基于AURIX TC397 SafeTpack的功能安全软件实现

Functional Safety Software Implementation Based on AURIX TC397 SafeTpack

动力域控制器系统(PDCS)在新能源汽车中为动力源控制器系统。为提高PDCS的安全性、可靠性,根据ISO 26262标准设计了一套符合ISO 26262标准ASIL C的域控制器平台,基于E-GAS三层安全架构,其中重点解决Level3层的安全监控,以功能安全组件包SafeTpack为基础,结合AutoSAR组件实现程序流监控,基于英飞凌AURIX TC397处理器、电源管理芯片TLF35584及CAN收发器TJA1145等器件验证了系统的正确性。结果显示:本系统功能安全框架及level3层的安全监控有效保障了系统出现故障时能够被及时复位断开TJA1145供电实现关闭通信,达到安全状态。

The power domain controller system(PDCS)is used as a power source controller system in new energy vehicles.In order to improve the safety and reliability of PDCS,design a set of domain controller platforms that meet the ISO 26262 standard ASIL C according to the ISO 26262 standard.The three-layer safety architecture,which focuses on solving the Level3 layer safety monitoring,is based on functional safety component package Safe Tpack,combined with AutoSAR components to achieve program flow monitoring.The hardware is based on infineon AURIX TC397 processor,power management chip TLF35584 and CAN transceiver TJA1145 and so on The device verifies the correctness of the system.The results showed that the safety monitoring of the functional safety framework and the Level 3 layer of this system could timely reset the system and disconnect TJA1145 power supply to achieve a safe state when the system failed to fail.