We are developing one SIL-3 device by using dual C2000 CPU (TMS320F2837x).
Each CPU has its own RAM and clock. The code is also stored in its storage. We had used the diagnostic library for self testing for individual CPU.
Due to use two CPUs, each CPU will execute its code from its storage. For the safety function, the consultant ask us to compare the results of the dual-CPU code execution.
We have seen one reference design that uses SPEAr 1300 CPU.
Schneider M580 provides the following SIL3 safety level functions
1. Independent double execution of the safety task code.
2. Comparison of the results of the double code execution.
3. Periodic self-tests.
4. Support for a 1oo2 (“one out of two”) architecture.
How do I compare the result between two CPUs? Is there reference sample? by software or hardware?