The LEON3FT is a fault-tolerant version of the standard LEON3 SPARC V8 Processor. It has been designed for operation in the harsh space environment, and includes functionality to detect and correct (SEU) errors in all on-chip RAM memories. The LEON3FT processor support most of the functionality in the standard LEON3 processor, and adds the following features:
The following features of the standard LEON3 processor are NOT supported by LEON3FT
The fault-tolerance in LEON3FT is implemented using ECC coding of all on-chip RAM blocks. The ECC codes are adapted to the type of RAM blocks that are available for a given target technology, and to the type of data that is stored in the RAM blocks. The general scheme is to be able to detect and correct up to four errors per 32-bit RAM word. In RAM blocks where the data is mirrored in a secondary memory area (e.g. cache memories), the ECC codes are tuned for error-detection only. A correction cycle consists then of reloading the faulty data from the mirror location. In the cache memories, this equals to an invalidation of the faulty cache line and a cache line reload from main memory.
In RAM blocks where no secondary copy of the data is available (e.g. register file), the ECC codes are tuned for both error-detection and correction. The focus is placed on fast encoding/decoding times rather than minimizing the number of ECC bits. This approach ensures that the FT logic does not affect the timing and performance of the processor, and that LEON3FT can reach the same maximum frequency as the standard non-FT LEON3. The ECC encoding/decoding is done in the LEON3FT pipeline in parallel with normal operation, and a correction cycle is fully transparent to the software without affecting the instruction timing.
The ECC protection of RAM blocks is not limited to the LEON3FT processor. In a SOC design based on LEON3FT, any IP core using block RAM will have the RAM protected in a similar manner. This includes for instance the FIFOs in the SpaceWire IP core (GRSWP) and the buffer RAM in the CAN-2.0 IP core (CAN_OC).
The LEON3FT is simulated and synthesized in the same manner as the standard LEON3 processor. The area overhead for the FT logic is less than 15% on both ASIC and FPGA implementations. The table below shows some typical area figures for ASIC and Microchip RTAX technologies:
| Core | RTAX cells |
RTAX RAM blocks |
ASIC gates |
| LEON3 8 + 8 Kbyte cache | 6,500 | 40 | 20,000 |
| LEON3FT 8 + 8 Kbyte cache | 7,500 | 40 | 22,000 |
| LEON3FT 8 + 4 Kbyte cache | 7,500 | 31 | 22,000 |
The LEON3FT core is distributed together with a special FT version of the GRLIP IP library, distributed as encrypted RTL.
Software development for LEON3FT is identical to the standard LEON3. The fault-tolerance implementation is fully software transparent, and no software drivers are necessary for its operation. See the LEON3 software page for more details. The LEON3 simulators (TSIM and GRSIM) as well as the GRMON debug monitor are fully compatible with LEON3FT.
| Device | Manufacturer |
Frequency | MIPS |
| GR712RC Dual-Core SOC | Gaisler | 100 MHz | 200 DMIPS |
| UT699 Single-Core SOC | Colorado Springs | 66 MHz | 75 DMIPS |
| LEON3FT-RTAX (discontinued) | Gaisler / Microchip | 25 MHz | 20 DMIPS |