Transportation and Safety Microcontrollers from Texas ...€¦ · Functional Safety vs. Quality/Reliability • High quality and reliability does not guarantee safety. • Methods

Transportation and Safety Transportation and Safety Transportation and Safety Transportation and Safety Transportation and Safety Transportation and Safety MicrocontrollersMicrocontrollers

from Texas Instrumentsfrom Texas Instruments

Transportation and Safety Transportation and Safety MicrocontrollersMicrocontrollers

from Texas Instrumentsfrom Texas Instruments

September 2012September 2012September 2012September 2012

What is Functional Safety?

• Safety is freedom from unacceptable risk of physical injury or of damage to the health of people, either directly, or indirectly as a result of damage to property or to the environment.

• Functional safety is part of the overall safety that depends on a system or equipment operating correctly in response on a system or equipment operating correctly in response to its inputs.

• Example: over-temperature protection device, using a thermal sensor in the windings of an electric motor to de-energise the motor before they can overheat

Source: iec

Safety Failures and their Causes

• Failures in a functional safety system can be broadly classified into two categories: Systematic and Random failures

Failures

Systematic Random• Systematic Failures

– Result from a failure in design or manufacturing – Often a result of failure to follow best practices– Often a result of failure to follow best practices– Rate of systematic failures can be reduced through continual and

rigorous process improvement

• Random Failures– Result from random defects inherent to process or usage condition– Rate of random failures cannot generally be reduced; focus must be

on the detection and handling of random failures in the application.

Note: Software failures are considered to be systematic

3

Functional Safety vs. Quality/Reliability

• High quality and reliability does not guarantee safety.

• Methods to ensure quality and reliability have high overlap to methods used to manage systematic safety failures.– Zero DPPM efforts– Safe Launch programs– Safe Launch programs

• Requirements to manage safety of random hardware failures in application typically do not overlap quality and reliability requirements.

4

Safety Integrity Levels

SIL- Demand Mode SIL- Continuous Mode

Closed-Loop view of Safety life cycle

Source: EXIDA

HerculesHercules TMTM

Safety Microcontrollers Safety Microcontrollers

New Product Overview

Hercules TM MCUs make the world a safer place

EN 50128(railway)

DO-254DO-178B(aerospace)

IEC 50156

(furnaces)

IEC 60880 (nuclear power

IEC 61511 (process

IEC 60601(medical

equipment)

Electronics are proliferating in safety-critical applications

HerculesMCU

TM

power stations)

ISO 26262 (automotive)

IEC 62061ISO 13849 (machinery)

(process industry)

IEC 61508(safety)

Protection against random and systematic failures

Headroom for application differentiation

Simplified development and system certification

Hercules MCUs provide

developers of safety-critical applications:

Hercules MCUs provide

developers of safety-critical applications:

7

Typical Safety System Concept

Safety = + 2x MCU

Safety = + 1x MCU + FPGA

Safety = + 1x MCU + ASIC

MCUMCU MCUMCU

MCUMCU FPGAFPGA

MCUMCU ASICASICSafety = + 1x MCU + ASIC

TI Hercules ™ Safety MCU Solution =

8

Aerospace & Railway

Automotive

Industrial

Hercules ™ ARM® Cortex ™ Safety MCU Applications

Anti-Skid Control

Industrial Motor Control Manufacturing /

Robotics

Wind Power

Avionics / Autopilot

Industrial Automation / PLC

Communications Gateway

Motor Control

Electric Power Steering

Radar / Collision Avoidance(ADAS)

Medical

Hybrid & Electric Vehicles

AirbagBraking / Stability Control

Chassis / Domain Control

Active Suspension

Sensor & CommunicationsGateway

Solar Power

OxygenConcentrators

Respirators

Anesthesia

9

TI Hercules TM MCU Platform ARM Cortex Based Microcontrollers (confidential unt il September 6 th)

Value Line Transportation and

Safety MCUs

Hercules Platform

TMS470M TMS570 RM4x

High Performance Industrial and Medical

Safety MCUs

•Industrial Applications•Medical Applications•TMS Qualification•-40 to 105°C Operation

High Performance Transportation and

Safety MCUs

•Transportation Applications•Automotive Q100 Qualification•-40 to 125°C Operation•FlexRay, CAN Connectivity

