Abstract: Introduced briefly the GAP technology the principle, proposed one kind realizes the plan based on scene programmable gate array (FPGA). Through the multianalysis SCSI agreement controller’s design and SDRAM the IP nucleus’s application, the SCSI agreement controller, the SDRAM controller and the core controller integration realizes in FPGA. After the test, this kind of plan has a higher reliability and the compatibility compared to the MCU SCSI agreement controller’s plan.
Key word: FPGA; SCSI agreement controller; GAP
1 introduction
Along with electronic commerce’s development, the network security is getting more and more important. The virus and the hacker attack create the loss is unable to estimate, the firewall, kills measures and so on poisonous the software is based on software’s protection, cannot prevent the outside completely reliably the attack, therefore urgent needs compared to the legacy product more reliable technology protective measure. The GAP technology is one kind based on hardware’s preservation technology.
2 system principle of work
The domestic and foreign fast development’s GAP technology take the physical isolation as a foundation, while guaranteed that secure, has solved between the network the exchange of information difficulty, thus broke through the application bottleneck which, because the security creates. The GAP technology is causes 2 or 2 above networks through the special hardware, in does not connect in the situation realizes the security data transmission and the resource sharing technology. It uses the unique hardware design, guaranteed that in the random time network the link level separation, blocks the TCP/IP agreement and other network protocol, can obviously enhance the internal user network the working strength, with the firewall, the invasion examination has the very big difference: The firewall, the IDS technology resists the hacker from frontage to invade, but the GAP product attacks technical the material base is the network medium realizes the isolation, causes the hacker technology not to have the opportunity. 2 networks (internal network and exterior network) physical separation, but logic is connected. GAP structure as shown in Figure 1.
The special-purpose isolation hardware constitutes a GAP system with the inside and outside net processing unit, isolates the hardware by the pure electric circuit constitution, isolates in the hardware to increase the temporarily stored area the design, has satisfied the data transmission timeliness and the transmission efficiency request. The author in the GAP principle’s foundation proposed that based on the FPGA special-purpose isolation hardware design’s new plan, and has conducted the deep research to the key technologies.
3 system project design
3.1 system structures
This system mainly by 1 ultra large-scale logical component, 2 68 needle P the electric cable SCSI connection and 2 SDRAM constitution, system overall hardware architecture as shown in Figure 2.
In this system, FPGA must integrate the core controller, the SCSI agreement controller, the SDRAM controller module, the core controller obtains two end processing unit from the SCSI agreement controller the order, carries out the corresponding movement, like tester, read-write data and so on, moreover isolates the SCSI agreement controller and the memory, at any time, 1 SCSI agreement controller can only with 1 memory constitution circuit. In system’s buffer by two piece of SDRAM constitutions, the core controller through transfers SDRAM controller IP to check it to carry on the synchronous operation, reads the data from one piece at the same time to write the data to another piece, may complete the read-write pingpong machine-made function, is helpful in the enhancement transmission speed. The special-purpose isolation hardware carries on between the inside and outside nets the mass data transmission, to guarantee that is high speed and be real-time, selects 68 needle’s P electric cable lines, supports 16 bit wide SCSI. In order to satisfy the function the need, FPGA selects ALTERA Corporation’s EPlK5OQC208-3, its logical gate and the pin fruitful in resources, the speed is bigger than 50 MHz. Its principal characteristic is as follows: 2.5 V core voltages, low power loss design; 208 pins, 171 available I/O mouths; In has the l 728 logical units and 6 embedded RAM block.
3.2 SCSI agreement controller’s design
Carries on any processing on the SCSI main line to need 8 main line stages: Idle stage, arbitration stage, choice stage, gravity separation stage, news input/output phase, data feeds/output phase, order stage, condition stage. At any time, the SCSI main line can only be at a definite main line stage. The stage heard around is connected receives the strict limit, i.e. is not behind each stage may with any stage. Figure 3 showed the SCSI main line stage condition transformation, if the order and the data stage only could after the news stage appeared, similarly, news stage’s behind must follow close on these two stages, but was not other stages.
This agreement controller’s design according to the SCSI main line stage conversion process, analyzes strictly by the above proposed that SCSI agreement controller’s FP-GA realizes the plan: Because idle, arbitrates these two main line stage the mechanism to be simple, therefore places it in the SCSI module to realize directly, other each stage has the module which corresponds, the overall system software constitutes by 1 top layer module and 7 parallel first floor modules. Module level as shown in Figure 4.
The SCSI module has 1 limited state machine, each condition corresponds the first floor 1 module, and takes differently with register S_MODE refers to expresses the different module, realizes the stage through this state machine to transform, functions and so on message handling, order explanation, data processing and status handling.
