• State Resolved
  • Locked Locked
  • Replies 2 replies
  • Subscribers 30 subscribers
  • Views 626 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TMS570LS1227: Mapping between safety features and ESM channels

Fermat
Intellectual 270 points

Part Number: TMS570LS1227

Hello
I'm trying to map some safety feature (taken from the Safety Manual) with the associated ESM channel (when applicable). This would help me with my testing phase and my FMEDA analysis, based on the Texas Instrument excel Spreadsheet.
Looking at the Texas Instrument Documentation about the Safety Diagnostic Library and the Datasheet, and browsing the TMS570 forum, I was able to make some associations but I'm not completely sure about the outcome. Unfortunately I couldn't find anything crystal clear in the documents.
The following section reports my guess, where each line is as follow "Unique identifier", "Safety feature" -> "ESM channel".
Please confirm my assumptions:

FLA2, Hard error cache and livelock  -> raised ESM.G2.16

RAM1, Data ECC -> raised ESM.G1.26 and ESM.G1.28 in case of single (correctable) ECC error; raised ESM.G3.3 e ESM.G3.5 in case of double (uncorrectable ) ECC error

RAM2, Hard error cache and livelock -> raised ESM.G2.16

RAM6, Data/ECC storage in multiple physical banks -> raised ESM.G3.3 and ESM.G3.5. For this specific safety mechanism, shouldn't be associated also ESM.G2.6 and ESM.G2.8 ?

INC1, Error trapping  (including peripheral slave error trapping) -> raised what ?

EFU2, E-fuse ECC -> raised ESM.G1.40.  What about ESM.G1.41?

OTP1, OTP ECC -> raised ESM.G3.7 ?

IOM3, Error trapping -> raised ESM.G1.37?

DMA2, Non-privileged bus master access -> raised what ?

DMA4, DMA SRAM Data Parity -> raised ESM.G1.3 ?

HET6, N2HET/HTU SRAM Data Parity -> raised ESM.G1.7 for N2HET1; raised ESM.G1.34 for N2HET2; raised ESM.G1.8 for HTU1&HTU2

FRY2, Non-privileged bus master access -> raised ?

Thanks for your support,

  • 0
    TI__Mastermind 49120 points

    Hello,

    See my comments in blue below your questions:

    FLA2, Hard error cache and livelock  -> raised ESM.G2.16

    >> Correct.

    RAM1, Data ECC -> raised ESM.G1.26 and ESM.G1.28 in case of single (correctable) ECC error; raised ESM.G3.3 and ESM.G3.5 in case of double (uncorrectable ) ECC error

    >> Correct. A double-bit ECC error on a RAM read will also cause an abort response from the CPU.

    RAM2, Hard error cache and livelock -> raised ESM.G2.16

    RAM6, Data/ECC storage in multiple physical banks -> raised ESM.G3.3 and ESM.G3.5. For this specific safety mechanism, shouldn't be associated also ESM.G2.6 and ESM.G2.8 ?

    >> This feature is an important characteristic of the design implementation. Its main purpose is to reduce the chances of a 2-bit ECC error within the same 64-bit value in RAM. It also inherently provides a mechanism to detect an error in the address decode logic (in the RAM interface module). So, yes, an error in this logic could also flag ESM G2.6 and/or G2.8.

    INC1, Error trapping  (including peripheral slave error trapping) -> raised what ?

    >> These errors are responses to accesses by the CPU to locations that are either not mapped to any physical memories, or to locations that are unimplemented within a peripheral's register frame. An error response on a CPU access causes the CPU to respond with an abort. This could be an asynchronous abort on a write access or a synchronous abort on a read access. No ESM flags are set in this case.

    EFU2, E-fuse ECC -> raised ESM.G1.40.  What about ESM.G1.41?

    >> ESM G1.41 is mapped to the eFuse controller self-test error. This is set when you execute the self-test on the eFuse controller ECC logic.

    OTP1, OTP ECC -> raised ESM.G3.7 ?

    >> A read from the OTP during power-up is done via the Flash's Bus2 interface to the CPU. An uncorrectable error during this read causes ESM G3.7 and a correctable error causes ESM G1.6.

    IOM3, Error trapping -> raised ESM.G1.37?

    >> Yes, both the error conditions detected within the I/O Multiplexing Module (IOMM) cause ESM G1.37 to be set.

    DMA2, Non-privileged bus master access -> raised what ?

    >> DMA always operates in a "user" mode, and does not have the privileges to write to control registers designated to be writable only in a privileged mode. If the DMA does an accidental write to one of these registers, that write access is ignored and no other error signal is generated. This protection can also be implemented using the PCR (Peripheral Central Resource controller) interconnect module. PPROTSETx registers can be used to define entire peripheral register frames to be accessible only in privileged mode. In this case, all accesses in user mode by the DMA will cause a bus error and will be reported as ESM G1.13.

    DMA4, DMA SRAM Data Parity -> raised ESM.G1.3 ?

    >> Yes, a parity error detected in the DMA control packet RAM is flagged as ESM G1.3.

    HET6, N2HET/HTU SRAM Data Parity -> raised ESM.G1.7 for N2HET1; raised ESM.G1.34 for N2HET2; raised ESM.G1.8 for HTU1&HTU2

    >> Correct.

    FRY2, Non-privileged bus master access -> raised ?

    >> FlexRay Transfer Unit (FTU) always operates in a "user" mode, and does not have the privileges to write to control registers designated to be writable only in a privileged mode. If the FTU does an accidental write to one of these registers, that write access is ignored and no other error signal is generated.

  • 0 in reply to Sunil Oak
    Intellectual 270 points

    Thank you very much for the precise and articulated answer.