The IP supports all common lockstep/redundancy architectures, including full dual-redundant lockstep, split/lock, master/checker, and voting with any number of cores or subsystems. The IP supports any processor architecture or other subsystems, including custom logic or accelerators. Lockstep operation is required for safety standards such as ISO26262 for automotive, IEC 61508, EN50126/8/9 and CE 402/2013.
The UltraSoC Lockstep Monitor consists of a set of configurable semiconductor IP (SIP) blocks that are protocol aware and can cross-check outputs, bus transactions, code execution and even register states, between two or more redundant systems. It can be used for processor architectures that lack native support for lockstep configurations. The hardware implementation responds at wire speed and imposes no execution overhead on the host system.
The IP includes flexible, run-time configurable embedded intelligence, allowing the monitoring and response system to be tailored to the application. Monitoring can be implemented at a variety of levels of granularity: at the subsystem level; at the transaction level; at the instruction level; and at the most fundamental hardware-level.
As an example, the RISC-V ecosystem currently lacks support for the functional safety and security principles – such as lockstep operation – mandated by global standards such as ISO26262 for functional safety, J3061 for cybersecurity, IEC 61508, EN50126/8/9 and CE 402/2013. UltraSoC’s Lockstep Monitor allows any RISC-V system to incorporate sophisticated safety capabilities. The company will be presenting on automotive safety and security – jointly with ResilTech, the specialists in resilient computing for critical systems –at the upcoming RISC-V Summit (Santa Clara, 3 – 6 Dec 2018).
UltraSoC’s recently updated white paper on ISO26262 is available as a free download.