1. Manuals
  2. Brands
  3. ST Manuals
  4. Microcontrollers
  5. SPC582B Series
  6. Application note

Overview; Table 1. Fccu Failure Inputs; Figure 1. Fccu Monitor To Reaction Path - ST SPC582B Series Application Note

Fccu fault sources and reaction
Hide thumbs
Table of Contents

Advertisement

1

Overview

The FCCU is a key element of the functional safety concept of the SPC58 and SPC57 families of SPC5
32-bit automotive MCUs. It is responsible for collecting and reacting to failure notifications coming from different
modules indicated as monitors. Examples of monitors are CMU, MEMU, XBIC and so forth.
Note:
Some monitors might miss the set and clear signals.
The
Figure 1
shows how the FCCU is connected to the other blocks. The reader shall consider the above figure,
and all other figures in this document, as a logic schema that not exactly reflects the physical implementation in
the silicon.
In case of a fault, the FCCU can move the device into the safe state (the safety manual defines the safe states)
without any core intervention. Since the FCCU and the whole error reaction path are prone to latent failures, the
safety concept requires the execution of a software test to verify the integrity of the error reaction. The user shall
run this software test at least once per trip time.
Note:
The safety analysis assumes a trip time of 12 hours.
This document goes through the list of the faults reported by the FCCU. For each of them it describes how to
test the reaction path to fulfill the previous requirement. Note that the user cannot test the error reaction path for
certain monitors.
The
Table 1
lists and describes all FCCU input fault sources for SPC582Bx MCUs.
FCCU input #
0
1
2
3
4
5
6
AN5752 - Rev 1
Figure 1.
FCCU monitor to reaction path
Set
Clear
Monitor 1
.
Fault
.
.
Fault
.
Monitor N
Set
Clear
Table 1.
Source
PMC DIG
Temperature out of range
PMC DIG
Voltage out of range from LVDs
PMC DIG
Voltage out of range from HVDs
PMC DIG
Digital PMC initialization error during DCF data load
PMC DIG
Digital PMC voltage detector BIST
SSCM/FLASH_0
SSCM transfer error OR Flash memory initialization error
STCU
BIST result-wrong signature (STCU unrecoverable fault)
destructive
reset
FOSU
Interrupt request
(ALARM)
FCC
NMI
FCCU
U
Error out/in
Reset request
FCCU failure inputs
Failure description
AN5752
Overview
INTC
Interrupt
Core_0
RGM
Reset
Error reaction path
Not testable
Not testable
Not testable
Not testable
Testable
Not testable
Testable
page 2/35

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SPC582B Series and is the answer not in the manual?

Questions and answers

Related Manuals for ST SPC582B Series

Related Content for ST SPC582B Series

Table of Contents