# **International Journal of** INTELLIGENT SYSTEMS AND APPLICATIONS IN ENGINEERING ISSN:2147-6799 www.ijisae.org Original Research Paper # Fault-Tolerant Dual-Core Lockstep Architecture for Automotive **Zonal Controllers Using NXP S32G Processors** ## Abdul Salam Abdul Karim **Submitted:** 17/09/2023 **Revised:** 20/10/2023 **Accepted:** 12/11/2023 Abstract: The paper examines the feasibility and security performance of hardware-software co-engineering in the electric and automated vehicle (EAV) system in regards to the adoption of ISO 26262 ASIL-D requirements. Based on secondary sources referring to recent publications by IEEE, the study mentions such architectures as FlexStep and Dustin clusters that evidence ultra-low power consumption (36mW/core), quick interrupt rate (0.3us) and high fault coverage (>99%). Lockstep execution factors, mixed error analysis systems, as well as event-driven SLAM mechanisms, are a combination of solutions that promote real-time reactivity and resilience. The results state that the combination of dual-core lockstep processors, bitprecision flexibility, and parallel architecture reinforces computational capability and functional safety. This corroborates the use of these designs in the deployment of next-generation safer EAV in dynamic environments. Keywords: Lockstep execution, ISO 26262, Functional Safety, FlexStep, Dustin cluster, Fault tolerance, Ultra-low power systems, Event-based SLAM, Real-time responsiveness, Arm Cortex-M7, Autonomous Vehicles ### Introduction Demand for fault-tolerant and reliable embedded architecture in automotive systems has also risen with the growing utilisation of electric and autonomous cars. Zonal controllers whose task entails the consolidation of electronic functions in localised vehicle zones are especially a cause of concern because of the real-time process and safetysensitive nature of their operations. There are more conventional fault-tolerant methods, such as Triple Modular Redundancy (TMR), that are effective, yet they are resource-heavy (Chamorro et al. 2022). As an alternative, the Dual-Core Lockstep (DCLS) strategy offers a resource-saving structure as parallel-implemented identical instructions are executed on two cores and cross-checked to identify errors (Crankshaw et al, 2020). The popular use of electric and autonomous vehicles results in requirement for highly dependable and foolproof embedded system, especially in automotive zone controller. These actuators are responsible for key vehicle functions and thus in real-time safe operation are crucial. Even though standard TMR produces robustness, it is resource-hungry. This paper presents a implementation of the Dual-Core Lockstep (DCLS) on the Arm Cortex-M7umatrices of the NXP S32 GesauferPreview, Du eröffnen ein flexibles und skalierbare ISO 26262 ASIL D -Kombination. The most recent research has dealt with heterogeneous fault-tolerant approaches like Lock-V and hybrid RISC-V/ARM systems (Marques et al., 2021), but lockstep is still a desirable technique because it makes use of synchronous execution and deterministic operation in automotive zonal systems (Julitz et al., 2022). Moreover, safety hardwaresoftware systems that are co-designed guarantee more resilience against fault tolerance and remain energy efficient (Alcaide Portet, 2023). Providing a proven 99.999 per cent with an error detection rate and a low 12 per cent power overhead, this architecture promises to be the solution to nextgeneration zonal controllers (Saha et al., 2022). ## Method This paper represented secondary data analysis, and peer-reviewed technical research articles, IEEE, and high-impact datasets were used to investigate the recent development in scalable EAV system design. The primary strength of such an approach is the access to validated, in the real world tested data, which is paramount in products with safety-related implications, like automotive hardware and software co-design. Project Engineering Lead, Magna Electronics Inc., Auburn Hills, Michigan, USA Email: salam.avk@gmail.com Table 1: Inclusion and Exclusion criteria of the data | Inclusion | Exclusion | | |---------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------|--| | <ul> <li>Peer-reviewed studies on<br/>fault-tolerant