CN113454611B - Method for verifying the integrity of address and control signals, and related products - Google Patents
Method for verifying the integrity of address and control signals, and related products Download PDFInfo
- Publication number
- CN113454611B CN113454611B CN201980091540.6A CN201980091540A CN113454611B CN 113454611 B CN113454611 B CN 113454611B CN 201980091540 A CN201980091540 A CN 201980091540A CN 113454611 B CN113454611 B CN 113454611B
- Authority
- CN
- China
- Prior art keywords
- original
- control information
- information
- verification
- subsystem
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000012795 verification Methods 0.000 claims abstract description 128
- 238000012545 processing Methods 0.000 claims description 10
- 238000012937 correction Methods 0.000 claims description 7
- 125000004122 cyclic group Chemical group 0.000 claims description 6
- 238000013135 deep learning Methods 0.000 claims description 4
- 230000006870 function Effects 0.000 abstract description 8
- 239000000872 buffer Substances 0.000 description 22
- 238000004590 computer program Methods 0.000 description 10
- 238000004364 calculation method Methods 0.000 description 7
- 206010009944 Colon cancer Diseases 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 3
- 238000013500 data storage Methods 0.000 description 3
- 238000013524 data verification Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 239000000835 fiber Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000011664 signaling Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1466—Key-lock mechanism
- G06F12/1475—Key-lock mechanism in a virtual system, e.g. with translation means
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Techniques For Improving Reliability Of Storages (AREA)
- Detection And Correction Of Errors (AREA)
Abstract
The disclosure provides a method for verifying a signal to be verified and a related product. The method is applied to a verification device (400), comprising: a first obtaining module (401) for obtaining a signal to be verified carrying first control information, wherein the first control information is generated based on original control information; a second obtaining module (402) for obtaining original verification information; a determining module (403) for determining the first control information according to the signal to be verified; and a verification module (404) for verifying the correctness of the first control information based on the original verification information. The present disclosure may be used to achieve reliability and functional security on devices originally designed without features intended to support those functions.
Description
Technical Field
The present disclosure relates to the field of computer technology, and in particular, to a method for verifying an address or control signal in a product requiring high reliability and/or functional security, and a related product.
Background
When a processor or device supporting direct memory access (direct memory access, DMA) needs to read or write to a memory location, the appropriate line (read or write) will be active (logic 1) according to the command on the control bus for the read or write, and then the address bus designates the memory location on the address bus, thereby enabling the read or write of the data carried on the data bus.
Data verification is necessary to ensure data integrity, i.e., to ensure that the data to be read or written is both correct and useful. Data verification uses routines, commonly referred to as "verification rules", "verification constraints" or "verification routines", to verify the correctness, meaning, and security of data input to the system. Data verification is applicable not only to the correctness of the written or read data itself, but also to the location where the data is read and written. For example, for each memory access command, the address and valid byte of each data word to be written or read from memory will be issued as part of the transaction. Even if the data itself is correct, memory access is not valid if the address or number of valid bytes to be accessed is incorrect. For example, if a control indicating the number of bytes to write is 1 byte long, the valid data in the system may be corrupted, although the data written to memory is valid.
This background information is provided to reveal information believed by the applicant to be of possible relevance to the present disclosure. It is not necessarily to be construed as an admission that any of the preceding information constitutes prior art against the present disclosure.
Disclosure of Invention
In view of this, the present disclosure provides a method of verifying address or control signals, e.g., address and control signaling with minimal hardware area/cost and minimal or no computational overhead. The present disclosure may be used to achieve reliability and functional security on devices originally designed without features intended to support those functions.
The foregoing and other objects are achieved by the subject matter of the independent claims. Further embodiments are evident from the dependent claims, the description and the figures.
The first aspect of the present invention relates to a method for verifying a signal to be verified, comprising:
obtaining a signal to be verified carrying first control information, wherein the first control information is generated based on original control information, and the original control information indicates at least one of an original address to be accessed by the verification device and an original operation to be executed by the verification device;
obtaining original verification information;
determining first control information according to a signal to be checked; and
and checking the correctness of the first control information according to the original check information.
A second aspect of the invention relates to a first verification device comprising:
the first acquisition module is used for acquiring a signal to be verified carrying first control information, wherein the first control information is generated based on the original control information;
the second acquisition module is used for acquiring original verification information;
the determining module is used for determining first control information according to the signal to be checked; and
and the verification module is used for verifying the correctness of the first control information according to the original verification information.
A third aspect of the present disclosure relates to a first verification device comprising processor means and memory means storing a computer program which, when executed by the processor means, causes the processor means to:
obtaining a signal to be verified carrying first control information, wherein the first control information is generated based on original control information;
obtaining original verification information;
determining first control information according to a signal to be checked; and
and checking the correctness of the first control information according to the original check information.
A fourth aspect of the present disclosure relates to a second verification device comprising processor means and memory means storing a computer program which, when executed by the processor means, causes the processor means to:
receiving a control signal carrying original control information and original verification information;
generating second control information according to the original control information;
calculating second check information according to the second control information; and
it is determined whether the original check information corresponds to the second check information.
