12.4.7.5.1 Catastrophic Fault Injection
Catastrophic Fault injection is used to confirm that the module is capable of detecting the condition where the monitored clock completely ceases to toggle, also known as catastrophic failure, as discussed earlier.
When the artificial catastrophic Fault is injected into the module, the module’s counter no longer gets clocked by the selected monitored clock. It is internally driven to ground via hardware. As a result, the counter is unable to continue accumulating, and the current count value stalls inside the counter when the function is invoked. Without a valid clock edge, the counter is unable to transfer its accumulated count into the Data Buffer register at the end of the accumulation time window.
Catastrophic Fault injection can be activated by setting FLTINJ[1:0] to 2’b11 at an arbitrary point, subject to LOCK/WREN.
The module’s response to catastrophic Fault injection:
- Clock failure interrupt output based on fail threshold limit and catastrophic failures invoked
- ON bit is NOT cleared
- Clock Fail Event signal is NOT provided for the system
- FLTINJ[1:0] bits are not self-cleared by hardware. They maintain their programmed value until cleared by software to assist the ISR handler with its discovery process.
- A persisting real Fault is detected in the following accumulation cycle regardless of FLTINJ[1:0] bits being cleared.