TMS570LS1227: Mapping between safety features and ESM channels

Hello,

See my comments in blue below your questions:

FLA2, Hard error cache and livelock  -> raised ESM.G2.16

>> Correct.

RAM1, Data ECC -> raised ESM.G1.26 and ESM.G1.28 in case of single (correctable) ECC error; raised ESM.G3.3 and ESM.G3.5 in case of double (uncorrectable ) ECC error

>> Correct. A double-bit ECC error on a RAM read will also cause an abort response from the CPU.

RAM2, Hard error cache and livelock -> raised ESM.G2.16

RAM6, Data/ECC storage in multiple physical banks -> raised ESM.G3.3 and ESM.G3.5. For this specific safety mechanism, shouldn't be associated also ESM.G2.6 and ESM.G2.8 ?

>> This feature is an important characteristic of the design implementation. Its main purpose is to reduce the chances of a 2-bit ECC error within the same 64-bit value in RAM. It also inherently provides a mechanism to detect an error in the address decode logic (in the RAM interface module). So, yes, an error in this logic could also flag ESM G2.6 and/or G2.8.

INC1, Error trapping  (including peripheral slave error trapping) -> raised what ?

>> These errors are responses to accesses by the CPU to locations that are either not mapped to any physical memories, or to locations that are unimplemented within a peripheral's register frame. An error response on a CPU access causes the CPU to respond with an abort. This could be an asynchronous abort on a write access or a synchronous abort on a read access. No ESM flags are set in this case.

EFU2, E-fuse ECC -> raised ESM.G1.40.  What about ESM.G1.41?

>> ESM G1.41 is mapped to the eFuse controller self-test error. This is set when you execute the self-test on the eFuse controller ECC logic.

OTP1, OTP ECC -> raised ESM.G3.7 ?

>> A read from the OTP during power-up is done via the Flash's Bus2 interface to the CPU. An uncorrectable error during this read causes ESM G3.7 and a correctable error causes ESM G1.6.

IOM3, Error trapping -> raised ESM.G1.37?

>> Yes, both the error conditions detected within the I/O Multiplexing Module (IOMM) cause ESM G1.37 to be set.

DMA2, Non-privileged bus master access -> raised what ?

>> DMA always operates in a "user" mode, and does not have the privileges to write to control registers designated to be writable only in a privileged mode. If the DMA does an accidental write to one of these registers, that write access is ignored and no other error signal is generated. This protection can also be implemented using the PCR (Peripheral Central Resource controller) interconnect module. PPROTSETx registers can be used to define entire peripheral register frames to be accessible only in privileged mode. In this case, all accesses in user mode by the DMA will cause a bus error and will be reported as ESM G1.13.

DMA4, DMA SRAM Data Parity -> raised ESM.G1.3 ?

>> Yes, a parity error detected in the DMA control packet RAM is flagged as ESM G1.3.

HET6, N2HET/HTU SRAM Data Parity -> raised ESM.G1.7 for N2HET1; raised ESM.G1.34 for N2HET2; raised ESM.G1.8 for HTU1&HTU2

>> Correct.

FRY2, Non-privileged bus master access -> raised ?

>> FlexRay Transfer Unit (FTU) always operates in a "user" mode, and does not have the privileges to write to control registers designated to be writable only in a privileged mode. If the FTU does an accidental write to one of these registers, that write access is ignored and no other error signal is generated.

Thank you very much for the precise and articulated answer.