CN111400109A - Dual-computer redundancy backup system based on PCIe high-speed bus interface - Google Patents

Dual-computer redundancy backup system based on PCIe high-speed bus interface Download PDF

Info

Publication number
CN111400109A
CN111400109A CN202010268062.6A CN202010268062A CN111400109A CN 111400109 A CN111400109 A CN 111400109A CN 202010268062 A CN202010268062 A CN 202010268062A CN 111400109 A CN111400109 A CN 111400109A
Authority
CN
China
Prior art keywords
machine
control cpu
fpga
main control
state monitoring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010268062.6A
Other languages
Chinese (zh)
Other versions
CN111400109B (en
Inventor
滕树鹏
沈奇
陆灵君
韦杰
双小川
王志国
纪丙华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai aerospace computer technology research institute
Original Assignee
Shanghai aerospace computer technology research institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai aerospace computer technology research institute filed Critical Shanghai aerospace computer technology research institute
Priority to CN202010268062.6A priority Critical patent/CN111400109B/en
Publication of CN111400109A publication Critical patent/CN111400109A/en
Application granted granted Critical
Publication of CN111400109B publication Critical patent/CN111400109B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/1608Error detection by comparing the output signals of redundant hardware
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • G06F1/24Resetting means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • G06F1/26Power supply means, e.g. regulation thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/20Handling requests for interconnection or transfer for access to input/output bus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2213/00Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F2213/0026PCI express
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Hardware Redundancy (AREA)

Abstract

The invention provides a dual-computer redundancy backup system based on a PCIe high-speed bus interface, which comprises: the system comprises a machine A main control CPU, a machine B main control CPU, a machine A power supply module, a machine B power supply module, a state monitoring high-reliability antifuse FPGA and a slave device FPGA; the double-computer cold backup of the PCIe bus is switched through the state monitoring high-reliability antifuse FPGA, if the double computers are full-function backup, the reliability of the whole communication system can be improved, and the service life of the system is prolonged; if the double machines have different functions, function expansion can be realized through the cutter, and the functionality and the flexibility of the system are improved.

Description

基于PCIe高速总线接口的双机冗余备份系统Dual-machine redundant backup system based on PCIe high-speed bus interface

技术领域technical field

本发明涉及通信技术领域,具体地,涉及基于PCIe高速总线接口的双机冗余备份系统。The invention relates to the field of communication technologies, in particular to a dual-machine redundant backup system based on a PCIe high-speed bus interface.

背景技术Background technique

随着星载载荷技术的进步,载荷数据量的大大增加。在星载数传领域,传统的低电压差分信号(Low-Voltage Differential Signaling,LVDS)数据传输链路不论从速率上还是通用性上已经不能满足高速数传的需求。而对高速且可靠的总线数传方式的需求越来越高。With the advancement of spaceborne payload technology, the amount of payload data has greatly increased. In the field of spaceborne data transmission, the traditional Low-Voltage Differential Signaling (LVDS) data transmission link can no longer meet the needs of high-speed data transmission in terms of speed and versatility. The demand for high-speed and reliable bus data transmission is getting higher and higher.

但是,若单独开发一种自定义的高速数传总线通信方案,不论从成本上还是可靠性上都是难以实现的。因此,对传统、通用的高速总线进行相应的可靠性设计,保证其在空间环境中的可靠性成为最可行的方案之一。However, if a self-defined high-speed digital bus communication scheme is developed alone, it is difficult to achieve both in terms of cost and reliability. Therefore, it is one of the most feasible solutions to carry out the corresponding reliability design for the traditional and general high-speed bus to ensure its reliability in the space environment.

发明内容SUMMARY OF THE INVENTION

针对现有技术中的缺陷,本发明的目的是提供一种基于PCIe高速总线接口的双机冗余备份系统。In view of the defects in the prior art, the purpose of the present invention is to provide a dual-machine redundant backup system based on a PCIe high-speed bus interface.

