Presentation is loading. Please wait.

Presentation is loading. Please wait.

MAPLD 2005 Anthony Lai, Radiation Tolerant Computer Design.

Published byHorace York Modified over 8 years ago

Similar presentations

Presentation on theme: "MAPLD 2005 Anthony Lai, Radiation Tolerant Computer Design."— Presentation transcript:

1 MAPLD 2005 Anthony Lai, alai@rugged.comalai@rugged.com Radiation Tolerant Computer Design

2 LaiMAPLD 2005/121 2 Overview Processing power available from today’s off-the-shelf boards far exceeds that available only two years ago. The requirements to survive the rough trip into space, and the incessant radiation of in-space service has often necessitated using legacy radiation-tolerant electronics. From process and design advancement, leading-edge components are finding their way into earth-orbiting and deep space missions. Silicon-On-Insulator (SOI) processors are available. Board-level design techniques such as redundancy and voting logic can be utilized to bring desktop performance to space applications. A careful design strategy – tailored to the end application can yield high performance with high radiation tolerance.

3 LaiMAPLD 2005/121 3 Key Design Attributes Performance – Computer with unparalleled processing power to handle complex tasks for challenging missions. Open architecture – Allow for modularity and flexibility for longer life cycle. Space Environment – Computer must evolve to offer various levels of radiation hardness to survive and operate missions in orbiting and terrestrial environments. Nuclear-powered vehicles – Computer must withstand close proximity to a nuclear reactor. Multi-system use/reuse – Computer must be compact in size and useable in multiple roles on the vehicle. Traveling in space requires a launch and a re-entry with possible intermediate docking in space – Computer must be able to survive and operate through the severe launch and re-entry environments for multiple missions.

4 LaiMAPLD 2005/121 4 Elements of a Radiation Tolerant Computer High Performance Processor with cache Radiation Tolerant, High-Performance System Controller Memory Controller Flash Controller PCI and CompactPCI bridges Timers and counters Watchdog supervisory logic Interrupt controller Triple-voted volatile memory Redundant non-volatile storage for boot firmware Non-volatile memory for multiple applications or configurations mitigated with ECC correction/detection Peripheral I/Os for software development Board Support Package available for Commercial Off-The- Shelf (COTS) real-time operating systems

5 LaiMAPLD 2005/121 5 Representative Functional Block Diagram Processor Core Processor DC/DC Power Supplies Local PCI Bus Memory Bus FPGAs Local Bus cPCI Bus DMA PCI Bridge Triple Voting SDRAM ROM Controller UART Logic FLAS H USER FLASH With ECC Memory ControllerTimers FIRMWARE BOOT FLASH cPCI Backplane Watchdog Clocks Bus Interface PMC SITE cPCI Bridge Serial Port Interface Specific I/O PMC

6 LaiMAPLD 2005/121 6 Center Processing Unit The microprocessor selected for space application must be low power (unless the spacecraft is powered by a nuclear reactor) – Watts per MIPS is as high as 3.5W per 1600 DMIPS with today’s processors The SOI process allows the operation of processors in space with high degree of SEL immunity With the addition of L1 and L2 on-die data and instruction cache along with dynamic branch prediction, dramatically increase processing power. In some cases, L1 cache is also protected with parity and L2 cache is protected with ECC (single-bit correction and multi- bit detection).

7 LaiMAPLD 2005/121 7 PowerPC™ System Controller The controller functions can be implemented with anti-fuse FPGA chipset. The system controller includes the following features: Flash controller for dual-redundant 16-bit boot flash Flash controller for 32-bit user flash with ECC Watchdog mechanism Reset circuitry Interrupt controller Timers Triple-voted SDRAM controller PCI bridge for local bus cPCI bridge for cPCI bus backplane master/slave access 60x local bus interfaces

8 LaiMAPLD 2005/121 8 An Example for a System Controller Design partitioned into five anti-fuse FPGAs (-1 speed grade) Data transfers can flow from CPU 60x to PCI bus (downstream) and from PCI to CPU 60x bus (upstream) CPU 60x and PCI buses operate in different clock domains All internal and external data busses are 32 bits CPU 60x bus can be mastered from the CPU, cPCI bus and local PCI bus ROM (boot and user flash) data flows directly to CPU bus SDRAM data is protected by a “ transparent ” voting mechanism CPU, PCI and DMA can share access to SDRAM 32-bit 33.333 MHz Local PCI and cPCI bus interface Act as a (c)PCI host bridge, CPU can configure PCI devices Act as a (c)PCI master with requests from CPU Act as a (c)PCI target, forward requests to SDRAM

9 LaiMAPLD 2005/121 9 Representative System Controller Diagram

10 LaiMAPLD 2005/121 10 SDRAM Volatile Memory SDRAM is triple redundant – three separate banks of SDRAM are distributed across the SBC. A voting mechanism is incorporated in a radiation tolerant FPGA. The SDRAM controller controls signals that are connected directly to 3 SDRAM banks (32bit bus).

