SFFS624B March   2024  – August 2025 MSPM0G3105 , MSPM0G3105-Q1 , MSPM0G3106 , MSPM0G3106-Q1 , MSPM0G3107 , MSPM0G3107-Q1 , MSPM0G3505 , MSPM0G3505-Q1 , MSPM0G3506 , MSPM0G3506-Q1 , MSPM0G3507 , MSPM0G3507-Q1

 

  1.   1
  2. 1Introduction
    1.     Trademarks
  3. 2 MSPM0G3x0x-Q1 Hardware Component Functional Safety Capability
  4. 3Development Process for Management of Systematic Faults
    1. 3.1 TI New-Product Development Process
    2. 3.2 TI Functional Safety Development Process
  5. 4 MSPM0G3x0x-Q1 Component Overview
    1. 4.1 Targeted Applications
    2. 4.2 Hardware Component Functional Safety Concept
    3. 4.3 Functional Safety Constraints and Assumptions
  6. 5Description of Hardware Component Parts
    1. 5.1  ADC
    2. 5.2  Comparator
    3. 5.3  DAC
    4. 5.4  OPA
    5. 5.5  CPU
    6. 5.6  RAM
    7. 5.7  FLASH
    8. 5.8  GPIO
    9. 5.9  DMA
    10. 5.10 SPI
    11. 5.11 I2C
    12. 5.12 UART
    13. 5.13 Timers (TIMx)
    14. 5.14 Power Management Unit (PMU)
    15. 5.15 Clock Module (CKM)
    16. 5.16 CAN-FD
    17. 5.17 Events
    18. 5.18 IOMUX
    19. 5.19 VREF
    20. 5.20 WWDT
    21. 5.21 CRC
  7. 6 MSPM0G3x0x-Q1 Management of Random Faults
    1. 6.1 Fault Reporting
    2. 6.2 Functional Safety Mechanism Categories
    3. 6.3 Description of Functional Safety Mechanisms
      1. 6.3.1  ADC1, COMP1, DAC1, DMA1, GPIO2, TIM2, I2C2, IOMUX1, SPI2, UART2, SYSCTL5, MCAN3, CPU4, CRC1, EVENT1, REF1, WDT1: Periodic Read of Static Configuration Registers
      2. 6.3.2  ADC2: Software Test of Functionality
      3. 6.3.3  ADC3: ADC Trigger Overflow Check
      4. 6.3.4  ADC4: Window Comparator
      5. 6.3.5  ADC5: Test of Window Comparator
      6. 6.3.6  ADC6: ADC Trigger, Output Plausibility Checks
      7. 6.3.7  OA2: Test of OA Using Internal DAC as a Driver
      8. 6.3.8  OA3: ADC Monitoring of OA Output
      9. 6.3.9  COMP2: Software Test of Comparator Using Internal DAC
      10. 6.3.10 COMP3: External Pin Input to COMP
      11. 6.3.11 COMP4: Comparator Hysteresis
      12. 6.3.12 COMP5: Redundant Comparator
      13. 6.3.13 WDT: Windowed Watchdog Timer
      14. 6.3.14 WDT2: WWDT Counter Check
      15. 6.3.15 WDT3: WWDT Software Test
      16. 6.3.16 WDT4: Redundant WDT
      17. 6.3.17 REF2: VREF to ADC Reference Input
      18. 6.3.18 CPU1: CPU Test Using Software Test Library
      19. 6.3.19 CPU2: Software Test of CPU Data Buses
      20. 6.3.20 CPU3: Software Diversified Redundancy
      21. 6.3.21 SYSMEM1: Software Read of Memory, DMA Write
      22. 6.3.22 SYSMEM2: DMA Read from SRAM, CPU Write
      23. 6.3.23 SYSMEM3: Parity Logic Test
      24. 6.3.24 SYSMEM4: Parity Protection on SRAM
      25. 6.3.25 SYSMEM9: RAM Software Test
      26. 6.3.26 FLASH1: FLASH Single Error Correction, Double Error Detection Mechanism
      27. 6.3.27 FLASH2: Flash CRC
      28. 6.3.28 FXBAR2: Periodic Software Read Back of Flash Data
      29. 6.3.29 FXBAR3: Software Test of ECC Checker Logic
      30. 6.3.30 FXBAR4: Write Protection of Flash
