Functional Safety Solution for Industrial Automation

Overview

The Renesas Functional Safety Solution reduces the development burden on customers and contributes to the realization of safe and trusted factories with the application of functional safety standards, such as IEC61508, a key standard in many industrial fields.

The Functional Safety Solution offers software technology compliant to IEC61508 SIL* certification, a reference hardware board for constructing a functional safety system, a reference document as a guidebook to IEC61508, and safety compilers for safe development. Register here to obtain the complimentary evaluation version of the software and reference document.

Key features:

  • One-stop functional safety solution for general purpose MCU
  • Reduces time for constructing functional safety systems
  • Easily implement safety system for various safety applications

*SIL: Safety Integrity Level which is defined in the functional safety standard

Functional Safety Solution Reduces Development Time to 1/3

Note: The software kits in yellow boxes are certified by TÜV Rheinland.

Functional Safety Software and Documents RX Family RA Family
RXv1 RXv2 RXv3 RA4M1, RA6M1, M2, M3
1. SIL3 System Software Kit*1      New  
2. Self-Test Software Kit*1    New    New
3. Functional Safety over EtherCAT Stack      New    New  
4. Reference Documents*1
5. Reference Hardware Board    New  
6. Safety Compilers    New*2

*1: Register for complimentary evaluation software and reference document

*2: Corresponding compiler is IAR-EWARM V8.22.3. Please contact IAR Systems for more details.

Functional Safety Solution

Safety Software Overview

Renesas released IEC61508 SIL3 certified software for general purpose MCUs to enhance safety level with cross-monitoring and self-diagnostics features.

  1. SIL3 System Software Kit: Product package of Functional Safety Platform Software. This software is for cross-monitoring dual MCUs and is able to control user application behavior, which needs to be used together with the self-test software.
  2. Self-Test Software Kit: Product package of MCU self-diagnostics software, which is software for diagnosing the CPU, ROM, and RAM in an MCU.

Functional Safety Software Overview

1) SIL3 System Software Kit

The SIL3 System Software Kit provides Functional Safety Platform Software, a safety manual*, user guide and IEC61508 SIL3 certificate and test report* certified by TÜV Rheinland Industrie Service GmbH (Germany).

It also includes a configuration tool for evaluating the behavior of Functional Safety Platform Software on a PC, and a software development handbook for easy development.

Key Features of the Functional Safety Platform Software in this package:

  • Executes MCU self-diagnostics and cross monitoring, which vastly reduce the development time and burden when building redundant, dual safety MCU system.
  • Simply add user application software to complete the safety MCU software.
  • The software partitioning function simplified re-certification and enables coexistence of safety software and non-safety software.

*Not included in the evaluation version of the SIL3 system software kit.

RX Functional Safety - SIL3 System Software Kit

Device Corresponding Compiler Full Kit Part Number Evaluation Kit Part Number Note
RXv2 Core
RXv3 Core
CC-RX V3.01.00 RTK0EF0061F22002SJ RTK0EF0061F32002SJ

TUV

Full Kit
  • IEC61508 Certified Software
  • Software Kit Content
  1. Functional Safety Platform Software
  2. Safety Manual
  3. User Guide
  4. IEC61508 Certified Document
  5. Software Development Handbook
  6. Configuration Tool and Manual


Evaluation Kit
  • Software Kit Content
  1. Functional Safety Platform Software
  2. User Guide
  3. Software Developer's Handbook
  4. Configuration Tool and Manual
  5. PC Tool for Information Output Application
IAR-EWRX V4.14.2 RTK0EF0062F22002SJ RTK0EF0062F32002SJ

Dual MCU System

2) Self-Test Software Kit

The Self-Test Software Kit provides a self-diagnostics software library for microcontroller, a complete safety manual, user guide and IEC61508 SIL3 Certificate test report certified by TÜV Rheinland Industrie Service GmbH (Germany). For safe system development, developers can select the information they require from the safety manual and make use of the self-diagnostics software library to alleviate the burden on microcontroller-level development to conform to functional safety.

RX Functional Safety – Self-Test Software Kit

  • The Self-Test Software Kit diagnoses the permanent failure of CPU, internal ROM, and internal RAM. Please refer to the reference document for permanent failure diagnosis of other modules and transient failure diagnosis.

