Browse Prior Art Database

Dual-Processor Single-Event Upset High Reliability System

IP.com Disclosure Number: IPCOM000036730D
Original Publication Date: 1989-Oct-01
Included in the Prior Art Database: 2005-Jan-29
Document File: 2 page(s) / 77K

Publishing Venue

IBM

Related People

Zolty, H: AUTHOR

Abstract

A high integration dual-processor computer system designed for critical applications is described. High reliability and recovery from processor failures is achieved.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 2

Dual-Processor Single-Event Upset High Reliability System

A high integration dual-processor computer system designed for critical applications is described. High reliability and recovery from processor failures is achieved.

The first level of recovery is provided by storing ECC information in an EEPROM with the program and data. When the microcomputer receives an external reset pulse or detects a power-on reset condition, it scans the entire EEPROM memory and checks the generated ECC information with the stored ECC information. If there are any differences, the system uses the information to reprogram the EEPROM back to its correct state. Once the microcomputer has been initialized, the Computer Operate Properly (COP) circuit system in the microcomputer is active and causes the EEPROM checking and correction system to be activated if a system failure occurs.

This method will recover from a failure caused by a Single-Event Upset (SEU) condition which affects the programs or data stored in the EEPROM; but it will not be effective if the SEU condition caused an error in the EEPROM circuit that contains the address mapping and configuration information for the microcomputer.

When one microcomputer determines that the other has failed and has not been able to recover, it runs the software routine named Circuit Enable. This routine checks the current program stack to determine the address the Circuit Enable routine was called from. There is only one place that the routine can be called from. If it was called from any other location, there was a failure on this microcomputer and the recovery system for this microcomputer is activated. If the Circuit Enable routine was called correctly, the r...