This invention relates generally to the field of detecting errors in code sequences and more particularly to the field of detecting errors in the execution of a sequence of coded instructions in applications utilizing processing systems.
In many processing applications, there is a portion of code which is so vital to the operation of the system, that one would like to assure with a high degree of accuracy, that this code is properly executed. Examples of such code might include diagnostic programs which test the good health of the processing system or external devices, code controlling particularly critical steps in some process, or code which verifies the operation of alarm circuitry which monitors the operation of the system. This code is typically stored in memory devices as a sequence of instructions which control the operation of the processor. These code sequences, or programs, are made up of a series of multi-bit binary words, which are sequentially provided to the processor in response to the processor commands. Each word of code stored in memory has associated with it a memory address. The processor determines which codewords are sent to it by supplying to the memory a series of addresses. As an address is supplied, the processor reads the word associated with that address. These words instruct the processor to perform certain operations and direct the processor to the next address in the sequence. If an error occurs either in reading the word from memory or in the processor's execution of the instruction, the next address provided to memory will be incorrect, resulting in an erroneous instruction being provided to the processor. The consequences of these erroneous instructions are often very subtle and not readily apparent at the time they occur. For example, if the processor is checking the operation of some external malfunctioning device, the incorrect instruction may result in this malfunction going unnoticed.
One method of overcoming these problems could be to provide additional memory with a duplicate set of the critical code, along with extra code which would verify the critical sequence provided to the processor. However, this method will not detect processor malfunctions, but only malfunctions in the memories. Another method may be to provide a duplicate parallel processor and memory for this portion of critical code, with means to check one processor against the other. In larger processing systems, these techniques may be tolerable. However, in many smaller processing systems, particularly those utilizing integrated circuit chips for microprocessors and memories, such techniques may be overly burdensome and costly. For these systems particularly, it is desirable to have an apparatus which will verify the execution of critical code, without adding unnecessarily to the cost of the processing system. It is to this end that the present invention is directed.