A fifth aspect of the invention relates to a system on chip comprising the first calibration device according to the third aspect or the second calibration device according to the fourth aspect.
Drawings
The accompanying drawings are included to provide a further understanding of the disclosure, and are incorporated in and constitute a part of this specification, illustrate the disclosure and together with the description serve to explain the principles of the disclosure.
FIG. 1 is a system diagram of a system applying a method of verifying a signal to be verified according to an embodiment of the present disclosure;
FIGS. 2a and 2b are system diagrams of signal flow and basic functions of various components according to embodiments of the present disclosure;
FIG. 3 is a flow chart of a method of verifying a signal to be verified according to an embodiment of the present disclosure; and
fig. 4 is a block diagram of a verification device according to an embodiment of the present disclosure.
Detailed Description
In the following description, reference is made to the accompanying drawings, which form a part hereof, and in which is shown by way of illustration specific aspects of embodiments of the disclosure or in which the disclosure may be used. It should be understood that embodiments of the present disclosure may be used in other aspects and include structural or logical changes not depicted in the drawings. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present disclosure is defined by the appended claims.
For example, it should be understood that the disclosure associated with the described methods may also apply to a corresponding device or system configured to perform the methods, and vice versa. For example, if one or more particular method steps are described, the corresponding apparatus may include one or more elements, e.g., functional elements, to perform the one or more described method steps (e.g., one element performing one or more steps, or a plurality of elements each performing one or more of a plurality of steps), even if such one or more elements are not explicitly described or illustrated in the figures. On the other hand, for example, if a specific apparatus, such as a functional unit, is described based on one or more units, the corresponding method may include one step of performing the function of the one or more units (e.g., one step of performing the function of the one or more units, or a plurality of steps of each performing the function of the one or more units), even if such one or more steps are not explicitly described or illustrated in the figures. Furthermore, it is to be understood that features of the various exemplary embodiments and/or aspects described herein may be combined with each other, unless specifically indicated otherwise.
In order to better describe the technical solution of the present disclosure, a related system will be first described with reference to fig. 1.
Fig. 1 is a system diagram of a system applying a verification method of a signal to be verified according to an embodiment of the present invention. As shown in fig. 1, the system may include at least one subsystem, such as subsystem 101 and subsystem 102 in fig. 1, forwarding device 103, memory controller 104, and memory 105 controlled by memory controller 104. In an embodiment, the system may further include a memory management unit (memory manage unit, MMU) 106 and a memory protection unit (memory protection unit, MPU) 107.
The subsystems 101 and 102 may interact with a central processing unit (central processor unit, CPU) (not shown) to perform the respective operations. Each subsystem may have different functions. For example, subsystem 101 may be an image signal processing (image signal processing, ISP) accelerator and subsystem 102 may be a deep learning accelerator (deep learning accelerator, DLA).
Reading or writing of data to the memory 105 may be accomplished through interaction between the above components. Taking the case of the subsystem 102 writing data into the memory 105, the subsystem 102 receives a control signal from the CPU and generates a virtual address based on the received control signal. The generated virtual address is then passed to MMU 106, and MMU 106 then translates the virtual address to a physical address and passes the physical address to forwarding device 103. The forwarding device 103, which may be a bus for example, may package the physical addresses of the plurality of requests together and then transmit the data packet to the MPU 107. The MPU 107 can then pass the physical address to the memory controller 104, and can then write the data value carried on the data bus into the physical address of the memory 105. The memory 105 herein may be a Double Data Rate (DDR) synchronous dynamic random access memory (synchronous dynamic random access memory, SDRAM). It may also be other types of memory that are accessible by the memory controller 104.
In the above procedure, different methods may be used to verify the integrity of the address in different components. Verification may be done at the subsystem, MMU, MPU, or forwarding device.
For example, for each requested virtual address, the subsystem may replicate the address generator, generate two addresses at different times, and compare the two generated addresses. If the two addresses do not match, an error is indicated.
Alternatively, at MMU 106, the virtual address space may be divided into three parts, where the first part is accessible only to subsystem 101, the second part is accessible only to subsystem 102, and the third part serves as a shared part, which is accessible to both subsystem 101 and subsystem 102. Upon receiving the virtual address requested by subsystem 102, MMU 106 may verify whether the virtual address is within a predefined range corresponding to subsystem 102, and once the virtual address requested by subsystem 102 passes the verification, MMU 106 may translate the virtual address into a physical address and pass it to forwarding device 103.
The above-described verification may also be performed at the MPU 107, and when the MPU 107 receives a physical address forwarded by the forwarding device 103, the MPU 107 may verify whether the physical address is within a predefined range corresponding to the main identification (master identifier, ID) of the subsystem 102. Once verified, this physical address may be passed to the memory controller 104.
