CN116938451A - Password operation method, device, system on chip and equipment - Google Patents

Password operation method, device, system on chip and equipment Download PDF

Info

Publication number
CN116938451A
CN116938451A CN202311181978.8A CN202311181978A CN116938451A CN 116938451 A CN116938451 A CN 116938451A CN 202311181978 A CN202311181978 A CN 202311181978A CN 116938451 A CN116938451 A CN 116938451A
Authority
CN
China
Prior art keywords
bus
target
information
unit
chip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202311181978.8A
Other languages
Chinese (zh)
Other versions
CN116938451B (en
Inventor
吴欢欢
赵清虎
朱青山
谢文俊
田雅芳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Phytium Technology Co Ltd
Original Assignee
Phytium Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Phytium Technology Co Ltd filed Critical Phytium Technology Co Ltd
Priority to CN202311181978.8A priority Critical patent/CN116938451B/en
Publication of CN116938451A publication Critical patent/CN116938451A/en
Application granted granted Critical
Publication of CN116938451B publication Critical patent/CN116938451B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/76Architectures of general purpose stored program computers
    • G06F15/78Architectures of general purpose stored program computers comprising a single central processing unit
    • G06F15/7807System on chip, i.e. computer system on a single chip; System in package, i.e. computer system on one or more chips in a single package
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The application provides a password operation method, a device, a system on chip and equipment, which are applied to the technical field of computers.

