Multiple discrete functions are commonly integrated into an SOC design. Ensuring access to external devices for the various components on the microchip is a consistent design challenge. For example, a relatively large number of SOC processes may require concurrent access to external memory, e.g., dynamic random access memory (DRAM). Designers must consequently employ different routing practices and configurations to ensure effective access to resources.
One conventional approach to enabling resource access consists of dedicating a bus to each on-chip functional component. While effective in ensuring communication channels, this setup does not allow for efficient sharing of data and requires costly data transfers. A more common approach employs a common bus that allows one or more components of the SOC to communicate with external devices through a single port.
While the sharing of resources enabled by the common bus is valued, the practice introduces security concerns regarding controlling access to content or other sensitive data in the SOC. For example, it can be difficult to prevent unauthorized access to protected memory spaces when using a large common memory pool in an SOC. Examples of such memory may include compressed data supplied by a transport demultiplexer to a decoder of a set-top box. For this reason, secure bridges are often incorporated into SOC designs. Additionally, bridges typically provide enhanced system capability by providing a connection between different bus architectures and extending the number of supported bus-attached IP cores. Bridges may also reduce the amount of contention traffic by segmenting data buses.
Bridges may also provide an additional function of performing address relocation or remapping as operations flow through the bridge, as well as checking functions that permit or deny operation completion. An example of such a bridge is one that provides a set of security functions that restrict access to regions in memory based on rights granted by secure boot code.
In a common bus architecture that uses a bridge, a bus master originates requests on a system bus. An arbiter within a bus controller function selects requests that are placed on the bus by masters and routes them to all of the slaves. A slave acknowledges a request if the address supplied with the request falls within the memory region in which the slave resides.
Bus architectures following this protocol may allow for cross-bar implementations where more than one slave segment exists on the bus. A crossbar, also known as a cross-point or matrix switch, may comprise a switch connecting multiple inputs to multiple outputs in a matrix manner. In such a system, master requests are often routed to slave segments based on a subset of address bits that are decoded by the cross-bar. Each segment has its own arbiter and bus controller function that handles requests routed to the segment.
A bridge may be inserted on such a bus between a cross-bar bus controller and the slaves, appearing as a slave to the cross-bar, and as a bus controller to the slaves. The bridge may contain an access table that each request address is checked against. A request coming into the bridge is checked against all of the entries of the access table. Each entry of the access table has an address that is used for matching against incoming request addresses, along with permissions, a remap address and a pointer to other parameters. If an address match is found and access rights are granted, the request continues to pass through the bridge with a new remap address from the matching access table entry.
Despite the advantages of such bridge implementations, inclusion of the bridge can be associated with a performance penalty, e.g., delays. Such implementations may also require additional cross-bar and arbitration capabilities that translate into increased complexity and cost to the bridge design. Bridges can additionally require numerous ports to accommodate slave segments associated with the access table, further increasing costs.
Therefore, what is needed is a way to improve system performance by streamlining routing and minimizing hardware requirements.