The TMR Manager and TMR Comparator implementation supports a dual lockstep configuration, which only duplicates the sub-blocks to provide a Fail-Safe (FS) subsystem, as shown in This Figure . In this subsystem, there is no need for voting, although the TMR Voter is used to distribute bus interface input signals to the two blocks.
The subsystem can be configured to enable a temporal delay between the nominal and redundant block. In this case:
• The TMR Managers ensure that the redundant block execution is delayed a configurable number of clock cycles, by releasing reset appropriately. The TMR Managers also compare their internal state after delaying the nominal block signals.
• The TMR Comparators delay the nominal block signals before comparison, to ensure that corresponding signals are compared.
• The TMR Voters delay the redundant block bus interface input signals according to the temporal delay.
• The redundant MicroBlaze processor provides the necessary temporal delay to handle debug.
Similar to the TMR case, the block RAM can either be duplicated or use ECC.