Description

Password operation method, device, system on chip and equipment
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, a system on a chip, and a device for cryptographic operation.
Background
Fig. 1 is a schematic diagram of a typical SoC (System on Chip) Chip in the prior art, where the SoC Chip includes a processor 101 and a plurality of functional units, such as a memory controller 102, a peripheral controller 103, and a multimedia controller 104, and the units are connected by a bus 105. The processor 101 and the functional units may communicate with each other via a bus 105.
As the integration level of SoC chips is continuously improved, the bus information transmitted by the bus 105 is also continuously increased, so that the cryptographic operation method implemented based on the bus information needs to process massive information, seriously affects the processing efficiency of cryptographic operation, and is difficult to meet the actual application requirements.
Disclosure of Invention
In view of this, the present application is directed to providing a method, an apparatus, a system on a chip and a device for cryptographic operation, which improve the processing efficiency of the cryptographic operation and meet the actual application requirements.
In a first aspect, the present application provides a cryptographic operation method, applied to a system on a chip, where the system on a chip includes a control unit, a bus monitoring unit, and a cryptographic operation unit that are sequentially connected, the method includes the following steps executed by the bus monitoring unit: receiving a monitoring enabling instruction sent by the control unit; responding to the monitoring enabling instruction, analyzing a target bus signal to obtain a bus request, and extracting target bus information in the bus request, wherein the target bus signal is a bus signal of one path of target bus to be monitored in the multi-path bus in the system on chip; extracting target data in the target bus information according to preset tracking conditions; and sending the target data to the password operation unit to trigger the password operation unit to execute password operation.
In the application, a control unit outputs a monitoring enabling instruction, a bus monitoring unit responds to the monitoring enabling instruction to analyze a target bus signal to obtain a bus request, target bus information in the bus request is extracted, and after target data in the target bus information is extracted according to a preset tracking condition, the target data is sent to a password operation unit so as to trigger the password operation unit to execute password operation. In the method, the target bus signal is a bus signal of one target bus to be monitored in the multipath buses in the system on chip, only one target bus in the multipath buses is monitored, and only target data in target bus information of a bus request is extracted for the password operation.
Further, the acquisition of the target bus information is controlled by the monitoring enabling instruction, the target bus information is not acquired at any time, and the operation time of the bus monitoring unit can be controlled by the monitoring enabling instruction, so that the power consumption of the bus monitoring unit is reduced.
In one possible implementation, extracting the target bus information in the bus request includes: determining whether the bus request conforms to a bus protocol supported by the target bus; if the bus request accords with the bus protocol supported by the target bus, extracting target bus information in the bus request according to a preset filtering condition; the preset filtering condition is set based on at least one of data volume of the bus request, an address corresponding to the bus request and an identification corresponding to the bus request.
In the application, an optional setting mode of preset filtering conditions is provided in combination with actual operation requirements, and meanwhile, before target bus information is extracted, whether the bus request accords with the bus protocol supported by the target bus is judged, the target bus information is extracted according to the preset filtering conditions only under the condition that the bus request accords with the bus protocol supported by the target bus, based on the condition, the bus request which does not accord with the bus protocol supported by the target bus can be effectively filtered, and meanwhile, the target bus information in the bus request which accords with the bus protocol supported by the target bus is extracted in combination with the preset filtering conditions, so that the finally obtained target bus information is effective and has less data quantity, the data quantity of the bus information can be effectively reduced, and the processing efficiency of the password operation is further improved.
In one possible implementation manner, the extracting the target data in the target bus information according to the preset tracking condition includes: determining whether the target bus information comprises indication information which characterizes that the target bus information is effective; and if the indication information is included, extracting target data in the target bus information according to a preset tracking condition.
In the application, whether the target bus information is effective is further judged, the target data can be extracted according to the preset tracking condition only under the condition that the target bus information is effective, the validity of the extracted target data can be ensured, and the reliability of the password operation result can be further ensured.
In one possible implementation manner, before extracting the target data in the target bus information according to a preset tracking condition, the method further includes: acquiring transaction characteristics, and setting the preset tracking conditions based on the transaction characteristics; wherein the transaction characteristic comprises at least one of an address of the bus request, an identification of the bus request, a data content in the bus information, and a response content of the bus request.
In the password operation method provided by the application, the transaction characteristics can be selected according to the actual operation requirements, the preset tracking conditions are set by combining the transaction characteristics, so that the target data extracted according to the preset tracking conditions can meet the actual requirements of the password operation, meanwhile, the screening and filtering of the target data can be realized through the preset tracking conditions, the data volume of the target data can be reduced, the logic overhead of bus monitoring can be reduced, and the processing efficiency of the password operation can be improved.
In a possible implementation manner, the cryptographic operation method provided in the first aspect of the present application further includes: receiving a storage instruction sent by the control unit; the storage instruction is used for indicating to store the target data to a target storage space, wherein the target storage space comprises a storage space inside the system on chip or a storage space outside the system on chip; and storing the target data to the target storage space based on the storage instruction.
In the application, a plurality of storage options are provided, the storage space for storing the target data can be selected according to the storage instruction, and the target data can be stored in the storage space inside the system on chip under the condition that the data volume of the target data is smaller, compared with the mode of simply storing the bus information in the external storage space of the system on chip in the prior art, the clock frequency of the internal storage space of the system on chip can be basically kept synchronous with the clock frequency of the target bus, so that the overflow of the target data can be effectively avoided, and the data integrity is ensured; under the condition that the storage space inside the system on chip is used up, the target data can be directly stored in the storage space outside the system on chip, so that the storage of mass data is realized, and the loss and omission of the target data are effectively avoided.
In a possible implementation manner, the cryptographic operation method provided in the first aspect of the present application further includes: and counting reference information used for representing the operation performance of the target bus in the target bus information, wherein the reference information comprises at least one of the number of various types of requests and the delay time between bus requests.
In the password operation method provided by the application, the reference information for representing the operation performance of the target bus is counted, the operation performance of the target bus can be analyzed based on the obtained reference information, and a reference basis is provided for improving the information transmission efficiency of the target bus and the operation performance of the whole system on chip.
In one possible implementation manner, counting the reference information used for characterizing the operation performance of the target bus in the target bus information includes: and responding to the statistics enabling instruction, and counting the reference information in the plurality of pieces of target bus information extracted in the preset time length.
In the application, the acquisition time length of the reference information is limited, and the data volume of the reference information can be selected by setting the preset time length, so that different bus monitoring requirements are met.
In one possible implementation manner, the counting the reference information in the plurality of target bus information extracted in the preset time period includes: respectively determining whether each piece of target bus information extracted in the preset time period comprises indication information representing that the target bus information is effective; and counting the reference information in the target bus information comprising the indication information.
In the application, before the reference information is extracted, whether the target bus information is effective or not is judged, the interference of the ineffective bus information is effectively filtered, the extracted reference information is ensured to be from the effective target bus information, the reliability of the reference information is high, and the accuracy of the bus performance analysis result is improved.
In a second aspect, the present application provides a cryptographic operation method, applied to a system on chip, where the system on chip includes a control unit, a bus monitoring unit, and a cryptographic operation unit that are sequentially connected, the cryptographic operation method includes the following steps executed by the control unit: and sending a monitoring enabling instruction, wherein the monitoring enabling instruction is used for controlling the bus monitoring unit to extract target bus information based on target bus signals and extracting target data in the target bus information according to preset tracking conditions, the target bus signals are bus signals of one target bus to be monitored in the multi-path buses in the system on chip, and the target data are used for triggering the password operation unit to execute password operation.
In the application, a control unit outputs a monitoring enabling instruction, a bus monitoring unit responds to the monitoring enabling instruction to analyze a target bus signal to obtain a bus request, target bus information in the bus request is extracted, and after target data in the target bus information is extracted according to a preset tracking condition, the target data is sent to a password operation unit so as to trigger the password operation unit to execute password operation. In the method, the target bus signal is a bus signal of one target bus to be monitored in the multipath buses in the system on chip, only one target bus in the multipath buses is monitored, and only target data in target bus information of a bus request is extracted for the password operation.
In a possible implementation manner, the cryptographic operation method provided in the second aspect of the present application further includes: transmitting a transaction characteristic so that the bus monitoring unit sets the preset tracking condition based on the transaction characteristic; wherein the transaction characteristic includes at least one of an address of the request, an identification of the request, data content in the bus information, and response content of the request.
In the password operation method provided by the application, the control unit sends the transaction characteristics to the bus monitoring unit according to the actual monitoring requirements, the bus monitoring unit sets the preset tracking conditions in combination with the transaction characteristics, so that the target data extracted according to the preset tracking conditions can meet the actual requirements of the password operation, meanwhile, the screening and filtering of the target data can be realized through the preset tracking conditions, the data size of the target data can be reduced, the logic overhead of bus monitoring can be reduced, and meanwhile, the processing efficiency of the password operation can be improved.
