Instantiated in MCU domain are different internal diagnostics modules which provide monitoring and diagnostic functions required to achieve certain safety compliance levels:
- Three instances of Dual Clock Comparator (MCU_DCC) modules, used to determine the accuracy of a clock signal during the time execution of an application, each having the following main features:
- Two independent counter blocks count clock pulses from each clock source
- Each counter block is programmable, however, for proper operation the counters must be programmed with seed values that respect the ratio of the two clock frequencies
- Configurable time base for error signal
- Error signal generation when one of the clocks is out of spec
- Clock frequency measurement
- One instance of Error Signaling Module (MCU_ESM) for safety-related events and/or errors aggregation from throughout the device into one location supports the following main features:
- Up to 1024 level or pulse error event inputs
- Selectable low and high priority interrupt error pin prioritization of each error event
- Error pin to signal severe device failure
- Configurable time base for error signal
- Error forcing capability
- Internal redundant flops on safety critical fields
- Multiple ECC aggregator modules supporting ECC mechanism for providing increased system reliability via reduction of memory software errors by allowing single bit errors to be detected and corrected (SEC) and double bit errors to be detected (DED). Applied to different memories in many of the subsystems, each of the ECC aggregators has the following main features:
- Reduces memory software errors via single error correction (SEC) and double error detection (DED)
- Provides a mechanism to control and monitor the ECC RAMs in a module or subsystem
- Supports software readable status of ECC errors (single and double-bit) and associated info such as RAM address and data bit or bits that are in error
- Aggregates level pending status from the ECC RAMs in two interrupts to the device CPU – interrupt for correctable error (SEC) and interrupt for uncorrectable error (DED)
- Supports up to 256 ECC endpoints (either ECC RAM or interconnect ECC component)
- Single bit error detection via parity checking results in a non-correctable error interrupt
- Memory Cyclic Redundancy Check module used to perform CRC to verify the integrity of a memory system – part of MCU_NAVSS