Programmable Devices
CPLDs, FPGAs, SoC FPGAs, Configuration, and Transceivers
20644 Discussions

Safety in case of failure

Altera_Forum
Honored Contributor II
967 Views

I’m a safety engineer. 

I have a particular question. 

 

If the FPGA lost its power supply, all outputs are in low state “0”. 

 

But, for FPGA failure (by overheating, electrostatic discharge or other causes) 

I would like to know if the outputs can be in the indeterminate state or in low « 0 » state. 

(When the failure occurs, is this possible to “freeze” the FPGA? Is it possible to have some outputs at "high level “ ?)
0 Kudos
2 Replies
Altera_Forum
Honored Contributor II
233 Views

 

--- Quote Start ---  

 

If the FPGA lost its power supply, all outputs are in low state “0”. 

 

--- Quote End ---  

FPGAs have more than one power supply; a core supply, and multiple I/O supplies. They have a power-on-reset (POR) circuit that monitors the I/O supplies. During the power-up and configuration sequence, the POR circuit keeps an external status signal (nSTATUS) asserted low, and the I/O pins are tri-stated. Some of the devices have an IO_PULLUP control pin which can be used to enable weak pull-ups. After the device is configured, the pin state is either the user-programmed function, or the unused pin function (which can be set to input, input with weak pull-up, output driving high/low). 

 

Depending on the power-supply that fails, and the configuration of those control pins, you could have a situation where the POR circuit either tri-states or enables the weak pull-ups. However, if the I/O supply fails, then any pull-ups on pins powered from that I/O supply will be effectively tri-stated. 

 

 

--- Quote Start ---  

 

But, for FPGA failure (by overheating, electrostatic discharge or other causes) I would like to know if the outputs can be in the indeterminate state or in low « 0 » state. 

 

--- Quote End ---  

There is no way you can guarantee the state of pins under these circumstances. 

 

 

--- Quote Start ---  

 

(When the failure occurs, is this possible to “freeze” the FPGA? Is it possible to have some outputs at "high level “ ?) 

--- Quote End ---  

No. There is no way to freeze the FPGA. 

 

Some devices do have a 'freeze' I/O state option during programming (Lattice MachXO devices), but I am sure that only works if the device is powered correctly. 

 

If you have the potential power a power-supply failure, then the 'safest' solution is to use active high 'enable' logic, and use pull-downs on all of those controls. Then when power fails, the external device is disabled. 

 

For my FPGA based systems, I use external power supply monitoring devices for voltage, current, and temperature. The external monitoring devices are programmed with acceptable limits prior to enabling FPGA power. If any of these parameters are violated then the hardware shuts off the FPGA power (the control logic is in a different power domain). These systems are not critical safety systems, however, your systems should have something similar in place. 

 

Cheers, 

Dave
0 Kudos
Altera_Forum
Honored Contributor II
233 Views

If the FPGA fails then the outputs could be in any state since we don't know the nature of the failure.

0 Kudos
Reply