Sel module processing choice stage succession. The starter signal BSY, SEL, ATN and starter’s ID number as well as the goal ID number set at to effectively, the starter releases the BSY signal afterward, after passing through 200ms, the goal set at to effectively the BSY signal, crosses 2 to extend again
After late cycle, the starter releases the SEL signal and enters the news stage.
Resel module processing chooses the stage the succession. The starter signal BSY, SEI I/O and starter’s ID number as well as the goal ID number set at to effectively, the starter releases the BSY signal afterward. After most 200ms, the goal must set the BSY signal for the effective achievement response.
The Msg_out module processing news leaves the stage the succession. The starter set at to effectively ATN, the goal set at to effectively signal MSG and the C/D signal, I/O signal for invalid. This means what then must enter will be the news showing off foreword, the starter will send out 16 bit wide transmission news. After transmitting the information byte, the starter will release the ATN signal, according to the information which sends out determines the next stage.
Cmd module processing order stage order receive succession. The goal after receiving starter 80H the news enters the order stage. The goal must set to invalid MSG and I/O, set at to effectively C/D, after receiving the order, what will then probably enter according to the order judgment is the data feeds stage or the data output stage.
Dat module processing data stage data receive and transmission succession. When data receive, after ordering READ, TESI UNIT READY, INQUIRY, REQUEST, SENSE, READ CAPACITY the data input will enter the foreword. This time the goal set at to invalid MSG and the C/D signal, set at effectively to the I/O signal. The goal will transmit the corresponding data. After the order is WRITE the data input will leave the stage, this time the goal MSG, C/D and I/O sets at is O, the starter to the goal transmission data, afterward enters the news stage.
Status module processing condition stage succession. After the order completes will enter the condition stage, the goal set to invalid the MSG signal, set at to effectively C/D and the I/O signal, and the routing directive execution’s situation is GOOD or CHECK CONDITON. After the condition stage had ended, will enter the news to enter the stage, explains COM-MAND COMPLETED to the starter. Hence a SCSI visit ended. The goal will enter the idle stage, the starter might trigger other visit through 1 80 H news.
The Msg_in module processing news enters the stage the news transmission succession. Goal receive after 16 bit wide transmission news will enter the news to enter the succession. The goal MSG, C/D as well as I/O set at to effectively, and transmits the redundant information. After transmitting, the goal will release the MSG signal, and determines the next stage according to the news.
3.3 SDRAM IP nucleus application
SDRAM is one kind of high speed synchronized dynamic random-access memory, in the embedded system, SDRAM is low because of its price, the volume is small, the speed is quick, the capacity big and so on merits become one kind of mainstream component gradually, but the SDRAM control logic is complex, the succession is strict, the use is inconvenient, needs the controller to provide the correct order to complete its work and so on initialization, read-write and refurbishing. The SDRAM controller carries on the design according to the SDRAM internal behavior transformation chart, moreover the big company provides standard SDRAM controller’s IP nucleus reference design. The author has selected WINBOND Corporation’s W986432DH SDRAM, it uses 512 Kx4×32 position construction, by 4 BANK constitutions, each BANK corresponds 4 M bytes, according to line and a row addressing, the W986432DH pin divides into the control, the address and the data signal three kinds. Its controller selects Lattice Corporation’s standard SDR SDRAM the IP nucleus, by 4 first floor module sdr_ctrl, sdr_sig, sdr_data, sdr_par and top layer module sdr_top is composed, as shown in Figure 5.
the 8dr_ctrl module establishes 2 limited state machines and 1 counter according to the SDRAM internal behavior transformation relations, can have the correct compound state to take the sdr_sig module input. the sdr_sig module produces face the SDRAM control, the address signal. the sdr_data module realizes between FPGA and the SDRAM data transmission. the sdr_par module completes the burst length, parameter establishments and so on time delay metre, through establishes the different parameter in this module to satisfy the different application system.
sdr__top becomes the first floor 4 module conformity the system which 1 may transfer. The entire IP nucleus is similar to the flight recorder, does not need to understand in detail its interior realizes the detail, left side only need understand the control signal meaning, to the SDRAM different operation through change left side control signal condition then.
4 concluding remark
This article proposed designs the new plan based on the GAP technology’s network protection device, elaborated the main module realizes the method, as space is limited cannot give the nuts and bolts and the source code. Uses 1 FPGA substitution monolithic integrated circuit and the SCSI agreement controller, may reduce the electric circuit quantity, reduces the cost, is advantageous for the promotion.