根据本发明提供的一种基于PCIe(PCIexpress)高速总线接口的双机冗余备份系统,包括:A机主控CPU、B机主控CPU、A机供电模块、B机供电模块、状态监控高可靠反熔丝FPGA(Field-Programmable GateArray,现场可编程门阵列)、从设备FPGA;所述A机供电模块用于根据所述状态监控高可靠反熔丝FPGA发送的供电使能信号,向所述A机主控CPU(中央处理器)供电;所述B机供电模块用于根据所述状态监控高可靠反熔丝FPGA发送的供电使能信号,向所述B机主控CPU供电;所述从设备FPGA通过PCIe高速总线分别与所述A机主控CPU、B机主控CPU通信连接;其中,所述A机主控CPU和所述B机主控CPU互为备份,且所述A机主控CPU和所述B机主控CPU不同时上电工作。A dual-machine redundant backup system based on PCIe (PCIexpress) high-speed bus interface provided according to the present invention includes: a main control CPU of machine A, a main control CPU of machine B, a power supply module of machine A, a power supply module of machine B, a state monitoring high Reliable anti-fuse FPGA (Field-Programmable GateArray, Field Programmable Gate Array), slave device FPGA; the A power supply module is used to monitor the power supply enable signal sent by the high-reliability anti-fuse FPGA according to the state, and send it to all The main control CPU (central processing unit) of the A machine is powered; the power supply module of the B machine is used to monitor the power supply enable signal sent by the high-reliability anti-fuse FPGA according to the state, and supply power to the main control CPU of the B machine; The slave device FPGA communicates with the main control CPU of the A machine and the main control CPU of the B machine respectively through the PCIe high-speed bus; wherein, the A machine main control CPU and the B machine main control CPU are mutually backup, and the The main control CPU of machine A and the main control CPU of machine B are not powered on and work at the same time.

可选地,所述状态监控高可靠反熔丝FPGA通过第一接口与从设备FPGA启动A机主控CPU程序存储芯片通信连接,所述状态监控高可靠反熔丝FPGA通过第二接口与从设备FPGA启动B机主控CPU程序存储芯片通信连接。Optionally, the state monitoring high-reliability anti-fuse FPGA is in communication connection with the slave device FPGA to start the A-machine main control CPU program storage chip through a first interface, and the state-monitoring high-reliability anti-fuse FPGA communicates with the slave device through a second interface. The device FPGA starts the communication connection of the main control CPU program memory chip of the B machine.

可选地,所述状态监控高可靠反熔丝FPGA与外部电路连接,用于接收外部复位信号或者外部切机指令;Optionally, the state monitoring high-reliability anti-fuse FPGA is connected to an external circuit for receiving an external reset signal or an external machine cutting instruction;

当所述状态监控高可靠反熔丝FPGA接收到外部复位信号时,保持所述A机主控CPU和所述B机主控CPU的当前运行状态;When the state monitoring high-reliability anti-fuse FPGA receives an external reset signal, the current operating states of the main control CPU of machine A and the main control CPU of machine B are maintained;

当所述状态监控高可靠反熔丝FPGA接收到外部切机指令时,对所述A机主控CPU和所述B机主控CPU的当前运行状态进行切换。When the state monitoring high-reliability anti-fuse FPGA receives an external machine cutting instruction, it switches the current operating states of the main control CPU of the A machine and the main control CPU of the B machine.

可选地,还包括:AC耦合电容;所述AC耦合电容设置在所述PCIe高速总线上,用以防止所述从设备FPGA向所述A机主控CPU、所述B机主控CPU倒灌电压。Optionally, it also includes: an AC coupling capacitor; the AC coupling capacitor is arranged on the PCIe high-speed bus, to prevent the slave device FPGA from pouring back the main control CPU of the A machine and the main control CPU of the B machine Voltage.

可选地,当所述A机主控CPU处于工作状态时,所述状态监控高可靠反熔丝FPGA向所述A机供电模块发送A机供电使能信号为不使能,关闭A机主控CPU;所述状态监控高可靠反熔丝FPGA发送重载指令给所述从设备FPGA;所述状态监控高可靠反熔丝FPGA切换从设备FPGA启动程序B机主控CPU程序存储芯片配置从设备FPGA;所述从设备FPGA配置完成后通过状态监控信号通知状态监控高可靠反熔丝FPGA发送B机供电使能信号为使能,启动所述B机主控CPU;所述B机主控CPU发起PCIe link请求与所述从设备FPGA建立PCIe总线连接;所述从设备FPGA发送PCIe link成功状态遥测给所述状态监控高可靠反熔丝FPGA。Optionally, when the main control CPU of the A-machine is in a working state, the state monitoring high-reliability anti-fuse FPGA sends the A-machine power supply enable signal to the A-machine power supply module is disabled, and the A-machine main control is turned off. control CPU; the state monitoring high-reliability anti-fuse FPGA sends a reload instruction to the slave device FPGA; the state-monitoring high-reliability anti-fuse FPGA switches the slave device FPGA startup program B master control CPU program memory chip configuration slave The device FPGA; after the configuration of the slave device FPGA is completed, the state monitoring high-reliability anti-fuse FPGA is notified through the state monitoring signal to send the power supply enable signal of the B machine to enable, and the B machine main control CPU is started; the B machine main control The CPU initiates a PCIe link request to establish a PCIe bus connection with the slave device FPGA; the slave device FPGA sends a PCIe link successful state telemetry to the state monitoring high-reliability anti-fuse FPGA.

