CAN and CAN FD Functional Safety

With the high number of Electronic Control Units (ECUs) accompanied by an increasing complexity of functions in today’s cars, functional safety is very important. The growing importance of safety and driver assistance systems in modern cars intensifies the need for more robust and dependable electronic components. Risks resulting from hardware, random failures or systematic hardware/software errors must be reduced as far as reasonably practicable throughout the product’s foreseeable lifetime.

There are guidelines and standards for the process, the technology and the methods used for the implementation of functional safety. Functional safety means the prevention of unacceptable risks that can arise from hazards caused by malfunctions in electrical or electronic systems, such as a CAN or a CAN FD network. As these networks are intended to support data exchange amongst safety-critical functions, the risk of transmitting incorrect data in a network can be reduced dramatically by implementing robust safety measures in the system. As described below, the safety measures available in our CAN transceivers and CAN controllers result in a more robust CAN or CAN FD communication network.

Functional Safety Documentation

To request Functional Safety documentation, contact your local sales office.*

*An NDA is required to access this documentation.

Memory (Flash/RAM) Error Detection and Correction

Feature	MCP2517FD	MCP2518FD	Fault Prevention	Self Diagnostic	System Diagnostic	Fault Mitigation
SRAM with Error Detection and Correction (ECC)	●	●		✔		✔

System Reset, Detect and Manage

Feature	MCP2517FD	MCP2518FD	Self Diagnostic	System Diagnostic	Fault Mitigation
Power-on Reset (POR)	●	●		✔	✔
CAN with Loopback Mode	●	●		✔
SPI with Cyclic Redundancy Check (CRC)	●	●	✔	✔

GPIO ESD Protection/Peripheral Pin Select

Feature	MCP2517FD	MCP2518FD	Fault Prevention	Self Diagnostic	System Diagnostic	Fault Mitigation
ESD Protection	●	●	✔
I/O Port Readback	●	●		✔	✔

Other Features

Feature	MCP2517FD	MCP2518FD	Fault Prevention	Self Diagnostic	System Diagnostic	Fault Mitigation
MCAL Drivers for AUTOSAR (enabling E2E communication protection)	●	●		✔	✔

Definitions:
Fault Prevention - Silicon feature that prevents damage, unintended configuration changes or invalid operation
Self-Diagnostic - Silicon/software feature that identifies if the silicon is working as it should be
System Diagnostic - Silicon/software feature that identifies if the system is working as it should be
Fault Mitigation - Silicon feature that can be used by the system to transition to a safe state after a fault is detected

Legend:
● Available in all devices
○ Available in some devices
- Not Available

For additional information about Microchip’s functional safety-enabled products and supporting documentation, please visit our Functional Safety page.