The electronic and electrical architecture of vehicles is becoming increasingly complex, and the safety requirements for automotive electronics are also rising. To meet the safety demands of vehicles, functional safety is gaining more and more attention. In recent years, the industry has referred to the ISO 26262 standard for functional safety; and for the safety architecture of software frameworks, it has referred to the E-GAS layered approach. The NXP FS6500-FS4500 is suitable for the selected applications and complies with these application standards, and in the electronic and electrical systems, it is designed and developed as a SEooC (Safety Element out of Context).

As an SBC (System Basis Chip) for an MCU (Microcontroller Unit) of a specific ASIL-x level, it serves as a power supply and timing monitoring system. According to ISO 26262-5(2011) Clause 8, two metrics are introduced: Single-point fault metric (measuring the occurrence of single faults) and Latent-fault metric (measuring the occurrence of faults that are not immediately apparent). The requirements for different ASIL levels and fault failure analysis methods all demand that the single-point fault metric and latent fault metric meet the corresponding ASIL-x level standards.

Therefore, in customer application projects where compliance with the ASIL-D safety level is required, the ZC SBC NXP FS6500-FS4500 driver software product provides a software solution to meet functional safety requirements, including:

Ø  Watchdog management function to implement program flow monitoring for the MCU.

Ø  Voltage diagnostic function.

Ø  SPI communication diagnostic function.

Ø  FS0B/FS1B processing and diagnostic function.

Ø  ABIST/LBIST diagnostic function.

Product Feature

Ø  Can be integrated as a complex driver into AUTOSAR.

Ø  Can be integrated into non-AUTOSAR software architectures, with flexible adaptation.

Ø High scalability: Each module is configurable to meet different customer requirements.

Ø High safety: Supports multi-core self-testing, and when paired with ZC Technology, it can meet the requirements up to ASIL-D.

Functional Safety Architecture

To meet functional safety requirements, the NXP FS6500-FS4500 has implemented a generic safety system architecture design. Based on this system safety architecture, the FS6500-FS4500 can achieve power supply monitoring for the MCU (VCORE and VCCA) and sensors (VAUX). At the same time, it implements watchdog monitoring for the MCU and fault monitoring of the MCU, and achieves safe state transitions of the system through FS0B/FS1B.

Based on this system safety architecture, the ZhiCong SBC NXP FS6500-FS4500 driver software product provides a software solution that can be configured according to the customer's actual architectural design to implement the following functions:

Ø  Watchdog management function to implement program flow monitoring for the MCU.

Ø  MCU fault management, monitoring internal MCU faults through the IO_2:3 pins.

Ø  Voltage diagnostic function.

Ø  SPI communication diagnostic function.

Ø  Processing and diagnostic functions for FS0B/FS1B.

Ø  ABIST/LBIST diagnostic function.

Software Testing

PROCESS DOCUMENTATION

The ZC.MuNiu functional safety SBC series software is designed to create a platform software product for the System Basis Chip (SBC) that meets customer functional safety requirements, independently developed by ZC Technology. This manual describes the functional safety application scheme and software architecture based on the NXP FS6500-FS4500 series SBC. This software product can help system engineers and software engineers to quickly apply it to customer products to meet functional safety requirements.

The software driver functions of the FS6500-FS4500 chip realized by this product include:

·         Multi-channel power output management;

·       CAN/LIN transceiver management;

·         LDT (Low-Dropout Timer) management;

·         SBC state machine control, low power control, and wake-up management;

·         Output voltage diagnostic management;

·         SPI communication processing between MCU and SBC;

·        Internal ABIST (Array Built-In Self-Test) / LBIST (Logic Built-In Self-Test) management for the SBC;

·         Watchdog management;

·         MCU error monitoring management;

·         External safe shutdown path processing for the SBC.

ZC Technology has adapted and developed for most models in the FS6500-FS4500 series (not limited to the following models):

ZC.MuNiu functional safety SBC, the NXP FS6500-FS4500 series driver software product, can be applied to automotive controllers that require various functional safety levels.

For example:

Ø  Battery Management System (BMS)

Ø  Inverter

Ø  DC-DC Converter (DCDC)

Ø  Electric Power Steering (EPS)

Ø  Electronic Parking Brake System (EPB)

Ø  Body Control Module (BCM)

Ø  Engine Management System (EMS)

Ø  Chassis Domain Control System Related Applications

Ø  Advanced Driver Assistance System Controller (ADAS)

The ZC.MuNiu functional safety SBC, the NXP FS6500-FS4500 series driver software product, can currently be adapted to work with MCUs from multiple chip manufacturers. The MCUs include:

Ø The ZC.MuNiu SBC driver software product supports software configuration for the NXP S32K series chips:

Ø The ZC.MuNiu SBC driver software product supports software configuration for the NXP PowerPC series chips:

Ø  The ZC.MuNiu SBC driver software product supports software configuration for the Infineon AURIX series chips:

Click to download the product manual