Diamond Point International

MEN Mikro D602 - 6U cPCI/CompactPCI® PowerPC® Safe Computer

3x PowerPC® 750 (Lockstep Mode), 3x 512 MB DDR RAM


The D602 is a 6U CompactPCI® COTS computer with onboard functional safety that realizes triple redundancy on a single board to achieve fail-operational, fault-tolerant behavior. The board can also act as a fail-silent subsystem, i.e. it can shut down in case of a fatal fault. Its complex FPGA-based design helps dramatically lower software development costs as it automatically manages the system's triple-redundant processors and memory. The result: The system's redundant architecture is fully taken advantage of by software designed for a standard single-CPU card.

The D602 is designed for deterministic operation and offers extensive BITE features (e.g., ECC error counters for all types of memory, monitoring of all internal voltages), internal buses with error correction and fault-tolerant (fail-operational) implementation. Its three processors run in lockstep mode with 2-out-of-3 (2oo3) voting implemented in FPGA and software-assisted resynchronization, while its triple redundant dynamic memory automatically corrects upsets caused by cosmic radiation (SEU) and hardware faults. The system is powered by redundant local power supplies with separate power supplies for the three CPUs and the three main memory ranks.

The D602 has been developed according to DO-254, compliant to DO-160 and certifiable up to DAL-A in avionics applications. Additionally, the product meets the requirements of EN50128/EN50129 and can be deployed in signalling and rolling stock applications up to SIL 4. All I/O is realized in SEU-resistant FPGAs and available on the system's rear connectors. Additionally, the D602 offers two PMC slots (product revisions -02 and later with rear I/O for PMC1). As an option, the second PMC slot can be customized for an AFDX® PMC (rear I/O only). A second D602 can be connected to build a high reliability/availability cluster. The two D602s exchange data via a sextuple UART connection and a BMCX link.



CPU Spec3x PowerPC® 750 CL
• Scalable performance
• 1 GHz processor core frequency
• Superscalar
• Classic PowerPC® FPU, MMU
• CPU bus to FPGA: 100-MHz/64-bit

Lock-step operation
• All CPUs do the same thing at the same time
• 2-out-of-3 voting in FPGA with CPU bus clock speed (100MHz)
• Software-assisted resynchronization
• No functional interruption in case of an SEU inside the CPU
ChipsetNorth- and Southbridge realized in FPGA
Memory2x 32 kB L1 cache, 1MB L2 cache integrated in each CPU

3 independent ranks of 512MB DDR SDRAM system memory, FPGA-controlled
• 100MHz memory bus frequency (32 bit)
• Up to 800 MB/s
• 2-out-of-3 voting in FPGA
• Scrubbing to prevent accumulation of SEU
• No functional interruption in case of an SEU inside the memory

2 independent ranks of 256MB Flash, FPGA-controlled
• Primary and backup Flash ranks contain the same data, auto-selection by boot loader
• ECC protection

• ECC protection

4KB serial EEPROM for production data (serial number etc.)
ExpansionCompliance with CompactPCI® Core Specification PICMG 2.0 R3.0
System slot
32-bit/33-MHz PCI-to-PCI bridge
V(I/O): +3.3V

Two PMC slots
• 32 bit/33 MHz, 3.3V V(I/O)
• PMC slot 1 with rear I/O (revisions -02 and later)
Rear I/OAll I/O realized in FPGA and available at rear I/O

Sextuple UART
• E.g., for communication with other D602
• Data rates up to 460,800 Baud for each channel
• Handshake lines: none

• Data rates up to 460,800 Baud
• 2x 256 Byte transmit/receive buffer
• Handshake lines: none

PCI bus

I²C bus
OtherVoltage monitoring
Temperature monitoring
Reset signal control
Control of redundant power supplies

Sleep mode
• Lowers power consumption in case of primary power supply interruption
• Power failure indicated through signals from backplane
• Supports power interruptions specified in Airbus directive ABD0100.1.9
• CPUs and memory can be put into sleep mode

Redundant clock generation

Connection with second D602 possible (with special backplane)
• Control of shared outputs
• Exchange of state information
• BMC and 6x UART link
CommonAll components soldered
Protection class IP00 (EN50124, Category PD1)


ElectricalDual power input from CompactPCI® bus, uninterrupted (EN50155, Class S1)
• 3.3V (-5%/+5%)
• 5V (-3%/+5%)
• Standard backplane supplies both input rails with power
• Continued operation if one power input fails (or is not present)
• Separate power supplies for the three CPUs and the three main memory ranks

Supply voltage/power consumption:
• 30W
• 15W in sleep mode
MechanicalDimensions: conforming to CompactPCI® specification for 6U boards
Front panel: 4HP with ejector
Conformal Coatingon request
SoftwareVxWorks®, VxWorks®/Cert
TemperatureTemperature range (operation):
• 1-slot models: -40..+55°C (qualified components), temperature classes T1, T2, and TX inside buildings, or in containers with temperature control for signalling equipment, according to EN 50125-3, table 2
• 2-slot models: -40..+70°C (qualified components), temperature classes T1, T2, and T3 for equipment onboard rolling stock, according to EN 50125-1, table 2
• Airflow: min. 2 m/s
HumidityRelative humidity (operation): max. 95% non-condensing
Relative humidity (storage): max. 95% non-condensing
Weight640g (with heat sink)
VibrationCompliant to EN50125-1, meeting requirements of EN61373, Cat. 1, Class B and Classes GTX, GL3 for rolling stock
Vibration (function): 1 m/s², 5 Hz - 150 Hz (EN 61373)
Vibration (lifetime): 7.9 m/s², 5 Hz - 150 Hz (EN 61373)
ShockCompliant to EN50125-1, meeting requirements of EN61373, Cat. 1, Class B and Classes GTX, GL3 for rolling stock
Shock: 50 m/s², 30 ms (EN 61373)
Safety/CertificationErroneous behavior of CPU/memory subsystem < 1E-8 / h
• Considering hardware failures and worst-case SEU environment
PCB manufactured with a flammability rating of 94V-0 by UL recognized manufacturers
EMCEN55011 (radiated emission disturbances - rolling stock)
EN 61000-6-4 (radiated emission disturbances - signalling equipment)
EN 61000-4-3 (electromagnetic field immunity)
EN61000-4-2 (electrostatic discharge immunity)
EN61000-4-8 (power - frequency magnetic field)
EN61000-4-9 (pulsed magnetic field)
Warranty2 Years

Ordering Details

3x PowerPC® 750CL, 1 GHz, 3x 512 MB DRAM, 2x 256 MB Flash, 1 MB FRAM, 2 standard PMC slots, 4 HP board, convection cooling (airflow 2 m/s), -40 to +50°C with qualified components
Rear I/O adapter D602 without front panel; with RS232, PMC rear I/O, 6x DEX UART, BMCX, AFDX®, debug signals, -40..+85°C with qualified components
Dual Fast Ethernet, 2 Ethernet cores, 6 GPIO signals, front I/O, for convection cooled systems, -40..+85°C with qualified components

