      23. 6.3.23 SYSCTL8: Brownout Reset (BOR) Supervisor
      24. 6.3.24 SYSCTL9: FCC counter logic to calculate clock frequencies
      25. 6.3.25 SYSCTL10: External voltage monitor
      26. 6.3.26 SYSCTL11: Boot process monitor
      27. 6.3.27 SYSCTL12: Shutdown memory bits parity protection
      28. 6.3.28 SYSCTL14: Brownout Voltage Monitor
      29. 6.3.29 SYSCTL15: External voltage supervisor on VDD
      30. 6.3.30 REF2: Test of VREF using ADC
  8.   A Summary of Recommended Functional Safety Mechanism Usage
  9.   B Distributed Developments
    1.     B.1 How the Functional Safety Lifecycle Applies to TI Functional Safety Products
    2.     B.2 Activities Performed by Texas Instruments
    3.     B.3 Information Provided
  10.   C Revision History

3.2 TI Functional Safety Development Process

The TI functional safety development flow derives from ISO 26262 and IEC 61508 a set of requirements and methodologies to be applied to semiconductor development. This flow is combined with TI's standard new product development process to develop TI functional safety components. The details of this functional safety development flow are described in the TI internal specification - SafeTI Functional Safety Hardware.

Key elements of the TI functional safety-development flow are as follows:

  • Assumptions on system level design, functional safety concept, and requirements based on TI's experience with components in functional safety applications
  • Qualitative and quantitative functional safety analysis techniques including analysis of silicon failure modes and application of functional safety mechanisms
  • Base FIT rate estimation based on multiple industry standards and TI manufacturing data
  • Documentation of functional safety work products during the component development
  • Integration of lessons learned through multiple functional safety component developments, functional safety standard working groups, and the expertise of TI customers

Table 3-1 lists these functional safety development activities which are overlaid atop the standard development flow in Figure 3-1.

Refer to Appendix B for more information about which functional safety lifecycle activities TI performs.

The customer facing work products derived from this TI functional safety process are applicable to many other functional safety standards beyond ISO 26262 and IEC 61508.

Table 3-1 Functional Safety Activities Overlaid on top of TI's Standard Development Process
AssessPlanCreateValidateSustain and End-of-Life
Determine if functional safety process execution is requiredDefine component target SIL/ASIL capabilityDevelop component level functional safety requirementsValidate functional safety design in siliconDocument any reported issues (as needed)
Nominate a functional safety managerGenerate functional safety planInclude functional safety requirements in design specificationCharacterize the functional safety designPerform incident reporting of sustaining operations (as needed)
End of Phase AuditVerify the functional safety planVerify the design specificationQualify the functional safety design (per AEC-Q100)Update work products (as needed)
Initiate functional safety case Start functional safety designFinalize functional safety case
Analyze target applications to generate system level functional safety assumptionsPerform qualitative analysis of design (i.e. failure mode analysis)Perform assessment of project
End of Phase AuditVerify the qualitative analysisRelease functional safety manual
Verify the functional safety designRelease functional safety analysis report
Perform quantitative analysis of design (i.e. FMEDA)Release functional safety report
Verify the quantitative analysisEnd of Phase Audit
Iterate functional safety design as necessary
End of Phase Audit