可选地,当所述B机主控CPU处于工作状态时,所述状态监控高可靠反熔丝FPGA向B机供电模块发送B机供电使能信号为不使能,关闭B机主控CPU;所述状态监控高可靠反熔丝FPGA发送重载指令给从设备FPGA;所述状态监控高可靠反熔丝FPGA切换从设备FPGA启动程序A机主控CPU程序存储芯片配置从设备FPGA;所述从设备FPGA配置完成后通过状态监控信号通知状态监控高可靠反熔丝FPGA发送A机供电使能信号为使能,启动所述A机主控CPU;所述A机主控CPU发起PCIe link请求与所述从设备FPGA建立PCIe总线连接;所述从设备FPGA发送PCIe link成功状态遥测给所述状态监控高可靠反熔丝FPGA。Optionally, when the main control CPU of the machine B is in a working state, the state monitoring high-reliability anti-fuse FPGA sends the power supply enable signal of the machine B to the power supply module of the machine B to be disabled, and the main control CPU of the machine B is turned off. The state monitoring high reliability anti-fuse FPGA sends a reload instruction to the slave device FPGA; the state monitoring high reliability anti-fuse FPGA switches the slave device FPGA startup program A machine master control CPU program memory chip configures the slave device FPGA; After the configuration of the slave device FPGA is completed, the state monitoring high-reliability anti-fuse FPGA is notified through the state monitoring signal to send the power supply enable signal of the A machine to enable, and the A machine main control CPU is started; the A machine main control CPU initiates the PCIe link Request to establish a PCIe bus connection with the slave device FPGA; the slave device FPGA sends the PCIe link successful state telemetry to the state monitoring high-reliability anti-fuse FPGA.

与现有技术相比,本发明具有如下的有益效果:Compared with the prior art, the present invention has the following beneficial effects:

本发明提供的基于PCIe高速总线接口的双机冗余备份系统,通过双机冗余冷备份设计提升了产品的可靠性、增加产品寿命,并在对产品扩展性有需求的情况下提升了产品的可扩展性,对于提高星载数传系统传输速率、可靠性保障及使用灵活性有着积极的借鉴意义,在航天领域具有较好的实际工程应用价值。The dual-machine redundant backup system based on the PCIe high-speed bus interface provided by the present invention improves the reliability of the product, increases the life of the product through the design of the dual-machine redundant cold backup, and improves the product when there is a need for product scalability. It has positive reference significance for improving the transmission rate, reliability guarantee and use flexibility of the spaceborne data transmission system, and has good practical engineering application value in the aerospace field.

附图说明Description of drawings

通过阅读参照以下附图对非限制性实施例所作的详细描述,本发明的其它特征、目的和优点将会变得更明显:Other features, objects and advantages of the present invention will become more apparent by reading the detailed description of non-limiting embodiments with reference to the following drawings:

图1为本发明提供的一种基于PCIe高速总线接口的双机冗余备份系统的原理框图;1 is a schematic block diagram of a dual-machine redundant backup system based on a PCIe high-speed bus interface provided by the present invention;

图2为本发明提供的一种基于PCIe高速总线接口的双机冗余备份系统从A机切换为B机的流程示意图;Fig. 2 is a kind of schematic flowchart of switching from machine A to machine B of a dual-machine redundant backup system based on PCIe high-speed bus interface provided by the present invention;

图3为本发明提供的一种基于PCIe高速总线接口的双机冗余备份系统从B机切换为A机的流程示意图。FIG. 3 is a schematic flowchart of switching from machine B to machine A in a dual-machine redundant backup system based on a PCIe high-speed bus interface provided by the present invention.

具体实施方式Detailed ways

下面结合具体实施例对本发明进行详细说明。以下实施例将有助于本领域的技术人员进一步理解本发明,但不以任何形式限制本发明。应当指出的是,对本领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干变化和改进。这些都属于本发明的保护范围。The present invention will be described in detail below with reference to specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that, for those skilled in the art, several changes and improvements can be made without departing from the inventive concept. These all belong to the protection scope of the present invention.

图1为本发明提供的一种基于PCIe高速总线接口的双机冗余备份系统的原理框图,如图1所示,本实施例的系统包括:A机主控CPU、B机主控CPU、A机供电模块、B机供电模块、状态监控高可靠反熔丝FPGA、从设备FPGA;A机供电模块用于根据状态监控高可靠反熔丝FPGA发送的供电使能信号,向A机主控CPU供电;B机供电模块用于根据状态监控高可靠反熔丝FPGA发送的供电使能信号,向B机主控CPU供电;从设备FPGA通过PCIe高速总线分别与A机主控CPU、B机主控CPU通信连接;其中,A机主控CPU和B机主控CPU互为备份,且A机主控CPU和B机主控CPU不同时上电工作。Fig. 1 is a principle block diagram of a dual-machine redundant backup system based on PCIe high-speed bus interface provided by the present invention. As shown in Fig. 1, the system of this embodiment includes: a main control CPU of machine A, a main control CPU of machine B, A machine power supply module, B machine power supply module, state monitoring high-reliability anti-fuse FPGA, slave device FPGA; A machine power supply module is used to monitor the power supply enable signal sent by the high-reliability anti-fuse FPGA according to the state, to the A machine master control CPU power supply; the power supply module of machine B is used to monitor the power supply enable signal sent by the high-reliability anti-fuse FPGA according to the state, and supply power to the main control CPU of machine B; the slave device FPGA communicates with the main control CPU of machine A and machine B through PCIe high-speed bus respectively. Main control CPU communication connection; among them, the main control CPU of machine A and the main control CPU of machine B are mutually backup, and the main control CPU of machine A and the main control CPU of machine B are not powered on and work at the same time.

