- ZC.MuNiu SafetyLibrary Product Manual Based on Flagchip FC7300
- ZC.MuNiu SafetyLibrary Product Manual Based On Flagchip FC7240
- ZC.MuNiu SafetyFrame Product Manual Based on CYPRESS CYT2B7
- ZC.MuNiu SafetyFrame Product Manual Based on RH850U2AX
- ZC.MuNiu SafetyFrame Product Manual Based on RH850F1KM
- ZC.MuNiu BCC Product Manual Based on NXP MC33771
- ZC.MuNiu SafetyLibrary Product Manual Based on NXP MPC5744P
- ZC.MuNiu SafetyLibrary Product Manual Based on Infineon TC377
- ZC.MuNiu SafetyLibrary Product Manual Based on ST SPC58NH
- Introduction and Usage Methods of Infineon TC3XX MTU Module
- ZC.MuNiu SafetyFrame Product Manual Based on RH850/P1M-C
- ZC.MuNiu SafetyLibrary Product Manual Based on ST SPC58NN
- ZC.MuNiu Complex Driver CDD Based on NXP MC33774
- ZC.MuNiu SafetyFrame
- ZC.Muniu SafetyLibrary Product Manual Based On NXP MPC5746C
- ZC.Muniu Saftylibrary Based On NXP MPC5748G
- ZC.MuNiu SafetyLibrary Product Manual Based On NXP S32K14X
- ZC.MuNiu SafetyLibrary Product Manual Based on Infineon TC2XX
- ZC.MuNiu SafetyLibrary Product Manual Based on Infineon TC275
- ZC.MuNiu SafetyLibrary Product Manual Based on Infineon TC397
- ZC.MuNiu SBC Product Manual Based On NXP FS6500-FS4500
- ZC.MuNiu SBC Product Manual Based on Infineon TLF35584
Development Backgroud
The electrification and intelligent development of automotive electronic control systems are becoming increasingly complex, leading to higher demands for the safety of electronic and electrical architectures. Through the Hazard and Risk Assessment (HARA) analysis of road vehicle application scenarios, to ensure that safety goals are downgraded and decomposed, and the likelihood of hazards occurring is kept below the restricted values of risk, the importance of automotive functional safety is increasingly recognized. In recent years, the functional safety standard ISO 26262 has been referred to; and in terms of software architecture safety, the E-GAS (Electrical-Electronic Architecture Safety) layered approach has been referenced. In the electronic and electrical systems, the design and development are conducted using SEooC (Safety Element out of Context).
Functional safety engineers of ECU products often refer to the Safety Manual provided by semiconductor suppliers, which lists a vast array of application safety mechanisms. They combine these with their own product requirements to identify gaps and further select which modules require diagnostic software development based on the FMEDA (Failure Modes, Effects, and Diagnostic Analysis) configuration. Generally, the higher the ASIL (Automotive Safety Integrity Level), the more safety measures need to be implemented, which requires a significant amount of work and has a high threshold for implementation:
ØHigh costs (redundancy of many unused modules), and development of chip-built-in safety mechanisms is highly dependent on semiconductor manufacturers.
Ø The software team's development focus is at the ECU level rather than the MCU level, making it difficult to implement safety mechanisms with multiple chip combinations.
To address the above customer concerns, ZC.MuNiu Safety Frame product not only adapts to MCU chips but also provides safety analysis for the power supply system, timing monitoring system, and even integrated peripheral SOC-specific chip drivers of SBCs (Safety-Critical Base Control) for specific ASIL-x levels. It follows the two metrics introduced in Clause 8 of ISO 26262-5(2011): Single-point fault metric and Latent-fault metric, ensuring that the basic software platform's functional safety library meets the requirements of different ASIL levels and fault analysis methods.
ZC Technology has launched SAFETY FRAME, offering automotive control unit customers a sincere full-process functional safety service with ASIL level decomposition consulting, FMEDA analysis process support, chip-level self-test safety mechanism development, SafetyFrame configuration and software integration, and other full-process functional safety services.
