The following techniques and safety measures shall be used as applicable for improving independence of function when using the TMS320F280015x MCU:
- Hold peripherals clocks disabled if the available peripherals are unused (CLK14-Peripheral Clock Gating (PCLKCR)).
- Hold peripherals in reset if the available peripherals are unused (RST9-Peripheral Soft Reset (SOFTPRES)).
- When possible, separate critical I/O functions by using non adjacent I/O pins/balls.
- Partition the memory as per the application requirements to respective processing units and configure the Access Protection Mechanism for Memories, for each memory instance such that only the permitted masters have access to memory.
- The Dual Code Security Module (DCSM) can be used for functional safety where
functions with different safety integrity levels can be executed from different
security zones (zone1, zone2, and unsecured zone), acting as firewalls and thus
mitigating the risk due to interference from one secure zone to another. For
more information, see Achieving Coexistence of Safety
Functions for EV/HEV Using C2000™ MCUs.
- Disabling unused sources of SOC inputs to ADC can help avoid interference from
unused peripherals to disturb functionality of ADC.
- To avoid interference from spurious activity on MCU’s debug port, JTAG1-Hardware Disable of JTAG Port can be used.
- Safety applications running on the CPU can be interfered by unintentional faulty interrupt events to PIE module. PIE7-Maintaining Interrupt Handler for Unused Interrupts and PIE8-Online Monitoring of Interrupts and Events will detect such interfering failures.
- MCU resources in supporting CPU execution such as memory, interrupt controller, and so forth could be impacted by resources from lower safety integrity safety functions coexisting on same MCU. Safety mechanisms such as SRAM11-Access Protection Mechanism for Memories, SRAM16–Information Redundancy Techniques, SRAM17-CPU Handling of Illegal Operation, Illegal Results and Instruction Trapping will be able to detect such interference.
- Critical configuration registers could be victim of interference from bus masters on MCU which implements lower safety integrity functions. These can be protected by SYS1-Multi-Bit Enable Keys for Control Registers, SYS2-Lock Mechanism for Control Registers, SYS8-EALLOW Protection for Critical Registers.