• State TI Thinks Resolved
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 32 subscribers
  • Views 462 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

SafeTI SIL levels

Phil Eagleton
Intellectual 335 points


Hi All,

I have been browsing the safeTI web pages, and have a question about the SIL level given for each part. (eg on page http://www.ti.com/ww/en/functional_safety/safeti/SafeTI-26262.html )

Is this simply a reference to the development process used to develop that micro, or is it a reccommendation from TI of the appropriate 26262 / 61508 level that the micro should be used for?

 

thanks,

Phil

  • 0
    TI__Expert 4580 points

    Good afternoon:

    That level refers to both the development process and the suitability to be used in a system requiring those specific ASIL levels. Technical documentation is provided to support the certification of the final system.

    Regards,

    Enrique

  • 0 in reply to Enrique Lizarraga
    Intellectual 335 points

    Hi Enrique, thanks for the reply. I am awaiting the data (NDA in progress), but in the mean time, is the ASIL recommendation by TI simply a reflection of the FIT rate of the part?

  • 0 in reply to Phil Eagleton
    TI__Mastermind 23000 points

    Please allow me to make some minor clarifications.

    When referring to a component developed to either the ISO 26262 or IEC 61508 standards, we can make a few claims:

    • The product is developed according to the target standard with respect to requirements of a particular SIL or ASIL.  This is referred to as the systematic capability of a component and used such as "the systematic capability of the MCU is ASIL D".
    • The product is assessed to have hardware diagnostics supporting management of random faults suitable for most systems/typical systems implementing a safety function or safety goals of specific SIL/ASIL.  The user of the product has the responsibility to evaluate and confirm this capability with respect to the particular implementation planned.
    • A further statement can be made combining the above two statements, that a product is "suitable for use in SIL x/ASIL y systems".  

    On the SafeTI website, the inclusion of a product into SafeTI-26262 with ASIL D capability listed is a statement of suitability for use in ASIL D systems.    

    On the SafeTI website, the inclusion of a product into SafeTI-61508 with SIL 3 capability listed is a statement of suitability for use in SIL 3 systems.    

    There are some website updates planned which I hope will make this point more clear.

    Best Regards,

    Karl

  • 0 in reply to KGreb
    Intellectual 335 points

    Hi Karl, I understand the concept well.

    My question was more specific, and about the TMS470M, not ISO26262. I'll re-phrase..

    "Is the TMS470M reccommended for ASIL (QM) because it does not have sufficient diagnostic coverage to meet the hardware reliability target for ASIL A?"

    Thanks,

    Phil

  • 0 in reply to Phil Eagleton
    TI__Mastermind 23000 points

    Hi Phil,

    The TMS470M products were developed before the introduction of the ISO 26262 standard.  As such the development process was not compliant to ISO 26262.  From a compliance standpoint, we cannot say that the systematic faults are managed according to standard and as such the systematic capability of the device can only be "QM".  From an architectural point of view the product has good diagnostic capabilities and many customers have selected this product for their ISO 26262 systems.  There are projects ongoing where customers are using this product to achieve ASIL D safety goals.  However, because of the development process gap TI cannot claim suitability for use in such systems - any usage is fully at the discretion of the customer and we would recommend additional measures to be taken at system level to close the gaps in systematic capability at the component level.

    There is a similar challenge with the TMS570LS20x/10x products.  These products were developed to the IEC 61508 1st edition standard with augmentation by drafts of the 2nd edition standard.  Even those these products are certified suitable for use in IEC 61508 SIL 3 systems by a 3rd party assessor, TI cannot claim systematic capability beyond "QM" for ISO 26262 applications.

    Best Regards,

    Karl