本实施例中,A机主控CPU和B机主控CPU构成主控CPU双机,A机供电模块和B机供电模块构成可控的主控CPU供电DC_DC(直流-直流)双机。当前宇航用PCIe总线双机冗余冷备份架构工作模式为:主控CPU及可控的主控CPU供电DC_DC为双机冷备份,即同一时刻仅可开单机工作,双机互不相关,不同时上电;从设备FPGA启动程序存储芯片双机、状态监控高可靠反熔丝FPGA及从设备FPGA为常开机状态。In this embodiment, the main control CPU of machine A and the main control CPU of machine B constitute dual main control CPUs, and the power supply module of machine A and the power supply module of machine B constitute a controllable main control CPU power supply DC_DC (direct current-direct current) dual machine. The current working mode of the PCIe bus dual-machine redundant cold backup architecture for aerospace is: the main control CPU and the controllable main control CPU power supply DC_DC is a dual-machine cold backup, that is, only a single machine can work at the same time, and the two machines are not related to each other. Power on at the same time; the slave device FPGA starts the program memory chip dual-computer, the state monitoring high-reliability anti-fuse FPGA and the slave device FPGA are in a normally-on state.

本实施例中,A/B机功能可完全一致实,现整个系统的双冗余备份,提高系统寿命及可靠性;A/B机功能也可不一致,实现整个系统的功能扩展,每一时刻根据A/B机开关状态不同可以实现不同工作模式间切换,提高系统功能性及应用灵活性。In this embodiment, the functions of the A/B machines can be completely consistent, realizing dual redundant backup of the entire system, improving the system life and reliability; the functions of the A/B machines can also be inconsistent, realizing the function expansion of the entire system, every moment According to the switch state of the A/B machine, switching between different working modes can be realized, which improves the system functionality and application flexibility.

本实施例中,可通过控制使能信号控制相应供电有无,若为不使能则供电输出低,若为使能则输出相应供电;应该符合主控CPU需求的上电时序及断电时序。In this embodiment, the presence or absence of the corresponding power supply can be controlled by the control enable signal. If it is not enabled, the power supply output is low, and if it is enabled, the corresponding power supply is output; it should meet the power-on sequence and power-off sequence required by the main control CPU. .

可选地,状态监控高可靠反熔丝FPGA通过第一接口与从设备FPGA启动A机主控CPU程序存储芯片通信连接,状态监控高可靠反熔丝FPGA通过第二接口与从设备FPGA启动B机主控CPU程序存储芯片通信连接。Optionally, the state-monitoring high-reliability anti-fuse FPGA is in communication connection with the slave device FPGA to start the main control CPU program memory chip of machine A through the first interface, and the state-monitoring high-reliability anti-fuse FPGA starts B with the slave device FPGA through the second interface. The main control CPU program memory chip communication connection.

本实施例中,从设备FPGA启动程序存储芯片共需求两片,其中一片存储从设备FPGA启动A机主控CPU程序;另一片存储从设备FPGA启动B机主控CPU程序。从设备FPGA启动A机主控CPU程序存储芯片和从设备FPGA启动B机主控CPU程序存储芯片构成从设备FPGA启动程序存储芯片双机,用于实现对A机主控CPU、B机主控CPU的启动。In this embodiment, a total of two chips are required for the slave device FPGA to start the program storage chip, one of which stores the slave device FPGA to start the A-machine main control CPU program; The slave device FPGA starts the main control CPU program memory chip of machine A and the slave device FPGA starts the master control CPU program memory chip of machine B to form a dual-machine FPGA boot program memory chip from the device, which is used to realize the master control of the main control CPU of machine A and the main control of machine B. Startup of the CPU.

