	US 12,327,129 B2
	Processing system, related integrated circuit, device and method
Roberto Colombo, Munich (DE); and Vivek Mohan Sharma, New Delhi (IN)
Assigned to STMicroelectronics Application GMBH, Aschheim-Dornach (DE); and STMicroelectronics International N.V., Geneva (CH)
Filed by STMicroelectronics Application GMBH, Aschheim-Dornach (DE); and STMicroelectronics International N.V., Geneva (CH)
Filed on Apr. 4, 2022, as Appl. No. 17/657,856.
Claims priority of application No. 102021000009683 (IT), filed on Apr. 16, 2021.
Prior Publication US 2022/0334865 A1, Oct. 20, 2022
Int. Cl. G06F 11/00 (2006.01); G06F 9/455 (2018.01); G06F 11/07 (2006.01)

CPC G06F 9/45558 (2013.01) [G06F 11/0712 (2013.01); G06F 11/0772 (2013.01); G06F 11/0793 (2013.01); G06F 2009/45591 (2013.01)]

20 Claims

1. A processing system comprising:

a plurality of microprocessors programmable via software instructions;

a memory controller configured to read the software instructions from a non-volatile memory;

a resource;

a communication system connecting the microprocessors to the memory controller and the resource;

a plurality of safety monitoring circuits configured to generate a plurality of error signals by monitoring an operation of the microprocessors, the memory controller and/or the resource;

a fault collection and error management circuit configured to:

receive the plurality of error signals from the plurality of safety monitoring circuits; and

generate one or more reaction signals as a function of the plurality of error signals;

wherein the fault collection and error management circuit comprises:

a plurality of fault collection sub-circuits, each fault collection sub-circuit comprising one or more error combination circuits, wherein each error combination circuit comprises a first register programmable via first software instructions executed by a respective microprocessor and configured to:

receive a subset of the error signals;

determine whether one or more of the received error signals are asserted;

in response to determining that one or more of the received error signals are asserted, store error status data to the first register, the error status data identifying the one or more asserted error signals;

read enable data from the first register, the enable data specifying for each error signal whether a combined error signal should be asserted when the respective error signal is asserted; and

generate the combined error signal as a function of the error status data and the enable data; and

an error management circuit comprising a second register programmable via second software instructions executed by the respective microprocessor and configured to:

receive the combined error signals from the error combination circuits;

read routing data from the second register, the routing data specifying for each combined error signal and for each microprocessor whether an error should be signaled to the each microprocessor when the respective combined error signal is asserted; and

generate for the each microprocessor a respective signal used to signal the error as a function of the combined error signals and the routing data.