Functional safety requirements for application software
Safety Manual for MPC5777M, Rev. 1.1
NXP Semiconductors 37
[SCG18.140]Within the FTTI, application software shall read in each RAM block two addresses that are
known to cause an uncorrectable error in case the memory globally shows an All-0 or an All-1 state. [end]
NOTE
Real application continuously reads several RAM locations (both normal
and All-X addresses) in different RAM blocks. Some of these transactions
are directed to addresses which trigger uncorrectable error in case of All-X
events.
As result in most of cases the assumption above is satisfied by the
application accessing RAM during the normal code execution without any
additional overhead in terms of both coding and timing.
The program in Section 6, Testing All-X in RAM, calculates the list of addresses, which trigger
uncorrectable errors if an All-0 (or an All-1) failure occurs, by a linear search from a start address. These
locations shall be used to verify the presence of a global All-0 (or All-1) error.
The user can verify that the application software reads, once per FTTI, at least one location to detect a
global All-0 errors and one location to detect for All-1. In that case additional readings of previous
assumption are not necessary.
Assumption: [FMEDA_SM_169] SW shall ensure that data in Standby RAM is additionally protected
(for example, with an application-level checksum) against effects occurring during standby, especially the
aggregation of several Single Bit Upsets (SBUs) and the possibility of power failures. [end]
3.3.8.2 Repair logic
Memory repair faults can cause a partial shift of the word. This failure mode can affect one word or an
entire column depending on the type of failure in the repaired column (single bit in array or column
periphery). If a read operation is performed first, this will result in a MBE (white noise model). In the event
a write operation to a specific address was executed first after this error resulted, any subsequent read of
that same address will be either correct or result in a SBE.
Assumption: [SCG18.350]To guarantee coverage for MBEs it is assumed at least four reads on different
addresses per RAM block and FTTI will occur. This provides sufficient Diagnostic Coverage for column
repair with ECC. [end]
3.3.8.3 Error reporting
The MEMU collects and reports error events associated with ECC logic used on system RAM, peripheral
RAM and flash memory. The MEMU stores the addresses where ECC errors occurred. The MEMU also
reports whether the error is correctable vs. uncorrectable. Uncorrectable errors will cause a report to the
FCCU.
Correctable errors include:
• Single-bit error in the data part that is detected via ECC for a system RAM, peripheral RAM or
flash memory
• Single-bit error in the data part that is detected via MBIST on any RAM
To Next Page
Loading...
Need help?
General
