SLLA535 December   2022 TLIN1431-Q1

 

  1. 1Introduction
    1.     Trademarks
  2. 2TLIN1431x-Q1 Hardware Component Functional Safety Capability
  3. 3Development Process for Management of Systematic Faults
    1. 3.1 TI New-Product Development Process
    2. 3.2 TI Functional Safety Development Process
  4. 4TLIN1431x-Q1 Component Overview
    1. 4.1 Targeted Applications
    2. 4.2 Hardware Component Functional Safety Concept
    3. 4.3 Functional Safety Constraints and Assumptions
  5. 5Description of Hardware Component Parts
    1. 5.1 LIN Transceiver
    2. 5.2 Digital Core
    3. 5.3 Power Control IP
    4. 5.4 Digital Input/Output Pins and High-side Switch
  6. 6TLIN1431x-Q1 Management of Random Faults
    1. 6.1 Fault Reporting
    2. 6.2 Functional Safety Mechanism Categories
    3. 6.3 Description of Functional Safety Mechanisms
      1. 6.3.1 LIN Bus and Communication
        1. 6.3.1.1 SM-1: LIN TXD Pin Dominant State Timeout
        2. 6.3.1.2 SM-2: LIN Bus Stuck Dominant System Fault: False Wake Up Lockout
        3. 6.3.1.3 SM-3: LIN Bus Short Circuit Limiter
        4. 6.3.1.4 SM-20: LIN Internal pull-up to VSUP
        5. 6.3.1.5 SM-22: LIN Protocol
      2. 6.3.2 Voltage Rail Monitoring
        1. 6.3.2.1 SM-4: VCC and Transceiver Thermal Shutdown
        2. 6.3.2.2 SM-5: VCC Under-voltage
        3. 6.3.2.3 SM-6: VCC Over-voltage
        4. 6.3.2.4 SM-7: VCC Short to Ground
        5. 6.3.2.5 SM-8: VSUP Under-voltage
      3. 6.3.3 Processor Communication
        1. 6.3.3.1 SM-9 and SM-10: Watchdog
          1. 6.3.3.1.1 SM-9: Standby Mode Long Window Timeout Watchdog
          2. 6.3.3.1.2 SM-10: Normal Mode Watchdog
        2. 6.3.3.2 SM-11: SPI CRC
        3. 6.3.3.3 SM-12: SPI Communication Error; SPIERR
        4. 6.3.3.4 SM-13: Scratchpad Write/Read Register
        5. 6.3.3.5 SM-14: Sleep Wake Error Timer; tINACT_FS
      4. 6.3.4 Digital Input/Output Pins and High-side Switch
        1. 6.3.4.1 SM-15: CLK internal pull-up to VINT
        2. 6.3.4.2 SM-16: SDI internal pull-up to VINT
        3. 6.3.4.3 SM-17: nCS Internal pull-up to VINT
        4. 6.3.4.4 SM-18: DIV_ON Internal pull-down to GND
        5. 6.3.4.5 SM-19: TXD Internal pull-up to VINT
        6. 6.3.4.6 SM-21: nRST Internal pull-up to VINT
        7. 6.3.4.7 SM-23: HSS Over Current Detect
        8. 6.3.4.8 SM-24: HSS Open Load Detect
          1.        A Summary of Recommended Functional Safety Mechanism Usage
            1.         B Distributed Developments
              1.          B.1 How the Functional Safety Lifecycle Applies to TI Functional Safety Products
              2.          B.2 Activities Performed by Texas Instruments
              3.          B.3 Information Provided
                1.           C Revision History

4.3 Functional Safety Constraints and Assumptions

In creating a functional Safety Element out of Context (SEooC) concept and doing the functional safety analysis, TI generates a series of assumptions on system level design, functional safety concept, and requirements. These assumptions (sometimes called Assumptions of Use) are listed below. Additional assumptions about the detailed implementation of safety mechanisms are separately located in Section 6.3.

The Functional Safety Analysis was done under the following system assumptions:

  • SA_1: The system integrator shall follow all requirements in the component data sheet
  • SA_2: The system integrator shall not exceed recommended operating conditions in the component data sheet
  • SA_3: The system integrator uses SPI control, Pin 7 is either high-Z for 3.3 V I/O or pulled up to processor I/O voltage rail if 5 V for I/O is needed.
  • SA_4: Typical applications as shown in Figure 4-3 .
  • SA_5: The non-SPI communication control function is not used in the SEooC and is considered non-safety related.
Note: For functional safety applications, SPI communication control is to be used.

During integration activities these assumptions of use and integration guidelines described for this component shall be considered. Use caution if one of the above functional safety assumptions on this component cannot be met, as some identified gaps may be unresolvable at the system level.