•Transportation Applications•Automotive Q100 Qualification•-40 to 125°C Operation•LIN, CAN Connectivity

10

•-40 to 105°C Operation•Ethernet, USB Connectivity•IEC 61508 SIL-3• Cortex-R – over 350 DMIPs

•FlexRay, CAN Connectivity•ISO26262 ASIL-D•IEC 61508 SIL-3•Cortex-R – over 280 DMIPs

•LIN, CAN Connectivity•ISO26262 ASIL-B•IEC 61508 SIL-2• Cortex-M – to 100 DMIPS

Exida Has Certified TMS570LS20216S IEC 61508 SIL3 Capable

11

Hercules Safety Documents• Documents provided by TI some under NDA to assist in the

safety certification process:

– Safety Analysis Report Summary (SAR1)• Summary of FIT rate and FMEDA at DEVICE level for IEC 61508

– Hercules TMS570/RM Device Safety Manual (SM)• Details product safety architecture and recommended usage

NDA

12

– Safety Case Report (SCR)• Summary of compliance to IEC 61508 and/or ISO 26262

– Detailed Safety Analysis Report (SAR2)• Full details of all safety analysis executed down to MODULE level for

IEC 61508 and ISO 26262

• Summary of FIT rate and FMEDA at DEVICE level for IEC 61508 and ISO 26262

NDA

NDA

Safety Critical Industrial & Medical

Hercules™ MCUs are tailored for safety critical appl ications

• Lockstep Floating Point CPUs• CPU & RAM BIST, RAM & Flash ECC, CRC • IEC 61508 & ISO 26262 & AEC Q100 Qual• Dual 12-bit ADCs, 10/100 Ethernet, FlexRay,

MibSPI, CAN, LIN, UART, I2C N2HET

High Performance Transportation Safety

High

TMS570LS31x/21x

RM48x• Lockstep Floating Point CPUs• CPU & RAM BIST, RAM & Flash ECC,CRC • IEC 61508• Dual 12-bit ADCs, 10/100 Ethernet, USB Host

& Device, MibSPI, CAN, UART, I2C N2HETRM

48C

orte

x™

-R4F

TM

S57

0C

orte

x™

-R4F

Up to 220MHz

(>350 DMIPS)

Up to 180MHz

(>280 DMIPS)

Up to 3MB Flash

337 BGA144 QFP

Up to 3MB Flash

337 BGA144 QFP

Up to

sub-10$ to $30

$15 to $20

TMS470MF042x/031x

• Lockstep Floating Point CPUs with over• CPU & RAM BIST, RAM & Flash ECC, CRC• IEC 61508 & AEC Q100 Qualification • Dual 12-bit ADCs, FlexRay, MibSPI CAN, LIN,

NHET

High Performance Transportation Safety

Transportation & Gen Purpose Safety

Transportation & Gen Purpose Safety

• CPU & RAM BIST, RAM & Flash ECC, CRC • 10-bit ADC, MibSPI, CAN, LIN, UART, HET • AEC Q100 Qualification

TMS470MF066x

TMS570LS20x/10xT

MS

570

Cor

tex

TM

S47

0M

Cor

tex

™-M

3

Up to 160MHz

(>250 DMIPS)

80MHz(~100 DMIPS)

80MHz(~100 DMIPS)

Up to 2MB Flash

337 BGA144 QFP

640K Flash

100 QFP

Up to 448K Flash

100 QFP

• CPU & RAM BIST, RAM & Flash ECC, CRC • 10-bit ADC, MibSPI, CAN, LIN, UART, HET • AEC Q100 Qualification

