The present techniques generally relate to a method of monitoring for a fault event in a lockstep processing system having a plurality of cores configured to operate in lockstep, the method having: power gating, for a period of time, a subset of cores of the plurality of cores from a first power source and providing power to the subset of cores from a second power source for the period of time; processing, at each of the cores of the plurality of cores, one or more instructions; providing an output from each core of the plurality of cores to error detection circuitry to monitor for the fault event, the output from each core based on or in response to processing the one or more instructions during the period of time.

Provided is an image recognition processor. The image recognition processor includes a plurality of nano cores arranged in rows and columns and configured to perform a pattern recognition operation on an input feature using a kernel coefficient in response to each instruction, an instruction memory configured to provide the instruction to each of the plurality of nano cores, a feature memory configured to provide the input feature to each of the plurality of nano cores, a kernel memory configured to provide the kernel coefficients to the plurality of nano cores, and a functional safety processor core configured to receive a result of a pattern recognition operation outputted from the plurality of nano cores to detect the presence of a recognition error, and perform a fault tolerance function on the detected recognition error.

A method, system, and computer program product for determining a consistent point in time in a replication environment comprising determining periods of time that no IO was received from sources; wherein the periods are determined to account for differences between the clocks of the sources and the clock at a replication appliance, adjusting the periods of time that no IO was received by at least one delay factor, comparing the adjusted periods of time from the sources to determine a common period of time; wherein the common point in time denotes that each source was in a consistent state and marking the adjusted point in time as a consistent point in time in a journal.

A method for recovering a clock signal from a data signal by using a clock recovery module is described. Edge timings of the data signal are accumulated. The edge timings accumulated are transformed into one reference bit period. A time offset for the reference bit period is determined. A reference clock signal is determined based on the time offset. The number of bits within a system clock of the clock recovery module is determined. The clock signal is recovered based on the reference clock signal and the number of bits. Further, a clock recovery module as well as a computer program are described.

A system for testing a clock monitor includes a fault injection circuit, a control circuit, and a clock monitor circuit to evaluate a clock source signal from a clock source. The fault injection circuit is to modify or replace the clock source signal from the clock source to yield a modified clock signal, and send the modified clock signal to the clock monitor circuit. The clock monitor circuit is to receive an input clock signal, determine whether the input clock signal indicates a faulty clock source, and issue a clock corrective action if the input clock signal indicates a faulty clock source. The control circuit is to monitor for the clock corrective action, and determine, based on whether the clock corrective action is issued, whether the clock monitor circuit is operating correctly.

The systems and methods described herein provide the ability to detect a clocking element fault within an IC device and switch to an alternate clock. In response to detection of a fault in a phase-lock-loop (PLL) clocking element, the device may switch to an alternate clock so that error reporting logic can make forward progress on generating error message. The error message may be generated within an Intellectual Property (IP) cores (e.g., IP blocks), and may send the error message from the IP core to a system-on-a-chip (SOC), such as through an SOC Functional Safety (FuSA) error reporting infrastructure. In various examples, the clocking error may also be output to a hardware SOC pin, such as to provide a redundant path for error indication.

The disclosed embodiments relate to components of a memory system that support timing-drift calibration. In specific embodiments, this memory system contains a memory device (or multiple devices) which includes a clock distribution circuit and an oscillator circuit which can generate a frequency, wherein a change in the frequency is indicative of a timing drift of the clock distribution circuit. The memory device also includes a measurement circuit which is configured to measure the frequency of the oscillator circuit.

A microcontroller includes two processing blocks that respectively have a Central Processing Unit (CPU) and a peripheral circuit, where an access to the peripheral circuit in each of the processing blocks, that is, to a Read-Only Memory (ROM) or a Pulse Width Modulator (PWM) signal generator, is limited only from the CPU disposed in the same processing block. Thereby a fail-safe functionality of the microcontroller is improved.

A communication node (NODE) for connecting a fault-tolerant computer (FTC) to a real-time network (NET), wherein the node receives critical application data (HCAD1, HCAD2) from computation hosts (HOST) of the fault-tolerant computer, and the node is configured to forward the critical application data as node critical application data (NCAD) to the NET. The node includes at least a first end system (ES1), a second end system (ES2) and a switch (SW), and the switch includes at least a commander part (COM), a monitor part (MON) and a comperator part (COMP). The MON and the COMP may be integrated into an integrated part (MONC). The ES1 connects to the computation hosts or a subset thereof, and the ES2 connects to the computation hosts or a subset thereof. The ES1 connects to the COM, and the ES2 connects to the MON. The computation hosts or a subset thereof provide first host critical application data (HCAD1) to the ES1, and the computation hosts or a subset thereof provide second host critical application data (HCAD2) to the ES2. The ES1 is configured to forward the HCAD1 as first end system critical application data (ESCAD1) to the COM and the ES2 is configured to forward the HCAD2 as second end system critical application data (ESCAD2) to the MON. The COM is configured to forward the ESCAD1 as commander critical application data (CCAD) to the COMP at a pre-configured commander forwarding point in time (TCOM), and the MON is configured to forward the ESCAD2 as monitor critical application data (MCAD) to the COMP at a pre-configured monitor forwarding point in time (TMON). If the MON and the COMP are not integrated into an integrated part, then the COMP is configured to forward either the CCAD or the MCAD as node critical application data (NCAD), if and only if, the CCAD and the MCAD are identical and the COMP starts to receive the CCAD and the MCAD within an interval of configured length (SYNC-1). Alternatively, if the MON and the COMP are integrated into an integrated part (MONC), then the COM is configured to forward the ESCAD1 as NCAD to the NET. The switch includes an interception function (INTERCEPT) which is configured to (i) preempt an ongoing transmission of NCAD and/or (ii) prevent the transmission of NCAD, and the COMP is configured to activate the interception function if and only if the CCAD and the MCAD are not identical or the COMP does not start to receive the CCAD and the MCAD within SYNC-1.

An integrated circuit includes one or more portions having error detection and error correction circuits and which is operated with operating parameters giving finite non-zero error rate as well as one or more portions formed and operated to provide a zero error rate.