    Self-Test Software Kit Diagnosis Targets

  • Test timing
    • At start up, interval execution after start up
  • Running of test condition
    • All execution or division execution
  • Development tool (C compiler)
    • Renesas CC-RX compiler for functional safety
    • IAR Embedded Workbench® for RX FS
Device Corresponding Compiler Part Number Note
RXv1 Core RX100 series*1 CC-RX V2.03.00 RTK0EF0059F31001SJ

TUV

  • IEC61508 Certified Software
  • Software Kit Content
  1. Self-diagnostics Software Library
  2. Safety Manual
  3. User Guide
  4. IEC61508 Certified Document
IAR-EWRX V3.10.5 RTK0EF0060F31001SJ
RXv2 Core, RXv3 Core RX700 series*2 CC-RX V3.01.00 RTK0EF0054F37002SJ
IAR-EWRX V4.14.2 RTK0EF0055F37002SJ
RX600 series*3 CC-RX V3.01.00 RTK0EF0054F36002SJ
IAR-EWRX V4.14.2 RTK0EF0055F36002SJ
RX200 series*4 CC-RX V3.01.00 RTK0EF0054F32002SJ
IAR-EWRX V4.14.2 RTK0EF0055F32002SJ
Arm Core RA4M1 IAR-EWARM V8.22.3 RTK0EF0090F40001SJ
RA6M1, RA6M2, RA6M3 IAR-EWARM V8.22.3 RTK0EF0090F60001SJ

*1: Compatible with RX111, RX113, and RX130

*2: Compatible with RX71M, RX72M, RX72N, and RX72T

*3: Compatible with RX651/RX65N, RX64M, RX66N, and RX66T

*4: Compatible with RX24U, RX24T, RX230/RX231, RX23T, RX23W, and RX23E-A

3) Functional Safety over EtherCAT (FSoE) Application Software Kit

The FSoE application software kit is a comprehensive application software that can easily realize the FSoE slave function. A dedicated configuration file makes it easy to set different safety data and parameters for each product. The software kit is also ETG.5100G®V1.2.0 compliant and IEC61508 SC3/SIL3 certified. Both RXv3 core and RXv2 core MCUs are compatible with this software kit.

Certified Functional Software over EtherCAT (FSoE) Application Software

Device Corresponding Compiler Part Number Note
RXv2 Core, RXv3 Core CC-RX V3.01.00 RTK0EF0080F21001SJ

TUV

  • FSoE Software Kit Content
  1. FSoE Application Software
  2. Safety Manual
  3. User Guide
  4. IEC61508 Certified Document
  5. Sample: Network MCU Communication Application
  6. Software Development Handbook
IAR-EWRX V4.14.2 RTK0EF0081F21001SJ

4) Reference Document

This is a technical document explaining the method to comply with the IEC61508 standard. The document consists of 20 sets of documents and excel data with easy explanation of the requirements to meet the IEC61508 standard, such as various diagnostics, control methods, required CPU performance, and various information useful for preparation.

  • Documents and guidelines for the concept phase
    • Safety Plan (SP)
    • Verification and Validation plan (V & V)
    • Safety Requirements Specification (SRS)
    • Safety Concept (SC)
  • Documents for diagnostic method
    • Inter-MCU communication
    • Software error diagnosis
    • Power supply voltage diagnosis
    • Other circuits diagnosis
  • Documents for safety validation
    • FMEA, coverage computation and more

Reference Documents

Product Part Number
Reference document
All documents set
RTK0EF0005Z21001ZJ

5) Reference Hardware Board

Evaluation boards for dual configuration specified by functional safety standards. Renesas safety software can also be evaluated.

This Industrial Automation Functional Safety Reference Board is built based on Renesas' experience in safety system specifications and its implementation, and comes from detailed design, safety analysis, and diagnostics on a dual structure microcontroller system. By using this reference board as a template, the customer will be able to reduce system development time.

Product name Contents MCU
Industrial Automation Functional Safety Reference Board
  • Evaluation board
  • User manual
  • Connection diagram
  • BOM
RX72N-RX72N Dual MCU
RX71M-RX651 Dual MCU
RX111-RX111 Dual MCU

Board for evaluating function and performance, mounted with two RX microcontrollers

For RX72N-RX72N

For RX72N-RX72N

For RX71M-RX651

For RX71M-RX651

For RX111-RX111

For RX111-RX111

6) Safety Compilers with Certification Kit

When constructing software in a functional safety system, it is necessary to prove that the compiler generates valid code. Renesas offers IEC 61508 certified C compilers for functional safety.

