ASIL D-Ready Semper Flash - KBA227836

Version 1

    Author: PriteshM_61           Version: **

     

    Question:

    What does ASIL D ready mean for Semper Flash?

     

    Answer:

    ASIL D ready means, though Semper Flash is ASIL B compliant, it can be used in an ASIL D system by utilizing host controller functionalities.

    Consider an example of ASIL D Store and Download (SnD) use case where the flash content is copied at startup into the local RAM and being executed without using the flash anymore. To make this use case ASIL D, the system can perform the following steps.

    1. MCU calculates the CRC checksum over the flash data and stores it in the flash device
    2. MCU transfers the flash device data to RAM
    3. MCU calculates the CRC checksum over the RAM data
    4. MCU compares two CRC checksums

    These steps in the SnD use case provide complete independence of the safety mechanism because no common cause failure exists which could lead to Single-Point Fault (SPF). In addition, these steps provide high diagnostic coverage (ASIL D).

    In this case, if the system-level safety mechanism already achieves a high diagnostic coverage via CRC, any Quality Managed (QM) device could be used. However, Semper Flash provides an added advantage of ECC, which increases the availability of the device through the correction possibility. On the other hand, having fine-grained, local safety mechanisms allow for a localization of the fault. This means that the host could try to restart flash in the case of configuration corruption. If a double-bit ECC error occurs, the address, counter, and ECC status are known, and the interface CRC functionality in Semper Flash allows for retransmission. Thus, all these safety mechanisms in Semper Flash increase the chances of detecting the failure; the system can thus achieve a higher ASIL level.