Product Feature:
The functions and features of the SAFETY FRAME product launched by ZC Technology are as follows:
Ø ZC.MuNiu configuration tool supports AUTOSAR 4.2.2 and AUTOSAR 4.4 standards;
Ø Safety Frame has a safety level of ASIL-B, with additional safety mechanisms to support the application requirements of the highest ASIL-D safety level;
Ø Following the A SPICE software development process, it achieves traceability from customer requirements, MCU Safety Manual, safety library code, to test reports;
Ø The safety software architecture of Safety Frame is independently designed, incorporating the EGAS Monitoring Controller monitoring mechanism;
ØThe SwLib self-inspection library's Safety Mechanism implements software program flow monitoring and includes E2E (End-to-End) functionality, with flexible interface calls, reducing the customer's re-development workload;
Ø The product, as an AUTOSAR Complex Driver component, is integrated and compatible with the MCAL driver package from semiconductor suppliers;
Ø It manages the internal watchdog system and can be optionally integrated with the ZC SBC product library to achieve a complete Safety WdgM function;
Ø The Test Manager integrates MCU fault collection drivers (e.g., SMU/FCCU) to support the customer's product Safety Goal with respect to FTTI (Fault Tree Time Interval) time requirements for safe shutdown monitoring design;
Ø The chip self-inspection library TestLib supports customized development that can be tailored to the needs of each module, suitable for projects with a shorter development cycle, with streamlined code and reduced software capacity;
Ø For some customer ECU products with non-AUTOSAR software architecture, ZC SafetyFrame has good software integration compatibility.
Configuration Tool:
i. ZC.MuNiu tool achieves the configuration of the MCU chip for the Safety Frame product:
ii. ZC.MuNiu tool achieves the configuration of the SBC chip for the Safety Frame product:
Software Testing:
Process Documentation:
Functional Safety Assessment Report:
Application in progress for evaluation
Functional Safety Certificate:
Application in progress for evaluation
ZC.MuNiu provides a comprehensive basic software platform solution for the development of automotive electronic control unit (ECU) products. Safety Frame is a chip functional safety library software package that is graphically configured through ZC.MuNiu platform's upper computer configuration tool. It is developed as an independent safety element (SEooC) in accordance with ISO 26262-10, with critical device Modules designed based on the built-in safety mechanism requirements for AoU diagnostic coverage, and is customized for the development of functional safety libraries and software architecture in MCUs and SBC automotive controllers.
ZC.MuNiu Safety Frame product includes three major components:
The product has now been adapted and developed for a series of models from semiconductor chip manufacturers:
ZC.MuNiu Safety Frame product can be applied to automotive controllers that require functional safety ASIL levels. For example:
Ø Advanced Driver-Assistance Systems controllers (ADAS)
Ø Intelligent Gateway controllers (Gateway)
Ø Intelligent Braking Systems (iBooster)
Ø Electronic Stability Control (ESC/Onebox)
Ø Electric Power Steering (EPS)
Ø Electronic Parking Brake System (EPB)
Ø Battery Management System (BMS)
Ø Body Control Module (BCM)
Ø Engine Management System (EMS)
Ø DC/DC converters
This safety manual is designed for experienced hardware, basic software engineers, and functional safety engineers to illustrate the product overview of how the Safety Frame functional safety software library integrates MCU & SBC-related safety mechanisms into the (sub)systems of customer application products. Our software integration engineers can support and ensure the integration services of the platform product's functional safety library program, comply with the appropriate application standards, and assist customers in achieving the ISO26262 ASIL-D level requirements for the aforementioned automotive controllers.
i. Software Configuration for Safety Frame Product Based on NXP S32K Series Chips:
ii. Software Configuration for Safety Frame Product Based on NXP PowerPC Series Chips:
iii. Software Configuration for Safety Frame Product Based on Infineon AURIX 2G TC3xx Series Chips:
iv. Software Configuration for Safety Frame Product Based on Infineon AURIX 1G TC2xx Series Chips:
v. Software Configuration for Safety Frame Product Based on Infineon ST SPC58NH Series Chips:
vi. Software Configuration for Safety Frame Product Based on Infineon ST SPC58NN Series Chips:
SAFETY FRAME includes the internal module self-test of the MCU (i.e., SF.MCU) and the driver for the SBC hardware safety mechanism (i.e., SF.SBC). The core module of SF.Architecture is the Test Manager, which is used for the scheduling and management of the Safety Library for MCU & SBC. This includes the Safety Wdgm, the Safety SBC/ASIC driver module scheduling, and the application layer PFC (Program Flow Check) interface, etc. It includes three library interface modules:
Ø TestLib--Implement the testing of the MCU chip modules.
Ø DriverLib-- Implements the driving of the MCU chip modules.
Ø SwLib--Commonly used by users for digital signature libraries, end-to-end protection libraries, and other interfaces.
On the principle of software modularization and layering, SAFETY FRAME implements the Function Controller and Monitoring Controller respectively by SF.MCU and SF.SBC, and deploys them at the EGAS Level 2 and Level 3 levels, fully considering the application requirements for program flow monitoring and shutdown path design.
ZC.MUNIU SOFTWARE COPYRIGHT REGISTRATION CERTIFICATE
ZC.MUNIU SAFETYFRAME PRODUCT CERTIFICATE
Click to download the product manual