simplify your design & safety assessment … · 1 public use sbc in body • body control ......
TRANSCRIPT
PUBLIC USE
Advanced Automotive Analog
June 29th, 2017
Safety & Power Management PL
FS45 & FS65 – SIMPLIFY YOUR DESIGN & SAFETY ASSESSMENT
PUBLIC USE1
SBC in Body• Body Control• Lighting• HVAC
FSBC in Drive Train • Engine Management• Transmission• EV/HEV – Inverters, DC/DC• BMS, Battery Cell Controller• Steering, Suspension
PMIC w/ I.MX• Infotainment• E-Cockpit, HUD• Driver Awareness• Cluster• Telematics• Cameras
FSBC in ADAS• Lane Departure Warning• Radar• ADAS – Vision• ADAS – Data Fusion
SAFETY ASSPs forAirbag and Braking
• Valves driver
• Airbag ECU• Motor pump predriver• Wheel Speed decoding
PMIC w/ I.MX
SAFETY & POWER MANAGEMENTPartnering for power optimized processor platforms
PUBLIC USE2
NXP PMIC's Benefits
Simplify Customer Experience • PMICs are defined alongside MCU development team
• Insure full compatibility with dedicated MPU/MCU’s
• Proven & Robust Solutions
• Complete reference designs with Android and Linux drivers
• Development kits (SABRE, RIOT and more) for quick implementation• From NXP proven partner
• Highly Configurable with preprogrammed version• Insure Scalability among IMX family support• Factory preprogrammed version for specific i.MX
• Support of ISO26262 up to fit for ASIL B/D• Part of NXP Longevity program
Energy Efficiency• The best light load efficiency on the market
• >90% efficiency across the entire current delivery range
• Dynamic Voltage Scaling for power consumption and heat optimization• Soft Start Sequencing options for voltage rail start up
• Best In Class Quiescent current for wearable series
i.MX 6UL SOM
GUI Evaluation Tool
PUBLIC USE3
Automotive Market Trends
• Connectivity & Security
− Optimize information flow across the car (from LIN to Ethernet)
− Protect data to avoid hacking
− Simplify network design at OEM level
• Drive Train Electrification
− Green trend : EV / HEV vs combustion to reduce emissions
− 48 V electrical network to improve power efficiency
− ISO26262 functional safety growth driver and System availability
• Autonomous & Safe Drive
− Highest Automotive MCU/MPUs performance for real time decision
− Increased safety & security level to protect lives (fail operational)
− Driverless to develop social mobility & reduce traffic congestion
PUBLIC USE4
VEHICLE SAFETY: Zero accidents by human error (ADAS & SOTIF)SECURITY: Zero accidents by system hacksFUNCTIONAL SAFETY: Zero accidents by system failures (ISO 26262)DEVICE RELIABILITY: Zero components failures (robust product)
SECURITY
DEVICE RELIABILITY
FUNCTIONAL SAFETY
VEHICLESAFETY
ELECTRICAL & AUTONOMOUS VEHICLES TECHNOLOGY DRIVERS
PUBLIC USE5
SYSTEM SELL – UNDERSTAND SAFETY GOAL AT OEM LEVELExample of Interaction Between Car OEM, Tier 1 & Tier 2
OEMOEM
• Safety Architecture• Safety Concept
• ASIL Classification of Functions
Tier 1Tier 1
• HW / SW products
Tier 2 Supplier - NXP
• Item definition• Hazard analysis and risk assessment
• Safety Goals• Functional Safety ConceptISO26262
Relevant scope of ISO26262 high
