TPS3704x is used to monitor rails for systems such as camera systems, rain sensors, display systems etc.

It monitors each rail for over voltage and under voltage faults. The thresholds for fault setting are defined by the rail voltage level being monitored and the SOC, interface, memory abs max and min levels that should not be exceeded. The basic functional safety assumption is that if an abs max or min limit is violated the system can operate in an undefined state which could violate safety goals and lead to hazards.

If an over voltage or under voltage fault happens the RESETx pin associated with that SENSEx pin is asserted low. In normal operation on power up the RESETx pin goes high after the startup delay (tSTRT ) plus Reset delay (TD). The functional safety concept is that when a fault is detected the RESETx pin goes low within the propagation delay (Tpd). This RESETx pin is connected to an NMI (Non maskable interrupt) of the Microcontroller or SOC. In Figure 4-7 it is shown that once the microcontroller gets a NMI it then takes action to trigger the safe state for the system.

In summary the basic premise of the functional safety concept is detect overvoltage and/or under voltage faults and perform a system reset to put the system in a safe state. The RESETx output can be connected to any input that is responsible for taking the system to a safe state. In Figure 4-7 it goes to an NMI of a microcontroller. In some system implementations it may trigger the system safe state directly.

Once the system is in a safe state there should be also defined what is the sequence of events that need to happen to take it out of the safe state.

Depending on the type of system it may sometimes be required to do a power reboot to clear the safe state or it can automatically be cleared if the fault that caused the RESET is gone (i.e. the output voltage comes back within spec). Once the voltage comes back within spec the RESETx pin is deasserted after the Reset time delay.