ST SPC582B Series Application Note Download Page 18 | Manualshive

Page: 18 / 35

ST SPC582B Series Application Note Download Page 18

3.11.2

SMPU XBAR 1 monitor correctly refuses an access (fault #34)

In case of a memory access not mapped to any region descriptor or with insufficient rights, it terminates with
an access error response and the HW monitors inside the SMPU detects this event and forwards this fault to
the FCCU. The user can inject this fault by a SW procedure that accesses a memory address not allowed by
the SMPU. A data storage interrupt (IVOR2) must be handled. The FCCU error reaction path is verified if the
FCCU_RF_S1[RFS2] status bit is set.

3.12

Core_2 faults

3.12.1

Core_2 I-bus ECC error (fault #12)

Instruction and data busses between XBAR and the Core_2 are protected by e2e_ECC.
In case an ECC error is detected on Core_2 instruction bus, the e2e_ECC forwards this fault to the FCCU.
The user cannot inject this fault.

3.12.2

Core_2 D-bus ECC error (fault #13)

Instruction and data busses between XBAR and the Core_2 are protected by e2e_ECC.
In case of an ECC error is detected on Core_2 data bus, the e2e_ECC forwards this fault to the FCCU.
The user cannot inject this fault.

3.12.3

Safety Core_2 exception (machine check exception) (fault #84)

When the Core_2 runs into a machine check condition, the Core_2 forwards this fault to the FCCU.
The user can inject this fault by a SW procedure that accesses to a not existing address. The machine check
interrupt (IVOR1) must be handled. The FCCU error reaction path is verified if the FCCU_RF_S2[RFS20] status
bit is set.

3.13

PLLDIG faults

The SPC582Bx embeds a dual PLL system which provides separate system and peripheral clocks.
For further details on dual PLL, refer to the device SPC582Bx reference manual

.

Figure 14.

PLL DIG faults

RGM

Error out

Reset request

reset

PLL0

Fault #49

FCCU

INTC

Interrupt request

Interrupt

PLL1

Fault #50

3.13.1

PLL0 loss of lock error (fault #49)

A built-in mechanism can detect a loss of lock for the PLL0. The relevant PLLDIG forwards this fault
to the FCCU. The user can inject this fault by a SW procedure that enables the loss of lock interrupt
(PLLDIG_PLL0CR[LOLIE] = 1) and changes on-the-fly the PLL configuration (for example, change on-the-fly the
value of the PLLDIG_PLL0DV[PREDIV] field) that generates a temporary loss of lock. The FCCU error reaction
path is verified if the FCCU_RF_S1[RFS17] and the PLLDIG_PLL0SR[LOLF] status bits are set. The user must
restore on-the-fly the PLL configuration, wait for the new lock and clear PLLDIG_PLL0SR[LOLF] status bit before
clearing the relevant FCCU_RF_S1[RFS17] bit.

AN5752

Core_2 faults

AN5752

-

Rev 1

page 18/35

«
...
16
17
18
19
20
...
»

Summary of Contents for SPC582B Series

Page 1: ...utomotive MCUs Before reading this document the reader should have a clear understanding about the usage of FCCU For further details on this module refer to Fault Collection and Control Unit FCCU chap...

Page 2: ...whole error reaction path are prone to latent failures the safety concept requires the execution of a software test to verify the integrity of the error reaction The user shall run this software test...

Page 3: ...8 MEMU Flash ECC uncorrectable error Testable 29 MEMU Flash ECC overflow error Testable 30 IMA IMA activation Testable 32 PLATFORM SMPU SMPU XBAR 1 monitor incorrectly refuses an access Not testable 3...

Page 4: ...CMU_1 CMU_2 CMU_3 CMU_11 CMU_14 5 FHH or FLL event from CMU_6 CMU_12 Before the safety application starts the user shall configure a proper reaction for each FCCU failure input source See FCCU regist...

Page 5: ...SET CLEAR Mon 2 Fault Mon 3 Fault FCCU_RF_Sn register Mon 2 Register FSM The FCCU can trigger a fault event directly in the monitor even if no real failure is occurred through the fake fault interface...

Page 6: ...a fault as HW recoverable fault that is the fault status within the FCCU remains asserted until the monitor keeps the fault indication asserted As soon as the monitor clears the fault indication it al...

Page 7: ...temperature detector detects if the temperature exceeds the defined thresholds and the PMC_DIG forwards this fault to the FCCU There are three thresholds TS0 TS1 and TS2 Temperature detector threshold...

Page 8: ...the Flash memory and pushes it to the various clients inside the microcontroller Note System configuration is mainly saved as DCF records that are located either in the test or UTest sectors of the Fl...

Page 9: ...that is configured as recoverable fault the STCU forwards this fault to the FCCU Note The user shall configure the STCU to trigger either a recoverable or an unrecoverable fault if the BIST fails This...

Page 10: ...a dedicated glue logic forwards this fault to the FCCU The two error signals are put in OR before arriving at the FCCU failure input 9 The user can inject this fault by the FCCU fake fault interface...

Page 11: ...aults RGM Error out Reset request reset EDC after ECC FCCU INTC Interrupt request Interrupt Fault 15 Set Clear TCD RAM Fault 48 Fault 10 Fault 14 3 5 1 DMA_1 gasket monitor fault 10 In case of hardwar...

Page 12: ...ions For further details on Flash and PFLASHC refer to the device SPC582Bx reference manual RM0403 Figure 9 Flash PFLASHC faults RGM Error out Reset request reset Memory Interface FCCU INTC Interrupt...

