TW202326493A - Processing circuit, control system and control method - Google Patents

Processing circuit, control system and control method Download PDF

Info

Publication number
TW202326493A
TW202326493A TW110149378A TW110149378A TW202326493A TW 202326493 A TW202326493 A TW 202326493A TW 110149378 A TW110149378 A TW 110149378A TW 110149378 A TW110149378 A TW 110149378A TW 202326493 A TW202326493 A TW 202326493A
Authority
TW
Taiwan
Prior art keywords
circuit
port
input
peripheral
setting
Prior art date
Application number
TW110149378A
Other languages
Chinese (zh)
Other versions
TWI829060B (en
Inventor
林宗民
Original Assignee
新唐科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 新唐科技股份有限公司 filed Critical 新唐科技股份有限公司
Priority to TW110149378A priority Critical patent/TWI829060B/en
Priority to CN202211608149.9A priority patent/CN116361868A/en
Publication of TW202326493A publication Critical patent/TW202326493A/en
Application granted granted Critical
Publication of TWI829060B publication Critical patent/TWI829060B/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Mathematical Physics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A processing circuit including an attribute set circuit, a control circuit and a combination circuit is provided. The attribute set circuit sets the security attribute of a first peripheral circuit according to a first access attribute, sets the security attribute of a second peripheral circuit according to a second access attribute, and generates a third access attribute. The control circuit determines the security attribute of an input output port according to an output. In response to the operation mode of the input output port being a general purposed input output (GPIO) mode, the combination circuit generates the output according to the third access attribute. In response to the operation mode of the input output port not being the GPIO mode, the combination circuit generates the output according to the first or second access attribute.

Description

處理電路、控制系統及控制方法Processing circuit, control system and control method

本發明係有關於一種處理電路,特別是有關於一種設定輸入輸出埠的安全層級的處理電路。The present invention relates to a processing circuit, in particular to a processing circuit for setting the security level of input and output ports.

在現今的電腦系統或控制系統中,為了提高資料的安全性,通常會設定系統內部的週邊電路的安全層級。當一週邊電路具有高安全層級時,只有合法的裝置才能與高安全層級的週邊電路進行溝通。週邊電路可能利用至少一輸入輸出埠,與外部電路進行溝通。當輸入輸出埠的安全層級不同於週邊電路的安全層級時,週邊電路可能無法正常地與外部電路溝通。In today's computer system or control system, in order to improve data security, the security level of the peripheral circuits inside the system is usually set. When a peripheral circuit has a high security level, only legitimate devices can communicate with the high security level peripheral circuit. The peripheral circuit may use at least one input and output port to communicate with external circuits. When the security level of the input and output ports is different from that of the peripheral circuit, the peripheral circuit may not be able to communicate with the external circuit normally.

本發明之一實施例提供一種處理電路,耦接於一第一週邊電路、一第二週邊電路與一輸入輸出埠之間,並包括一屬性設定電路、一控制電路以及一組合電路。屬性設定電路根據一第一週邊設定,提供一第一存取屬性予第一週邊電路,用以設定第一週邊電路的安全層級,並根據一第二週邊設定,提供一第二存取屬性予第二週邊電路,用以設定第二週邊電路的安全層級。屬性設定電路根據一輸入輸出設定,產生一第三存取屬性。控制電路根據一控制設定,產生一控制命令,並根據一輸出決定輸入輸出埠的安全層級。組合電路解碼控制命令,用以得知輸入輸出埠的操作模式是否為一通用輸入輸出模式。當輸入輸出埠的操作模式為通用輸入輸出模式時,組合電路根據第三存取屬性,產生輸出。當輸入輸出埠的操作模式並非通用輸入輸出模式時,組合電路根據第一或第二存取屬性產生輸出。An embodiment of the present invention provides a processing circuit coupled between a first peripheral circuit, a second peripheral circuit and an input/output port, and includes a property setting circuit, a control circuit and a combination circuit. The attribute setting circuit provides a first access attribute to the first peripheral circuit according to a first peripheral setting for setting the security level of the first peripheral circuit, and provides a second access attribute to the first peripheral circuit according to a second peripheral setting The second peripheral circuit is used to set the security level of the second peripheral circuit. The attribute setting circuit generates a third access attribute according to an input and output setting. The control circuit generates a control command according to a control setting, and determines the security level of the input and output ports according to an output. The combinational circuit decodes the control command to know whether the operation mode of the I/O port is a general-purpose I/O mode. When the operation mode of the I/O port is the general-purpose I/O mode, the combinational circuit generates an output according to the third access attribute. When the operation mode of the I/O port is not the general-purpose I/O mode, the combinational circuit generates an output according to the first or the second access attribute.

本發明另提供一種控制系統,包括一第一週邊電路、一第二週邊電路、一第一輸入輸出埠以及一處理電路。第一週邊電路接收一第一存取屬性。第二週邊電路接收一第二存取屬性。處理電路用以決定第一輸入輸出埠的安全層級。當處理電路根據一第一控制設定,設定第一輸入輸出埠的操作模式為一通用輸入輸出模式時,處理電路根據一第三存取屬性,決定第一輸入輸出埠的安全層級。當處理電路根據第一控制設定,設定第一輸入輸出埠的操作模式不為通用輸入輸出模式時,處理電路根據第一或第二存取屬性,決定第一輸入輸出埠的安全層級。The present invention further provides a control system, which includes a first peripheral circuit, a second peripheral circuit, a first input and output port and a processing circuit. The first peripheral circuit receives a first access attribute. The second peripheral circuit receives a second access attribute. The processing circuit is used for determining the security level of the first input and output port. When the processing circuit sets the operation mode of the first I/O port to a general-purpose I/O mode according to a first control setting, the processing circuit determines the security level of the first I/O port according to a third access attribute. When the processing circuit sets the operation mode of the first I/O port to be other than general-purpose I/O mode according to the first control setting, the processing circuit determines the security level of the first I/O port according to the first or second access attribute.

本發明更提供一種控制方法,用以控制一輸入輸出埠的安全層級,該控制方法包括:根據一第一存取屬性,設定一第一週邊電路的安全層級;根據一第二存取屬性,設定一第二週邊電路的安全層級;根據一控制設定,決定輸入輸出埠的操作模式。當輸入輸出埠的操作模式被設定為一通用輸入輸出模式時,根據一預設存取屬性,設定輸入輸出埠的安全層級。當輸入輸出埠的操作模式未被設定成通用輸入輸出模式時,根據第一或第二存取屬性,設定輸入輸出埠的安全層級。The present invention further provides a control method for controlling the security level of an input and output port. The control method includes: setting the security level of a first peripheral circuit according to a first access attribute; according to a second access attribute, Set the security level of a second peripheral circuit; determine the operation mode of the input and output ports according to a control setting. When the operation mode of the I/O port is set as a general I/O mode, the security level of the I/O port is set according to a default access attribute. When the operation mode of the I/O port is not set to the general I/O mode, the security level of the I/O port is set according to the first or second access attribute.

本發明之控制方法可經由本發明之處理電路或控制系統來實作,其為可執行特定功能之硬體或韌體,亦可以透過程式碼方式收錄於一紀錄媒體中,並結合特定硬體來實作。當程式碼被電子裝置、處理器、電腦或機器載入且執行時,電子裝置、處理器、電腦或機器變成用以實行本發明之處理電路或控制系統。The control method of the present invention can be implemented through the processing circuit or control system of the present invention, which is hardware or firmware capable of executing specific functions, and can also be recorded in a recording medium through program code and combined with specific hardware to practice. When the program code is loaded and executed by the electronic device, processor, computer or machine, the electronic device, processor, computer or machine becomes a processing circuit or a control system for implementing the present invention.

為讓本發明之目的、特徵和優點能更明顯易懂,下文特舉出實施例,並配合所附圖式,做詳細之說明。本發明說明書提供不同的實施例來說明本發明不同實施方式的技術特徵。其中,實施例中的各元件之配置係為說明之用,並非用以限制本發明。另外,實施例中圖式標號之部分重覆,係為了簡化說明,並非意指不同實施例之間的關聯性。In order to make the purpose, features and advantages of the present invention more comprehensible, the following specifically cites the embodiments, together with the accompanying drawings, for a detailed description. The description of the present invention provides different examples to illustrate the technical features of different implementations of the present invention. Wherein, the arrangement of each element in the embodiment is for illustration, not for limiting the present invention. In addition, the partial repetition of the symbols in the figures in the embodiments is for the purpose of simplifying the description, and does not imply the relationship between different embodiments.

第1圖為本發明之控制系統的示意圖。如圖所示,控制系統100至少包括週邊電路102、104、一處理電路106以及一輸入輸出埠108。為方便說明,第1圖僅顯示兩週邊電路,但並非用以限制本發明。在其它實施例中,控制系統100可能具有更多或更少的週邊電路。在一可能實施例中,控制系統100係為一微控制器系統。Fig. 1 is a schematic diagram of the control system of the present invention. As shown in the figure, the control system 100 includes at least peripheral circuits 102 , 104 , a processing circuit 106 and an input/output port 108 . For convenience of description, FIG. 1 only shows two peripheral circuits, but it is not intended to limit the present invention. In other embodiments, the control system 100 may have more or fewer peripheral circuits. In a possible embodiment, the control system 100 is a microcontroller system.

