Disclosure of Invention
The following presents a simplified summary in order to provide a basic understanding of some aspects of the disclosed embodiments. This summary is not an extensive overview nor is intended to identify key/critical elements or to delineate the scope of such embodiments but rather as a prelude to the more detailed description that is presented later.
The embodiment of the disclosure provides a method, a device, electronic equipment and a storage medium for AMBA bus function safety protection, so as to provide a scheme supporting end-to-end protection of AMBA bus equipment.
In some embodiments, the method for AMBA bus function security protection includes:
judging the legality of the address of the slave equipment under the condition that the master equipment initiates a data transmission request;
under the condition that the address of the slave device passes the legality, the device is authenticated;
transmitting relevant information under the condition that the equipment passes authentication, and verifying the transmitted information;
and sending alarm information under the condition that errors are found in the verification.
Optionally, the determining the validity of the slave device address includes:
acquiring a bus address range;
verifying the validity of the equipment according to the corresponding relation between the bus address range and the equipment address;
determining that the slave address is legal under the condition that the slave address is consistent with the bus address range; otherwise, the slave address is determined to be illegal.
Optionally, authenticating the device includes:
acquiring authority configuration information;
verifying the authority of the equipment according to the corresponding relation between the authority configuration information and the equipment authority information;
determining that the equipment passes the authentication under the condition that the authority information of the equipment is consistent with the authority configuration information; otherwise, determining that the device authentication is not passed.
Optionally, the related information includes a control signal, a data address signal and a data signal.
Optionally, the checking the transmitted information includes:
and carrying out data check on the control signal, the data address signal and the data signal, and sending check information through the bypass channel.
Optionally, performing data verification on the control signal, the data address signal, and the data signal includes:
performing parity check on the control signal;
EDC (error-detection and-correction bit) check is performed on the data address signal and the data signal.
Optionally, the warning information includes one or more of check warning information of read data, write data, read address, and control signal.
In some embodiments, the means for AMBA bus function security protection comprises:
processor and memory storing program instructions, the processor being configured to perform the above-described method for AMBA bus functionality security protection when executing the program instructions
In some embodiments, the electronic device comprises:
the device for AMBA bus function safety protection is described above.
In some embodiments, the storage medium comprises
There are stored program instructions which, when executed, perform the method for AMBA bus functionality security protection as described above.
The method, the device, the electronic equipment and the storage medium for AMBA bus function safety protection provided by the embodiment of the disclosure can realize the following technical effects:
the address of the slave device is judged to be legal, and the slave device is authenticated. And in the case of passing the authentication, transmitting the relevant information and checking the information. In the process, the verification protection of the transmission data can be effectively realized, the protection of the error slave equipment is supported, and the access of the authority is supported. Therefore, the functional safety design blank of the AMBA bus is effectively filled, and a scheme supporting the end-to-end protection of the AMBA bus equipment is provided.
The foregoing general description and the following description are exemplary and explanatory only and are not restrictive of the application.
Detailed Description
So that the manner in which the features and elements of the disclosed embodiments can be understood in detail, a more particular description of the disclosed embodiments, briefly summarized above, may be had by reference to the embodiments, some of which are illustrated in the appended drawings. In the following description of the technology, for purposes of explanation, numerous details are set forth in order to provide a thorough understanding of the disclosed embodiments. However, one or more embodiments may be practiced without these details. In other instances, well-known structures and devices may be shown in simplified form in order to simplify the drawing.
The terms "first," "second," and the like in the description and in the claims, and the above-described drawings of embodiments of the present disclosure, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged under appropriate circumstances such that embodiments of the present disclosure described herein may be made. Furthermore, the terms "comprising" and "having," as well as any variations thereof, are intended to cover non-exclusive inclusions.
The term "plurality" means two or more unless otherwise specified.
In the embodiment of the present disclosure, the character "/" indicates that the preceding and following objects are in an or relationship. For example, A/B represents: a or B.
The term "and/or" is an associative relationship that describes objects, meaning that three relationships may exist. For example, a and/or B, represents: a or B, or A and B.
The term "correspond" may refer to an association or binding relationship, and a corresponds to B refers to an association or binding relationship between a and B.
