AM2632: AM263x Sitara™︎ Microcontrollers

Alessandro Di Biasio

Part Number: AM2632

Tool/software:

Hi,

this is what I need to understand, AM263x will host a non-safety critical SW (e.g.: Ethernet/IPTm SW stack) and a safety critical SW (e.g.: CIP Safety Ethernet IP SW stack). Is it possible to reach the SIl3 with the use of AM263x (by default there are R5Fs for Lockstep operation inside) or is it necessary to use a safety critical Operating System too which provides separation and isolation mechanisms of individual software tasks?

This feature could assist I to host in a single Microprocessor software of different SILs

Best regards

Alessandro

over 1 year ago

0 Nilabh Anand over 1 year ago

TI__Mastermind 45184 points

Hi Alessandro,

Let me check this query internally and get back to you by Wednesday.

0 Alessandro Di Biasio over 1 year ago in reply to Nilabh Anand

Prodigy 40 points

Hi Nilabh, do you have news?

Thanks

0 Nilabh Anand over 1 year ago in reply to Alessandro Di Biasio

TI__Mastermind 45184 points

Hi Alessandro you can reach SIL-2 with just AM263x. When we talk about SIL-3 this is possible at syetm level, which will need SafeRTOS.

0 Alessandro Di Biasio over 1 year ago in reply to Nilabh Anand

Prodigy 40 points

Hi Nilabh,

Ok so when I read on the AM263x datasheet that the hardware is SIL 3 certified is it true or not? What is SIL 3 certified? I understand that only the SW Diagnostic Lib (ref IEC 61508-3:2010) is SIL 3 certified.
So although the HW is SIL 3 (I'm waiting for confirmation), to have SIL 3 at system level I need a SafeRTOS, right?

Other questions:
AM243x is HW SIL 2 certified (tell me if is true). Can I add SafeRTOS to have SIL 3 at system level?
However, the Hercules TMS570LS/TMS570LC family are HW SIL 3 certified, right? Don't need SafeRTOS?
If I want to avoid using SafeRTOSOS, can I achieve SIL 3 with 2 redundant microprocessors (AM263x and AM243x or AM263x and TMS570LS/LC)?
Thank you

0 Nilabh Anand over 1 year ago in reply to Alessandro Di Biasio

TI__Mastermind 45184 points

Alessandro Di Biasio said:
So although the HW is SIL 3 (I'm waiting for confirmation), to have SIL 3 at system level I need a SafeRTOS, right?

Hi Alessandro,

Apologies for the confusion.

One correction to my answer, its not mandatory to use safertos, but just having MCU SIL-3 certified would not make your system SIL-3 safety rated. You need refer to the safety manual document from TI and design the system accordingly.

Alessandro Di Biasio said:
AM243x is HW SIL 2 certified (tell me if is true).

Yes this is true.

Alessandro Di Biasio said:
Can I add SafeRTOS to have SIL 3 at system level?

Correcting my previous statement its not mandatory to use safertos, You need refer to the safety manual document from TI and design the system accordingly.

Alessandro Di Biasio said:
However, the Hercules TMS570LS/TMS570LC family are HW SIL 3 certified, right? Don't need SafeRTOS?
If I want to avoid using SafeRTOSOS, can I achieve SIL 3 with 2 redundant microprocessors (AM263x and AM243x or AM263x and TMS570LS/LC)?

Yes you can use redundant microprocessor with AM243x for SIL 3 design and follow the safety manual too.

Let me know if you need any more info.

0 Alessandro Di Biasio over 1 year ago in reply to Nilabh Anand

Prodigy 40 points

Hi Nilabh,

Ok I understood the need to use SafeRTOS to have SIL 3 at system level on the Sitara family (AM263x and AM243x).

Could you explain to me why you indicate the AM243x as preferred for a SIL 3 design with redundant microprocessors? If I understood good the AM243x has more Certificates.

Could the TMS570LC be sufficient to ensure a SIL 3 design without SafeRTOS or is SafeRTOS needed?

Thanks

0 Nilabh Anand over 1 year ago in reply to Alessandro Di Biasio

TI__Mastermind 45184 points

Alessandro Di Biasio said:
Could the TMS570LC be sufficient to ensure a SIL 3 design without SafeRTOS or is SafeRTOS needed?

No Safe RTOS is not needed.

Alessandro Di Biasio said:
Could you explain to me why you indicate the AM243x as preferred for a SIL 3 design with redundant microprocessors? If I understood good the AM243x has more Certificates.

Please refer to this: https://www.ti.com/lit/fs/spry329/spry329.pdf it has details on safety with am243x kind of design with two r5f.

Please let me know if you have more questions,

Arm-based microcontrollers

Arm-based microcontrollers forum

AM2632: AM263x Sitara™︎ Microcontrollers