Lockstep Replacement: Fault-Tolerant Design

System-level lockstep, interconnecting two original cores, is nowadays the state-of-the-art approach for protecting processor systems against random hardware faults. However, the lack of information outside the cores necessitates many compromises in dependability, software complexity, power consumption, performance, and system cost. We propose a redundancy-based protection scheme integrated into the microarchitecture of the core. The scheme separates the execution pipeline into sections with fault detection and fault tolerance, while the large predictor components remain unprotected. This approach results in fault-tolerant hardware with only an 8% area penalty compared to the dual-core lockstep, which provides only fault detection. Since the hardware recovers from the faults automatically, it does not necessitate software support and additional memory for checkpoints. The scheme comprises independent protection approaches, resulting in negligible frequency impact. It also provides an interface and memory protection and is designed to be applicable in most of the embedded-class cores. Simulation-based fault injection campaigns were performed, considering physical synthesis data, to assess the fault-tolerance. We also analyze how software compilation affects dependability and provide a hardware solution to mitigate the undesired effects.