With reference to fig. 1, a system architecture diagram for AMBA bus function security protection provided by the embodiment of the present disclosure includes a master device 100 and a slave device 200. The master device 100 includes, among other things, register settings 101, a master write address channel 102, a master read address channel 103, a master write data channel 104, a master read data channel 105, a master read write control signal channel 106, and a master verify error capture 107. The slave device 200 includes register settings 201, a master write address channel 202, a master read address channel 203, a master write data channel 204, a master read data channel 205, a master read and write control signal channel 206, and a master check error capture 207.
In the disclosed embodiment, the master device check error capture 107 is used to capture the check error of the master device side read data and the check error of the read/write control signal. The slave device check error capture 207 is used to capture a check error of the slave device side read address, a check error of the write address, and a check error of the write data.
In the disclosed embodiment, the communication between the master device and the slave device is realized through a BUS, namely a BUS shown in the figure. The transmission of the check information is transmitted through a configured bypass channel, and the transmission of the master identification (master _ ID) is also transmitted through the bypass channel. The bypass channel is not shown in the figure.
In the embodiment of the present disclosure, the read-write control signal channel related to the master device and the slave device may be understood as a handshake signal, which may be, for example, a write operation control signal and a write operation response signal; a read operation control signal and a read operation response signal. It should be understood that the read/write address channels, the read/write data channels, the read/write control signal channels, and the check error capture/bypass channels related to the master device and the slave device may be electrically connected according to a predefined interface configuration in an actual working condition, which is not specifically limited in this application as long as the application can reflect that the master device and the slave device exist in the system provided by the embodiment of the present disclosure and can implement the above functions.
With reference to fig. 2, an embodiment of the present disclosure provides a method for AMBA bus function security protection, including:
s21, when the master device initiates a data transfer request, determines the validity of the slave device address.
S22, if the address of the slave device is legal, the slave device is authenticated.
And S23, transmitting the relevant information and checking the transmitted information under the condition that the slave device passes the authentication.
And S24, sending alarm information when the error is found in the verification.
By adopting the method for AMBA bus function safety protection provided by the embodiment of the disclosure, the address of the slave device is judged to be legal, and the slave device is authenticated. And in the case of passing the authentication, transmitting the relevant information and checking the information. In the process, the verification protection of the transmission data can be effectively realized, the protection of the error slave equipment is supported, and the access of the authority is supported. Therefore, the functional safety design blank of the AMBA bus is effectively filled, and a scheme supporting the end-to-end protection of the AMBA bus equipment is provided.
Optionally, the determining the validity of the slave device address includes:
acquiring a bus address range; verifying the validity of the equipment according to the corresponding relation between the bus address range and the equipment address; determining that the slave address is legal under the condition that the slave address is consistent with the bus address range; otherwise, the slave address is determined to be illegal.
In the embodiment of the present disclosure, when the bus accesses the slave device, the validity of the address of the corresponding slave device needs to be determined first. Legal slave devices register the bus address range, so that the legality of the corresponding slave device can be verified by acquiring the bus address range and according to the corresponding relation between the bus address range and the slave device address. That is, the valid slave address belongs to the bus address range, and the same slave address can be determined according to the correspondence.
In practical applications, the communication between the master device and the slave device needs to receive a response signal corresponding to the transmitted signal after the relevant signal is transmitted by the master device. If the master device does not receive the response signal after sending, the phenomenon of bus hang-up is easily formed. Referring to fig. 3, a schematic diagram of a method for AMBA bus function security protection according to an embodiment of the present disclosure is provided. That is, in the case where access to the slave device is required, such as a read operation or a write operation, an erroneous slave device judgment is made. When the address of the corresponding slave device is legal, the corresponding device is judged not to be the wrong slave device in the corresponding graph, communication between the master device and the slave device is established, and the slave device sends a response signal. And under the condition that the address of the corresponding slave device is illegal, the corresponding device is judged to be a wrong slave device in the corresponding graph, the bus takes over the wrong slave device, and an illegal address response signal is transmitted back to the master device.
Thus, the validity of the slave device address is judged by acquiring the bus address range. The method can effectively avoid the possible hang-up phenomenon of the AMBA bus, namely under the condition that the slave equipment address is illegal, the bus returns an address illegal response signal, thereby realizing the protection of the wrong slave equipment and further ensuring the safety of the end-to-end protection scheme of the AMBA bus.
Optionally, authenticating the device includes:
acquiring authority configuration information; verifying the authority of the equipment according to the corresponding relation between the authority configuration information and the equipment authority information; determining that the equipment passes the authentication under the condition that the authority information of the equipment is consistent with the authority configuration information; otherwise, determining that the device authentication is not passed.
