Design and select embedded system based on IEC 61508 and IEC 62304 standard
Hossein salimi
Signal & Image Processing | FPGA, DSP, MCU Programming | Functional Safety |AIOT | Available for Project Services
As stated(previous articles), to reach a developed system with safety standards, operating systems can be used that have a good functional safety level. It is also necessary for the hardware used to run the software and RTOS to have favorable standard level conditions.
Hercules TI, Power Architecture NXP, STM32F4 ST, Znq-7000 Xilinx processors are recommended examples to reach the level of industrial and medical standards.
NXP Power Architecture processors are not standard certified [1]. STM32F4 processors are ISO26262 certified according to the manufacturer's claim, but they have not provided documentation for it [2]. The Znq-7000 processor has IEC61508 certification, but it is expensive and has complex development tools [3]. TI's Hercules processors, which are the flagship of TI's security processors, are a suitable option for the above standards. These processors have been independently evaluated for use in IEC 61508 SIL3 applications by the Exida Institute [4]. These processors are designed from the ground up to deal with systematic risks associated with microcontroller development as well as handling random events during operation. These families are distinguished by their dual cores with phase-locked arrangement, which means that both processors process the code and data stream simultaneously, and a safe failure detection circuit is designed by comparing the results.
TI has taken more precautions than other microcontrollers in designing microcontrollers with safe operation and integration of memory and I/Os. They can use ECC to automatically correct single-bit errors in memory at runtime and detect double-bit errors in SRAM, FLASH, and communication memories. Even the queues and buffers of microcontroller peripherals have bit priority at runtime. Also, these microcontrollers have a hardware CRC checker in the memory.
In terms of software, the pre-certified SAFERTOS? operating system is suitable for use in IEC61508 SIL3 applications. If SAFERTOS? is used in a system with high functional safety, it must be used according to the safety instructions of the supplier company.
The WITTENSTEIN Design Assurance Package (DAP) included with this operating system has been tested on the memory usage and I/O integration of TI's Hercules chips, significantly reducing safety certification and development time. Reduces system performance.
For medical applications SAFERTOS comes with the WITTENSTEIN Design History File (DHF) software package. DHF is independently certified to meet FDA510(k) and EN62304 Class III medical device standards.
SAFERTOS?, implemented on TI's Hercules chips, is therefore an ideal platform for the development of safety systems in medicine such as diabetes pumps, infusion systems and blood pressure control systems. In addition to medical applications, this platform can also be used in the transportation, railway and aerospace industries.
To use TI's Hercules processor and SAFERTOS software, it is necessary to design a hardware platform and board. This design should be done based on board design standards and all parts should be seen in this design.
领英推荐
Figure (2) shows the block diagram of the designed platform. In this board, the TMS570LS central processor of TI company, which is from the Hercules family, is used. Apart from the central processor, safety standards have been used in the design of other parts such as the power part and the communication part such as LAN and CAN communication. In this platform, all the digital and analog connections necessary for most applications have been seen, and it is also possible to connect with a computer through a USB connection, and it is possible to connect with other devices in the LAN or CAN network.
Conclusion
In the presented articles, various safety standards have been reviewed and the IEC61508 standard has been used as a reference standard in medical equipment, and various safety levels have been determined based on it. Choosing a reliable RTOS and a microcontroller instead of a processor can be effective in reducing the risk and increasing the safety levels of an electronic system. After reviewing different hardware, it is recommended to use TI's Hercules processors along with the SAFERTOS? program to design and build systems with high safety levels. These processors have been used in various industrial, automotive, medical and even military systems and their safety level documents have been published by the manufacturer.