进一步地,因宇航用数传接口主要为LVDS及TLK2711等非标准接口,因此从设备FPGA为系统提供非标准接口转换成PCIe标准接口功能;又因从设备FPGA实现系统对外接口。一般在宇航数传产品中,数传接收载荷数据,而载荷产品大部分为单机设计,无法提供双数据接口,因此在本发明中从设备FPGA产品无法进行双机设计,为单机设计。本实施例中,从设备FPGA应具备两组PCIe从设备接口。Further, because the aerospace data transmission interfaces are mainly non-standard interfaces such as LVDS and TLK2711, the slave device FPGA provides the system with non-standard interfaces and converts them into PCIe standard interface functions; and because the slave device FPGA realizes the external interface of the system. Generally, in aerospace data transmission products, the data transmission receives payload data, and most of the payload products are designed with a single machine and cannot provide dual data interfaces. Therefore, in the present invention, the slave device FPGA product cannot be designed for dual machines, and is a single machine design. In this embodiment, the slave device FPGA should have two sets of PCIe slave device interfaces.

需要说明的是,状态监控高可靠反熔丝FPGA应选择具备空间抗幅指标的宽温高可靠反熔丝FPGA,具备在高辐射,高温差的空间环境中长期可靠工作的特性;能够响应外部复位信号;能够响应切机指令,并根据指令执行权利要求一种所述的切机步骤完成相关操作。It should be noted that the state monitoring high-reliability anti-fuse FPGA should choose a wide-temperature and high-reliability anti-fuse FPGA with a space resistance index, which has the characteristics of long-term reliable operation in a space environment with high radiation and high temperature difference; can respond to external The reset signal can respond to the machine cutting instruction, and execute the machine cutting step of claim one according to the instruction to complete the relevant operations.

可选地,状态监控高可靠反熔丝FPGA与外部电路连接,用于接收外部复位信号或者外部切机指令。当状态监控高可靠反熔丝FPGA接收到外部复位信号时,保持A机主控CPU和B机主控CPU的当前运行状态。当状态监控高可靠反熔丝FPGA接收到外部切机指令时,对A机主控CPU和B机主控CPU的当前运行状态进行切换。Optionally, the state monitoring high-reliability anti-fuse FPGA is connected to an external circuit for receiving an external reset signal or an external machine cutting command. When the state monitoring high-reliability anti-fuse FPGA receives an external reset signal, it maintains the current running state of the main control CPU of machine A and the main control CPU of machine B. When the state monitoring high-reliability anti-fuse FPGA receives the external machine cutting command, it switches the current running state of the main control CPU of machine A and the main control CPU of machine B.

本实施例中,当基于PCIe高速总线接口的双机冗余备份系统可以响应外部复位操作,复位前后不进行A/B机切换,保持复位前A/B机状态。In this embodiment, when the dual-machine redundant backup system based on the PCIe high-speed bus interface can respond to an external reset operation, the A/B machine is not switched before and after the reset, and the state of the A/B machine before the reset is maintained.

可选地,还包括:AC耦合电容;AC耦合电容设置在PCIe高速总线上,用以防止从设备FPGA向A机主控CPU、B机主控CPU倒灌电压。Optionally, the method further includes: an AC coupling capacitor; the AC coupling capacitor is arranged on the PCIe high-speed bus to prevent the slave device FPGA from pouring voltage back into the main control CPU of machine A and the main control CPU of machine B.

本实施例中,A/B主控CPU与从设备FPGA应该仅有PCIe公共电路,并且PCIe总线需要通过AC耦合电容隔离,防止在从设备FPGA启动而主控CPU未上电时可能存在的倒灌电压;及在主控CPU与从设备FPGA及态监控高可靠反熔丝FPGA间应设计供电隔离,提高系统可靠性;A/B主控CPU相关电路需要完全隔离。In this embodiment, the A/B master CPU and the slave FPGA should only have a PCIe common circuit, and the PCIe bus needs to be isolated by an AC coupling capacitor to prevent possible backflow when the slave FPGA is started but the master CPU is not powered on voltage; and power supply isolation should be designed between the master control CPU and the slave device FPGA and state monitoring high-reliability anti-fuse FPGA to improve system reliability; A/B master control CPU related circuits need to be completely isolated.

