Table 31. Flash_Sm_8 - ST STM32L4 Series User Manual
Hide thumbs
Also See for STM32L4 Series:
- Manual (213 pages) ,
- User manual (57 pages) ,
- Programming manual (262 pages)
Table of Contents
Advertisement
SM CODE
Addressed fault model
Dependency on Device configuration
Initialization
Periodicity
Test for the diagnostic
Multiple-fault protection
Recommendations and known limitations
SM CODE
Description
Ownership
Detailed implementation
Error reporting
Fault detection time
Addressed fault model
Dependency on Device configuration
Initialization
Periodicity
Test for the diagnostic
Multiple-fault protection
Recommendations and known limitations
UM2305 - Rev 10
Permanent/transient
None
None
Continuous
Direct test procedure for ECC efficiency is not available. ECC run-time hardware failures
leading to disabling such protection, or leading to wrong corrections, fall into multiple-fault
scenario, from IEC61508 perspective. Related failures are adequately mitigated by the
combination of safety mechanisms reported in this table, field Multiple-fault protection.
Also refer to the Recommendations and known limitations field.
FLASH_SM_0: Periodic software test for Flash memory
DIAG_SM_0: Periodic read-back of hardware diagnostics configuration registers
®
®
CPU_SM_3: Arm
Cortex
-M4 HardFault exceptions
According to Flash interface specifications, when the ECCC flag is set, a further two errors
detection is not able to generate the NMI. It is therefore highly recommended to clear the
ECCC flag as soon as a correction is operated, to preserve the ECC error detection capability.
Accordingly, the correction interrupt handling and related ECCC flag clear must be considered
as integral part of the ECCC protection implementation, and it must be implemented to claim
FLASH_SM_7 diagnostic coverage contribution.
Note:
As a result of above exposed limitation, Flash locations occupied by the code
implementing correction interrupt management routine are exposed to potential
lack of protection against dual errors until the code part where the ECCC flag
is cleared. The End users needing to fully address failure modes of those
memory locations may execute a periodical CRC check on that Flash section
(see FLASH_SM_0 for general guidance). The frequency of test execution must
consider the recommendation of note 1
Table 31.
FLASH_SM_8
Read protection (RDP), write protection (WRP), and proprietary code readout protection
(PCROP)
ST
Flash memory can be protected against illegal read or erase/write accesses by using these
protection features. The combination of these techniques and the related different protection
levels allows End user to build an effective access protection policy.
Refer to functional documentation.
In some cases, a HardFault error is generated.
Refer to functional documentation.
Systematic
None
Not required
Continuous
Not applicable
Not required
Hardware random-failure detection capability for Flash memory access policy is restricted to
well-selected marginal failure modes, mainly affecting program counter and Flash memory
interface functions. The associated diagnostic coverage is therefore expected to be irrelevant
in the framework of STM32L4 and STM32L4+ Series safety concept.
Hardware and software diagnostics
FLASH_SM_7
(1)
.
FLASH_SM_8
UM2305
page 25/110
Advertisement
Table of Contents
Need help?
Do you have a question about the STM32L4 Series and is the answer not in the manual?