In the embodiment of the present disclosure, acquiring the authority configuration information may be understood as acquiring a master _ ID. When the master device in the bus initiates transmission, the master _ ID is transmitted through the bypass channel, and the slave device obtains the master _ ID through analyzing the bypass channel.
In the embodiment of the present disclosure, the device authority information may be understood as the accept configuration information. Both the master _ ID and the accept configuration information may be configured by the CPU. Each bit of the accept configuration information corresponds to a master _ ID for indicating the authentication information of the master device, i.e., whether the corresponding master device can access. Table 1 below provides an example table of correspondence between rights information and rights configuration information of a device, where the example table of correspondence is used to indicate the correspondence between the rights information and the rights configuration information of the device.
TABLE 1
Device rights information
|
Authority configuration information
|
First authority information
|
First configuration information
|
Second authority information
|
Second configuration information
|
…
|
…
|
Nth authority information
|
Nth configuration information |
In practical applications, for example, the accept configuration information is characterized as 0x0000_0001, which indicates that the master device with the corresponding master _ ID of 1 can access the accept configuration information. That is, the device authority information accept configuration information corresponding to the master device whose authority configuration information master _ ID is 1 is 0x0000_0001, thereby implementing device authentication according to the correspondence between the authority configuration information and the device authority information. It should be understood that the device rights information and the rights configuration information shown in table 1 are bit correspondences.
In practical application, as shown in fig. 4, a schematic diagram of a method for AMBA bus function security protection is shown. And judging the authority through the authority configuration information and the master _ ID obtained by analyzing the bypass signal. And under the condition that the bits of the accept configuration information are consistent with the master _ ID, determining that the equipment passes the authentication, namely, accessing in the corresponding graph, and further executing the writing operation. And under the condition that the bits of the accept configuration information are not consistent with the master _ ID, determining that the equipment does not pass the authentication, namely, reporting the fault in the corresponding graph, and further, returning the response signal that the authority of the bus does not pass.
Thus, the authentication of the equipment is carried out through the authority configuration information and the equipment authority information. The device without the access authority can be effectively accessed, and the authority access is realized. Therefore, the safety access of the equipment can be effectively ensured through authentication, and the safety of the AMBA bus end-to-end protection scheme is further ensured.
Optionally, the related information includes a control signal, a data address signal and a data signal.
In the embodiments of the present disclosure, the control signal may be understood as a signal transmitted by the control signal channel, the data address signal may be understood as a signal transmitted by the read address channel and the write address channel, and the data signal may be understood as a signal transmitted by the read data channel and the write data channel.
Optionally, the checking the transmitted information includes:
and carrying out data check on the control signal, the data address signal and the data signal, and sending check information through the bypass channel.
In the embodiment of the present disclosure, the check information transmitted through the bypass channel may be understood as related check bit information for performing data check on the control signal, the data address signal, and the data signal.
Optionally, performing data verification on the control signal, the data address signal, and the data signal includes:
performing parity check on the control signal;
and performing EDC check on the data address signals and the data signals.
Fig. 5 and fig. 6 are combined to show a schematic diagram of a method for AMBA bus function security protection. It should be understood that the bypass path corresponds to the figure with the reference number side and the parity corresponds to the figure with the reference number parity. enc denotes an encoding calculation process corresponding to a parity check or an EDC check, and dec denotes a decoding calculation process corresponding to a parity check or an EDC check. And Alarm represents the reporting of Alarm information.
In the disclosed embodiment, parity check is performed on the control signal, and the encoding calculation of the check bits is performed on the master device side. Then the transmission is carried out through a bypass channel, and decoding check is carried out on the slave device side. And if the parity check error occurs, reporting alarm information.
In the embodiment of the present disclosure, EDC check is performed on the data address signal, and the encoding calculation of the check bit is performed on the host device side. Then the transmission is carried out through a bypass channel, and decoding check is carried out on the slave device side. And if the EDC check error occurs, reporting alarm information.
In the embodiment of the present disclosure, EDC check is performed on write data, and the encoding calculation of check bits is performed on the host device side. Then the transmission is carried out through a bypass channel, and decoding check is carried out on the slave device side. And if the EDC check error occurs, reporting alarm information. And performing EDC check on the read data, and calculating the encoding of the check bit on the slave device side. Then the transmission is carried out through the bypass channel, and decoding check is carried out on the main equipment side. And if the EDC check error occurs, reporting alarm information.