週邊電路102耦接處理電路106,並接收一存取屬性Peri1_SA。在本實施例中,存取屬性Peri1_SA用以設定週邊電路102的安全層級。在一可能實施例中,當存取屬性Peri1_SA為一特定電位時,週邊電路102進入一安全模式。在安全模式下,週邊電路102具有高安全層級。此時,只有同樣具有高安全層級的主動式裝置(或稱合法裝置)才能存取週邊電路102。當存取屬性Peri1_SA不為特定電位時,週邊電路102操作於一非安全模式。在非安全模式下,週邊電路102不具有高安全層級,故任何主動式裝置均可存取週邊電路102。The peripheral circuit 102 is coupled to the processing circuit 106 and receives an access attribute Peri1_SA. In this embodiment, the access attribute Peri1_SA is used to set the security level of the peripheral circuit 102 . In a possible embodiment, when the access attribute Peri1_SA is a specific potential, the peripheral circuit 102 enters a security mode. In the secure mode, the peripheral circuit 102 has a high security level. At this time, only active devices (or legitimate devices) that also have a high security level can access the peripheral circuit 102 . When the access attribute Peri1_SA is not at a specific potential, the peripheral circuit 102 operates in a non-secure mode. In the non-secure mode, the peripheral circuit 102 does not have a high security level, so any active device can access the peripheral circuit 102 .

本發明並不限定具有高安全層級的週邊電路102如何判斷主動式裝置的安全層級。舉例而言,當一主動式裝置114透過一系統匯流排112及匯流排116,發出一存取指令予週邊電路102時,週邊電路102判斷匯流排116的一特定接腳是否為一特定位準(如高位準)。如果匯流排116的一特定接腳為一特定位準時,表示主動式裝置114具有高安全層級。因此,週邊電路102執行主動式裝置114所發出的存取指令。然而,如果匯流排116的一特定接腳不為一特定位準時(如特定接腳為一低位準),表示主動式裝置114不具有高安全層級。因此,週邊電路102不執行主動式裝置114所發出的存取指令。The present invention does not limit how the peripheral circuit 102 with a high security level determines the security level of the active device. For example, when an active device 114 sends an access command to the peripheral circuit 102 through a system bus 112 and the bus 116, the peripheral circuit 102 judges whether a specific pin of the bus 116 is at a specific level (such as high level). If a specific pin of the bus bar 116 is at a specific level, it indicates that the active device 114 has a high security level. Therefore, the peripheral circuit 102 executes the access command issued by the active device 114 . However, if a specific pin of the bus 116 is not at a specific level (eg, a specific pin is at a low level), it means that the active device 114 does not have a high security level. Therefore, the peripheral circuit 102 does not execute the access command issued by the active device 114 .

週邊電路104耦接處理電路106,並接收一存取屬性Peri2_SA。存取屬性Peri2_SA用以設定週邊電路104的安全層級。由於週邊電路104的特性相同於週邊電路102的特性,故不再贅述。本發明並不限定週邊電路102及104的種類。在一可能實施例中,週邊電路102與104之至少一者為一序列週邊裝置介面(serial peripheral interface;SPI)電路或是一脈衝寬度調變(pulse width modulatION;PWM)電路。The peripheral circuit 104 is coupled to the processing circuit 106 and receives an access attribute Peri2_SA. The access attribute Peri2_SA is used to set the security level of the peripheral circuit 104 . Since the characteristics of the peripheral circuit 104 are the same as those of the peripheral circuit 102 , details are not repeated here. The invention does not limit the types of the peripheral circuits 102 and 104 . In a possible embodiment, at least one of the peripheral circuits 102 and 104 is a serial peripheral interface (SPI) circuit or a pulse width modulation (PWM) circuit.

處理電路106耦接週邊電路102、104及輸入輸出埠108。在本實施例中,處理電路106透過匯流排BS1~BS3存取週邊電路102、104及輸入輸出埠108。以匯流排BS1為例,處理電路106可能透過匯流排BS1,接收來自週邊電路102的資料及/或信號,或是提供資料及/或信號予週邊電路102。在其它實施例中,處理電路106可能透過匯流排BS3,接收來自輸入輸出埠108的資料及/或信號,再透過匯流排BS1,將來自輸入輸出埠108的資料及/或信號提供予週邊電路102。在一實施例中,處理電路106可能透過匯流排BS3,將來自週邊電路102的資料及/或信號提供予輸入輸出埠108。The processing circuit 106 is coupled to the peripheral circuits 102 , 104 and the I/O port 108 . In this embodiment, the processing circuit 106 accesses the peripheral circuits 102 , 104 and the input/output port 108 through the bus bars BS1 - BS3 . Taking the bus BS1 as an example, the processing circuit 106 may receive data and/or signals from the peripheral circuit 102 or provide data and/or signals to the peripheral circuit 102 through the bus BS1 . In other embodiments, the processing circuit 106 may receive data and/or signals from the input and output ports 108 through the bus BS3, and then provide the data and/or signals from the input and output ports 108 to peripheral circuits through the bus BS1. 102. In one embodiment, the processing circuit 106 may provide data and/or signals from the peripheral circuit 102 to the I/O port 108 through the bus BS3.

在本實施例中,處理電路106產生並提供存取屬性Peri1_SA及Peri2_SA予週邊電路102及104,用以設定週邊電路102及104的安全層級。本發明並不限定處理電路106如何提供存取屬性Peri1_SA及Peri2_SA予週邊電路102及104。在一可能實施例中,處理電路106利用匯流排BS1及BS2以外的兩傳輸走線(未顯示),傳送存取屬性Peri1_SA及Peri2_SA予週邊電路102及104。In this embodiment, the processing circuit 106 generates and provides the access attributes Peri1_SA and Peri2_SA to the peripheral circuits 102 and 104 for setting the security levels of the peripheral circuits 102 and 104 . The present invention does not limit how the processing circuit 106 provides the access attributes Peri1_SA and Peri2_SA to the peripheral circuits 102 and 104 . In a possible embodiment, the processing circuit 106 transmits the access attributes Peri1_SA and Peri2_SA to the peripheral circuits 102 and 104 by using two transmission lines (not shown) other than the buses BS1 and BS2 .

本發明並不限定處理電路106如何產生存取屬性Peri1_SA及Peri2_SA。在一可能實施例中,主動式裝置114透過系統匯流排112及匯流排120,寫入一第一週邊設定以及一第二週邊設定於處理電路106中。在此例中,處理電路106根據第一週邊設定,產生存取屬性Peri1_SA,並根據第二週邊設定,產生存取屬性Peri2_SA。本發明並不限定主動式裝置114的種類。在一可能實施例中,主動式裝置114係為一中央處理器(CPU)。The present invention does not limit how the processing circuit 106 generates the access attributes Peri1_SA and Peri2_SA. In a possible embodiment, the active device 114 writes a first peripheral setting and a second peripheral setting into the processing circuit 106 through the system bus 112 and the bus 120 . In this example, the processing circuit 106 generates the access attribute Peri1_SA according to the first perimeter setting, and generates the access attribute Peri2_SA according to the second perimeter setting. The invention does not limit the type of the active device 114 . In one possible embodiment, the active device 114 is a central processing unit (CPU).

在其它實施例中,主動式裝置114透過系統匯流排112及匯流排120,寫入一第一控制設定於處理電路106中。處理電路106根據第一控制設定,設定輸入輸出埠108的操作模式。在此例中,處理電路106解碼第一控制設定,用以產生一控制信號SET1。輸入輸出埠108根據控制信號SET1,操作於一通用(general-purpose input/output;以下簡稱GPIO)模式或是一多功能(multi-function pin;以下簡稱MFP)模式。In other embodiments, the active device 114 writes a first control setting into the processing circuit 106 through the system bus 112 and the bus 120 . The processing circuit 106 sets the operation mode of the I/O port 108 according to the first control setting. In this example, the processing circuit 106 decodes the first control setting to generate a control signal SET1. The I/O port 108 operates in a general-purpose input/output (hereinafter referred to as GPIO) mode or a multi-function pin (hereinafter referred to as MFP) mode according to the control signal SET1 .

在GPIO模式下,輸入輸出埠108可能由主動式裝置114直接操作。主動式裝置114透過處理電路106直接控制輸入輸出埠108的相關功能。舉例而言,主動式裝置114可能於一輸出模式(output mode)時,透過設定輸入輸出埠108輸出一高位準或是一低位準,或是於一輸入模式(input mode)時,讀取輸入輸出埠108的位準。In GPIO mode, the I/O port 108 may be directly operated by the active device 114 . The active device 114 directly controls related functions of the I/O port 108 through the processing circuit 106 . For example, the active device 114 may output a high level or a low level by setting the I/O port 108 in an output mode, or read an input in an input mode. The output level of port 108.

