Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Microcontrollers enable ASIL D approved safety applications

Posted: 03 May 2011 ?? ?Print Version ?Bookmark and Share

Keywords:watchdog device? safety and security? automotives?

Infineon Technologies introduced Signature Watchdog CIC61508, a safety watchdog for automotive products. In combination with the company's 32bit TriCore microcontrollers and the SafeTcore software, the CIC61508 can provide monitoring features compliant up to the highest risk level of functional safety according to the IEC61508 and ISO26262 automotive industry standards

The CIC61508 is a safety watchdog that can be integrated into safety relevant applications such as Vehicle Stability Control (VSC), Electric Power Steering (EPS), airbag control, damping systems, and power-train controls. The watchdog monitors the main microcontroller typically used in these types of embedded systems by providing features to detect common failure modes of clock and power supply and temperature related computational errors on the microcontroller.

With its small TSSOP-38 footprint, Infineon claims that the CIC61508 is a space saving and cost-effective option for supporting safety applications.

Safety electronics is one of the key drivers for reducing road fatalities, as seen by an increasing trend for governments to legislate mandatory use of electronically controlled active and passive safety systems. Furthermore in areas such as EPS, the safety aspects are also complemented by a reduction of fuel consumption to provide an overall improvement in vehicle energy efficiency and thus a reduction in carbon dioxide emissions.

Safety Integrity Level (SIL, according to IEC61508) or Automotive Safety Integrity Level (ASIL, defined by ISO26262) specifies the necessary safety measures for avoiding unreasonable risk. There are four SIL (1-4) or ASIL levels (A-D) where D represents the most and A the least stringent level of a given safety function.

Safety systems require an independent watchdog device which implements a robust monitoring channel for main microcontroller supervision in ISO26262 and IEC61508 compliant safety applications. The latest version of the ISO26262 part 5 defined that a coded window watchdog (normally SPI interface) is needed to meet ASIL C or ASIL D, which is a higher requirement than the simple pin toggle window watchdog used in less stringent applications. The Infineon CIC61508 serves as an independent diagnostic monitoring device to allow the safety relevant system to be ASIL-D approved.

The test features supported by the CIC61508 and stored in its ROM include an internal opcode test scheduler/sequencer which generates a sequence of test requests with specific data and checks the response against a user defined table. Other monitoring functions include the capability of detecting undervoltage and overvoltage in up to four power supplies, capability to monitor up to eight parallel data comparisons and verification functions, an operating system task monitor to check the predefined dispatch sequence and execution budgets of critical tasks and three independent system control pins which can be used to bring the system under control into a safe state in a deterministic manner.

Article Comments - Microcontrollers enable ASIL D appro...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top