Product Name Contents
C/C++ Compiler Package for RX Family

TUV

  • Compiler component:
    CC-RX compiler V2.03.00 and V3.01.00
  • IEC 61508 SIL3 certified
IEC 61508 Certification Kit for RX Compilers
  • IEC 61508 certificate that TÜV Rheinland has issued for the C/C++ compiler for the RX family V2.03.00 and V3.01.00
  • Safety manual, etc.

IAR embedded workbench certified by TÜV-SUD is available. For details please contact IAR.

 

IEC61508 Certification Kits for RX Compilers

Product Part Number
IEC61508 Certification Kit for RX Compilers V3.01.00 RTCRX0000TC03ZNR
IEC61508 Certification Kit for RX Compilers V2.03.00 RTCRX0000TC02ZNR
Recommended Devices
Block Product Type Device Features, etc.
Safety Part MCU RX72N RXv3 Core 32bit CPU, 240MHz, FPU
Flash ROM: Max.4MB (program)/32KB (data)
RAM: Max.1MB
Dual Bank Flash, CAN, USB Host/Function, Security, Ethernet, 2D Graphic Engine
RX66N RXv3 Core 32bit CPU, 120MHz, FPU
Flash ROM: Max.4MB (program)/32KB (data)
RAM: Max.1MB
Dual Bank Flash, CAN, USB Host/Function, Security, Ethernet, 2D Graphic Engine
RX72M RXv3 Core 32bit CPU, 240MHz, FPU
Flash ROM: Max.4MB (program)/32KB (data)
RAM: Max.1MB
Dual Bank Flash, TFU, EtherCAT, CAN, USB Host/Function, Security, Ethernet, 2D Graphic Engine
RX66T RXv3 Core 32bit CPU, 160MHz, FPU
Flash ROM: Max.1MB (program)/32KB (data)
RAM: Max.128KB
DSP, CAN, USB Host/Function, PGA, Comparator, Security (TSIP-Lite), 5V support
RX72T RXv3 Core 32bit CPU, 200MHz, FPU
Flash ROM: Max.1MB (program)/32KB (data)
RAM: Max.128KB
DSP, TFU, CAN, USB Host/Function, PGA, Comparator, Security (TSIP-Lite), 5V support
RX71M RXv2 Core 32bit CPU, 240MHz, FPU
Flash ROM: Max.4MB (program)/64KB (data)
RAM: Max.512KB
USB High-Speed Host/Function, Ethernet, SD Host Interface, Encryption
RX651
RX65N
RXv2 Core 32bit CPU, 120MHz, FPU
Flash ROM: Max.2MB (program)/32KB (data)
RAM: Max.640KB
CAN, USB Host/Function, Security, Image Capture, Ethernet, 2D Graphic Engine
RX64M RXv2 Core 32bit CPU, 120MHz, FPU
Flash ROM: Max.4MB (program)/64KB (data)
RAM: Max.552KB
CAN, USB Host/Function, Ethernet, SD Host Interface, Encryption
RX24U RXv2 Core 32bit CPU, 80MHz, FPU
Flash ROM: Max.512KB (program)/16KB (data)
RAM: Max.32KB
DSP/FPU/2 Motor/Differential PGA/3chS&H
RX24T RXv2 Core 32bit CPU, 80MHz, FPU
Flash ROM: Max.512KB (program)/8KB (data)
RAM: Max.32KB
DSP/FPU/2 Motor/PGA/3chS&H
RX23W RXv2 Core 32bit CPU, 54MHz, FPU
Flash ROM: Max.512KB (program)/8KB (data)
RAM: Max.64KB
Bluetooth 5.0, Communication (CAN/USB), Touch-Key, Security
RX23E-A RXv2 Core 32bit CPU, 32MHz, FPU
Flash ROM: Max.256KB (program)/8KB (data)
RAM: Max.32KB
High Precision AFE (Dual 24 bit DSAD, PGA etc.), Communication
RX230
RX231
RXv2 Core 32bit CPU, 54MHz, FPU
Flash ROM: Max.512KB (program)/8KB (data)
RAM: Max.64KB
DSP/FPU/Touch-key/Communication/Security
RX23T RXv2 Core 32bit CPU, 40MHz, FPU