當輸入輸出埠108被設定成GPIO模式時,處理電路106可能根據主動式裝置114所提供的一輸入輸出設定,決定輸入輸出埠108的安全層級。當處理電路106根據該輸入輸出設定,得知輸入輸出埠108具有高安全層級時,處理電路106辨識來自系統匯流排112的存取是否為合法存取。此时,只有合法裝置(具有高安全層級)才能存取輸入輸出埠108。當輸入輸出埠108不具有高安全層級時,任何主動式裝置均可存取輸入輸出埠108。When the I/O port 108 is set to the GPIO mode, the processing circuit 106 may determine the security level of the I/O port 108 according to an I/O setting provided by the active device 114 . When the processing circuit 106 knows that the I/O port 108 has a high security level according to the I/O setting, the processing circuit 106 identifies whether the access from the system bus 112 is a legitimate access. At this time, only legitimate devices (with a high security level) can access the I/O port 108 . When the I/O port 108 does not have a high security level, any active device can access the I/O port 108 .

當輸入輸出埠108操作於MFP模式時,處理電路106可能根據存取屬性Peri1_SA或Peri2_SA決定輸入輸出埠108的安全屬性。舉例而言,當處理電路106得知主動式裝置114將輸入輸出埠108分配給週邊電路102時,處理電路106根據存取屬性Peri1_SA,決定輸入輸出埠108的安全層級。此時,輸入輸出埠108的安全層級相同於週邊電路102的安全層級。當主動式裝置114將輸入輸出埠108分配給週邊電路104時,處理電路106根據存取屬性Peri2_SA,決定輸入輸出埠108的安全層級。在此例中,輸入輸出埠108的安全層級相同於週邊電路104的安全層級。When the I/O port 108 operates in the MFP mode, the processing circuit 106 may determine the security attribute of the I/O port 108 according to the access attribute Peri1_SA or Peri2_SA. For example, when the processing circuit 106 learns that the active device 114 allocates the I/O port 108 to the peripheral circuit 102 , the processing circuit 106 determines the security level of the I/O port 108 according to the access attribute Peri1_SA. At this time, the security level of the I/O port 108 is the same as that of the peripheral circuit 102 . When the active device 114 allocates the I/O port 108 to the peripheral circuit 104 , the processing circuit 106 determines the security level of the I/O port 108 according to the access attribute Peri2_SA. In this example, the security level of the I/O port 108 is the same as that of the peripheral circuit 104 .

輸入輸出埠108作為主動式裝置114與一外部電路(如122)溝通的介面。在本實施例中,處理電路106透過匯流排BS3與輸入輸出埠108溝通。在此例中,處理電路106可能將來自週邊電路102、104或是主動式裝置114的信號提供予輸入輸出埠108,或是傳送來自輸入輸出埠108的信號予週邊電路102、104或是主動式裝置114。本發明並不限定輸入輸出埠108的電路架構。在一可能實施例中,輸入輸出埠108包括許多電路,如一上拉電路(pull-high circuit)及/或一下拉電路(pull-low circuit)。在一些實施例中,輸入輸出埠108具有一接腳,用以耦接一外部電路(如122)。The I/O port 108 serves as an interface for the active device 114 to communicate with an external circuit (eg, 122 ). In this embodiment, the processing circuit 106 communicates with the I/O port 108 through the bus BS3. In this example, the processing circuit 106 may provide signals from the peripheral circuits 102, 104 or the active device 114 to the I/O port 108, or transmit signals from the I/O port 108 to the peripheral circuits 102, 104 or the active device 108. Formula device 114. The present invention does not limit the circuit structure of the I/O port 108 . In a possible embodiment, the I/O port 108 includes many circuits, such as a pull-high circuit and/or a pull-low circuit. In some embodiments, the I/O port 108 has a pin for coupling to an external circuit (such as 122 ).

本發明並不限定控制系統100的輸入輸出埠的數量。在本實施例中,控制系統100更包括輸入輸出埠109~111。輸入輸出埠109~111耦接處理電路106。處理電路106根據主動式裝置114所提供的一第二控制設定、一第三控制設定、一第四控制設定,產生控制信號SET2~SET4。輸入輸出埠109~111根據控制信號SET2~SET4操作於GPIO模式或是MFP模式。由於輸入輸出埠109~111的特性相同於輸入輸出埠108的特性,故不再贅述。在一些實施例中,處理電路106透過匯流排BS4~BS6與輸入輸出埠109~111溝通。在其它實施例中,主動式裝置114透過輸入輸出埠109~111與外部電路(如124及126)溝通。The present invention does not limit the number of input and output ports of the control system 100 . In this embodiment, the control system 100 further includes input and output ports 109 - 111 . The input and output ports 109 - 111 are coupled to the processing circuit 106 . The processing circuit 106 generates control signals SET2 - SET4 according to a second control setting, a third control setting, and a fourth control setting provided by the active device 114 . The input and output ports 109-111 operate in GPIO mode or MFP mode according to the control signals SET2-SET4. Since the characteristics of the input and output ports 109 ˜ 111 are the same as those of the input and output port 108 , details are not repeated here. In some embodiments, the processing circuit 106 communicates with the input and output ports 109 - 111 through the bus bars BS4 - BS6 . In other embodiments, the active device 114 communicates with external circuits (such as 124 and 126 ) through the input and output ports 109 - 111 .

在其它實施例中,輸入輸出埠108~111可能被劃分於同一或不同群組中。舉例而言,假設輸入輸出埠108~111被劃分於同一群組中。在此例中,處理電路106根據同一輸入輸出設定,決定輸入輸出埠108~111的安全層級。在另一實施例中,如果輸入輸出埠108~111分屬於四群組時,處理電路106根據不同的輸入輸出設定,決定輸入輸出埠108~111的安全層級。本發明並不限定每一群組的輸入輸出埠的數量。在一可能實施例中,每一群組具有十六組輸入輸出埠。In other embodiments, the input and output ports 108 - 111 may be divided into the same or different groups. For example, assume that the input and output ports 108˜111 are divided into the same group. In this example, the processing circuit 106 determines the security levels of the input and output ports 108 - 111 according to the same input and output settings. In another embodiment, if the input and output ports 108-111 belong to four groups, the processing circuit 106 determines the security level of the input and output ports 108-111 according to different input and output settings. The present invention does not limit the number of input and output ports of each group. In a possible embodiment, each group has sixteen sets of input and output ports.

在其它實施例中,當一輸入輸出埠操作於MFP模式時,處理電路106根據主動式裝置114告知的一多功能設定,得知該輸入輸出埠的功能。本發明並不限定輸入輸出埠的功能數量。為方便說明,假設每一輸入輸出埠可能提供一輸入功能、一輸出功能、一上拉功能以及一下拉功能。以輸入輸出埠108為例,輸入輸出埠108可能提供一輸入功能、一輸出功能、一上拉功能以及一下拉功能之至少一者。當主動式裝置114命令輸入輸出埠108提供一輸入功能時,輸入輸出埠108接收來自外部電路122的信號及/或資料。當主動式裝置114命令輸入輸出埠108提供一輸出功能時,輸入輸出埠108輸出信號及/或資料予外部電路122。當主動式裝置114命令輸入輸出埠108提供一上拉功能時,輸入輸出埠108內的一上拉電路(未顯示)被致能,用以輸出一高位準。當主動式裝置114命令輸入輸出埠108提供一下拉功能時,輸入輸出埠108內的一下拉電路(未顯示)被致能,用以輸出一低位準。In other embodiments, when an I/O port operates in the MFP mode, the processing circuit 106 learns the function of the I/O port according to a multi-function setting notified by the active device 114 . The present invention does not limit the number of functions of the input and output ports. For the convenience of description, it is assumed that each I/O port may provide an input function, an output function, a pull-up function and a pull-down function. Taking the I/O port 108 as an example, the I/O port 108 may provide at least one of an input function, an output function, a pull-up function, and a pull-down function. When the active device 114 commands the I/O port 108 to provide an input function, the I/O port 108 receives signals and/or data from the external circuit 122 . When the active device 114 commands the I/O port 108 to provide an output function, the I/O port 108 outputs signals and/or data to the external circuit 122 . When the active device 114 commands the I/O port 108 to provide a pull-up function, a pull-up circuit (not shown) in the I/O port 108 is enabled to output a high level. When the active device 114 commands the I/O port 108 to provide a pull-down function, a pull-down circuit (not shown) in the I/O port 108 is enabled to output a low level.

第2圖為本發明之處理電路的一可能實施例。在本實施例中,處理電路200包括一屬性設定電路210、一組合電路220以及一控制電路230。屬性設定電路210接收並儲存週邊設定S1~SM。週邊設定S1~SM可能係由一主動式裝置(如114)所提供。屬性設定電路210根據週邊設定S1~SM,產生存取屬性Peri1_SA~PeriM_SA,用以設定M個週邊電路的安全層級,其中M為正整數。在一可能實施例中,屬性設定電路210以並列方式輸出存取屬性Peri1_SA~PeriM_SA予組合電路220。本發明並不限定屬性設定電路210的架構。在一可能實施例中,屬性設定電路210係為一安全屬性單元(security attribute unit;SAU)。Figure 2 shows a possible embodiment of the processing circuit of the present invention. In this embodiment, the processing circuit 200 includes a property setting circuit 210 , a combination circuit 220 and a control circuit 230 . The attribute setting circuit 210 receives and stores the peripheral settings S1˜SM. The peripheral settings S1~SM may be provided by an active device (such as 114). The attribute setting circuit 210 generates access attributes Peri1_SA~PeriM_SA according to the peripheral settings S1~SM, for setting the security levels of M peripheral circuits, wherein M is a positive integer. In a possible embodiment, the attribute setting circuit 210 outputs the access attributes Peri1_SA˜PeriM_SA to the combining circuit 220 in parallel. The present invention does not limit the architecture of the property setting circuit 210 . In a possible embodiment, the attribute setting circuit 210 is a security attribute unit (SAU).

