Reference Safety Architectures - 1Oo1; Reference Safety Architectures - 1Oo2 - ST STM32F2 Series User Manual
Hide thumbs
Also See for STM32F2 Series:
- User manual (1372 pages) ,
- Application note (56 pages) ,
- User manual (19 pages)
Table of Contents
Advertisement
•
Computation processing elements (PEc) performing the algorithm required by the safety function and
transferring the results to the following output elements;
•
Output processing elements (PEo) transferring safety related data to the remote controller connected to the
actuator;
•
In the case of the 1oo2 architecture, a further voting processing element (PEv) can be present;
•
Processes external to the compliant item are considered to guarantee safety integrity, such as a watchdog
(WDTe) and voltage monitors (VMONe).
The role of the PEv and of the external processes WDTe and VMONe is clarified in the sections where the CoU
(definition of safety mechanism) are detailed:
•
WDTe: refer to Independent watchdog – VSUP_SM_2, Control flow monitoring in application software –
CPU_SM_1,
•
VMONe: refer to Supply Voltage Monitoring – VSUP_SM_1.
In summary, STM32F2 Series microcontrollers support the implementation of end user safety functions composed
by three operations:
•
Safe acquisition of safety related data from input peripheral(s).
•
Safe execution of application software program and safe computation of related data.
•
Safe transfer of results or decisions to output peripheral(s).
Claims on the compliant item and computation of safety metrics are done with respect to these three basic
operations.
According to above reported definition for implemented safety functions, the compliant item i.e. the element can
be regarded as type B (as per IEC61508-2, 7.4.4.1.2 definition). Despite accurate, exhaustive and detailed failure
analysis has been done for STM32F2 Series, this device has to be considered intrinsically complex and therefore
type B classification is appropriate.
Two main safety architecture are therefore identified: 1oo1 (using one MCU) and 1oo2 (using two MCUs).
3.2.3
Reference safety architectures - 1oo1
In 1oo1 reference architecture (shown in below
by the combination of STM32F2 Series internal processes (implemented safety mechanisms) and external
processes WDTe and VMONe.
Target for 1oo1 reference architecture is SIL2.
Sensors
UM1845 - Rev 4
Figure
3.) the safety integrity of the compliant item is guaranteed
Figure 3.
1oo1 reference architecture
VMONe
PEi
PEc
PEd
WDTe
PEo
UM1845
Compliant item
Actuators
page 8/108
Advertisement
Table of Contents
Need help?
Do you have a question about the STM32F2 Series and is the answer not in the manual?
Questions and answers