Page 13: ...user test FLASH_0_UT0 UTE 0x1 6 Disabling the customer programmable EDC after ECC detection FLASH_0_UT0 CPE 0x0 7 Disabling the user test FLASH_0_UT0 UTE 0x0 8 Clear the relevant FLASH error flag FLAS...

Page 14: ...such as software getting trapped in a loop or if a bus transaction fails to terminate When enabled the SWT requires periodic execution of a watchdog servicing operation The servicing operation resets...

Page 15: ...relevant FCCU_RF_S0 RFS21 bit Alternatively the user can use the IMA to inject a correctable error in the system RAM location and cause the detection of this correctable error accessing to this syste...

Page 16: ...on path is verified if the FCCU_RF_S0 RFS26 status bit is set The user must clear the relevant bit MEMU_DEBUG FR_PR_CEO or MEMU_DEBUG FR_PR_UCO or MEMU_DEBUG FR_PR_EBO before clearing the relevant FCC...

Page 17: ...relevant FCCU_RF_S0 RFS30 bit 3 11 SMPU faults The SMPU provides hardware access control for system bus memory references The SMPU concurrently monitors and evaluates system bus transactions using pr...

Page 18: ...ne check condition the Core_2 forwards this fault to the FCCU The user can inject this fault by a SW procedure that accesses to a not existing address The machine check interrupt IVOR1 must be handled...

Page 19: ...CMU faults RGM Error out Reset request reset CMU_0 Fault 51 FCCU INTC Interrupt request Interrupt CMU_14 CMU_2 CMU_11 CMU_3 CMU_1 CMU_12 CMU_6 Fault 53 Fault 54 Fault 52 3 14 1 CMU_0 error fault 51 Th...

Page 20: ...er can inject this fault by a SW procedure that sets a misconfigured value for one of the monitoring thresholds for example the user can set the CMU_y_HFREFR HFREF field with y 6 12 to a value lower t...

Page 21: ...error for example a write error in the RAM controller resulting in corrupted RAM access the PRAM controller detects this fault and it forwards it to the FCCU The user cannot inject this fault 3 16 2...

Page 22: ...ult 3 17 3 Test circuitry group 3 activation fault 80 In case of unwanted activation of the test circuitry in the related diagnostic function test domain the event is detected and forwarded to the FCC...

Page 23: ...ause a corrupted ECC correction The EDC after ECC can detect this fault and forward it to the FCCU The user cannot inject this fault 3 19 MC_RGM fault The MC_RGM centralizes the different reset source...

Page 24: ...O buffers over temperature pressure and voltage Figure 21 Compensation cell fault RGM Error out Reset request reset Compensation Cell FCCU INTC Interrupt request Interrupt Fault 95 Set Clear 3 20 1 Pa...

Page 25: ...of fault Enable output pins For each fault identified as testable the software Verify the FCCU status before injection If it is in normal state proceed otherwise if it is in alarm or fault state stop...

Page 26: ...d lower than the trip time for example 12 hours The methodology for these tests is based on fault injection and verification whether the FCCU correctly receives it and depends on the specific FCCU inp...

Page 27: ...nterrupt request JTAG NPC Joint Test Action Group Nexus debug port LBIST Logic Built in self test LVD Low voltage detector MC_ME Mode entry module MCU Microcontroller Unit NMI Non maskable interrupt N...

Page 28: ...rystal Table 3 Reference documents Document name Document title RM0403 SPC58 2B Line 32 bit Power Architecture automotive MCU z2 core 80 MHz 1 MByte Flash ASIL B ES0413 SPC582Bx devices errata JTAG_ID...

Page 29: ...Revision history Table 4 Document revision history Date Revision Changes 26 Nov 2021 1 Initial release AN5752 AN5752 Rev 1 page 29 35...

Page 30: ...fault 6 9 3 3 2 BIST result wrong signature STCU recoverable fault fault 7 9 3 3 3 MBIST control activation fault 8 9 3 4 Glue logic faults 10 3 4 1 JTAG NPC or debug functionality out of reset or SS...

Page 31: ...erflow error fault 29 16 3 10 IMA fault 16 3 10 1 IMA activation fault 30 17 3 11 SMPU faults 17 3 11 1 SMPU XBAR 1 monitor incorrectly refuses an access fault 32 17 3 11 2 SMPU XBAR 1 monitor correct...

Page 32: ...3 17 3 Test circuitry group 3 activation fault 80 22 3 17 4 Test circuitry group 4 activation fault 81 22 3 18 PBRIDGE faults 22 3 18 1 PBRIDGE_1 e2eEDC error fault 89 23 3 18 2 PBRIDGE_1 e2eEDC error...

Page 33: ...List of tables Table 1 FCCU failure inputs 2 Table 2 Acronyms and abbreviations 27 Table 3 Reference documents 28 Table 4 Document revision history 29 AN5752 List of tables AN5752 Rev 1 page 33 35...

Page 34: ...96 10 Figure 8 DMA faults 11 Figure 9 Flash PFLASHC faults 12 Figure 10 SWT faults 14 Figure 11 MEMU faults 15 Figure 12 IMA fault 17 Figure 13 SMPU faults 17 Figure 14 PLL DIG faults 18 Figure 15 CM...

Page 35: ...ts and ST assumes no liability for application assistance or the design of Purchasers products No license express or implied to any intellectual property right is granted by ST herein Resale of ST pro...

Reviews:

No comments