In a possible implementation manner, the cryptographic operation method provided in the second aspect of the present application further includes: and sending a storage instruction, wherein the storage instruction is used for instructing the bus monitoring unit to store the target data into a storage space inside the system-on-chip or a storage space outside the system-on-chip.
In the application, the control unit realizes the selection of the storage space of the target data through the storage instruction, so that the storage of the target data is more flexible, different data storage requirements can be met, and the target data can be stored in the storage space inside the system on chip under the condition that the data volume of the target data is smaller, compared with the mode of simply storing the bus information in the external storage space of the system on chip in the prior art, the clock frequency of the internal storage space of the system on chip can be basically synchronous with the clock frequency of the target bus, thereby effectively avoiding the overflow of the target data and ensuring the integrity of the data; and under the condition that the data volume of the target data is large, the target data can be directly stored in a storage space outside the system on chip, so that the storage of mass data is realized, and the loss and omission of the target data are effectively avoided.
In a possible implementation manner, the cryptographic operation method provided in the second aspect of the present application further includes: and sending a statistics enabling instruction, wherein the statistics enabling instruction is used for controlling the bus monitoring unit to count reference information used for representing the running performance of the target bus in the target bus information.
In the application, the control unit controls the operation of the bus monitoring unit through the statistics enabling instruction, acquires the reference information when the bus operation performance needs to be analyzed, and provides a reference basis for improving the information transmission efficiency of the target bus and the operation performance of the whole system on chip.
In one possible implementation manner, the bus monitoring unit is provided with a clock control unit for controlling a clock signal, and the cryptographic operation method provided in the second aspect of the present application further includes: the clock control unit is controlled to turn off the clock signal of the bus monitoring unit without monitoring any bus.
In the application, the control unit controls the running state of the clock unit in the bus monitoring unit, and controls the clock unit to be closed under the condition that no password operation is needed based on any bus, and each component unit in the bus monitoring unit stops running, thereby effectively reducing the overall power consumption of the bus monitoring unit.
In a third aspect, the present application provides a bus monitoring unit applied to a system on a chip, the system on a chip including a control unit and the bus monitoring unit, wherein the bus monitoring unit performs the cryptographic operation method according to any one of the first aspects of the present application.
In a fourth aspect, the present invention provides a control unit applied to a system on a chip, the system on a chip comprising a bus monitoring unit and the control unit, wherein the control unit performs the cryptographic operation method according to any one of the second aspects of the present invention.
In a fifth aspect, the present invention provides a system on a chip, comprising: the device comprises a processor, a bus, at least one functional unit, a control unit according to a fourth aspect of the invention, a bus monitoring unit according to a third aspect of the invention and a password operation unit, wherein the processor is respectively in communication connection with each functional unit through the bus; the bus monitoring unit is respectively connected with the control unit, the password operation unit and the bus.
In a sixth aspect, the invention provides a computer device comprising a system on a chip according to the fifth aspect of the invention.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of a SoC chip in the prior art.
Fig. 2 is a schematic structural diagram of a system on a chip according to an embodiment of the present application.
Fig. 3 is a flowchart of a cryptographic operation method according to an embodiment of the present application.
Fig. 4 is a flowchart of another cryptographic operation method according to an embodiment of the present application.
Fig. 5 is a flowchart of another method for cryptographic operation according to an embodiment of the present application.
Fig. 6 is a flowchart of another method for cryptographic operation according to an embodiment of the present application.
Fig. 7 is a schematic structural diagram of another system-on-chip provided in an embodiment of the present application.
Fig. 8 is a schematic structural diagram of yet another system-on-chip provided in an embodiment of the present application.
Fig. 9 is a schematic structural diagram of yet another system-on-chip provided in an embodiment of the present application.
Fig. 10 is a schematic structural diagram of yet another system-on-chip provided in an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
A System on Chip (SoC) refers to an integrated circuit that integrates a complete computer System on a Chip. A system on a chip typically includes a processor, a bus, an input-output interface, and a plurality of functional modules to implement a single functional system, where the functional modules within the system on a chip include, but are not limited to, a memory controller, a peripheral controller, and a multimedia controller.
Fig. 1 is a schematic diagram of a typical system on a chip in the prior art, where the system includes a processor 101 and a plurality of functional units, such as a memory controller 102, a peripheral controller 103, and a multimedia controller 104, which are connected by a bus 105. The processor 101 and the functional units may communicate with each other via a bus 105.
In recent years, development of computer technology and actual application demands push the integration level of the on-chip system to be improved, and the amount of information transferred between each component unit in a chip through a bus is increased rapidly, so that a password operation method realized based on bus information needs to process mass information, the processing efficiency of password operation is seriously affected, and the actual application demands are difficult to meet.
To solve this problem, the present invention provides a system on chip, as shown in fig. 2, including: processor 101, bus 105, at least one functional unit (illustrated as memory controller 102, peripheral controller 103, and multimedia controller 104), control unit 201, bus monitoring unit 202, and cryptographic operation unit 203. The processor 101 is respectively connected with the functional units through the bus 105 in a communication way, and the functional units can be mutually connected through the bus 105 according to own communication requirements.
It should be noted that, the bus 105 shown in fig. 2 is only a simple illustration of the connection relationship between the processor 101 and each functional unit, and is not an actual arrangement of the system-on-chip internal bus 105, in an actual application, the internal bus of the system-on-chip includes multiple paths, and the bus type may also include multiple paths, and the internal communication network of the system-on-chip is built through multiple paths of buses of different types, so as to realize the internal information transfer of the system. For a specific arrangement of the system-on-chip internal bus, reference may be made to a related art implementation, and a description thereof will not be repeated here.
Further, the bus monitoring unit 202 is connected to the control unit 201, the bus 105 and the cryptographic operation unit 203, respectively, and as described above, the bus 105 includes multiple buses, so that in practical applications, the bus monitoring unit 202 is connected to each bus in the system on a chip. It should be noted that, in this embodiment and the following embodiments, the bus monitoring unit 202 is connected to the bus, which mainly means that physical connection is established between the two, and as for the bus monitoring unit 202 specifically obtains the bus signal of which bus, that is, monitors which bus, it needs to be determined by combining with the actual monitoring requirement. The cryptographic operation unit 203 receives the bus data fed back by the bus monitoring unit 202, and performs cryptographic operation based on the obtained bus data.
Based on the above system configuration, the control unit 201 outputs a monitor enable instruction, the bus monitor unit 202 parses the target bus signal in response to the monitor enable instruction to obtain a bus request, extracts target bus information in the bus request, and after extracting target data in the target bus information according to a preset tracking condition, sends the target data to the cryptographic operation unit 203 to trigger the cryptographic operation unit 203 to perform cryptographic operation. Because only one target bus in the multipath buses is monitored, and only target data in target bus information of bus requests are extracted for the password operation, compared with the prior art, the data size of the bus information required to be processed in the password operation process is greatly reduced, the processing efficiency of the password operation is improved, and the actual application requirements are further met.
Further, the present invention provides a cryptographic operation method, which is applied to the system on chip provided in the above embodiment, and in combination with the flowchart shown in fig. 3, the flow of the cryptographic operation method provided in the present embodiment may include the following steps.
S100, the control unit sends a monitoring enabling instruction.
In this embodiment, the monitor enable instruction is mainly used to control the bus monitoring unit to execute the following steps S120 and S140, that is, to control the bus monitoring unit to extract and send the target data. The specific form of the monitor enabling instruction may be implemented with reference to the related art, and the present invention is not limited thereto.
In one possible implementation manner, the control unit is provided with a plurality of registers, and an output signal line of each register is used as a communication interface of the control unit to be connected with the bus monitoring unit, so that the control unit can realize the output of control instructions such as a monitoring enabling instruction and other configuration information by configuring each register.
S110, the bus monitoring unit receives a monitoring enabling instruction.
The bus monitoring unit is connected with the communication interface of the control unit and receives the monitoring enabling instruction output by the control unit according to a predefined communication protocol between the bus monitoring unit and the control unit. The selection of the communication protocol between the bus monitoring unit and the control unit can be realized by referring to the related technology, and the application is not limited to the selection.
S120, the bus monitoring unit analyzes the target bus signal to obtain a bus request, and extracts target bus information in the bus request.
As mentioned above, the bus monitoring units are respectively connected with each path of bus in the on-chip system, and the target bus signals mentioned in the present application may be any path of bus signals of the target bus to be monitored in each path of bus in the on-chip system.
The basic principle of bus information transmission by combining the system-on-chip internal bus is known that the obtained target bus signal obtained by the bus monitoring unit is a digital signal which is arranged according to the relevant definition of the communication protocol of the target bus, the bus monitoring unit needs to analyze the obtained target bus signal according to the communication protocol of the target bus to obtain a corresponding bus request, and the specific implementation of the bus request can be obtained by analyzing the target bus signal, and the specific content of the communication protocol of the target bus and the relevant technical implementation of the bus signal analysis can be combined, which are not described in detail herein.
After the bus request is obtained, the bus monitoring unit further extracts the target bus information in the bus request. Specifically, the bus monitoring unit firstly determines whether the bus request accords with the bus protocol supported by the target bus, if the obtained bus request accords with the bus protocol supported by the target bus, the target bus information in the bus request is extracted according to a preset filtering condition, otherwise, if the obtained bus request does not accord with the bus protocol supported by the target bus, the bus request is abandoned, and further processing is not carried out on the bus request.
