The architecture is designed to meet the requirements of future domain and zone architectures and service-oriented communication tasks over anad above the the current Linux/Posix based integration platforms. The virtualisation integrates multiple applications developed with different tools and on different software schedules. Non-volatile Phase-Change Memory (PCM) supports the safety features with the ability to overwrite single bits and highly effective over-the-air updates without downtime.
The Stellar family houses multiple Arm Cortex R52 cores, some of which operate in lockstep and some in split-lock mode, and is also equipped with a two-stage Memory Protection Unit and a low-latency Generic Interrupt Controller. The microcontroller is suitable for hard real-time requirements up to the highest Safety Integrity Level (ASIL-D) of the ISO 26262 functional safety standard used in the automotive industry. It also features several powerful accelerators for secure data routing and mathematical functions, with sophisticated security support and extensive command and control functions for communication.
The Integration MCU provides comprehensive, multi-level virtualisation using a Virtual Machine ID (VMID) at the network-on-chip and memory levels. Firewalls ensure complete separation at all interconnect levels, including peripherals. These firewalls allow the Stellar devices to manage the access and privileges of the virtual machines (VMs) to the peripherals, ensuring the isolation of complete mission critical functions.
At the same time, the Stellar family copes with the increasing complexity of software thanks to better utilisation of its hardware resources. This reduces the overall effort when several separate ECUs have to take care of their own housekeeping and the latency due to the communication stack has to be taken into account. In contrast, the Stellar family supports several independently running real-time operating systems without any mutual interference. These operating systems, in turn, can separately manage applications with different functional safety levels and offer high performance for encrypted communication via Ethernet or CAN buses. Each operating system has its own AES encryption accelerator, which reduces the load on the main HSMs (Hardware Security Modules) for MACSec, IPSec and CAN authentication.
Phase-change memory (PCM) has shorter read access times and unlike the widely used flash memories, it is possible to access, read and overwrite individual bits. PCM memories also allow Over-The-Air Updates (OTA) without downtime - even if updates affect the entire memory. In addition to increased flexibility and shorter erase/write cycles, the ability to change individual bits at run time improves safety setup by allowing individual bits to be refreshed.
ST uses its own embedded PCM technology (ePCM) to meet the stringent requirements of the automotive sector for robust operation at high temperatures, radiation resistance, cycle stability and data retention. ePCM meets the requirements for AEC-Q100 Grade 0 with an operating temperature up to +165°C.
- ARM adds functional safety IP to CPU and GPU architectures
- ARM reveals R52 core for functional safety
- Renesas sets the course for autonomous driving
- Virtualisation on microcontrollers
Other articles on eeNews Europe