PM Safety Checker (SAFETY_CHECKERS-PM) provided APIs which are integrated into the safety application to verify the PSC/PLL configuration and validate the runtime PSC/PLL configuration against golden reference. Also includes the API to lock the PLL control module registers of PM for the prevention of stray writes.
SAFETY_CHECKERS-PM library includes the following implementation:
This example demonstrates the validation of PM messages by passing the valid and invalid parameters and how to use SAFETY_CHECKERS-PM library APIs.
Validation of PM messages by using the valid and invalid Device ID. PM messages are listed below: TISCI_MSG_SET_DEVICE, TISCI_MSG_GET_DEVICE, TISCI_MSG_SET_DEVICE_RESETS, TISCI_MSG_SET_CLOCK, TISCI_MSG_SET_CLOCK_PARENT, TISCI_MSG_SET_FREQ, TISCI_MSG_GET_CLOCK, TISCI_MSG_GET_CLOCK_PARENT, TISCI_MSG_GET_NUM_CLOCK_PARENTS, TISCI_MSG_QUERY_FREQ, TISCI_MSG_GET_FREQ,
Validation of PM messages by using the valid and invalid Clock ID. PM messages are listed below: TISCI_MSG_SET_CLOCK, TISCI_MSG_SET_CLOCK_PARENT, TISCI_MSG_SET_FREQ, TISCI_MSG_GET_CLOCK, TISCI_MSG_GET_CLOCK_PARENT, TISCI_MSG_GET_NUM_CLOCK_PARENTS, TISCI_MSG_QUERY_FREQ, TISCI_MSG_GET_FREQ,
Validation of PM messages by using the valid and invalid Device state. PM messages are listed below: TISCI_MSG_SET_DEVICE,
Validation of PM messages by using the valid and invalid Device resets. PM messages are listed below: TISCI_MSG_SET_DEVICE_RESETS,
Validation of PM messages by using the valid and invalid Clock State. PM messages are listed below: TISCI_MSG_SET_CLOCK,
Validation of PM messages by using the valid and invalid Parent Clock. PM messages are listed below: TISCI_MSG_SET_CLOCK_PARENT,
Validation of PM messages by using the valid and invalid Device group. PM messages are listed below: TISCI_MSG_SYS_RESET,
In generation of PSC/PLL config, Safety application shall call the PSC/PLL read APIs to access the configuration registers from the Safety Checkers library running in the Safety Core. Safety checkers returns PSC/PLL config to the safety application. Safety application validates the PSC/PLL configuration and save it as a golden reference in a non-volatile memory. This initializes the Safety Application and gathers the initial configuration data.
In validate PSC/PLL config stage, Safety application provides golden reference to the PM safety checker and Safety checker will validates at defined intervals. PM safety checker reads the PSC/PLL registers at runtime and validate they are matching with the golden state for modules in safety loop. Safety checker will return success or failure after validates against the golden reference.
The user should implement firewall based protection for golden reference and also create a checksum for the golden reference to ensure validity of the golden reference data.
Addition to the above stages, PLL lock will be called to make sure the PLL configuration registers are not modified.
Parameter | Value |
---|---|
CPU + OS | mcu-r5fss0-0 freertos |
r5fss0-0 freertos | |
Toolchain | ti-arm-clang** |
arm.gnu.aarch64-none | |
Boards | am62ax-sk |
Example folder | source/safety_checkers/examples/ |
Shown below is a sample output when the application is run,