A flexible microcontroller architecture for fail-safe and fail-operational systems

Today, many life-critical types of equipment (such as Electronic Control Units of automotive systems) require microcontrollers able to guarantee safety and availability with an acceptable cost. Safety must be achieved with respect to both systematic and hardware random faults, including soft-errors and common-cause failures. To provide availability, efficient and fast fault detection mechanisms shall be combined with infrastructures able to collect error events with enough details to allow reactions by the remaining hardware and the operating system. Costs shall be minimized by introducing as much robustness as needed and not more: this shall be done by avoiding unnecessary redundancies and reducing at the minimum the impact on system performances, therefore maximizing the usage of the available resources. This paper describes a microcontroller architecture fulfilling those requirements. It describes as well the process with which the microcontroller has been specified, designed and analyzed (including fault injection), in accordance with functional safety norms like IEC 61508 and ISO 26262.

[1]  Terry L. Fruehling Delphi Secured Microcontroller Architecture , 2000 .

[2]  Riccardo Mariani,et al.  Comparing fail-safe microcontroller architectures in light of IEC 61508 , 2007, 22nd IEEE International Symposium on Defect and Fault-Tolerance in VLSI Systems (DFT 2007).

[3]  S. Venkataraman,et al.  Evaluation of the quality of N-detect scan ATPG patterns on a processor , 2004, 2004 International Conferce on Test.

[4]  Denis Eberhard,et al.  Implementation of a Basic Single-Microcontroller Monitoring Concept for Safety Critical Systems on a Dual-Core Microcontroller , 2007 .

[5]  Henrik Thane,et al.  Safe and Reliable Computer Control Systems Concepts and Methods , 1999 .

[6]  Cristian Constantinescu,et al.  Trends and Challenges in VLSI Circuit Reliability , 2003, IEEE Micro.

[7]  Riccardo Mariani,et al.  A systematic approach for Failure Modes and Effects Analysis of System-On-Chips , 2007, 13th IEEE International On-Line Testing Symposium (IOLTS 2007).

[8]  Riccardo Mariani,et al.  A system-level approach for embedded memory robustness , 2005 .

[9]  Glenn H. Chapman,et al.  Defect and Fault Tolerance in VLSI Systems , 2003 .

[10]  Alberto L. Sangiovanni-Vincentelli,et al.  Fault-tolerant platforms for automotive safety-critical applications , 2003, CASES '03.

[11]  Riccardo Mariani,et al.  Safety Integrity of Memory Sub-Systems in Automotive Microcontrollers , 2007 .

[12]  Peter Neumann,et al.  Safeware: System Safety and Computers , 1995, SOEN.

[13]  Alfredo Benso,et al.  A Functional Verification based Fault Injection Environment , 2007, 22nd IEEE International Symposium on Defect and Fault-Tolerance in VLSI Systems (DFT 2007).