Integration of functions inside an electronic control unit (ECU) is mainly concentrated around a safe microcontroller that plays a central role by hosting critical computation and control functions. As a result of sub-micron technologies it has become economically possible to integrate large-scale redundant structures (e.g., duplex-systems) inside ECUs, microcontrollers, and other types of integrated electronic and computational systems, whether or not such systems relate to safety-related computations and/or control functions. Typically, such systems form the basic hardware architecture upon which safety software rely (e.g., applications requiring the ISO 26262 ASIL D safety integrity level).
However, typical duplex systems require cycle-by-cycle hardware-based comparisons of every functional output, as well as complex, common-cause failure analyses based on delaying the redundant parts by one or more clock cycles, resulting in large power consumption and large chip area related to the integration of the duplex structures within a microcontroller, for example.
Furthermore, a consequence for large duplex systems is the cost of the delay stages for the inputs and outputs, as well as complex comparator logic. For instance, for a delay of 2 cycles, assuming 1000 inputs and 1000 outputs, the cost of the delay is 4000 flip-flops. In addition to the area required to integrate a large number of flip flops, power consumption becomes a limiting factor when extending such a system, as well as when operating at higher frequencies which typically requires a higher delay (i.e., a higher number of delay cycles).
It would be advantageous to provide solutions that reduce power consumption and area related to the integration of redundant-type structures inside high integrity electronic systems while retaining a high level of error detection provided by such redundant-structures. It is also of interest to provide redundant-structures that detect internal faults and faults at output-lines during normal operation.