• State TI Thinks Resolved
  • Locked Locked
  • Replies 3 replies
  • Answers 2 answers
  • Subscribers 29 subscribers
  • Views 361 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

RM48L940: Protection against DMA corrupting other memory & info regarding IEC61508

Robert Eschbach
Expert 6665 points
Part Number: RM48L940

From my customer:

We can’t ascertain from the technical and safety manuals whether there is any protection against DMA corrupting other parts of memory due to a hardware failure. For instance, if Ethernet MAC is writing to memory via DMA, how can we ensure that it will not corrupt other regions of memory due to a random hardware fault. If this were to happen it doesn’t seem the compare logic can catch this because both cores will fetch the same corrupted memory data/instruction.

 

We intend to use the TI provided F021 Flash API library for the RM48 in an IEC 61508 SIL3 application. The user guide says it was developed according to ISO 26262. Do you have any information regarding IEC 61508 for the API?

  • 0
    TI__Mastermind 49120 points
    Hi Rob,

    See my comments below:

    We can’t ascertain from the technical and safety manuals whether there is any protection against DMA corrupting other parts of memory due to a hardware failure. For instance, if Ethernet MAC is writing to memory via DMA, how can we ensure that it will not corrupt other regions of memory due to a random hardware fault. If this were to happen it doesn’t seem the compare logic can catch this because both cores will fetch the same corrupted memory data/instruction.

    >> The application can partition the memory using dedicated Memory Protection Units. The DMA controller has its own MPU which is required to be configured to block writes to CPU RAM regions that the application wants to protect.

    We intend to use the TI provided F021 Flash API library for the RM48 in an IEC 61508 SIL3 application. The user guide says it was developed according to ISO 26262. Do you have any information regarding IEC 61508 for the API?

    >> What specific information are they looking for?

    Regards,
    Sunil
  • 0 in reply to Sunil Oak
    Prodigy 195 points

    Thanks for the reply. Regarding the F021 and IEC 61508, I'm looking for some information I can point to show an IEC 61508 assessor that the API is safe to use for IEC 61508 application. Without that the burden will be us to demonstrate that the API was developed according to IEC 61508. Since we don't have the source code and also wouldn't want to take on that work if TI has done so already. 

    Having the information in TI documentation that states so or even better having it in as part of the RM48 artifacts used in TUV IEC 61508 approval will be helpful.

    Thanks

  • 0 in reply to user193949
    TI__Mastermind 49120 points
    Hello,

    We have not had the case in the past where the information we provide for conformance to the ISO 26262 software development process is not sufficient to satisfy IEC 61508 software development process standard requirements.

    Regards,
    Sunil