• State Resolved
  • Locked Locked
  • Replies 1 reply
  • Subscribers 28 subscribers
  • Views 346 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TMS570LS0914: interfacing the embedded ADC in safety critical applications

HasMan
Prodigy 80 points
Part Number: TMS570LS0914
Other Parts Discussed in Thread: TIDA-00548

We are developing a system according to IEC 61508 SIL 3. We are using a single TMS570LS0914 with a TPS65381a. Is there any recommendations on how to interface an safety related analog signal (range 0 to 10V) to a Hercules mcu?

The following schematic is from TIDA-00548. The problem with this design is that if R18 failed short, the input voltage will be directly connected to the mcu pin and will probably damage the mcu.

How is this interface considered acceptable? Is it because the shorted resistor failure probability is too small to be considered or is it because reading V_iso in TIDA-00548 isn't safety related? Or is it because an overvoltage on one of the mcu pins and damaging the mcu will cause the TPS65381a to kick and guarantee a fail safe state?

  • 0
    TI__Mastermind 49120 points

    You are right - for critical safety inputs, the voltage divider needs to be designed such that failure of a single component does not cause uncontrolled damage to the main controller. In most cases, the R21 resistor in the diagram you pasted would be implemented as at least two resistors in parallel. Also the R18 would be implemented as at least two resistors in series.