1. Field of the Invention
The invention relates to fault tolerant digital computer system architecture particularly with respect to ensuring memory data and address integrity.
2. Description of the Prior Art
Data integrity, or the ability to detect incorrect or corrupted data, is important in many areas of computer applications. Applications where human safety must be assured, such as air traffic control, aircraft control, or weapons guidance and control, are examples of systems in which errors in processing could have catastrophic effects. Other applications which have less severe consequences and yet data integrity is highly desirable are banking and highly secure military classified computing and communications.
A common technique for detecting faults occurring in a processor is to utilize an identical processor in lock step operation with the primary processor and to continuously compare all outputs and control signals of the identical pair. Lock step operation generally provides that a processor pair is clocked from a common source and executes the identical instruction at each clock cycle. If a disagreement occurs between the two processors, the processor system comprising the pair is halted. Such a processor pair may, for example, comprise two identical central processing units (CPU) or two identical floating point units (FPU) or two identical CPU/FPU pairs. Such a system may, for example, be implemented utilizing microprocessors and memory chips, such as dynamic random access memory (DRAM) chips
Utilizing lock step operation alone does not guarantee that the information presented to the memory is identical to the data at the microprocessors. In all microprocessor based systems there is always at least one level of logic between the CPU/FPU and the memory chips. Such logic may comprise bus transmitters and receivers (transceivers) and address multiplexers (MUX) which provide a memory interface. Such transceivers and multiplexers are required to enable devices other than the processors, such as direct memory access (DMA) devices, to access the memory and to convert the address bus into a format required by the DRAM chips. Typically such address busses comprise 32 bits. Comparison of all of the outputs at the lock stepped CPU/FPU pairs does not guarantee that the data presented to memory will be the same data provided by the processor because such additional levels of logic provide another source of potential faults. Furthermore, the addressing signals provided to the memory by the processor may be corrupted by such memory interface. It is appreciated that data so corrupted and stored undetected in memory or data stored at incorrect addresses can result in catastrophic effects as described above.