Foundation
Product Safety Mechanisms
Development Process & Methods
Quality & Quality Data
Relevant scope of ISO26262medium
Partner DesignOverall ISO 26262 compliance is achieved togetherWe each own a piece of the puzzle
Functional Safety FocusSafety Element out of Context
PUBLIC USE6
NXP FS45 & FS65 USE CASES & ASSOCIATED ASIL LevelDefined by car OEM, supported at HW and SW level by Tier1
1
2
2
3
4
5
1
6
1
7
3
ASIL
D
C
B
A
QM
ADAS – RADAR SRR, MRR, LRR – ASILBFS652x with S32R2
ADAS – Vision Data Fusion – ASILB, up to ASIL D (Autonomous Drive)FS652x with MPC5777C or other MCU supplier
Drive Train – ElectrificationBattery Management (12V, 48V, HV) – ASILCFS650x with MPC5744P and MC33771
Drive Train – ElectrificationElectric Motor (Alterno Starter, eAxel drive…) – ASILCFS45 with Other MCU supplier
Drive Train – PowerTrainTransmission, Transfer Case – ASILDFS650x with Other MCU supplier
Drive Train – ElectrificationInverter, DCDC Converter - ASILCFS650x or FS45
Drive Train – S&CElectric Power Steering – ASILDFS45 or FS65 with MPC5744P
Domain Gateway Body, Safety, Chassis – up to ASILDFS652x with MPC574xC
Drive Train – S&CSuspension / Dumping – ASILCFS65 with other MCU Supplier
ADAS – ACC Adaptive Cruise Control – ASILCFS652x with MPC5744P
Drive Train – PowerTrainEngine Management Unit – ASILBFS651x with MPC5777C
LEGEND
PUBLIC USE7
Severity Exposure Controllability
C1 – SIMPLE C2 – NORMAL C3 – DIFFICULT
S1 - LIGHT
E1 (very low) QM QM QM
E2 (low) QM QM QM
E3 (medium) QM QM A
E4 (high) QM A B
S2 – SEVERE
E1 (very low) QM QM QM
E2 (low) QM QM A
E3 (medium) QM A B
E4 (high) A B C
S3 – FATAL
E1 (very low) QM QM A
E2 (low) QM A B
E3 (medium) A B C
E4 (high) B C D
(QM: “quality managed” no requirements from standard applied explicitly)
Extent of harm to individual(s) that canoccur in hazardoussituation
Ability to avoida specifiedharm throughtimely reactions
Probability of exposure regarding operational situations
Functional Safety – ASIL Definition
PUBLIC USE8
Link between Functional Safety and Reliability
FIT = Failure In Time = Unit for expressing the expected failure rate of electronic devices 1 FIT = 1 failure in 109
device hours (114 years)
The FIT is calculated from IEC TR 62380 standard model and defined from the λdie + λpackage + λEOS
The λdie depends mainly on:
Technology maturity, SMOS8 is in high volume production since more than 10 years
Number of transistors in the device
Customer Mission profile
Device power dissipation in application use case
PCB Junction to Ambient thermal resistance
The λpackage depends mainly on:
Thermal variation from Customer Mission Profile
Package type, LQFP 48 with 0.5mm pitch is a robust and reliable package
Finally the FIT depends on 3 customer factors :
Application mission profile
Device power dissipation
PCB Junction to Ambiant thermal resistance
The FIT rate is influenced by silicon technology and package maturity which are demonstrated through AEC-Q100 automotive qualification (reliability stress like HTOL for the die and Temp Cycles + HAST for the package).
