System on chip and method therefor
First Claim
1. A system-on-chip comprising:
- a responder unit comprising a set of responder elements;
an access control unit associated with an authorization list and the responder unit, an entry of the authorization list defining a set of access requirements in relation to an address space identifying at least part of the responder unit;
wherein the access control unit is arranged to;
receive a request for access to a target responder element among the responder elements of the responder unit;
determine a corresponding set of access requirements for the received access request from the authorization list; and
evaluate the request for access with respect to the determined set of access requirements and generate a first request evaluation result; and
a protection unit associated with the responder unit, the protection unit being arranged to;
provide a group assignment assigning a group to each of the responder elements of the responder unit;
provide a group authorization list, an entry of the group authorization list defining a set of group access requirements for the group assigned;
receive the request for access to the target responder element;
determine the group assigned to the target responder element from the group assignment and further determine the set of group access requirements from the group authorization list for the group assigned; and
evaluate the request with respect to the determined set of group access requirements and generate a second request evaluation result; and
wherein;
interaction with the target responder element is controlled in response to at least one of the first and second evaluation result, andthe protection unit is arranged to provide at least one of a further group assignment and a further group authorization list to control access, when in use, to the target responder element, and select between at least one of the group assignment and the further group assignment, and the group authorization list and the further group authorization list in response to evaluating a predetermined criterion.
11 Assignments
0 Petitions
Accused Products
Abstract
A system on chip comprises a responder unit comprising a set of responder elements and an access control unit associated with an authorization list and the responder unit. An entry of the authorization list defines a set of access requirements in relation to an address space identifying at least part of the responder unit. The access control unit is arranged to: receive a request for access to a target responder element among the responder elements of the responder unit, determine the corresponding set of access requirements for the received access request from the authorization list, and evaluate the request for access with respect to the determined set of access requirements and generate a first request evaluation result. A protection unit associated with the responder unit is arranged to: provide a group assignment assigning a group to each of the responder elements of the responder unit, provide a group authorization list, an entry of the group authorization list defining a set of group access requirements for the group assigned, receive the request for access to the target responder element, determine the group assigned to the target responder element from the group assignment and further determine the set of group access requirements from the group authorization list for the group assigned. The system-on-chip also evaluates the request with respect to the determined set of group access requirements and generates a second request evaluation result. Interaction with the target responder element is controlled in response to the first and/or second evaluation result.
-
Citations
12 Claims
-
1. A system-on-chip comprising:
-
a responder unit comprising a set of responder elements; an access control unit associated with an authorization list and the responder unit, an entry of the authorization list defining a set of access requirements in relation to an address space identifying at least part of the responder unit;
wherein the access control unit is arranged to;receive a request for access to a target responder element among the responder elements of the responder unit; determine a corresponding set of access requirements for the received access request from the authorization list; and evaluate the request for access with respect to the determined set of access requirements and generate a first request evaluation result; and a protection unit associated with the responder unit, the protection unit being arranged to; provide a group assignment assigning a group to each of the responder elements of the responder unit; provide a group authorization list, an entry of the group authorization list defining a set of group access requirements for the group assigned; receive the request for access to the target responder element; determine the group assigned to the target responder element from the group assignment and further determine the set of group access requirements from the group authorization list for the group assigned; and evaluate the request with respect to the determined set of group access requirements and generate a second request evaluation result; and wherein; interaction with the target responder element is controlled in response to at least one of the first and second evaluation result, and the protection unit is arranged to provide at least one of a further group assignment and a further group authorization list to control access, when in use, to the target responder element, and select between at least one of the group assignment and the further group assignment, and the group authorization list and the further group authorization list in response to evaluating a predetermined criterion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An integrated circuit comprising:
-
a responder unit comprising a set of responder elements; an access control unit associated with an authorization list and the responder unit, an entry of the authorization list defining a set of access requirements in relation to an address space identifying at least part of the responder unit;
wherein the access control unit is arranged to;receive a request for access to a target responder element among the responder elements of the responder unit; determine a corresponding set of access requirements for the received access request from the authorization list; and evaluate the request for access with respect to the determined set of access requirements and generate a first request evaluation result; and a protection unit associated with the responder unit, the protection unit being arranged to; provide a group assignment assigning a group to each of the responder elements of the responder unit; provide a group authorization list, an entry of the group authorization list defining a set of group access requirements for the group assigned; receive the request for access to the target responder element; determine the group assigned to the target responder element from the group assignment and further determine the set of group access requirements from the group authorization list for the group assigned; and evaluate the request with respect to the determined set of group access requirements and generate a second request evaluation result; and
wherein;interaction with the target responder element is controlled in response to at least one of the first and second evaluation result, and the protection unit is arranged to provide at least one of a further group assignment and a further group authorization list to control access, when in use, to the target responder element, and select between at least one of the group assignment and the further group assignment, and the group authorization list and the further group authorization list in response to evaluating a predetermined criterion.
-
-
12. A method of protecting a responder unit in a system-on-chip comprising a set of responder elements, the method comprising:
-
provide an authorization list, an entry of the authorization list defining a set of access requirements in relation to an address space identifying at least part of the responder unit; receiving a request for access to a target responder element among the responder elements of the responder unit; determining a corresponding set of access requirements for the received access request from the authorization list; and evaluating the request for access with respect to the determined set of access requirements and generate a first request evaluation result; providing a group assignment assigning a group to each of the responder elements of the responder unit; providing a group authorization list, an entry of the group authorization list defining a set of group access requirements to the group; receiving the request for access to the target responder element; determining the corresponding group for the target responder element from the group assignment and further determining the corresponding set of group access requirements from the group authorization list; evaluating the request with respect to the determined set of group access requirements and generate a second request evaluation result; and controlling interaction with the target responder element in response to the first or second evaluation result, wherein the protection unit is arranged to provide at least one of a further group assignment and a further group authorization list to control access, when in use, to the target responder element, and select between at least one of the group assignment and the further group assignment, and the group authorization list and the further group authorization list in response to evaluating a predetermined criterion.
-
Specification