Safety Manual for MPC5777M, Rev. 1.1
General information
NXP Semiconductors4
• Assumption: [SCG18.170]the MPC5777M is used in automotive applications for use cases
requiring a fail-silent or a fail-indicate MCU. [end]
• the environmental conditions given in the MPC5777M Data Sheet are maintained.
As for all devices, device errata must be taken into account during system design and implementation. For
a safety-related device such as the MPC5777M, this also concerns safety-related activities such as system
safety concept development. The FMEDA and Safety Concept are valid if the listed assumptions in the
text are covered.
Assumption: [SM_FMEDA_131] All relevant hardware safety mechanisms are enabled and configured
correctly when using any of the information in this document. [end]
General failure rate, or even an FMEDA (Failure Modes, Effects & Diagnostic Analysis) report, is
available upon request when covered by a NXP Semiconductors NDA (contact your NXP Semiconductors
representative).
2 General information
2.1 Mission profile
Lifetime for a MPC5777M is 20 years which is equivalent to 20000 hours of active operation for the MCU.
The assumed mission profile is:
• Lifetime: 20 years
• Total operating hours: 20000 hours
• Assumption: [SCG18.002] Trip time (driving cycle): 12 hours [end]
— This is the maximum time of operation of the MPC5777M without a start-up reset.
• Assumption: [SCG18.003] Fault-Tolerant Time Interval (FTTI, also known as Process Safety
Time, PST) = 10 ms[end]
— FTTI is the time the controlled system will not transition to a hazardous state, despite the
MPC5777M failing.
NOTE
This is a conservative estimate since the actual number depends on MCU
application (See Section 2.6, Failure indication time, for exact calculation
instructions).
The MPC5777M was designed to work within a maximum operational temperature profile (see the
Qorivva MPC5777M Microcontroller Data Sheet).
Assumption: [SM_FMEDA_001] The device is to be handled according to JEDEC standards J-STD-020
and J-STD-033. [end]
2.2 Functional safety – ISO 26262 compliance
Assumption: [SCG18.201]The MPC5777M MCU was developed in accordance with ISO 26262 as a
Safety Element out of Context (SEooC). [end]
To Next Page
Loading...
Need help?
General
