Advanced system-on-chips (SOCs) and processors can incorporate multiple subsystems on a single die. The control of these subsystems is typically divided into discrete areas. The subsystems may access shared resources, such as a flash memory controller, power management controller, etc. on the SOC/processor. Some software that executes on the SOC/processor may have stringent requirements. For example, a conditional access (CA)/Pay Television (Pay TV) provider may place requirements and/or a certification process on the software, which executes on the SOC/processor, for accessing premium digital content and/or television content. In particular, conditional access providers may be concerned that a non-certified subsystem may access a portion of the certified subsystems' flash memory area when performing read/write access to the flash memory and either launch a Denial of Service attack (DOS) or read confidential portions of the flash memory.
Traditional solutions may isolate shared resources (e.g., flash memory) by simply placing another controller for the shared resource and/or another device in the system, such that each subsystem may have access to its own resource. Such conventional solutions typically greatly increase the cost of the platform, which may make the platform unmarketable. Some other conventional solutions may include an interface for a shared resource that places all of the necessary commands for an access operation into a single command. Such solutions generally do not allow interpretation or modification of the command. Some other conventional solutions may include a dual head controller, which allows each head to independently support devices. Each head controller can issue transactions atomically, which does not allow for interference or customization of the transaction.