As described above, the above-described verification may be superimposed, that is, the verification of the address may be performed at a plurality of places, or may be performed only once. However, the verification cost of the subsystem is high due to the redundancy of the address generator. The checking of MMU and MPU is based on time intervals, that is, checking is to determine whether the requested address is within a predefined address interval, and thus bit flipping may not be checked by these checks. Furthermore, since the signals passed from the subsystem to the memory controller must carry redundant bits to check or copy in hardware, it is possible to support the check at the forwarding device at high cost.
In view of the foregoing, the present disclosure provides a method for verifying the integrity of a signal to be verified at a low cost. The method will be described in detail below with reference to the accompanying drawings.
Fig. 2a is a system diagram illustrating signal flow and basic functionality of various components according to an embodiment of the present disclosure. In this disclosure, the CPU may send a control signal to a subsystem (any of the subsystems shown in fig. 1) that includes original control information (e.g., a starting address from which a series of addresses (address sequences) to be accessed by the subsystem and thereby by the memory controller may be derived) and then send original verification information to the memory controller, the original verification information being used to verify the correctness of the first control information received by the memory controller. The subsystem may then generate and send first control information in a signal to be verified, which is then received by the memory controller, which then monitors the signal to be verified, calculates first verification information based on the first control information, and compares the first verification information with the original verification information.
In an embodiment, as shown in fig. 2b, the above-described verification may also be performed at the subsystem. In this way, the CPU may send a control signal to the subsystem (any of the subsystems shown in fig. 1) comprising the original control information (e.g., a series of addresses to be accessed by the subsystem and further by the memory controller) and the original verification information, the subsystem may generate second control information, calculate second verification information based on the second control information, and compare the second verification information with the original verification information.
In both cases, either the verified signal or the signal to be verified transmitted by the subsystem to the memory controller may not contain hardware redundancy for verification, thus saving significant costs compared to existing subsystem-to-memory controller control signal verification methods.
Fig. 3 is a flow chart of a method of verifying a signal to be verified according to an embodiment of the present disclosure. The execution subject of the method may be a verification device. As shown in fig. 1, the verification device may be any subsystem, a memory controller, or other component capable of processing control signals, which is not limited herein. In the following description, a case where the verification device is a memory controller will be exemplified.
S301: the memory controller obtains a signal to be verified.
The signal to be verified carries first control information, the first control information can be generated by the subsystem based on original control information, and the original control information can be transmitted from the CPU to the subsystem.
The original control information may carry at least one or both of address information and operation information. In one embodiment, the original control information may indicate a first address to be accessed by the subsystem.
S302: the memory controller obtains the original verification information.
The memory controller may receive original verification information from the CPU, the verification information being used by the memory controller to verify the correctness of the first control information contained in the signal to be verified, the first control information being generated by the subsystem based on the original control information from the CPU.
The first control information may carry at least one or both of address information and operation information as original control information.
In an embodiment, the first control information may indicate a first address to be accessed by the memory controller. For example, the signal to be verified may be a signal carrying information indicating a physical address or a series of physical addresses for the memory controller to write data values to or to write data values to.
S303: the memory controller determines first control information according to the signal to be verified.
Upon receipt of the signal to be verified, the memory controller may determine the first control information in the signal to be verified as it contains the subsystem-generated first control information.
S304: the memory controller verifies the correctness of the first control information according to the original verification information.
The memory controller may create first check information based on the first control information and determine whether the original check information corresponds to the first check information.
In an embodiment, the memory controller may determine whether a predefined condition is satisfied between the original check information and the first check information. For example, the predefined condition may be that the original verification information is consistent with the first verification information, or the predefined condition may be that the original verification information and the first verification information match an expected value.
The memory controller may determine that the control signal is correct if the predefined condition is met, otherwise the memory controller marks an error.
In an embodiment, the original verification information and the first verification information are both calculated based on any one of: cyclic redundancy check (cyclic redundancy check, CRC), error checksum correction (error checking and correction, ECC) or parity check. The original check information and the first check information are calculated in the same method.
As mentioned above, the verification device may also be one of the subsystems. In this case, the following checks may be performed in the subsystem.
In general, the subsystem receives a control signal carrying original control information and original check information from the CPU, then generates second control information from the original control information, calculates second check information from the second control information, and determines whether the original check information corresponds to the second check information.
The subsystem herein may first obtain the control signal. In an embodiment, the control signal may be sent by the CPU and carry at least one or both of address information and operation information. Control signals herein may refer to all signals except data signals, e.g. control signals may carry information such as addresses and/or operations to be performed by the verification device.
In an embodiment, the control signal may carry raw control information to be performed by the verification device.
In one embodiment, the original control information may indicate an original address to be accessed by the subsystem. For example, the control signal may be a signal carrying information indicating a virtual address or a series of virtual addresses for verifying that a device writes data values to the virtual address or writes a plurality of data values to the virtual addresses.