在本實施例中,屬性設定電路210更接收並儲存輸入輸出設定IOG1~IOGX。輸入輸出設定IOG1~IOGX可能係由一主動式裝置(如114)所提供。屬性設定電路210根據輸入輸出設定IOG1~IOGX,產生存取屬性IOG1_SA~IOGX_SA,用以設定X個群組的輸入輸出埠的安全層級,其中X為正整數。In this embodiment, the attribute setting circuit 210 further receives and stores the input and output settings IOG1˜IOGX. The input and output settings IOG1~IOGX may be provided by an active device (such as 114). The attribute setting circuit 210 sets IOG1˜IOGX according to the input and output to generate access attributes IOG1_SA˜IOGX_SA for setting the security levels of the input and output ports of X groups, where X is a positive integer.

以第1圖為例,當輸入輸出埠108~111被設定成GPIO模式,並且輸入輸出埠108~111被劃成分同一群組。在此例中,屬性設定電路210可能根據輸入輸出設定IOG1,產生存取屬性IOG1_SA。在此例中,輸入輸出埠108~111具有相同的安全層級。在其它實施例中,假設輸入輸出埠108~111被設定成GPIO模式,並且輸入輸出埠108~111分別屬於四群組。在此例中,屬性設定電路210可能根據輸入輸出設定IOG1~IOG4,產生存取屬性IOG1_SA~IOG4_SA。Take Figure 1 as an example, when the input and output ports 108~111 are set to GPIO mode, and the input and output ports 108~111 are divided into the same group. In this example, the attribute setting circuit 210 may generate the access attribute IOG1_SA according to the input and output setting IOG1. In this example, the input and output ports 108-111 have the same security level. In other embodiments, it is assumed that the input and output ports 108 - 111 are set to the GPIO mode, and the input and output ports 108 - 111 respectively belong to four groups. In this example, the attribute setting circuit 210 may generate the access attributes IOG1_SA˜IOG4_SA according to the input and output settings IOG1˜IOG4.

控制電路230具有暫存器群組231~23N。在本實施例中,暫存器群組231~23N對應N個輸入輸出埠,其中N為正整數。暫存器群組231~23N分別儲存控制設定IO1~ION。在一可能實施例中,控制設定IO1~ION由一主動式裝置(如114)所提供。The control circuit 230 has register groups 231 - 23N. In this embodiment, the register groups 231˜23N correspond to N input and output ports, where N is a positive integer. The register groups 231˜23N respectively store the control settings IO1˜ION. In a possible embodiment, the control settings IO1˜ION are provided by an active device (such as 114).

另外,控制電路230根據控制設定IO1~ION,產生控制命令SET1~SETN,用以設定N個輸入輸出埠的操作模式以及輸入輸出埠的功能。輸入輸出埠根據相對應的控制命令,進入GPIO模式或是MFP模式。在MFP模式下,輸入輸出埠根據相對應的控制命令,提供相對應的功能,如一上拉功能、一下拉功能、一輸入功能以及一輸出功能之至少一者。In addition, the control circuit 230 generates control commands SET1 ˜ SETN according to the control settings IO1 ˜ ION for setting the operation modes of the N input and output ports and the functions of the input and output ports. The input and output ports enter GPIO mode or MFP mode according to corresponding control commands. In the MFP mode, the input and output ports provide corresponding functions according to corresponding control commands, such as at least one of a pull-up function, a pull-down function, an input function and an output function.

在一些實施例中,控制電路230根據控制設定IO1~ION,產生一控制命令IOM1~IOMN。在此例中,控制命令IOM1~IOMN包括MFP設定值IO[1…N]MFP[1…K]及IO模式設定值IO[1…N]GPIO。MFP設定值IO[1…N]MFP[1…K]用以表示輸入輸出埠與週邊電路的對應關係以及輸入輸出埠的功能。IO模式設定值IO[1…N]GPIO用以表示輸入輸出埠的操作模式,GPIO模式或是MFP模式。In some embodiments, the control circuit 230 generates a control command IOM1-IOMN according to the control settings IO1-ION. In this example, the control commands IOM1-IOMN include the MFP setting value IO[1...N]MFP[1...K] and the IO mode setting value IO[1...N]GPIO. The MFP setting value IO[1...N]MFP[1...K] is used to indicate the corresponding relationship between the input and output ports and peripheral circuits and the functions of the input and output ports. The IO mode setting value IO[1...N]GPIO is used to indicate the operation mode of the input and output ports, GPIO mode or MFP mode.

組合電路220根據MFP設定值IO[1…N]MFP[1…K] 及IO模式設定值IO[1…N]GPIO,產生輸出IO1_SA~ION_SA。控制電路230根據輸出IO1_SA~ION_SA,得知N個輸入輸出埠的安全層級。舉例而言,當組合電路220根據IO模式設定值IO[1…N]GPIO,得知一輸入輸出埠(如第1圖的輸入輸出埠108)被設定成MFP模式,並得知該輸入輸出埠被分配予一週邊電路(如第1圖的週邊電路102)使用時,組合電路220可能根據該週邊電路的存取屬性(如第1圖的Peri1_SA),設定輸出IO1_SA。當一輸入輸出埠(如第1圖的輸入輸出埠108)被設定成GPIO模式時,組合電路220根據輸入輸出設定IOG1~IOGX之一者,產生輸出IO1_SA。The combination circuit 220 generates outputs IO1_SA˜ION_SA according to the MFP setting value IO[1…N]MFP[1…K] and the IO mode setting value IO[1…N]GPIO. The control circuit 230 learns the security levels of the N input and output ports according to the outputs IO1_SA˜ION_SA. For example, when the combinational circuit 220 knows that an input and output port (such as the input and output port 108 in FIG. 1 ) is set to the MFP mode according to the IO mode setting value IO[1...N]GPIO, and knows that the input and output port When the port is assigned to a peripheral circuit (such as the peripheral circuit 102 in FIG. 1 ), the combining circuit 220 may set the output IO1_SA according to the access attribute of the peripheral circuit (such as Peri1_SA in FIG. 1 ). When an I/O port (such as the I/O port 108 in FIG. 1 ) is set to the GPIO mode, the combination circuit 220 generates an output IO1_SA according to one of the IOG1-IOGX set.

控制電路230根據輸出IO1_SA~ION_SA,定義N個輸入輸出埠的安全層級。在一些實施例中,控制電路230具有N隻接腳,分別接收輸出IO1_SA~ION_SA。在此例中,控制電路230判斷N隻接腳的電壓位準,決定輸入輸出埠108~111的安全層級。舉例而言,當輸出IO1_SA等於一特定位準時,控制電路230定義一輸入輸出埠具有高安全層級。當輸出IO1_SA不等於一特定位準時,控制電路230定義該輸入輸出埠不具有高安全層級。The control circuit 230 defines the security levels of the N input and output ports according to the outputs IO1_SA˜ION_SA. In some embodiments, the control circuit 230 has N pins for respectively receiving the outputs IO1_SA˜ION_SA. In this example, the control circuit 230 judges the voltage levels of the N pins to determine the security level of the input and output ports 108 - 111 . For example, when the output IO1_SA is equal to a specific level, the control circuit 230 defines an I/O port with a high security level. When the output IO1_SA is not equal to a specific level, the control circuit 230 defines that the I/O port does not have a high security level.

在其它實施例中,組合電路220更負責每一週邊電路與相對應的輸入輸出埠之間的資料傳輸。以第1圖為例,組合電路220可能作為週邊電路102與輸入輸出埠108之間的橋樑。In other embodiments, the combining circuit 220 is more responsible for the data transmission between each peripheral circuit and the corresponding input and output ports. Taking FIG. 1 as an example, the combined circuit 220 may serve as a bridge between the peripheral circuit 102 and the input/output port 108 .

第3圖為本發明之處理電路的另一示意圖。如圖所示,處理電路300包括一屬性設定電路310、一組合電路320以及一控制電路330。在本實施例中,屬性設定電路310儲存週邊設定S1~SM及輸入輸出設定IOG1~IOGX。由於屬性設定電路310的特性與第2圖的屬性設定電路210的特性相似,故不再贅述。Fig. 3 is another schematic diagram of the processing circuit of the present invention. As shown in the figure, the processing circuit 300 includes a property setting circuit 310 , a combination circuit 320 and a control circuit 330 . In this embodiment, the attribute setting circuit 310 stores the peripheral settings S1˜SM and the input and output settings IOG1˜IOGX. Since the characteristics of the attribute setting circuit 310 are similar to those of the attribute setting circuit 210 in FIG. 2 , details are omitted here.