$6

$4.60 - $5

sub-10$ to $16

Stability Control

Power Steering

TMS570LS202S• 2*R4F LS• 2MB, 160kB• 160MHz

TMS570LS31x• 2*R4F LS• 3MB, 256kB• 180MHz

RM48L9x• 2*R4F LS• 3MB, 256kB• 220MHz

RM48L5x• 2MB, 192kB

Safe Motor Control

Industrial Automation

Safe Connectivity

Medical

HerculesHercules ™™ Safety MCU RoadmapSafety MCU Roadmap

ETHERNET

QEP / PWM

Indu

stria

l &

Med

ical

Aut

omot

ive

& T

rans

port

atio

n

Production 4Q 2012

• More memory options

RM42x• 2*R4 LS• 384kB, 32kB• 100MHz

RM46x

ETHERNET

• 2*R4F LS• 1.25MB, 192kB• 220MHz

Production 3Q 2013

Production 3Q 2013

QEP

Steering

Vehicle Electrification

ABS

Power Steering

Passive Safety

CAN Communication

Lockstep CPUs

26262 ASIL-DSampling Development

TMS570LS102S• 1MB, 160kB

TMS470MF031S• 320kB, 16kB

TMS470MF066S• ARM® Cortex™-M3• 640kB, 48kB• 80MHz

TMS470MF042S• 448kB, 24kB

TMS570LS21x• 2MB, 192kB

61508 SIL3Production

ETHERNET

Aut

omot

ive

& T

rans

port

atio

n

Production/Sample Date

Production 4Q 2012

• Smaller memory options

• New peripherals• Lower cost

options• New peripherals

14

Hercules™ TMS570 Safety MCU Roadmap

Lockstep; IEC61508 SIL3

26262 support planned

Sampling

Future

Development

TMS570LS202S

TMS570LS31x• 2*R4F LS

• 3MB, 256kB

• 180MHz

TMS570 HIGH NEXT• Higher Performance• More Memory• New Peripherals

Production

Production 4Q 2012

ETHERNET

TMS570LS102S• 1MB, 160kB

TMS570LS202S• 2*R4F LS

• 2MB, 160kB

• 160MHz

TMS570LS21x• 2MB, 192kB

TMS570LS NEXT• More Memory

Options• New Peripherals

TMS570LS VALUE• Smaller Memory

Options• Lower Cost

15

Production 4Q 2012

High Performance Cortex -R4F floating -point CPU

Up to 220 MHz CPU Clock Speed Single / double

precision IEEE 754 floating-point

Fast MULT, DIV, and SQRT enables model-

based control; simplifies Floating point and integer instructions

ARM ® v7R Cortex TM ISA fully backward Compatible

to ARM7/9/11

Supports ARM, Thumb and Thumb-2 instructions

Lockstep CPUs: Single core programming

model – second core checks the first.

ARM®

Cortex ™-R4FARM®

Cortex ™-R4F

Superscalar, SIMD,8 stage pipeline delivers

1.6 DMIPS/MHz

algorithm implementation

8 region memory protection

integer instructions operate in parallel

• Over 350 DMIPS of performance• High performance floating point• ARM-based: broad industry adoption

Cortex ™-R4F220 MHz

Cortex ™-R4F220 MHz

16

Broad ARM IDE/CompilerSupport:

CCS, KIEL, IAR, etc…Scalable ARM Based

Solutions from TI:Stellaris, TMS470M,

TMS570 & Sitara

Hercules Cortex -R4F MCU safety features

Dual Core Lockstep -

ECC for flash / RAM / interconnect evaluated inside the Cortex R4F

Memory BIST on all RAMS allows fast

memory test at startup

CPU Self Test Controller requires little S/W overhead

On-Chip Clock and Voltage Monitoring

Logical / physical design optimized to reduce probability of

common cause failure

• Safe Island Hardware diagnostics (RED)

• Blended HW diagnostics (BLUE)

• Non Safety Critical Functions (BLACK)

PBIST/LBISTOSC PLL

POR

CRC RTI/DWWD

ESM

MemoryFlash

w/ ECC

RAM w/ ECC

Power, Clock, & Safety

Memory InterfaceJTAG Debug

Calibration

AR

M®

Cor

tex

™-

R4FARM®

Cortex ™-R4F

FlashEEPROM w/ ECC

Fail Safe DetectionDual Core Lockstep -Cycle by Cycle CPU Fail Safe Detection

Parity on all Peripheral, DMA and Interrupt controller

RAMS IO Loop Back, ADC Self Test, …

Error SignalingModule w/ External

Error Pin

Voltage Monitoring

Enhanced System Bus and Vectored Interrupt Module

DMA

Embedded TraceExternal Memory

JTAG Debug

Serial

Interfaces

Network

Interfaces

Dual

ADC

Cores

Dual

High-end

Timers

GIO

Fail Safe Detection

Parity or CRC in Serial and Network

Communication Peripherals

Dual ADC Cores with shared channels

17

Safety in hardware maximizes performance & speeds development

• Significantly reduce safety software overhead with integrated safety features

• Improve time to market • Spend less time developing complex

safety software• Spend less time proving your CPU

safety solution to auditors, leaving

CP

U U

sage

(%

)

