Conferences and supporting programme
Triple Core ARM Based Architecture for Radiation Environments
This technical paper proposes an ARM-based microcontroller that has been optimized for use in conditions of extreme radiation. Namely, several radiation mitigating techniques are combined to address different types of failures that occur in CMOS devices when exposed to radiation. The proposed microcontroller integrates three Cortex-R5 CPUs in lock-step mode and implements a quick error recovery mechanism to cope with radiation-provoked soft errors. At every clock cycle, the instructions to execute by the microcontroller are read from a shared memory and distributed to the triplicated CPUs. The CPU outputs are majority-voted and forwarded to memories and I/O ports, preventing CPU errors from propagating to other parts of the system. Simultaneously, an error detection logic in the TCLS Assist Unit checks if there is any mismatch in the outputs delivered by the three CPUs. If there is a mismatch, this logic identifies whether it is a correctable error (i.e., only one of the CPUs delivers a different set of outputs) or an un-correctable one (i.e., all CPUs deliver different outputs). In TCLS, the CPU resynchronization process is automatic and transparent to the software. It consists in pushing out the architecture state of the three CPUs and then restoring the majority voted values back. Two remarks are important here. First, the error recovery process can be completed in less than 2,500 clock cycles (less than 2.5 us @ 450 MHz) as there is no need to correct the memory state, whose integrity is protected using ECC. Secondly, the TCLS architecture is fail functional as it can continue working correctly in the event of a single CPU error using the two remaining functionally correct CPUs until all critical computations are completed and there is enough time to resynchronize the three CPUs. Unlike related space-qualified processors, the TCLS can deliver comparable performance (i.e., CPU clock frequency) to the COTS Cortex-R5 processor widely used in terrestrial automotive applications. Finally, note that that the ARM TCLS architecture can be potentially used with any ARM CPUs, including performance-oriented A-class CPUs. The processing technology is based upon VORAGO's HARDSIL. This is a modification to standard CMOS that prevents radiation-induced latchup. To mitigate against an SEU that could flip a memory bit, an Error Detection and Correction (EDAC) subsystem is proposed. Error Correcting Code (ECC) memories have the ability to detect a flipped memory bit and correct it. A programmable Scrub engine has also been included to prevent the accumulation of uncorrectable errors. The purpose of the Scrub Engine is to prevent accumulated errors and is an important part of the overall strategy to prevent uncorrectable bit flips due to radiation strikes. The Scrub Engine operates independently of the ECC system and will operate in the background of regular CPU activity to periodically examine the contents of each memory location and correct any bit-flip errors.
--- Date: 01.03.2018 Time: 4:00 PM - 4:30 PM Location: Conference Counter NCC Ost