6.3 Safety and IEC 60730 Features
| Peripheral | Component | Fault/Error/Feature | Requirements for Class B IEC 60730(1) | General Safety |
|---|---|---|---|---|
| PMC | Clock | CPU clock monitoring - Overclocking detection | – | X |
| 32.768 kHz crystal oscillator frequency
monitoring - Abnormal frequency deviation | X | X | ||
| Main crystal oscillator - Crystal failure detection | X | X | ||
| PIOC | I/O Periphery | Programmable configuration lock (active until next VDDCORE reset) to protect against further software modifications (intentional or unintentional) | – | X |
| Digital I/O - Plausibility check | X | – | ||
| ADCC | Analog I/O and ADC converter - Plausibility check | X | – | |
| ICM (SHA) | Memory and Internal Data Path | All internal and external memories such as QSPI, DDR, and all memories on SMC | X | – |
| NAND Flash Controller ECC | Non-volatile memory - Mutiple error detection (2 to 32) | – | X | |
| System Controller | Supply Monitor | Power supplies - VDDCORE, VDDIO, VDDANA, VDDBU abnormal levels | – | X |
| WDT, RSTC | Watchdog | Watchdog can be fed by an internal always ON
clock - Program counter stuck at faults. | X | X |
| Watchdog configuration can be locked
(write-protected) - Errant writes (Programming errors, errors introduced by system or hardware failures) | – | X | ||
| Watchdog overflow generates a system reset | X | X | ||
| Cortex MMU | Memory Management Unit | Cortex-A5 Memory Management Unit | – | X |
| MATRIX, AIC, RTC, SYSC, RXLP, ACC, PMC, PIO, MPDDRC, SMC, CLASSD, SSC, TWI, UART, SPI, FLEXCOM, QSPI, TC, PDMIC, ADC | Peripherals | Configuration, Interrupt Enable/Disable,
Control registers can be independently write-protected - Errant writes (Programming errors, errors introduced by system or hardware failures) | – | X |
| PWM, PIO | PWM | Fault inputs can be configured to put the PWM
outputs in Safe mode - Programming errors, errors introduced by system or hardware failures | – | X |
| PIO controller can lock the PWM I/O - Programming errors, errors introduced by system or hardware failures | – | X | ||
| Fault inputs can be external (IO) or internal
(ADC, TIMER, ACC, etc.) - Programming errors, errors introduced by system or hardware failures | – | X |
Class B IEC 60730 Requirements. Annex H - Table H.1 (H.11.12.7 of edition 3).