Safety software

Up to 30%Headroom

safety solution to auditors, leaving more time to differentiate

• Safety manual • Complete guide to developing a safety

solution using a Hercules Safety MCU

CP

U U

sage

(%

)

Competitive MCU

Hercules™ MCU

App. software

App. software

Performance / Memory• Up to 180 MHz ARM Cortex-R4 w/ Floating Point• Up to 3MB Flash and 256KB Data SRAM• 64KB Data Flash (EEPROM Emulation) w/ ECC• 16 Channel DMAFeatures• Safety

• Dual CPU’s in Lockstep• CPU Logic Built in Self Test (LBIST)• Flash & RAM w/ ECC (w/ bus protection)• Memory Built-in Self Test (PBIST)• Cyclic redundancy checker module (CRC)• Peripheral RAMs protected by Parity

• Communication Networks• 10/100 EMAC (optional)• FlexRay (optional) with 8KB RAM and dedicated DMA

POROSC PLL

PBIST

LBIST RTI/DWWD

CRC

Memory3MB Flash

w/ ECC

Embedded Trace

256 KB RAM w/ ECC


Memory Interface

SDRAM EMIF JTAG Debug

Calibration

Targeted Applications� High End IEC61508 and ISO26262 Safety Applications� Chassis Domain Control� High End ESC

ARM®

Cortex ™-R4F

160MHz

ARM®

Cortex ™-R4F

Up to 180MHz

TMS570LS31x ARM® Cortex™-R4F Floating Point Microcontroller

64KB Data FlashEEPROM w/ ECC

Fail Safe Detection

• FlexRay (optional) with 8KB RAM and dedicated DMA• 3 CAN Interfaces (3x64 messages) • 3 Muti-Buffered SPI (128 buffers/6CS each) + 2 Std. SPI• 2 UART – one with LIN 2.1 support• 1 I2C

• Enhanced I/O Control2x High End Timer Coprocessor (NHET)

• Up to 40 pins plus 6 monitor channels • All pins can be used as Hi-Res PWM or Input Capture• Dedicated DMA for HET

2 x12-bit Muti-Buffered ADC • 24 total input channels (8 shared) • Continuous Conversion Mode• Calibration and Self Test

16 GIO w/ External Interrupt Capability


DMA

Packages: LQFP: 144pin -20x20; nfBGA: 337 pin-16x16, 0.8mm; -40 to 125°C Temperature Range

Timers / IO

MibSPI1

128 Buffers; 6 CS

Serial I/F Network I/F

10/100 EMAC

ADC

MibADC1

64 Buffers

12-bit, 16ch

(8ch shared)

GIOB/INTB (8)

3x CAN (64mb) MibADC2

64 Buffers

12-bit, 16ch

(8ch shared)

2x UART (LIN1)

2x High End

Timer

(NHET)

160 words

MibSPI3

128 Buffers; 6 CS

GIOA/INTA (8)

I2C

SPI2 (2CS)

SPI4 (1CS)

MibSPIP5

128 Buffers; 6 CS

2 ch FlexRay

8K Message RAM

19

Note :Above reflects max configuration of each module – some functions are multiplexed.

Performance / Memory• Up to 220 MHz ARM Cortex-R4 w/ Floating Point• Up to 3MB Flash and 256KB Data SRAM• 16 Channel DMAFeatures• Safety

• Dual CPU’s in Lockstep• CPU Logic Built in Self Test (LBIST)

• Flash & RAM w/ ECC• Memory Built-in Self Test (PBIST)

• Cyclic redundancy checker module (CRC)