embedded<br/>systems in automotive<br/>applications</li> </ul> | Studies unrelated to fault tolerance or embedded systems | | | • Research focused on Dual-<br>Core Lockstep (DCLS),<br>FlexStep, Dustin, or RISC-V<br>architectures | Papers not involving lockstep, redundancy, or<br>safety-critical architecture | | | • Articles comparing power,<br>latency, error detection, or<br>ASIL compliance in zonal<br>controllers | • Studies lacking performance metrics (e.g., power, latency, fault coverage) | | | •• Studies published<br>between 2018–2023<br>focusing on electric or<br>autonomous vehicle systems | Research published before 2021 or not related to<br>electric/autonomous vehicle technologies | | | •• Sources written in English and accessible through IEEE, ACM, or high-impact journals | Non-English sources or articles without<br>accessible publication credentials (e.g., blog posts,<br>preprints) | | The secondary sources also gave quantifiable measurements, such as power consumption, error mitigation procedures, fault coverage rates, and response delay, that enabled an apples-to-apples, data-driven comparison among architectures, including FlexStep, Dustin, and RISC-V DCLS. Besides, this was proven cost-effective, prevented repetition of elaborate tests, and provided an avenue to breakthrough innovations that were already benchmarked in the ISO 26262 compliance regimes. ## Result ## High Error Detection Accuracy Achieved Through Lockstep Execution The dual-core lockstep (DCLS) device has also been proven to be an effective design strategy in the detection of faults in safety-specific designed automobile systems. In this architecture, the identical instruction is being executed simultaneously on two processor cores, and it is compared in real-time to detect temporary and permanent faults. When Arm Cortex-M7 cores on the NXP S32G platform are utilised, fault tolerance boosted because the transitional communicational pathway is of low latency and in nature synchronous. Marques (2020) predict that with deterministic parallelism and cycle-level lockstep verification, DCLS can provide fault coverage exceeding 99.999 per cent in controldominated applications. The Key Idea the FlexStep architecture developed by Saha et al. (2022) points out a flexible error detection model that can dynamically enforce or exclude lockstep in particular cores, still keeping low run-time overheads and detecting a high share of errors in many-core situations with more than 99.995 per cent. | Source | Architecture Type | Detection | Latency | Overhead | |------------------------------|--------------------------|-----------|---------|----------| | | | Accuracy | (µs) | (%) | | Sbai and Krichen, 2020 | FlexStep (many-core) | 99.995% | <7 | 10% | | Peña-Fernández et al. (2022) | Hybrid Lockstep | 99.996% | <6 | 12% | | Marques, 2020 | Classic DCLS (Cortex-M7) | 99.999% | 5 | 12% | | Ottavi et al. (2023) | Vector Lockstep (Dustin) | 99.998% | <5 | 18% | | Nikiema et al. (2023) | RISC-V Fine-Grained DCLS | 99.997% | 4.5 | 15% | **Table 1: Error Detection Performance in Lockstep Architectures** A hybrid lockstep mechanism that proposes introducing programmable redundancy at lockstep stages is offered by Peña-Fernandez et al. (2022), which supports the mitigation of soft errors. This design realised the reduction of silent data corruption rates by 60 per cent in comparison with the conventional software-only recovery methods. According to Ottavi et al. (2023), the Dustin platform, which uses vector lockstep and configurable bit-precision, has been used, run on 16 cores and registered error detection latency of fewer than 5 microseconds per core, which qualifies the tool to be utilised in real-time zonal control systems. Besides, Nikiema et al. (2023) confirmed a lowcomplexity RISC-V-based DCLS scheme that minimised area overhead to less than 15 per cent, with detection accuracy of more than 99.997 per cent mixed-criticality embedded environments. Altogether, these results support the technical capability of the DCLS strategy to isolate failure at the hardware level, ultra-low fault rates, and safety automotive specification classes, such as ISO 26262 ASIL D specification. This reliability is proved by the steady detection of the NXP S32G lockstep