CAN and CAN FD Functional Safety
With the high number of Electronic Control Units (ECUs) accompanied by an increasing complexity of functions in today’s cars, functional safety is very important. The growing importance of safety and driver assistance systems in modern cars intensifies the need for more robust and dependable electronic components. Risks resulting from hardware, random failures or systematic hardware/software errors must be reduced as far as reasonably practicable throughout the product’s foreseeable lifetime.
There are guidelines and standards for the process, the technology and the methods used for the implementation of functional safety. Functional safety means the prevention of unacceptable risks that can arise from hazards caused by malfunctions in electrical or electronic systems, such as a CAN or a CAN FD network. As these networks are intended to support data exchange amongst safety-critical functions, the risk of transmitting incorrect data in a network can be reduced dramatically by implementing robust safety measures in the system. As described below, the safety measures available in our CAN transceivers and CAN controllers result in a more robust CAN or CAN FD communication network.
Functional Safety Documentation
To request Functional Safety documentation, contact your local sales office.*
*An NDA is required to access this documentation.
System Reset, Detect and Manage
| Feature | MCP2517FD | MCP2518FD | ATA6570 | ATA656x (2/3/4/5/6) | Fault Prevention | Self Diagnostic | System Diagnostic | Fault Mitigation |
|---|---|---|---|---|---|---|---|---|
| Power-on Reset (POR) | ● | ● | ● | ● | ✔ | ✔ | ||
| CAN with Loopback Mode | ● | ● | ✔ | |||||
| SPI with Cyclic Redundancy Check (CRC) | ● | ● | ✔ | ✔ | ||||
| CAN Bus dominant/recessive clamp detection | ● | ✔ | ✔ | ✔ | ||||
| Voltage monitoring (VCC, VIO, VS) | ● | ● | ✔ | ✔ | ✔ | |||
| Watchdog | ● | ✔ | ✔ | |||||
| SPI with Failure Event Detection | ● | ✔ | ✔ | |||||
| TXD Dominant Timeout | ● | ● | ✔ | ✔ | ✔ | |||
| RXD Recessive clamp detection | ● | ● | ✔ | ✔ | ||||
| Overtemperature Detection | ● | ● | ✔ | ✔ |
Other Features
| Feature | MCP2517FD | MCP2518FD | ATA6570 | ATA656x (2/3/4/5/6) | Fault Prevention | Self Diagnostic | System Diagnostic | Fault Mitigation |
|---|---|---|---|---|---|---|---|---|
| MCAL Drivers for AUTOSAR (enabling E2E communication protection) | ● | ● | ● | ✔ | ✔ |
Fault Prevention - Silicon feature that prevents damage, unintended configuration changes or invalid operation
Self-Diagnostic - Silicon/software feature that identifies if the silicon is working as it should be
System Diagnostic - Silicon/software feature that identifies if the system is working as it should be
Fault Mitigation - Silicon feature that can be used by the system to transition to a safe state after a fault is detected
● Available in all devices
○ Available in some devices
- Not Available
For additional information about Microchip’s functional safety-enabled products and supporting documentation, please visit our Functional Safety page.