According to the processing, in practical application, the method can be combined with the actual monitoring requirement, before extracting the target bus information, whether the bus request accords with the bus protocol supported by the target bus is judged, the target bus information can be further extracted according to the preset filtering condition only when the bus request accords with the bus protocol supported by the target bus, based on the method, the bus request which does not accord with the bus protocol supported by the target bus can be effectively filtered, meanwhile, the target bus information in the bus request which accords with the bus protocol supported by the target bus is extracted according to the preset filtering condition, so that the finally obtained target bus information is effective, the data quantity is less, the data quantity of the bus information can be effectively reduced, the logic cost of the password operation is further reduced, and the processing efficiency of the password operation is improved.
In one possible implementation manner, the preset filtering condition may be set based on at least one of a data volume of the bus request, an address corresponding to the bus request, and an identification identifier corresponding to the bus request (such as a serial number of the bus request), and in practical application, the preset filtering condition may be a single specified value of at least one of the data volume of the bus request, the address corresponding to the bus request, and the identification identifier corresponding to the bus request, or may be a filtering range set based on at least one of the data volume of the bus request, the address corresponding to the bus request, and the identification identifier corresponding to the bus request. For example, an address corresponding to the bus request is set, and only the bus information of the bus request of the address is extracted in the bus monitoring process, for example, a data volume range of the bus request is set, and the bus information of the bus request with the data volume within the data volume range is extracted.
Based on the setting of the preset filtering condition, it can be seen that only the information required by the cryptographic operation can be obtained through the preset filtering condition, and other information not required by the cryptographic operation can be filtered and cleared, so that the obtained target bus information is necessarily less than all the bus information included in the bus request, that is, the data volume of the obtained target bus information can be effectively reduced through the preset filtering condition.
In one possible implementation manner, the analysis filtering unit is disposed in the bus monitoring unit provided in this embodiment. And the analysis filtering unit responds to the monitoring enabling instruction sent by the control unit, analyzes the target bus signal to obtain a bus request and extracts target bus information in the bus request.
S130, the bus monitoring unit extracts target data in the target bus information according to preset tracking conditions.
After extracting the target bus information, the bus monitoring unit further determines whether the target bus information includes indication information indicating that the target bus information is effective, if the target bus information includes the indication information, the bus monitoring unit extracts target data in the target bus information according to a preset tracking condition, otherwise, if the target bus information does not include the indication information, the bus monitoring unit does not further process the target bus information.
By judging whether the target bus information is valid or not, the target data can be extracted according to the preset tracking condition only under the condition that the target bus information is valid, so that the validity of the extracted target data can be ensured, and the reliability of the password operation result is further improved.
In one possible embodiment, the preset tracking condition is set based on a transaction characteristic, wherein the transaction characteristic used for setting the preset tracking condition may include at least one of an address of the bus request, an identification of the bus request, a data content in the bus information, and a response content of the bus request. Referring to the setting manner of the preset filtering condition, the preset tracking condition may be set based on a single specified value of the at least one transaction feature, or may set a corresponding tracking range based on the at least one transaction feature. For example, the selected transaction is characterized by an address of a write transaction, which is 0x8000_0030, based on which a preset tracking condition can be set as the single address, i.e. target data of the address 0x8000_0030 is acquired, or an address range can be set based on 0x8000_0030, for example, 0x8000_0000 to 0x8000_1000, i.e. target data in all target bus information with the address in the address range can be extracted.
Furthermore, the transaction characteristics for setting the preset tracking conditions can be configured according to actual operation requirements. In one possible implementation manner, the control unit may send the transaction characteristic to the bus monitoring unit before the bus monitoring unit extracts the target data in the target bus information according to the preset tracking condition, set the preset tracking condition based on the obtained transaction characteristic after the bus monitoring unit obtains the corresponding transaction characteristic in the above manner, and execute step S130 after the setting is completed. In practical application, transaction characteristics are selected according to actual operation requirements, and the preset tracking conditions are set by combining the transaction characteristics, so that the target data extracted according to the preset tracking conditions can be ensured to meet the actual requirements of the password operation, meanwhile, the target data can be screened and filtered through the preset tracking conditions, the data size of the target data can be reduced, the logic cost of the password operation is reduced, and the operation efficiency is improved.
In one possible implementation manner, a transaction tracking unit may be disposed in the bus monitoring unit, where the transaction tracking unit is connected to the parsing and filtering unit described in the foregoing embodiment, receives the target bus information output by the parsing and filtering unit, and extracts the target data in the target bus information according to a preset tracking condition.
And S140, the bus monitoring unit sends target data to the password operation unit.
The bus monitoring unit extracts the target data in the target bus through the steps, and then sends the obtained target data to the password operation unit. The specific implementation of transferring the target data between the bus monitoring unit and the cryptographic operation unit can be realized by referring to the related technology, and the invention is not limited to this.
S150, the password operation unit executes password operation according to the target data.
The specific implementation of the cryptographic operation performed by the cryptographic operation unit based on the obtained target data needs to be implemented in combination with the encryption algorithm loaded by the cryptographic operation unit and related technologies, which will not be described in detail herein.
In summary, according to the cryptographic operation method provided in this embodiment, the control unit outputs the monitor enable instruction, the bus monitor unit analyzes the target bus signal in response to the monitor enable instruction to obtain the bus request, extracts the target bus information in the bus request, extracts the target data in the target bus information according to the preset tracking condition, and then sends the target data to the cryptographic operation unit to trigger the cryptographic operation unit to execute the cryptographic operation. In the method, the target bus signal is a bus signal of one target bus to be monitored in the multipath buses in the system on chip, only one target bus in the multipath buses is monitored, and only target data in target bus information of a bus request is extracted for the password operation.
Further, the acquisition of the target bus information is controlled by the monitoring enabling instruction, the target bus information is not acquired at any time, and the operation time of the bus monitoring unit can be controlled by the monitoring enabling instruction, so that the power consumption of the bus monitoring unit is reduced.
On the basis of the embodiment shown in fig. 3, the present invention provides another cryptographic operation method, and referring to the flowchart shown in fig. 4, the cryptographic operation method provided in this embodiment further includes the following steps on the basis of the monitoring method provided in the embodiment shown in fig. 3.
S160, the control unit sends a storage instruction.
In one possible implementation, the system-on-chip is provided with two types of memory space, one being memory space internal to the system-on-chip and the other being memory space external to the system-on-chip, wherein the clock frequency of the memory space internal to the system-on-chip may be kept substantially synchronized with the clock frequency of the target bus, while the clock frequency of the memory space external to the system-on-chip is typically lower than the clock frequency of the target bus.
Based on the above, the control unit instructs to store the target data to the target storage space, which may be a storage space inside the system on chip or a storage space outside the system on chip, by the storage instruction.
S170, the bus monitoring unit receives the storage instruction.
The specific implementation of the bus guardian unit receiving the store instruction may be implemented with reference to the relevant content of S110 in the embodiment shown in fig. 3, which will not be repeated here.
S180, the bus monitoring unit stores target data into a target storage space based on the storage instruction.
The bus monitoring unit stores the target data to an internal storage space of the system on chip or stores the target data to an external storage space of the system on chip according to the instruction of the storage instruction. Based on the foregoing, it can be appreciated that the clock frequency of the storage space inside the system on chip can be kept substantially synchronous with the clock frequency of the target bus, and storing the target data into the storage space inside the system on chip can effectively avoid data overflow caused by clock frequency difference, so that the target data can be stored into the storage space inside the system on chip preferentially, and after the internal storage space is fully occupied, the target data is stored into the storage space outside the system on chip.
In one possible implementation, storing the target data into the target storage space based on the storage instruction may be implemented by the transaction tracking unit described above.
In the embodiment shown in fig. 3, the control unit sends a storage instruction to the bus monitoring unit, and the bus monitoring unit determines the time for storing the target data and the target storage space according to the storage instruction, so that the control unit can control the storage of the target data in any bus information acquisition process, so as to realize flexible control over the storage of the target data, but increase the logic overhead of the control unit to a certain extent. It will be appreciated that in the case of solidifying a store instruction to the bus guardian unit, the control unit may update the store instruction stored by the bus guardian unit when a change in the target memory space is required.
In the case of storing target data into a storage space outside the system, the bus monitoring unit further includes a data exporting unit. The input side of the data export unit is connected with the transaction tracking unit, receives the target data output by the transaction tracking unit, and further, the output side of the data export unit is connected with the storage space outside the system on chip, and stores the obtained target data into the storage space outside the system on chip.
In one possible implementation, the cryptographic operation unit may also directly access the memory space inside the system on chip and read the target data from the memory space inside the system on chip to complete the cryptographic operation.
In summary, on the basis of the foregoing embodiments, the cryptographic operation method provided in the present embodiment stores the obtained target data, and provides multiple choices for the storage space of the target data, so that the storage space for storing the target data may be selected according to the storage instruction, and when the data size of the target data is smaller, the target data may be stored in the storage space inside the system on chip, and compared with the manner of simply storing the bus information in the storage space outside the system on chip in the prior art, since the clock frequency of the internal storage space of the system on chip may be kept synchronous with the clock frequency of the target bus, the speed difference between the high-speed target bus and the low-speed information storage is compensated, so that the overflow of the target data is effectively avoided, and the integrity of the data is ensured; under the condition that the on-chip storage space is used up, the target data can be directly stored in the storage space outside the system on chip, so that the storage of mass data is realized, and the loss and omission of the target data are effectively avoided.
