Texas Instruments C2000 User Manual
  1. Manuals
  2. Brands
  3. Texas Instruments Manuals
  4. Computer Hardware
  5. C2000 Piccolo LaunchPad
  6. User manual

Texas Instruments C2000 User Manual

Safety manual for mcus in iec60730 safety applications
Hide thumbs Also See for C2000:
Table of Contents

Advertisement

Quick Links

Download this manual
Safety Manual for C2000™ MCUs in IEC60730
Safety Applications
User's Guide
Literature Number: SPRUHI3A
April 2013 – Revised August 2013

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the C2000 and is the answer not in the manual?

Questions and answers

Related Manuals for Texas Instruments C2000

Summary of Contents for Texas Instruments C2000

  • Page 1 Safety Manual for C2000™ MCUs in IEC60730 Safety Applications User's Guide Literature Number: SPRUHI3A April 2013 – Revised August 2013...

  • Page 2: Table Of Contents

    Coding Standard and Naming Conventions ............MISRA C Exceptions for C2000 MCU C28x Architecture ........Appendix D C2000 Compiler and Tools Development Process and Tracking ................Appendix E STL Test Suite Release Process ....Appendix F Typical Application Firmware With IEC60730 Safety Supervisory Functions .........................
  • Page 3 ................C2000 STL Library Development Process ........C2000 IEC60730 STL Library – Design, Test and Regression Flow - DTR Typical Application Firmware Components With C2000 IEC60730 STL (Self Test Libraries) – POST and ......................PEST Functions List of Tables ....................

  • Page 4: Introduction

    • Software design and development process It is expected that the user of this document should have a general familiarity with the C2000 product family. More information can be found at http://www.ti.com/C2000. This document is intended to be used in conjunction with the device-specific data sheets, technical reference manuals, and other documentation for the products under development.

  • Page 5: C2000 And Its Application Sectors

    C2000 MCUs brings together highly efficient control CPU, control peripherals and rich analog peripherals to build a deterministic control applications. All C2000 MCUs use real-time 32-bit C28x CPU with or without floating-point unit (FPU). Higher end C2000 MCUs support highly differentiated math capabilities using Viterbi Complex Unit (VCU) modules.

  • Page 6: C2000 Mcu Architecture Classifications

    C2000 Architecture and Product Overview www.ti.com Figure 1. C2000 MCU for IEC60730 Applications - An Overview of System Architecture C2000 MCU Architecture Classifications The following configurations of CPU and subsystems are available across many of Piccolo and Delfino MCU devices. In this document subsystem refers to a collection of Control or Analog peripherals, critical for real time control applications.

  • Page 7: C2000 Mcu Documentation

    TI MCUs for more than a decade. This offers high level of integration, performance and reliability. The C2000 MCU IEC60730 Safety Manual is to be complemented with its device level documentation, as listed in...

  • Page 8: Targeted Applications And Product Safety Constraints

    For example, the fault tolerant time intervals for typical motor drives can be within few 10s of milliseconds. The C2000-based system can address fault tolerant times similar to these intervals or better. C2000 MCU's overall response can reach < 10 ms fault tolerant time interval.

  • Page 9: C2000 Mcu Development Process For Management Of Systematic Faults

    MCUs that cater to industrial and automotive applications. TI Standard Automotive MCU and C2000 MCU Development Process Texas Instruments has been developing microcontrollers for industrial and automotive markets that require safety and non-safety applications for over twenty years. Industrial and automotive markets have strong requirements on quality management and high product reliability.

  • Page 10: C2000 Mcu Development Process

    IEC 61508 as well and is under a process of continuous improvement to incorporate new features. Piccolo and Delfino series of C2000 MCUs are developed to offer devices with several temperature grades to address consumer, industrial and automotive applications.

  • Page 11: Product Architecture For Management Of Random Faults

    For a safety critical development, it is necessary to manage both systematic and random faults. The C2000 MCU product architecture includes safety mechanisms that can help detect and respond to random faults when used correctly. This section describes the architectural safety concept and software layers that need to be adopted in C2000 MCU devices.

  • Page 12: Piccolo Mcu Family

    IEC60730 and UL1998 have published a series of safety test across any microcontroller device. Safety Manual for C2000™ MCUs in IEC60730 Safety Applications SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright ©...

  • Page 13: C2000 Mcu Piccolo F2806X With Safety Features In Software

    Figure 3. C2000 MCU Piccolo F2806x With Safety Features in Software Piccolo6x: TMS320F2806x MCU is the full featured C2000 MCU with a dedicated 32-bit C28x main CPU, floating-point unit and Viterbi and math accelerators (VCU). CPU performance is further supported by an event optimized, CLA that is capable of 32-bit C28x CPU functions with floating-point precision.
  • Page 14 Table 1). The on-chip regulator supports POR and BOR logic to generate under voltage detection. Safety Manual for C2000™ MCUs in IEC60730 Safety Applications SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...

