Implementing High Diagnostic Coverage for SIL 3 Systems on a Standard Microcontroller

Beyond the limitation of 99 % diagnostic coverage

Martin Schrape

Keywords: Architecture, Diagnostic coverage, IEC 61508, Microcontroler, Memory, Certification, Safe-T-Core

This article is available in: English. Please login to request translation.

Abstract:

Functional safety, as defined by the IEC 61508 standard, introduces the concepts of safe failure fraction (SFF) and hardware fault tolerance (HFT). For single channel architectures using a microcontroller the maximum safety integrity level is limited to SIL 2. The Safe-T-Core concept presented in this paper abolishes this limitation. The detailed understanding of internal structures and failure mechanism only available for the microcontroller manufacturer results in a library of software tests, which are highly efficient, can run in the background and implements a diagnostic coverage of >99%. The Safe-T-Core software enables a smart integration of functional safety requirements into industrial and automotive embedded control systems. © 2009 Inside Publishing. All Rights Reserved.

Volume: 2009 Issue: 1

EUR 3.34

(Pages: 7, Words: 1855)

Readers of this article also bought

EUR 9.66

Certification, Proven In Use, And Reliability Data

Michel Houtermans

EUR 7.28

Determination of the Safety Integrity Level for a Safety Instrumented Function

Ian Hitchen

EUR 7.04

Handling Documentation Requirements in the Functional Safety Industry

Roberto Eduardo Varela

Articles by keywords

2oo4d accident accidents accumulative risk alarm annunciator alarp ansi/isa s.84 architecture audit automatic code generation automatic documentation availability bpcs burner management system caex certification common cause common cause failures communication compliance component failure analysis consequence matrix content management control cost-benefit analysis cots demand mode diagnostic coverage diagnostics digital valve controller documentation emergency shutdown system en 50402 en/iec 60079–29–1 failure incident fieldbus fire and gas fired equipment foundation sif full stroke functional modules functional safety gas detection gas sensors gas turbine global risk hardware hazard and operability analysis hazard and operability study hazop heterogeneous iec 61131 iec 61131-3 iec 61508 iec 61511 iec 62061 iec 61508 incident investigation independent protection layer knowledge-based system layer of protection layer of protection analysis life cycle lock-up valve lopa management management of change markov memory metrological standards microcontroler mttfs nfpa 72 online changes operator overspeed protection p&id flowchart paag partial stroke partial stroke testing pha prior use proof testing proven in use quality data redundancy reliability reliability data reliability engineering reliability program requirements definition review risk graphs risk reduction risk reduction factor rule-based system safe-t-core safeguard safety safety instrumented function safety instrumented system safety integrity level safety lifecycle sensor poisoning sif signature test sil determination methods sil-capability sil verification silstroke sis sis design software solenoid valves spurious trip standardisation state transition modelling sulphur recovery test bench thermal burner tolerable risk training tridefine type testing valve testing valves