Further, on the basis of any one of the above embodiments, the present invention further provides another cryptographic operation method, and referring to fig. 5, the flow of the cryptographic operation method provided in this embodiment may include the following steps.
S200, the control unit sends a monitoring enabling instruction.
The specific implementation of S200 may be implemented with reference to the relevant content of step S100 in the foregoing embodiment, and will not be repeated here.
S210, the bus monitoring unit receives a monitoring enabling instruction.
The specific implementation of S210 may be implemented with reference to the relevant content of step S110 in the foregoing embodiment, and will not be repeated here.
S220, the bus monitoring unit analyzes the target bus signal to obtain a bus request, and extracts target bus information in the bus request.
The specific implementation of S220 may be implemented with reference to the relevant content of step S120 in the foregoing embodiment, and will not be repeated here.
S230, the bus monitoring unit extracts target data in the target bus information according to preset tracking conditions.
The specific implementation of S230 may be implemented with reference to the relevant content of step S130 in the foregoing embodiment, which will not be repeated here.
S240, the bus monitoring unit sends target data to the password operation unit.
The specific implementation of S240 may be implemented with reference to the relevant content of step S140 in the foregoing embodiment, and will not be repeated here.
S250, the password operation unit executes password operation according to the target data.
The specific implementation of S250 may be implemented with reference to the relevant content of step S150 in the foregoing embodiment, and will not be repeated here.
S260, the control unit sends a statistics enabling instruction.
The control unit controls the operation of the bus monitoring unit through the statistics enabling instruction, the instruction can be output only when the operation performance of the target bus is required to be analyzed, and correspondingly, when the analysis of the target bus is not required, the control unit does not control the bus monitoring unit to execute subsequent steps, so that the long-time and high-load operation of the bus monitoring unit can be avoided, and the operation power consumption of the bus monitoring unit is reduced.
S270, the bus monitoring unit receives a statistics enabling instruction.
The bus monitoring unit is connected with the communication interface of the control unit and receives the statistical enabling instruction output by the control unit according to a predefined communication protocol between the bus monitoring unit and the control unit. The selection of the communication protocol between the bus monitoring unit and the control unit can be realized by referring to the related technology, and the invention is not limited to the selection.
S280, the bus monitoring unit counts reference information used for representing the operation performance of the target bus in the target bus information.
In one possible implementation manner, the control unit sends a preset time length to the bus monitoring unit, the preset time length is an accumulated time length of the statistics reference information, and the bus monitoring unit only performs statistics on the reference information in the plurality of pieces of target bus information extracted in the preset time length after obtaining the preset time length. It can be understood that by reasonably setting the preset duration, the operation performance of the target bus can be comprehensively evaluated by ensuring the data quantity of the reference information, and meanwhile, excessive statistical reference information can be avoided, so that the data quantity required to be analyzed is excessive, and the logic overhead of the bus monitoring unit is further increased.
Further, the bus monitoring unit respectively determines whether each piece of target bus information extracted within a preset time period comprises effective indication information representing the target bus information, counts reference information in the target bus information comprising the indication information, and does not further process the target bus information which does not comprise the indication information. Before extracting the reference information, judging whether the target bus information is effective, and effectively filtering the interference of the ineffective bus information to ensure that the extracted reference information is from the effective target bus information, wherein the reliability of the reference information is high, thereby being beneficial to improving the accuracy of the bus performance analysis result.
In one possible implementation, the reference information includes at least one of a number of types of requests and a delay period between bus requests. The bus monitoring unit feeds back the obtained statistical result to the control unit, the control unit can determine whether the busyness of the bus and the communication efficiency between two bus communication parties meet the requirements according to the statistical result of the number of various types of requests, and the control unit can determine which party of the two communication parties currently affects the transmission performance of the target bus according to the statistics of the delay time between the bus requests, so the statistical result of the bus monitoring unit plays an important role in analyzing the performance of the target bus. Of course, in practical application, other indexes capable of representing the running performance of the target bus can be used as reference information according to analysis requirements, and are not listed here, and the method and the device also belong to the protection scope of the invention on the premise of not exceeding the core idea scope of the invention.
It should be noted that, the process of the bus detection unit responding to the statistics enabling instruction to count the reference information is implemented after the target bus information is acquired, so in another possible implementation, S260-S280 may also be started to be executed after S220, which can achieve the same technical effect as the execution process shown in fig. 5.
In summary, in the monitoring method provided in this embodiment, the reference information characterizing the operation performance of the target bus is counted, and the operation performance of the target bus can be analyzed based on the obtained reference information, so as to provide a reference basis for improving the information transmission efficiency of the target bus and the operation performance of the entire system on chip.
Based on the above-mentioned cryptographic operation methods provided by the embodiments, it can be seen that the cryptographic operation methods of the embodiments all need to perform subsequent steps based on the target bus signal of the target bus, and therefore, the present invention provides a method for obtaining the target bus signal, and the execution process of the method can be shown in fig. 6.
S300, the control unit sends a gating instruction.
As described above, the bus monitoring units are respectively connected with each path of bus in the on-chip system, the gating instruction is used for indicating one path of target bus to be monitored in the multipath buses, and the target bus can be any path of each path of bus.
In one possible implementation manner, the control unit is provided with a plurality of registers, the output signal line of each register is used as a communication interface of the control unit to be connected with the bus monitoring unit, and the control unit can realize the output of control instructions such as a gating instruction and other configuration information by configuring each register.
S310, the bus monitoring unit receives a gating instruction.
The specific implementation of the bus guardian unit receiving the gating instruction may refer to the implementation of S110 in the embodiment shown in fig. 3, and will not be repeated here.
S320, the bus monitoring unit determines a monitored target bus in the multipath buses according to the gating instruction, and acquires a target bus signal of the target bus.
In one possible implementation manner, the bus monitoring unit includes a selection synchronization unit, where the selection synchronization unit may be further divided into a selection unit and a synchronization unit, where the synchronization unit inputs bus signals of each path of bus, synchronizes each path of bus signals from a clock domain corresponding to each path of bus signals to a clock domain where the bus monitoring unit is located to obtain a synchronous bus signal, and the selection unit determines a target bus to be monitored in the multiple paths of buses according to the gating command, and further selects the synchronous bus signal of the target bus to obtain the target bus signal.
Specifically, after the synchronization unit inputs the bus signals of each path of bus, the clock domain crossing synchronization process for any path of bus signal can be divided into two cases: the clock domain where the bus is located is identical to the clock domain where the bus monitoring unit is located, namely the clock frequency of the bus is identical to the clock frequency of the bus monitoring unit, in this case, the synchronization unit can be built by adopting two stages of registers to form a two-stage synchronization unit, each bus signal in the bus is input to the data input end of the two-stage synchronization unit, and finally the output end of the synchronization unit outputs the synchronous bus signal. Alternatively, the clock domain of the bus is slower than the clock domain of the bus guardian, i.e. the clock frequency of the bus is smaller than the clock frequency of the bus guardian, in which case the synchronization unit may synchronize based on an asynchronous first-in-first-out buffer (First In First Out, FIFO) of the gray code. For the implementation of the two-stage synchronous unit and the gray code-based asynchronous fifo, reference should be made to the related art, and details thereof will not be described herein.
In practical application, the clock frequency of the bus monitoring unit should be greater than or equal to the clock frequency of each bus in the system on chip, so as to ensure that the change of the bus signal can be sampled and ensure that the bus signal is not lost.
The selection unit comprises a plurality of signal input ends and a signal output end, and at most only one signal input end is communicated with the signal output end at the same time. In practical application, the signal input end of the selection unit is connected with the output end of the synchronization unit to realize the receiving of the synchronization bus signals of each path of bus, and certainly, the synchronization bus signals received by the signal input ends of the selection unit are different from each other. After receiving the gating command, the selection unit determines a path of target bus to be monitored according to the gating command, and controls the signal income end corresponding to the target bus to be communicated with the signal output end, so that the synchronous bus signal of the target bus is acquired, and the target bus signal is obtained. Of course, in the case where the strobe instruction is not received, none of the signal input terminals is in communication with the signal output terminal.
In one possible implementation, the selection unit may be implemented based on a Multiplexer (MUX), where each bus in the system on a chip is connected to each input of the MUX, and of course, the input of the MUX to which each bus is connected is different, and the output of the MUX is connected to the input of the synchronization unit, and the MUX may establish communication between the input to which the target bus is connected and the output according to the strobe command, so as to establish a communication connection with the target bus.
In summary, in the method provided in this embodiment, the control unit outputs the gating command, and the bus monitoring unit determines a monitored target bus among the multiple buses according to the gating command and obtains the target bus signal of the target bus. Compared with the method for monitoring all bus information of the multipath buses in the chip in the prior art, the method can effectively reduce the data volume of the bus information, and lays a good foundation for reducing the data volume of target data in the subsequent step and improving the cryptographic operation processing efficiency.
In one possible implementation manner, the bus monitoring unit is provided with a clock control unit, and the clock control unit is respectively connected with a clock unit for providing a unified clock signal in the system on chip and each component unit in the bus monitoring unit to control the clock signal output to each component unit. Based on the above, under the condition that any bus in the system on chip is not monitored, the control unit can control the clock control unit to close the clock signal of the bus monitoring unit, so as to control the bus monitoring unit to stop running, and effectively reduce the overall power consumption of the bus monitoring unit.