PUBLIC USE9
FMEDA calculates the safety metrics required by ISO26262
• SPFM: Single point fault − Failure which is immediately violating one of the application safety goal (>99% for ASIL D)
• LFM: Latent point fault− Failure in the Safety Detection Mechanism (also called monitoring) which could lead to the
violation of the application safety goal in conjunction with a single point fault (>90% for ASIL D)
• PMHF: Probability Metric of Hardware Failure− Residual probability to violate a safety goal (<10-8 for ASIL D)
From Failure Rate to ISO26262 Safety Metrics
SPFM
LFM
PMHFSafeAssure — FMEDA
FIT Rateinput of the FMEDA tool
PUBLIC USE10
Functional Safety Systems
System Basis Chips
Flexible functional safety architecture independentlymonitors safety-critical parameters and availability‒ Enables redundancy without replication
‒ Compliant with ASIL-D level system requirements
Power efficient dual DC/DC converter topology‒ High availability operation down to 2.7V Voltage Supervisor & Diagnostics
Power Management
Fail Safe Inputs MCU Fault Collection Control Unit monitoring
Redundant MCU Vcore monitoring Redundant External IC fault monitoring
Watchdog Time Monitoring Isolated Fail Safe
State Machine
Fail Safe Outputs & Reset Management
Communication PHYs
Analog / Digital Self Test
Secured SPI
Automotive and Transportation
Industrial and Medical
HEV / EV Cars
ADASSafety
SystemsRailwaySystems
Anti-skid control
Sensor & CommsGateway
Robotics & Industrial
AutomationWind Power
Medical Systems
PUBLIC USE11
Leader in SBC for every Market use case
MCU
CAN
In
Supply
LIN
*includes safety bus SBCs
Body Peripherals
Drive & Power Train
ADAS
Body Control Module & Gateway
UJA106x/107x/116x/1169MC33903/4/5
MC33909UJA113x
UJA113xMC33909FS45xx
MC33907/33908FS45, FS65
FS45xx & FS65xx
MC33789BE13
TJA1028MC33910/911/912
MC33903/4/5UJA116x
MC33903/4/5UJA116x
UJA107x/1169MC33903/4/5
MC33909UJA113x
Discrete LIN SBCsLDO+CAN
SBCsSMPS w CAN/LIN
Fit for ASIL B
SMPS CAN/LINFit for ASIL D
ASSPs*ASICs
MCU
Comm + Supply
DrvMCU
CAN + SMPS
DrvMCU
CAN + SMPS
DrvMCU
CAN + LDO
DrvMCU
LIN + LDO
DrvInDrv
In
LIN
In
LIN
In
LIN
In
MC33907/33908FS45, FS65
PUBLIC USE12
2 GENERATIONS OF POWERSBC
PUBLIC USE13
SENSE – THINK – ACT – Drive Train DirectionsPower Management & Safety Standards
CAN
FAIL SAFE
Low Power
12V DCDC 0.8A – 1.5A
CAN FD2M
FAIL SILENT
Long Duration Timer
12V DCDC+ DCDC 0.8A
MC33907/8
FS650x
Secured & Safe System Solutions • ISO26262 architecture (TUV SUD proven)• Functional robustness (non ISO pulse, EMC, HTOL)
• Security (SM transition)
High Efficient Solutions• Target 12 V & 24 V (application note)• Dual DCDC architecture (Vpre + Vcore)
• Ultra low power modes (low Iq, long dur. timer)
Safety Simplified Solutions• ISO26262 ready documentation• System validation test (eFAST)
• Global ecosystem (incl HW & SW)
Generation 1Definition 2010
Production
9 applications
>25 customers
Generation 2Definition 2014
Same platform FS45 and FS65
Pin to pin compatible with MC33907/8
Product qualified and EMC certified
Valu
e
Pro
po
sit
ion
CAN FD2M
FAIL SILENT
Long Duration Timer
12V DCDC + LDO 0.5A
FS4500
CAN FD2M
FAIL SILENT
Long Duration Timer
12V DCDC + DCDC 1.5A
FS651x
CAN FD2M
FAIL SILENT
Long Duration Timer
12V DCDC + DCDC 2.2A
FS652x
PUBLIC USE14
Architecture integrating supply and MCU monitoring, hardware redundancy, and tools to fit for ASIL-D at system level
• Independent voltage supervisor− Independent references and bandgaps
• Fail Safe state machine− Isolation trench for physical isolation− MCU error signal monitoring
− Analog error signal handling− Generates system reset, or deactivation signal
• Watchdog challenger− Windowed watchdog (1ms to 1024ms)
• Proven documentation and tools− Support to design ASIL applications
− Safety manual & FMEDA
First Generation Functional Safety SBC Qualified, Certified Fit for ASIL D, In Production
Flexible (I/O)Wake / INH
1 CAN HS
Vcca (100 / 300mA)
3.3V or 5.0V LDO
0 or 1 LIN 2.x, J2602-2
Secured SPI
Fail Safe State Machine (RST, FS0)
AMUX (Battery, I/O, Temp, Vref)
VPRE DC/DC 6.5V / 2.0A BuckLV124 compliant
Advanced Low Power Modes (30µA)
VAUX – tracker (400mA)
5.0V or 3.3V LDO
VCOM (100mA)
5.0V LDO
VCORE DC/DC
From 1.2V up to 5.0V0.8 / 1.5 A versions
Boost Driver
Battery SenseBefore RBP
MC33907 & MC33908
PUBLIC USE15
FS65/FS45 – Functional safety SBC (safeassure)
System Solution
• Analog Multiplexer to sense multiple critical signal
• Small package size :49 mm²
• Robust CAN PHY FD 2M
• Configurable I/Os
• Long Duration Timer, Keep Alive memory supply
Independent Safety Monitoring
• Single Point Failure : UV/OV Monitoring Unit
• Latent Failure : ABIST & LBIST
• Common Cause Failure : Independent electrical and physical fail safe circuitry and state machine
• Reset, Fail Safe pin to set system in predictive state when system is failing.