  • Page 15: C2000 Mcu Piccolo F2803X With Safety Features In Software

    4.3.2 Type B: C28x CPU + CLA With Control and Analog Subsystem – Piccolo3x Family Figure 4. C2000 MCU Piccolo F2803x With Safety Features in Software Piccolo3x: TMS320F2803x MCU is functionally identical to TMS320F2806x except for the FPU, VCU and USB modules.
  • Page 16 Table 1). The on-chip regulator supports POR and BOR logic to generate under voltage detection. Safety Manual for C2000™ MCUs in IEC60730 Safety Applications SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...

  • Page 17: C2000 Mcu Piccolo F2805X With Safety Features In Software

    4.3.3 Type B: C28x CPU + CLA With Control and Analog Subsystem – Piccolo5x Family Figure 5. C2000 MCU Piccolo F2805x With Safety Features in Software Piccolo5x: TMS320F2805x MCU is functionally identical to TMS320F2803x except for the PGA, CAN and LIN modules.
  • Page 18 Table 1). The on-chip regulator supports POR and BOR logic to generate under voltage detection. Safety Manual for C2000™ MCUs in IEC60730 Safety Applications SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...

  • Page 19: C2000 Mcu Piccolo F2802X With Safety Features In Software

    4.3.4 Type D: C28x CPU With Control and Analog Subsystem – Piccolo2x Family Figure 6. C2000 MCU Piccolo F2802x With Safety Features in Software Piccolo2x: TMS320F2802x MCU is functionally identical to TMS320F2803x except for the CLA, CAN and LIN modules. It has a dedicated 32-bit C28x main CPU supports fixed point and IQmath capabilities to accelerate time critical functions, and control algorithms.

  • Page 20: Delfino Mcu Family

    POR and BOR logic to generate under voltage detection. Delfino MCU Family Delfino is high performance member of the C2000 MCU addressing a wide of industrial applications. The makeup of the family is differentiated at the 32-bit C28x CPU performance, control and analog subsystem peripherals.

  • Page 21: C2000 Mcu Delfino F2833X With Safety Features In Software

    Figure 7. C2000 MCU Delfino F2833x With Safety Features in Software Delfino: TMS320F2833x MCU is the full featured C2000 MCU with a dedicated 32-bit C28x main CPU, floating point unit, designed for high performance (150MHz)). CPU performance is capable of fixed point math, IQmath and floating point precision.

  • Page 22: C2000 Mcu Delfino F2823X With Safety Features In Software

    4.4.2 Type D: C28x CPU With Control and Analog Subsystem – Delfino F2823x Family Figure 8. C2000 MCU Delfino F2823x With Safety Features in Software Delfino: TMS320F2823x MCU is functionally identical to TMS320F2833x family except for the floating- point unit. For more details on this family, see Table Safety Manual for C2000™...

  • Page 23: C2000 Mcus Operating States

    Figure 9. Piccolo and Delfino MCUs Operating States • Powered Off - This is the initial operating state of the C2000 MCUs. No power is applied to either core –1.8 V/1.2 V) or I/O power supply (V –3.3 V) and the device are non-functional. This state can DDIO only transition to the safe state, and can only be reached from the safe state.

  • Page 24: Management Of Exception And Errors

    Standard Safety Diagnostic Functions With C2000 MCUs and Subsystems The C2000 MCU system has several functional safety features that can initiate fault or error interrupts when the fault occurs. However, except for a few special hardware modules, not all of these safety modules are able to generate alarms in their dormant state.

  • Page 25: Functional Descriptions Of Safety Modules In C2000 Mcus

    Optimizer (SFO) functions are software libraries that are built with internal hardware assist SFO Clock Accuracy Check logic in C2000 MCU devices that can help to measure and clock accuracies. Details of SFO functions are in explained in the TMS320x2806x Piccolo Technical Reference Manual (SPRUH18).

  • Page 26: Functional Descriptions Of Safety Modules In C2000 Mcus

    C2000 MCU Architecture Safety Mechanisms and Assumptions of Use www.ti.com Table 3. Functional Descriptions of Safety Modules in C2000 MCUs (continued) Safety Diagnostics Functions to Enable Safety Attributes and Features Description Information redundancy techniques can be applied via software as an additional runtime diagnostic on any memory block, serial communication peripherals and control peripherals.