• Peripheral RAMs protected by Parity• Communication Networks

• 10/100 EMAC • USB: Host and Device

Fail Safe Detection

RM48x

POROSC PLL

PBIST

LBIST RTI/DWWD

CRC


Memory Interface

SDR / ASYNC EMIF

Targeted Applications� Industrial Safety and Control� Critical Care Medical

ARM®

Cortex ™-R4F

160MHz

ARM®

Cortex ™-R4F

Up to 220 MHz

RM48x Block DiagramDual Core Lockstep ARM Cortex-R4F w/ Floating Point

Memory3MB Flash

w/ ECC

Calibration & Trace

256 KB RAM w/ ECC

JTAG Debug


Memory Protection

20

• USB: Host and Device• 3 CAN Interfaces• 3 Muti-Buffered SPI s+ 2 Std. SPIs• 2 UARTs• 1 I2C

• Enhanced I/O Control2x High End Timer Coprocessor (NHET)

• Up to 40 pins plus 6 monitor channels • All pins can be used as Hi-Res PWM or Input Capture• Dedicated DMA for HET

2 x12-bit Muti-Buffered ADC • 24 total input channels• Continuous Conversion Mode• Calibration and Self Test

16 Dedicated GIO pins• All pins are External Interrupt Capable


DMA

Packages: LQFP: 144pin -20x20; nfBGA: 337 pin-16x16, 0.8mm; -40 to 105°C Temperature Range

Timers / IO

MibSPI1

128 Buffers; 6 CS

Serial I/F Network I/F

10/100 EMAC

ADC

MibADC1

64 Buffers

12-bit, 24ch

(16ch shared)

GIOB/INTB (8)

3x CAN (64mbx) MibADC2

64 Buffers

12-bit, 16ch

(16ch shared)

2x UART (LIN1)

2x High End

Timer

(NHET)

160 words

NHET1 - 32 ch

NHET2 – 14 ch

MibSPI3

128 Buffers; 6 CS

GIOA/INTA (8)

I2C

SPI2 (2CS)

SPI4 (1CS)

MibSPIP5

128 Buffers; 6 CS

USB 1.1

Host & Device


DMA


Performance / Memory• Up to 220 MHz ARM Cortex-R4F w/ Floating Point • Up to 1.25MB Flash and 192KB Data SRAM• Dedicated 64KB Data Flash (EEPROM Emulation)• 16 Channel DMAFeatures• Safety

• Dual CPUs in Lockstep• CPU Logic Built in Self Test (LBIST)• Up to 12 CPU MPU regions• Flash & RAM w/ ECC (w/ bus protection)• Memory Built-in Self Test (PBIST)• Cyclic redundancy checker module (CRC)• Peripheral RAMs protected by Parity

• Communication Networks

POROSC PLL

PBIST

LBIST RTI/DWWD

CRC


DMA

Memory1.25MB Flash

w/ ECC

192KB RAM w/ ECC


Memory Interface

SDRAM EMIF JTAG Debug

Calibration

Targeted Applications� General IEC61508 Safety Applications � Industrial, Medical, Energy


Fail Safe Detection

ARM®

Cortex ™-R4F

160MHz

ARM®

Cortex ™-R4F

Up to 220MHz

RM46x Block DiagramDual Core Lockstep ARM Cortex-R4F w/ Floating Point

• Communication Networks• 10/100 Ethernet MAC w. MII/RMII, MDIO Option*• USB 2.0 Full Speed: Host and Device Option *• 3 CAN Interfaces• 5 SPI (3 Multi-Buffered)• 2 UART, 1 I2C

• Enhanced I/O Control2x High End Timer Coprocessor (N2HET) w/DMA

• Up to 40 pins plus 6 monitor channels • All pins can be used as Hi-Res PWM or Input Capture

Motor Control Timers• 7x eTPWM (14 ch), 6x eCAP, 2x eQEP

2 x12-bit Multi-Buffered ADC• 24 total input channels (16 shared) • Calibration and Self Test

Up to 101 GPIO pins (16 dedicated)


Packages: LQFP: 144pin -20x20; nfBGA: 337 pin-16x16, 0.8mm; -40 to 105 C Temperature Range

Timers / IO

MibSPI1

128 Buffers; 6 CS

Serial I/F Network I/F ADC

MibADC1

64 Buffers

12-bit, 24ch

(16ch shared)

eTPWM (14ch)CAN3 (64mb)

MibADC2

64 Buffers

12-bit, 16ch

(16ch shared)

