Safety Manual for MPC5777M, Rev. 1.1
Functional safety requirements for application software
NXP Semiconductors38
Uncorrectable errors include:
• Multi-bit error that is detected via ECC for a system RAM, peripheral RAM or flash memory
• Multi-bit error that is detected via MBIST on any SRAM
• Addressing errors and unused data bit errors detected by ECC logic
Failures in RAM logic (for example, decoding, control, and so on) might lead to MBEs (white noise
model). Faults can have two kinds of effects:
• Always result in a random data pattern when the content of the faulty address is read (for example,
no word lines selection, clocking failure)
• Cause MBEs only on transactions targeting a subset of RAM addresses (for example, multiple
word lines selection)
In both cases above, ECC logic can lead to a wrong correction. It is necessary to implement a software test
to detect permanent MBE sources leading to erroneous ECC corrections, so the overall coverage
(ECC + software test) is the same as that provided by a 64 / 8 EDC scheme (for example
(1 - 1 / 256 × 100.0%) = 99.6%).
Assumption: [SCG18.066]In the first case (on page 38) a software test shall be implemented to detect
permanent MBE sources. It will fetch the error address of corrected errors from the MEMU and assess the
nature of the fault by writing and reading back a few patterns (for example, two's-complemented patterns)
to the faulty location. The software test shall be executed within the FTTI after a new ECC error correction
in RAM is reported. [end]
Assumption: [SM_FMEDA_077]For the second case (on page 38) a software test shall be implemented
to detect permanent MBE sources caused by multiple address selections. It will fetch the error address of
corrected errors from the MEMU and assess the nature of the fault by writing and reading back a (small)
set of patterns to multiple locations depending on the faulty address. [end]
NOTE
This test is described in Section 5, Address decoding coverage.
Assumption: [SCG18.068]These software tests will be executed within the FTTI after a new ECC error
correction in RAM is reported. [end]
Assumption: [SCG18.950] During operation, if the MEMU contains two entries for the same address of
an address which is part of a memory for which ECC syndromes are reported, SW will check whether one
of the two syndromes is FFh. If so, this entry should be deleted. This entry came from another ECC unit
which does not report syndromes. As long as the entry with the correct syndrome is stored in the MEMU,
entries for the same address without syndrome will not be stored. [end]
3.3.9 ECC Bypass using core registers and Indirect Memory Access (IMA)
During test, or development, the need for direct access to all RAM bits that is not filtered through the ECC
logic may arise. Memory locations can be accessed directly either via processor core access or the IMA
module (see the MPC5777M Reference Manual’s “Indirect Memory Access (IMA)” chapter).
To Next Page
Loading...
Need help?
General
