WO2018040678A1 - Memory data protection method, integrated circuit chip, and storage medium - Google Patents

Memory data protection method, integrated circuit chip, and storage medium Download PDF

Info

Publication number
WO2018040678A1
WO2018040678A1 PCT/CN2017/089040 CN2017089040W WO2018040678A1 WO 2018040678 A1 WO2018040678 A1 WO 2018040678A1 CN 2017089040 W CN2017089040 W CN 2017089040W WO 2018040678 A1 WO2018040678 A1 WO 2018040678A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
authentication information
access authentication
memory
chip
Prior art date
Application number
PCT/CN2017/089040
Other languages
French (fr)
Chinese (zh)
Inventor
刘振军
Original Assignee
深圳市中兴微电子技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市中兴微电子技术有限公司 filed Critical 深圳市中兴微电子技术有限公司
Publication of WO2018040678A1 publication Critical patent/WO2018040678A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • the present application relates to the field of integrated circuit data security, and in particular, to a memory data protection method, an integrated circuit chip, and a storage medium.
  • a chip such as a system on chip (SoC) has a memory embedded therein, such as a nonvolatile memory (Flash), a read only memory (ROM), and a random access memory (Ram, Random Access Memory).
  • the memory is used to store applications and user data, etc.
  • the stored application and user data include algorithm software, fingerprint information, and password information, and the information is extremely confidential, and is an object that the chip needs to be protected. . Therefore, the protection of in-chip memory data becomes more and more important.
  • Another encryption method is based on a set of security collaboration specifications that require software and hardware to work together; for example, software needs to be configured in a secure mode to enable software in non-secure mode to access memory in secure mode. So, the system in which the chip is located becomes more complicated, and it needs to match the processor core with this function, for some old versions. The core is not available; and when it is operated by the Joint Test Action Group (JTAG), there is no security effect due to the lack of software.
  • JTAG Joint Test Action Group
  • Another method is to directly burn the pins (PIN) of the debugging port when the chip is mass-produced.
  • PIN pins
  • the present application is expected to provide a memory data protection method, an integrated circuit chip, and a storage medium, which can implement memory data protection and reduce system design complexity and cost.
  • the present application provides a memory data protection method, the method comprising: setting a first access authentication information for a specified data storage area of a memory; the method further comprising:
  • the method further includes: when the preset condition is met, clearing the content of the specified data storage area.
  • the content of the specified data storage area is cleared, including:
  • the method further includes: storing the first access authentication information in the designated data storage area.
  • the application also provides an integrated circuit chip, the integrated circuit chip comprising: a setting module and a control module; wherein
  • the setting module is configured to set first access authentication information for a designated data storage area of the memory
  • the control module is configured to acquire access target information of the designated port; when the access target is the specified data save area, restrict access to the specified data save area; the input second access authentication information and the first access When the authentication information matches, the specified data storage area is allowed to be accessed.
  • control module is configured to clear the content of the specified data storage area when the preset condition is met.
  • control module is configured to clear the content of the specified data storage area when the number of times that the second access authentication information and the first access authentication information fail to match exceed the preset matching failure number threshold; and or,
  • the setting module is configured to store the first access authentication information in the designated data storage area.
  • the application also provides a storage medium comprising a set of computer executable instructions configured as steps of the aforementioned method.
  • the application also provides an integrated circuit chip comprising: a processor and a memory for storing a computer program capable of running on the processor,
  • processor is configured to perform the steps of the foregoing method when the computer program is run.
  • a memory data protection method, an integrated circuit chip and a storage medium provided by the present application Setting a first access authentication information for a specified data storage area of the memory by using software or hardware logic inside the chip; acquiring access target information of the designated port; and restricting access when the access target is the specified data storage area Specifying a data save area; accessing the specified data save area when the input second access authentication information matches the first access authentication information.
  • the input access authentication information is consistent with the access authentication information preset in the specified data storage area, access to the specified data storage area is allowed, memory data protection can be realized, and the system design complexity and cost of the chip are reduced.
  • FIG. 1 is a schematic flow chart of a method for protecting a memory data of the present application
  • FIG. 2 is a schematic diagram of state transition of a chip of the present application.
  • FIG. 3 is a schematic diagram of hardware logic for reading a chip password according to the present application.
  • FIG. 5 is a schematic diagram of hardware logic for unlocking a chip of the present application.
  • FIG. 6 is a schematic diagram of hardware logic of restoring factory settings of the present application.