控制電路330解碼控制設定IO1~ION,用以產生控制命令SET1~SETN、IO模式設定值IO[1…N]GPIO以及MFP設定值IO[1…N]MFP[1…K]予組合電路320。由於控制電路330的特性與第2圖的控制電路230的特性相似,故不再贅述。The control circuit 330 decodes the control settings IO1~ION to generate the control commands SET1~SETN, the IO mode setting value IO[1...N]GPIO and the MFP setting value IO[1...N]MFP[1...K] to the combination circuit 320 . Since the characteristics of the control circuit 330 are similar to those of the control circuit 230 in FIG. 2 , details are omitted here.

組合電路320包括一解碼電路321以及一控制電路322。控制電路322根據MFP設定值IO[1…N]MFP[1…K],得知每一操作於MFP模式的輸入輸出埠的功能。在一些實施例中,控制電路322解碼MFP設定值IO[1…N]MFP[1…K],產生另一設定值IO[1…N]_Peri[1…K]予解碼電路321。控制電路322可作為週邊電路與輸入輸出埠的橋樑。The combining circuit 320 includes a decoding circuit 321 and a control circuit 322 . The control circuit 322 knows the function of each input and output port operating in the MFP mode according to the MFP setting value IO[1...N]MFP[1...K]. In some embodiments, the control circuit 322 decodes the MFP setting value IO[1...N]MFP[1...K] to generate another setting value IO[1...N]_Peri[1...K] for the decoding circuit 321. The control circuit 322 can serve as a bridge between peripheral circuits and input/output ports.

解碼電路321根據設定值IO[1…N]_Peri[1…K],得知輸入輸出埠與週邊電路之間的對應關係,並產生輸出IOA_SA~ION_SA予控制電路330,使得輸入輸出埠的安全層級相同於所對應的週邊電路的安全層級。在本實施例中,解碼電路321係為一輸入輸出屬性解碼器(input output security attribute decoder)。輸入輸出屬性解碼器接收並解碼存取屬性IOG1_SA~IOGX_SA、存取屬性Peri1_SA~PeriM_SA、設定值IO[1…N]_Peri[1…K]及IO模式設定值IO[1…N]GPIO,用以產生輸出IOA_SA~ION_SA。The decoding circuit 321 knows the corresponding relationship between the input and output ports and peripheral circuits according to the set value IO[1...N]_Peri[1...K], and generates the output IOA_SA~ION_SA to the control circuit 330, so that the security of the input and output ports The level is the same as the security level of the corresponding peripheral circuit. In this embodiment, the decoding circuit 321 is an input output security attribute decoder (input output security attribute decoder). The input and output attribute decoder receives and decodes the access attribute IOG1_SA~IOGX_SA, the access attribute Peri1_SA~PeriM_SA, the setting value IO[1…N]_Peri[1…K] and the IO mode setting value IO[1…N]GPIO, using to generate output IOA_SA~ION_SA.

在一些實施例中,輸入輸出屬性解碼器的解碼規則是,當一輸入輸出埠被設定成GPIO模式時,該輸入輸出埠的存取屬性相同於該輸入輸出埠所屬的群組的存取屬性(即存取屬性IOG1_SA~IOGX_SA之一者)。當一輸入輸出埠被設定成MFP模式時,該輸入輸出埠的存取屬性相同於一對應的週邊電路的存取屬性。In some embodiments, the decoding rule of the input-output attribute decoder is that when an input-output port is set to GPIO mode, the access attribute of the input-output port is the same as the access attribute of the group to which the input-output port belongs (that is, one of the access attributes IOG1_SA~IOGX_SA). When an I/O port is set to the MFP mode, the access attribute of the I/O port is the same as that of a corresponding peripheral circuit.

在第1圖為例,假設控制系統100具有兩週邊電路102及104(即M=2)、四輸入輸出埠108~111(即N=4),每一輸入輸出埠可提供四種不同的MFP功能(即K=4)。在此例中,屬性設定電路321根據週邊設定S1及S2,產生存取屬性Peri1_SA及Peri2_SA。屬性設定電路321根據週邊設定S1及S2,產生存取屬性Peri1_SA及Peri2_SA。屬性設定電路321也根據輸入輸出設定IOG1,產生存取屬性IOG1_SA。In Figure 1 as an example, assume that the control system 100 has two peripheral circuits 102 and 104 (ie M=2), four input and output ports 108~111 (ie N=4), and each input and output port can provide four different MFP function (ie K=4). In this example, the attribute setting circuit 321 generates the access attributes Peri1_SA and Peri2_SA according to the surrounding settings S1 and S2. The attribute setting circuit 321 generates access attributes Peri1_SA and Peri2_SA according to the peripheral settings S1 and S2. The attribute setting circuit 321 also sets the IOG1 according to the input and output to generate the access attribute IOG1_SA.

控制電路330根據控制設定IO1~IO4,產生MFP設定值IO[1…4]MFP[1…K]及IO模式設定值IO[1…4]GPIO。假設,控制電路330根據控制設定IO1~IO4,將輸入輸出埠108~110設定為MFP模式,並將輸入輸出埠111設定成GPIO模式。在此例中,控制電路330根據控制設定IO1~IO3,得知輸入輸出埠108被分配予週邊電路102使用,以及輸入輸出埠109及110被分配予週邊電路102使用,其中輸入輸出埠108被要求提供一上拉功能、輸入輸出埠109被要求提供一輸入功能、輸入輸出埠110被要求提供一輸出功能。The control circuit 330 generates the MFP set value IO[1...4]MFP[1...K] and the IO mode set value IO[1...4]GPIO according to the control settings IO1-IO4. Suppose, the control circuit 330 sets the input and output ports 108 to 110 as the MFP mode according to the control settings IO1 to IO4 , and sets the input and output port 111 as the GPIO mode. In this example, the control circuit 330 knows that the input and output port 108 is assigned to the peripheral circuit 102 according to the control settings IO1˜IO3, and the input and output ports 109 and 110 are assigned to the peripheral circuit 102, wherein the input and output port 108 is assigned to the peripheral circuit 102. It is required to provide a pull-up function, the I/O port 109 is required to provide an input function, and the I/O port 110 is required to provide an output function.

因此,控制電路330透過控制命令SET1,設定輸入輸出埠108進入MFP模式並提供一上拉功能。在此例中,控制電路330透過控制命令SET2,設定輸入輸出埠109進入MFP模式,並提供一輸入功能。控制電路330透過控制命令SET3,設定輸入輸出埠110進入MFP模式,並提供一輸出功能。另外,控制電路330更透過控制命令SET4,設定輸入輸出埠111進入GPIO模式。在其它實施例中,輸入輸出埠108~110之至少一者被要求提供多功能,如一上拉功能以及一輸入功能。Therefore, the control circuit 330 sets the I/O port 108 to enter the MFP mode through the control command SET1 and provides a pull-up function. In this example, the control circuit 330 sets the I/O port 109 to enter the MFP mode through the control command SET2 and provides an input function. The control circuit 330 sets the input and output ports 110 to enter the MFP mode through the control command SET3 and provides an output function. In addition, the control circuit 330 further sets the input/output port 111 to enter the GPIO mode through the control command SET4. In other embodiments, at least one of the I/O ports 108-110 is required to provide multiple functions, such as a pull-up function and an input function.

在一些實施例中,由於輸入輸出埠108被分配予週邊電路102使用,故解碼電路321根據週邊電路102的存取屬性Peri1_SA,產生輸出IO1_SA。控制電路330根據輸出IO1_SA,定義輸入輸出埠108的安全層級。因此,輸入輸出埠108的安全層級相同於週邊電路102的安全層級。此外,由於輸入輸出埠109及110被分配予週邊電路104使用,故解碼電路321根據週邊電路104的存取屬性Peri2_SA,產生輸出IO2_SA及IO3_SA。控制電路330根據輸出IO2_SA及IO3_SA,定義輸入輸出埠109及110的安全層級。因此,輸入輸出埠109及110的安全層級相同於週邊電路104的安全層級。另外,由於輸入輸出埠111進入GPIO模式,故解碼電路321根據存取屬性IOG1_SA,產生輸出IO4_SA。控制電路330根據輸出IO4_SA,定義輸入輸出埠111的安全層級。In some embodiments, since the I/O port 108 is allocated to the peripheral circuit 102 , the decoding circuit 321 generates the output IO1_SA according to the access attribute Peri1_SA of the peripheral circuit 102 . The control circuit 330 defines the security level of the I/O port 108 according to the output IO1_SA. Therefore, the security level of the I/O port 108 is the same as that of the peripheral circuit 102 . In addition, since the input and output ports 109 and 110 are allocated to the peripheral circuit 104 , the decoding circuit 321 generates outputs IO2_SA and IO3_SA according to the access attribute Peri2_SA of the peripheral circuit 104 . The control circuit 330 defines the security levels of the input and output ports 109 and 110 according to the outputs IO2_SA and IO3_SA. Therefore, the security level of the input and output ports 109 and 110 is the same as that of the peripheral circuit 104 . In addition, since the input/output port 111 enters the GPIO mode, the decoding circuit 321 generates the output IO4_SA according to the access attribute IOG1_SA. The control circuit 330 defines the security level of the I/O port 111 according to the output IO4_SA.

