The Hercules RM4x microcontroller and PMIC “safety chipset” maximize failure detection and mitigation while minimizing software overhead. The microcontrollers and PMIC adhere to the SafeTI-61508 design package, helping customers more easily achieve IEC 61508 certification and accelerate time to market with safety-critical products.
The addition of these Hercules RM4x safety microcontrollers expand the Hercules microcontroller product line, offering 35 configurations from which customers can choose to meet application-specific needs. The new Hercules RM46x floating-point safety microcontrollers provide additional memory and performance configurations with expanded motor control capabilities and pin-compatibility with Hercules RM48x safety microcontrollers, introduced last year. The new Hercules RM42x safety microcontrollers provide a smaller package, lower cost, entry-line solution with integrated motor control interfaces while also meeting safety standards. The compatible PMIC combines multiple power supplies and safety features such as voltage monitoring in a single device to reduce design time and board space. Features and benefits of the new Hercules RM4x safety microcontrollers:
Expanded range of performance and memory options, from 100 MHz to 220 MHz lockstep ARM Cortex-R4 cores and 384KB, 1MB and 1.25MB Flash, provide designers more choices and scalability for their feature-rich safety products.
Achieve IEC 61508 SIL-3 more easily in system designs through component compliance to industry safety standards with these safety microcontrollers.
Hardware safety features provide a high level of online diagnostics with lockstep cores; memory protection for the CPU and bus masters; error correction code (ECC) for flash and RAM with single-bit error correction and double-bit error detection (SECDED); CPU and RAM built-in-self-test (BIST) for detection of potential latent faults; intelligent error signaling module for action based on safety error; parity on peripheral RAMs; redundant analog-to-digital converters (ADCs) and timers; and continuous voltage and clock monitoring.
Integrated motor control capability with the enhanced pulse width modulation, sensor capture and quadrature encoder interfaces on chip to eliminate multiple external components for motor control. The 32-channel timer coprocessor serves as a diverse, redundant motor control channel and checks the integrity of the pulse-width modulators (PWMs) in the motor control loop.
On-chip Ethernet, CAN and USB connectivity enables networking and several options for data collection and field software upgrades
Safety documentation, including a safety manual and safety analysis reports, details how to implement Hercules microcontrollers in a safety-critical application, as well as failure modes, effects and diagnostic analysis (FMEDA) that provides the failure rate information needed to meet safety standards.
Features and benefits of TI’s first functional safety PMIC, the TPS65381-Q1:
Includes multiple power supply rails in a single device, including an asynchronous buck switch-mode power-supply converter with internal FET converts the input battery voltage to 6V pre-regulator output, which supplies other regulators. Two linear regulators with internal FETs can supply power to a controller area network (CAN) and to the microcontroller input/outputs (I/Os). One linear regulator controller supplies the microcontroller core. This integration reduces design time and saves valuable board space.
An additional integrated sensor supply provides both short-to-ground and short-to-battery protection that can supply power to a sensor outside the electronic control unit (ECU).
Functional safety architecture integrates features such as question-answer watchdog, MCU error-signal monitor, clock monitoring on internal oscillators, self-check on clock monitor, CRC on non-volatile memory and a reset circuit for the microcontroller. In addition, a BIST allows for monitoring the device functionality at start-up, and a dedicated diagnostic state allows the microcontroller to check the PMIC safety functions. These embedded safety features remove the need of an additional monitoring microcontroller and reduces cost, board space and software development time.
Safety documentation including safety manual and safety analysis reports that detail how to implement the PMIC in safety-critical applications, as well as failure modes, effects and diagnostic analysis (FMEDA) that provides the failure rate information needed to meet safety standards.
Tools, software and support to ease safety-critical development
Hercules Development Kits – Get up and running quickly with a low-cost USB stick (TMDXRM48USB) or full-featured kits (TMDXRM42HDK or TMDXRM46HDK) that include a development board, TI’s Code Composer Studio integrated development environment (IDE), the HALCoGen peripheral configuration tool and a safety demo that showcases BIST execution and error forcing modes.
Hercules Motor Control Kit – Spin motors safely in minutes with the Hercules RM46x Motor Control Kit (DRV8301-RM46-KIT). Included in the kit is an RM46x controlCARD (TMDXRM46CNCD), also available standalone, with the TPS65381-Q1 power supply, a DRV8301 EVM and a Teknic servo motor. Also included in the kit is TI’s MotorWare software, which includes field-oriented-control (FOC) algorithms that support sensorless feedback as a redundant/safe channel to a position sensor and example projects that leverage the ARM CMSIS DSP library and the HALCoGen peripheral library with built-in safety support.
SafeTI ARM Compiler Qualification Kit – Establish confidence in your development tools with TI’s new Compiler Qualification Kit. The kit will help you document, analyze, validate and qualify your use of the TI ARM compiler to meet the requirements of the ISO 26262 and IEC 61508 standards. An early adopter release will be available in Oct 2012 with a full- featured release to follow in 1Q 2013.
Pricing and availability The TPS65381-Q1 will be available in a HTSSOP-32 (DAP) PowerPad package in December 2012 at $2.60 USD in 1,000-unit quantities. Hercules RM4x microcontrollers range from $3 to $26 USD and are immediately available for order. A variety of free software and tools ranging from $79 to $599 USD are listed above and available today.
If you found this article to be interest, visitMicrocontroller / MCU Designline where – in addition to my Max's Cool Beans blogs on all sorts of "stuff" – you will find the latest and greatest design, technology, product, and news articles with regard to all aspects of designing and using microcontrollers.
Also, you can obtain a highlights update delivered directly to your inbox by signing up for my weekly newsletter – just Click Here to request this newsletter using the Manage Newsletters tab (if you aren't already a member you'll be asked to register, but it's free and painless so don't let that stop you [grin]).
Last but certainly not least, make sure you check out all of the discussions and other information resources at All Programmable Planet. For example, in addition to blogs by yours truly, microcontroller expert Duane Benson is learning how to use FPGAs to augment (sometimes replace) the MCUs in his robot (and other) projects.
TI’s lockstep implementation is a 1oo1D design which is inherently less sensitive to common cause failure than 1oo2 or 2oo2 lockstep architectures. In addition TI has applied measures including temporal diversity and physical/layout diversity to further mitigate common cause failure concerns. TI has been producing products with similar lockstep architectures for many years and has yet to see a confirmed common cause CPU failure. Details of the design for mitigation of common cause failure in the lockstep diagnostic are publicly available Section 188.8.131.52 in the RM46 safety manual, which can be downloaded from http://www.ti.com/hercules (lit#SPNU551)