Browse Prior Art Database

Method to manage an autonomous clock supervision in safety application

IP.com Disclosure Number: IPCOM000212213D
Publication Date: 2011-Nov-04
Document File: 3 page(s) / 76K

Publishing Venue

The IP.com Prior Art Database

Abstract

In safety-relevant applications in the automotive area (related to ASIL-D / ISO26262, IEC61508, EN/IEC 62061, ISO13849, ISO25119), it is required to guarantee a reliable operation which is dependent to a valid clock. The Fail Safe monitoring machine is providing an appropriate action on the Fail Safe output pins or failure output pins to put the application in a fail-safe state when a safety fault is detected. This operation is dependent to a valid safety clock. The supervision of the safety clock has to be performed. The idea is to define a simple, small and autonomous solution for the Safety Clock Supervision to detect a stuck-at 0 or 1, an out-of band frequency and to guarantee the application is put in a fail-safe state. This enables to propose a solution for Mixed-mode circuitries to reach the highest level ASIL-D (Automotive Safety Integrity Level D) of functional safety defined in ISO 26262.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

 

Document Title 

Method to manage an autonomous clock supervision in safety application

   

Abstract 

In safety-relevant applications in the automotive area (related to ASIL-D / ISO26262, IEC61508, EN/IEC 62061, ISO13849, ISO25119), it is required to guarantee a reliable operation which is dependent to a valid clock.

The Fail Safe monitoring machine is providing an appropriate action on the Fail Safe output pins or failure output pins to put the application in a fail-safe state when a safety fault is detected. This operation is dependent to a valid safety clock.

The supervision of the safety clock has to be performed.

The idea is to define a simple, small and autonomous solution for the Safety Clock Supervision to detect a stuck-at 0 or 1, an out-of band frequency and to guarantee the application is put in a fail-safe state.

This enables to propose a solution for Mixed-mode circuitries to reach the highest level ASIL-D (Automotive Safety Integrity Level D) of functional safety defined in ISO 26262.

Body 

In safety-relevant applications in the automotive area (related to ASIL-D / ISO26262, IEC61508, EN/IEC 62061, ISO13849, ISO25119), it is required to guarantee a reliable operation which is dependent to a valid clock.

An automotive safety critical system may, for example, be a car safety system. A safety critical system  may comprise a seat position control system, lighting, airbags, windscreen wipers, immobilizers, electronic climate control, a brake system or an electrical steering system.

The safety critical system may be in compliance with ISO 26262 functional safety standard. For example, the safety critical system may comply with Automotive Safety Integrity Level D (ASIL-D), i.e., the highest level of functional safety defined in ISO 26262.

The Figure 1 describes the safety critical integrated system.

The fail safe monitoring machine (14) (containing the safety countermeasures) is using a safety clock (16) independent to the safety functions to be monitored (12) to remove the common cause failures.

The fail safe monitoring machine (14) is providing an appropriate action on the Fail Safe output pins (22) or failure output pins to put the application in a fail-safe state when a safety fault is detected.

The clock faults are critical for the operation of the Integrated Circuit (20) and can prevent the execution of a safety function or may deactivate the diagnostic measures.

Also a too low clock frequency will violate the relevant fault tolerant time interval for which the application should be put in a fail-safe state when a safety fault is detected.

The need is to provide a solution to monitor a safety clock frequency and detect a default (stuck at 0, at 1, and a too low frequency) in an autonomous way and to provide t...