2x UART (LIN1)

2x High End Timer

(N2HET)

160 wordsMibSPI3

128 Buffers; 6 CS

GIOA/INT(16)

I2CSPI2 (2CS)

SPI4 (1CS)

MibSPIP5

128 Buffers; 6 CS

USB *

Host & Device

CAN1 (64mb)

CAN2 (64mb)

eCAP (x6)

eQEP (x2)

10/100 EMAC*


Performance / Memory• 100 MHz ARM Cortex-R4 • 384KB Flash and 32kB Data SRAM • Dedicated 16kB EEPROM Emulation Flash (4x4k)

Features• Safety

• Dual CPU in Lockstep• CPU Logic Built in Self Test (LBIST)• Up to 12 CPU MPU regions• Flash & RAM w/ ECC (w/ bus protection)• Memory Built-in Self Test (PBIST)• Cyclic redundancy checker module (CRC);• Peripheral RAMs protected by Parity

POROSC PLL

PBIST

LBIST RTI

CRC

Memory

384 KB Flash w/ ECC

32 KB RAM w/ ECC


Memory Protection

JTAG Debug

RM42x Block DiagramDual Core Lockstep ARM Cortex-R4 Microcontroller

16KB emuE2 PROM

Targeted Applications� General IEC61508 Safety Applications � Industrial, Medical, Energy

Fail Safe Detection

RM42x

ARM®

Cortex ™-R4F

160MHz

ARM®

Cortex ™-R4

100 MHz

• Peripheral RAMs protected by Parity• Communication Networks

• 2 CAN Interfaces • 3 SPI (1 Multi-Buffered)• 1 UART

• Enhanced I/O ControlHigh End Timer Coprocessor (NHET)

• Up to 19 channels12-bit Multi-Buffered ADC (3.3V)

• 16 total input channels • Continuous Conversion Mode• Calibration and Self Test

Motor Control Timers• 2x eQEP

Up to 45 GPIO pins (8 dedicated)


JTAG Debug

Timers

MibSPI1128 Buffers (4CS)

Serial I/F Network I/F ADC / IO

MibADC

64 Buffers

12-bit, 16ch

CAN1 (32mbx) High End Timer

128 words

up to 19ch

1x SCI/UART2 x SPI (1CS)

GIOA/INTA (8)

CAN2 (16mbx)

Package: LQFP: 100pin (14 x 14mm)-40 to 105°C Temperature Range

eQEP (x2)

Detection

1oo1D Dual Core Safety Concept

• Unique design to reduce common cause failures (βIC)

– Second CPU mirrored and rotated

– Minimum distance 100µm between CPUs

– Cycle delayed lockstep– Guard ring per CPU– Duplicated clock tree per CPU

Output + Control

Dedicated Power Ring

Cycle DelayCCM

CompareError

SelfTest

23

• CPU Compare Module– Self-test capability– Self-test error injection/error

forcing– Output error injection Cycle Delay

> 100um

Input + Control

1oo1D Dual Core Lockstep Advantages• Advantages of lockstep CPUs vs. software and multi- core based

solutions– Faster fault detection. Enables safety in systems with tight control loop

timing.

– Better fault coverage . Hard, transient, and AC fault types can be detected.

– Little to no performance impact. Full CPU performance available for

application tasks rather than CPU diagnostics. application tasks rather than CPU diagnostics.

– Minimal memory impact . Flash and SRAM used for application rather than

CPU diagnostics.

– Easy integration. Improve time to market without need to integrate complex

software.

– Proven, easy to justify diagnostic coverage. Spend less time proving

your CPU safety solution to auditors leaving more time to develop your

application.