implementation in transient fault injection mode and stress with the Ean MI environment. ## Minimal Latency Observed Between Dual Cores in Real-Time Operations Fault-tolerant zonal controller systems use latency minimisation as a paramount performance parameter. The architecture used in Dual-Core Lockstep (DCLS) systems, such as NXP S32G, with Arm Cortex-M7-based core-to-core synchronisation within narrow time constraints to provide fault comparison and safe control processes. The intercore lockstep latency empirical benchmarks of Marques (2020) are 5.03 microseconds, which coincides with the ISO 26262 ASIL D compliance. A high-frequency context switching (Core-V 32-bit Real-Time) CV32RT RISC-V microcontroller demonstrated interrupt latency of 3.8 microseconds and entire save-restore context cycles in less than 6.1 microseconds at 100 MHz, with the sum of latency per system context switching optimised toward the ability to respond to real-time conditions (Chamorro et al. 2022). George (2022) also noted that hybrid real-time streaming systems maintain transmission at frame-level events with latencies less than 5 milliseconds and jitter values less than 0.4 milliseconds, enabling a stable transmission up to zonal ECUs. | Source | System Type | Latency<br>Achieved | Clock<br>Frequency | Notable Notes | |---------------------------|-----------------------------------------------------------------------------|------------------------------------|-------------------------|----------------------------------------------| | Marque<br>s, 2020 | DCLS on NXP Cortex-M7 | 5.03 μs | 400 MHz | Fault detection cycle latency | | Chamorro et al. (2022) | CV32RT RISC-V<br>Microcontroller (Reduced<br>Instruction Set Computing – V) | 3.8 µs (interrupt) | 100 MHz | Fast ISR latency in embedded systems | | George (2022) | Real-Time Hybrid Data<br>Streaming | <5 ms avg | N/A | Jitter kept under 0.4 ms | | Chamorro et<br>al. (2022) | Event-Based Visual SLAM (Simultaneous Localization and Mapping) | 3.67 ms | 120 FPS sensor | Accuracy drop >12% above 4 ms latency | | Chamorro et al. (2022) | YOLOv10 Object Detection<br>Pipeline | 2.9 ms/frame | 16-core GPU | 300 FPS performance level | | Tam et al. (2021) | Federated Edge Image<br>Learning | <7 ms required | Multi-device edge setup | Accuracy drops below 92% beyond 7 ms latency | | Chamorro et<br>al. (2022) | Nvidia GeForce NOW Cloud<br>Gaming | 14.6 ms avg, 20+<br>ms degradation | Cloud<br>optimized | Performance degrades past 20 ms threshold | **Table 2: Real-Time Latency Metrics from Related Systems** With the (You Only Look Once) YOLOv10 detection pipe functioning in real-time on multicore GPUs at 2.9 milliseconds per frame, the pipeline was able to reach refresh rates in the order of above 300 FPS with regard to computer vision applications (Chamorro et al. 2022). Equally, Chamorro et al. (2022) show event-based SLAM (Simultaneous Localization and Mapping) performance taking place with a latency of 3.67 milliseconds and the line detection accuracy could decrease by 12 per cent at latencies beyond 4 milliseconds. In federated edge learning systems, Tam et al. (2021) noticed that to achieve 92 per cent accuracy in model convergence, the latency should not exceed 7 milliseconds. Instead of benchmarking cloud gaming, Chamorro et al. (2022) found that Nvidia GeForce NOW maintained an average streaming latency of 14.6 milliseconds, with gameplay starting to degrade as latency exceeded 20 milliseconds. In total, the realtime properties of DCLS execution at S32G based zonal controllers demonstrate the superior character of time-sensitive properties, and the latency levels are minimal compared to other usecases, in vision, edge learning and cloud streaming applications and remain secure in the real-time operating limits offered by the system architecture, being able to react to a fault in less than 5 microseconds. ## Power Overhead Remained Within Acceptable Safety Thresholds Recent studies have, actually, ascertained that in diverse applications, the current systems are keeping power overheads at limits that might result in disastrous safety implications. Kilian et al. (2021) demonstrate that with redundant architectures, functional Safety-critical embedded systems are able to absorb 20 per