For safety related applications, it is important to ensure microcontrollers correctly execute their intended functionality in all phases of the application. The execution assumes correctness of both hardware and software components with respect to their specification and fault-free execution of this functionality. In general, safety related applications are built using special measures to avoid systematic faults and to detect and react to possible random hardware faults during execution of the application.
However, when a microcontroller is first starting up or restarting from a known-state, e.g., after a reset trigger, the microcontroller executes start-up code which is built into the microcontroller during its production. If the microcontroller start-up is affected by a hardware fault during start-up, the intended functionality may no longer be performed correctly even though the rest of the hardware and software is fault-free. In other words, a fault during the start-up phase of a microcontroller may propagate to the execution of the safety related application, hence leading to a potential un-safe situation.