Microcontrollers and Complementary Power Supply for Safety-Critical Applications
Texas Instruments Incorporated introduces new SafeTI™ design packages for safety-critical medical, industrial and energy motor control applications. These design packages include 15 new Hercules RM4x ARM Cortex-R4 safety microcontrollers and TI’s complementary TPS65381-Q1 multi-rail power supply (PMIC). The Hercules RM4x microcontroller and PMIC “safety chipset” maximize failure detection and mitigation while minimizing software overhead. The microcontrollers and PMIC adhere to the SafeTI-61508 design package, helping customers more easily achieve IEC 61508 certification and accelerate time to market with safety-critical products.
The addition of these Hercules RM4x safety microcontrollers expand the Hercules microcontroller product line, offering 35 configurations from which customers can choose to meet application-specific needs. The new Hercules RM46x floating-point safety microcontrollers provide additional memory and performance configurations with expanded motor control capabilities and pin-compatibility with production-qualified Hercules RM48x safety microcontrollers, introduced last year. The new Hercules RM42x safety microcontrollers provide a smaller package, lower cost, entry-line solution with integrated motor control interfaces while also meeting safety standards. The compatible PMIC combines multiple power supplies and safety features such as voltage monitoring in a single device to reduce design time and board space.
Features and benefits of the new Hercules RM4x safety microcontrollers:
- Expanded range of performance and memory options, from 100 MHz to 220 MHz lockstep ARM Cortex-R4 cores and 384KB, 1MB and 1.25MB Flash, provide designers more choices and scalability for their feature-rich safety products.
- Achieve IEC 61508 SIL-3 more easily in system designs through component compliance to industry safety standards with these safety microcontrollers.
- Hardware safety features provide a high level of online diagnostics with lockstep cores; memory protection for the CPU and bus masters; error correction code (ECC) for flash and RAM with single-bit error correction and double-bit error detection (SECDED); CPU and RAM built-in-self-test (BIST) for detection of potential latent faults; intelligent error signaling module for action based on safety error; parity on peripheral RAMs; redundant analog-to-digital converters (ADCs) and timers; and continuous voltage and clock monitoring.
- Integrated motor control capability with the enhanced pulse width modulation, sensor capture and quadrature encoder interfaces on chip to eliminate multiple external components for motor control. The 32-channel timer coprocessor serves as a diverse, redundant motor control channel and checks the integrity of the pulse-width modulators (PWMs) in the motor control loop.
- On-chip Ethernet, CAN and USB connectivity enables networking and several options for data collection and field software upgrades
- Safety documentation, including a safety manual and safety analysis reports, details how to implement Hercules microcontrollers in a safety-critical application, as well as failure modes, effects and diagnostic analysis (FMEDA) that provides the failure rate information needed to meet safety standards.
Features and benefits of TI’s first functional safety PMIC, the TPS65381-Q1:
- Includes multiple power supply rails in a single device, including an asynchronous buck switch-mode power-supply converter with internal FET converts the input battery voltage to 6V pre-regulator output, which supplies other regulators. Two linear regulators with internal FETs can supply power to a controller area network (CAN) and to the microcontroller input/outputs (I/Os). One linear regulator controller supplies the microcontroller core. This integration reduces design time and saves valuable board space.
- An additional integrated sensor supply provides both short-to-ground and short-to-battery protection that can supply power to a sensor outside the electronic control unit (ECU).
- Functional safety architecture integrates features such as question-answer watchdog, MCU error-signal monitor, clock monitoring on internal oscillators, self-check on clock monitor, CRC on non-volatile memory and a reset circuit for the microcontroller. In addition, a BIST allows for monitoring the device functionality at start-up, and a dedicated diagnostic state allows the microcontroller to check the PMIC safety functions. These embedded safety features remove the need of an additional monitoring microcontroller and reduces cost, board space and software development time.
- Safety documentation including safety manual and safety analysis reports that detail how to implement the PMIC in safety-critical applications, as well as failure modes, effects and diagnostic analysis (FMEDA) that provides the failure rate information needed to meet safety standards.