图2为本发明提供的一种基于PCIe高速总线接口的双机冗余备份系统从A机切换为B机的流程示意图。如图2所示,当A机主控CPU处于工作状态时,状态监控高可靠反熔丝FPGA向A机供电模块发送A机供电使能信号为不使能,关闭A机主控CPU;状态监控高可靠反熔丝FPGA发送重载指令给从设备FPGA;状态监控高可靠反熔丝FPGA切换从设备FPGA启动程序B机主控CPU程序存储芯片配置从设备FPGA;从设备FPGA配置完成后通过状态监控信号通知状态监控高可靠反熔丝FPGA发送B机供电使能信号为使能,启动B机主控CPU;B机主控CPU发起PCIe link请求与从设备FPGA建立PCIe总线连接;从设备FPGA发送PCIe link成功状态遥测给状态监控高可靠反熔丝FPGA。FIG. 2 is a schematic flowchart of switching from a machine A to a machine B in a dual-machine redundant backup system based on a PCIe high-speed bus interface provided by the present invention. As shown in Figure 2, when the main control CPU of machine A is in the working state, the state monitoring high-reliability anti-fuse FPGA sends the power supply enable signal of machine A to the power supply module of machine A as disabled, and the main control CPU of machine A is turned off; Monitoring high-reliability anti-fuse FPGA sends reload command to slave device FPGA; status monitoring high-reliability anti-fuse FPGA switches slave device FPGA startup program B master CPU program memory chip configures slave device FPGA; after the slave device FPGA configuration is completed, pass The status monitoring signal informs the status monitoring high-reliability anti-fuse FPGA to send the power supply enable signal of machine B to enable, and starts the main control CPU of machine B; the main control CPU of machine B initiates a PCIe link request to establish a PCIe bus connection with the slave device FPGA; the slave device The FPGA sends PCIe link success status telemetry to the status monitoring high-reliability antifuse FPGA.

图3为本发明提供的一种基于PCIe高速总线接口的双机冗余备份系统从B机切换为A机的流程示意图。如图3所示,当B机主控CPU处于工作状态时,状态监控高可靠反熔丝FPGA向B机供电模块发送B机供电使能信号为不使能,关闭B机主控CPU;状态监控高可靠反熔丝FPGA发送重载指令给从设备FPGA;状态监控高可靠反熔丝FPGA切换从设备FPGA启动程序A机主控CPU程序存储芯片配置从设备FPGA;从设备FPGA配置完成后通过状态监控信号通知状态监控高可靠反熔丝FPGA发送A机供电使能信号为使能,启动A机主控CPU;A机主控CPU发起PCIe link请求与从设备FPGA建立PCIe总线连接;从设备FPGA发送PCIe link成功状态遥测给状态监控高可靠反熔丝FPGA。FIG. 3 is a schematic flowchart of switching from machine B to machine A in a dual-machine redundant backup system based on a PCIe high-speed bus interface provided by the present invention. As shown in Figure 3, when the main control CPU of machine B is in the working state, the state monitoring high-reliability anti-fuse FPGA sends the power supply enable signal of machine B to the power supply module of machine B as disabled, and shuts down the main control CPU of machine B; Monitoring high-reliability anti-fuse FPGA sends reload command to slave device FPGA; status monitoring high-reliability anti-fuse FPGA switches slave device FPGA startup program A machine master CPU program memory chip configures slave device FPGA; after the slave device FPGA configuration is completed, pass The status monitoring signal informs the status monitoring high-reliability anti-fuse FPGA to send the power supply enable signal of machine A to enable, and starts the main control CPU of machine A; the main control CPU of machine A initiates a PCIe link request to establish a PCIe bus connection with the slave device FPGA; the slave device The FPGA sends PCIe link success status telemetry to the status monitoring high-reliability antifuse FPGA.

本发明采用了工业及商业数传领域应用度最高之一的PCIe总线通信方式为基础,利用其高速、通用及可扩展的特点;同时针对其对主从设备上电时序及不可热插拔的要求;针对宇航领域的高温、高辐射的工作环境特点;兼顾宇航产品在轨不可修复特点,实现PCIe设备的双机冷备份切换,提高系统可靠性及系统寿命;同时此项发明还可以在系统可靠性得到保障基础上提升系统的扩展性及使用灵活性。The invention adopts the PCIe bus communication mode, which is one of the most widely used in the field of industrial and commercial data transmission, as the basis, and utilizes its high-speed, general-purpose and expandable characteristics; requirements; aiming at the high temperature and high radiation working environment characteristics in the aerospace field; taking into account the non-repairable characteristics of aerospace products in orbit, realizing dual-machine cold backup switching of PCIe devices, improving system reliability and system life; at the same time, this invention can also be used in the system. On the basis of guaranteed reliability, the scalability and flexibility of use of the system are improved.

本领域技术人员知道,除了以纯计算机可读程序代码方式实现本发明提供的系统及其各个装置以外,完全可以通过将方法步骤进行逻辑编程来使得本发明提供的系统及其各个装置以逻辑门、开关、专用集成电路、可编程逻辑控制器以及嵌入式微控制器等的形式来实现相同功能。所以,本发明提供的系统及其各项装置可以被认为是一种硬件部件,而对其内包括的用于实现各种功能的装置也可以视为硬件部件内的结构;也可以将用于实现各种功能的装置视为既可以是实现方法的软件模块又可以是硬件部件内的结构。Those skilled in the art know that, in addition to implementing the system provided by the present invention and its respective devices in the form of pure computer-readable program codes, the system provided by the present invention and its respective devices can be made by logic gates, Switches, application-specific integrated circuits, programmable logic controllers, and embedded microcontrollers are used to achieve the same function. Therefore, the system and its various devices provided by the present invention can be regarded as a kind of hardware components, and the devices for realizing various functions included in the system can also be regarded as structures in the hardware components; The means for implementing various functions can be regarded as either a software module implementing a method or a structure within a hardware component.