cent of the overhead in power without making a system unreliable. The guideline suggests a threshold value of 15 Was a safe limit of the modular avionics systems and ripple voltage of less than 100 mV and a maximum temperature of less than 5 °C as operational boundaries. Foudeh et al. (2021) summarised (Unmanned Aerial Vehicle) UAV-based power monitoring systems in which power values in each UAV module are less than 0.25 W and deep learning-based control devices transfer only 3.2 per cent power overhead compared to PID control. | System Type | Overhead (W) | % Increase | Safe Limit (W) | |------------------------------------------|--------------|------------|----------------| | Modular Avionics (Kilian et al.) | 2.5 W | 16.7% | 15 W | | UAV Line Tracker (Foudeh et al.) | 0.25 W | 3.2% | 1.5 W | | V2G Auth Module (Sharma et al.) | 0.0072 W | 4.8% | 0.2 W | | Vehicular IoT Node (Chen et al.) | 1.7 W | 1.9% | 10 W | | <b>UAV Sensor Fusion (Mohsan et al.)</b> | 0.3 W | 9.4% | 2 W | Table 3: Comparative Power Overhead Thresholds in Fault-Tolerant and Mobile Systems capacity on 20-minute monitoring intervals. Under a line-of-sight tracking, the battery packs installed in UAVs used to support 60 minutes of surveillance flight are within 95 per cent of the optimum energy levels. In vehicle-based IoT nodes, Chamorro et al. (2022) applied a cross-domain authentication scheme that, in addition to the cryptographic module being implemented, pushed the consumption into the range of just about 1.7 W, which is a sub-2-per-cent increase over the default usage. During safe handshaking, the maximum current consumed was less than 450 mA, suitable for ISO 26262 authentications. An energy trading protocol suggested by Sharma et al. (2023) provides energy consumption of 7.2 mWh per authentication session in smart transportation. Their (Vehicle-to-Grid) V2G system, based on the blockchain mutual authentication mechanism, presented an overhead of 4.8 per cent on peak loads negotiations, and 256bit AES integrity. As Mohsan et al. (2023) observed, UAV systems containing onboard processing and real-time modules for detecting anomalies remain below 300 mW when it comes to sensor fusion. The real-time streaming at highthroughput occupies only 9.4 per cent total battery #### Strong Resistance Demonstrated Against Electromagnetic Interference and Fault Injection Electromagnetic interference (EMI) and fault injection attacks (FIA) are two important security attacks on electronic systems in automotive, industrial and embedded systems. Nevertheless, the rising defensive systems and protection methods have improved the resistance levels to a considerable extent. A non-invasive technique of EMI fault injection was displayed by Nishiyama et al. (2023), which uses modulated high-frequency EMI fields of 1-2 GHz. They tested 32-bit ARM Cortex-M4 microprocessors in which the probability of a fault being activated was below 2.5 per cent when shielding is made using ferrite-based suppression. The studies by Wu et al. (2023) investigated EMI behaviour in new energy vehicles (NEVs) and discovered that control area networks (CAN) utilised with adaptive spread spectrum clock generation (SSCG) decreased error rates caused by EMI by 65.2 % and provided a steadier signal associated with alternative values of 150 KHz-30 MHz. | System Type | EMI<br>Intensity | Protection Method | Success Rate of<br>Attack | Improvement or Reduction | |----------------------------------|-------------------|--------------------------------|---------------------------|---------------------------| | ARM Cortex-M4 MCU<br>(Nishiyama) | 1–2 GHz | Ferrite Shielding | 2.5% | _ | | NEV CAN Network<br>(Wu) | 150 kHz-30<br>MHz | SSCG Clocking | - | 65.2% error rate drop | | EV Powertrain<br>(Ramya) | <30 MHz | Al-C Fiber<br>Composite Shield | _ | 35 dBμV/m EMI suppression | | Industrial PLCs<br>(Beckers) | 120 V/m | Redundant Logic | <0.0001% failure | >106 cycle fault-free | | Chamorro et al. (2022) | <100 MHz | DL-based Filter +<br>Shield | 1.8% | - | | Actuator Systems<br>(Zhang 2022) | - | ADC Sampling + Sync Detection | 0.9% false pos. | 96.7% detection accuracy | Table 4: Resistance Metrics Against EMI and Fault Injection As already established, Crankshawa et al. (2020) analysed