It should be noted that in the foregoing embodiments, particularly in the embodiments shown in fig. 4 to 5, the control unit needs to send a plurality of different control instructions, and at the same time, may also need to send different configuration information, such as transaction characteristics, preset duration, etc., to the bus monitoring unit, where the foregoing embodiments merely exemplify the timing of sending the control instructions and the configuration information by the control unit, and are not used as the only limitation on the information interaction process between the control unit and the bus monitoring unit. Taking the embodiment shown in fig. 4 as an example, the control unit may send the monitoring enabling instruction and the storage instruction to the bus monitoring unit synchronously, where the bus monitoring unit firstly responds to the monitoring enabling instruction to extract the target data of the target bus, and after obtaining the target data, the control unit responds to the storage instruction to store the obtained target data into the target storage space. Obviously, the adjustment of the sending time of the control command does not affect the whole process of bus monitoring, and therefore, the adjustment is also within the protection scope of the invention. And under the condition that the bus monitoring unit solidifies the storage instruction, the control unit can only send the monitoring enabling instruction to the bus monitoring unit, and the bus monitoring unit further executes the storage instruction stored by itself after responding to the bus monitoring instruction to acquire the target data, and stores the target data into the target storage space.
The bus monitoring unit and the control unit provided by the application belong to the same application conception as the password operation method provided by the embodiment of the application, can execute the password operation method provided by any embodiment of the application, and have the corresponding functional units and beneficial effects of executing the password operation method. Technical details not described in detail in this embodiment may be referred to the cryptographic operation method provided in the embodiment of the present application, and will not be described herein.
In order to more intuitively embody the application of the bus monitoring unit and the control unit provided by the application, in the drawings corresponding to the follow-up content, the bus monitoring unit and the control unit are shown on the basis of a system on chip, and the connection relation between the control unit and each constituent unit in the bus monitoring unit is shown, meanwhile, in order to highlight the bus monitoring unit and the control unit provided by the application, other constituent parts in the system on chip, such as a processor, each functional unit and the like, are not shown any more, and only the on-chip buses connected with the bus monitoring unit are shown.
Referring to fig. 7, fig. 7 shows a system on a chip provided by an embodiment of the present application, where the system on a chip provided by the embodiment includes a control unit 40, a bus monitoring unit, and a cryptographic operation unit 30.
The bus monitoring unit includes a parsing and filtering unit 10 and a transaction tracking unit 20, where the parsing and filtering unit 10 is connected to each bus (in the figure, referred to as an on-chip bus) in the system on chip, the transaction tracking unit 20 is also connected to the cryptographic operation unit 30, and the control unit 40 is respectively connected to the parsing and filtering unit 10 and the transaction tracking unit 20.
The control unit 40 is configured to send a monitoring enabling instruction. The parsing and filtering unit 10 is configured to receive the monitoring enable instruction, parse the target bus signal to obtain a bus request in response to the monitoring enable instruction, and extract target bus information in the bus request. The transaction tracking unit 20 is configured to extract target data in the target bus information according to a preset tracking condition, and send the target data to the cryptographic operation unit 30. The cryptographic operation unit 30 is configured to perform a cryptographic operation based on target data.
In a possible implementation, the control unit 40 is further configured to send transaction characteristics, and the parsing-filtering unit 10 is configured to set a preset tracking condition based on the obtained transaction characteristics.
In a possible embodiment, the control unit 40 may also control the operation of the transaction tracking unit 20, for example, may send a tracking enable instruction to the transaction tracking unit 20, by which the transaction tracking unit 20 is controlled to extract the target data in the target bus information according to the preset tracking condition.
Further, on the basis of the embodiment shown in fig. 7, an embodiment of the present invention provides another system on a chip, whose configuration can be seen in fig. 8.
In the embodiment shown in fig. 8, the bus monitoring unit includes a parsing and filtering unit 10, a transaction tracking unit 20, and a data exporting unit 50, which are sequentially connected. The transaction tracking unit 20 is further coupled to a memory space inside the system on chip (in short for on-chip memory in fig. 9), and the data export unit 50 is correspondingly coupled to a memory space outside the system on chip (in short for off-chip memory in fig. 9). The control unit 40 is connected to the analysis filtering unit 10, the transaction tracking unit 20 and the data deriving unit 50, respectively, inside the bus monitoring unit.
The control unit 40 is further arranged to send a store instruction on the basis of the previous embodiments. The storage instruction is used for indicating to store target data to a target storage space, wherein the target storage space comprises a storage space inside the system on chip or a storage space outside the system on chip; the transaction tracking unit 20 is further configured to receive a storage instruction sent by the control unit 40, and store the target data into the target storage space based on the storage instruction.
In the case where the target storage space is the off-chip storage shown in fig. 8, the data deriving unit 50 is configured to receive the target data output from the transaction tracking unit 20, and store the resultant target data in the off-chip storage.
Further, another system on chip is provided in an embodiment of the present invention, as shown in fig. 9, where the system on chip provided in the embodiment includes an on-chip bus, a control unit 40, a cryptographic operation unit 30, and a bus monitoring unit, and the bus monitoring unit includes an analysis filtering unit 10, a transaction tracking unit 20, and a performance statistics unit 60. The analysis filtering unit 10 is connected to the on-chip bus, the transaction tracking unit 20 and the performance statistics unit 60, the transaction tracking unit 20 is connected to the cryptographic operation unit 30, and the control unit 40 is connected to the analysis filtering unit 10, the transaction tracking unit 20 and the performance statistics unit 60.
On the basis of the foregoing embodiment, the control unit 40 is further configured to send a statistics enabling instruction, and the performance statistics unit 60 is configured to respond to the statistics enabling instruction, and to count reference information for characterizing the operation performance of the target bus in the target bus information, where the reference information includes at least one of the number of requests of each type and the delay duration between bus requests.
It will be appreciated that the performance statistics unit 60 provided in this embodiment may be further combined with the embodiment shown in fig. 8, that is, the performance statistics unit 60 is connected to the parsing and filtering unit 10 in the embodiment shown in fig. 8, and may also receive the target bus information of the parsing and filtering unit 10, and count the reference information used to characterize the operation performance of the target bus in the target bus information, in which case another system on chip may be obtained.
Further, on the basis of any of the above embodiments, the bus monitoring unit may further include a selection synchronization unit, and in the case where the selection synchronization unit is provided in the bus monitoring unit, for example, in the embodiment shown in fig. 7, the system on chip may have a structure as shown in fig. 10.
The bus monitoring unit provided in this embodiment includes a selection synchronization unit 70, where the selection synchronization unit 70 is respectively connected to the control unit 40, the analysis filtering module 10, and the on-chip bus.
The control unit 40 is configured to send a gating command, the selection synchronization unit 70 is configured to receive the gating command, and the gating command is configured to indicate a target bus to be monitored in the multi-path buses; and determining a path of monitored target bus in the multipath buses according to the gating instruction, and acquiring target bus signals of the target bus.
Further, for the system on chip provided in any of the foregoing embodiments, the bus monitoring unit is provided with a clock control unit (not shown in the figure) for controlling the clock signal, and in the case that any bus is not monitored, the control unit 60 is further configured to control the clock control unit to turn off the clock signal of the bus monitoring unit.
The invention also provides computer equipment comprising the system on a chip provided by any embodiment.
In some embodiments, the present embodiment further provides a computer readable storage medium, such as a floppy disk, an optical disk, a hard disk, a flash memory, a usb disk, an SD (Secure Digital Memory Card, secure digital Card) Card, an MMC (Multimedia Card) Card, or the like, in which one or more instructions for implementing the above steps are stored, where the one or more instructions are executed by one or more processors, and cause the processors to perform the cryptographic operation method described above. For a related implementation, refer to the foregoing description, which is not repeated herein.
In addition to the methods and apparatus described above, embodiments of the application may also be a computer program product comprising computer program instructions which, when executed by a processor, cause the processor to perform steps in a cryptographic operation method according to various embodiments of the application described in the foregoing of the specification.
The computer program product may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server.
Those skilled in the art will appreciate that various modifications and improvements can be made to the disclosure. For example, the various devices or components described above may be implemented in hardware, or may be implemented in software, firmware, or a combination of some or all of the three.
Further, while the present disclosure makes various references to certain elements in a system according to embodiments of the present disclosure, any number of different elements may be used and run on a client and/or server. The units are merely illustrative and different aspects of the systems and methods may use different units.
A flowchart is used in this disclosure to describe the steps of a method according to an embodiment of the present disclosure. It should be understood that the steps that follow or before do not have to be performed in exact order. Rather, the various steps may be processed in reverse order or simultaneously. Also, other operations may be added to these processes.
Those of ordinary skill in the art will appreciate that all or a portion of the steps of the methods described above may be performed by a computer program that instructs associated hardware, and that the program may be stored on a computer readable storage medium, such as a read only memory, etc. Alternatively, all or part of the steps of the above embodiments may be implemented using one or more integrated circuits. Accordingly, each unit/unit in the above embodiments may be implemented in the form of hardware, or may be implemented in the form of a software functional unit. The present disclosure is not limited to any specific form of combination of hardware and software.
Unless defined otherwise, all terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure pertains. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
The foregoing is illustrative of the present disclosure and is not to be construed as limiting thereof. Although a few exemplary embodiments of this disclosure have been described, those skilled in the art will readily appreciate that many modifications are possible in the exemplary embodiments without materially departing from the novel teachings and advantages of this disclosure. Accordingly, all such modifications are intended to be included within the scope of this disclosure as defined in the claims. It is to be understood that the foregoing is illustrative of the present disclosure and is not to be construed as limited to the specific embodiments disclosed, and that modifications to the disclosed embodiments, as well as other embodiments, are intended to be included within the scope of the appended claims. The disclosure is defined by the claims and their equivalents.

