Table 4. Safety Mechanism Field Explanation - ST STM32F2 Series User Manual

Note that each part number of the STM32F2 Series owns different combinations of peripherals (for instance,
some of them are not equipped with USB peripheral). To reduce the number of documents and avoid information-
less repetitions, the current Safety Manual (and therefore this section) addresses the overall possible peripherals
available in the targeted part numbers. Users have to select which peripherals are really available on their
devices, and discard the meaningless recommendations accordingly.
The implementation guidelines reported in the following section are for reference only. The safety verification
executed by ST during STM32F2 Series safety analysis and related diagnostic coverage figures reported in this
manual (or its Annexes) are based on such guidelines. For the sake of clarity, safety mechanism are grouped for
MCU basic functions.
Information are organized in form of tables (one for each safety mechanism).
explanation of each field:
Unique safety mechanism code/identifier used also in FMEA document. Identifiers use the scheme mmm_SM_x
where mmm is a 3 or 4 letter module acronym, and "x" is an incremental number. Please note that module
SM CODE
acronym and numbering could be not sequential and/or different from module's actual name being derived by
legacy documents.
Description Short mnemonic description
ST : means that method is available on silicon
Ownership
End user: method must be implemented by the end user by application software modification, hardware
solutions, or both.
Detailed implementation sometimes including notes about the safety concept behind the introduction of the
Detailed implementation
safety mechanism.
Error reporting Describes how the fault detection is reported to application software
Fault detection time Time that the safety mechanism needs to detect the hardware failure
Reports fault model(s) addressed by the diagnostic (Permanent, Transient, or both), and other information:
Addressed fault model If ranked for Fault avoidance: method contributes to lower the probability of occurrence of a failure
If ranked for Systematic: method is conceived to mitigate systematic errors (bugs) in application software design
Dependency on MCU Reports if safety mechanism implementation or characteristics change among different part numbers belonging
configuration to STM32F2 Series
Initialization Specific operation to be executed to activate the contribution of the safety mechanism
Continuous : safety mechanism is active in continuous mode
Periodic: safety mechanism is executed periodically. Note that safety mechanism can be accounted for
diagnostic coverage contribution only if it is executed at least one per PST
Periodicity
On Demand: safety mechanism is activated in correspondence of a specified event (for instance, reception of a
data message)
Startup: safety mechanism is supposed to be executed only at power-up or during off-line maintenance periods
Test for the diagnostic Reports specific procedure (if any and recommended) to allow on-line tests of safety mechanism efficiency
Reports the safety mechanism(s) associated in order to correctly manage a multi-fault scenario (refer to
Multiple faults protection
4.1.3 Notes on multiple faults
Recommendations and
Additional recommendations or limitations (if any) not reported in other fields
known limitations
UM1845 - Rev 4
Table 4. Safety mechanism field explanation
scenario)
Description of hardware and software diagnostics
Table 4. below presents the
UM1845
Section
page 12/108