• Configurable Fail Safe State, while allowingsystem availibility, diagnostic and possible recovery.
•Optional Fail Silent operation
• Second Fail Safe pin to manage safe delay afterfailure event
• Advanced SafeAsssure documentation to fit for safety assessment
• BOM cost savings : No need for external MCU challenger
• MCU & external IC Safety Monitoring
Advanced Power Management
• Buck/Boost Vpre from 2.7 to 36V
• 2.0A / 6.5V Vpre capable
• FS65xx with Vcore 2.4MHz SMPS 0.8/1.5/2.2A
• FS450x with Vcore LDO 0.5A
• Configurable Vcore (external resistor bridge)
• Multiple LDO and Tracker
• Ultra Low Standby Current 30µA
Flexible (I/O)Wake / INH
0 or 1 CAN HS w FD2M
Vcca (100 / 300mA)
3.3V or 5.0V LDO
0 or 1 LIN 2.x, J2602-2
Secured SPI
Fail Safe State Machine (RST, FS0)
AMUX (Battery, I/O, Temp, Vref)
VPRE DC/DC 6.5V / 2.0A BuckLV124 compliant
Advanced Low Power Modes / Vkam
VAUX – tracker (400mA)
5.0V or 3.3V LDO
VCOM (100mA)
5.0V LDO
Boost Driver
Battery Sensebefore RBP
System Solutions (LDT, FS1)
VCORE DC/DC or LDO
From 1V to 5.0V0.5/0.8/1.5/2.2A versions
SCALABLEFamily concept
PROVENDesigned at OEMs
SAFEFlexible Fail Silent
SIMPLIFIEDTools & Documents
ROBUSTPASS 4200h HTOL
PUBLIC USE16
FS45/65 : 2nd Gen PowerSBC for Drive Train electrification & ADAS
• Maximize re-use vs MC33907/8− Same package (48 pins LQFP with EP)− Same Technology (SM8MV)− Pin to pin compatible
Evolutions vs MC33907/908 • Power management scalability
− FS65 : 3 versions with DC/DC (0.8 A, 1.5 A, and 2.2 A NEW)− FS45 : 1 version with LDO (1.2 V to 5.0 V up to 500 mA) – NEW
• Advanced safety concept providing flexibility and availability − Configurable Fail Silent Mode with fit for ASIL D− Second Fail Safe output (FS1b) to secure safe delay after FS0b
• Save BOM system cost with new hardware solutions− Long duration timer, FS1b, and VKAM Supply
• Improve In Vehicle networking scalability − CAN FD 2 Mb/s and LIN versions (C or L versions)− CANless pin to pin compatible versions (N versions)
• Support attach strategy− With S32 for power train, drive train and ADAS (MPC57xx, S32R)− With other MCU suppliers
Automotive Qualification
High Reliability(x2 vs AECQ100 needs)
Global EMC Certification
SW Starter Guide Data sheet
EMC board
Safety Manual
FS65
Samples
FMEDA
eFAST
PUBLIC USE17
FS65 : integrate MCU Safety Monitoring capabilities
Independent Fail Safe State MachinePhysical & Electrical
independance to fit for ASILDPower Management
Monitoring Unit (UV / OV)Analog & Digital Built In Self
Test to minimize Latent FaultsOwn Reference & Supply to
Reduce Common Cause Failure
Fail Safe Pin (FS0b) : Redundant System Fail Safe
enablerSecond Fail Safe pin to assert
safety path with configurable delay after failure
Advanced WatchdogChallenger Replace external MCU
Monitoring
MCU Monitoring FCCU : Fault Collection
Control UnitMonitor Dual Core Lock Step
Modes MCUs
RSTb – Fail Silent ModeConfigurable RSTb activation