      31. 6.3.31 DAC2: DAC Test Using Internal ADC as DAC Output Checker
      32. 6.3.32 DAC3: DAC FIFO Underrun Interrupt
      33. 6.3.33 DMA2: Software Test of DMA Function
      34. 6.3.34 DMA3: Software DMA Channel Test
      35. 6.3.35 DMA4: CRC Check of the Transferred Data
      36. 6.3.36 GPIO1: GPIO Test Using Pin I/O Loopback
      37. 6.3.37 GPIO3: GPIO Multiple (Redundant) Inputs/Outputs
      38. 6.3.38 TIM1: Test for PWM Generation
      39. 6.3.39 TIM3: Test for Fault Generation
      40. 6.3.40 TIM4: Fault Detection to Take the PWMs to Safe State
      41. 6.3.41 TIM5: Input Capture on Two or More Timer Instances
      42. 6.3.42 TIM6: Timer Period Monitoring
      43. 6.3.43 I2C1: Software Test of I2C Function Using Internal Loopback Mechanism
      44. 6.3.44 I2C3, SPI4, UART3, MCAN2: Information Redundancy Techniques Including End-to-End Safing
      45. 6.3.45 I2C4, SPI5, UART4: Transmission Redundancy
      46. 6.3.46 I2C5, UART5: Timeout Monitoring
      47. 6.3.47 I2C6: Test of CRC Function
      48. 6.3.48 I2C7: Packet Error Check in SMBUS Mode
      49. 6.3.49 IOMUX2: IOMUX Coverage as Part of Other IP Safety Mechanisms
      50. 6.3.50 SPI1: Software Test of SPI Function
      51. 6.3.51 SPI3: SPI Periodic Safety Message Exchange
      52. 6.3.52 UART1: Software Test of UART Function
      53. 6.3.53 UART6: UART Error Flags
      54. 6.3.54 UART7: UART Glitch filter
      55. 6.3.55 SYSCTL1: MCLK Monitor
      56. 6.3.56 SYSCTL2: HFCLK Start-Up Monitor
      57. 6.3.57 SYSCTL3: LFCLK Monitor
      58. 6.3.58 SYSCTL6: SYSPLL Start-Up Monitor
      59. 6.3.59 SYSCTL8: Brownout Reset (BOR) Supervisor
      60. 6.3.60 SYSCTL9: FCC Counter Logic to Calculate Clock Frequencies
      61. 6.3.61 SYSCTL10: External Voltage Monitor
      62. 6.3.62 SYSCTL11: Boot Process Monitor
      63. 6.3.63 SYSCTL14: Brownout Voltage Monitor
      64. 6.3.64 SYSCTL15: External Voltage Monitor
      65. 6.3.65 SYSCTL16: External Watchdog Timer
      66. 6.3.66 MCAN1: Software test of function using I/O Loopback
      67. 6.3.67 MCAN4: SRAM ECC
      68. 6.3.68 MCAN5: Software Test of ECC Check Logic
      69. 6.3.69 MCAN6: MCAN Timeout Function
      70. 6.3.70 MCAN7: MCAN Timestamp Function
      71. 6.3.71 CRC: CRC Checker
      72. 6.3.72 EVENT2: Interrupt Connectivity Check
      73. 6.3.73 Safety Mechanisms Covering PIN Failures
      74. 6.3.74 Safety Mechanisms Covering Common Cause Failures
  8.   A Summary of Recommended Functional Safety Mechanism Usage
  9.   B Distributed Developments
    1.     B.1 How the Functional Safety Lifecycle Applies to TI Functional Safety Products
    2.     B.2 Activities Performed by Texas Instruments
    3.     B.3 Information Provided
  10.   C Revision History

A Summary of Recommended Functional Safety Mechanism Usage

Appendix A summarizes the functional safety mechanisms present in hardware or recommend for implementation in software or at the system level as described in Chapter 5. Table 7-1 describes each column in Table 7-2 and gives examples of what content can appear in each cell.

