F75P - Vital Embedded Single Board Computer, 3 Intel Atom E6xx

The F75P is a COTS safe computer with onboard functional safety that unites three CPUs on one 3U CompactPCI PlusIO card. It makes Intel Atom E6xx ("E600") performance with dual redundancy extremely compact, mainly targeting railway applications. Two independent Control Processors (CP) with independent DDR2 RAM and Flash and a supervision structure provide safety: with redundant software running on F75P, and, e.g., with the software instances on the two CPs comparing their output, the board becomes a fail-silent subsystem, i.e. it can shut down in case of a fatal fault.

Its I/O Processor (IOP) is built up like a classic CompactPCI CPU board, including DDR2 RAM, front and rear I/O. The front connectors include VGA, two USB 2.0, and two 100-Mbit (Fast) Ethernet channels. At the rear, the board provides another four USB 2.0, two Fast Ethernet ports, one 3-Gbit SATA and one PCI Express x1 link. These interfaces comply with the standardized pinout of CompactPCI PlusIO (PICMG 2.30). An onboard mSATA slot makes for scalable, robust mass storage. The intelligent board management controller of the IOP logs events such as reset, overvoltage or undervoltage in a non-volatile FRAM.The Control (CP) and I/O Processors (IOP) communicate via internal links provided by an FPGA. The CPs are designed to run a deterministic real-time operating system such as the QNX Neutrino RTOS Safe Kernel or PikeOS. It is also possible to implement diversitary software on both kernels.

All three CPUs support Linux and QNX. The F75P can replace multiprocessing systems with CPU redundancy and I/O by a small-footprint, low-power solution that is flexible for different types of application scenarios. It uses a single +5V supply voltage to allow operation with external power supplies that do not generate +3.3 V.

F75P-based systems are generally certifiable up to SIL 4. Since the card has no voter of its own, the customer has to add the software that implements and controls functional safety behavior. The safety features such as the CP supervisors are designed to SIL 4 according to EN 50129. A railway certification package including the "safety case" document and a certificate from TÜV SÜD is available.

Its rugged set-up also make the F75P rail-ready: with assets like conformal coating and an operating temperature of -40 °C to +70 °C (10 min @ +85 °C) with qualified components, it is fully EN 50155 compliant. A 4-HP version is available with RJ45 Ethernet connectors and a reduced temperature range for system design, while a 6 HP version with RJ45 Ethernet connectors and another standard card with 8 HP width with M12 front connectors have a larger heat sink for -40 °C to +85 °C.

Features

  • 2x Intel Atom E6xx, 512 MB DDR2 RAM (each) for onboard dual redundancy
  • 1x Intel Atom E6xx, 1 GB DDR2 for I/O
  • Independent supervisors for each block
  • Fail-safe board architecture
  • Event logging
  • SIL 4 certification packages available for hardware and software (QNX)
  • TÜV Süd certified according to EN 50129 (SIL 4), EN 50128 (SIL 4) and IEC 61508 (SIL3)
  • Full EN 50155 compliance
  • -40 °C to +70 °C (+85 °C)
  • Conformal coating