  • Page 27: Next Steps In Your Safety Development

    • SafeTI solutions and product support on the web: http://www.ti.com/ww/en/functional_safety/safeti/SafeTI-60730.html • Access C2000 MCU page s any time on the web: http://www.ti.com/lsds/ti/microcontroller/32- bit_c2000/overview.page • The Piccolo Wiki page provides answers to many commonly asked questions: http://www.ti.com/lsds/ti/microcontroller/32-bit_c2000/training.page...
  • Page 28 Next Steps in Your Safety Development www.ti.com Table 4. C2000 MCU IEC60730/UL1998/IEC60335 product functional safety deliverables (continued) IEC60730 Safety Documentation Contents Status Release Control Card Software source for Software libraries for IEC60730 Class B Beta4 Dec 2012 IEC60730 lib evaluation...

  • Page 29: Appendix A Summary Of Recommended Safety Feature Usage

    Appendix A Summary of Recommended Safety Feature Usage Table 6 provides a summary of the safety concept recommendations for C2000 MCU. Each recommendation is given a unique identifier to aid in requirements management. This is a generic table applicable per MCU module or peripheral. These modules may not be available on all the MCUs. For its availability in the selected MCU, see the device-specific data sheet.
  • Page 30 Periodic Software response on function code functionality check with test runtime use of Code integrity and vectors test vector validation Summary of Recommended Safety Feature Usage SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...

  • Page 31: Appendix B Iec60730-Class B/Ul1998 Class 1 Mcu Safety Compliance Features

    Custom Software SStatic and dynamic limits POST and periodic tests Item 9.1 and 9.2 are C2000 MCU-specific implementation and recommendations added to this table. SPRUHI3A – April 2013 – Revised August 2013 IEC60730-Class B/UL1998 Class 1 MCU Safety Compliance Features Submit Documentation Feedback Copyright ©...

  • Page 32: Appendix C C2000 Mcu Iec60730 Software Safety Development Process

    Appendix C C2000 MCU IEC60730 Software Safety Development Process The C2000 MCU IEC60730 self-test library functions are written in C28x CPU assembly and C. Assembly functions are intended to do self test more efficiently and leverage architecture features. All these functions are user friendly calling functions that can be included in the end application.
  • Page 33 Static Code Coverage • MISRA and LDRA rule checker is being used to static analysis tools SPRUHI3A – April 2013 – Revised August 2013 C2000 MCU IEC60730 Software Safety Development Process Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...

  • Page 34: Misra C Exceptions For C2000 Mcu C28X Architecture

    MISRA C Exceptions for C2000 MCU C28x Architecture www.ti.com C.2.11 Code Review Process • Face-to-face code review. Most issues are resolved in real time with lingering issues logged in the Bugzilla system for later resolution. • LDRA toolset will be used to track peer review comments.

  • Page 35: Appendix D C2000 Compiler And Tools Development Process And Tracking

    Appendix D C2000 Compiler and Tools Development Process and Tracking Software code development and firmware debug is made easy using the Code Composer Studio™ tool set from Texas Instruments. Details of the tools and the environment are listed in Table 8.

  • Page 36: Appendix E Stl Test Suite Release Process

    Precert_Lib and Evaluation Suite After few weeks Release Beta Figure 11. C2000 IEC60730 STL Library – Design, Test and Regression Flow - DTR STL Test Suite Release Process SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...
  • Page 37 NOTE: POST and PEST are acronyms for a set of software functions that will be executed at power on of the MCU and periodically during the application. SPRUHI3A – April 2013 – Revised August 2013 STL Test Suite Release Process Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...

  • Page 38: Appendix F Typical Application Firmware With Iec60730 Safety Supervisory Functions

    STL_test = N? Run Apps forever? Figure 12. Typical Application Firmware Components With C2000 IEC60730 STL (Self Test Libraries) – POST and PEST Functions Typical Application Firmware With IEC60730 Safety Supervisory Functions SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright ©...

  • Page 39: Appendix G Glossary

    Texas Instruments C2000 MCU Specific C28x CPU Texas Instruments 32-Bit Central processing Unit Texas Instruments 32-Bit processor to Function as Control Law Accelerator Floating-Point Unit designed to work with C28x CPUs IQ Math Floating-Point Unit designed to work with C28x CPUs...

  • Page 40: Appendix H Revision History

    Table 10. SPRUHI3A Revisions Location Additions, Deletes, and Edits Section 5.2.5 Added new section. Section 5.2.6 Added new section. Section 5.2.7 Added new section. Revision History SPRUHI3A – April 2013 – Revised August 2013 Submit Documentation Feedback Copyright © 2013, Texas Instruments Incorporated...
  • Page 41 IMPORTANT NOTICE Texas Instruments Incorporated and its subsidiaries (TI) reserve the right to make corrections, enhancements, improvements and other changes to its semiconductor products and services per JESD46, latest issue, and to discontinue any product or service per JESD48, latest issue.

Table of Contents

Save PDF