Table A-1 Legend of Functional Safety Mechanisms
Functional Safety MechanismDescription
TI Safety Mechanism Unique IdentifierA unique identifier assigned to this safety mechanism for easier tracking.
Safety Mechanism NameThe full name of this safety mechanism.
Safety Mechanism CategorySafety Mechanism - This test provides coverage for faults on the primary function. It may also provide coverage on another safety mechanism. These tests also provide coverage of primary function multiple-point faults if it covers permanent faults.

Test for Safety Mechanism - This test provides coverage for faults of a safety mechanism only. It does not provide coverage on the primary function.

Fault Avoidance - This is typically a feature used to improve the effectiveness of a related safety mechanism.

Safety Mechanism TypeCan be either hardware, software, a combination of both hardware and software, or system. See Section 6.2 for more details.
Safety Mechanism Operation IntervalThe timing behavior of the safety mechanism with respect to the test interval defined for a functional safety requirement / functional safety goal. Can be either continuous, or on-demand.

Continuous - the safety mechanism constantly monitors the hardware-under-test for a failure condition.

Periodic or On-Demand - the safety mechanism is executed periodically, when demanded by the application. These tests have to be performed within the FTTI (Fault tolerant time interval) determined by the application. The test of diagnostics have to be performed once within the multiple-point fault detection interval. This includes Built-In Self-Tests that are executed one time per drive cycle or once every few hours.

Test Execution TimeTime period required for the safety mechanism to complete, not including error reporting time.

Note: Certain parameters are not set until there is a concrete implementation in a specific component. When component specific information is required, the component data sheet must be referenced.

Note: For software-driven tests, the majority contribution of the Test Execution Time is often software implementation-dependent.

Action on Detected FaultThe response that this safety mechanism takes when an error is detected.

Note: For software-driven tests, the Action on Detected Fault can depend on software implementation.

Time to ReportTypical time required for safety mechanism to indicate a detected fault to the system.

Note: For software-driven tests, the majority contribution of the Time to Report is often software implementation-dependent.

Diagnostic EvaluationBasis of diagnostic coverage evaluation:
  • Injection - Diagnostic coverage evaluation is based on TI-driven fault injection campaign
  • Insertion - Diagnostic coverage evaluation is based on customer-driven fault insertion campaign
  • Calculation - Diagnostic coverage evaluation is based on analytical or independent experimental data
  • Estimation - Diagnostic coverage evaluation is based on expert judgment
Note: Insertion refers to the ability of a system integrator to inject faults using external test fixtures, e.g. an Ethernet CRC check can be tested by sending in Ethernet packets with a bad CRC. Insertion is not expected to replace functional verification performed by TI. The intention of insertion is first, that the system can verify that the diagnostic is working and the system response to the diagnostic. The second is that a system integrator can, if necessary, measure overall diagnostic effectiveness in the context of their system. For example, the overall diagnostic coverage for methods protecting Ethernet can be measured at the system level by having the entire solution (hardware + software) running and sending in bad packets. The customer can choose to perform these techniques to update the DC values with more accurate numbers pertaining to their use cases. For these diagnostic where insertion is used as DC evaluation method, TI provides the DC coverage based on assumed safety use case in a SEOOC development.
Diagnostic Detection Capability
  • Permanent - Diagnostic is capable of detecting permanent faults and runs within FTTI. The diagnostic is also capable of detecting primary function multiple-point faults.
  • Transient - Diagnostic is capable of detecting transient faults and runs within FTTI.
  • Permanent /Transient - Diagnostic is capable of detecting permanent and transient faults and runs within FTTI.
  • Latent - Diagnostic is capable of detecting multiple-point latent faults and runs within MPFTTI.
Table A-2 Summary of Safety Features and Diagnostics
TI Safety Mechanism Unique IdentifierSafety Mechanism NameSafety Mechanism CategorySafety Mechanism TypeSafety Mechanism Operation IntervalTest Execution TimeAction on Detected FaultTime to ReportDiagnostic EvaluationDiagnostic Detection Capability
ADC1Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
ADC2ADC Software Test of FunctionalitySafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
WDTWindowed Watchdog EventSafety MechanismHardware + SoftwareContinuousApplication DependentReset the Device<1μsEstimationPermanent and Transient
ADC3ADC Trigger OverflowSafety MechanismHardwareContinuousApplication DependentGenerate an interrupt<100 bus clock cyclesEstimationPermanent and Transient
ADC4ADC Window ComparatorSafety MechanismHardwareContinuousApplication DependentGenerate an interrupt<100 bus clock cyclesEstimationPermanent and Transient
ADC5Test of Window ComparatorTest for Safety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
ADC6ADC Trigger or Output Plausibility CheckSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
COMP1Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
COMP2DAC to COMP LoopbackSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
COMP3External Pin Input to COMPSafety MechanismSystem Level DiagnosticPeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
COMP4Comparator HysteresisFault AvoidanceHardwareContinuousApplication DependentRefer to Section 4.2N/AN/AN/A
COMP5Redundant Comparator Fault AvoidanceHardware + SoftwareContinuousApplication DependentRefer to Section 4.2Application Dependent

