Call for Papers

ESE-Kongress 2009

Plug-In Functional Safety ( Vortrag mit Tooldemo )

Referent: Dipl.-Phys. Martin Schrape , Infineon Technologies AG
Vortragsreihe: Sichere Software
Zeit: 09. Dezember 11:45
Co-Referenten: Steve Burns, Infineon Technologies Munich Dan Wallin, Infineon Technologies Sweden

Zielgruppe

Entwicklung, Experten

Themenbereiche

Sichere Software, Echtzeit/RTOS

Kurzfassung

Getting ready for IEC13849/IEC62061 is a major effort for most drive and machine manufacturers. In the last couple of year’s functional safety moved from a system integrators task to the product level. In the near future semiconductor manufacturer has to provide safety devices. That means simple resistors and capacitors as well as complex microcontrollers have to be compliant to IEC61508. The failures rates of microcontrollers will no longer be a single number. Semiconductor manufacturers will provide much more detailed values to product designers and will build in functional safety into their devices. This will lead to better and simpler designs as of today. This talk will present a plug-in approach of software features to a standard microcontroller and standard RTOS that enables function safety up to SIL 3.

Nutzen und Besonderheiten

Until now SIL 3 systems needs redundancy and today's safety products are designed using multiple CPUs. This is a complex and costly solution with a large PCB footprint. High cost might be acceptable in fly-by-wire aircraft systems, for example, where not only safety but also fault-tolerance using a failover concept are required. These systems have been a must for many years, but for mass market products such as industrial drive and brake-by-wire automotive systems the real challenge is to build a fault-tolerant system at a reasonable cost. The dual-channel approach has been adopted by IC manufacturers who came out with on-chip redundancy. Another quite new approach is to go beyond the limits of the stated medium diagnostic coverage by adding special hardware blocks. The concept presented in this paper uses a software library running on a standard 32-bit microcontroller. It is seen as 1oo1 architecture with a separate intelligent diagnostic channel, known as 1oo1D architecture.

Über den Referenten

Martin Schrape applies more than 15 years experience in the semiconductor industry to his position as a microcontroller application engineer for Infineon Technologies. His main focus is on support and training for customers in the automation and drive industry. His background includes embedded real-time systems and metrology equipment development and APC solutions. Martin holds a master's degree in physics from the FU Berlin and is a TÜV Rheinland certified Functional Safety Engineer.