24

Flash / RAM ECC Protection

Cortex-R4F

Flash RAM

4 ECC Bits32 Data Bits

32 Data Bits

64 Inst.

8 ECC

ECC Logic

8 Stage Pipeline

Error

64 Data

8 ECC

25

• ECC evaluated in the Cortex R4F CPU– Single Bit Error Correction and Double Bit Error Detection– ECC evaluated in parallel to processing data/instructions– No latency or performance impact– Protects Busses from CPU to Flash and RAM

32 Data Bits4 ECC Bits

Error Signaling Module (ESM)

ESM

Errors for Group 1To Interrupt

ManagerINTEN INTLVL

Low Level InterruptHandling

High Level InterruptHandling

26

Errors for Group 2

Errors for Group 3

LOW TIME COUNTER PRELOAD

LOW TIME COUNTER

nERROR pin

ERRORSIGNAL

CONTROL

Clock Monitoring• External clock prescaler (ECLK)

• Allows external monitoring of CPU clock frequency• Configurable pin (GIO or ECLK)

• Oscillator monitor• Detects failure if oscillator frequency exceeds defined min/max thresholds• Selectable hardware response on oscillator fail

– Reset device– Switch to internal ‘low power oscillator’ (LPO) clock source

• FMzPLL slip detector• Indicates PLL slip if phase lock is lost• Indicates PLL slip if phase lock is lost• Selectable hardware response on PLL slip

– Reset device– Switch to internal ‘low power oscillator’ (LPO) clock source – Switch to external oscillator clock source

PLLMUL

Bypass on Slip

Input fromOscillator

FMzPLL

BPOS

Slip Detector

Reset on Slip

To Device Reset

CLK Signal toCLK Control Module

LPO

BPOS

ROS

27

Voltage Monitor

• Supply Voltage Monitor (VMON)

– Holds reset until core and I/O rails in expected range (removes power sequencing requirements)

– Asserts reset if core or I/O supply exceeds defined min/max thresholds

– Asserts reset when core supply is below specified min voltage and

28

– Asserts reset when core supply is below specified min voltage and asynchronously sets all I/O pins to high impedance mode

Dual Analog to Digital Converters• Dual12-bit ADC Cores:

– Analog channels shared between the 2 cores for safety critical conversions/comparison (1oo2 safety redundancy)

– Internal ADC reference voltages can be used to check converter functionality.

VccAD

VssAD

To P

eripheral Bus

AD1EVT

AD1IN[7..0]MibADC1

ADSIN[15..8]

Self-Test & Calibration

29

functionality.

– Self Test Mode enables in application detection of opens/shorts on ADC inputs

– ADC calibration logic can improve accuracy or be used to detect drift between multiple test results.

VssADVrefHi

VrefLo

To P

eripheral BusAD2EVT

AD2IN[7..0]MibADC2

Self-Test & Calibration

NHET: High End Timer Co -Processor

Hostinterface

Address/Data Bus

TimerRAM

Instruction Register

Address Register

Program RAM Control RAM Data RAM

CPU wait control

Shadow registers Prescaler

Global & prescale control register

Dedicated DMA (HTU) from NHET to Data Ram

User Programmable128 word instruction

RAM with Parity

32 I/O pins for complex or typical timing

functions - capture, compare, PWM, GPIO

Timer/Counter Functions• Frequency Modulated Output • Pulse width count • Time stamp • Event counter • Pulse accumulator

Pulse Width Modulation• Single, multi channel PWMs• PWM with duty cycle update• PWM with sync/async update• Phase shift PWM's • Symmetrical & asymmetrical PWM

with deadband

32 I/O Channels

ExecutionUnit

Input/Output

Unit

Compare

32 bit ALU

Register A, B, TAddress Register

Interrupt Control

Operation Control

I/O ControlRegisterSynchronizers

32 High Resolution Channels

Conditional program execution based on pin

conditions and compares

Multiple 25-bit virtual counters for timers, event counters, and

angle counters

Special Functions• SPI Emulation • TFT Display Timing

Freq / Pulse Measurements• Pulse and period

measurement (same channel) • Quadrature Decoding

• Pulse accumulator• Multi-resolution scheme

• Frees CPU MHz• Supports typical/complex functions• Simplified development environment

• 12bit resolution SAR in each MibADC. Absolute accuracy 0.1%

• Sample rate: 1.67 Mega-samples/second

(x 2 using 2 MibADCs)

• 24 total channels (MibADC1=8, MibADC2=8, Shared=8)