In an embodiment, the raw control information may indicate a raw operation or a series of operations (sequence of operations) to be performed by the subsystem. For example, the control signal may be a signal carrying information instructing the subsystem to perform a write operation.
In one embodiment, the original control information may indicate an original address to be accessed by the subsystem and an original operation to be performed by the subsystem. For example, the control signal may be a signal carrying information that instructs the subsystem to write a virtual address.
It should be noted that the addresses may be a series of addresses. That is, the original control information may indicate a series of addresses to be accessed by the subsystem or a series of operations to be performed by the subsystem, or both. The original control information may be information indicating the address or the operation or both, or may be directly the address or the operation or both, and is not limited thereto.
The control signal may carry, in addition to the original control information to be executed by the subsystem, original verification information, which is pre-calculated and transmitted to the subsystem, for verifying the correctness of the generated control information.
And after the subsystem obtains the control signal, generating second control information according to the control signal.
In order to perform the corresponding operation, the verification device may generate the second control information according to the control signal.
As described above, the control signal may carry original control information indicating at least one of an original address to be accessed by the subsystem and an original operation to be performed by the subsystem, and the second control information may be generated based on the original control information. Accordingly, the second control information generated according to the original control information may include at least one of a second address corresponding to the original address and a second operation corresponding to the original operation.
The second control information corresponds to the original control information. That is, if the original control information indicates an original address to be accessed by the subsystem, the second control information includes a second address corresponding to the original address; if the original control information indicates an original operation to be performed by the subsystem, the second control information includes a second operation corresponding to the original operation. The second control information includes a second address corresponding to the original address and a second operation corresponding to the original operation if the original control information indicates both the original address to be accessed by the subsystem and the original operation to be performed by the subsystem.
Continuing with the above example, when the original control information indicates an original virtual address to have the subsystem write the data value to the virtual address, the subsystem generates second control information including a second address corresponding to the original virtual address, as described in step 201; when the original control information instructs the subsystem to perform a write operation, the subsystem also generates second control information corresponding to the write operation. If the original control information indicates both, corresponding second control information may be generated.
As described above, if the original control information indicates a virtual series of addresses to be accessed by the subsystem, the second control information may also include a corresponding virtual series of addresses.
And then the subsystem verifies the correctness of the second control information according to the original verification information.
After generating the second control information, the subsystem may perform a check to determine the correctness or integrity of the generated second control information.
And verifying based on the original verification information corresponding to the original control information and the second verification information corresponding to the second control information.
In an embodiment, the subsystem further calculates second check information based on the second control information after generating the second control information.
After obtaining the second verification information, the subsystem may determine whether the original verification information corresponds to the second verification information. In an embodiment, the subsystem may determine whether a predefined condition is met between the original verification information and the second verification information. For example, the predefined condition may be that the original verification information is consistent with the second verification information, or the predefined condition may be that the original verification information and the second verification information match expected values.
The subsystem may determine that the control signal is correct if the predefined condition is met, otherwise the subsystem marks an error.
In an embodiment, the original verification information and the second verification information are both calculated based on any one of: cyclic Redundancy Check (CRC), error Correction and Correction (ECC), or parity. The original check information and the second check information are calculated in the same way.
As can be seen from the above description, the original verification information is determined after receiving the control signal, and in actual operation, when the CPU sends an instruction to the subsystem (e.g., the accelerator), the original verification information may be pre-calculated at the CPU and then transmitted to the accelerator along with the instruction, or may be calculated by the accelerator before the second control information is generated, so that the control signal (which may be an address or control signaling) may be verified with minimal hardware area/cost and minimal or no computational overhead.
The verification may also be performed at the memory controller, in which case the signal to be verified may no longer contain redundant bits for verification, compared to the existing control signals passed from the subsystem to the memory controller, thus saving costs. The check at the memory controller may ensure higher accuracy at the cost of more complexity, as the check in this case encompasses more components.
The above method may be applied to check the integrity of control signals in many scenarios. For example, in processing an image, a frame of data may be read or written from a fixed buffer at a determined frequency, in which case the manner in which the buffer is accessed is deterministic in nature. It is assumed that two buffers (buffer a and buffer B) are provided for an application to read data from or write data to the memory. The number of buffers herein is for illustration only and may vary depending on the situation.
Taking a read operation as an example, the above method may be performed as follows:
in step S201, the subsystem may receive a read signal, which may include:
two start pointers indicating the start addresses to be read by the subsystem in the two buffers;
two maximum transaction lengths, indicating the maximum address interval for the subsystem to read in the two buffers;
the number of times the read operation is performed; and
an address increment indicating the size of the space between two adjacent addresses in a series of addresses.
In the example below, it is assumed that there is one two lines/slice frame with a buffer step size of 4096 bytes. The buffer (and thus the start pointer) is typically allocated at application start-up and fixed prior to application.