Specifications

CPU Architecture
  • Three onboard processors
    • Two Control Processors (CP)
    • One I/O Processor (IOP)
    • Inter-communication between all three processors via onboard Ethernet or Shared RAM
  • Three identical processor types
  • The following CPU types are supported:
    • Intel Atom E680T, 1.6 GHz, 400 MHz graphics frequency, 4.5 W TDP
  • Main function of CPs
    • Provide a "Safe Domain" on the board, including processors, memory, supervisors and power control
    • Provide flexible implementation options for functional safety requirements
    • Provide support for advanced, certified operating systems up to SIL 4
  • Main function of IOP
    • Provide common I/O and memory facilities
    • Provide a user-friendly software interface and GUI
Memory (connected to CPs)
  • 512 KB L2 cache integrated in E6xx for each processor
  • System RAM
    • Soldered DDR2
    • 512 MB, to each of the Control Processors (CP)
    • 1 GB, to each of the Control Processors (CP)
    • 512 MB
  • Boot Flash
    • 2 MB
Chipset (connected to IOP)
Intel EG20T Platform Controller Hub (PCH)
Memory (connected to IOP)
  • 512 KB L2 cache integrated in E6xx
  • System RAM
    • Soldered DDR2
    • 1 GB
    • 2 GB
    • 1 GB
  • BIOS Flash
    • 2 MB
  • 8 KB non-volatile FRAM for event logging
Mass Storage (connected to IOP)
The following mass storage devices can be assembled:
  • mSATA disk (for IOP boot image and file system)
Graphics (connected to IOP)
Processor graphics
  • 320 or 400 MHz graphics base frequency, depending on processor type
  • Maximum resolution: 1280 × 1024 pixels
Front Interfaces (controlled by IOP)
  • Video
    • One VGA connector
  • USB
    • Two Type A connectors, host, USB 2.0
  • Ethernet
    • Two RJ45 connectors, 100BASE-T, or
    • Two M12 connectors, 100BASE-T, on right side of CPU PCB, or
    • Two M12 connectors, 100BASE-T, on left side of CPU PCB
    • Two link and activity LEDs per channel
  • Status LED
  • Reset button
Onboard Interfaces
Ethernet
  • Four channels, 100BASE-T, via Inter-Communication FPGA
Rear Interfaces (controlled by IOP)
  • SATA
    • One channel, SATA Revision 2.x
  • USB
    • Four channels, USB 2.0
  • Ethernet
    • Two channels, 100BASE-T
  • PCI Express
    • One x1 link, PCIe 1.0a
  • Cluster Link
    • Two F75P boards can be connected to form a cluster
    • Cluster link interface based on RS422; bidirectional, full-duplex, differential interface
  • Compatible with PICMG 2.30 CompactPCI PlusIO
    • 1PCI33/1PCIE2.5/1SATA3/4USB2/2ETH100
    • Some pins are used for signals differing from the PICMG 2.30 specification, e.g., for clustering. However, these signals do not destroy or cause any malfunction of a connected I/O board based on this standard.
Supervision and Control
  • Three independent supervisors for Control Processors and Inter-Communication FPGA
    • Check for overvoltage, undervoltage, excess temperature, internal errors of FPGA and CPUs, CPU and FPGA clock
    • Watchdog, configurable as a window or timeout watchdog
  • Board Management Controller for I/O Processor
  • Event logging
    • Event history logged in non-volatile FRAM, e.g., reset, overvoltage, undervoltage, excess temperature
    • 256 entries possible
    • Events are generated by board hardware or user application
  • Real-time clock with supercapacitor backup connected to I/O Processor
    • Data retention of supercapacitor: 56 hours when fully loaded, after 3 years runtime @ 40°C, 24h operation
Product Standard
  • CompactPCI: CompactPCI Core Specification PICMG 2.0 R3.0
    • System slot
    • 32-bit/33-MHz CompactPCI bus
    • V(I/O): +3.3 V (+5 V tolerant)
  • Hot insertion and removal without damage
Busless Operation
  • Board can be supplied with +5 V only, all other voltages are generated on the board
  • Backplane connectors used only for power supply
Electrical Specifications
  • Supply voltage
    • +5 V (-3%/+5%)
  • Power consumption
    • 4.75 A typ.
    • 5.25 A max.
Mechanical Specifications
  • Dimensions
    • 3U, 4 HP, or
    • 3U, 6 HP, or
    • 3U, 8 HP
  • Weight
    • 402 g (model 02F075P00, 4 HP, RJ45 connectors)
    • 508 g (model 02F075P02, 6 HP, RJ45 connectors)
    • 626 g (model 02F075P01, 8 HP, M12 connectors)
Environmental Specifications
  • Temperature range (operation):
    • -40°C to +50°C (model 02F075P00)
    • -40 °C to +70 °C; 10 min @ +85 °C (EN 50155:2007, class TX, control cabinet), and EN 50125-3 (model 02F075P01)
    • Conditions: airflow 1.5 m/s, typical power dissipation: 22.5 W
  • Cooling concept
    • Air-cooled (with tailored heat sink), or
    • Conduction-cooled in MEN CCA frame
  • Temperature range (storage): -40°C to +85°C
  • Relative humidity (operation): max. 95% non-condensing
  • Relative humidity (storage): max. 95% non-condensing
  • Altitude: -300 m to +3000 m
  • Vibration (function): 1 m/s², 5 Hz - 150 Hz (EN 50155 (12.2.11) / EN 61373)
  • Vibration (lifetime): 7.9 m/s², 5 Hz - 150 Hz (EN 50155 (12.2.11) / EN 61373)
  • Shock: 50 m/s², 30 ms (EN 50155 (12.2.11) / EN 61373)
  • Pollution degree: PD 2
  • Useful life: tbd years
  • Conformal coating (standard)
Reliability
MTBF: 277 975 h @ 40°C according to IEC/TR 62380 (RDF 2000)
Safety
  • Functional Safety
  • Fire Protection
    • EN 45545-2, hazard level HL3
EMC
  • When integrated into an EMC protected rack
  • EN 50121-3-2 (tables 5 and 6) / EN 55011 (radio disturbance)
  • EN 50121-3-2 (table 9) / IEC 61000-4-6 (ESD)
  • EN 50121-3-2 (table 9) / IEC 61000-4-3 (electromagnetic field immunity)
  • EN 50121-3-2 (table 8) / IEC 61000-4-4 (burst)
  • EN 50121-3-2 (table 8) / IEC 61000-4-6 (conducted disturbances)
BIOS/Boot Loader
InsydeH2O UEFI Framework
Software Support

Downloads

Short-form Data Sheet
User Manuals
Technical Drawings
Software
Application Notes
Errata & Technical Information
Product Comparison
Catalogs & Brochures
Presentations
White Papers & Articles