System-Wide Safety Features - 2020.2 English

Zynq UltraScale+ MPSoC Software Developer Guide (UG1137)

Document ID
UG1137
Release Date
2021-01-05
Version
2020.2 English

The system-wide safety features are designed to address error-free operation of the Zynq UltraScale+ MPSoC.

These features include the following:

Platform Management Unit

The platform management unit (PMU) in the Zynq UltraScale+ MPSoC executes the code loaded from ROM and RAM within a flat memory space, implements power safety routines to prevent tampering of PS voltage rails, performs logic built-in self-test (LBIST), and responds to a user-driven power management sequence.

The PMU also includes some registers to control the functions that are typically very critical to the operation and safety of the device. Some of the registers related to safety are as follows:

  • GLOBAL_RESET: Contains reset for safety-related blocks.
  • SAFETY_GATE: Gates hardware features from accidental enablement.
  • SAFETY_CHK: Checks the integrity of the interconnect data lines by using target registers for safety applications by periodically writing to and reading from these registers.

PMU Triple-Redundancy

The power management unit (PMU) contains triple-redundant embedded processors for a high-level of system reliability and strong SEU resilience. PMU controls the power-up, reset, and monitoring of resources within the entire system. The PMU performs multiple tasks including the following tasks:

  • Initializing the system during boot
  • Managing power gating and retention states for different power domains and islands
  • Communicating the supply voltage settings to the external power control devices
  • Managing sleep states including the deep-sleep mode and processing of wake functions

More details about PMU are available in Platform Management.

Interrupts

The generic interrupt controller (GIC) handles interrupts. Both the APU and the RPU have a separate dedicated GIC for interrupt handling. The RPU includes an Arm PL390 GIC, which is based upon the GICv1 specification due to its flexibility and protection. The APU includes a GICv2 controller. The GICv2 is a centralized resource for supporting and managing interrupts in multi-processor systems. It aids the GIC virtualization extensions that support the implementation of the GIC in systems supporting processor virtualization.

The Zynq UltraScale+ MPSoC embeds an inter-processor interrupt (IPI) block that aids in communication between the heterogeneous processors. Because PMUs can communicate with different processors simultaneously, the PMU has four IPIs connected to the GIC of the PMU.

For more information on IPI routing to different processors, see the “Interrupts” chapter in the Zynq UltraScale+ Device Technical Reference Manual (UG1085).