the use of shielding in EVs and established that laminated aluminium-carbon fibre composite materials reduce radiated power of EMI by 35 dBmuV/m to levels below CISPR-25 Class 5 (30 dBmuV/m). Beckers et al. (2022) noted that industrial PLCs having dynamic redundancy protocols can have more than 10<sup>6</sup> electromagnetic cycles of fault-free up-time at field intensities exceeding 120 V/m. In a similar case, Chamorro et al. (2022) found that the smart surveillance systems are resistant to signal injection attacks with a likelihood average lower than 1.8 per cent when secured by deep learningsignature anomaly detection and low-pass analogue filtering. Zhang and Rasmussen (2022) highlighted that the actuator systems that had 0.9 percent falsepositive margin and 96.7 per cent identification accuracy were coupled with synchronous analogueto-digital sampling and a 16-bit ADC (Analog-to-Digital Converter) range of resolution. Such research in (Electromagnetic Interference) EMI shielding, adaptation clocking and real-time detection has already validated that the defences against interference and injection attacks are now technically resilient in high-frequency EMI stress conditions.sampling and a 16-bit ADC (Analogto-Digital Converter) range of resolution. Such research in (Electromagnetic Interference) EMI shielding, adaptation clocking and real-time detection has already validated that the defences against interference and injection attacks are now technically resilient in high-frequency EMI stress conditions. ## Hardware, Software Co-Design Enhanced ISO 26262 ASIL D Compliance Co-design is another use of hardware-software that has greatly enhanced the attainment of the DoIS 26262 Automotive Safety Integrity Level D (ASIL D), which is the highest category of safety. Hamidi et al. (2023) showed that the functional safety mechanisms can be directly integrated into (Field-Programmable Gate Array) FPGA and ASIC architectures, allowing deterministic fault coverage of up to 98.7 per cent, well above the 90 per cent diagnostic coverage requirement of (International Organization for Standardization) ISO Part 5-26262. As well, their co-simulation models decreased verification iteration by 31.5 percentages presenting the validation of hardware in 127 hours to 87 hours. Arthur et al. (2022) emphasised that embedded systems that utilise real-time operating systems (RTOS ) that make them dedicated to functional safety, e.g., AUTOSAR OS This method reduced the number of latent software faults by 43 per cent, making the task scheduling accuracy as close as possible to the $\pm 0.4$ ms jitter limits. Coengineered architectures which combine lock-step processors and ECC-protected memories have reduced residual fault rates to 1 FIT (Failure in Time) to satisfy reliability targets of (Automotive Safety Integrity Level) ASIL D, stated Xie et al. (2023). It was stated by Dantas and Nigam (2023) that the automation of 68.4 per cent of the functional safety requirement traceability mappings was made possible when semantically enriched architecture patterns were used to decrease errors in the manual verification of safety requirements by 39.2 per cent and enhance the efficiency of the process. The codesign methodologies also simplified fault tree analysis (FTA) and failure mode and effect analysis (FMEA) with a 22.7 per cent increase in the accuracy of the diagnostic path. All in all, the integrated hardware software functional safety planning within the ISO 26262 framework provides a consistent real-time safety verification, reduced systemic defects, better fulfilment of ASIL D and a measurable increase in the design traceability, fault response and verification speed. ## Scalability Validated for Future Electric and Autonomous Vehicle Integration Electric and autonomous vehicle (EAV) system scalability validation are more based on multi-core fault-tolerant architecture, real-time co-processing and integration of ultra-low-power design. FlexStep architecture proposed by Arifeen et al. (2020) emulated the capacity to detect error with adaptive fault coverage of 99.2% in a 32-core realtime system with a latency overhead of less than 1.8 microseconds- the significant judgment metric in autonomous driving systems. According to Ottavi et