Claims (17)

1. A cryptographic operation method, characterized in that it is applied to a system on chip, said system on chip comprising a control unit, a bus monitoring unit and a cryptographic operation unit connected in sequence, said method comprising the steps performed by said bus monitoring unit of:
Receiving a monitoring enabling instruction sent by the control unit;
responding to the monitoring enabling instruction, analyzing a target bus signal to obtain a bus request, and extracting target bus information in the bus request, wherein the target bus signal is a bus signal of one path of target bus to be monitored in the multi-path bus in the system on chip;
extracting target data in the target bus information according to preset tracking conditions;
and sending the target data to the password operation unit to trigger the password operation unit to execute password operation.
2. The method of claim 1, wherein extracting the target bus information in the bus request comprises:
determining whether the bus request conforms to a bus protocol supported by the target bus;
if the bus request accords with the bus protocol supported by the target bus, extracting target bus information in the bus request according to a preset filtering condition;
the preset filtering condition is set based on at least one of data volume of the bus request, an address corresponding to the bus request and an identification corresponding to the bus request.
3. The method of claim 1, wherein extracting the target data in the target bus information according to the preset tracking condition comprises:
Determining whether the target bus information comprises indication information which characterizes that the target bus information is effective;
and if the indication information is included, extracting target data in the target bus information according to a preset tracking condition.
4. A method according to claim 3, wherein prior to extracting the target data in the target bus information according to a preset tracking condition, the method further comprises:
acquiring transaction characteristics, and setting the preset tracking conditions based on the transaction characteristics;
wherein the transaction characteristic includes at least one of an address of the request, an identification of the request, data content in the bus information, and response content of the request.
5. The method according to claim 1, wherein the method further comprises:
receiving a storage instruction sent by the control unit;
the storage instruction is used for indicating to store the target data to a target storage space, wherein the target storage space comprises a storage space inside the system on chip or a storage space outside the system on chip;
and storing the target data to the target storage space based on the storage instruction.
6. The method according to any one of claims 1 to 5, further comprising: and counting reference information used for representing the operation performance of the target bus in the target bus information, wherein the reference information comprises at least one of the number of various types of requests and the delay time between bus requests.
7. The method of claim 6, wherein counting reference information in the target bus information that characterizes the target bus performance comprises:
and responding to the statistics enabling instruction, and counting the reference information in the plurality of pieces of target bus information extracted in the preset time length.
8. The method of claim 7, wherein the counting the reference information in the plurality of target bus information extracted within the preset time period includes:
respectively determining whether each piece of target bus information extracted in the preset time period comprises indication information representing that the target bus information is effective;
and counting the reference information in the target bus information comprising the indication information.
9. The cryptographic operation method is characterized by being applied to a system-on-chip, wherein the system-on-chip comprises a control unit, a bus monitoring unit and a cryptographic operation unit which are sequentially connected, and the cryptographic operation method comprises the following steps executed by the control unit:
And sending a monitoring enabling instruction, wherein the monitoring enabling instruction is used for controlling the bus monitoring unit to extract target bus information based on target bus signals and extracting target data in the target bus information according to preset tracking conditions, the target bus signals are bus signals of one target bus to be monitored in the multi-path buses in the system on chip, and the target data are used for triggering the password operation unit to execute password operation.
10. The method as recited in claim 9, further comprising: transmitting a transaction characteristic so that the bus monitoring unit sets the preset tracking condition based on the transaction characteristic;
wherein the transaction characteristic includes at least one of an address of the request, an identification of the request, data content in the bus information, and response content of the request.
11. The method as recited in claim 9, further comprising: and sending a storage instruction, wherein the storage instruction is used for instructing the bus monitoring unit to store the target data into a storage space inside the system-on-chip or a storage space outside the system-on-chip.
12. The method as recited in claim 9, further comprising: and sending a statistics enabling instruction, wherein the statistics enabling instruction is used for controlling the bus monitoring unit to count reference information used for representing the running performance of the target bus in the target bus information.
13. The method according to any one of claims 9 to 12, wherein a clock control unit for controlling a clock signal is provided in the bus monitoring unit, the method further comprising:
the clock control unit is controlled to turn off the clock signal of the bus monitoring unit without monitoring any bus.
14. A bus monitoring unit, characterized in that it is applied to a system on chip, said system on chip comprising a control unit, said bus monitoring unit and a cryptographic operation unit connected in sequence, wherein said bus monitoring unit is adapted to perform the cryptographic operation method according to any one of claims 1 to 8.
15. A control unit, characterized in that it is applied to a system on chip, said system on chip comprising said control unit, a bus monitoring unit and a cryptographic operation unit connected in sequence, wherein said control unit is adapted to perform the cryptographic operation method according to any one of claims 9 to 13.
16. A system on a chip, comprising: a processor, a bus, at least one functional unit, a control unit as claimed in claim 15, a bus monitoring unit as claimed in claim 14 and a cryptographic operation unit, wherein,
The processor is respectively in communication connection with each functional unit through the bus;
the bus monitoring unit is respectively connected with the control unit, the password operation unit and the bus.
17. A computer device comprising the system-on-chip of claim 16.
CN202311181978.8A 2023-09-14 2023-09-14 Password operation method, device, system on chip and equipment Active CN116938451B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311181978.8A CN116938451B (en) 2023-09-14 2023-09-14 Password operation method, device, system on chip and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311181978.8A CN116938451B (en) 2023-09-14 2023-09-14 Password operation method, device, system on chip and equipment