  • FIG. 7 is a schematic structural diagram of an integrated circuit chip of the present application.
  • the first access authentication information is set for the designated data storage area of the memory; the access target information of the designated port is acquired; and when the access target is the designated data storage area, the access to the designated data storage area is restricted; When the second access authentication information matches the first access authentication information, access to the designated data storage area is permitted.
  • the memory data protection method provided by the present application is as shown in FIG. 1 , and the method includes:
  • Step 101 Set first access authentication information for a specified data storage area of the memory
  • the memory data protection method provided by the present application can be implemented by using software inside the chip, such as The memory data protection by the startup program may also be implemented by the hardware logic of the chip; here, the memory data protection method is explained by taking the hardware logic implementation as an example;
  • the chip contains ROM, RAM, Flash, and other programmable memories.
  • the ROM is used to store the startup program, and cannot be rewritten after being solidified.
  • the RAM is used to store the intermediate variables of the central processing unit (CPU, Central Processing Unit), and the Flash is used to store the user program and some user information, and the user can rewrite; It usually contains a data area and a non-Volatile Random Access Memory (NVR) area.
  • NVR non-Volatile Random Access Memory
  • the two areas are independent of each other and cannot be accessed at the same time. It is necessary to select which area to access through the configuration register.
  • the data area is used to store user programs and data, and the NVR area is used to store passwords, bad block information, and important information of other users.
  • the specified data storage area may include a data area and an NVR area of the flash, etc.; first, the first access authentication information may be set for the specified data storage area, where the first access authentication information may include an access password, etc.; further, Set a multi-layer password to improve security; you can save the password in the NVR area to improve password security.
  • Step 102 Obtain access target information of the designated port.
  • the access target is the designated data save area, restrict access to the designated data save area.
  • the designated port includes one or more ports specified in each input/output (I/O, Input/Output) port of the chip, such as a COM port and a JTAG port; and the access target information includes: an access address, and the like;
  • the access authority of the designated port may be preset, and the identity authentication is required when the designated port accesses the specified data storage area; when the chip is started, the chip may read the first access authentication information of the NVR area into the register, and detect When the access address to the designated port is the designated data storage area, the specified data storage area may be locked, and access to the designated data storage area is not allowed; thus, non-secure access may be restricted.
  • Step 103 Acquire second access authentication information, and when the second access authentication information matches the first access authentication information, allow access to the designated data storage area;
  • the second access authentication information may pass through a designated port that is being accessed or The input of the I/O port is performed, and the second access authentication information includes an access password and the like;
  • the specified data storage area in the chip may be set to an unlock state, and when not in the unlock state, the designated data storage area may be accessed without restriction.
  • the setting of the unlocked state may include: when the first access authentication information is preset default information, and/or when the designated port has no access activity; when the first access authentication information is a preset In the default information, it can be considered that the data that the chip has just initialized and does not need to be protected is in the specified data storage area, and therefore, the specified data storage area may not be protected by access; when the designated port has no access activity, it is considered to be absent. An external security risk event occurs. Therefore, the specified data storage area may not be protected from access, and the specified data storage area may be freely accessed by the chip itself.
  • the chip is further provided with one or more methods for performing a factory reset on the specified data storage area, including: when the second authentication information matches the first authentication information, the number of failed failures is greater than a preset matching failure. When the threshold is reached, and/or, when the chip receives the preset reset command, the designated data save area is factory reset.
  • the intentional attack behavior may be considered as the maximum security risk, and the specified data storage area is protected.
  • the data is not illegally obtained, and can be resetted by the factory.
  • the chip can be reset by the preset instruction. In case the user forgets the first authentication information, in order to avoid wasting the chip, the preset reset command can be used.
  • a set of preset reset commands causes the chip to forcibly clear the preset password.
  • all data areas must be erased before erasing the NVR area. Domain, this prevents the user program and data from being leaked after the password in the NVR area is erased for some reason.
  • the chip can work in different states. As shown in FIG. 2, the state of the chip can include:
  • Unlocked state The password is the default value after the memory is erased, that is, the password is invalid. At this time, even if it is detected that the specified port has an action, the chip does not enter the locked state;
  • Pre-locked state The password is valid, but the detection logic does not detect the state that the debug port is in any action. In this state, the program can run normally;
  • Lock status The password is valid, the detection logic detects the action of the specified port, locks the chip, that is, restricts access to the specified data storage area, and the program running in the Flash is suspended, and the protected memory cannot be accessed;
  • Unlocked state After the chip is locked, the state after successful unlocking is performed, the program resumes operation, and the protected memory space is unprotected;
  • Factory state In any of the above states, the factory reset operation can be performed. After the operation is completed, it is the factory state. In this state, the user program, data and password information are erased, and the memory can be accessed by the host.