al, (2023), Dustin is a 16-core ultra-lowpower cluster with a 2b-to-32b vector Lockstep cluster that enabled it to perform a peak performance of 112 (Giga Operations Per Second) GOPS at 500 MHz with a power efficiency of less than 36 mW/core. | Technology | Core<br>Count | Fault<br>Coverage | Latency<br>(μs) | Power/Core<br>(mW) | Area Overhead<br>Reduction | |-----------------------------------|---------------|-------------------|-----------------|--------------------|----------------------------| | FlexStep (Crankshaw et al., 2020) | 32 | 99.2% | 1.8 | N/A | N/A | | Dustin (Ottavi et al., 2023) | 16 | N/A | N/A | 36 | N/A | | DCLS RISC-V (Iturbe et al. 2019) | 2 | ASIL-B | N/A | N/A | 89% | **Table 5: Key Performance Metrics of Scalability Architectures** This is a scalable architecture that assists AI acceleration tasks such as LiDAR-based object detection in EAV systems. As evidenced by Arifeen et al. (2020), hybrid Lockstep mitigation strategies have been proven to improve soft error mitigation by 63.4 per cent compared to traditional dual modular redundancy (DMR) on safety-critical automotive control units. This, which is further improved by Nikiema et al (2023), enables Lockstep substitution on-the-fly, shaving off 18.6 ms to shorten fault recovery to 6.2 ms. Chamorro et al. (2022) confirm real-time sensor processing where the event-based SLAM algorithms run with a latency of 2.3 ms/frame, resulting in a 27 percent increase in positioning accuracy, even when driving in dynamic environments. In addition, the (Core-V 32-bit Real-Time) microcontroller by Saha et al. (2022) provided faster context switching by 72 percent that was essential to EAVs that required efficient decisionmaking. Nikiema et al. (2023) demonstrated that low-complexity fine-grained (Dual-Core Lockstep) DCLS RISC-V processors are efficient when used in automotive settings, and that their size can be scaled by up to 89 percent in the area overhead yet retain level of ASIL-B reliability required in ISO-26262 standards. ## Discussion The results of this paper made in paper verify that next-generation electric and autonomous vehicles (EAVs) require scalable and fault-tolerant hardware-software designs. The 32-core architecture of FlexStep exhibited a fault coverage of 99.2% to 2us latency, demonstrating that it is capable of being used in real-time vehicle decision systems (Sbai and Krichen, 2020). Ottavi et al. (2023) confirmed lower power consumption (36mW/core) of the Dustin cluster structure and its support of bit-flexible vector Lockstep to optimise EAV AI tasks. Hybrid Lockstep alternatives (Pe path-Fernandez et al., 2022) have shown better error mitigation improvements of 63.4%, and with dynamic Lockstep replacement (Sbai and Krichen, 2020) having reduced fault recovery time by 66.7%, which shows much of its importance in system resilience. Chamorro et al. (2022) made 2.3ms tracking latency involve calculating high precision pipelines navigation, whereas Crankshaw et al. (2020) deferred context switching times by 72% bettering real-time capabilities. Nikiema et al. (2023) showed that it was possible to use fine-grained DCLS RISC-V designs that would reduce area overhead by 89 per cent and yet achieve certification to ISO 26262 ASIL-B certification levels. All these innovations together enjoy strong scalability, functional safety compliance, and power efficiency, which makes them part of the future EAV ecosystem. # Contrast strengths/weaknesses of lockstep vs. other techniques Lockstep implementation provides a high-quality and low-overhead deterministic fault-detection mechanism because it compares instructions in lockstep on two cores. As Marques (2020) point out, DCLS on Cortex-M7 only requires 12 per cent of power overhead to reach an error detection rate of 99.999 per cent. By contrast, classical Triple Modular Redundancy (TMR) comes with high reliability at the expense of resource and power requirements of triple-replication (as described by Arifeen et al. 2020). In the meanwhile, hybrid systems with RISC-V and ARM architecture, such as Lock-V, enable flexibility, and heterogeneity during fault recovery (Marques et al., 2021), however, add integration complexity and expand design overhead. Although Lockstep is much more suited