From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_20,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 115aec,5495dac456fa22ef X-Google-Attributes: gid115aec,public X-Google-Thread: 103376,5495dac456fa22ef X-Google-Attributes: gid103376,public From: tomz@mot.com (Tom Ziomek) Subject: Re: Processor Synchronization Date: 1999/01/22 Message-ID: <78b14n$i2i11@nntp.cig.mot.com>#1/1 X-Deja-AN: 435815995 References: <36A509DB.95F62C0B@pwfl.com> <36A6DBB0.594A@wctc.net> <36A741A2.E3DB7BCE@pwfl.com> Organization: Motorola Newsgroups: comp.lang.ada,comp.realtime Date: 1999-01-22T00:00:00+00:00 List-Id: In article <36A741A2.E3DB7BCE@pwfl.com>, Marin David Condic wrote: >Our style of computer system for jet and rocket engines is not nearly >that easy to do. The requirements won't allow for it. This box is >strapped to the side of a really hot vibration generator and having it >stop operating for any reason is considered "A Bad Thing". In the case >of rockets, it is considered "A Really Bad Thing". And the rockets will >take you out to where you can introduce your box to a bunch of gamma >rays - just to make life interesting for your EEPROMs, etc., and to keep >you appropriately humble. Due to the high reliability requirement, the >systems are dual redundant and each channel has to be able to take >immediate control if the other side is detected to have passed on to >meet its maker. > >A real easy way to get in trouble and have to answer lots of >embarrassing questions and probably start looking for a new career in >the exciting world of the fast food industry is to have built completely >redundant systems except for one common link - a clock or interrupt line >for synchronization. If that chip or foil trace or wire should happen to >break, all your dual redundancy was for naught. Hence, we have to pull >some stunts to keep the two sides in synch. > >Anyway - if you know of any texts or papers discussing techniques for >tightly synching two or more independent processors, please pass them >along. Thanks. This kind of stuff is certainly needed in some apps, and has been done be- fore. Not sure I know where--you could try looking at the Stratus computer stuff (80s to mid-90s); they used sync'ed dual processors but I'm not sure how tight that synchronizatio was. There might be some stuff, or other refs, in the fault tolerant systems book by Siewiorek (Prof. Daniel) and Schwarz. I can get a ref for you if needed but it should be pretty easy to look up based on what I recall here. The best source I can think of is the annual proceedings from the IEEE FTCS (Fault Tolerant Computing Symposium). I went to a couple in the late '80s and there were all sorts of papers that could help you. A lot (but not all) were more academic than reduced-to-practice, but a lot of those people did actual lab implementations even if they didn't productize them. Tom -- Send email to user 'tomz' at domain 'comm.mot.com'.