11 LaiMAPLD 2005/121 11 Triple-Voting Mechanism for SDRAM The data bus is connected to the voting system, which drives the data bus of the 3 Memory banks. In write cycle the Voting system gets the data from the SDRAM controller and drives it directly to the 3 memory banks simultaneously for write operation. In read cycle, the voting system receives the data from the 3 memory banks. The system uses simple logic to decide which is the right value (majority vote). When an error is detected the SDRAM Controller FPGA captures the SDRAM Address and asserts an Interrupt so that the corrected data can be rewritten to the address. The design is demonstrated to have no effect in reducing CPU throughput.

12 LaiMAPLD 2005/121 12 Boot Flash The Boot Flash is used for storing the Startup firmware for execution after reset/power-up. There are two Boot Flash devices residing in parallel and controlled by the ROM/Flash Controller FPGA and rad-hard watchdog supervisor. They occupy the same address space (hard coded in the ROM/Flash Controller) and are selected through two different chip select signals generated by the ROM/Flash controller. The Boot Flash is 16-bit wide and may be accessed by read cycles of 8, 16 and 32-bit wide transactions, while write to the Boot Flash may be performed in 16-bit only cycles.

13 LaiMAPLD 2005/121 13 Boot Flash Fail-Over Algorithm After a reset (hardware or software) or a power-up is initiated, the “primary” boot flash device is selected. In case of a data integrity problem, the startup firmware will fail to service the watchdog timer and a watchdog timer reset will take place after programmable multiples of 1.6 seconds. In that event the ROM/Flash controller will select the “secondary” boot flash device and reboot. If the second boot is unsuccessful, the processor will try to boot once more from the primary boot flash and then halt. Upon successful loading of VxWorks application, the FSW can access a FPGA register to obtain status if a boot-failure had occurred during startup. The ROM/Flash controller selects the “primary” boot flash device automatically during reset. During normal operation both boot flash devices are accessible (R/W) from the processor. The integrity of the boot flash data will be checked by the FSW by doing a software CRC on the data.

14 LaiMAPLD 2005/121 14 User Flash The user flash is implemented with three flash components. Each flash component has a 256 Mb or 32 MB capacity. The first two components are for data storage. The third component is designed to store 7 or 8 bits of ECC data for each 32-bit of data. User flash is 64 MB.

15 LaiMAPLD 2005/121 15 User Flash Operations Read data from the USER FLASH is done in 8/16/32-bit operation. Write data in 32-bit cycles only. Write operation to the USER FLASH can be enabled/disabled by software – controlling the flash devices Write protect pin by the Rom Controller. User flash Ready/Busy status bit can be read by software (by the Rom Controller that monitors the ready/busy pin of the flash devices).

16 LaiMAPLD 2005/121 16 ECC Algorithm (implemented in VHDL) WRITE CYCLE: ECC check word is generated (32-bit Operation) for each write cycle and is written (8 Check Bits for 64MB user flash) to the third ECC FLASH device. READ CYCLE: ECC check word is generated for the read data ECC Compare: the ECC check word that was generated in the WRITE cycle (located in the third ECC FLASH device) is compared with the ECC check word that is generated in the READ cycle Three comparison syndromes: ECC word match: the data that was read from the USER Flash is driven directly to the 60X bus ECC word doesn't match (one bit error): correct the data that was read and drive the corrected data to the 60X bus. Drive interrupt which indicates one error and enables the software to write the corrected data back to the USER FLASH. ECC word doesn't mach (Multi-Bit Errors bit error): No correction and the data that was read from the USER Flash is driven directly to the 60X bus. Drive interrupt which indicates multi-bit error to the software.

17 LaiMAPLD 2005/121 17 PCI and cPCI Bridges The 60x-PCI bridge interfaces the CPU 60x bus to PCI Bus. The design contains several major modules: PCI Core logic - supports (c)PCI master and (c)PCI target transactions. 60x core logic - supports 60x bus master and slave transactions. PCI arbiter – supports the PCI master devices (Ethernet, PMC) cPCI arbiter – supports the cPCI master devices 60x address and data arbiters – supports the S950 60x master devices (CPU, 60x-PCI Bridge and 60x-cPCI Bridge) Interrupt controller – controls all board’s external and internal interrupts through a set of registers.

18 LaiMAPLD 2005/121 18 Other FPGA Features RS422 UART – up to 115.2 kbps Two serial ports is implemented as asynchronous UART interfaces. These serial ports incorporate control and status registers mapped into the processor’s memory space. Watchdog Supervisor Operate in conjunction with the onboard 1.6-second watchdog supervisory circuitry to issue a proper reset. Reset Mechanism The ROM/Flash Controller implements a reset mechanism that supports reset events from software-initiated reset, push-button reset, JTAG Reset and the circuit supervisor, watchdog timer reset and PFO (Power Fail Output) signals coming from the circuit supervisor. The reset mechanism also supports switching between the two dual redundant boot Flash devices in case one of them is corrupted and the boot up sequence is not completed. Only when the computer is used in the system slot, it will be able to generate a reset on the cPCI backplane.

