SFFS983 August   2025 MSPM0G1518 , MSPM0G1519 , MSPM0G3518 , MSPM0G3519

 

  1.   1
  2. 1Introduction
    1.     Trademarks
  3. 2 MSPM0Gx51x Hardware Component Functional Safety Capability
  4. 3Development Process for Management of Systematic Faults
    1. 3.1 TI New-Product Development Process
    2. 3.2 TI Functional Safety Development Process
  5. 4 MSPM0Gx51x Component Overview
    1. 4.1 Targeted Applications
    2. 4.2 Hardware Component Functional Safety Concept
    3. 4.3 Functional Safety Constraints and Assumptions
  6. 5Description of Hardware Component Parts
    1. 5.1  ADC
    2. 5.2  Comparator
    3. 5.3  DAC
    4. 5.4  CPU
    5. 5.5  RAM
    6. 5.6  FLASH
    7. 5.7  GPIO
    8. 5.8  DMA
    9. 5.9  SPI
    10. 5.10 I2C
    11. 5.11 UART
    12. 5.12 Timers (TIMx)
    13. 5.13 Power Management Unit (PMU)
    14. 5.14 Clock Module (CKM)
    15. 5.15 CAN-FD
    16. 5.16 Events
    17. 5.17 IOMUX
    18. 5.18 VREF
    19. 5.19 WWDT and IWDT
    20. 5.20 CRC
  7. 6 MSPM0Gx51x Management of Random Faults
    1. 6.1 Fault Reporting
    2. 6.2 Functional Safety Mechanism Categories
    3. 6.3 Description of Functional Safety Mechanisms
      1. 6.3.1  ADC1, COMP1, DAC1, DMA1, GPIO2, TIM2, I2C2, IOMUX1, SPI2, UART2, SYSCTL5, MCAN3, CPU4, CRC1, EVENT1, REF1, WDT1: Periodic Read of Static Configuration Registers
      2. 6.3.2  ADC2: Software Test of Functionality
      3. 6.3.3  ADC3: ADC Trigger Overflow Check
      4. 6.3.4  ADC4: Window Comparator
      5. 6.3.5  ADC5: Test of Window Comparator
      6. 6.3.6  ADC6: ADC Trigger, Output Plausibility Checks
      7. 6.3.7  COMP2: Software Test of Comparator Using Internal DAC
      8. 6.3.8  COMP3: External Pin Input to COMP
      9. 6.3.9  COMP4: Comparator Hysteresis
      10. 6.3.10 COMP5: Redundant Comparator
      11. 6.3.11 WDT: Windowed Watchdog Timer
      12. 6.3.12 WDT2: WWDT Counter Check
      13. 6.3.13 WDT3: WWDT Software Test
      14. 6.3.14 WDT4: Redundant WDT
      15. 6.3.15 REF2: VREF to ADC Reference Input
      16. 6.3.16 CPU1: CPU Test Using Software Test Library
      17. 6.3.17 CPU2: Software Test of CPU Data Buses
      18. 6.3.18 CPU3: Software Diversified Redundancy
      19. 6.3.19 SYSMEM1: Software Read of Memory, DMA Write
      20. 6.3.20 SYSMEM2: DMA Read from SRAM, CPU Write
      21. 6.3.21 SYSMEM3: Parity Logic Test
      22. 6.3.22 SYSMEM4: Parity Protection on SRAM
      23. 6.3.23 SYSMEM7: ECC Protection on SRAM
      24. 6.3.24 SYSMEM8: ECC Logic Test
      25. 6.3.25 SYSMEM9: RAM Software Test
      26. 6.3.26 FLASH1: FLASH Single Error Correction, Double Error Detection Mechanism
      27. 6.3.27 FLASH2: Flash CRC
      28. 6.3.28 FXBAR2: Periodic Software Read Back of Flash Data
      29. 6.3.29 FXBAR3: Software Test of ECC Checker Logic
      30. 6.3.30 FXBAR4: Write Protection of Flash
      31. 6.3.31 DAC2: DAC Test Using Internal ADC as DAC Output Checker
      32. 6.3.32 DAC3: DAC FIFO Underrun Interrupt
      33. 6.3.33 DMA2: Software Test of DMA Function
      34. 6.3.34 DMA3: Software DMA Channel Test
      35. 6.3.35 DMA4: CRC Check of the Transferred Data
      36. 6.3.36 GPIO1: GPIO Test Using Pin I/O Loopback
      37. 6.3.37 GPIO3: GPIO Multiple (Redundant) Inputs/Outputs
      38. 6.3.38 TIM1: Test for PWM Generation
      39. 6.3.39 TIM3: Test for Fault Generation
      40. 6.3.40 TIM4: Fault Detection to Take the PWMs to Safe State
      41. 6.3.41 TIM5: Input Capture on Two or More Timer Instances
      42. 6.3.42 TIM6: Timer Period Monitoring
      43. 6.3.43 I2C1: Software Test of I2C Function Using Internal Loopback Mechanism
      44. 6.3.44 I2C3, SPI4, UART3, MCAN2: Information Redundancy Techniques Including End-to-End Safing
      45. 6.3.45 I2C4, SPI5, UART4: Transmission Redundancy
      46. 6.3.46 I2C5, UART5: Timeout Monitoring
      47. 6.3.47 I2C6: Test of CRC Function
      48. 6.3.48 I2C7: Packet Error Check in SMBUS Mode
      49. 6.3.49 IOMUX2: IOMUX Coverage as Part of Other IP Safety Mechanisms
      50. 6.3.50 SPI1: Software Test of SPI Function
      51. 6.3.51 SPI3: SPI Periodic Safety Message Exchange
      52. 6.3.52 UART1: Software Test of UART Function
      53. 6.3.53 UART6: UART Error Flags
      54. 6.3.54 UART7: UART Glitch filter
      55. 6.3.55 SYSCTL1: MCLK Monitor
      56. 6.3.56 SYSCTL2: HFCLK Start-Up Monitor
      57. 6.3.57 SYSCTL3: LFCLK Monitor
      58. 6.3.58 SYSCTL6: SYSPLL Start-Up Monitor
      59. 6.3.59 SYSCTL8: Brownout Reset (BOR) Supervisor
      60. 6.3.60 SYSCTL9: FCC Counter Logic to Calculate Clock Frequencies
      61. 6.3.61 SYSCTL10: External Voltage Monitor
      62. 6.3.62 SYSCTL11: Boot Process Monitor
      63. 6.3.63 SYSCTL14: Brownout Voltage Monitor
      64. 6.3.64 SYSCTL15: External Voltage Monitor
      65. 6.3.65 SYSCTL16: External Watchdog Timer
      66. 6.3.66 MCAN1: Software test of function using I/O Loopback
      67. 6.3.67 MCAN4: SRAM ECC
      68. 6.3.68 MCAN5: Software Test of ECC Check Logic
      69. 6.3.69 MCAN6: MCAN Timeout Function
      70. 6.3.70 MCAN7: MCAN Timestamp Function
      71. 6.3.71 CRC: CRC Checker
      72. 6.3.72 EVENT2: Interrupt Connectivity Check
      73. 6.3.73 Safety Mechanisms Covering PIN Failures
      74. 6.3.74 Safety Mechanisms Covering Common Cause Failures
  8.   A Summary of Recommended Functional Safety Mechanism Usage
  9.   B Distributed Developments
    1.     B.1 How the Functional Safety Lifecycle Applies to TI Functional Safety Products
    2.     B.2 Activities Performed by Texas Instruments
    3.     B.3 Information Provided
  10.   C Revision History

