This MotoHawk block allows the developer to specify what faults the microcontroller's Fault Collection and Control Unit (FCCU) will monitor and how it should react when a monitored fault is detected.
FCCU Reaction Definition
motohawk_FCCU_lib
This MotoHawk block allows the developer to specify what faults the microcontroller's Fault Collection and Control Unit (FCCU) will monitor and how it should react when a monitored fault is detected. Typically this block is used in conjunction with the Reaction Trigger block, which allows the application to react to a detected fault. The Inject Fault block can be used to induce a fault, which allows functional testing of the application's fault handling to be carried out.
Parameter Field | Values | Comments/Description |
---|---|---|
Name | Alpha-numeric text, single quote enclosed | Named instance of the behavior. This name shall be used by referencing blocks like the FCCU Reaction Trigger. |
Resource | Drop-down list | A list that includes (None) implies the FCCU is not available for the selected module. |
Alarm to Fault Timeout* (ms) | Non zero numeric | The FCCU enters the ALARM state when it detects a monitored fault that has a reaction that triggers an alarm. The FCCU will issue a reset if the interrupt service routine (ISR) that should execute in response to this fault fails to execute and acknowledge the fault before this timeout expires. |
Alarm Service Timeout* (ms) | Non zero numeric | Specifies the time allowed for all FCCU Reaction Triggers to complete their execution. An Alarm Service Timeout Reset will result if the timeout expires before all the triggers have completed their execution. |
Allow parameters marked * to be calibrated | Checkbox | Allows attributes marked with (*) to be calibrated. |
Read Access Level | 0-8 | Sets security level 0 lowest, 8 highest, for user access to read value |
Write Access Level | 0-8 | Sets security level 0 lowest, 8 highest, for user access to write value |
Instrumentation Group | Alpha-numeric text, single-quote enclosed | Determines Folder name and hierarchy to be used by an Instrumentation Tool. Use "|" character between folder names to delineate subfolder structure. |
The Fault Reaction Definition tab has a list of collapsible panels, one for each possible fault that the Fault Reaction Definition block could support. Each fault that is not supported by the target module will include (Unsupported) in its name. These faults can still be defined, but they won't be monitored by the FCCU and won't generate code.
Each fault can specify a reaction that will result should the fault be detected, which are summarized below:
Parameter Field | Values | Comments/Description |
---|---|---|
Use Fault | Checkbox | Check to define a FCCU reaction for this fault |
Default Reaction | Drop-down list | The default reaction to be applied to the fault (which may allow subsequent calibration). |
Support Calibration | Checkbox | Allow the Reaction to be calibrated when checked. |
Allow Disable Fault Reaction | Checkbox | Allows the option to calibrate the Disable Fault Reaction for this fault. |
Allow Execute Trigger on Detection | Checkbox | Allows the option to calibrate the Execute Trigger on Detection reaction for this fault. |
Allow Execute Trigger then Reset on Detection | Checkbox | Allows the option to calibrate the Execute Trigger then Reset on Detection reaction for this fault. |
Allow Reset on Detection | Checkbox | Allows the option to calibrate the Reset on Detection reaction for this fault. |
Read Access Level | 0-8 | Sets security level 0 lowest, 8 highest, for user access to read value |
Write Access Level | 0-8 | Sets security level 0 lowest, 8 highest, for user access to write value |
Instrumentation Group | Alpha-numeric text, single-quote enclosed | Determines Folder name and hierarchy to be used by an Instrumentation Tool. Use "|" character between folder names to delineate subfolder structure. |
The FCCU Reaction Behavior can support a number of faults. The following describes some of the faults that the FCCU could detect and that have a MotoHawk implementation.
Microcontrollers that support a checker core, like the MPC5777C, need to be explicitly enabled. Typically this is a native MotoHawk operation. However an application may expect that the checker core has been enabled and for whatever reason it hasn't. This fault is detected if a checker core exists, but has not been enabled.
A checker core that has been disabled by inappropriate configuration may report a continuous fault that cannot be cleared. A checker core may also report as disabled when the application software has not enabled the core that is to be checked. This is the case for an MPC5777C executing an application that has not been configured for multi-core operation.
To avoid the application from having to continuously service a reaction (because the fault won't clear) it is recommended that a reaction of Disable Fault Reaction is configured for the Disabled Checker Core Fault and that the application poll the fault status via the FCCU Reaction Get Fault Status block. Continuously servicing the reaction to the exclusion of everything may lead to a continuous reset condition that software will not be able to recover from.
A checker core runs in lockstep with another core. The FCCU monitors that core's execution and issues a fault if it does not agree with the monitored core's execution.
At least one of the primary clocks driving the module's core(s) were detected as not operating within the expected frequency range.
Support clocks, like an eTPU clock for example, that are used by the module were detected to be operating outside of the expected frequency range.
The PLL and/or oscillator source was lost or lost lock. Silicon manufacturers (e.g. NXP for the MPC5777C) recommend that when this reaction is enabled that the reaction is only configured to be a Reset on Detection reaction.
The code generation may warn or even error if this reaction is enabled, but something other than a Reset on Detection reaction is applied.
Copyright 2018 Woodward Corporation. All Rights Reserved. | Visit Us: mcs.woodward.com |