Insertion

Permanent and Transient

CPU1ARM® Software Test LibrarySafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInjectionPermanent
CPU2Write or Read Back of Data to Different Regions of Memory to Detect Faults in the Bus Interconnect ComponentsSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
SYSCTL11Boot Process TimeoutSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication Dependent10 bus clock cyclesEstimationPermanent and Transient
CPU3Software Diversified RedundancySafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
CPU4Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
CRCCRC CheckerSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
CRC1Periodic Software Read Back of Static Configuration RegistersTest for Safety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
DAC1Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application Dependent

Estimation

Permanent and Transient

DAC2DAC to ADC LoopbackSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application Dependent

Insertion

Permanent

DAC3FIFO Underrun interruptSafety MechanismHardware ContinuousApplication DependentGenerate an interrupt<100 bus clock cycles

Insertion

Permanent and Transient
DMA1Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
DMA2Software DMA Transfer TestSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
DMA3Software DMA Channel TestSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
DMA4CRC Check of the Transferred DataSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
EVENT1Periodic Software Readback of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
GPIO3GPIO Multiple (Redundant) Inputs/OutputsSafety MechanismHardware + SoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
FXBAR2Periodic Software Read Back of Flash DataSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent
FLASH1Flash ECC CheckerSafety MechanismHardwareContinuousApplication DependentGenerate an interrupt<100 bus clock cyclesCalculationPermanent and Transient
FLASH2Flash CRCSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
FXBAR3Software Test of ECC Checker LogicTest for Safety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
FXBAR4Write Protection of FlashSafety MechanismHardwareContinuousApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
GPIO1Online Monitoring Using I/O LoopbackSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
GPIO2Periodic Software Readback of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
TIM1Test for Basic PWM GenerationSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
TIM2Periodic Software Read Back of IP Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
TIM3Test for Fault GenerationTest for Safety MechanismSystemPeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
TIM4Fault Detection to Take the PWMs to Safe StateSafety MechanismHardware + SoftwareContinuousApplication DependentRefer to Section 4.2<100 bus clock cyclesEstimationPermanent and Transient
TIM5Input Capture on Two or More Timer InstancesSafety MechanismHardwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
TIM6Timer Period MonitoringSafety MechanismHardware + SoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
I2C1Software Test of Function Using I/O LoopbackSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
I2C2Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
I2C3Information Redundancy Techniques Including End-to-End SafingSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
I2C4Transmission RedundancySafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionTransient
I2C5Timeout MonitoringSafety Mechanism | Test of Safety MechanismSoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
I2C6Test of CRC FunctionTest for Safety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
I2C7Packet Error Check in SMBUS ModeFault AvoidanceN/AContinuousApplication DependentRefer to Section 4.2N/AN/AN/A
IOMUX1Periodic Software Readback of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
IOMUX2IOMUX Coverage as Part of Other IP Safety Mechanisms.Safety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
MCAN1Software test of function using I/O loopbackSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
MCAN2Information Redundancy Techniques Inclusing End-to-End SafingSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
MCAN3Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
MCAN4SRAM ECCSafety MechanismSoftwarePeriodic or On-DemandApplication DependentGenerate an Interrupt< 100 bus clock cyclesCalculation

