Article <vev398$1r4v5$2@paganini.bofh.team>

Deutsch English Français Italiano
<vev398$1r4v5$2@paganini.bofh.team>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!feeds.phibee-telecom.net!2.eu.feeder.erje.net!feeder.erje.net!nntp.comgw.net!newsfeed.bofh.team!paganini.bofh.team!not-for-mail
From: antispam@fricas.org (Waldek Hebisch)
Newsgroups: comp.arch.embedded
Subject: Re: Diagnostics
Date: Sat, 19 Oct 2024 01:50:34 -0000 (UTC)
Organization: To protect and to server
Message-ID: <vev398$1r4v5$2@paganini.bofh.team>
References: <veekcp$9rsj$1@dont-email.me> <veuggc$1l5eo$1@paganini.bofh.team> <77k5hjprfq0ipjp6pcdd03lnph1i76ssuu@4ax.com> <veunj9$3gbqs$2@dont-email.me>
Injection-Date: Sat, 19 Oct 2024 01:50:34 -0000 (UTC)
Injection-Info: paganini.bofh.team; logging-data="1938405"; posting-host="WwiNTD3IIceGeoS5hCc4+A.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A";
User-Agent: tin/2.6.2-20221225 ("Pittyvaich") (Linux/6.1.0-9-amd64 (x86_64))
X-Notice: Filtered by postfilter v. 0.9.3
Bytes: 2389
Lines: 31

Don Y <blockedofcourse@foo.invalid> wrote:
> On 10/18/2024 2:42 PM, George Neuner wrote:
> 
>>  To ensure 100%
>> functionality at all times effectively requires use of redundant
>> hardware - which generally is too expensive for a non safety critical
>> device.
> 
> Apparently, there is noise about incorporating such hardware into
> *automotive* designs (!).  I would have thought the time between
> POSTs would have rendered that largely ineffective.  OTOH, if
> you imagine a failure can occur ANY time, then "just after
> putting the car in gear" is as good (bad!) a time as any!

TI for several years has nice processors with two cores, which
are almost in sync, but one is something like one cycle behind
the other.  And there is circuitry to compare that both cores
produce the same result.  This does not cover failures of the
whole chip, but dramaticaly lowers chance of undetected erros due
to some transient condition.

For critical functions a car could have 3 processors with
voting circuitry.  With separate chips this would be more expensive
than single processor, but increase of cost probably would be
negligible compared to cost of the whole car.  And when integrated
on a single chip cost difference would be tiny.

IIUC car controller may "reboot" during a ride.  Intead of
rebooting it could handle work to a backup controller.

-- 
                              Waldek Hebisch