5 Conclusions

The decomposition and combining principles that are outlined in this application note show an efficient way to achieve high safety levels without all the complexity of usual implementation for monolithic products:

  • A scalable Microchip solution to adapt to evolving requirements and implementation split (monitoring and applicative)
  • A faster time to market by handling simpler integration process (independent HW and SW blocks, simpler testing and validation stages)
  • An optimized compliant hardware (best of application and monitoring) cost at no compromise and optimized compliant SW deliverables.

The above is made possible by an adequate selection of two leading Microchip’s FuSa product lines:

  • The dsPIC33A DSC, as the main applicative safety device, is the ideal choice when real-time control is key, on top of a strong safety configuration: ISO 26262 and IEC 61508 compliant, to ASIL B and SIL 2, respectively, on the HW front, thanks to Microchip’s certified development process by TüV Rheinland (more here: Certificate). The SW diagnostic suite (diagnostic modules compliant to ASIL C and SIL 3), along with other FuSa deliverables like FMEDA, FSM, DFA, scheduler or RTOS, will help the user confidently develop complete a functional safety application to the highest safety level, without the complexity of implementation.
  • The AVR SD, as the reactive fail-safe monitoring function in the proposed safety architecture, is a simple and low cost MCU which is developed and designed to ASIL C and SIL 2 compliance and, thereby, achieves a high degree of risk reduction from systematic errors. Additionally, since this MCU was designed for safety-critical applications, it comes with a collection of built-in hardware safety mechanisms and a dedicated GUI for fault injection into various safety mechanisms. An ASIL C/SIL 2-compliant software framework provides a template for developing the application according to the best practices recommended by the ISO 26262 and IEC 61508 standards. This greatly reduces development time on the AVR SD due to the ready-made safety drivers, middleware, task managers, latent fault diagnostics and scheduler that ties all of it together.

For more information on dsPIC33A, please visit: www.microchip.com/en-us/products/microcontrollers/dspic-dscs/dspic33a

For more information on AVR® SD, please visit: www.microchip.com/en-us/products/microcontrollers/8-bit-mcus/avr-mcus/avr-sd

For more information on Microchip’s functional safety corporate approach, please visit: www.microchip.com/en-us/solutions/technologies/functional-safety