giving more system availability
HW RedundancyVcore external Monitoring
Safety SBCFS65
Safety MCU
PUBLIC USE18
Simplify Safety Design – Safety Manual
Objective
• Enables customers to extract the full value of NXP’s functional safety
offering
• Simplify integration of NXP’s safety products into applications
• A comprehensible description of all information
relating to FS in a single entity to ensure integrity of information and links with datasheet
Content
• SoC Safety Concept description
• System level assumptions (Safety specific usage considerations)
• Pseudo-code or C-Code to simplify adoption of safety application requirements
• FMEDA results
− Latent Fault Matrix (LFM)
− Single Point Fault Matrix (SPFM)
− Probabilistic Metric for random Hardware Failures (PMHF)
• Provisions against Dependent Failures
• List of Fail-safe Errors and Potential Cascade EffectsSafety Connexion with MCU
Safety Concept (SEOOC)
PUBLIC USE19
Functional Robustness Power Management – Validation Phase Battery environment & Non-ISO Pulses
• Car OEMs specific, based on their validation experience, battery line related like cranking, low
charge/discharge, …
• Pulse database based on discussion with car OEM & Tier1.
• We continue to fill this database to increase system test coverage.
BrownOut
Triangular Square
Damped Sinus
PUBLIC USE20
eFAST Platform main components :
Sweepy Shape creation. Autonomous or integrated usage.
eFAST_LV Labview host software to monitor and control DUT and equipments. Automated check (PASS/FAIL) and report with full traceability
eFAST – Platform - Integrated & Automated Tests
Reports
Automated Execution
DUT
Sweepy
Hardware
BENEFITS
Car OEMs Requirements - Database
Increase Coverage - Break the limit. (x10)
Efficiency - Accelerate by x4
ISO26262 Compliancy - Full Traceability
Multi-purpose - Non-ISO, Funct. Validation
Control
& Monitoring
LabView
Configuration
& Results
Equipments
PUBLIC USE21
FS45/FS65 Certification Results
J2962 500Kbps 2Mbps Comment
FS45xx (0.5A) PASS PASS Report available
FS650x (0.8A) PASS PASS Report available
FS651x (1.5A) PASS PASS Setup Improved. Measurement compliant (see next slides)
C&S Status
LIN2.0 PASS
LIN2.1 / LIN2.2 PASS
J2602 PASS
IBEE Tested on FS652x –umbrella device for
FS65/45 device family
Status
Conducted Emission PASS
DPI PASS
ISO PASS
ESD PASS
Conclusion • FS450x & FS650x : OK (July 16)
• PPAP available• C&S PASS• J2962 PASS on CAN FD 2M w/o choke.• IBEE PASS.
• FS651x / FS652xNAE: OK (Sept 16)• PPAP available• C&S PASS• IBEE PASS• J2962 PASS
PUBLIC USE22
Proven FS45 and FS65 PowerSBCIndustry Certifications
• CAN, LIN C&S granted
• CAN Velio granted
• IBEE Zwickau granted
• MOOSER J2962 granted
• AN5238 PCB Design & EMC guideline
Electrical Conformance EMC/ESD Conformance
• Positive assessment
regarding design capability to be used in a safety application
up to ASIL D
Safety Assessment
PUBLIC USE23
What is fail silent ?
