SPRT759 October   2023 TMS320F280021 , TMS320F280021-Q1 , TMS320F280023 , TMS320F280023-Q1 , TMS320F280023C , TMS320F280025 , TMS320F280025-Q1 , TMS320F280025C , TMS320F280025C-Q1 , TMS320F280033 , TMS320F280034 , TMS320F280034-Q1 , TMS320F280036-Q1 , TMS320F280036C-Q1 , TMS320F280037 , TMS320F280037-Q1 , TMS320F280037C , TMS320F280037C-Q1 , TMS320F280038-Q1 , TMS320F280038C-Q1 , TMS320F280039 , TMS320F280039-Q1 , TMS320F280039C , TMS320F280039C-Q1 , TMS320F280040-Q1 , TMS320F280040C-Q1 , TMS320F280041 , TMS320F280041-Q1 , TMS320F280041C , TMS320F280041C-Q1 , TMS320F280045 , TMS320F280048-Q1 , TMS320F280048C-Q1 , TMS320F280049 , TMS320F280049-Q1 , TMS320F280049C , TMS320F280049C-Q1 , TMS320F28075 , TMS320F28075-Q1 , TMS320F28076 , TMS320F28374D , TMS320F28374S , TMS320F28375D , TMS320F28375S , TMS320F28375S-Q1 , TMS320F28376D , TMS320F28376S , TMS320F28377D , TMS320F28377D-EP , TMS320F28377D-Q1 , TMS320F28377S , TMS320F28377S-Q1 , TMS320F28378D , TMS320F28378S , TMS320F28379D , TMS320F28379D-Q1 , TMS320F28379S , TMS320F28384D , TMS320F28384D-Q1 , TMS320F28384S , TMS320F28384S-Q1 , TMS320F28386D , TMS320F28386D-Q1 , TMS320F28386S , TMS320F28386S-Q1 , TMS320F28388D , TMS320F28388S , TMS320F28P650DH , TMS320F28P650DK , TMS320F28P650SH , TMS320F28P650SK , TMS320F28P659DH-Q1 , TMS320F28P659DK-Q1 , TMS320F28P659SH-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Introduction
  5. 2Overview of IEC 60730 and UL 1998 Classifications
    1. 2.1 C2000 Capability by Device Family
  6. 3C2000 Safety Collateral
    1. 3.1 Getting Started
    2. 3.2 Functional Safety Manuals
    3. 3.3 Software Collateral
  7. 4Implementing Acceptable Measures on C2000 Real-Time MCUs
    1. 4.1 Implementation Steps
    2. 4.2 Example Mapping
    3. 4.3 Additional Best Practices
  8. 5Mapping Acceptable Control Measures to C2000 Unique Identifiers
    1. 5.1 Unique Identifier Reference
    2. 5.2 CPU Related Faults
    3. 5.3 Interrupt Related Faults
    4. 5.4 Clock Related Faults
    5. 5.5 Memory Related Faults
    6. 5.6 Internal Data Path Faults
    7. 5.7 Input/Output Related Faults
    8. 5.8 Communication, Monitoring Devices, and Custom Chip Faults
  9. 6Glossary
  10. 7References

1 Introduction

Motor drives, white goods, appliances, and other equipment may become unsafe to operate if one of their components fail. These equipments are subject to the testing and qualification requirements of the International Electrotechnical Commission (IEC). Specifically, the IEC 60730-1 standard covers automatic electrical controls for household and similar use.

Although compliance to IEC 60730 is attained at a system level, understanding the correct criteria for choosing a microcontroller is important to achieve compliance. The use of electronic components such as microcontrollers (MCU) is addressed by Table H.1 in Annex H of IEC 60730 "Requirements for electronic controls". Annex H specifies acceptable diagnostic techniques and measures applicable to an MCU in order to support the safe function of equipment.

While IEC 60730 is primarily used in Europe, similar practices are followed in the United States leveraging UL 1998 “Safety Software in Programmable Components.” Table A2.1 in Appendix A, provides examples of acceptable measures for microelectonic hardware failure modes that are consistent with the requirements of IEC 60730 Table H.1. These requirements are derived from the IEC 61508 standard, “Functional safety of electrical/electronic/programmable electronic (E/E/PE) systems.”