SLLU312A July   2019  – May 2022 TCAN4550-Q1

 

  1.   TCAN4550-Q1 Functional Safety-Manual
  2.   Trademarks
  3. 1Introduction
  4. 2Product Functional Safety-Capability
  5. 3Product Overview
    1. 3.1 Block Diagram
    2. 3.2 Target Applications
      1. 3.2.1 Diagnostic Features
        1. 3.2.1.1 Mode Overview
        2. 3.2.1.2 Sleep Wake Error Timer (SWE)
        3. 3.2.1.3 Undervoltage
        4. 3.2.1.4 Thermal Shut Down
        5. 3.2.1.5 CAN Bus Communication
          1. 3.2.1.5.1 M_CAN
        6. 3.2.1.6 Processor Communication
          1. 3.2.1.6.1 SPI Integrity
            1. 3.2.1.6.1.1 SPI Scratchpad
            2. 3.2.1.6.1.2 SPIERR
            3. 3.2.1.6.1.3 M_CAN Forced Dominant and Recessive
            4. 3.2.1.6.1.4 SPI and FIFO
            5. 3.2.1.6.1.5 ECC for Memory
          2. 3.2.1.6.2 Timeout Watchdog
          3. 3.2.1.6.3 Floating Pins
          4. 3.2.1.6.4 RST Pin
          5. 3.2.1.6.5 Interrupt and Internal Fault Detection
  6. 4Development Process for Management of Systematic Faults
    1. 4.1 TI New-Product Development Process
  7. 5Revision History
3.2.1.6.5 Interrupt and Internal Fault Detection

The TCAN4550-Q1 provides error detection and status notification register and interrupts to notify the host MCU of errors on internal transactions and SPI transactions, see Table 3-9. It also contains internal RAM (FIFO Buffer) ECC protection. The internal RAM is protected by ECC for single bit correction due to transient faults impacting RAM content during the read operation. See Table 3-10 and Table 3-11 for device interrupts and M_CAN specific interrupts. The Bosch M_CAN core has many other interrupt and fault tools that are provided in the data sheet.

Note:

Though these interrupts show certain failures the ones associated to safety mechanism have been included in the document above.

Table 3-9 Internal SPI Status Field Descriptions (Address h000C)
BitFieldTypeResetDescription
31:30RSVDRO1’b0Reserved
29Internal_read_errorW1C1’b0Internal read received an error response
28Internal_write_errorW1C1’b0Internal write received an error response
27Internal_error_log_writeW1C1’b0Entry written to the Internal error log
26Read_fifo_underflowW1C1’b0Read FIFO underflow after 1 or more read data words returned
25Read_fifo_emptyW1C1’b0Read FIFO empty for first read data word to return
24Write_fifo_overflowW1C1’b0Write/command FIFO overflow
23:22RSVDRO1’b0Reserved
21SPI_end_errorW1C1’b0SPI transfer did not end on a byte boundary
20Invalid_commandW1C1’b0Invalid SPI command received
19Write_overflowW1C1’b0SPI write sequence had continue requests after the data transfer was completed
18write_underflowW1C1’b0SPI write sequence ended with less data transferred then requested
17Read_overflowW1C1’b0SPI read sequence had continue requests after the data transfer was completed
16read_underflowW1C1’b0SPI read sequence ended with less data transferred then requested
15:8RSVDRO8’h00Reserved
7:6RSVDRO1’b0Reserved
5Write_fifo_availableRO1’b0write fifo empty entries is greater than or equal to the write_fifo_threshold
4Read_fifo_availableRO1’b0Read fifo entries is greater than or equal to the read_fifo_threshold
3Internal_access_activeROUInternal Multiple transfer mode access in progress
2Internal_error_interruptRO1’b0Unmasked Internal error set
1SPI_error_interruptRO1’b0Unmasked SPI error set
0InterruptROUValue of interrupt input level (active high)
Table 3-10 Interrupts Field Descriptions (Address h0820)
BitFieldTypeResetDescription
31CANBUSNOMRU1'b0CAN Bus normal (Flag and Not Interrupt)
Changes to 1 when in Normal mode after first Dom to Rec transition
30:24RSVDR7b'0000000Reserved
23SMSR/WC1'b0Sleep Mode Status (Flag & Not an interrupt) Only sets when Sleep mode is entered by a WKERR, UVIO timeout, or UVIO+TSD fault
22UVSUPR/WC1'b0Under Voltage VSUP and UVCCOUT
21UVIOR/WC1'b0Under Voltage VIO
20PWRONR/WC/U1'b1Power ON
19TSDR/WC1'b0Thermal Shutdown
18WDTORU/WC1'b0Watchdog Time Out
17RSVDR1'b0Reserved
16ECCERRR/WC1'b0Uncorrectable ECC error detected
15CANINTR/WC1'b0Can Bus Wake Up Interrupt
14LWUR/WC1'b0Local Wake Up
13WKERRR/WC1'b0Wake Error
12RSVDR1'b0Reserved
11RSVDR1'b0Reserved
10CANSLNTR/WC1'b0CAN Silent
9RSVDR1'b0Reserved
8CANDOMR/WC1'b0CAN Stuck Dominant
7GLOBALERRR1'b0Global Error (Any Fault)
6WKRQR1'b0Wake Request
5CANERRR1'b0CAN Error
4RSVDR1'b0RSVD
3SPIERRR1'b0SPI Error
2RSVDR1'b0Reserved
1M_CAN_INTR1'b0M_CAN global INT
0VTWDR1'b0Global Voltage, Temp or WDTO