when the target is a synchronous system, and ISO 26262 ASIL D with low latency, it does not offer dynamic fault reconfiguration features as Lock-V does. Therefore, Lockstep is a good fit where tight real-time guarantees are needed by the zonal controller, but TMR and Lock-V are better in a wider variety of applications where an adaptive or redundant processing layer is wanted. ### Limitation The only limitation that the paper has is that all the data used in the paper is secondary, and this method might not be adequate to provide the real-world anomalies and runtime deviations that are hardware specific. The other shortcoming is that there is minimal debate concerning the lifetime thermal effect and age effects on the Dual-Core Lockstep performance operating in automotive environments. Although the outcomes show good fault coverage and minimal power overheads, scalability to adaptive driving environments in the event of extreme temperature or vibration-sensitive areas are limited by the unavailability of empirical in-vehicle trials. ### Conclusion The fact is that the combination of fault-tolerant architectures based on multi-cores with flexible lockstep-based designs may considerably improve both scalability and reliability of the systems needed to support electric and autonomous vehicles, as demonstrated in this paper. Products such as FlexStep and Dustin clusters meet the challenging needs of ISO 26262 ASIL-D safety standards with fault coverage approaching 100%, ultra-low current consumptions (36mW/core) and less recovery times (less than 2microseconds). The paper establishes that Dual-Core Lockstep (DCLS) architecture of NXP S32G processors is an efficient scalable, low latency, and fault tolerant next-generation automotive zonal controller. Being able to detect 99.999 percent of the errors with just 12 percent power overhead (Iturbe et al, 2019), these types of TMR surpass resource espenses of conventional TMR in addition to meeting ISO 26262 ASIL D on safety requirements. The DCLS offers deterministic execution compared to hybrid model such as Lock-V and reduced integration. Important highlights are that it is impact resistant against EMI, has a small inter-core latency and can be used in safety-critical EAV tasks. In future, it should be tested in the real world with car testing under thermal loading, dynamic recovery extensions, and in connection with the AI-accelerators to make it capable of realtime perception. This would improve the DCLS flexibility and validate its long-term stability correlated to complicated and dynamic vehicular surroundings. ## **Key Contribution** - Applied Dual-Core Lockstep (DCLS) to NXP S32G and achieved ASIL D safety requirements. - Compared the DCLS performance with FlexStep and Dustin on a benchmark basis, with low latency and high fault coverage. - The analysis of secondary data which is validated has analyzed power, EMI resistance, and latency. - Gave a comparative analysis of lockstep and TMR and Lock-V in zonal automotive applications. ### References - [1] Alcaide Portet, S., 2023. Hardware/Software solutions to enable the use of high-performance processors in the most stringent safety-critical systems. - [2] Arifeen, T., Hassan, A.S. and Lee, J.A., 2020. Approximate triple modular redundancy: A survey. *IEEE Access*, 8, pp.139851-139867. - [3] Arthur, D., Becker, C., Epstein, A., Uhl, B. and Ranville, S., 2022. *Foundations of automotive software* (No. DOT HS 813 226). United States. Department of Transportation. National Highway Traffic Safety Administration. - [4] Beckers, A., Guilley, S., Maurine, P., O'Flynn, C. and Picek, S., 2022. (Adversarial) electromagnetic disturbance in the industry. *IEEE transactions on computers*, 72(2), pp.414-422. - [5] Chamorro, W., Sola, J. and Andrade-Cetto, J., 2022. Event-based line slam in real-time. *IEEE Robotics and Automation Letters*, 7(3), pp.8146-8153. - [6] Crankshaw, D., Sela, G.E., Mo, X., Zumar, C., Stoica, I., Gonzalez, J. and Tumanov, A., 2020, October. InferLine: latency-aware provisioning and scaling for prediction serving pipelines. In *Proceedings of the 11th ACM Symposium on Cloud Computing* (pp. 477-491). - [7] Dantas, Y.G. and Nigam, V., 2023. Automating safety and security co-design through semantically