• 64 result FIFO Buffer RAM with Parity protection on each MibADC

• Continuous multi-channel or single-channel

MibADCMulti-Buffered ADC

16-1

Inpu

t Mux

Self-Test & Calibration Cell

12-bitSuccessive

ApproximationADC

Con

trol

S

igna

lsv

VC

CA

D

VS

SA

D

AD

RE

FH

I

AD

RE

FLO

ADINx

Features

• Continuous multi-channel or single-channel conversion modes

• Three conversion groups w/ programmable

sample times

• DMA capability from FIFO Buffer to Data RAM

• Power-down mode to conserve power consumption

• Embedded self-test & calibration for diagnostics

Sequencer & ADC Result’s Memory Interface Controller

Peripheral Bus Interface

ADCResultsMemory

FIFO

Con

trol

S

igna

lsv

End of Conv 12-bit Result

Peripheral Bus

ADIN0

31

TMDX570LS20SMDK ($695) - Full Featured TMS570 Devel opment Kit• Separate CPU Card and IO Card

TMS570 Evaluation and Development Kit OverviewD

evel

opm

ent $695

$79

Eva

luat

ion

TMDX570LS20SUSB ($79) – Low Cost TMS570 Evaluation K it• USB Powered• On Board USB XDS100v2 JTAG Debug • On Board SCI to PC Serial Communication• Access to Select Signal Pin Test Points• LEDs, Temp Sensor, Light Sensor and CAN transceiver• QFP Packaged MCU

• Separate CPU Card and IO Card• On Board USB XDS100v2 JTAG Debug • External high speed emulation via JTAG• TRACE pads for ETM/RTP/DMM• FlexRay/CAN/LIN Transceivers• Color Touch Screen TFT• LEDs, Temp Sensor, Light Sensor • BGA Packaged MCU

Software Included in Each Kit:• CCStudio v4.x IDE: C/C++ Compiler/Linker/Debugger• HALCoGen Peripheral Driver Generation Tool• CCS and nowFlash TM Flash Programming Tools• HET GUI/Simulator/Assembler• Demo Project/Code Examples

Dev

elop

men

t

32

TMDXRM48HDK ($199) - Full Featured RM48 Development Kit• On Board USB XDS100v2 JTAG Debug • External high speed emulation via JTAG

Hercules TM Development KitsRM48 Evaluation and Development

Dev

elop

men

tE

valu

atio

n

TMDXRM48USB ($79) – Low Cost RM48 Evaluation Kit• USB Powered• On Board USB XDS100v2 JTAG Debug • On Board SCI to PC Serial Communication• Access to Select Signal Pin Test Points• LEDs, Temp Sensor & Light Sensor• Accelerometer • CAN transceiver

$79

$199

33

• External high speed emulation via JTAG• TRACE pads for ETM/RTP/DMM• LEDs, Temp Sensor & Light Sensor• CAN Transceivers • RJ45 10/100 Ethernet Interface• USB-A Host Interface• USB-B Device Interface

Software Included in Each Kit:• CCStudio v4.x IDE: C/C++ Compiler/Linker/Debugger• nowGen Peripheral Driver Generation Tool• CCS and nowFlash Flash Programming Tools• HET GUI/Simulator/Assembler• GUI Demo with Project/Code Examples

Dev

elop

men

t

$199

33

RTOS SupportIDEs (compilers & debuggers)

Hercules TM Software Tools

nowGenSafety MCU Demos

GUI-based Code Generation Tools and Other SW Tools

Program/debug code using these IDEs:• Code Composer Studio• IAR Workbench • KEIL µVision

Real Time Operating System Support:• SAFERTOS: High Integrity Systems• µC/OS: Micrium• ThreadX: Express Logic:(planned)

34

• User Input on High Abstraction Level• Graphical-based code generation• Easy configuration• Quick start for new projects • Supports CCS, IAR & KEIL IDEs

PLL CalculatorsEasily configure the FMzPLL and FPLLs in the Hercules platform Phase Lock Loop modules.

HET IDE• Graphical Programming Environment• Output Simulation Tool• Generates CCS-ready software modules• Includes functional examples from TI

Safety MCU Demos• Safety Feature Highlight• Ambient Light & Temperature Demo• LED Light Show• Maze Game• Source Code Viewable via CCS

now Flash Flash Programming ToolGUI and command line programmer for loading code into Hercules devices without an IDE.

now ECC ECC Generation ToolCommand line program for generating Error Correction Code for Hercules devices. Can be used in conjunction with CCSv4