A classical architectural approach to application-transparent high integrity computing uses two discrete host processors executing the same software simultaneously in a lockstep fashion. This cycle-lockstep approach to processor synchronization requires access to the processing cores' internal busses. An independent checking function interfaces with each processor's front-side bus in order to provide control and monitoring of each processor's transactions to main memory and peripherals. A processing error is indicated by divergent bus transactions generated by the processing cores. This method requires that the inputs and outputs for each processing channel remain completely synchronized at a granular instruction level. Asynchronous events must be synchronized to the processing cores by custom logic and some performance features of the processing cores may need to be disabled in order to maintain cycle accuracy of the processing cores over long periods of execution.
Modern processor architectures have greatly changed since the mid 2000's with the adoption of more integrated System on a Chip (SoC) designs. Due to this high level of integration of multiple processing cores, accelerators, and peripherals, the creation of high-integrity architecture is no longer as straightforward. The synchronization of asynchronous hardware events within multi-core SoCs (e.g., internal clock domain crossings, divergent branch predictions or and Translation Lookaside Buffer (TLB)/cache states, multi-core or SoC interference channel latency jitter, out-of-order and speculative instruction execution, or unexpected machine state interrupts) presents additional challenges. SoCs and processing cores continue to advance by adopting performance-driven architectures that are not designed with determinism as a goal, making the task of granular lock-stepping with these devices increasingly difficult. Modern processing architectures therefore do not support instruction-level lockstep unless designed in by the silicon manufacturer. General-purpose processor elements with commercial off-the-shelf (COTS) SoC devices do not support high-integrity operation without custom hardware or software. In order to continue to leverage COTS devices for high integrity general purpose processing, system designers will need to adopt new processing architectures and approaches that leverage the capabilities of the current multicore SoC devices in order to achieve the same level of synchronization.