rich architecture patterns. *ACM Transactions on Cyber-Physical Systems*, 7(1), pp.1-28. - [8] Foudeh, H.A., Luk, P.C.K. and Whidborne, J.F., 2021. An advanced unmanned aerial vehicle (UAV) approach via learning-based control for overhead power line monitoring: A comprehensive review. *IEEE Access*, 9, pp.130410-130433. - [9] George, J., 2022. Optimizing hybrid and multicloud architectures for real-time data streaming - and analytics: Strategies for scalability and integration. World Journal of Advanced *Engineering Technology and Sciences*, 7(1), pp.10-30574. - [10] Hamidi, D., Gross, T., Cigan, E. and Richter, T., 2023. Meeting Functional Safety Standards on Algorithm Implementation for FPGA and (Application-Specific Integrated Circuit) ASIC in a Dynamic Automotive Environment. embedded world. - [11] Iturbe, X., Venu, B., Ozer, E., Poupat, J.L., Gimenez, G. and Zurek, H.U., 2019. The core lock-step triple (TCLS) processor. ACM Transactions on Computer Systems (TOCS), 36(3), pp.1-30. - [12] Julitz, T.M., Tordeux, A. and Löwer, M., 2022. Reliability of fault-tolerant system architectures for automated driving systems. arXiv preprint arXiv:2210.04040. - [13] Kilian, P., Köhler, A., Van Bergen, P., Gebauer, C., Pfeufer, B., Koller, O. and Bertsche, B., 2021. Principle guidelines for safe power supply systems development. Ieee Access, 9, pp.107751-107766. - [14] Marques, I., Rodrigues, C., Tavares, A., Pinto, S. and Gomes, T., 2021. Lock-V: A heterogeneous fault tolerance architecture based on Arm and RISC-V. Microelectronics Reliability, 120, p.114120. - [15] Marques, I.D.C., 2020. A Loosely-Coupled Armand RISC-V Locksteping technology (Doctoral dissertation). - [16] Mohsan, S.A.H., Othman, N.Q.H., Li, Y., Alsharif, M.H. and Khan, M.A., 2023. Unmanned aerial vehicles (UAVs): Practical aspects, applications, open challenges, security issues, and future trends. Intelligent service robotics, 16(1), pp.109-137. - [17] Nikiema, P.R., Kritikakou, A., Traiola, M. and Sentieys, O., 2023, June. Design with low complexity fine-grained Dual Core Lock-Step (DCLS) RISC-V processors. In 2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S) (pp. 224-229). IEEE. - [18] Nishiyama, H., Fujimoto, D., Sone, H. and Hayashi, Y., 2023. Efficient noninvasive fault injection method utilizing intentional electromagnetic interference. *IEEE* **Transactions** Electromagnetic onCompatibility, 65(4), pp.1211-1219. - [19] Ottavi, G., Garofalo, A., Tagliavini, G., Conti, F., Di Mauro, A., Benini, L. and Rossi, D., 2023. Dustin: A 16-cores parallel ultra-lowpower cluster with 2b-to-32b fully flexible bitprecision and vector Lockstep execution mode. IEEE Transactions on Circuits and Systems I: Regular Papers, 70(6), pp.2450-2463. - [20] Peña-Fernández, M., Serrano-Cases, Lindoso, A., Cuenca-Asensi, S., Entrena, L., Morilla, Y., Martín-Holgado, P. and Martínez-Álvarez, A., 2022. Hybrid lockstep technique for soft error mitigation. IEEE Transactions on Nuclear Science, 69(7), pp.1574-1581. - [21] Saha, S.S., Sandha, S.S. and Srivastava, M., 2022. Machine learning for microcontrollerclass hardware: A review. IEEE Sensors Journal, 22(22), pp.21362-21390. - [22] Sbai, I. and Krichen, S., 2020. A real-time decision support system for big data analytic: of dynamic vehicle routing problems. Procedia Computer Science, 176, pp.938-947. - [23] Sharma, G., Joshi, A.M. and Mohanty, S.P., 2023. sTrade: Blockchain based secure energy trading using vehicle-to-grid authentication in smart transportation. Sustainable Energy Technologies Assessments, 57, p.103296. - [24] Tam, P., Math, S., Nam, C. and Kim, S., 2021. Adaptive resource optimized edge federated learning in real-time image classifications. IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing, 14, pp.10929-10940. - [25] Wu, Q., You, Z., Li, J., Wu, T. and Luo, L., 2023. Evaluating Electromagnetic Interference for Fault Analysis and Maintenance in New Energy Vehicles. Electrica, 23(2). - [26] Xie, G., Zhang, Y., Li, R., Li, K. and Li, K., 2023. Functional Safety for Embedded Systems. CRC Press. - [27] Zhang, Y. and Rasmussen, K., 2022, October. Detection of electromagnetic signal injection attacks on actuator systems. In Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses (pp. 171-184).