AXI总线加密模块的设计与验证
发布时间:2018-08-25 19:07
【摘要】:结合信息安全的需求以及SoC技术的发展,设计了一种基于AES加解密算法的AXI总线加密IP,达到从CPU到slave的整个数据通路的加解密目的,实现SoC内部的端到端加密.其中通过内置多个FIFO,分别在读写通道缓存CPU发出的AXI Burst传输,保证CPU发出的总线传输可以被顺序的加解密处理.在AES算法实现方面,完成了ECB,CTR两种便于并行处理的加密模式.在读写通道分别加入AES实现模块,保证加解密操作的并行处理.同时构建结构化的UVM验证平台,结合APB和AXI的VIP来实现对该IP的随机约束和覆盖率分析,最终通过Synopsys的VCS仿真工具完成功能验证.
[Abstract]:Combined with the requirement of information security and the development of SoC technology, a AXI bus encryption IP, based on AES encryption and decryption algorithm is designed to achieve the purpose of encrypting and decrypting the whole data path from CPU to slave, and to realize end-to-end encryption in SoC. The AXI Burst transmission sent by CPU is cached in the read and write channel by built-in FIFO, which ensures that the bus transmission emitted by CPU can be sequentially encrypted and decrypted. In the aspect of AES algorithm implementation, two encryption modes of ECB,CTR are completed which are convenient for parallel processing. AES modules are added to read and write channels to ensure parallel processing of encryption and decryption operations. At the same time, the structured UVM verification platform is constructed, and the random constraint and coverage analysis of the IP is realized by combining APB and AXI VIP. Finally, the function verification is completed by the VCS simulation tool of Synopsys.
【作者单位】: 杭州电子科技大学自动化学院;
【分类号】:TN918.4;TP336
,
本文编号:2203825
[Abstract]:Combined with the requirement of information security and the development of SoC technology, a AXI bus encryption IP, based on AES encryption and decryption algorithm is designed to achieve the purpose of encrypting and decrypting the whole data path from CPU to slave, and to realize end-to-end encryption in SoC. The AXI Burst transmission sent by CPU is cached in the read and write channel by built-in FIFO, which ensures that the bus transmission emitted by CPU can be sequentially encrypted and decrypted. In the aspect of AES algorithm implementation, two encryption modes of ECB,CTR are completed which are convenient for parallel processing. AES modules are added to read and write channels to ensure parallel processing of encryption and decryption operations. At the same time, the structured UVM verification platform is constructed, and the random constraint and coverage analysis of the IP is realized by combining APB and AXI VIP. Finally, the function verification is completed by the VCS simulation tool of Synopsys.
【作者单位】: 杭州电子科技大学自动化学院;
【分类号】:TN918.4;TP336
,
本文编号:2203825
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2203825.html
