Mouser Left Banner
Mouser Left Banner
Mouser Left Banner
Mouser Left Banner
Mouser Left Banner
Mouser Left Banner
More

    Cortex-M55: Functional Safety ready and fuelling the next generation of automotive microcontrollers

    The automotive industry is entering a huge technological shift. Electrification is rapidly being introduced as the industry looks to adopt sustainable energy solutions. Autonomous driving is forecast to save countless lives and reduce the number of incidents on the road. Car makers are looking to deliver improvements and new experiences to customers after the vehicle has left the forecourt through future software-defined vehicles (SDVs).

    All these automotive trends have one thing in common; they require robust, safe systems to be successful. The goal for everyone in the automotive supply chain, including Arm, is to build systems that are suitably safe for the next generation of vehicles.

    The Arm Cortex-M family is widely used as the primary core in automotive microcontrollers (MCUs), and as a companion core in many automotive system-on-chip (SoC) designs. These cores have a multitude of safety features that partners can utilize to achieve their safety goals in an efficient way. Recently Cortex-M55 joined the long list of safety-assessed processors. This provides our partners with an additional level of assurance that our market-leading product has been developed to the highest safety standards.

    Standards make the wheels go round

    Automotive and industrial segments rely on functional safety standards to deploy safety-relevant components into end products. The Arm safety-ready strategy is geared towards providing comprehensive artifacts based on the ISO 26262 and IEC 61508 standards. These provide key frameworks, requirements, and guidelines for the development of safety-critical systems. The standards also provide varied ASIL/ SIL levels based on a risk assessment analysis, with specific target metrics that need to be achieved for compliance.

    To enable best-in-class solutions in the automotive sector, Arm provides up to ASIL D systematic capability on safety-relevant products, as well as ASIL B/D diagnostic capability based on specific configurations.

    Duplicate to diagnose

    ASIL D represents the highest level of potential risk and requires the most stringent approach to managing faults. For example, braking systems, battery management systems, onboard charging in electric vehicles (EVs), and airbag systems are classed as ASIL D, as faults in these systems can have grave consequences.

    One approach for achieving this high level of integrity is redundancy, with this approach generally accepted as the most effective route to ASIL D. If a system can perform a task and be checked for correctness against another identical system completing the exact same task, this provides confidence that the system is behaving as expected. Should the result differ, there has been an error in one of the systems. Therefore, an approach can be taken to deal with that error, such as restarting the system or re-performing the task.

    For applications that require ASIL D, having a CPU core with this capability means you can bake in safety from the lowest level with ease. Cortex-M55 provides a configurable option to implement dual-core lockstep (DCLS), which designs in another copy of the core. A feature is an effective approach to creating the fault detection necessary to achieve the ASIL D hardware metrics at the core level. This means partners can focus on safety at the system level.

     ASIL D diagram

    Cortex-M55 has been assessed with Exida for ASIL D Systematic and Diagnostic faults in a DCLS configuration. Arm partners can integrate this into their system-level assessment, which enables them to achieve up to ASIL D in their designs with greater confidence. This means automotive designs can be achieved at a quicker pace, reducing the time to market, and enabling car makers to safely deploy vehicles on the road.

    Jacking up area efficiency for lower ASILs

    ASIL B systems have a lower level of risk, but still need to have the mechanisms in place to ensure that various faults are dealt with. For example, applications like body control, lighting and engine control functions, if faulty, increase the probability of a hazard occurring.

    DCLS is one approach chip integrators can take to achieve ASIL B, but if you duplicate the cores, you also duplicate power and area. These are vital design parameters, so while the cost is generally accepted for ASIL D, what if DCLS breaches the area constraints for an ASIL B level design? This is where several mechanisms, when combined, could be a more cost-effective approach.

    To help partners achieve ASIL B metrics and enable their users to achieve their safety goals, Cortex-M55 has a variety of features that do not require the full replication of the cores. These are:

    • Transient Fault protection (TFP): ISO26262 requires that transient faults be considered and, depending on the application, may need to be addressed as part of the design. Periodic testing cannot catch them all because by their nature they come and go, so another approach is needed. TFP provides a mechanism that detects transient faults and gives an error when one is detected.
    • Tightly Coupled Memories (TCM) & Cache Error Correction Code (ECC): ECC provides an efficient way of detecting faults in the memory. By using a compressed error code to check the validity of the data, it enables single-bit errors to be corrected.
    • MBIST (Memory Built In Self Test) Controller: Memories can be a larger part of a system or component design. The MBIST controller supports memory testing during chip production testing and can work with an optional PMC-100 Online MBIST controller to allow effective testing of memories and the ECC logic during the runtime of the application.
    • Software Test Libraries (STL) (still in development): STLs provide a way of testing the functional logic of the processor, allowing for the detection of faults during run-time. Importantly, these tests can be run in short bursts at defined times, minimising the impact on application performance.

    Cortex-M55 block diagram

    In addition to STLs, Cortex-M55 has more safety features that can benefit both dual-core and single-core configurations:

    • Interface protection: When designing a system, the core is not the only component. Bus interface protection gives system designers a way to protect beyond the processor boundary.
    • Memory Protection Unit (MPU): Errors can occur when tasks running on an MCU request data from an area that is not appropriate for that task. The MPU allows spatial partitioning of memory for specific tasks and can be programmed to generate faults when regions are accessed inappropriately.

    Depending on the application, one or more of these features will be suitable and could be combined with system-level functional safety features to meet the ASIL B metric requirements. The beauty of the Arm Cortex-M family is the flexibility, so partners can choose features to turn on and off in their designs. All the functional safety features are optional, providing choices to partners on how they approach their safety goals to meet the needs of car makers.

    Safe automotive vehicles built on Arm

    From high-performance to power-efficient CPU cores, safety is fundamental to automotive applications. Our commitment to power-efficient functional safety features is shown throughout our Cortex-M family. By achieving the formal, industry-recognized certification of Cortex-M55, we will give our partners and the wider industry even more confidence to move forward with their designs, products, and applications built on Arm. This is yet another important milestone in the journey towards automotive vehicles, now and in the future, on Arm.

    Courtesy: Arm

    ELE Times Bureau
    ELE Times Bureauhttps://www.eletimes.com
    ELE Times provides a comprehensive global coverage of Electronics, Technology and the Market. In addition to providing in depth articles, ELE Times attracts the industry’s largest, qualified and highly engaged audiences, who appreciate our timely, relevant content and popular formats. ELE Times helps you build awareness, drive traffic, communicate your offerings to right audience, generate leads and sell your products better.

    Technology Articles

    Popular Posts

    Latest News

    Must Read

    ELE Times Top 10