• State TI Thinks Resolved
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 31 subscribers
  • Views 189 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AM263P4: AM263P4 Tool Confidence Level (TCL) for SysConfig in Safety-Certified Applications

Jiri Dobry
Prodigy 90 points
Part Number: AM263P4
Other Parts Discussed in Thread: SYSCONFIG

Tool/software:

Dear Texas Instruments Support,

We are leveraging the fact that the Sitara microcontroller we selected is certified to IEC 61508 and ISO 26262, and that a Safety Compiler Qualification Kit is available.

However, we could not find any information regarding SysConfig, the code generation tool. Since SysConfig generates source code, it likely falls under Tool Confidence Level (TCL) T3, meaning it could introduce errors into the safety-related software. To avoid potential certification issues, would it be advisable to avoid using SysConfig in a safety-critical system?

Additionally, does Texas Instruments provide any qualification documentation, safety manual references, or guidance on the use of SysConfig in functional safety applications?

Thank you for your support.

Best regards,
Jiri 

  • 0
    TI__Mastermind 44314 points

    Hi Jiri,

    You can generate the code from syscfg once and then exclude syscfg from the build.

  • 0 in reply to Nilabh Anand
    Prodigy 90 points

    Hi Nilabh,

    Thank you for your response.

    Just to confirm - since SysConfig is not qualified for functional safety, we need to treat all the generated code as if it were manually written by a team member. This means applying all our standard verification and validation processes to ensure its correctness. In other words, we cannot automatically trust SysConfig generated code in a safety-critical system without additional scrutiny.

    Would you agree with this assessment?

    Best regards,
    Jiri

  • 0 in reply to Jiri Dobry
    TI__Mastermind 44314 points

    Yes that is correct Jiri,

    Jiri Dobry said:
    Just to confirm - since SysConfig is not qualified for functional safety, we need to treat all the generated code as if it were manually written by a team member. This means applying all our standard verification and validation processes to ensure its correctness. In other words, we cannot automatically trust SysConfig generated code in a safety-critical system without additional scrutiny.

    The syscfg is just generating code which is programmed in the template files, so your consideration is correct. The generated code needs to be scrutinized.