The present invention relates to an architecture for vital data management in a multi-module digital data processing machine.
It also relates to a vital data management process for implementing an architecture of this type.
Within the scope of the invention, the term xe2x80x9cvitalxe2x80x9d applies to data essential to the proper functioning of all or part of the machine or of its modules. More generally, it applies to any data that the user of the machine wants to save or protect even in case of a malfunction of a part of this machine.
The so called xe2x80x9cmulti-modulexe2x80x9d digital data processing machines are composed of xe2x80x9cbuilding blocks,xe2x80x9d or basic modules, which are identical and are suitably interconnected so as to be able to communicate with one another.
For the sake of simplification, xe2x80x9cmulti-module digital data processing machinesxe2x80x9d will hereinafter be referred to as xe2x80x9cmachines.xe2x80x9d
For the type of machine mentioned above, one of the main requirements to be met is that, even if a module becomes defective, the vital data must be able to be recovered.
In the known art, there are existing so-called xe2x80x9chigh reliabilityxe2x80x9d machines which allow the protection of data. They have a high degree of hardware redundancy. A plurality of identical devices are linked to one another. In other words, these machines use hardware mechanisms to replicate the data and ensure their consistency.
While the result obtained is entirely in keeping with what one might expect from these arrangements, these machines nevertheless have a major drawback: their cost is high, precisely because of the hardware redundancy, and their hardware architecture is complex.
In most cases, the use of a costly solution is not justified. On the contrary, even though a certain redundancy may still be necessary, it is increasingly apparent that the reduction of the cost (production, materials used, etc.) is a requirement that cannot be overlooked. Moreover, the price of hardware has fallen sharply in recent years, while the performance levels of machines have increased considerably.
The object of the invention is to mitigate the drawbacks of the devices of the prior art, while more effectively meeting the requirements that have recently come to light.
The process according to the invention makes it possible to ensure the integrity of vital information.
It offers a specific machine architecture for the management of vital data and a process for managing this vital data.
For this purpose, each module is equipped with a nonvolatile memory in which vital data are stored, according to an organization that will be explained below.
The memory is the type known by the English abbreviation xe2x80x9cNVRAMxe2x80x9d (for xe2x80x9cNonvolatile Random Access Memoryxe2x80x9d). This type of memory allows reading, but also high-speed writing of data. It is protected by a continuous electric power supply using piles or batteries, so that it continues to function when the machine is turned off or in case of a power failure. It saves the stored data, in this case the above-mentioned vital data. This memory is distinct from the other memories: the read-only memory (xe2x80x9cROMxe2x80x9d) or the random access memory (xe2x80x9cRAMxe2x80x9d).
These memories constitute a set of local, so-called xe2x80x9cphysical,xe2x80x9d nonvolatile memories, and this set is seen by the operating system of the machine, or an extension of the latter, as a single, virtually addressed nonvolatile memory.
This local physical memory comprises two parts: a first part stores a copy of so called xe2x80x9cglobalxe2x80x9d vital data, a second part stores local xe2x80x9cprivatexe2x80x9d data. This is also true of the virtual address space: a first part is constituted by what will be called a xe2x80x9cglobal virtual nonvolatile memory,xe2x80x9d the global vital data being xe2x80x9cseenxe2x80x9d only once; a second part is constituted by what will be called a xe2x80x9clocal virtual nonvolatile memory.xe2x80x9d
The management process comprises two main phases: a first phase, at the startup of the machine, during which the state of the modules and their memories is verified, and a second phase, when the operating system is started up, during which access to the virtual address memory is ensured, as is the consistency of the physical nonvolatile memories.
One subject of the invention is an architecture for vital data management in a multi-module digital data processing machine, this machine comprising a predetermined maximum number of modules, characterized in that each of these modules comprises a physical nonvolatile memory in which this vital data is stored.
Another subject of the invention is a vital data management process for implementing this architecture.
The invention has a number of advantages and clearly achieves its stated objects since, while ensuring the integrity of the vital data, it requires only a slight increase in the quantity of hardware used: essentially the presence in each module of a nonvolatile memory of moderate capacity. The redundancy stricto sensu is limited to the replication of the so-called xe2x80x9cglobalxe2x80x9d data in each module.