For buffer a, the start pointer of buffer a in the original slice of the original frame=0xe000_0000, the start pointer of buffer a in the second slice of the original frame=0xe000_1000, the number of times the read operation is performed=1, and the address increment=0x7. For buffer B, the start pointer of buffer B in the original slice of the original frame=0xe600_0000, the start pointer of buffer B in the second slice of the original frame=0xe600_1000, the address increment=0x7, the number of times the read operation is performed=1.
In this example, the original control information calculated in advance is not included in the read signal, and thus in step S202, the original control information may be determined and then calculated based on the original control information. It should be noted that if the read command contains the pre-calculated original control information, the determination of the pre-calculated original control information may be just the read signal.
Starting from the start pointer and incrementing it by an address increment each time until the maximum address increment is reached, the subsystem can determine the original control information as a series of addresses for both buffers. As shown in tables I through IV. Tables I and II show a series of addresses of the original control information determined as the original frame, and tables III and IV show a series of addresses of the original control information determined as the second frame. For purposes of illustration, only four addresses are listed in the table herein.
TABLE I
Table II
Table III
Table IV
For buffer a, the original control information includes a series of addresses of an original slice of an original frame (0xe000_0000, 0xe000_0100,0xe000_0200,0xe000_0300 shown in table I) and a series of addresses of a second slice of the original frame (0xe000_1000, 0xe000_1100,0xe000_1200,0xe000_1300 shown in table II); for buffer B, a series of addresses of the original slice of the original frame (0xe600_0000, 0xe600_0100,0xe600_0200,0xe600_0300, for example) and a series of addresses of the second slice of the second frame (0xe600_1000, 0xe600_1100,0xe600_1200,0xe600_1300, as shown in table IV).
After determining the original control information, the subsystem may calculate original verification information based thereon. The original verification information corresponding to the original control information may be calculated based on a predefined rule. Predefined rules herein define methods and units for calculating the verification information. As described in step S204, the method may be any one of CRC, ECC, parity, or any other checking method, which is not limited herein. The unit for calculating the verification information may be changed according to actual needs. Higher accuracy can be achieved with smaller units, but at higher cost.
For example, if the verification is implemented using a CRC, the original verification information may be a pre-computed CRC for a range of addresses.
If the calculation unit is one CRC per slice, four pre-calculated CRCs can be calculated as original check information based on the original control information (a series of addresses of two slices of two frames), including: an original pre-computed CRC computed based on a series of addresses (0xE000_0000, 0xE000_0100,0xE000_0200,0xE000_0300 in Table I) of the original slice of the original frame; a second pre-computed CRC computed based on a series of addresses of a second slice of the original frame (0xE000_1000, 0xE000_1100,0xE000_1200,0xE000_1300 in Table II); a third pre-computed CRC computed based on a series of addresses (0xE600_0000, 0xE600_0100,0xE600_0200,0xE600_0300 in Table III) of the original slice of the second frame; and a fourth pre-computed CRC computed based on a series of addresses of the second slice of the second frame (0xE600_1000, 0xE600_1100,0xE600_1200,0xE600_1300 in Table IV).
If the calculation unit is one CRC per frame, two pre-calculated CRCs may be calculated as original check information based on original control information (a series of addresses of two sheets of two frames), including a second pre-calculated CRC calculated based on a series of addresses of the original frames (0xe000_0000, 0xe000_0100,0xe000_0200,0xe000_0300,0xe000_1000,0xe000_1100,0xe000_1200, 0xe000_1300) and a second pre-calculated CRC calculated based on a series of addresses of the second frame (0xe600_0000, 0xe600_0100,0xe600_0200,0xe600_0300,0xe600_1000,0xe600_1100,0xe600_1200, 0xe600_1300) in tables I and II.
In step 203, the subsystem may generate second control information from the original control information. As described above, the generated second control information may be a series of addresses of two buffers. For example, for buffer a, the second control information includes a series of addresses generated for two slices of two frames.
In one embodiment, the control signal may include a burst signal indicating an address increment. The increment may vary within a slice. As shown in table I, where the burst is equal to 0x7, for buffer a, if the increment is 0x7 from the third address in the original tile to 0x3, then a series of addresses in the original tile can be determined as 0xe000_0000,0xe000_0100,0xe000_0200, and 0xe000_0280. In practice, the increment may vary according to actual needs.
In step S204, the subsystem verifies the correctness of the second control information according to the original verification information. In essence, second check information corresponding to the second control information may be calculated based on predefined rules, and then the correctness of the second control information may be determined by comparing the second check information with pre-calculated original check information. Predefined rules herein define methods and units for calculating verification information. As described in step S204, the method may be any of CRC, ECC, parity, or any other checking method, which is not limited herein. The unit for calculating the verification information may be changed according to actual needs. Higher accuracy can be achieved with smaller units, but at higher cost.
For example, if the verification is implemented using a CRC, the original verification information may be a pre-computed CRC for a range of addresses.
If the calculation unit is one CRC per slice, four generated CRCs may also be calculated as second check information including an original generated CRC of the original slice of the original frame, a second generated CRC of the second slice of the original frame, a third generated CRC of the original slice of the second frame, and a fourth generated CRC of the second slice of the second frame, based on second control information (a generated address sequence of two slices of two frames) similarly to the calculation of the original check information.