Flash ROM: Max.128KB (program)
RAM: Max.12KB
DSP/FPU/1 Motor
RX631
RX63N
RXv1 Core 32bit CPU, 100MHz, FPU
Flash ROM: Max.2MB (program)/32KB (data)
RAM: Max.256KB
CAN, USB Host/Function, Etherner, Encryption, Image Capture
RX111 RXv1 Core 32bit CPU, 32MHz
Flash ROM: Max.512KB (program)/8KB (data)
RAM: Max.64KB
Small package, USB
RX113 RXv1 Core 32bit CPU, 32MHz
Flash ROM: Max.512KB (program)/8KB (data)
RAM: Max.64KB
Capacitive Touch, USB, Segment LCD
RX130 RXv1 Core 32bit CPU, 32MHz, 5V support
Flash ROM: Max.512KB (program)/8KB (data)
RAM: Max.64KB
Capacitive Touch
Network interface Multi Protocol
Ethernet controller
R-IN32M3-CL Integrated real-time OS accelerator and Ethernet accelerator
Integrated CC-Link IE Field (slave) core and internal memory
Arm Cortex-M3 (100MHz), Gbit Ethernet MAC (2 port switch)
CAN x2ch, CC-Link x1ch, UART x2ch, CSI x2ch, Timer x4ch
R-IN32M3-EC
Integrated real-time OS accelerator and Ethernet accelerator
Integrated EtherCAT (slave) core and internal memory
Arm Cortex-M3 (100MHz), 2 port integrated Ethernet PHYs
CAN x2ch, CC-Link x1ch, UART x2ch, CSI x2ch, Timer x4ch
R-IN32M4-CL2
Integrated real-Qme OS accelerator and Ethernet accelerator
Integrated CC-Link IE Field (slave) core and internal memory
Arm®Cortex®-M4 processor with FPU (100MHz)
Two built-in Gbit EtherPHY ports
CANx2ch, CC-Link x1ch, UART x2ch, CSI x2ch, Timer 32bit x4ch, Timer
16bit x16ch, 10bit ADC x8ch
RZ/T Series (RZ/T1)
Tightly Coupled Memory* (TCM) 544KB
Arm® Cortex®-R4 Processor with FPU (600/450/300MHz),
Ethernet MAC (2 port switch),USB2.0,CAN
*High-speed built-in memory that allows direct access from the
processor core to the memory interface without passing through cache memory
Built-in network function MCU & MPU RX72M RXv3 Core 32bit CPU, 240MHz, FPU
Flash ROM: Max.4MB (program)/32KB (data)
RAM: Max.1MB
Dual Bank Flash, TFU, EtherCAT, CAN, USB Host/Function, Security, Ethernet, 2D Graphic Engine
RX71M
RXv2 Core 32bit CPU, 240MHz, FPU
Flash ROM: Max.4MB (program)/64KB (data)
RAM: Max.512KB
USB High-Speed Host/Function, Ethernet, SD Host Interface, Encryption
RX64M
RXv2 Core 32bit CPU, 120MHz, FPU
Flash ROM: Max.4MB (program)/64KB (data)
RAM: Max.552KB
CAN, USB Host/Function, Ethernet, SD Host Interface, Encryption
RZ/N Series (RZ/N1D)
Dual 500MHz Arm ® Cortex ®-A7 and Cortex ®-M3 CPU, on-chip FPU, up to 2MB of on-chip SRAM with ECC,
Ethernet interface including advanced 5 port Ethernet switch,
independent Ethernet GMAC and support for EtherCAT, SercosIII, Profinet, Powerlink, EtherNet/IP, DLR, PRP, HSR.
Complete subset of peripherals such as Quad SPI, DDR controller, NAND Flash Controller, LCD controller, SDIO-eMMC
EC-1 Arm® Cortex®-R4 Processor with FPU 150MHz
Tightly Coupled Memory (TCM) 544KB
EtherCAT Slave Controller
Solution certified by EtherCAT Test Center (ETC) conformance testing