System on chip

US 9,904,802 B2
Filed: 11/23/2012
Issued: 02/27/2018
Est. Priority Date: 11/23/2012
Status: Active Grant

First Claim

Patent Images

1. A system on chip, comprising:

two or more responder units; and

two or more protection units, whereineach of said responder units comprises a set of responder elements including first, second, third, and fourth responder elements,each of said protection units is associated with and protects one of said responder units and is arranged to;

provide a group mapping, wherein said group mapping assigns one or more group identifiers to each responder element of a respective responder unit and at least two of said responder elements of the set of responder elements of each of the responder units are assigned the same group identifier by a group identifier list, wherein the first and second responder elements provide a first function and are assigned a first group identifier, and the third and fourth responder elements provide a second function and are assigned a second group identifier, wherein the first and second functions are different,provide a group authorization list, wherein said group authorization list assigns a set of access requirements to each of said group identifiers, wherein the set of access requirements includes allowing a first requestor access to a first target responder element of the target responder elements only during specific time slices and inhibiting access during other time slices,receive a request for access to one or more target responder elements among the responder elements of the respective responder unit,for each of said target responder elements, determine a corresponding one or more group identifiers from said group mapping and further determine a corresponding one or more sets of access requirements from said group authorization list, andcompare said request with respect to the determined set of access requirements, to generate a request evaluation result.

View all claims

24 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system on chip having two or more responder units and two or more protection units is provided. Each of the responder units comprises a set of responder elements. Each of the protection units is associated with and protects one of the responder units and is arranged to provide a group mapping. The group mapping assigns one or more group identifiers to each of the responder elements of the respective responder unit.

Citations

20 Claims

1. A system on chip, comprising:
- two or more responder units; and
  
  two or more protection units, whereineach of said responder units comprises a set of responder elements including first, second, third, and fourth responder elements,each of said protection units is associated with and protects one of said responder units and is arranged to;
  
  provide a group mapping, wherein said group mapping assigns one or more group identifiers to each responder element of a respective responder unit and at least two of said responder elements of the set of responder elements of each of the responder units are assigned the same group identifier by a group identifier list, wherein the first and second responder elements provide a first function and are assigned a first group identifier, and the third and fourth responder elements provide a second function and are assigned a second group identifier, wherein the first and second functions are different,provide a group authorization list, wherein said group authorization list assigns a set of access requirements to each of said group identifiers, wherein the set of access requirements includes allowing a first requestor access to a first target responder element of the target responder elements only during specific time slices and inhibiting access during other time slices,receive a request for access to one or more target responder elements among the responder elements of the respective responder unit,for each of said target responder elements, determine a corresponding one or more group identifiers from said group mapping and further determine a corresponding one or more sets of access requirements from said group authorization list, andcompare said request with respect to the determined set of access requirements, to generate a request evaluation result.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The system on chip of claim 1, wherein said group mapping or said group authorization list or both are static.
  - 3. The system on chip of claim 2, wherein one or more of the group mapping and the group authorization list are configured in non-modifiable hardware.
  - 4. The system on chip of claim 2, further comprising a set of registers lockable against further modifications after being programmed, for configuring said group mapping and group authorization list by programming said set of registers, and subsequent locking of said set of registers.
  - 5. The system on chip of claim 1, wherein said two or more protection units include a first protection unit and a second protection unit, and the group mapping provided by the first protection unit differs from the group mapping provided by the second protection unit.
  - 6. The system on chip of claim 1, wherein said two or more protection units include a first protection unit and a second protection unit, and the group authorization list provided by the first protection unit differs from the group authorization list provided by the second protection unit.
  - 7. The system on chip of claim 1, wherein the group authorization list used by at least one of the protection units is stored in a respective protection unit.
  - 8. The system on chip of claim 7, further comprising:
    - a request analysis unit arranged to;
      
      determine relevant protection data on the basis of said request and on the basis of a system authorization list comprising multiple entries, andprovide selector criteria to a selected protection unit, wherein said selector criteria is based on the determined relevant protection data and enables the selected protection unit to determine said corresponding one or more group identifiers from said group mapping and further determine said corresponding one or more sets of access requirements from said group authorization list stored in the selected protection unit.
  - 9. The system on chip of claim 1, wherein the group authorization list used by at least one of the protection units is provided by another unit within the system on chip.
  - 10. The system on chip of claim 2, wherein said group mapping is implemented by combinatorial logic or masks enabling responder elements located at non-contiguous addresses or varying address offsets to be mapped to the same group identifier.
  - 11. The system on chip of claim 1, wherein each of said responder elements of the set of responder elements has an address and is addressable individually by means of the responder element address.
  - 12. The system on chip of claim 1, wherein said request evaluation result is indicative of an extent to which said request conforms to said determined one or more sets of access requirements.
  - 13. The system on chip of claim 1, wherein each of said protection units is further arranged toperform one or more of the following in dependence on said evaluation result:
    - grant said request to an associated responder unit or corresponding target responder elements;
      
      refuse said request to the associated responder unit or the corresponding target responder elements;
      
      abort the access requested by said request to the associated responder unit or the corresponding target responder elements;
      
      generate an error indication.
  - 14. The system on chip of claim 13, wherein each of said protection units is arranged to provide further information about a refused or aborted request to another unit for error processing or recording within the system on chip.

