• State Resolved
  • Locked Locked
  • Replies 3 replies
  • Subscribers 85 subscribers
  • Views 878 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TMS320F280049: CLA to implement SDL

Wayne Huang
Genius 16675 points
Part Number: TMS320F280049
Other Parts Discussed in Thread: C2000WARE

Dear Champs,

I am asking this for our customer.

We just released the SDL in

C:\TI\c2000\C2000Ware_3_01_00_00\libraries\diagnostic\f28004x

For easier memory partition and protection, the user is thinking to use CLA for safety diagnostic and CPU for safety function (mission) itself.

Would you please help us clarify?

Questions:

1. Can CLA be used to implement the SDL we showed in the library (C:\TI\c2000\C2000Ware_3_01_00_00\libraries\diagnostic\f28004x)?

2. Can CLA be used for other safety diagnostic mechanisms showed in the safety manual but outside our SDL? Is there any limitation or consideration?

3. Any other suggestion for the user if they want to use CLA for this purpose because of easier memory partition and protection?

Wayne Huang

  • 0
    TI__Expert 7985 points

    Hi Wayne,

    As you may already know, the SDL release that you are pointing to contains examples of several safety mechanisms contained in the F28004x safety manual with the exception the two: CPU3 (Software Test of CPU) and CLA2 (Software Test of CLA).  These two safety mechanisms are supported by two Self Test Libraries (STLs), namely C28x_STL and CLA_STL respectively . There are alpha releases available for both these STLs and they may be installed into the latest C2000Ware release that you mentioned in your post.

    Note: The CLA_STL and the C28x_STL are not in the C2000ware release by default. Also note that both these STLs are under development and have not been certified by TUV. The Alpha releases can be used for early integration and proof of concept purposes.

    Now, the CLA_STL supports a Diagnostic Coverage (DC) > 90% ( will meet SPFM for ASIL B) and could be used in the "mission" function.

    The C28x_STL supports a DC > 60% (will meet LFM for ASIL B) and could be used in the "test for diagnostic" function.

    Given these features, there are several topology options that can be deployed to support a safety application.

    For example,

    • CLA (performs the "mission" function)
    • C28x (performs the mission function as well – "Diagnostic")
    • Reciprocal comparison between CLA and C28x
      • Note in this case the DC on the CLA_STL is not relevant
      • The application achieves better than ASIL B with reciprocal comparison itself
    • C28x_STL can be deployed as a "test for diagnostic"

    I have included other SMEs in my team, who may recommend other topologies and you can think of others as well. Thanks for reaching out and let us keep this dialog going until the implementation options are fully clear.

    Cheers!

    Krishna

     

  • 0
    TI__Expert 6965 points

    Hi Wayne,

    Customer can try to use CLA to implement some SDL function / safety mechanisms, However, only a subset of safety mechanism can be implemented on CLA because of the limited access to peripheral memory. Please refer to product datasheet "memory map" chapter for more detail on access to memory of CLA. Thanks.

    Han

  • 0 in reply to Han Zhang6
    TI__Expert 7985 points

    Hi Wayne, 

    I think we are closed on this?  I will close this post, please re-open if needed.  Cheers! Krishna