19 LaiMAPLD 2005/121 19 Summary A radiation tolerant computer design is presented based on 3 generations of space computer development. In an instance of a design, radiation testing has been performed to characterize the board-level upset rates. Performance benchmarked for design was completed with operating system and board support package overhead. Variants using the same design (PCB with multiple foot prints) allow software compatibility and reusability for various short-term and long-term LEO missions, Mars/Lunar terrestrial exploration, CEV and other similar radiation environment. Typical applications: Mission computer with redundancy option Flight guidance and navigation computer Mission Data Recorder Video Recorder Robotic Controller

Download ppt "MAPLD 2005 Anthony Lai, Radiation Tolerant Computer Design."

Similar presentations

Nios Multi Processor Ethernet Embedded Platform Final Presentation

Nios Multi Processor Ethernet Embedded Platform Final Presentation
Bus Specification Embedded Systems Design and Implementation Witawas Srisa-an.

Bus Specification Embedded Systems Design and Implementation Witawas Srisa-an.
Computer Architecture

Computer Architecture
EXTERNAL COMMUNICATIONS DESIGNING AN EXTERNAL 3 BYTE INTERFACE Mark Neil - Microprocessor Course 1 External Memory & I/O.

EXTERNAL COMMUNICATIONS DESIGNING AN EXTERNAL 3 BYTE INTERFACE Mark Neil - Microprocessor Course 1 External Memory & I/O.
Microprocessor or Microcontroller Not just a case of “you say tomarto and I say tomayto” M. Smith, ECE University of Calgary, Canada.

Microprocessor or Microcontroller Not just a case of “you say tomarto and I say tomayto” M. Smith, ECE University of Calgary, Canada.
Lecture Objectives: 1)Explain the limitations of flash memory. 2)Define wear leveling. 3)Define the term IO Transaction 4)Define the terms synchronous.

Lecture Objectives: 1)Explain the limitations of flash memory. 2)Define wear leveling. 3)Define the term IO Transaction 4)Define the terms synchronous.
IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.

IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.
University College Cork IRELAND Hardware Concepts An understanding of computer hardware is a vital prerequisite for the study of operating systems.

University College Cork IRELAND Hardware Concepts An understanding of computer hardware is a vital prerequisite for the study of operating systems.
Chapter 1 and 2 Computer System and Operating System Overview

Chapter 1 and 2 Computer System and Operating System Overview
TECH CH03 System Buses Computer Components Computer Function

TECH CH03 System Buses Computer Components Computer Function
Microprocessor or Microcontroller Not just a case of “you say tomarto and I say tomayto” M. Smith, ECE University of Calgary, Canada.

Microprocessor or Microcontroller Not just a case of “you say tomarto and I say tomayto” M. Smith, ECE University of Calgary, Canada.
I/O Subsystem Organization and Interfacing Cs 147 Peter Nguyen

I/O Subsystem Organization and Interfacing Cs 147 Peter Nguyen
Lecture 7 Lecture 7: Hardware/Software Systems on the XUP Board ECE 412: Microcomputer Laboratory.

Lecture 7 Lecture 7: Hardware/Software Systems on the XUP Board ECE 412: Microcomputer Laboratory.
Chapter 17 Microprocessor Fundamentals William Kleitz Digital Electronics with VHDL, Quartus® II Version Copyright ©2006 by Pearson Education, Inc. Upper.

Chapter 17 Microprocessor Fundamentals William Kleitz Digital Electronics with VHDL, Quartus® II Version Copyright ©2006 by Pearson Education, Inc. Upper.
Lecture 12 Today’s topics –CPU basics Registers ALU Control Unit –The bus –Clocks –Input/output subsystem 1.

Lecture 12 Today’s topics –CPU basics Registers ALU Control Unit –The bus –Clocks –Input/output subsystem 1.
CS-334: Computer Architecture

CS-334: Computer Architecture
Chapter 8 Input/Output. Busses l Group of electrical conductors suitable for carrying computer signals from one location to another l Each conductor in.

Chapter 8 Input/Output. Busses l Group of electrical conductors suitable for carrying computer signals from one location to another l Each conductor in.
Interconnection Structures

Interconnection Structures
MAPLD 2005 Anthony Lai, Radiation Tolerant Computer Design.

MAPLD 2005 Anthony Lai, Radiation Tolerant Computer Design.
Organization of a computer: The motherboard and its components.

Organization of a computer: The motherboard and its components.

Similar presentations

Ads by Google