15. A system on chip, comprising:
- two or more responder units; and
  
  two or more protection units, whereineach of said responder units comprises a set of responder elements,each of said protection units is associated with and protects one of said responder units and is arranged to;
  
  provide a group mapping, wherein said group mapping assigns one or more group identifiers to each responder element of a respective responder unit and at least two of said responder elements of the set of responder elements of each of the responder units are assigned the same group identifier by a group identifier list, wherein a first responder element and a second responder element provide a first function and are assigned a first group identifier, and a third responder element and a fourth responder element provide a second function and are assigned a second group identifier, wherein the first and second functions are different,provide a group authorization list, wherein said group authorization list assigns a set of access requirements to each of said group identifiers wherein the group authorization list used by at least one of the protection units is provided by another unit within the system on chip,receive a request for access to one or more target responder elements among the responder elements of the respective responder unit,for each of said target responder elements, determine a corresponding one or more group identifiers from said group mapping and further determine a corresponding one or more sets of access requirements from said group authorization list, andcompare said request with respect to the determined set of access requirements, to generate a request evaluation result,wherein the group authorization list is provided by a request analysis unit arranged to receive from a requesting actor said request,wherein said request analysis unit is further arranged to determine relevant protection data on the basis of said request and on the basis of a system authorization list comprising multiple entries,wherein said determining of said relevant protection data comprises, for each entry of said system authorization list, to identify entries related to the actor, and to identify entries related to a target responder unit, andwherein said request analysis unit is further arranged to provide said relevant protection data to at least one target protection unit, said at least one target protection unit being a protection unit associated with a selected target responder unit, and located in a hierarchical path between a requesting requestor unit and said target responder unit.

16. A system on chip, comprising:
- first and second responder units; and
  
  first and second protection units, whereinthe first responder unit comprises a first set of responder elements and the second responder unit comprises a second set of responder elements,the first protection unit is associated with and protects the first responder unit and the second protection unit is associated with and protects the second responder unit, the first protection unit is arranged to;
  
  provide a group mapping, wherein the group mapping assigns one or more group identifiers to each responder element of the first responder unit and at least two of the responder elements of the first set of responder elements are assigned the same group identifier by a group identifier list, wherein a first responder element and a second responder element provide a first function and are assigned a first group identifier, and a third responder element and a fourth responder element provide a second function and are assigned a second group identifier, wherein the first and second functions are different,provide a group authorization list, wherein said group authorization list assigns a set of access requirements to each of the group identifiers,receive a request for access to one or more target responder elements among the responder elements of the first responder unit,for each of the target responder elements, determine a corresponding one or more group identifiers from said group mapping and further determine a corresponding one or more sets of access requirements from said group authorization list, wherein the set of access requirements includes allowing a first requestor access to a first target responder element of the target responder elements only during specific time slices and inhibiting access during other time slices, andcompare said request with respect to the determined set of access requirements, to generate a request evaluation result.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system on chip of claim 16, wherein the first target responder element is preconfigured by a manufacturer to provide an original function in the first responder unit.
  - 18. The system on chip of claim 17, wherein a fifth responder element of the first set of responder elements stores a third function on the first responder unit, wherein the third function is installed by a customer.
  - 19. The system on chip of claim 16, wherein the first protection unit is arranged to provide further information about a refused or aborted request to another unit for error processing or recording within the system on chip.
  - 20. The system on chip of claim 16, wherein the group authorization list provided by the first protection unit differs from a second group authorization list provided by the second protection unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP USA, Inc. (NXP Semiconductors NV)
Original Assignee
NXP USA, Inc. (NXP Semiconductors NV)
Inventors
Rohleder, Michael, Singer, Stefan, Thanner, Manfred
Primary Examiner(s)
Plecha, Thaddeus

Application Number

US14/647,089
Publication Number

US 20150310229A1
Time in Patent Office

1,922 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 21/71   to assure secure computing ...

G06F 21/74   operating in dual or compar...

G06F 21/78   to assure secure storage of...

G06F 2115/08   Intellectual property [IP] ...

H04L 63/105   Multiple levels of security

System on chip

First Claim

24 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System on chip

First Claim

24 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links