Permanent and Transient

MCAN5Software Test ECC LogicTest of Safety MechanismHardware + SoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertion

Latent

MCAN6Timeout on FIFO ActivitySafety MechanismHardware + SoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
MCAN7Timestamp Consistency ChecksSafety MechanismHardware / SoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
SPI1Software Test of Function Using I/O LoopbackSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
SPI2Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
SPI3SPI Periodic Safety Message ChecksSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
SPI4Information Redundancy Techniques Including End-to-End SafingSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
SPI5Transmission RedundancySafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionTransient
SYSCTL1MCLK MonitorSafety MechanismHardware + SoftwareContinuousApplication DependentReset the Device<1μsEstimationPermanent and Transient
SYSCTL2HFCLK Start-up MonitorFault AvoidanceHardwarePeriodic or On-DemandApplication DependentN/AN/AN/AN/A
SYSCTL3LFCLK MonitorSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentGenerate an interrupt<100 bus clock cyclesEstimationPermanent and Transient
SYSCTL5Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
SYSCTL6SYSPLL Startup monitorFault AvoidanceN/APeriodic or On-DemandApplication DependentRefer to Section 4.2
SYSCTL8Brownout Reset (BOR) SupervisorSafety MechanismHardwarePeriodic or On-DemandApplication DependentGenerate an interrupt<100 bus clock cyclesEstimationPermanent
SYSCTL9Clock Frequency MeasurementSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
SYSCTL10External Voltage MonitorSafety MechanismSystem Level DiagnosticPeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent
SYSCTL14Brownout Voltage MonitorSafety MechanismHardwarePeriodic or On-DemandApplication DependentReset the Device<1μsEstimationPermanent
SYSCTL15External Voltage SupervisorSafety MechanismSystem Level DiagnosticPeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
SYSCTL16External Watchdog TimerSafety MechanismSystem Level DiagnosticPeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
SYSMEM1Software Read of Memory DMASafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
SYSMEM2Software Read of Memory CPUSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
SYSMEM8ECC Logic testTest for Safety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
SYSMEM7RAM ECCSafety MechanismHardwareContinuousApplication DependentGenerate an interrupt<100 bus clock cyclesCalculationPermanent and Transient
SYSMEM9RAM Software TestSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
UART1Software Test of Function Using I/O LoopbackSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
UART2Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
UART3Information Redundancy Techniques Including End-to-End SafingSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent and Transient
UART4Transmission RedundancySafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionTransient
UART5Timeout MonitoringSafety Mechanism | Test of Safety MechanismSoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
UART6UART Error FlagsSafety MechanismHardwareContinuousApplication DependentGenerate an interrupt.<100 bus clock cyclesEstimationPermanent and Transient
UART7UART Glitch FilterFault AvoidanceHardwareContinuousApplication DependentN/AN/AN/AN/A
REF1Periodic Software Read Back of Static Configuration RegistersSafety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationPermanent and Transient
REF2VREF to ADC Reference InputSafety MechanismHardware + SoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionPermanent
WDT1Periodic Software Read Back of Static Configuration RegistersTest for Safety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentEstimationLatent
WDT2WWDT Counter CheckTest for Safety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
WDT3WWDT Software TestTest for Safety MechanismSoftwarePeriodic or On-DemandApplication DependentRefer to Section 4.2Application DependentInsertionLatent
WDT4Redundant WatchdogTest for Safety MechanismHardware + SoftwareContinuousApplication DependentRefer to Section 4.2Application DependentInsertionLatent