摘要
为满足大批量数据处理和信息安全的需要,基于通用处理器与专用密码协处理器设计了一款异构多核安全SoC芯片。在分析了高性能SoC主要结构和安全问题的基础上,融合安全硬件结构及边界控制思想,设计了密码服务区和应用开发区分离的多层安全SoC芯片硬件架构。对比不同权限电路设计方案后,采用真值表方法设计专用安全控制单元来实现两个区域的硬件隔离,并根据SoC芯片受到的安全威胁设定安全拦截规则。采用EDA工具进行仿真实验,结果表明安全控制单元能够有效拦截应用开发区对密码服务区的非法访问,保护芯片的安全而且产生的延迟较小。
To meet the demand of the mass data processing and information security, the heterogeneous multi-core SoC chip including the general RISC processor and the dedicated cryptographic coprocessor is designed. Analyzing the structure of the perfor- mance SoC and fusing security hardware structure and security border control theory, this paper puts forward the multi-layered se- curity architecture of SoC, which has the application service area and the cryptographic service area. After comparing the different design scheme of authority circuit, the security control unit is designed using truth table method to realize two regions hardware iso- lation. Set security blocking rules according to the security threats for SoC chip. The simulation results show that the safety control unit can effectively intercept the application service area illegally accessing the cryptographic service area, and can protect data se- curity and has a low latency.
出处
《电子技术应用》
北大核心
2013年第11期13-16,共4页
Application of Electronic Technique
关键词
异构多核
片上总线
硬件隔离
密码服务区
安全边界控制
heterogeneous multi-core
on-chip bus(OCB)
hardware isolation
cryptographic service area
security border control