PUBLIC USE24
SafeAssure HW: Fail Safe Outputs
• Error Handling based on :
− Voltage Supervisor
− Vcore Drift (resistor bridge)
− FCCU Monitoring
− Watchdog (counter)
− BIST
• Reset Management
− Active Low
• Fail Safe Outputs
− FS0b active low upon Fault Detection
− FS1b active low with Delay or Duration from FS0b
− Configurable CAN disable upon FS1b activation
• Part of Fail Safe Machine
Added Values• External Safety Path
• Independent output pins to manage Fail Safe State
RSTb
FS0b
SafetyMCUFS65/FS45
RSTb
FS0b
FS1b
FS1b
PUBLIC USE25
Dependability : Safety vs AvailabilityEnabling Fail Silent Operations
1. CONFIGURABLE RESET at SAFE STATE
activation to enable MCU Diagnostic.
2. CONFIGURABLE SAFE STATE, independently
for each failure with 2nd Fail Safe output.3. HIGH AVAILABILITY : No MCU shutdown in
case of multiple failures.
4. SMART DEGRADED MODE : Application is
failing with safe and available operation
PUBLIC USE26
FS1B Tdelay use case: Motor Demagnetisation
PUBLIC USE27
FS1B Tduration use case: Disable Communication
PUBLIC USE28
APPLICATION USE CASES
PUBLIC USE29
SCALABLE PLATFORM FS45 and FS65 FamilyExtending Functional Safety SBC Solutions
Sc
ala
ble
Po
wer
Ma
na
ge
me
nt
Scalable System Management
FS45xx1.2V to 5.0V / 500mA
FS650x1.2V to 5.0V / 0.8A
FS651x1.2V to 5.0V / 1.5A
FS652x1.2V / 2.2A
Industrial VersionVcom, No PHY
StandardCAN FD & CANless
e-SafeCAN FD, FS1b
PowerTrainCAN FD, LIN, LDT
34FS4500C/N
34FS6500N
34FS6510N
34FS6520N
33FS4500C/N
33FS6500C/N 33FS6501C/N
33FS6511C
33FS6521C
33FS6502C/L
33FS6512C/L
33FS6522L
33FS4501C/N
ADAS HE EMS
Inverter, EMS
TCUEPS, HEV
Suspension
EPS, BMS
Elevators
eBike, PLC Mild Hybrid
Truck
IMM Radars
EPS, HVAC
33FS6503L
33FS6513L
33FS6523L
HE EMS
Gear Box
TCU
PowerTrainCAN FD, FS1, LDT
PUBLIC USE30
Total NXP System Solution – Electric Power Steering Use Case
VDD
INTB
RSTB
SPI
CAN
Communication Bus
MCU
MPC5744P
ADC
PWM
Timer
Back EMF/ Current Sensing
Temp Sensor
FCCUSignalCond.