1 Introduction

This document is a Functional Safety Manual for the Texas Instruments MSPM0Gx51x component. The specific orderable part numbers supported by this functional safety manual are as follows:

  • MSPM0G3518-Q1 (Orderable Part Numbers: M0G3518QPMRQ, M0G3518QPNRQ, M0G3518QPTRQ, M0G3518QPZRQ, M0G3518QRGZRQ, M0G3518QRHBRQ)
  • MSPM0G3519-Q1 (Orderable Part Numbers: M0G3519QPMRQ, M0G3519QPNRQ, M0G3519QPTRQ, M0G3519QPZRQ, M0G3519QRGZRQ)

This functional safety manual provides information needed by system developers to help in the creation of a functional safety system using a MSPM0Gx51x component. This document includes:

  • An overview of the component architecture
  • An overview of the development process used to decrease the probability of systematic failures
  • An overview of the functional safety architecture for management of random failures
  • The details of architecture partitions and implemented functional safety mechanisms

The following information is documented in the MSPM0Gx51x Functional Safety Analysis Report and is not repeated in this document:

  • Summary of failure in time (FIT) rates of the component
  • Summary of functional safety metrics of the hardware component for targeted standards (for example IEC-61508, ISO-26262)
  • Quantitative functional safety analysis (also known as FMEDA, Failure Modes, Effects, and Diagnostics Analysis) with detail of the different parts of the component, allowing for customized application of functional safety mechanisms
  • Assumptions used in the calculation of functional safety metrics

The following information is documented in the Functional Safety Report and is not repeated in this document:

  • Results of assessments of compliance to targeted standards

The user of this document needs a general familiarity with the MSPM0Gx51x component. For more information, refer to the MSPM0G351x-Q1 data sheets. This document is intended to be used in conjunction with the pertinent data sheets, technical reference manuals, and other component documentation.

For information that is beyond the scope of the listed deliverables, contact your TI sales representative or go to TI Functional Safety.