If the calculation unit is one CRC per frame, two generated CRCs may also be calculated as second check information, including the original generated CRC of the original frame and the second generated CRC of the second frame, based on second control information (a generated address sequence of two pieces of two frames) similarly to the calculation of the original check information.
After the subsystem obtains the original and second verification information, the verification information may be compared to verify the correctness or integrity of the control signal. For example, the pre-calculated CRC may be used as the original check information, compared with the corresponding generated CRC, and if the two CRCs agree, the control signal is determined to be correct; otherwise, an error may be indicated. Alternatively, if the two CRCs match the expected value, an error may be indicated if there is an increment.
As mentioned above, the above-described method for verifying a signal to be verified can be performed in a subsystem, i.e. at the beginning of the system shown in fig. 1, so that the verification of the control signal (including information about the address and/or the operation to be performed) is achieved at a lower cost. In addition, by verifying a series of addresses generated by the source (subsystem), verification efficiency may be improved. Compared with other techniques in the prior art, CRC/ECC computation on the address/control channel is performed before the (deterministic) transaction, possibly once at the beginning of the application, thus saving chip power consumption, CPU/DSP computing resources and chip DDR bandwidth. In addition, since address and control signals are checked before accessing the memory, there is no need to add redundancy bits when transmitting data or control signals, thereby saving bandwidth and implementation costs, and achieving reliability and functional security of existing designs with minimal overhead. In addition, the technical solution of the present disclosure provides reliability/functional security of paths in existing chips (based on security use cases).
The above description of the calculation and verification of the CRC may also be applied to the memory controller and will not be described in detail here for brevity.
It should be noted that, the interaction between the subsystem and the CPU is similar to the interaction between the memory and the subsystem, and when the method is executed by the memory controller, the virtual address may be replaced by a corresponding physical address, and other operations may be similar to the execution of the subsystem, which will not be repeated herein.
Fig. 4 is a block diagram of a first verification device according to an embodiment of the present disclosure. The first verification device 400 comprises a first obtaining module 401, a second obtaining module 402, a determining module 403 and a verification module 404.
A first obtaining module 401, configured to obtain a signal to be verified that carries first control information, where the first control information is generated based on original control information; a second obtaining module 402, configured to obtain original verification information; a determining module 403, configured to determine first control information according to a signal to be verified; and the verification module 404 is configured to verify the correctness of the first control information according to the original verification information.
In one embodiment, the verification module 404 is configured to: generating first check information based on the first control information; it is determined whether the original check information corresponds to the first check information.
The present disclosure also provides a first verification device comprising a processor means and a memory means. The storage means may store a computer program and the processor means may execute the computer program stored in the storage means.
In an embodiment, the processor may invoke a computer program stored in the storage device to perform the corresponding operations of the memory controller in the method embodiment, which are not described in detail for brevity.
The present disclosure also provides a second verification device comprising a processor means and a memory means. The storage means may store a computer program and the processor means may execute the computer program stored in the storage means.
In an embodiment, the processor may call a computer program stored in the storage device to execute the corresponding operation of the subsystem in the method embodiment, which is not described in detail for brevity.
The disclosure also provides a system on a chip, which comprises a verification device, wherein the verification device realizes the verification method of the signal to be verified in the embodiment of the method.
The terms first, second and the like in the description and in the claims and in the above figures are used for distinguishing between different objects and not necessarily for describing a particular sequential or chronological order.
The terms "and/or" and the like in the embodiments of the present disclosure are used only to describe the relationship between the associated objects, meaning that three relationships are possible, e.g., a and/or B may mean that only A, A and B are both present, and only B is present.
The terms "a" or "an" are not intended to specify one or a single element, but rather may be used to denote multiple elements where appropriate.
It will be further understood that the terms "comprises," "comprising," "includes," "including" and/or variations thereof, when used in this specification, specify the presence of stated features, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, elements, components, and/or groups thereof. Conversely, when used in this specification, the term "consisting of" or "comprises … …" designates a feature, step, operation, element and/or component, and excludes additional features, steps, operations, elements and/or components.
In the presently disclosed embodiments, the expressions "exemplary" or "such as" and the like are used to indicate illustrations of examples or instances. In embodiments of the present disclosure, any embodiment or design described as "exemplary" or "e.g." should not be construed as preferred or advantageous over other embodiments or designs. In particular, the use of "exemplary" or "e.g." is intended to present the relevant concepts in a specific manner.
In one or more examples, the described functionality may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium, as well as executed by a hardware-based processing unit. A computer-readable medium may include a computer-readable storage medium corresponding to a tangible medium, such as a data storage medium, or a communication medium, including any medium that facilitates transfer of a computer program (e.g., according to a communication protocol) from one place to another. In this manner, a computer-readable medium may generally correspond to (1) a non-transitory tangible computer-readable storage medium or (2) a communication medium such as a signal or carrier wave. Data storage media may be any available media that can be accessed by one or more computers or one or more processors to retrieve instructions, code and/or data structures for implementing the techniques described in this disclosure. The computer program product may include a computer-readable medium.