Publications (2)

Publication Number Publication Date
CN116938451A true CN116938451A (en) 2023-10-24
CN116938451B CN116938451B (en) 2023-12-22

Family

ID=88388170

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311181978.8A Active CN116938451B (en) 2023-09-14 2023-09-14 Password operation method, device, system on chip and equipment

Country Status (1)

Country Link
CN (1) CN116938451B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101639816A (en) * 2009-05-21 2010-02-03 北京中星微电子有限公司 Real-time tracking system of bus and corresponding tracking and debugging method
CN101989242A (en) * 2010-11-12 2011-03-23 深圳国微技术有限公司 Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof
CN102307090A (en) * 2011-06-21 2012-01-04 西安电子科技大学 Elliptic curve password coprocessor based on optimal normal basis of II-type
CN103810074A (en) * 2012-11-14 2014-05-21 华为技术有限公司 System-on-chip and corresponding monitoring method
CN108427629A (en) * 2018-03-12 2018-08-21 杭州朔天科技有限公司 A kind of the SoC chip tracking of information device and performance optimization method of data compression
CN111352802A (en) * 2020-02-28 2020-06-30 上海思源弘瑞自动化有限公司 Monitoring processing method, device, equipment and storage medium of network bus
CN115730546A (en) * 2022-11-24 2023-03-03 中国人民解放军国防科技大学 Software and hardware cooperative monitoring method and device for network-on-chip protocol

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101639816A (en) * 2009-05-21 2010-02-03 北京中星微电子有限公司 Real-time tracking system of bus and corresponding tracking and debugging method
CN101989242A (en) * 2010-11-12 2011-03-23 深圳国微技术有限公司 Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof
CN102307090A (en) * 2011-06-21 2012-01-04 西安电子科技大学 Elliptic curve password coprocessor based on optimal normal basis of II-type
CN103810074A (en) * 2012-11-14 2014-05-21 华为技术有限公司 System-on-chip and corresponding monitoring method
CN108427629A (en) * 2018-03-12 2018-08-21 杭州朔天科技有限公司 A kind of the SoC chip tracking of information device and performance optimization method of data compression
CN111352802A (en) * 2020-02-28 2020-06-30 上海思源弘瑞自动化有限公司 Monitoring processing method, device, equipment and storage medium of network bus
CN115730546A (en) * 2022-11-24 2023-03-03 中国人民解放军国防科技大学 Software and hardware cooperative monitoring method and device for network-on-chip protocol

Also Published As

Publication number Publication date
CN116938451B (en) 2023-12-22

Similar Documents

Publication Publication Date Title
US7003699B2 (en) Generation of trace signals within a data processing apparatus
CN110213143B (en) 1553B bus IP core and monitoring system
US8190931B2 (en) Power management events profiling
KR101069120B1 (en) Apparatus and method for time ordering events in a system having multiple time domains
CN110007961B (en) RISC-V-based edge computing hardware architecture
CN112035389B (en) PLB-AXI bus conversion bridge and working method thereof
CN117009185A (en) Bus monitoring method, device, system on chip and equipment
CN113515482A (en) Data transmission system, method, computer device and storage medium
KR100954568B1 (en) Diagnostic data capture within an integrated circuit
US20130097462A1 (en) Embedded logic analyzer
CN116089343A (en) AXI-based data storage method, device, storage medium and equipment
CN110959121B (en) Logic analyzer for integrated circuit
CN116938451B (en) Password operation method, device, system on chip and equipment
CN115687012A (en) Bus monitoring module, monitoring method and related equipment
US8401821B1 (en) Method, apparatus and computer program for latency measurement
CN107168902B (en) Method for realizing automatic identification of high-speed CAN baud rate by using DMA
WO2018026452A1 (en) System and method for distributing and replaying trigger packets via a variable latency bus interconnect
CN116627495A (en) Information interaction method, system, device, equipment and medium
KR20040086730A (en) Method and apparatus for performing bus tracing in a data processing system having a distributed memory
US20070028010A1 (en) Peripheral device utilization monitoring
CN111290889B (en) FPGA-based universal processor-oriented test method and system
US20100299564A1 (en) Trace/failure observation system, trace/failure observation method, and trace/failure observation program
US8745457B2 (en) Methods and structure for utilizing external interfaces used during normal operation of a circuit to output test signals
CN113438135A (en) Device and method for data analysis and debugging
CN108021394B (en) PCM signal acquisition method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant