Implementation Details and Safety Analysis of a Microcontroller-based SIL-4 Software Voter

This paper presents a microcontroller-based software voting process that complies with Safety Integrity Level-4 (SIL-4) requirements. The selected system architecture consists of a 2 out of 2 schema, in which one channel acts as Master and the other as Slave. Each redundant channel uses a microcontroller as central element. The present analysis demonstrates that this system fulfills SIL-4 requirements. Once the system architecture is detailed, the system overall functionality and the data flow are presented. Then, the microcontroller´s internal architecture is explained, and the software voting process flow-diagram is discussed. Afterward, the resources of the microcontroller architecture that are used for the execution of each task involved in the software voting process (hardware-software interaction) are determined. Finally, a fault analysis is elaborated to demonstrate that the cases in which the safety requirements are compromised have a very small occurrence probability, i.e., the hazard rate of proposed voting is below 1E-9.