第4圖為本發明之解碼電路的示意圖。在本實施例中,解碼電路400包括解碼單元DU1~DUN。解碼單元DU1~DUN之每一者用以設定一輸入輸出埠的存取屬性。以第1圖為例,解碼單元DU1用以設定輸入輸出埠108的存取屬性,解碼單元DU2用以設定輸入輸出埠109的存取屬性。本發明並不限定解碼單元的數量。在一可能實施例中,解碼單元的數量相同於輸入輸出埠的數量。由於解碼單元DU1~DUN具有相同的特性,故以下僅說明解碼單元DU1的特性。Fig. 4 is a schematic diagram of the decoding circuit of the present invention. In this embodiment, the decoding circuit 400 includes decoding units DU1˜DUN. Each of the decoding units DU1˜DUN is used for setting the access attribute of an input and output port. Taking FIG. 1 as an example, the decoding unit DU1 is used to set the access attribute of the I/O port 108 , and the decoding unit DU2 is used to set the access attribute of the I/O port 109 . The present invention does not limit the number of decoding units. In a possible embodiment, the number of decoding units is the same as the number of input and output ports. Since the decoding units DU1˜DUN have the same characteristics, only the characteristics of the decoding unit DU1 will be described below.

解碼單元DU1包括多工器411及412。多工器411根據MFP設定值MFP[K],選擇存取屬性Peri1_SA、Peri3_SA、Peri5_SA及Peri7_SA之一者作為輸出OUT。在本實施例中,MFP設定值MFP[K]用以表示輸入輸出埠108的功能數量。舉例而言,當K=4,表示輸入輸出埠108提供四種功能。The decoding unit DU1 includes multiplexers 411 and 412 . The multiplexer 411 selects one of the access attributes Peri1_SA, Peri3_SA, Peri5_SA and Peri7_SA as the output OUT according to the MFP setting value MFP[K]. In this embodiment, the MFP setting value MFP[K] is used to represent the number of functions of the input and output ports 108 . For example, when K=4, it means that the I/O port 108 provides four functions.

在一些實施例中,由於輸入輸出埠108可能被分配予四週邊電路,如第一週邊電路、第三週邊電路、第五週邊電路及第七週邊電路,故多工器411接收第一、第三、第五及第七週邊電路的存取屬性,如Peri1_SA、Peri3_SA、Peri5_SA及Peri7_SA。在此例中,當K=1時,多工器將存取屬性Peri1_SA作為輸出OUT。當K=2時,多工器將存取屬性Peri3_SA作為輸出OUT。當K=3時,多工器將存取屬性Peri5_SA作為輸出OUT。當K=4時,多工器將存取屬性Peri7_SA作為輸出OUT。In some embodiments, since the input and output ports 108 may be assigned to four peripheral circuits, such as the first peripheral circuit, the third peripheral circuit, the fifth peripheral circuit and the seventh peripheral circuit, the multiplexer 411 receives the first and the second peripheral circuits. 3. Access attributes of the fifth and seventh peripheral circuits, such as Peri1_SA, Peri3_SA, Peri5_SA and Peri7_SA. In this example, when K=1, the multiplexer will access attribute Peri1_SA as output OUT. When K=2, the multiplexer will access attribute Peri3_SA as output OUT. When K=3, the multiplexer will access attribute Peri5_SA as output OUT. When K=4, the multiplexer will access attribute Peri7_SA as output OUT.

多工器412接收存取屬性IOG1_SA及輸出OUT,並根據模式資訊IO[1]GPIO,將存取屬性IOG1_SA及輸出OUT之一者作為輸出IO1_SA。在本實施例中,模式資訊IO[1]GPIO用以表示輸入輸出埠108的接腳是否被設定成一通用輸入輸出接腳。在此例中,當模式資訊IO[1]GPIO為數值1時,表示輸入輸出埠108的接腳被設定成通用輸入輸出接腳時。因此,多工器412將存取屬性IOG1_SA作為輸出IO1_SA。當模式資訊IO[1]GPIO為數值0時,表示輸入輸出埠108的接腳並非作為一通用輸入輸出接腳時,多工器412將輸出OUT作為輸出IO1_SA。The multiplexer 412 receives the access attribute IOG1_SA and the output OUT, and uses one of the access attribute IOG1_SA and the output OUT as the output IO1_SA according to the mode information IO[1] GPIO. In this embodiment, the mode information IO[1] GPIO is used to indicate whether the pin of the I/O port 108 is set as a general-purpose I/O pin. In this example, when the value of the mode information IO[1] GPIO is 1, it means that the pin of the input/output port 108 is set as a general-purpose input/output pin. Therefore, the multiplexer 412 will access the attribute IOG1_SA as the output IO1_SA. When the mode information IO[1] GPIO is 0, it means that the pin of the I/O port 108 is not used as a general-purpose I/O pin, and the multiplexer 412 outputs OUT as the output IO1_SA.

第5圖為本發明之控制方法的流程示意圖。本發明之控制方法係應用於一控制系統中,該控制系統具有複數週邊電路以及至少一輸入輸出埠。首先,設定所有週邊電路的安全層級(步驟S511)。在一可能實施例中,一中央處理器根據一安全屬性程式碼,決定每一週邊電路的安全層級。當週邊電路接收到一特定位準時,週邊電路便進入一安全模式。在安全模式下,只有合法的外部電路才能存取週邊裝置。當週邊電路未接收到一特定位準時,週邊電路不進入一安全模式。此時,任何外部電路均可存取週邊裝置。Fig. 5 is a schematic flow chart of the control method of the present invention. The control method of the present invention is applied in a control system, and the control system has a plurality of peripheral circuits and at least one input and output port. First, the security levels of all peripheral circuits are set (step S511). In a possible embodiment, a central processing unit determines the security level of each peripheral circuit according to a security attribute code. When the peripheral circuit receives a specific level, the peripheral circuit enters into a safe mode. In secure mode, only legitimate external circuits can access peripheral devices. When the peripheral circuit does not receive a specific level, the peripheral circuit does not enter a safe mode. At this point, any external circuit can access the peripheral device.

根據一控制設定,設定一輸入輸出埠的操作模式(步驟S512)。在一可能實施例中,該控制設定係由一中央處理器所提供。中央處理器事先決定輸入輸出埠的操作模式,如一GPIO模式或是一MFP模式。According to a control setting, an operation mode of an input and output port is set (step S512). In a possible embodiment, the control setting is provided by a central processing unit. The CPU predetermines the operation mode of the I/O port, such as a GPIO mode or an MFP mode.

判斷輸入輸出埠的操作模式是否被設定為一GPIO模式(步驟S513)。當輸入輸出埠的操作模式被設定為一GPIO模式時,根據一預設存取屬性,決定輸入輸出埠的安全層級(步驟S514)。在一可能實施例中,步驟S514根據同一預設存取屬性,設定同一群組裡不同輸入輸出埠的安全層級。在另一可能實施例中,步驟S514根據不同預設存取屬性,決定不同群組裡的輸入輸出埠的安全層級。Determine whether the operation mode of the I/O port is set to a GPIO mode (step S513). When the operation mode of the I/O port is set as a GPIO mode, the security level of the I/O port is determined according to a default access attribute (step S514). In a possible embodiment, step S514 sets security levels of different input and output ports in the same group according to the same default access attribute. In another possible embodiment, step S514 determines the security levels of the input and output ports in different groups according to different preset access attributes.

然而,當輸入輸出埠的操作模式未被設定成GPIO模式時,根據相對應的週邊電路的存取屬性,設定輸入輸出埠的安全層級(步驟S515)。在一可能實施例中,步驟515判斷輸入輸出埠係對應第一或第二週邊電路。當輸入輸出埠係對應第一週邊電路時,步驟S515根據第一週邊電路的存取屬性,決定輸入輸出埠的安全層級。此時,輸入輸出埠的安全層級相同於第一週邊電路的安全層級。當輸入輸出埠係對應第二週邊電路時,步驟S515根據第二週邊電路的存取屬性,決定輸入輸出埠的安全層級。此時,輸入輸出埠的安全層級相同於第二週邊電路的安全層級。在本實施例中,當輸入輸出埠操作於MFP模式時,輸入輸出埠與週邊電路的安全層級一致,故可提高週邊電路的安全性。However, when the operation mode of the I/O port is not set as the GPIO mode, the security level of the I/O port is set according to the access attribute of the corresponding peripheral circuit (step S515 ). In a possible embodiment, step 515 determines whether the I/O port corresponds to the first or the second peripheral circuit. When the input and output ports correspond to the first peripheral circuit, step S515 determines the security level of the input and output ports according to the access attribute of the first peripheral circuit. At this time, the security level of the input and output ports is the same as the security level of the first peripheral circuit. When the input and output ports correspond to the second peripheral circuit, step S515 determines the security level of the input and output ports according to the access attribute of the second peripheral circuit. At this time, the security level of the input and output ports is the same as that of the second peripheral circuit. In this embodiment, when the input and output ports operate in the MFP mode, the security levels of the input and output ports are consistent with those of the peripheral circuits, thus improving the security of the peripheral circuits.

