AURIX™ - Autosar
MCAL driver
Feature enhancement AURIX TC2xx vs. TC3xx
2019-05-02 Copyright © Infineon Technologies AG 2019. All rights reserved. Infineon Proprietary 2
New - AURIX2G ISAR MCAL Safety claim (TC3xx)
› The Productive MCAL drivers have an ASIL B functionality claim or QM functionality claim (module
dependent, see below)
– The modules CAN, LIN, FlexRay, Ethernet, CAN transceiver do not have an ASIL B claim, because it is assumed
that End-to-End protection is used for a safe communication
– The module FLSloader does not have an ASIL B claim
› Each Productive MCAL driver is developed according to ASIL D process ensuring Freedom from
Interference in memory space, making it easier for the integrator to ensure coexistence with other SW
outside MCAL SEooC, as required by ISO 26262 Part 9 Clause 6
› Additionally, the MCAL software development process is assessed at ASPICE level 2 for the Productive
drivers
› The DEMOCD modules HSSL, SENT, I2C, IOM, STM, IRQ will have NO safety claim and NO ASPICE level 2
process
2019-05-02 Copyright © Infineon Technologies AG 2019. All rights reserved. Infineon Proprietary 3
NEW SMU Driver: Additional Information
› To support customers to realise ASIL D, IFX:
– Provides Smu_Init to initialize the SMU peripheral including its configuration ASIL B(D)
– Provides Smu_InitCheck: safety mechanism to verify initialization is correct and complete
ASIL B(D)
– Performs DFA to confirm that Init and InitCheck are independent ensure no common
cause failures between Init and InitCheck
– Provides Smu_Lock service in SMU driver to prevent corruption by locking configuration
data in SMU registers
› Customers should use ASIL decomposition at System level for satisfying SMU ASIL D
configuration requirement
2019-05-02 Copyright © Infineon Technologies AG 2019. All rights reserved. Infineon Proprietary 4
Infineon Microcontroller: Software Quality
TC2xx (no ASPICE) NEW: TC3xx (ASPICE L2)
› Standard and tailored development
process SDHB established
› SDHB, as Infineon Development
Standard, has been extended to
support Safety ISO26262
› NEW in TC3xxx:
› ASPICE L2 aligned process for
AURIX TC3x MCAL
› 6 processes at L3
› 4 processes at L2
2019-05-02 Copyright © Infineon Technologies AG 2019. All rights reserved. Infineon Proprietary 5
NEW - AURIX TC3xx New Multi Core Concept
MC-ISAR/MCAL with multicore support for TC3xx
› With TC3xx the number of cores are rising Limited Global /
up to 6 cores (4 lockstep and 2 non Shared Data
lockstep cores) Master-Core only /
protected access
› Assign MCAL instances to cores based on HW-Unit A MC-ISAR MCAL e.g. ADC MC-ISAR MCAL e.g. ADC HW-Unit B
peripheral specific resource granularity related Data related Data
Core-A Core-B
(e.g. ADC HW kernel, SPI HW kernel, PWM
channels, etc.) Master-Core only /
protected access
– Multi core partitioning supported for
Limited Common / Shared SFR
ADC, CAN, GPT, ICU, PWM, SPI, OCU, HW-Unit A HW-Unit B
WDG drivers Peripheral Space
› Multi core access without HW resource
allocation for CRC, DIO, MCU and PORT
Main benefits with AURIX MCAL Multicore support:
Possibility of seperation of multiple applications in one AURIX
OEM, Tier1 applications can run isolated on separate core in one AURIX
Simplify safety system partitioning. Enabling handling of peripherals for
Safety critical domain from lockstep core
Non safety critical tasks from non lockstep core
Increased overal performace with limited power consumption increase
2019-05-02 Copyright © Infineon Technologies AG 2019. All rights reserved. Infineon Proprietary 6