Close
nav search Icon
Forums gray-arrow gray-arrow
Resources gray-arrow gray-arrow
About gray-arrow gray-arrow
Groups gray-arrow gray-arrow
nav-user Account

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

AURIX™ MCU: TC3xx power supply monitoring - KBA235663

AURIX™ MCU: TC3xx power supply monitoring - KBA235663

IFX_Publisher2
Community Manager
Community Manager
Community Manager
25 likes received 1000 replies posted First like given
‎Jun 22, 2022 10:44 PM
‎Jun 22, 2022 10:44 PM

Version: **

ISO 26262 standard suggests the power supply monitoring of a system designed according to the highest safety requirements. For example, see table D.7 in ISO 26262-5:2018.

A dependent failure analysis (DFA) has pointed out stringent requirements for power supply block monitoring. This block is common to all the functionalities offered by TC3xx. In case power supplies are undefined or fail, no more guarantee given on the whole MCU behaviour.

Most of the requirements are satisfied by the internal supply primary monitors and internal supply secondary monitors highlighted in blue and yellow blocks respectively as shown in Figure 1.

BinduPriya_G_0-1655962977254.png

 

Figure   1    Primary and secondary supply monitors of TC3xx


Figure 2 shows all possible power supply safeguard configurations that can be activated internally to MCU.

BinduPriya_G_1-1655963020189.png

 

Figure 2      Primary and secondary adjustable thresholds for internal monitoring of TC3xx power supplied

Nevertheless, the power supply overvoltage primary monitor is missing internally to MCU.

In addition, a secondary path to bring the whole system to a safe state cannot be realized by the MCU itself. Therefore, a secondary independent shut down source is necessary and could be realized with TLF35584 or a similar IC.

The system integrator adds the following measures:

  • The software developed by the system integrator does not allow external voltage supplies to stay in the range of maximum operating conditions and absolute maximum ratings for longer than the specified time in the specific TC3XX device datasheet [1] in “absolute maximum ratings" table.
  • The external hardware designed by the system integrator adds an external filter to prevent electromagnetic noise and other sources of disturbances to couple to the supply source and degrade the quality of the supply voltage.
  • The system detects and disables the external voltage supplies VEXT and VEVRSB of the MCU in case of an overvoltage condition with the continuous monitoring of the external voltage supplies of the MCU.

To provide this last external safety mechanism (overvoltage primary monitoring for VEXT and VEVRSB), Infineon proposes TLF35584 as an ASIL-D product capable to provide both the missing overvoltage primary monitoring and a secondary source for independent shut-down system.

In addition to these external mechanisms in charge of the system integrator, other under and overvoltage mechanisms are present also on TLF35584 so that the system integrator can tailor out the best configuration possible for his use case. See application note AP32402 [2].

References

For more details, see the “Supply Voltage Monitoring” section in the “Power Management System (PMS)” chapter of the AURIX™ TC3xx family User’s manual [1].

Note:

This KBA applies to the following series of AURIX™ MCUs:

  • AURIX™ TC3xx series
Labels
0 Likes
813 Views
Rate this article: