Failure recovery apparatus of digital logic circuit and method thereof

Abstract

Exemplary embodiments of the present invention relate to a failure recovery apparatus of digital logic circuit and method thereof when a fault occurs in the digital logic circuit. A failure recovery apparatus according to an embodiment of the present invention comprises: a fault detection block configured to determine fault occurrence by comparing output results of a plurality of digital logic circuit which perform the same operation using a clock having a first cycle; and a failure recovery block configured to perform a failure recovery operation of the plurality of digital logic circuit by using a clock having a second cycle which is longer than the first cycle when it is determined as that a fault occurs. According to exemplary embodiments of the present invention, when a fault occurs in digital logic circuits due to external factors, it provides high reliability in failure recovery of the digital logic circuits.

Claims

1. A failure recovery apparatus comprising: a fault detection block configured to determine an occurrence of a fault by comparing output results of a plurality of digital logic circuits, each of the plurality of digital logic circuits performing a common operation using a first clock signal having a first cycle; and a failure recovery block configured to perform a failure recovery operation of the plurality of digital logic circuits by using a second clock signal having a second cycle when the fault detection block determines that the fault has occurred, the second cycle of the second clock signal being longer than the first cycle of the first clock signal.

2. The failure recovery apparatus of claim 1, wherein the fault detection block comprises a comparator configured to compare output logical values of the plurality of digital logic circuits, recognize the occurrence of the fault when two or more of the output logical values are different, and report the occurrence of the fault to the failure recovery block.

3. The failure recovery apparatus of claim 1, wherein the failure recovery block comprises a failure recovery unit configured to execute a program for failure recovery, and wherein the failure recovery unit comprises: a plurality of combinational logic circuits each configured to perform a failure recovery operation; and a plurality of delay signal generators each configured to output a logical value by receiving a first output logical value of a corresponding one of the plurality of combinational logic circuits and N clock signals, each of the N clock signals having the second cycle, N being a natural number.

4. The failure recovery apparatus of claim 3, wherein one or more of the plurality of delay signal generators each comprise a single flip-flop, the single flip-flop being configured to receive a single clock signal having the second cycle.

5. The failure recovery apparatus of claim 4, wherein the failure recovery block further comprises a clock generator configured to generate the single clock signal having the second cycle.

6. The failure recovery apparatus of claim 3, wherein one or more of the plurality of delay signal generators each comprise: N flip-flops configured to commonly receive the first output logical value of the corresponding one of the plurality of combinational logic circuits and respectively receive the N clock signals, a pair of the N clock signals having a phase difference with respect to each other; and a voter configured to receive second output logical values of the N flip-flops, and output a logical value corresponding to a majority of the received second output logical values of the N flip-flops.

7. The failure recovery apparatus of claim 6, wherein the failure recovery block further comprises a clock generator configured to generate the N clock signals, any pair of the N clock signals having a phase difference with respect to each other.

8. The failure recovery apparatus of claim 6, wherein the N clock signals include an n1.sup.th clock signal, an n.sup.th clock signal, and an n+1.sup.th clock signal, n being an integer that is equal to or greater than 2 and less than N, and wherein a first phase difference between the n1.sup.th clock signal and the n.sup.th clock signal is different from a second phase difference between the n.sup.th clock signal and the n+1.sup.th clock signal.

9. The failure recovery apparatus of claim 3, wherein the failure recovery unit is disposed outside the plurality of digital logic circuits.

10. The failure recovery apparatus of claim 3, wherein the failure recovery unit is disposed inside one of the plurality of digital logic circuits.

11. The failure recovery apparatus of claim 10, wherein the failure recovery block further comprises a clock generator configured to generate and output a generated clock signal having the first cycle to the plurality of digital logic circuits before determining that the fault has occurred and to generate and output a generated clock signal having the second cycle to the failure recovery unit after determining that the fault has occurred.

12. The failure recovery apparatus of claim 3, wherein the failure recovery block further comprises an initialization unit configured to initialize the plurality of digital logic circuits and the failure recovery unit when the fault detection block determines that the fault has occurred.

13. A failure recovery method comprising: determining an occurrence of a fault by comparing output results of a plurality of digital logic circuits, each of the plurality of digital logic circuits performing a common operation using a first clock signal having a first cycle; and performing a failure recovery operation of the plurality of digital logic circuits by using a second clock signal having a second cycle when it is determined that the fault has occurred, the second cycle of the second clock signal being longer than the first cycle of the first clock signal.

14. The failure recovery apparatus of claim 1, wherein the first cycle of the first clock signal corresponds to a single period of the first clock signal, and the second cycle of the second clock signal corresponds to a single period of the second clock signal.

15. The failure recovery apparatus of claim 6, wherein the voter includes a plurality of input NAND gates, each of the plurality of input NAND gates receiving a corresponding pair of the second output logical values of the N flip-flops, and wherein the voter further includes an output NAND gate, the output NAND gate receiving third output logical values of the plurality of input NAND gates.

16. The failure recovery apparatus of claim 8, wherein both of the first phase difference and the second phase difference are longer than the first cycle and shorter than the second cycle.

Description

BRIEF DESCRIPTION OF DRAWING

(1) FIG. 1 is a block view illustrating a failure recovery apparatus of digital logic circuit according to an embodiment of the present invention.

(2) FIG. 2 is a block view illustrating a failure recovery block according to an embodiment of the present invention.

(3) FIG. 3 is a block view illustrating a failure recovery unit according to an embodiment of the present invention.

(4) FIG. 4 illustrates a delay signal generator according to an embodiment of the present invention.

(5) FIG. 5 illustrates a delay signal generator according to another embodiment of the present invention.

(6) FIG. 6 illustrates signals inputted to and signals outputted from the delay signal generator shown in FIG. 5.

(7) FIG. 7 illustrates a voter according to an embodiment of the present invention.

(8) FIG. 8 is a block view illustrating a failure recovery apparatus of digital logic circuit according to another embodiment of the present invention.

(9) FIG. 9 and FIG. 10 illustrate a failure recovery unit according to another embodiment of the present invention.

(10) FIG. 11 is a block view illustrating a failure recovery method of digital logic circuit according to an embodiment of the present invention.

DESCRIPTION OF THE EXEMPLARY EMBODIMENTS

(11) Throughout the description of the present invention, when describing a certain technology is determined to evade the point of the present invention, the pertinent detailed description will be omitted.

(12) Exemplary embodiments of the present invention provide a failure recovery method of digital logic circuit such as CPU core when a fault occurs.

(13) According to exemplary embodiments of the present invention, any fault is detected by performing the same program in a plurality of digital logic circuit using the same clock and comparing the result to determine whether a fault occurs in the digital logic circuit.

(14) Throughout the description of exemplary embodiments of the present invention, a case using two digital logic circuits is explained.

(15) Exemplary embodiments of the present invention will be described with reference to the accompanying drawings.

(16) FIG. 1 is a block view illustrating a failure recovery apparatus of digital logic circuit according to an embodiment of the present invention.

(17) A digital logic circuit 100a and a digital logic circuit 100b are circuits executing the same application. The digital logic circuits 100a, 100b perform an arithmetic operation every clock, CLK 101, cycle and output performed arithmetic operation result.

(18) In the description of exemplary embodiments of the present invention below, the clock, CLK 101, inputted to the digital logic circuits 100a, 100b has the first cycle.

(19) A failure recovery apparatus of digital logic circuit according to an embodiment of the present invention includes a fault detection block 200 and a failure recovery block 300.

(20) The fault detection block 200 may determine fault occurrence by comparing output results from the digital logic circuits 100a, 100b. When any fault is detected, the fault detection block 200 may report it to the failure recovery block 300. Here, the fault detection block 200 may further include a comparator (not shown) which receives and compares output logical values of the digital logic circuits 100a, 100b and recognizes as fault occurrence when the inputted output logical values are different. When any fault is detected, the comparator may report it to the failure recovery block 300.

(21) When a report of the fault occurrence is received, the failure recovery block 300 performs a failure recovery operation of the digital logic circuits 100a, 100b by using a clock having the second cycle which is longer than the first cycle.

(22) A fault associated with electro-magnetic interference (EMI) and the like usually disappears after a certain period of time. Thus, the failed digital logic circuit may be stably recovered when a clock having the cycle which is longer than fault time duration is used.

(23) For example, the failure recovery may include code memory copy, core reset, memory value dump of check point and change of program counter (PC) value, etc. That is, the failure recovery may include a process till a core restarts by using PC values used prior to detecting any fault.

(24) FIG. 2 is a block view illustrating a failure recovery block according to an embodiment of the present invention. It is assumed that the digital logic circuit is a CPU core when described with reference to FIG. 2.

(25) Referring to FIG. 2, the failure recovery block 300 according to an embodiment of the present invention includes an initialization unit 310, a clock generator 320 and a failure recovery unit 330.

(26) The initialization unit 310 initializes the core-L 100a and the core-R 100b when a report of fault occurrence is received from the fault detection block 200. Initialization may vary with system implementation. For example, initialization function may include initializing an application which the core-L 100a and the core-R 100b are to execute on a memory. Accordingly, operations of the core-L 100a and the core-R 100b may be stopped. The initialization unit 310 may also initialize the failure recovery unit 330.

(27) When the initialization of the core-L 100a, the core-R 100b and the failure recovery unit 330 is completed, the initialization unit 310 may report it to the clock generator 320.

(28) The clock generator 320 may generate a clock having the second cycle which is longer than the cycle of the clock, CLK 101, which is used for the core-L 100a and the core-R 100b to execute an application program and output the generated clock to the failure recovery unit 330.

(29) The failure recovery unit 330 may execute a program for failure recovery of the core-L 100a and the core-R 100b by using the clock having the second cycle inputted from the clock generator 320.

(30) FIG. 3 is a block view illustrating a failure recovery unit according to an embodiment of the present invention.

(31) The failure recovery unit 330 according to an embodiment of the present invention may include a plurality of combinational logic circuit and a plurality of delay signal generator.

(32) The combinational logic circuit may include at least one logic element and perform a program for failure recovery of the core-L 100a and the core-R 100b by using the logic elements. Result performed in each combinational logic circuit may be outputted to the delay signal generator.

(33) The delay signal generator may receive a logical value outputted from the combinational logic circuit and N number of clocks having the second cycle outputted from the clock generator 320 in which N is a natural number, and output one logical value. The logical value outputted from the delay signal generator may be inputted to an adjacent combinational logic circuit and output of the combinational logic circuit may be inputted to an adjacent delay signal generator at the next cycle.

(34) FIG. 4 illustrates a delay signal generator according to an embodiment of the present invention.

(35) It is assumed that a delay signal generator 332 includes one flip-flop 332a when it is explained with reference to FIG. 4.

(36) The flip-flop 332a may receive the logical value outputted from the combinational logic circuit which is positioned at the front end and the clock having the second cycle, CLK 321, outputted from the clock generator 320, and generate one logical value based thereon to output it to the combinational logic circuit which is positioned at the rear end.

(37) As described above, a transient fault which is caused in circuits may generally have time duration of from several hundreds of picoseconds to several tens of nanoseconds and in exemplary embodiments of the present invention, the clock having the cycle which is longer than the time duration, CLK 321, is used to perform a program for failure recovery of the digital logic circuit.

(38) On the other hand, such a fault may be caused on the flip-flop. According to another embodiment of the present invention, a plurality of flip-flop and a plurality of clock may be used to improve reliability of the failure recovery which will be explained with reference to FIG. 5.

(39) FIG. 5 illustrates a delay signal generator according to another embodiment of the present invention.

(40) It is assumed that the delay signal generator 332 includes 3 flip-flops 332a, 332b, 332c when it is explained with reference to FIG. 5 but it may include 2 flip-flops or more than 3 flip-flops.

(41) The flip-flops 332a, 332b, 332c may receive an output logical value commonly from the combinational logic circuit which is located at the front end and the flip-flops 332a, 332b, 332c may receive a clock having the second cycle CLK 321a, CLK 321b, CLK 321c, respectively. Accordingly, the clock CLK 321a having the second cycle may be inputted to the flip-flop 332a, the clock CLK 321b having the second cycle may be inputted to the flip-flop 332b, and the clock CLK 321c having the second cycle may be inputted to the flip-flop 332c.

(42) The flip-flops 332a, 332b, 332c may generate output signals Sa, Sb, Sc based on the output logical value inputted from the combinational logic circuit and the inputted clocks. The flip-flops 332a, 332b, 332c may output the generated output signals to a voter 332d.

(43) The voter 332d may select a plurality of logical value among logical values inputted from the flip-flops 332a, 332b, 332c and output the selected logical values. The voter 332d will be explained with reference to FIG. 7 below.

(44) According to an embodiment described with reference to FIG. 5, when a fault occurs in any one of the flip-flops, a failure recovery operation may be performed by using the rest two elements.

(45) In an embodiment, phase difference between clocks may be different. For example, phase difference (1) between the first clock CLK 321a and the second clock CLK 321b may be different from that between the second clock CLK 321b and the third clock CLK 321c. Thus, even though a fault occurs at the clock edge, reliability of the failure recovery operation may be ensured. The phase differences may be represented by the following Equation 1.
the first cycle<<(1,2)<<the second cycleEquation 1

(46) In an embodiment, the phase differences (1, 2) may be set to be longer than time duration of transient fault which usually occurs. The phase differences (1, 2) may be set based on experiments or based on generally known fact.

(47) FIG. 6 illustrates signals inputted to and signals outputted from the delay signal generator shown in FIG. 5.

(48) Referring to FIG. 5 and FIG. 6, even though a wrong operation value (Value X) is outputted due to fault occurrence in the flip-flop which receives the clock CLK 321c, it is noted that an operation value (Value A) outputted from the flip-flops which receive the rest clocks CLK 321a, CLK 321b may be selected and outputted as majority signal.

(49) FIG. 7 illustrates a voter according to an embodiment of the present invention.

(50) The voter 332d may be composed with a plurality of logic element. The voter 332d may select a majority signal from a plurality of inputted signal and output the selected signal. A voter composed with NAND gate is illustrated as an example in FIG. 7.

(51) The case, that the failure recovery unit for failure recovery of digital logic circuit is positioned outside of the digital logic circuit in FIG. 1 and FIG. 2, has been explained but the failure recovery unit may be positioned inside of the digital logic circuit. This case will be explained with reference to FIG. 8 below.

(52) FIG. 8 is a block view illustrating a failure recovery apparatus of digital logic circuit according to another embodiment of the present invention.

(53) As shown in FIG. 8, the failure recovery unit 330 may be a part of combinational logic circuits which perform applications in the CPU core (core-L and core-R). In this case, the failure recovery unit 330 may perform applications during the CPU core operates normally but perform a program for failure recovery during the CPU core operates for failure recovery. This will be further explained with reference to FIG. 9 and FIG. 10.

(54) FIG. 9 and FIG. 10 illustrate a failure recovery unit according to another embodiment of the present invention.

(55) The core-L and the fault detection block are omitted for convenience of description in FIG. 9 and FIG. 10.

(56) As shown in FIG. 9, the failure recovery unit 330 may be installed inside the core-R 100b. The failure recovery unit 330 may perform applications during the CPU core operates normally but perform a program for failure recovery during the CPU core operates for failure recovery as described above.

(57) The clock generator 320 may generate a clock, CLK 101, having the first cycle and output it to the core-R 100b when the CPU core operates normally.

(58) On the other hand, when any fault is caused, thus initialization of the core-R 100b and the failure recovery unit 330 is performed and then completion of the initialization is received, the clock generator 320 may generate a clock, CLK 321, having the second cycle and output it to the failure recovery unit 330.

(59) FIG. 10 illustrates an example using a plurality of clocks, CLK 321a, CLK 321b, CLK 321c having the second cycle. Detailed description is omitted since basic operations are the same as the embodiment described with reference to FIG. 9.

(60) FIG. 11 is a block view illustrating a failure recovery method of digital logic circuit according to an embodiment of the present invention.

(61) In Step 1001, output results of a plurality of digital logic circuit are compared. For example, an output logical value of the core-L and an output logical value of the core-R are compared. Such a comparison may be performed every cycle.

(62) In Step 1003, it is determined if any fault is caused in digital logic circuits. For example, when an output logical value of the core-L is different from that of the core-R, it is determined as that a fault is caused. When it is determined as that a fault is caused, it may proceed to Step 1005.

(63) In Step 1005, initialization of the digital logic circuit and the failure recovery unit is performed.

(64) In Step 1007, a clock having the second cycle, which is longer than the first cycle used for performing applications in the digital logic circuit, may be generated. The clock having the second cycle may be one or more.

(65) In Step 1009, a program for failure recovery of the digital logic circuit is executed using the clock having the second cycle.

(66) In Step 1011, when execution of the program for failure recovery completes, the digital logic circuit may restart.

(67) The exemplary embodiment of the present invention can be implemented by various methods. For example, the exemplary embodiment of the present invention can be implemented by using hardware, software or its combination. When they are implemented by software, they may be implemented as software executing in a plurality of processors using various operating systems or platforms. In addition, the software may be created by using any language among various appropriate programming languages or be compiled in machine language codes or intermediate codes executable in a framework or virtual machine.

(68) In addition, when the exemplary embodiment of the present invention is executed in a plurality of processors, the exemplary embodiment of the present invention may be implemented by processor readable media such as a memory, a floppy disk, a hard disk, a compact disk (CD), an optical disk or a magnetic tape, or the like in which a plurality of programs are recorded to conduct the implementation of various exemplary embodiments of the present invention.

Failure recovery apparatus of digital logic circuit and method thereof

Assignee

Inventors

Cpc classification

Classification Explorer

G06F11/1641

PHYSICS

Classification Explorer

G06F11/1658

PHYSICS

Classification Explorer

G06F11/183

PHYSICS

Classification Explorer

G06F11/1438

PHYSICS

Classification Explorer

G06F11/1695

PHYSICS

Classification Explorer

G06F11/165

PHYSICS

International classification

Classification Explorer

G06F11/00

PHYSICS

Classification Explorer

G06F11/16

PHYSICS

Classification Explorer

G06F11/18

PHYSICS

Abstract

Claims

Description