• State Resolved
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 472 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Original question:

TMS570LC4357: Safety Measure "Information Redundancy" called for CPU Interconnect Subsystem (SCR)

TMS570LC4357: Safety Measure "Information Redundancy" called for CPU Interconnect Subsystem (SCR) (see thread 879796 too)

Stephan HERMANNS
Intellectual 590 points
Part Number: TMS570LC4357


Good morning, QJ,

Allthough the thread 879796 has already been locked, my question isn't still answered.
Maybe you'll find the opportunity to reply.

Here's the question of thread 879796 again:
(Q1) How is the means "Information redundancy" (MEM3) motivated to be used on Safe Island functions, i.e.
under which circumstances the above means should be used?

Thank you in advance, QJ - Enjoy the day!

Stephan

  • 0
    TI__Guru**** 197446 points

    Hello Stephan,

    It is an additional runtime diagnostic on the CPU interconnect. CPU contains ECC generation and evaluation logic. DMA/HTU etc don't have built-in ECC generation and detection logic. The data from slave can be check by CPU interconnect ECC block, but this ECC block is not able to cover the datapath between the CPU interconnect and DMA/HTU. Information redundancy (read twice, or redundant channel) provides another way to check the integrity of the data. 

    Another examples of information redundancy is to use checksum as a way of adding desired redundancy for external memory (SDRAM, SRAM, etc). 

  • 0 in reply to QJ Wang
    Intellectual 590 points

    Hello, QJ,

    so would you say, that TI recommends using "Information Redundancy" for DMA transfers?

    Well i know the answer depends on our particular project safety goals and the overal set of measures taken.
    But if i've the measures called in the SM in mind well Information Redundancy is the one and only measure
    that is able to detect transient errors during transfers along the whole datapath e.g. from an IP memory to L2 SRAM.

    Enjoy the day!

    Stephan

  • 0 in reply to Stephan HERMANNS
    TI__Guru**** 197446 points

    You are right it depends on the safety goal. 

  • 0 in reply to QJ Wang
    Intellectual 590 points

    Dear QJ,

    Please let me emphasize again the thought of my last post:
    You mentioned Information Redundancy as a measure to detect transient errors in DMA transfers to/from SCR slaves,
    particularly on the path between DMA and SCR. The remaining path between the SCR and an attached slave is ECC protected.

    (Q1) Is carrying out a DMA transfer twice the one and only measure that is generally able to reduce the propability of
    undetected transient errors during transfers along the whole datapath e.g. from an IP memory to L2 SRAM?
    For example the measure of adding checksums won't help if the data isn't known, e.g. when DMA is used to transfer data sampled by an ADC.

    I'm looking forward to hearing your point of view.

    Take care!

    Stephan

  • 0 in reply to Stephan HERMANNS
    TI__Guru**** 197446 points

    Hello Stephan,

    You can transfer the data twice using 2 DMA channels, then compare the data at different locations of SRAM. Or you can calculate the CRC, and compare the CRC if a large number of data is transferred.