• State
  • Locked Locked
  • Replies 1 reply
  • Subscribers 30 subscribers
  • Views 624 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

RM46L852: Hercules Based Safety Design

Christian Gabor
Prodigy 70 points
Part Number: RM46L852
Other Parts Discussed in Thread: HALCOGEN

My company sells medium sized industrial tools that require a high level of safety control. I would like to design a safety system that we can use on our systems. Currently we use major brand programmable logic controllers to comply with 13849-1.

Because this is a new arena for my company, I would really like a basic example of something like an ESTOP circuit and how to implement and achieve a certified safe result. I chose E-stop because it is something that manufactures often have an app note on.

I would like to know if certification is generally done against 13849-1 or some higher standard like 61508.

Do you have an example SYSTEMA or similar report. Do you have a 3rd party report (we have seen allusions to some on the web)?

In order to achieve a safe design can you use any of the tools (C for example or are you restricted to Halcogen {ladder logic?}). I need to know the constraints of the safeTI design solution.

I assume 3.3V logic will be buffered and translated to 24V to run through ESTOP circuits.

What is the highest SIL/PL level achievable by a single chip. What is the limitation?

  • 0
    TI__Guru 59540 points

    Hello Christian,

    I appreciate your interest in the Hercules Family of MCUs. In regard to your specific questions regarding ISO/EN 13849-1, this is a system level safety standard that applies at the application/system level. ISO/EN 13849-1 does not specifically address component level functional safety. For component level assessment we use the higher level standards such as IEC61508 for general use and ISO26262 for automotive use.

    In regard to specific examples, we have worked with an external assessor to evaluate a single MCU concept in the implement of a safe temperature control and safe torque off implementation and the assessors report on this concept is available for review here:

    Note that this link requires access to our SafeTI Private E2E since the material covered is considered NDA related material. To gain access to the SafeTI Private forum go to to request access and complete the SafeTI NDA (required for access). Once the NDA is completed and returned as instructed, we will send a formal invitation to join the private forum. Once you review this document, we can have further discussion relative to this implementation and its level of capability on the Private forum.

    Christian Gabor said:
    Do you have an example SYSTEMA or similar report. Do you have a 3rd party report (we have seen allusions to some on the web)?

    SYSTEMA, from my understanding, is more applicable to system level assessment/evaluation as it takes individual safety capability of the individual components to determine the overall system capability. For the Hercules devices, we have completed the assessment process with a third party assessor (TUEV SUED) and received certificates of compliance to ISO26262 and IEC61508.

    Christian Gabor said:
    In order to achieve a safe design can you use any of the tools (C for example or are you restricted to Halcogen {ladder logic?}). I need to know the constraints of the safeTI design solution

    SW that is programmed into the Hercules device is developed in either C or assembler and processed through appropriate compiler/assembler tools to object code.

    Hercules is a Safety MCU. Implementation of the SW used to control it is usually done through typical embedded systems methodologies using IDEs and compiler/assemblers specifically designated for the devices/cores. There are several of these that can be used with Hercules including Code Composer Studios from TI and IAR Embedded Development tools. There are specific requirements associated with safety SW development that you would need to comply with. These requirements are specified in the applicable standards and usually cover such items as software test, metrics, coding standards, compiler certification/qualification, etc. As part of our wholistic approach to Functional Safety, TI offers a Compiler Qualification Kit (CQK) and Certification Support Packages (CSPs) for software that is available for use with Hercules (Halcogen and/or SafeTI Diagnostic Library). These kits usually come with added cost since they are tools that add value by streamlining your development process.

    Christian Gabor said:
    In order to achieve a safe design can you use any of the tools (C for example or are you restricted to Halcogen {ladder logic?}). I need to know the constraints of the safeTI design solution.

    HalCoGen is a proprietary tool used for generation of the HW driver level software for the devices in the Hercules family. It is a GUI based tool that is used to graphically configure the modules to be used. Once all modules are configured as required, HalCoGen will generate the drivers per your inputs. the code generated is in C and assembler and can then be imported into a project within your chosen IDE (CCS or IAR.)

    Christian Gabor said:
    I assume 3.3V logic will be buffered and translated to 24V to run through ESTOP circuits.

    The MCU is a 3,3V based device. It is up to you as the system integrator to design your circuit and PCB such that appropriate voltages are applied to the MCU and to external devices/interfaces as needed.