SignalConditioning
PMSMPMSM
Torque Sensor
Gearbox
Position Sensor
Load
Motor
Position
Sensors
- Hall,
- Resolver
- AMR
DC-Bus Voltage/ CurrentSensing
SPI
• ASIL D Voltage Monitor• Chalenger Watchdog• CAN FD• Fail-safe IO
Functional Safety SBC
FS65
Pre-driver
GD3000
Power Stage
BUK762R0
PowerSwitch
Vsup1
Vsup2
PUBLIC USE31
Total NXP System Solution – Battery Management Use Case
•ASIL D Voltage Monitor
•Chalenger Watchdog•CAN FD
•Fail-safe IO
Functional Safety SBC
FS65
DualCANTJA1048
PUBLIC USE32
Total NXP System Solution – Battery Management Use Case
48V Domain
MC33771A
12V Domain
48V
Battery
(20 cells)
100 µΩShunt
1500V
Ethernet
Transformer
Fuse
KL40
KL41
SurgeProtection
Contactor
KL31
NTC
NTC
FS6501
MC33664TLPhyscial Interface
FAN Control
PWM
Contactor Driver
HS PWM
LS Enable
MPC574xP32 bit LockStep
Microcontroller
CAN
Fail Safe B (delayed)
Fail Safe A
MC33771P
CT0..10: Cell Voltages
AINx: Cell Temperatures
ISENSE: Current
NTC
48V GND
Voltage Divider
Inp
ut
Filt
er
& B
ala
ncin
g
Resis
tors
CB1..10: Balancing FETs
TPL Communication
NT
C
FANDriver
Buck/Boost
MSPI
SSPI
SPI
CAN FD PHY
RTC/Counter
Watchdog
SPI
Wake Up KL15
CAN
KL30
Filter
CT0..10: Cell Voltages
AINx: Cell Temperatures
CB1..10: Balancing FETs
TPL Communication
AINx: PreCharge Temperature
AINx: VLink Voltage
GPIOx: VPack Enable
AINx: VPackFuse Voltage
GPIOx: PreCharge Enable
Voltage Divider
Inp
ut
Filt
er
& B
ala
ncin
g
Resis
tors
HV Battery Switch Box Controller48 V BMS System
12V DomainHVpack-
HV
Battery
100 µΩShunt
3750V
Ethernet
Transformer
Fuse
HV+
HV-
HV+ Contactor
NTC
FS6501
MC33664TLPhyscial
Interface
3 x
Contactor Driver
3x HS PWM
3x LS Enable
MPC574xP32 bit LockStep
Microcontroller
CAN
Fail Safe B (delayed)
Fail Safe A
MC33772P
AINx: PreCharge Temperature
AINx: Shunt Temperature
AINx: VLink+ Voltage
ISENSE: Current
GPIOx: VPack+ Enable
AINx: VPack+ VoltageVoltage Divider
Pack GND
Voltage Divider
Pack GND
TPL Communication
Buck/Boost
MSPI
SSPI
SPI
CAN FD PHY
RTC/Counter
Watchdog
SPI
Wake Up
CAN
KL30
Filter
PrechargeContactor
NTC
HV- Contactor
OptoMos
GPIOx: VLink+ Enable
GPIOx: VLink- Enable
AINx: VLink- VoltageVoltage Divider
2.5V
OptoMos
1:1 Transformer
8V
Transformer
Drivere.g. SN6501
PUBLIC USE33
NXP FS45 & FS65 ISO26262 Innovations from Definition to Customer Suppport
System Validation - eFAST : OEM Non ISO Pulse- HW Fault Injection Test
Customer Support- Documentation (FMEDA, SM)- Reference Design & AN
Product Architectures- Fail Safe (qualified, certified)- Fail Silent (sampled)
Product Requirement Mgt- OEM workshops- Lessons learned process- System Safety Goal Translation
Verification- Automated Traceability Matrix - Virtual Test
Product Definition- Doors (SoC & IP)
PUBLIC USE34
DEMO LIVE USING LATEST FS65 FREEDOM
PUBLIC USE35
FS6500 / FS4500 FREEDOM Board
RegulatorOutput
Vbat
FS65 size 33mm x 33mm
Support wide range of FS65xx / FS45xx family
Close partnership with best in class passive components suppliers (Coil, Capacitor, Diode, Transistor)
Low cost evaluation board
Arduino compatible
PUBLIC USE36
FLEXGUI Standard USB to SPI interface
USB to SPI Converter
FS65/45 SPI mapping from xml file
PUBLIC USE37
FS65xx Class C SW driver API example
SW training available
PUBLIC USE38
• FS65 SW driver – available now
• Technical reference documentation v1.0 available now
− Main FS65 supported features:
• CAN / LIN function
• Watchdog function
• SPI access register function (RAW API)
• Events handling
− System events (OV, UV, OT, OC, WD / SPI error…)
− CAN events (wake-up, bus error, OT)
− LIN events (wake-up, bus error, OT)
• For more information:Contact your Local Vector Vendor (all over the world)or [email protected]
FS-SBC Autosar SW driver availability
