This section includes a description of the
different types of functional safety mechanisms that are applied to the design
blocks of the TCAN1167-Q1 component.
The functional safety mechanism categories are defined as follows:
Component Hardware Functional Safety Mechanisms
A safety mechanism that is implemented by TI in silicon which can communicate
error status upon the detection of failures. The safety mechanism may require software to enable
its functionality, to take action when a failure is detected, or both.
Component Hardware and Software Functional Safety Mechanisms
A test recommended by TI which requires both, safety mechanism hardware which
has been implemented in silicon by TI, and which requires software. The failure modes of the
hardware used in this safety mechanisms are analyzed or described as part of the functional safety
analysis or FMEDA. The system implementer is responsible for analyzing the software aspects for
this safety mechanism.
Component Software Functional Safety Mechanisms
A software test recommended by TI. The failure modes of the software used in
this safety mechanism are not analyzed or described in the functional safety analysis or FMEDA. For
some components, TI may provide example code or supporting code for the software functional safety
mechanisms. This code is intended to aid in the development, but the customer shall do integration
testing and verification as needed for their system functional safety concept.
System Functional Safety Mechanisms A safety
mechanism implemented externally of this component. For example an external monitoring IC would be
considered to be a system functional safety mechanism.
Test for Safety Mechanisms This test provides
coverage for faults on a safety mechanism only. It does not provide coverage for the primary
function.
Alternative Safety Mechanisms An alternative
safety mechanism is not capable of detecting a fault of safety mechanism hardware, but instead is
capable of recognizing the primary function fault (that another safety mechanism may have failed to
detect). Alternate safety mechanisms are typically used when there is no direct test for a safety
mechanism.