By way of example, and not limitation, such computer-readable storage media can comprise random access memory (random access memory, RAM), read-only memory (ROM), electrically erasable programmable ROM (electrically erasable programmable ROM), compact disk ROM (CD-ROM) or other optical disk storage, magnetic disk storage or other magnetic storage devices, flash memory, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer. Further, any connection is properly termed a computer-readable medium. For example, if the instructions are transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (digital subscriber line, DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. However, it should be understood that computer-readable storage media and data storage media do not include connections, carrier waves, signals, or other transitory media, but are instead directed to non-transitory, tangible storage media. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, digital versatile disc (digital versatile disc, DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
The instructions may be executed by one or more processors, such as one or more digital signal processors (digital signal processor, DSP), general purpose microprocessor, application specific integrated circuit (application specific integrated circuit, ASIC), field programmable logic array (field programmable logic array, FPGA), or other equivalent integrated or discrete logic circuitry. Thus, the term "processor" as used herein may refer to any of the foregoing structure or any other structure suitable for implementation of the techniques described herein. Furthermore, in some aspects, the functionality described herein may be provided within dedicated hardware and/or software modules configured for encoding and decoding, or incorporated into a combined codec. Furthermore, the techniques may be fully implemented in one or more circuits or logic elements.
The techniques of this disclosure may be implemented in a variety of devices or apparatuses including a wireless handset, an integrated circuit (integrated circuit, IC), or a set of ICs (e.g., a chipset). Various components, modules, or units are described in this disclosure to emphasize functional aspects of the devices for performing the disclosed techniques, but do not necessarily require realization by different hardware units. Rather, as noted above, the various units may be incorporated in a codec hardware unit or provided by a collection of interoperable hardware units including one or more processors as described above, along with appropriate software and/or firmware.
It will be understood that when an element or component is referred to herein as being "connected" or "coupled" to another element or component, it can be connected or coupled to the other element or component or intervening elements or components may also be present. In contrast, when an element or component is referred to as being "directly connected to" or "directly coupled to" another element or component, there are no intervening elements or components present therebetween.
While this invention has been described herein with reference to illustrative embodiments, this description is not intended to be construed in a limiting sense. Rather, the purpose of the illustrative embodiments is to provide those skilled in the art with a better understanding of the spirit of the invention. Many details of well-known processes and manufacturing techniques have been omitted so as not to obscure the scope of the invention. Various modifications of the illustrative embodiments, as well as other embodiments, will be apparent to persons skilled in the art upon reference to the description. Accordingly, the appended claims are intended to cover any such modifications.
Furthermore, some of the features of the preferred embodiments of this invention could be used to advantage without the corresponding use of other features. Thus, the foregoing description should be considered as merely illustrative of the principles of the present invention, and not in limitation thereof. Those skilled in the art will appreciate variations from the foregoing embodiments that fall within the scope of the invention. Thus, the present invention is not limited to the specific embodiments and descriptions discussed above, but is limited by the following claims and their equivalents.
Claims (10)
1. A method for verifying a signal to be verified comprises the following steps:
the memory controller obtains the signal to be verified carrying first control information from a subsystem, wherein the first control information is generated by the subsystem based on original control information, and the subsystem is an image processing ISP accelerator or a deep learning accelerator DLA;
the memory controller obtains original verification information from a Central Processing Unit (CPU);
the memory controller determines the first control information according to the signal to be verified; and
the memory controller verifies the correctness of the first control information according to the original verification information;
the method further comprises the steps of:
the subsystem receives a control signal carrying the original control information and the original verification information;
the subsystem generates second control information according to the original control information;
the subsystem calculates second check information according to the second control information; and
the subsystem determines whether the original verification information corresponds to the second verification information.
2. The method of claim 1, wherein the memory controller verifying the correctness of the first control information based on the original verification information comprises:
generating first check information based on the first control information; and
determining whether the original verification information corresponds to the first verification information.
3. The method of claim 1, wherein the original control information indicates at least one of an original address to be accessed by a verification device and an original operation to be performed by the verification device.
4. A method according to claim 3, wherein the first control information indicates at least one of a first address corresponding to the original address and a first operation corresponding to the original operation.
5. A method according to claim 3, wherein the second control information comprises at least one of a second address corresponding to the original address and a second operation corresponding to the original operation.
6. The method of claim 2, wherein the first verification information is calculated based on any one of: cyclic redundancy check, CRC, error check, and correction ECC or parity check.
7. The method of claim 1, wherein the second verification information is calculated based on any one of: cyclic redundancy check, CRC, error check, and correction ECC or parity check.
8. The method of any of claims 1-7, wherein the original verification information is calculated based on any of: cyclic redundancy check, CRC, error check, and correction ECC or parity check.