In practical applications, parity check can be understood as an encoding calculation process of performing an exclusive or operation on each 8 bits of data at the master device to obtain a check bit y 1. The check bit y1 is transmitted through the bypass path. On the slave side, the check bit y0 is obtained by decoding calculation. And when y1 is inconsistent with y0, the parity error is considered to occur, and alarm information is reported. It should be understood that parity is a mature technology, and is not described in detail herein.
In practical application, the EDC check adopts an algorithm of adding a 32-bit data bit and a 7-bit check bit to carry out coding and decoding, and supports single-bit error correction and double-bit error reporting. It should be understood that EDC check belongs to a relatively mature technology, and is not described in detail herein.
Optionally, in the case that an error is found in the verification, sending the warning information, including sending the verification warning information of one or more of read data, write data, read address, and control signal in the case that an error is found in the verification.
In the embodiment of the present disclosure, in the case that an error is found in the verification, sending the alarm information may be understood as capturing the verification error information of the master device side and the slave device side by the verification error capturing of the master device side and the slave device side, respectively, and reporting the verification error information through the bus.
Thus, the data check is performed on the control signal, the data address signal and the data signal, and the check information is sent through the bypass channel. The verification protection of the transmission data is effectively realized, and the safety of an AMBA bus end-to-end protection scheme is further ensured.
As shown in fig. 7, an apparatus for AMBA bus function security protection according to an embodiment of the present disclosure includes a processor (processor)700 and a memory (memory) 701. Optionally, the apparatus may further include a Communication Interface (Communication Interface)702 and a bus 703. The processor 700, the communication interface 702, and the memory 701 may communicate with each other via a bus 703. Communication interface 702 may be used for information transfer. The processor 700 may call logic instructions in the memory 701 to perform the method for AMBA bus function security protection of the above-described embodiment.
In addition, the logic instructions in the memory 701 may be implemented in the form of software functional units and may be stored in a computer readable storage medium when the logic instructions are sold or used as independent products.
The memory 701 is a computer-readable storage medium and can be used for storing software programs, computer-executable programs, such as program instructions/modules corresponding to the methods in the embodiments of the present disclosure. The processor 100 executes functional applications and data processing by executing program instructions/modules stored in the memory 701, that is, implements the method for AMBA bus function security protection in the above-described embodiment.
The memory 701 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal device, and the like. Further, memory 701 may include high speed random access memory, and may also include non-volatile memory.
The embodiment of the disclosure provides an electronic device, which includes the above-mentioned device for AMBA bus function security protection.
Embodiments of the present disclosure provide a computer-readable storage medium storing computer-executable instructions configured to perform the above-described method for AMBA bus function security protection.
The computer-readable storage medium described above may be a transitory computer-readable storage medium or a non-transitory computer-readable storage medium.
The technical solution of the embodiments of the present disclosure may be embodied in the form of a software product, where the computer software product is stored in a storage medium and includes one or more instructions to enable a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method of the embodiments of the present disclosure. And the aforementioned storage medium may be a non-transitory storage medium comprising: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes, and may also be a transient storage medium.
The above description and drawings sufficiently illustrate embodiments of the disclosure to enable those skilled in the art to practice them. Other embodiments may incorporate structural, logical, electrical, process, and other changes. The examples merely typify possible variations. Individual components and functions are optional unless explicitly required, and the sequence of operations may vary. Portions and features of some embodiments may be included in or substituted for those of others. Furthermore, the words used in the specification are words of description only and are not intended to limit the claims. As used in the description of the embodiments and the claims, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. Similarly, the term "and/or" as used in this application is meant to encompass any and all possible combinations of one or more of the associated listed. Furthermore, the terms "comprises" and/or "comprising," when used in this application, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. Without further limitation, an element defined by the phrase "comprising an …" does not exclude the presence of other like elements in a process, method or apparatus that comprises the element. In this document, each embodiment may be described with emphasis on differences from other embodiments, and the same and similar parts between the respective embodiments may be referred to each other. For methods, products, etc. of the embodiment disclosures, reference may be made to the description of the method section for relevance if it corresponds to the method section of the embodiment disclosure.
Those of skill in the art would appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software may depend upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the disclosed embodiments. It can be clearly understood by the skilled person that, for convenience and brevity of description, the specific working processes of the system, the apparatus and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.