TTControl, a joint-venture company of TTTech Computertechnik AG and Hydac International GmbH specializing in reliable and flexible electronic control systems and visualization solutions for off-highway vehicles and mobile working machines, has successfully achieved the certification of its general purpose controller HY-TTC 90 according to the two main global standards for functional safety. Now the HY-TTC 90 can be used in applications that require either certification in line with IEC 61508 or the newer ISO 13849 standard. With the latter, this controller is also in full compliance with the current EU machinery directive 2006/42/EC.
The HY-TTC 90 is the top product within the IP 67 rated HY-TTC 50 ECU family, recently introduced to the global off-highway vehicle market. While the other control units in the product family (HY-TTC 50 and HY-TTC 60) are used for general purpose applications, the HY-TTC 90 is particularly suited to control also functions that require IEC 61508 Safety Integrity Level 2 or Performance Level d per ISO 13849. It is equipped with a powerful watchdog processor that constantly monitors the main CPU and can send the controller to its "safe state" in which all outputs are turned off. This capability is part of the unit's firmware, which also includes other diagnostic functions that no longer need to be programmed by the application engineer. Thus the controller offers enough benefits even if only a few functions in an application are safety critical. Clearly non-safety critical functions can be efficiently controlled by an HY-TTC 90, too.
All controller variants in the family share a robust automotive housing and are well protected against vibration, electromagnetic interference and other harmful environmental conditions. They work in an operating temperature range from -40 to +85 °C and are programmed either in C or through the freely available integrated development environment CoDeSys©.
"We believe there is a lot of added value for our customers in this generic functional safety certification", says Roberto Ferrari, technical director of TTControl. "Choosing an electronic control unit for a municipal or construction vehicle is a complex and far-reaching decision. Selecting a unit with a safety certificate guarantees a high level of reliability which takes a lot of burden off development engineers and management alike. The certificate provides MTTF data which is hard to obtain for other control units."
TTControl, experienced in functional safety since 2003, has worked together with TUeV Nord in the development of the HY-TTC 90. On July 28, 2010, TUeV Nord Cert GmbH, Essen certified that – independent of the application – the HY-TTC 90, if used in a category 2 electronic architecture according to ISO 13849, reaches a "mean time to dangerous failure" of 66 years, which together with the required "diagnostic coverage" gives a "Performance Level d". On the same certificate it is confirmed that a single HY-TTC 90 controller ensures Safety Integrity Level 2 per ISO 61508 with a "probability of failure per hour" of only 2.5 * 10-7. These, however, are generic values, and the HY-TTC 90 can reach even higher indicators for reliability and safety monitoring within a specific application that uses only a certain subset of its total of 48 inputs and outputs.