Error detection/correction and fault detection/recovery – Data processing system error or fault handling – Reliability and availability
Reexamination Certificate
1999-12-30
2003-09-16
Beausoliel, Robert (Department: 2184)
Error detection/correction and fault detection/recovery
Data processing system error or fault handling
Reliability and availability
C714S030000
Reexamination Certificate
active
06622262
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a fault tolerant computer system, and more particularly to a fault tolerant computer system in which a boundary scan element is used as a communication element.
BACKGROUND ART
A computer for use in a monitoring system in a building, various data bases, a cash dispenser in a financial institution or the like requires nonstop, continuous processing for 24 hours or a predetermined time period.
A so-called fault tolerant computer system has been therefore proposed in order to avoid the suspension of the processing due to a fault of the computer or the like.
The fault tolerant computer system is the system in which the computer is duplicated or multiplexed and processing executed by a main computer is always made to be virtually executed by the other computer, whereby the other computer is caused to succeed to the processing when the main computer goes down. Therefore, according to this system, even when the main computer actually executing predetermined processing goes down, the processing is immediately continued by the other computer and thus the suspension of the processing can be avoided.
In such a fault tolerant computer system, what is important in order for the other computer to succeed to a series of processing without delay when the main computer goes down is as follows: the other computer quickly detects that the main computer has gone down, and discriminates the processing which has been executed when the main computer has gone down.
In this regard, a discriminating method using a watchdog timer, for example, has been heretofore suggested. This discriminating method using a watchdog timer is the method in which a signal is supplied from the main computer to the other computer at a fixed timing. As long as the signal is supplied to the other computer, the other computer recognizes that the main computer normally operates. When the signal is not supplied within a fixed time period, the other computer recognizes that the main computer has gone down, and thus succeeds to the processing.
However, if the discrimination is made in accordance with such a watchdog timer, a problem arises about an interval at which the signal is supplied. That is, when the signal is supplied at shorter intervals, the other computer can more quickly detect that the main computer is down, and more easily pinpoints the point at which the processing is suspended. However, the processing of supplying the signal or the like is performed more frequently and thus the processing to be originally executed by the computer is delayed. On the contrary, when the signal is supplied at longer intervals, the processing to be originally executed by the computer is not delayed. However, the other computer more slowly detects that the main computer is down, and less accurately determines the point at which the processing is suspended. Consequently, the other computer may fail to succeed to the processing.
Moreover, the processing for the watchdog timer is executed asynchronously with the processing which the computer should originally perform. From the beginning, it is thus difficult to accurately pinpoint the point where the processing is suspended.
SUMMARY OF THE INVENTION
It is therefore an object of the present invention to provide a fault tolerant computer system which can immediately detect that the main computer is down and which can accurately pinpoint the point where the processing is suspended, without delaying the processing which: the computer should originally execute.
Here, the inventor does not regard a boundary scan element for performing a wiring test for an electronic circuit substrate or an operation test for ICs on the substrate as the element only for a wiring connection check or the like. In other words, the inventor pays attention to the usefulness of the boundary scan element as a communication element for controlling various objects such as a CCD camera. Accordingly, the inventor has proposed a communication apparatus in which this boundary scan element is applied to the communication element (International Publication No. WO98/55925 and so on).
The inventor now uses the boundary scan element as the communication element in a fault tolerant computer system, thereby solving the above problem by the following means.
That is, according to the present invention, there is provided a fault tolerant computer system which has: a main computer; an auxiliary computer for normally virtually executing the same processing as that executed by the main computer; a communication element connected to an object; and switch means for switching connection between the communication element and either the main computer or the auxiliary computer, wherein the communication element is a boundary scan element, and the switch means switch the aforesaid connection in accordance with the presence or absence of a clock signal supplied from the main computer to the communication element.
According to these means, the switch means normally establish connection between the main computer and the communication element which is a boundary scan element, and the object is handled by the main computer. Various data communications between the main computer and the object are accomplished through the communication element, or the boundary scan element. Meanwhile, the auxiliary computer virtually executes quite the same processing as the processing which the main computer applies to the object.
When the main computer goes down, the main computer stops sending out the clock signal to the communication element. At this time, the switch means function so that the object may be processed by the auxiliary computer instead of the main computer. That is to say, the switch means break the connection between the main computer and the communication element, and establish connection between the auxiliary computer and the communication element.
This makes the auxiliary computer actually execute the processing for the object through the communication element. As a result, a series of processing for the object is avoided from being suspended.
By such functions, these means achieve the following specific effects.
First, whether or not the main computer is down is determined in accordance with the presence or absence of the clock signal supplied from the main computer to the communication element. The main computer and the auxiliary computer do not mutually determine whether or not the main computer is down. Thus, the processing which the main computer should originally execute is not delayed regardless of a cycle of the clock signal.
Second, the communication element which is a boundary scan element executes its processing in synchronization with the clock signal. Therefore, it is very easy to specify which processing the main computer was executing just before going down.
In the present invention, the main computer means a computer for normally executing the communication processing with the object. The auxiliary computer means a computer for replacing the main computer to execute the communication processing with the object when the main computer goes down. The above-stated phrase “virtually executing the same processing” means that the auxiliary computer at least keeps track of the processing which is being executed by the main computer and the auxiliary computer is in a state where it can continue that processing as needed.
A combination of logic ICs, a programmable logic device (hereinafter referred to as PLD), or the like can be used as the switch means.
Description of the aforementioned boundary scan element in the present invention will here be preceded by the discussion on the prior art of the boundary scan element and the function thereof as a communication element.
FIG.
5
(
a
) is a block diagram of a general boundary scan element
100
. The boundary scan element
100
includes a package
110
containing input-side boundary cells
103
individually provided for input-side terminals
101
, output-side boundary cells
104
individually provided for output-side terminals
102
, TDI
Beausoliel Robert
Kanesaka & Takeuchi
Koken Co. Ltd.
Puente Emerson
LandOfFree
Fault tolerant computer system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Fault tolerant computer system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Fault tolerant computer system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3014624