www.ti.com
Product Architecture for Management of Random Faults
4.3.2 Type B: C28x CPU + CLA With Control and Analog Subsystem – Piccolo3x Family
Figure 4. C2000 MCU Piccolo F2803x With Safety Features in Software
Piccolo3x: TMS320F2803x MCU is functionally identical to TMS320F2806x except for the FPU, VCU and
USB modules. It has a dedicated 32-bit C28x main CPU. CPU performance is further supported by an
event optimized, CLA that is capable of 32-bit C28x CPU functions with floating point precision. Having
both a main C28x CPU and CLA on-chip enables running many time critical functions, algorithms, and
timing checks in parallel. This enables a virtual dual channel implementation by creatively partitioning
CPUs and peripherals. Having two independent processors provides inherent safety for the system and
protects against common cause failures.
The main CPU has a built-in 40-bit CRC checker, the PSA that can be used to do on-the-fly CRC
calculations for any of the program code or memory blocks. This is a differentiating hardware working in
parallel to the main CPU to estimate the CRC on the memory contents and CPU instructions. The
IEC60730 software libraries have functions using the PSA hardware and details of its use conditions.
While most MCUs can calculate CRC in software using CRC algorithms, the PSA hardware is a feature
that prioritizes instruction and memory level integrity checks and enhances the safety coverage for the
CPU and memory regions. In addition, the Piccolo6x architecture is capable of doing advanced CRC and
math accelerations using its VCU unit. This offers a third method to do memory CRC calculations and
algorithms. These features help to comply with the safety requirements easily.
Piccolo3x memory has non-volatile Flash, OTP Flash, read-only memory (BROM) and RAM blocks. PSA-
based CRC or memory-based CRC and March 13 algorithms are made available to check memory
integrity in periodic and power up software routines.
The system integrator is responsible for the functional partition of these processing engines, depending on
the end application, as each application has different safety reactions and recovery times. The IEC60730
libraries enable easy implementation of safety software using the hardware and software functions.
Control Subsystem: Piccolo3x devices have proven control peripherals such as PWMs, ECAP, and
EQEP modules as part of the MCUs control subsystem. These hardware peripherals are instantiated in
multiple instances on the same chip. This enables redundant channel implementation, thus enabling a
higher level of safety in the end equipment. Having redundant channels enables 1oo2 (1 out of 2
architecture) level voting scheme on critical control channels.
15
SPRUHI3A–April 2013–Revised August 2013 Safety Manual for C2000™ MCUs in IEC60730 Safety Applications
Submit Documentation Feedback
Copyright © 2013, Texas Instruments Incorporated
To Next Page
Loading...
Need help?
General