GLOBALERR: Logical OR of all faults in registers 0x0820-0824.

WKRQ: Logical OR of CANINT, LWU and WKERR.

CANBUSNOM is not an interrupt but a flag. In Normal mode after the first dominant-recessive transition, it is set. It resets to 0 when entering Standby or Sleep modes or when a bus fault condition takes place in Normal mode.

CANERR: Logical OR of CANSLNT and CANDOM faults.

SPIERR: is set if any of the SPI status register 16'h000C[30:16] is set.

  • In the event of a SPI underflow, the error is not detected/alerted until the start of the next SPI transaction.
  • 16'h0010[30:16] are the mask for these errors

VTWD: Logical or of UVCCOUT, UVSUP, UVVIO, TSD, WDTO (Watchdog time out) and ECCERR.

CANINT: Indicates a WUP has occurred; Once a CANINT flag is set, LWU events are ignored. Flag can be cleared by changing to Normal or Sleep modes.

LWU: Indicates a local wake event, from toggling the WAKE pin, has occurred. Once a LWU flag is set, CANINT events is ignored. Flag can be cleared by changing to Normal or Sleep modes.

WKERR: If the device receives a wake up request WUP and does not transition to Normal mode or clear the PWRON or Wake flag before tINACTIVE, the device transitions to Sleep Mode. After the wake event, a Wake Error (WKERR) is reported and the SMS flag is set to 1.

Note:

PWRON Flag is cleared by either writing a 1 or by going to Sleep mode or Normal mode from Standby mode.

Table 3-11 MCAN Interrupts Field Descriptions (Address h0824)
Bit Field Type Reset Description
31:30 RSVD R 1'b0 Reserved
29 ARA R 1'b0 ARA: Access to Reserved Address
28 PED R 1'b0 PED: Protocol Error in Data Phase (Data Bit Time is used)
27 PEA R 1’b0 PEA: Protocol Error in Arbitration Phase (Nominal Bit Time is used)
26 WDI R 1'b0 WDI: Watchdog Interrupt
25 BO R 1'b0 BO: Bus_Off Status
24 EW R 1'b0 EW: Warning Status
23 EP R 1'b0 EP: Error Passive
22 ELO R 1'b0 ELO: Error Logging Overflow
21 BEU R 1'b0 BEU: Bit Error Uncorrected
20 BEC R 1'b0 BEC: Bit Error Corrected
19 DRX R 1’b0 DRX: Message stored to Dedicated Rx Buffer
18 TOO R 1'b0 TOO: Timeout Occurred
17 MRAF R 1'b0 MRAF: Message RAM Access Failure
16 TSW R 1'b0 TSW: Timestamp Wraparound
15 TEFL R 1'b0 TEFL: Tx Event FIFO Element Lost
14 TEFF R 1'b0 TEFF: Tx Event FIFO Full
13 TEFW R 1'b0 TEFW: Tx Event FIFO Watermark Reached
12 TEFN R 1'b0 TEFN: Tx Event FIFO New Entry
11 TFE R 1’b0 TFE: Tx FIFO Empty
10 TCF R 1'b0 TCF: Transmission Cancellation Finished
9 TC R 1'b0 TC: Transmission Completed
8 HPM R 1'b0 HPM: High Priority Message
7 RF1L R 1'b0 RF1L: Rx FIFO 1 Message Lost
6 RF1F R 1'b0 RF1F: Rx FIFO 1 Full
5 RF1W R 1'b0 RF1W: Rx FIFO 1 Watermark Reached
4 RF1N R 1'b0 RF1N: Rx FIFO 1 New Message
3 RF0L R 1’b0 RF0L: Rx FIFO 0 Message Lost
2 RF0F R 1'b0 RF0F: Rx FIFO 0 Full
1 RF0W R 1'b0 RF0W: Rx FIFO 0 Watermark Reached
0 RF0N R 1'b0 RF0N: Rx FIFO 0 New Message