9. A system on a chip comprising a first verification device and a second verification device;
the first verification device is used for:
obtaining a signal to be verified carrying first control information from the second verification device, wherein the first control information is generated by the second verification device based on original control information, and the second verification device is an image processing ISP or an accelerator deep learning accelerator DLA;
obtaining original verification information from a Central Processing Unit (CPU);
determining the first control information according to the signal to be verified; and
checking the correctness of the first control information according to the original check information;
the second checking device is configured to:
receiving a control signal carrying original control information and original verification information;
generating second control information according to the original control information;
calculating second check information according to the second control information; and
determining whether the original verification information corresponds to the second verification information.
10. The system on a chip of claim 9, wherein the first verification device is further to:
generating first check information based on the first control information; and
determining whether the original verification information corresponds to the first verification information.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2019/081051 WO2020199133A1 (en) | 2019-04-02 | 2019-04-02 | Method for checking address and control signal integrity in functional safety applications, related products |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113454611A CN113454611A (en) | 2021-09-28 |
| CN113454611B true CN113454611B (en) | 2024-01-23 |
Family
ID=72664715
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201980091540.6A Active CN113454611B (en) | 2019-04-02 | 2019-04-02 | Method for verifying the integrity of address and control signals, and related products |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN113454611B (en) |
| WO (1) | WO2020199133A1 (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105868125A (en) * | 2015-01-23 | 2016-08-17 | 澜起科技(上海)有限公司 | Buffer memory as well as apparatus and method used for controlling internal memory data access |
| CN107557984A (en) * | 2017-08-25 | 2018-01-09 | 肇庆市立泰电子产品有限公司 | A kind of high performance needle selection device knitting machine parallel data transmission agreement |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9286245B2 (en) * | 2011-12-30 | 2016-03-15 | Intel Corporation | Hardware enforced memory access permissions |
| KR20150142850A (en) * | 2014-06-12 | 2015-12-23 | 에스케이하이닉스 주식회사 | Semiconductor Memory Apparatus and Training method using the same |
-
2019
- 2019-04-02 CN CN201980091540.6A patent/CN113454611B/en active Active
- 2019-04-02 WO PCT/CN2019/081051 patent/WO2020199133A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105868125A (en) * | 2015-01-23 | 2016-08-17 | 澜起科技(上海)有限公司 | Buffer memory as well as apparatus and method used for controlling internal memory data access |
| CN107557984A (en) * | 2017-08-25 | 2018-01-09 | 肇庆市立泰电子产品有限公司 | A kind of high performance needle selection device knitting machine parallel data transmission agreement |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020199133A1 (en) | 2020-10-08 |
| CN113454611A (en) | 2021-09-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101500635B1 (en) | Ecc implantation in non-ecc components | |
| KR101093857B1 (en) | Systems, methods, and apparatuses to transfer data and data mask bits in a common frame with a shared error bit code | |
| US8996828B2 (en) | Systems and methods for migrating data | |
| US8145840B2 (en) | Method and system for storing excess data in a redundant array of independent disk level 6 | |
| US10911181B2 (en) | Method for checking address and control signal integrity in functional safety applications, related products | |
| US9665423B2 (en) | End-to-end error detection and correction | |
| US7376886B2 (en) | Method and related apparatus for data error checking | |
| US12013756B2 (en) | Method and memory system for writing data to dram submodules based on the data traffic demand | |
| WO2020181473A1 (en) | CIRCUIT STRUCTURE, SYSTEM ON CHIP (SoC), AND DATA PROCESSING METHOD | |
| US20160004592A1 (en) | Method for detecting error of data, storage device, and recording medium | |
| CN113454611B (en) | Method for verifying the integrity of address and control signals, and related products | |
| WO2015165202A1 (en) | Hamming code-based data access method and integrated random access memory | |
| JP4839364B2 (en) | Combined command and data code | |
| US10044500B2 (en) | Error correction coding redundancy based data hashing | |
| US11636915B2 (en) | Command/address channel error detection | |
| CN115129509B (en) | Data transmission method, device and medium | |
| CN116501536A (en) | AXI interconnection module checking, checking and protecting method, device and storage medium | |
| US7213180B2 (en) | Bus bridge circuit, bus connection system, and data error notification method for bus bridge circuit | |
| CN115827304A (en) | System and method for checking on-chip high-speed bus data | |
| WO2017166845A1 (en) | Data processing device and data processing method | |
| US9348744B2 (en) | Implementing enhanced reliability of systems utilizing dual port DRAM | |
| US20130111303A1 (en) | Single error correction & device failure detection for x8 sdram devices in bl8 memory operation | |
| CN110543790B (en) | Method, apparatus, device and computer readable medium for accessing memory | |
| US7526714B2 (en) | Apparatus for checking data coherence, raid controller and storage system having the same, and method therefor | |
| US10740179B2 (en) | Memory and method for operating the memory |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |