SFFS757 February   2024 DLP4620S-Q1 , DLPC231S-Q1

 

  1.   1
  2. 1Introduction
    1.     Trademarks
  3. 2 DLP4620S-Q1 Chipset Functional Safety Capability
  4. 3Development Process for Management of Systematic Faults
    1. 3.1 TI New-Product Development Process
    2. 3.2 TI Functional Safety Development Process
  5. 4 DLP4620S-Q1 Chipset Overview
    1. 4.1 Targeted Applications
    2. 4.2 DLP4620S-Q1 Chipset Functional Safety Concept
      1. 4.2.1 Typical Hazards
      2. 4.2.2 Chipset Architecture
      3. 4.2.3 Built-In Self Tests
    3. 4.3 Functional Safety Constraints and Assumptions
  6. 5Description of Hardware Component Parts
    1. 5.1 Description of System Level Built In Self Test (BISTs)
  7. 6Management of Random Faults
    1. 6.1 Fault Reporting
      1. 6.1.1 HOST_IRQ
      2. 6.1.2 Error History
      3. 6.1.3 Fault Handling
    2. 6.2 Functional Safety Mechanism Categories
    3. 6.3 Description of Functional Safety Mechanisms
      1. 6.3.1 Video Path Protection
        1. 6.3.1.1 Video Input BISTs
        2. 6.3.1.2 Video Processing BISTs
        3. 6.3.1.3 Video Output BISTs
      2. 6.3.2 Illumination Control Protection
        1. 6.3.2.1 Communication Interface and Register Protection
        2. 6.3.2.2 LED Control Feedback Loop Protection
        3. 6.3.2.3 Data Load and Transfer Protection
        4. 6.3.2.4 Watchdogs and Clock Monitors
        5. 6.3.2.5 Voltage Monitors
  8.   A Summary of Recommended Functional Safety Mechanism Usage
  9.   B Distributed Developments
    1.     B.1 How the Functional Safety Lifecycle Applies to TI Functional Safety Products
    2.     B.2 Activities Performed by Texas Instruments
    3.     B.3 Information Provided
  10.   C Revision History

A Summary of Recommended Functional Safety Mechanism Usage

Table 7-2 summarizes the functional safety mechanisms present in hardware or recommend for implementation in software or at the system level as described in Section 5. Table 7-1 describes each column in Table 7-2 and gives examples of what content could appear in each cell.

Table A-1 Legend of Functional Safety Mechanisms
Functional Safety MechanismDescription
TI Safety Mechanism Unique IdentifierA unique identifier assigned to this safety mechanism for easier tracking.
Safety Mechanism NameThe full name of this safety mechanism.
Safety Mechanism CategorySafety Mechanism - This test provides coverage for faults on the primary function. It may also provide coverage on another safety mechanism.

Test for Safety Mechanism - This test provides coverage for faults of a safety mechanism only. It does not provide coverage on the primary function.

Fault Avoidance - This is typically a feature used to improve the effectiveness of a related safety mechanism.

Safety Mechanism TypeCan be either hardware, software, a combination of both hardware and software, or system. See Section 6.2 for more details.
Safety Mechanism Operation IntervalThe timing behavior of the safety mechanism with respect to the test interval defined for a functional safety requirement / functional safety goal. Can be either continuous, or on-demand.

Continuous - the safety mechanism constantly monitors the hardware-under-test for a failure condition.

Periodic or On-Demand - the safety mechanism is executed periodically, when demanded by the application. This includes Built-In Self-Tests that are executed one time per drive cycle or once every few hours.

Test Execution TimeTime period required for the safety mechanism to complete, not including error reporting time.

Note: Certain parameters are not set until there is a concrete implementation in a specific component. When component specific information is required, the component data sheet should be referenced.

Note: For software-driven tests, the majority contribution of the Test Execution Time is often software implementation-dependent.

Action on Detected FaultThe response that this safety mechanism takes when an error is detected.

Note: For software-driven tests, the Action on Detected Fault may depend on software implementation.

Time to ReportTypical time required for safety mechanism to indicate a detected fault to the system.

Note: For software-driven tests, the majority contribution of the Time to Report is often software implementation-dependent.

Table A-2 Summary of Functional Safety Mechanisms
TI Safety Mechanism Unique Identifier Safety Mechanism Name Safety Mechanism Operation Interval Test Execution Time Time to Report Action on Detected Fault
SM_1 Video Source Loss Detection 1 Video Frame 1 Video Frame

5ms

Stay in standby or switch to alternate source
SM_2 Video Tell-Tale Checksum 1 Video Frame 1 Video Frame

5ms

 Configurable:
  • No Action (Information only)
  • Log Error and Switch to Alternate Source
  • Emergency Shutdown and Log Error
SM_3 Video Frame Counter Checksum 1 Video Frame 1 Video Frame

5ms

 Configurable:
  • No Action (Information only)
  • Log Error and Switch to Alternate Source
  • Emergency Shutdown and Log Error
SM_4 Average Picture Level 1 Video Frame 1 Video Frame

1ms or 5ms

 Configurable:
  • Log Error
  • Emergency Shutdown and Log Error
SM_5 Front-End Functional Test 1 Driving Cycle 33ms 1ms Stay in standby and log error
SM_6 Back-End Functional Test 1 Driving Cycle 16ms 1ms Stay in standby and log error
SM_7 DLPC231S-Q1 Memory BIST 1 Driving Cycle 47ms 1ms Stay in standby and log error
SM_8 Frame Buffer Switch Watchdog 1 Video Frame 9x Video Frame

5ms

 Emergency shutdown and Log Error
SM_9 DMD High Speed Interface Training 1 Video Frame 8x Video Frame

1ms

 Log Error
SM_10 DMD Low Speed Interface Test 1 Video Frame 1 Video Frame

1ms

 Log Error
SM_11 DMD Memory Test 1 Driving Cycle 21ms

1ms

 Stay in standby and log error
SM_12 DMD Reset Instruction Watchdog 1 DMD Mirror Transition Interval 9x Video Frame

5ms

 Emergency shutdown and log error
SM_13 DMD Clock Monitor 1 Video Frame 1 Video Frame 5ms Emergency shutdown and log error
SM_14 Host Command CRC 1 Host SPI Command Transaction 1 SPI Command Time. Timing depends on SPI frequency

1ms

 Log Error
SM_15 Loss of Dimming Command Test Software Configurable Software Configurable

5ms

 Emergency shutdown and log error
SM_16 TPS99000S-Q1 Interface Signal Connection Test 1 Driving Cycle 3ms

1ms

 Stay in standby and log error
SM_17 DLPC231S-Q1 to TPS99000S-Q1 SPI Byte-Wise Parity 1 DLPC231S-Q1 to TPS99000S-Q1 command transaction 1.1μs (4 SPI packet transactions at 30MHz; initial transaction + three re-tries)

5ms

 Emergency Shutdown and Log Error
SM_18 DLPC231S-Q1 to TPS99000S-Q1 ADC Interface SPI Parity 1 DLPC231S-Q1 to TPS99000S-Q1 AD3 transaction 4.1μs (4 transactions at 30MHz; initial transaction + three re-tries)

5ms

 Emergency Shutdown and Log Error
SM_19 TPS99000S-Q1 Password Protected Register Space 1 DLPC231S-Q1Q1 to TPS99000S-Q1 Register Write 4x Video Frame

N/A

 No failure action. TPS99000S-Q1 Register Checksum would likely indicate if there was a failure during the password protection.
SM_20 TPS99000S-Q1 Register Checksum 1 Video Frame 1 video frame to detect and correct
4 video frames to detect persistent error

5ms

 Emergency Shutdown and Log Error
SM_21 DAC to ADC Loopback Test 1 Driving Cycle 27ms

1ms

 Stay in standby and log error
SM_22 Photo Feedback Monitor 1 Video Frame Software Configurable

5ms or 1ms

 Depends on failure condition:
  • Emergency Shutdown and Log Error
  • Log Error
SM_23 Flash Table Transport CRC Every Data Transfer from Flash 1 Video Frame

1ms

 Re-load data and Log Error
SM_24 DLPC231S-Q1 Memory ECC Continuous

1ms or 5ms
  • Correct Single-Bit Errors and Log Error
  • Emergency Shutdown and Log Error for multi-bit error
SM_25 DLPC231S-Q1 Memory BIST 1 Driving Cycle Stay in standby and log error
SM_26 Flash Data Verification 1 Driving Cycle 42μs / Kbyte of flash data

1ms

 Stay in standby and log error
SM_27 Periodic Refresh 1 Video Frame or less N/A N/A N/A
SM_28 Boot ROM CRC 1 Driving Cycle N/A N/A Stay in boot and log error
SM_29 TPS99000S-Q1 Clock Ratio Monitor 1 Video Frame 1 Video Frame Log error
SM_30 DLPC231S-Q1 Processor Watchdog (WD1) 72ms 128ms 5ms HOST_IRQ and system reset
SM_31 DLPC231S-Q1 Sequencer Watchdog (WD2) 1 Video Frame 7x Video Frame

5ms

 Emergency Shutdown and Log Error
SM_32 Sequencer Instruction Read Watchdog Every sequencer instruction read, typically < 200μs 9x Video Frame

5ms

 Emergency Shutdown and Log Error
SM_33 TPS99000S-Q1 DLPC231S-Q1 Real-Time Voltage Monitors Continuous 52μs <17ms Emergency Shutdown
SM_34 TPS99000S-Q1 DMD Voltage Monitors Continuous 52μs <17ms Emergency Shutdown
SM_35 TPS99000S-Q1 Input Voltage Monitor Continuous 52μs <17ms Emergency Shutdown
SM_36 TPS99000S-Q1 Internally Generated Voltage Monitors Continuous Immediately <17ms Emergency Shutdown
SM_37 DLPC231S-Q1 DMD Voltage Monitor 1 Video Frame 1 Video Frame

5ms

 Emergency Shutdown and Log Error
SM_38 DLPC231S-Q1 System Voltage Monitor 1 Video Frame 1 Video Frame

1ms

 Log Error