Access enablement security circuit

What is claimed is: 1. A system-on-chip, comprising: a plurality of hardware modules implemented on a silicon substrate, the plurality of hardware modules configured for communication over one or more buses; a plurality of security features provided by the plurality of hardware modules; a one-time programmable memory storing information to indicate a progression of a plurality of security states for the system-on-chip; a first memory including a default access control setting for each security feature in each security state; a set of registers configured to store register data corresponding to the plurality of security features; a second memory configured to provide an override signal indicating whether the register data is to override the default access control setting for each security feature; and a centralized access enablement (AEB) circuit configured to control access to the plurality of security features, the centralized AEB circuit including a plurality of outputs, each output corresponding to a security feature of the hardware modules and configured to control access to the security feature, the centralized AEB circuit is configured to provide the output corresponding to a security feature based on an output of the set of registers for an active security state in response to the override signal being asserted. 2. A system-on-chip according to claim 1 , wherein: the first memory includes a first read only memory (ROM) including the default access control setting for each security feature in each security state; and the second memory includes a second read only memory (ROM) configured to provide the override signal indicating whether the register data is to override the default access control setting for each security feature. 3. A system-on-chip according to claim 2 , wherein: the set of registers include for each output a disable register, an enable register, and a write lock enable register. 4. A system-on-chip according to claim 3 , wherein: the AEB circuit configured to access the set of data registers for the corresponding output to determine an access control setting for the security feature based at least in part on the second ROM indicating that access to a security feature may be modified by register data; and the AEB circuit configured to determine the default access control setting for the security feature from the first ROM and generate an output signal based on the default access control setting based at least in part on the second ROM indicating that access to a security feature may be modified by register data. 5. A system-on-chip according to claim 4 , wherein: the first ROM includes a disabled default access control setting for a first security feature in a first security state; the second ROM configured to indicate whether the output corresponding to the first security feature may be modified by the register data; the AEB circuit configured to enable the first security feature in response to a predetermined value from the enable register for the first security feature; and the AEB circuit configured to disable the first security feature based at least in part on a predetermined value from the write lock enable register. 6. A system-on-chip according to claim 5 , wherein: the write lock enable register is lockable to the predetermined value for a current boot cycle after being written to the predetermined value. 7. A system-on-chip according to claim 4 , wherein: the first ROM includes a disabled default access control setting for a first security feature in a first security state; the second ROM configured to indicate whether the output corresponding to the first security feature may be modified by the register data; the AEB circuit configured to enable the first security feature based at least in part on a predetermined value from the enable register for the first security feature; and the AEB circuit configured to lock the first security feature as enabled based at least in part on a predetermined value from the write lock enable register. 8. A system-on-chip according to claim 1 , wherein the one-time programmable memory is a first one-time programmable memory, the system-on-chip further comprising: a second one-time programmable memory; wherein the second memory includes a read only memory (ROM) configured to define an ability of the second one-time programmable memory to affect access to each security feature. 9. A system-on-chip according to claim 1 , wherein: the plurality of security features include one or more of debug logic, clock controls and test buses. 10. A system-on-chip, comprising: a plurality of hardware modules implemented on a silicon substrate, the plurality of hardware modules configured for communication over one or more buses; a plurality of security features provided by the plurality of hardware modules; a one-time programmable memory configured to define a progression of a plurality of security states for the system-on-chip; a first memory configured to define a default access control setting for each security feature in each security state; and a second memory configured to define an ability of register data to affect access to each security feature; a centralized access enablement (AEB) circuit configured to control access to the plurality of security features, the centralized AEB circuit including a plurality of outputs, each output corresponding to a security feature of the hardware modules and configured to control access to the security feature, the AEB circuit configured to provide each output based on an output of the first memory for an active security state; and a set of registers configured to store the register data, the set of registers including for each output a disable register, an enable register, and a write lock enable register; the AEB circuit configured to access the set of data registers for a corresponding output to determine an access control setting for a security feature based at least in part on the second memory indicating that access to the security feature may be modified by register data; the AEB circuit configured to determine the default access control setting for a security feature from the first memory and generate an output signal using the default access control setting based at least in part on the second memory indicating that access to the security feature may not be modified by register data. 11. The system-on-chip of claim 10 , wherein: the first memory includes a first read only memory (ROM) configured to define the default access control setting for each security feature in each security state; and the second memory includes a second read only memory (ROM) configured to define the ability of register data to affect access to each security feature. 12. The system-on-chip of claim 11 , wherein: the first ROM configured to define a disabled default access control setting for a first security feature in a first security state; the second ROM configured to indicate whether the output corresponding to the first security feature may be modified by the register data; the AEB circuit configured to enable the first security feature based at least in part on a predetermined value from the enable register for the first security feature; and the AEB circuit configured to disable the first security feature based at least in part on a predetermined value from the write lock enable register. 13. The system-on-chip of claim 12 , wherein: the write lock enable register is lockable to the predetermined value for a current boot cycle based at least in part on being written to the predetermined value. 1