This post sponsored by Texas Instruments.
Electronics are prolific in our everyday lives, yet they could pose a serious threat to people and the environment. Safety should be the primary concern of any product design. From simple appliances to spacecraft, if every effort isn’t made to ensure safety, a company’s longevity is as risk and liability can threaten everything an engineering team has strived to achieve. There can be no weak links.
The World Health Organization (WHO) recently reported that road crashes cause 20-50 million non-fatal injuries and almost 1.3 million deaths annually. Likewise, manufacturers lose more than $20 billion each year in safety incidents, according to Honeywell Process Solutions. And while the number of airliner accidents decreased year-over-year in 2014, there were still 21 fatal accidents, according to the Aviation Safety Network.
It’s a given that all systems have some inherent, quantifiable failure, meaning it’s generally not possible to develop a system with a zero failure rate. As such, for each application, there is some tolerable failure rate that does not lead to unacceptable risk, when the potential for failure is too high. Acceptable failure rates vary per application, based on the potential for direct or indirect physical injury in the event of system malfunction.
In fact, compliance to functional safety standards such as IEC 61508, developed for general market functional safety applications, and ISO 26262, developed by automotive industry as an augmentation of IEC 61508, is becoming a requirement for many of these end equipments. These international standards provide specifications for products and systems to ensure safety.
As an example it is well known that there has been a significant increase of electronics in the vehicle. The components of these electronic systems have also grown in complexity as they control more and more of the critical functions in the car. Vehicles are also becoming more connected and vehicle-to-vehicle communication is just around the corner. Compliance to functional safety standards such as ISO 26262, as well as measures to address security threats, are clear trends in the automotive industry.
In many of these systems, functional safety adds complexity and there are additional steps required when manufacturers need to certify their products. Silicon vendors have stepped up to the plate by offering certified parts, software and support to ease the burden for manufacturers.
When it comes to keeping us safe, MCUs share a great deal of the responsibility. Consider cars, for example. These evolved machines are continuing to progress as learned successes and failures influence next-generation designs. From mechanical specifications and controls, to electrical and electronic guidelines for reliability, fewer designs are less stringently regulated, and rightfully so. People lose common sense and put full trust in their cars. They will go out in the -20°F temperatures without a coat because they are just driving 20 miles through the woods into town – never giving a second thought as to what might happen if their tire blows or the car breaks down along the way.
Usually, a good microcontroller is chosen, then the design meticulously unfolds, and an entire system is tested and certified to comply with standards in force. But, what if the microcontroller you’ve chosen had already been scrutinized and tested to comply with the standards with which you need to comply? Obviously, this would simplify the process on your end. It is analogous to using all UL-certified parts in a design that needs to conform to UL certifications. If the pieces are already compliant, you can focus more of your attention on the functionality.
Recognizing this, Texas Instruments has already had many of its Hercules™ MCUs certified for the most demanding functional safety applications, including medical, industrial and automotive. These MCUs were developed to the IEC 61508 SIL-3 safety standard for functional safety compliance based on hazard and risk analysis. The parts were also designed to comply with ISO 26262 Functional Safety Standards for road vehicles, including the Automotive Safety Integrity Level (ASIL).
Hercules MCUs are powerful processors with dual lock-stepped ARM cores (RM and TMS570), and built-in self-test (BIST) functionality, which includes the ability to test and protect internal memory. A safe island hardware partitioning scheme assures the lock-step operation with fault detection, memory detection, power-up reset, oscillators and BIST to critical core components.
Underlying all operations are blended diagnostics that ensure the CPU, memory, clocks, and reset control are operating as a safe island. Once you know you have a trustworthy executing processor core, you can use it to check other parts of the system. This assures reliable operations without the need for redundancies. (Figure 1)
Figure 1: Using a layered approach, critical core functionality is protected by several mechanisms and blended with self-test and integrity checks. (Source: Texas Instruments)
A long, soft look
But hardware is only as good as the software wrapped around it. And software anomalies can be left undiscovered until it’s too late. This is why standardized firmware techniques with a track record of success should be part of these integrative standards and tools.
To this end, Texas Instruments supports designers with the Applications for Safety pages including links to industrial, automotive, medical and energy guides and trainings. Texas Instruments also offers the SafeTI Design Packages to help engineers meet safety guidelines for a number of regulated and governed safety standards. A video training session showing how to Ease Functional Safety Certifications is also available online via Texas Instruments.
More perspective can be gained reading Why Functional Safety Certification is Important for Automotive Applications and Foundational Software for Functional Safety Systems.
RM48L952
For more information about this product, click here.
To request a sample, click here. 
To buy now at Mouser, click here.
RM46L852
For more information about this product, click here.
To request a sample, click here. To buy now at Mouser, click here.
TMS570LS1227
For more information about this product, click here.
To request a sample, click here. To buy now at Mouser, click here.
LAUNCHXL-RM42
To request a sample, click here. To buy now at Mouser, click here.
TMS570LS0714
For more information about this product, click here.
To request a sample, click here. To buy now at Mouser, click here.
RM44L520
For more information about this product, click here.
To request a sample, click here. To buy now at Mouser, click here.
LAUNCHXLTMS57004
To request a sample, click here. To buy now at Mouser, click here.
By: Jon Gabay
Advertisement
Learn more about Texas Instruments
