The Silvaco Secure AHB Performance Subsystem is a high-performance AHB subsystem that allows for a high level of hardware and software security. It integrates a security conscious processor, the ARM Cortex-M3, with a security conscious low power high-performance subsystem. Everything is pre-integrated with the necessary AHB and APB IP cores needed to run a small software kernel or a Real Time Operating System (RTOS). This subsystem is ideal for any deeply embedded system that requires enhanced security and protection from cyber-attacks and intrusions, such as IoT, smart sensors, smart controllers, and mixed signal devices.
Security in the Cortex-M3 is based on the MPU, Handler Mode, and privilege level. There are 8 memory ranges supported by the MPU and, it only regulates one master - the processor - in a multimaster system. To prevent additional masters from violating system integrity, the Secure AHB Subsystem adds the following IP:
• Secure AHB Fabric
• SRAM Programmable Memory MPU
• ROM Parameterized Memory MPU
The Secure AHB Fabric connects several AHB Masters (secure or non-secure) to several AHB Slaves (secure or non-secure) in a crossbar switch arrangement. In this system, only the processor can produce secure AHB transactions, and all other AHB Masters are always designated as non-secure . AHB Slaves are categorized by the Fabric as either secure or nonsecure, depending on the level of protection that is desired. A special case exists for memories, which are designated as nonsecure slaves by the Fabric. Security enforcement for memories is performed instead by the SRAM Programmable Memory MPU and/or the ROM Parameterized Memory MPU. This arrangement provides for greater flexibility for each physical memory - each memory may be divided into secure and nonsecure regions - and potentially reduces the number of memory instantiations in the system. The Secure AHB Fabric& Memory MPUs can be used stand-alone, or in conjunction with the ARM Cortex-M3’s Memory Protection Unit (MPU). The Secure Fabric can take care of all coarse memory security partitioning leaving more room in the MPUs for finer tuning.