以上对本发明的具体实施例进行了描述。需要理解的是,本发明并不局限于上述特定实施方式,本领域技术人员可以在权利要求的范围内做出各种变化或修改,这并不影响本发明的实质内容。在不冲突的情况下,本申请的实施例和实施例中的特征可以任意相互组合。The specific embodiments of the present invention have been described above. It should be understood that the present invention is not limited to the above-mentioned specific embodiments, and those skilled in the art can make various changes or modifications within the scope of the claims, which do not affect the essential content of the present invention. The embodiments of the present application and features in the embodiments may be arbitrarily combined with each other without conflict.

Claims (5)

1. A dual-computer redundancy backup system based on PCIe high-speed bus interface is characterized in that the system comprises: the system comprises a machine A main control CPU, a machine B main control CPU, a machine A power supply module, a machine B power supply module, a state monitoring high-reliability antifuse FPGA and a slave device FPGA; the machine A power supply module is used for monitoring a power supply enabling signal sent by the high-reliability antifuse FPGA according to the state and supplying power to the machine A main control CPU; the B machine power supply module is used for monitoring a power supply enabling signal sent by the high-reliability antifuse FPGA according to the state and supplying power to the B machine main control CPU; the slave device FPGA is respectively in communication connection with the A main control CPU and the B main control CPU through a PCIe high-speed bus; the main control CPU of the machine A and the main control CPU of the machine B are mutually backup, and the main control CPU of the machine A and the main control CPU of the machine B are not electrified to work at the same time.
2. The dual redundant backup system based on PCIe high speed bus interface of claim 1, wherein the state monitoring high reliability antifuse FPGA is in communication connection with a slave device FPGA start-up A main control CPU program storage chip through a first interface, and the state monitoring high reliability antifuse FPGA is in communication connection with a slave device FPGA start-up B main control CPU program storage chip through a second interface.
3. The dual redundancy backup system based on the PCIe high speed bus interface of claim 1, wherein the state monitoring high reliability antifuse FPGA is connected to an external circuit, for receiving an external reset signal or an external switch instruction;
when the state monitoring high-reliability antifuse FPGA receives an external reset signal, the current running states of the main control CPU A and the main control CPU B are kept;
and when the state monitoring high-reliability antifuse Field Programmable Gate Array (FPGA) receives an external cutter cutting instruction, switching the current running states of the main control CPU of the machine A and the main control CPU of the machine B.
4. The dual-computer redundancy backup system based on the PCIe high-speed bus interface according to any one of claims 1 to 3, wherein when the A-computer main control CPU is in a working state, the state monitoring high-reliability antifuse FPGA sends an A-computer power supply enabling signal to the A-computer power supply module to be disabled, and the A-computer main control CPU is turned off; the state monitoring high-reliability antifuse FPGA sends a heavy-load instruction to the slave device FPGA; the state monitoring high-reliability antifuse FPGA switching slave device FPGA starting program B is used for configuring a slave device FPGA by a master control CPU program storage chip; after the configuration of the slave device FPGA is finished, the state monitoring high-reliability antifuse FPGA is informed through a state monitoring signal to send a B machine power supply enabling signal to be enabled, and a B machine main control CPU is started; the B master control CPU initiates a PCIelink request to establish PCIe bus connection with the FPGA of the slave device; and the slave device FPGA sends PCIe link success state telemetry to the state monitoring high-reliability antifuse FPGA.
5. The dual-computer redundancy backup system based on the PCIe high-speed bus interface according to any one of claims 1 to 3, wherein when the B-computer main control CPU is in a working state, the state monitoring high-reliability antifuse FPGA sends a B-computer power supply enabling signal to the B-computer power supply module to be disabled, and the B-computer main control CPU is turned off; the state monitoring high-reliability antifuse FPGA sends a heavy-load instruction to the slave FPGA; the state monitoring high-reliability antifuse FPGA switching slave device FPGA starting program A is used for configuring a slave device FPGA by a master control CPU program storage chip; after the configuration of the FPGA of the slave equipment is finished, the FPGA of the state monitoring high-reliability antifuse is informed through a state monitoring signal to send an A machine power supply enabling signal to enable, and a main control CPU of the A machine is started; the A master control CPU initiates a PCIe link request to establish PCIe bus connection with the FPGA; and the slave device FPGA sends PCIe link success state telemetry to the state monitoring high-reliability antifuse FPGA.
CN202010268062.6A 2020-04-07 2020-04-07 Dual-machine redundancy backup system based on PCIe high-speed bus interface Active CN111400109B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010268062.6A CN111400109B (en) 2020-04-07 2020-04-07 Dual-machine redundancy backup system based on PCIe high-speed bus interface

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010268062.6A CN111400109B (en) 2020-04-07 2020-04-07 Dual-machine redundancy backup system based on PCIe high-speed bus interface

Publications (2)

Publication Number Publication Date
CN111400109A true CN111400109A (en) 2020-07-10
CN111400109B CN111400109B (en) 2023-08-01

Family

ID=71433083

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010268062.6A Active CN111400109B (en) 2020-04-07 2020-04-07 Dual-machine redundancy backup system based on PCIe high-speed bus interface

Country Status (1)

Country Link
CN (1) CN111400109B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113419977A (en) * 2021-05-28 2021-09-21 济南浪潮数据技术有限公司 PCIE equipment management system in server and server

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101833536A (en) * 2010-04-16 2010-09-15 北京航空航天大学 A Reconfigurable Spaceborne Computer with Redundant Arbitration Mechanism
CN102331786A (en) * 2011-07-18 2012-01-25 北京航空航天大学 A dual computer cold backup system for attitude and orbit control
CN103116285A (en) * 2011-11-17 2013-05-22 上海航天测控通信研究所 Double central processing unit (CPU) unibus computer system for deep space probe
CN108762970A (en) * 2018-06-12 2018-11-06 上海航天计算机技术研究所 A kind of highly reliable spaceborne computer program storage device
CN109739697A (en) * 2018-12-13 2019-05-10 北京计算机技术及应用研究所 A kind of hard real-time two-shipper synchronous fault-tolerant system based on high-speed data exchange

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101833536A (en) * 2010-04-16 2010-09-15 北京航空航天大学 A Reconfigurable Spaceborne Computer with Redundant Arbitration Mechanism
CN102331786A (en) * 2011-07-18 2012-01-25 北京航空航天大学 A dual computer cold backup system for attitude and orbit control
CN103116285A (en) * 2011-11-17 2013-05-22 上海航天测控通信研究所 Double central processing unit (CPU) unibus computer system for deep space probe
CN108762970A (en) * 2018-06-12 2018-11-06 上海航天计算机技术研究所 A kind of highly reliable spaceborne computer program storage device
CN109739697A (en) * 2018-12-13 2019-05-10 北京计算机技术及应用研究所 A kind of hard real-time two-shipper synchronous fault-tolerant system based on high-speed data exchange

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113419977A (en) * 2021-05-28 2021-09-21 济南浪潮数据技术有限公司 PCIE equipment management system in server and server
CN113419977B (en) * 2021-05-28 2023-03-21 济南浪潮数据技术有限公司 PCIE equipment management system in server and server

Also Published As

Publication number Publication date
CN111400109B (en) 2023-08-01

Similar Documents

Publication Publication Date Title
CN203786723U (en) Dual redundant system based on X86 PC/104 embedded CPU modules
CN104407556B (en) Hot standby redundancy module switching device
CN101645915B (en) Disk array host channel daughter card, on-line switching system and switching method thereof
CN106933145B (en) An on-board processing system and its control operation method
CN112445751B (en) Computer host interface board suitable for multi-mode redundant system
CN104035892B (en) Server system
CN102122276A (en) Double-processor borne computer
CN102508746A (en) Management method for triple configurable fault-tolerant computer system
US11256225B2 (en) Data transmission apparatus of circuit breaker controller
CN104678757A (en) Helicopter engine dual-redundancy fuel oil regulation controller
CN110209606A (en) A kind of control method of the multiplex roles storage equipment based on PCIe
CN104407948A (en) Power-up switching control system and method of cold backup redundant satellite-carried computer
CN101958782B (en) Method for realizing node standby and system
CN111400109A (en) Dual-computer redundancy backup system based on PCIe high-speed bus interface
CN104691761A (en) Multi-mode hybrid power supply system and method for ICP (integrated core processor)
CN111858456A (en) Arrow-mounted full-triple-modular redundancy computer system architecture
CN102841634A (en) Server mainboard
CN204633800U (en) The switch of a kind of administrative unit and the two redundancy of crosspoint
CN110649696A (en) Communication system and method in uninterruptible power supply system
US10248155B2 (en) Semiconductor device including clock generating circuit and channel management circuit
CN111077764B (en) Cold and hot standby load cross control method and circuit with power-on and reset
CN111400211A (en) PCIe bus-based communication method and system
CN205666677U (en) Single electrical power unit's dual -path electricity supply ware
CN117318000B (en) Power supply system and electronic equipment
CN112131055B (en) Multi-mode three-motor dynamic fault-tolerant system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant