GE 90-70 Incompatible Configurations, Resynchronization of a Redundant CPU

GFK-1527A Chapter 4 Normal Operation 4-3

Incompatible Configurations

When two units have incompatible configurations stored (for example, both units configured for

PRIMARY or differing blocks for data transfer), then only one of the units can go to RUN mode.

If the other unit attempts to go to RUN mode or both units attempt to go to RUN mode at the same

time, a FATAL incompatible configuration fault will be logged.

If one unit is con fi gured for CPU Redun dancy and the oth er has no configur a t ion, then both uni ts

may go to RUN mode at the same time but they will not be synchronized and only the unit that has

been configured will drive outp u t s.

Resynchronization of a Redundant CPU

When a CPU attempts to get back in synchronization with the currently active CPU,

resynchronization occurs. Resynchronization occurs any time a CPU transitions from STOP to

RUN mode. The process starts by determining which role each CPU is to play, based on

configured control strategy and PRIMARY/SECONDARY configuration as shown in the table

below.

Control

Strategy Behavior durin g Resynchronizati on

GHS The Primary Unit (with Serial Bus Address 31) is always preferred. A switch occurs from the

Secondary Unit each time the Primary Unit resynchronizes. Until the resynchronization is

complete, the Primary Unit acts as backup.

The Primary Unit switches to active just prior to logic execution. Outputs wil l be driven that

sweep by the Primary Unit.

GDB The active CPU remains active after resynchronization without regard to whether it is in the

Primary or Secondary unit. The transitioning unit becomes the backup.

If both systems are transitioning at the same time, the Primary Unit becomes the active CPU and

the Secondary Unit becomes th e backup.

During resynchronization, the CPUs exchange information about roles and configuration. If the

transitioning CPU detects that the role or configuration is not in agreement, that CPU is not

permitted to go to RUN mode. If both CPUs are transitioning, neither CPU is permitted to go to

RUN mode. The following items must be in agreement:

1. One CPU must be configured as Primar y, the other as Secondary.

2. Both CPUs must be configured for the same control strategy (GHS or GDB).

3. Both CPUs must have the same Shared I/ O r edundancy points configured.

4. If point faults are enabled on one CPU, they must also be enabled on the other if %I, %Q,

%AI, or %AQ data is transferred.

At this point, the active unit is th e on e that has been in control and the backu p un it is the one that is

resynchronizing. The tran sfer of all configured control dat a fr om the active unit to the backup

occurs unless both units are transitioning at the same time (transfer always goes from the running

unit to the resynching unit. In addition to the configured control data, the FST_SCN and

FST_EXE %S references as well as internal timer information for each common (that is, present in

both CPUs) sub-block are transferred from active to backup. Only the internal timers and