本發明之控制方法,或特定型態或其部份,可以以程式碼的型態存在。程式碼可儲存於實體媒體,如軟碟、光碟片、硬碟、或是任何其他機器可讀取(如電腦可讀取)儲存媒體,亦或不限於外在形式之電腦程式產品,其中,當程式碼被機器,如電腦載入且執行時,此機器變成用以參與本發明之控制系統或處理電路。程式碼也可透過一些傳送媒體,如電線或電纜、光纖、或是任何傳輸型態進行傳送,其中,當程式碼被機器,如電腦接收、載入且執行時,此機器變成用以參與本發明之控制系統或處理電路。當在一般用途處理單元實作時,程式碼結合處理單元提供一操作類似於應用特定邏輯電路之獨特裝置。The control method of the present invention, or specific forms or parts thereof, may exist in the form of program codes. The code may be stored on a physical medium, such as a floppy disk, a CD, a hard disk, or any other machine-readable (such as a computer-readable) storage medium, or a computer program product without limitation in an external form, wherein, When the program code is loaded and executed by a machine, such as a computer, the machine becomes a control system or processing circuit for participating in the present invention. Code may also be sent via some transmission medium, such as wire or cable, optical fiber, or any type of transmission in which, when the code is received, loaded, and executed by a machine, such as a computer, the machine becomes the one used to participate in this Invented control system or processing circuit. When implemented on a general-purpose processing unit, the code combines with the processing unit to provide a unique device that operates similarly to application-specific logic circuits.

除非另作定義,在此所有詞彙(包含技術與科學詞彙)均屬本發明所屬技術領域中具有通常知識者之一般理解。此外,除非明白表示,詞彙於一般字典中之定義應解釋為與其相關技術領域之文章中意義一致,而不應解釋為理想狀態或過分正式之語態。雖然“第一”、“第二”等術語可用於描述各種元件,但這些元件不應受這些術語的限制。這些術語只是用以區分一個元件和另一個元件。Unless otherwise defined, all terms (including technical and scientific terms) used herein are to be understood by those of ordinary skill in the art to which this invention belongs. In addition, unless expressly stated, the definition of a word in a general dictionary should be interpreted as consistent with the meaning in the article in its related technical field, and should not be interpreted as an ideal state or an overly formal voice. Although terms such as 'first' and 'second' may be used to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another.

雖然本發明已以較佳實施例揭露如上,然其並非用以限定本發明,任何所屬技術領域中具有通常知識者,在不脫離本發明之精神和範圍內,當可作些許之更動與潤飾。舉例來說,本發明實施例所述之系統、裝置或是方法可以硬體、軟體或硬體以及軟體的組合的實體實施例加以實現。因此本發明之保護範圍當視後附之申請專利範圍所界定者為準。Although the present invention has been disclosed above with preferred embodiments, it is not intended to limit the present invention. Any person with ordinary knowledge in the technical field may make some changes and modifications without departing from the spirit and scope of the present invention. . For example, the system, device or method described in the embodiments of the present invention can be implemented in physical embodiments of hardware, software, or a combination of hardware and software. Therefore, the scope of protection of the present invention should be defined by the scope of the appended patent application.

100:控制系統 102、104:週邊電路 106、200、300:處理電路 108~111:輸入輸出埠 Peri1_SA~PeriM_SA、IOG1_SA~IOGX_SA:存取屬性 IO1_SA~ION_SA:輸出 BS1~BS6、116、118、120:匯流排 S1~SM:週邊設定 IOG1~IOGX:輸入輸出設定 112:系統匯流排 114:主動式裝置 IO1~ION:控制設定 122、124、126:外部電路 IOM1~IOMN:控制命令 IO[1…N]GPIO:IO模式設定值 IO[1…N]MFP[1…K]、IO[1…N]_Peri[1…K]:MFP設定值 SET1~SETN:控制信號 210、310:屬性設定電路 220、320:組合電路 321:解碼電路 230、322、340:控制電路 231~23N:暫存器群組 400:解碼電路 DU1~DUN:解碼單元 411、412:多工器 S511~S515:步驟 100: Control system 102, 104: Peripheral circuits 106, 200, 300: processing circuit 108~111: Input and output ports Peri1_SA~PeriM_SA, IOG1_SA~IOGX_SA: access attribute IO1_SA~ION_SA: output BS1~BS6, 116, 118, 120: busbar S1~SM: Peripheral settings IOG1~IOGX: Input and output settings 112: System bus 114: Active device IO1~ION: Control setting 122, 124, 126: external circuit IOM1~IOMN: Control command IO[1…N]GPIO: IO mode setting value IO[1…N]MFP[1…K], IO[1…N]_Peri[1…K]: MFP setting value SET1~SETN: control signal 210, 310: attribute setting circuit 220, 320: combination circuit 321: decoding circuit 230, 322, 340: control circuit 231~23N: Register group 400: decoding circuit DU1~DUN: decoding unit 411, 412: multiplexer S511~S515: steps

第1圖為本發明之控制系統的示意圖。 第2圖為本發明之處理電路的一可能實施例。 第3圖為本發明之處理電路的另一示意圖。 第4圖為本發明之解碼電路的示意圖。 第5圖為本發明之控制方法的流程示意圖。 Fig. 1 is a schematic diagram of the control system of the present invention. Figure 2 shows a possible embodiment of the processing circuit of the present invention. Fig. 3 is another schematic diagram of the processing circuit of the present invention. Fig. 4 is a schematic diagram of the decoding circuit of the present invention. Fig. 5 is a schematic flow chart of the control method of the present invention.

200:處理電路 200: processing circuit

Peri1_SA~PeriM_SA、IOG1_SA~IOGX_SA、IO1_SA~ION_SA:存取屬性 Peri1_SA~PeriM_SA, IOG1_SA~IOGX_SA, IO1_SA~ION_SA: access attribute

S1~SM:週邊設定 S1~SM: Peripheral settings

IOG1~IOGX:輸入輸出設定 IOG1~IOGX: Input and output settings

IOM1~IOMN:控制命令 IOM1~IOMN: Control command

IO[1...N]GPIO:模式資訊 IO[1...N]GPIO: mode information

IO[1...N]MFP[1...K]:配對資訊 IO[1...N]MFP[1...K]: pairing information

210:屬性設定電路 210: attribute setting circuit

220:組合電路 220: combination circuit

230:控制電路 230: control circuit

231~23N:暫存器群組 231~23N: Register group

SET1~SETN:控制信號 SET1~SETN: control signal

IO1~ION:控制設定 IO1~ION: Control setting

Claims (10)

一種處理電路,耦接於一第一週邊電路、一第二週邊電路與一第一輸入輸出埠之間,並包括: 一屬性設定電路,根據一第一週邊設定,提供一第一存取屬性予該第一週邊電路,用以設定該第一週邊電路的安全層級,根據一第二週邊設定,提供一第二存取屬性予該第二週邊電路,用以設定該第二週邊電路的安全層級,並根據一第一輸入輸出設定,產生一第三存取屬性; 一第一控制電路,根據一控制設定,產生一第一控制命令,並根據一第一輸出決定該第一輸入輸出埠的安全層級;以及 一組合電路,解碼該第一控制命令,用以得知該第一輸入輸出埠的操作模式是否為一通用輸入輸出模式; 其中: 當該第一輸入輸出埠的操作模式為該通用輸入輸出模式時,該組合電路根據該第三存取屬性產生該第一輸出; 當該第一輸入輸出埠的操作模式並非該通用輸入輸出模式時,該組合電路根據該第一或第二存取屬性產生該第一輸出。 A processing circuit coupled between a first peripheral circuit, a second peripheral circuit and a first input/output port, and includes: An attribute setting circuit, according to a first peripheral setting, provides a first access attribute to the first peripheral circuit for setting the security level of the first peripheral circuit, and provides a second storage according to a second peripheral setting acquiring an attribute to the second peripheral circuit for setting the security level of the second peripheral circuit, and generating a third access attribute according to a first input and output setting; A first control circuit generates a first control command according to a control setting, and determines the security level of the first input and output port according to a first output; and A combined circuit, decoding the first control command, to know whether the operation mode of the first input-output port is a general-purpose input-output mode; in: When the operation mode of the first I/O port is the general-purpose I/O mode, the combination circuit generates the first output according to the third access attribute; When the operation mode of the first I/O port is not the general-purpose I/O mode, the combination circuit generates the first output according to the first or second access attribute. 如請求項1之處理電路,其中當該第一輸入輸出埠的操作模式為該通用輸入輸出模式時,該組合電路根據該第三存取屬性,設定一接腳的位準,該第一控制電路根據該接腳的位準;決定該第一輸入輸出埠的安全層級。The processing circuit of claim 1, wherein when the operation mode of the first I/O port is the general-purpose I/O mode, the combined circuit sets the level of a pin according to the third access attribute, and the first control The circuit determines the security level of the first input and output port according to the level of the pin. 如請求項1之處理電路,其中: 當該第一輸入輸出埠的操作模式並非該通用輸入輸出模式時,該組合電路解碼該第一控制命令,用以得知該第一輸入輸出埠係對應該第一週邊電路或是該第二週邊電路; 當該第一輸入輸出埠對應該第一週邊電路時,該組合電路將該第一存取屬性作為該第一輸出;以及 當該第一輸入輸出埠對應該第二週邊電路時,該組合電路將該第二存取屬性作為該第一輸出。 Such as the processing circuit of claim 1, wherein: When the operation mode of the first I/O port is not the general-purpose I/O mode, the combination circuit decodes the first control command to know whether the first I/O port corresponds to the first peripheral circuit or the second Peripheral circuits; When the first I/O port corresponds to the first peripheral circuit, the combining circuit takes the first access attribute as the first output; and When the first I/O port corresponds to the second peripheral circuit, the combining circuit takes the second access attribute as the first output. 如請求項3之處理電路,其中: 當該第一輸入輸出埠係對應該第一週邊電路時,該第一輸入輸出埠的安全層級相同於該第一週邊電路的安全層級; 當該第一輸入輸出埠係對應該第二週邊電路時,該第一輸入輸出埠的安全層級相同於該第二週邊電路的安全層級。 Such as the processing circuit of claim 3, wherein: When the first I/O port corresponds to the first peripheral circuit, the security level of the first I/O port is the same as the security level of the first peripheral circuit; When the first I/O port corresponds to the second peripheral circuit, the security level of the first I/O port is the same as that of the second peripheral circuit. 如請求項1之處理電路,其中該組合電路包括: 一第二控制電路,解碼該第一控制命令,用以產生一設定值;以及 一解碼電路,接收該設定值; 其中,該第二控制電路作為該第一週邊電路與該第一輸入輸出埠之間的橋樑,該第一控制電路作為該第一輸入輸出埠與一主動式裝置之間的橋樑。 The processing circuit according to claim 1, wherein the combined circuit includes: a second control circuit, decoding the first control command to generate a set value; and A decoding circuit, receiving the set value; Wherein, the second control circuit serves as a bridge between the first peripheral circuit and the first I/O port, and the first control circuit serves as a bridge between the first I/O port and an active device. 如請求項5之處理電路,其中該解碼電路解碼該第一控制命令,用以得知該第一輸入輸出埠的操作模式是否為該通用輸入輸出模式。The processing circuit according to claim 5, wherein the decoding circuit decodes the first control command to know whether the operation mode of the first I/O port is the general-purpose I/O mode. 一種控制系統,包括: 一第一週邊電路,接收一第一存取屬性; 一第二週邊電路,接收一第二存取屬性; 一第一輸入輸出埠;以及 一處理電路,用以決定該第一輸入輸出埠的安全層級; 其中: 當該處理電路根據一第一控制設定,設定該第一輸入輸出埠的操作模式為一通用輸入輸出模式時,該處理電路根據一第三存取屬性,決定該第一輸入輸出埠的安全層級; 當該處理電路根據該第一控制設定,設定該第一輸入輸出埠的操作模式不為該通用輸入輸出模式時,該處理電路根據該第一或第二存取屬性,決定該第一輸入輸出埠的安全層級。 A control system comprising: a first peripheral circuit, receiving a first access attribute; a second peripheral circuit, receiving a second access attribute; a first input and output port; and a processing circuit for determining the security level of the first input and output port; in: When the processing circuit sets the operation mode of the first I/O port to a general-purpose I/O mode according to a first control setting, the processing circuit determines the security level of the first I/O port according to a third access attribute ; When the processing circuit sets the operation mode of the first I/O port to be other than the general-purpose I/O mode according to the first control setting, the processing circuit determines the first I/O port according to the first or second access attribute The security level of the port. 如請求項7之控制系統,其中該處理電路包括: 一屬性設定電路,根據該第一週邊設定,提供該第一存取屬性予該第一週邊電路,用以設定該第一週邊電路的安全層級,根據該第二週邊設定,提供該第二存取屬性予該第二週邊電路;用以設定該第二週邊電路的安全層級,並根據該第一輸入輸出設定,產生該第三存取屬性; 一第一控制電路,根據該第一控制設定,產生一控制信號,用以設定該輸入輸出埠的操作模式;以及 一組合電路,解碼該控制命令,用以得知該輸入輸出埠的操作模式是否為該通用輸入輸出模式。 As the control system of claim 7, wherein the processing circuit includes: An attribute setting circuit, which provides the first access attribute to the first peripheral circuit according to the first peripheral setting to set the security level of the first peripheral circuit, and provides the second storage according to the second peripheral setting. Acquiring attributes to the second peripheral circuit; used to set the security level of the second peripheral circuit, and generate the third access attribute according to the first input and output setting; A first control circuit, according to the first control setting, generates a control signal for setting the operation mode of the input and output port; and A combination circuit decodes the control command to know whether the operation mode of the I/O port is the general-purpose I/O mode. 如請求項8之控制系統,其中該組合電路包括: 一第二控制電路,解碼該控制命令,用以得到一設定值,並根據該設定值,在該第一週邊電路與該第一輸入輸出埠之間建立一傳輸路徑,或是在該第二週邊電路與該第一輸入輸出埠之間建立該傳輸路徑。 As the control system of claim 8, wherein the combined circuit includes: A second control circuit decodes the control command to obtain a set value, and according to the set value, establishes a transmission path between the first peripheral circuit and the first input-output port, or establishes a transmission path between the first peripheral circuit and the first input-output port, or establishes a transmission path between the second The transmission path is established between the peripheral circuit and the first I/O port. 一種控制方法,用以控制一輸入輸出埠的安全層級,該控制方法包括: 根據一第一存取屬性,設定一第一週邊電路的安全層級; 根據一第二存取屬性,設定一第二週邊電路的安全層級; 根據一控制設定,決定該輸入輸出埠的操作模式; 當該輸入輸出埠的操作模式被設定為一通用輸入輸出模式時,根據一預設存取屬性,設定該輸入輸出埠的安全層級;以及 當該輸入輸出埠的操作模式未被設定成該通用輸入輸出模式時;根據該第一或第二存取屬性,設定該輸入輸出埠的安全層級。 A control method for controlling the security level of an input and output port, the control method comprising: setting a security level of a first peripheral circuit according to a first access attribute; setting a security level of a second peripheral circuit according to a second access attribute; Determine the operation mode of the input and output port according to a control setting; When the operation mode of the I/O port is set as a general-purpose I/O mode, setting the security level of the I/O port according to a default access attribute; and When the operation mode of the I/O port is not set as the general-purpose I/O mode; according to the first or second access attribute, the security level of the I/O port is set.
TW110149378A 2021-12-29 2021-12-29 Processing circuit, control system and control method TWI829060B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
TW110149378A TWI829060B (en) 2021-12-29 2021-12-29 Processing circuit, control system and control method
CN202211608149.9A CN116361868A (en) 2021-12-29 2022-12-14 Processing circuit, control system and control method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW110149378A TWI829060B (en) 2021-12-29 2021-12-29 Processing circuit, control system and control method

Publications (2)

Publication Number Publication Date
TW202326493A true TW202326493A (en) 2023-07-01
TWI829060B TWI829060B (en) 2024-01-11

Family

ID=86940467

Family Applications (1)

Application Number Title Priority Date Filing Date
TW110149378A TWI829060B (en) 2021-12-29 2021-12-29 Processing circuit, control system and control method

Country Status (2)

Country Link
CN (1) CN116361868A (en)
TW (1) TWI829060B (en)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103544922B (en) * 2012-07-09 2015-11-18 凌通科技股份有限公司 Liquid crystal display and keyboard scan compatible circuit and use its electronic product
TWM529205U (en) * 2016-06-16 2016-09-21 Asustek Comp Inc Mobile device expansion back cover
CN109684253A (en) * 2017-10-19 2019-04-26 佛山市顺德区顺达电脑厂有限公司 Data transmission control circuit

Also Published As

Publication number Publication date
TWI829060B (en) 2024-01-11
CN116361868A (en) 2023-06-30

Similar Documents

Publication Publication Date Title
JP6139727B2 (en) MBIST device for use with ECC protected memory
TWI567561B (en) Bus system
KR20030095828A (en) Interface device for a phripheral equipment and priority control method therefor
KR20130086887A (en) Memory buffer, devices having the same and data processing method thereof
US10090916B2 (en) Optical module availability detection method and apparatus
US10078568B1 (en) Debugging a computing device
TW201543214A (en) Semiconductor apparatus capable of preventing refresh error and memory system using the same
EP3489830A1 (en) Semiconductor device and semiconductor system equipped with the same
TW202326493A (en) Processing circuit, control system and control method
US10747288B2 (en) Encoded drive power enable for storage enclosures with storage drives
JP6070600B2 (en) Microcomputer
JP2004185619A (en) System and method for switching clock source
US7058842B2 (en) Microcontroller with multiple function blocks and clock signal control
US12072729B2 (en) Device and method for selecting clock frequency in master device of bus system
TWI818659B (en) Micro-controller, operating system and control method
US8635418B2 (en) Memory system and method for passing configuration commands
US8120418B2 (en) Large-scale integrated circuit
TW202024941A (en) System management bus device management system and method thereof
US10192634B2 (en) Wire order testing method and associated apparatus
JP2008256527A (en) Semiconductor integrated circuit
TW202227984A (en) Event trigger master, control chip and control method
KR100892734B1 (en) Input circuit of semiconductor memory apparatus and control method of the same
KR20140029819A (en) Semiconductor memory apparatus
JP2009032072A (en) Device for directional control of bidirectional bus
JPH0222755A (en) Address coincidence circuit