  • the process of reading the chip password is as shown in FIG. 3, and the hardware logic can be used to read the chip password; after the chip is powered on, the controller automatically reads the password in the NVR area of the memory, that is, reads the first access. Authentication information and the password is stored in the register. At this time, if the password is a valid password, it enters the pre-lock state; if it is an invalid password, it enters the unlock state.
  • DATA password data
  • PASSWORD password
  • FLAG flag
  • Figure 4 is a hardware schematic diagram of the chip lock; when the new password is programmed to the specified location, the new password can take effect after the next reset; after the power-on reset, the password is read, and if it is a valid password, it enters the pre-lock state; If the detection logic detects that the specified port has access to the chip, the chip enters a locked state, and the host cannot access the memory, thereby preventing code and user information from being leaked, and preventing the code and user data from being maliciously rewritten.
  • the method for determining whether the password is valid includes determining whether the new password is the initial password, and if it is the initial password, the password is considered to be in an invalid state; wherein the designated port, such as JTAG, also called the debug port, generally needs to provide an external one.
  • JTAG also called the debug port
  • the chip 5 is a hardware logic for unlocking a chip. After the chip is locked, the chip can be unlocked by writing a password to a corresponding register of the chip, that is, inputting the second access authentication information to unlock the chip; when the memory is locked Although the debug port does not have access to the memory, it can access the internal unlock register, and the password can be written to the unlock register through the configuration bus to unlock. In order to increase the difficulty of unlocking, multiple password registers can be set to increase the bit width of the password.
  • the specific steps of unlocking the chip include: a: The entered password is written to the unlock register; b: the password is correct, UNLOCK_EN is pulled high for one clock cycle; b: the LOCK signal is pulled low; c: the memory is unlocked; if the unlocked number reaches the predetermined value, the recovery is started.
  • the setting steps include: the number of unlock failures reaches the specified number of times; CLEAR_EN is pulled high, indicating that the notification factory reset logic starts to restore the factory setting; RECOVER_EN is pulled high, indicating that the factory reset is started.
  • Figure 6 shows the hardware logic implementation of the factory reset; any state of the unlocked state, the pre-locked state, the locked state, and the unlocked state can be restored to the factory state by the factory reset operation, that is, the memory is completely wiped.
  • the status of the division After performing the factory reset, the user password and data are erased.
  • RECOVER_EN is pulled high, indicating that the factory reset operation is in progress.
  • RECOVER_EN is pulled low, indicating that the operation is completed.
  • the falling edge of RECOVER_EN is used to generate the RECOVER_EN_N signal, and the RECOVER_EN_N signal is used as the Select end of the MUX. Pull LOCK low, indicating that the user memory is not locked, the user can access the memory through the debug port;
  • the operation of restoring the factory settings includes: RECOVER_EN is pulled high, indicating that the factory reset operation starts; erasing the Flash data area, erasing the Flash NVR area; RECOVER_EN is low, indicating that the factory reset operation ends; sampling the falling edge of RECOVER_EN RECOVER_EN_N, And use RECOVER_EN_N to pull LOCK low, indicating that the memory is not locked; the memory can be accessed;
  • the factory setting start command can follow certain rules, and the user finally determines the actual receipt to restore the factory settings.
  • the integrated circuit chip includes: a setting module 71 and a control module 72;
  • the setting module 71 is configured to set first access authentication information for a designated data storage area of the memory
  • the memory data protection method provided by the present application can use software inside the integrated circuit chip
  • the implementation, such as the memory data protection by the startup program, can also be implemented by the hardware logic of the chip; here, the memory data protection method is explained by taking the hardware logic implementation as an example;
  • the chip contains ROM, RAM, Flash, and other programmable memories.
  • the ROM is used to store the startup program, and can not be rewritten after curing.
  • the RAM is used to store the intermediate variables of the CPU runtime
  • the Flash is used to store the user program and some user information, and the user can rewrite;
  • the Flash usually includes the data area and the NVR area, The areas are independent of each other and cannot be accessed at the same time. It is necessary to select which area to access through the configuration register.
  • the data area is used to store user programs and data
  • the NVR area is used to store passwords, bad block information, and important information of other users.
  • the specified data storage area may include a data area and an NVR area of the flash, etc.; first, the first access authentication information may be set for the specified data storage area, where the first access authentication information may include an access password, etc.; further, Set a multi-layer password to improve security; you can save the password in the NVR area to improve password security.
  • the control module 72 is configured to acquire access target information of the designated port; when the access target is the designated data save area, restrict access to the specified data save area; when the input second access authentication information is When the first access authentication information matches, the access to the specified data storage area is allowed;
  • the designated port includes one or more ports specified in each I/O port of the chip, such as a COM port and a JTAG port;
  • the access target information includes: an access address, etc.; access of the designated port may be preset Privilege, when the designated port accesses the specified data storage area, identity authentication is required; when the chip is started, the chip can read the first access authentication information of the NVR area into the register, and detect the access address of the specified port.
  • the designated data storage area is reserved, the specified data storage area may be locked, and access to the specified data storage area is not allowed; thus, non-secure access may be restricted.
  • the second access authentication information may be input through a designated port or other I/O port that is being accessed, the second access authentication information includes an access password, etc.; when the second access authentication When the certificate information matches the first access authentication information, access to the specified data storage area is permitted.
  • the specified data storage area in the chip may be set to an unlocked state, and when in the unlocked state, the specified data storage area may be accessed without restriction; wherein the condition of setting the unlocked state may include: When the first access authentication information is preset default information, and/or when the designated port has no access activity; when the first access authentication information is preset default information, it may be considered that the chip has just been initialized and does not need to be The protected data is in the designated data storage area, and therefore, the specified data storage area may not be protected by access; when the designated port has no access activity, no external security risk event is considered to occur, and therefore, the The data save area is designated for access protection, and the specified data save area can be freely accessed by the chip itself.
  • the chip is further provided with one or more methods for performing a factory reset on the specified data storage area, including: when the second authentication information matches the first authentication information, the number of failed failures is greater than a preset matching failure.
  • the threshold is received, and/or when the chip receives the preset reset command, the designated data save area is factory reset; when the second authentication information matches the first authentication information, the number of failures is greater than the preset.
  • the matching failure threshold it can be considered that there is intentional attack behavior, and the security risk is the greatest.
  • the factory reset can be performed; at the same time, the chip can be reset by default.
  • the preset data storage area may be reset by using a preset reset instruction, thereby playing the role of reusing the chip;
  • the user forgets the password of the chip preset and cannot use the chip.
  • the chip Based on the basis of protecting the memory data. Basically, by inputting a set of preset reset commands to the chip, the chip forcibly clears the preset password.
  • all data areas must be erased first, and then the NVR area is erased. This prevents After some reason causes the password in the NVR area to be erased, the user program and data are leaked.
  • the chip can work in different states.
  • the state of the chip can include:
  • Unlocked state The password is the default value after the memory is erased, that is, the password is invalid. At this time, even if it is detected that the specified port has an action, the chip does not enter the locked state;
  • Pre-locked state The password is valid, but the detection logic does not detect the state that the debug port is in any action. In this state, the program can run normally;
  • Lock status The password is valid, the detection logic detects the action of the specified port, locks the chip, that is, restricts access to the specified data storage area, and the program running in the Flash is suspended, and the protected memory cannot be accessed;
  • Unlocked state After the chip is locked, the state after successful unlocking is performed, the program resumes operation, and the protected memory space is unprotected;
  • Factory state In any of the above states, the factory reset operation can be performed. After the operation is completed, it is the factory state. In this state, the user program, data and password information are erased, and the memory can be accessed by the host.
  • the process of reading the chip password is as shown in FIG. 3, and the hardware logic can be used to read the chip password; after the chip is powered on, the controller automatically reads the password in the NVR area of the memory, that is, reads the first access. Authentication information and the password is stored in the register. At this time, if the password is a valid password, it enters the pre-lock state; if it is an invalid password, it enters the unlock state.
  • Figure 4 is a schematic diagram of the hardware of the chip lock; when the new password is programmed to the specified location, the new secret
  • the code can take effect after the next reset; after the power-on reset, the password is read, and if it is a valid password, it enters the pre-lock state; at this time, if the detection logic detects that the specified port has access to the chip, the chip enters the locked state.
  • the host can't access the memory, which prevents code and user information from leaking out, and prevents code and user data from being maliciously overwritten.
  • the method for determining whether the password is valid includes determining whether the new password is the initial password, and if it is the initial password, the password is considered to be in an invalid state; wherein the designated port, such as JTAG, also called the debug port, generally needs to provide an external one.
  • Clock signal TCK when there is no action, the clock is at a low level, when there is an action, there is a switch between high and low level; therefore, the rising edge can be used to count, after counting a certain value, it can be judged that the JTAG action is valid, and LOCK is The signal is pulled high; after the LOCK signal is high, the memory is locked; CLOCK is the working clock, which is counted by the rising edge signal TCK_P of TCK.
  • the LOCK After counting to N, the LOCK is pulled high, indicating that the memory is locked; the MUX in the figure is only a schematic diagram, and Not a real logic circuit.
  • LOCK 1
  • "invalid access” passes through the MUX, indicating that the memory cannot be accessed;
  • LOCK 0, the "host access request” passes through the MUX, indicating that the memory can be accessed.
  • the chip 5 is a hardware logic for unlocking a chip. After the chip is locked, the chip can be unlocked by writing a password to a corresponding register of the chip, that is, inputting the second access authentication information to unlock the chip; when the memory is locked Although the debug port does not have access to the memory, it can access the internal unlock register, and the password can be written to the unlock register through the configuration bus to unlock. In order to increase the difficulty of unlocking, multiple password registers can be set to increase the bit width of the password. Further, in order to prevent brute force decryption, a limit on the number of unlocking times is also added, and if the unlocking is unsuccessful for more than a certain number of times, the factory reset operation is performed.
  • the specific steps of unlocking the chip include: a: the input password is written to the unlock register; b: the password is correct, UNLOCK_EN is pulled up one clock cycle; b: the LOCK signal is pulled low; c: the memory is unlocked; if the unlocking number reaches The predetermined value starts the step of restoring the factory settings, including: the number of unlock failures reaches the specified number of times; CLEAR_EN is pulled high, indicating that the notification factory reset logic starts to recover. Factory setting; RECOVER_EN is pulled high to indicate the start of factory reset.
  • Figure 6 shows the hardware logic implementation of the factory reset; any state of the unlocked state, the pre-locked state, the locked state, and the unlocked state can be restored to the factory state by the factory reset operation, that is, the memory is completely wiped.
  • the status of the division After performing the factory reset, the user password and data are erased.
  • RECOVER_EN is pulled high, indicating that the factory reset operation is in progress.
  • RECOVER_EN is pulled low, indicating that the operation is completed.
  • the falling edge of RECOVER_EN is used to generate the RECOVER_EN_N signal, and the RECOVER_EN_N signal is used as the Select end of the MUX. Pull LOCK low, indicating that the user memory is not locked, the user can access the memory through the debug port;
  • the operation of restoring the factory settings includes: RECOVER_EN is pulled high, indicating that the factory reset operation starts; erasing the Flash data area, erasing the Flash NVR area; RECOVER_EN is low, indicating that the factory reset operation ends; sampling the falling edge of RECOVER_EN RECOVER_EN_N, And use RECOVER_EN_N to pull LOCK low, indicating that the memory is not locked; the memory can be accessed;
  • the factory setting start command can follow certain rules, and the user finally determines the actual receipt to restore the factory settings.
  • setup module 71 and the control module 72 can be implemented by a processor or hardware logic or the like of an integrated circuit chip.
  • the present application further provides a storage medium including a set of computer executable instructions configured to execute:
  • the computer executable instructions are configured to execute: clearing content of the specified data save area when a predetermined condition is met.
  • the computer executable instructions are configured to: when the number of times the second access authentication information matches the first access authentication information fails to exceed a preset matching failure threshold, clear the content of the specified data storage area;
  • the computer executable instructions are configured to execute: storing the first access authentication information in the designated data save area.
  • an integrated circuit chip includes: a processor and a memory for storing a computer program executable on the processor,
  • processor configured to execute when the computer program is executed:
  • the computer executable instructions are configured to execute: clearing content of the specified data save area when a predetermined condition is met.
  • the processor is configured to execute when the computer program is executed:
  • the processor is configured to execute when the computer program is executed:
  • the first access authentication information is stored in the designated data storage area.
  • the present application provides a memory data protection method, an integrated circuit chip, and a storage medium.
  • the first access authentication information is set for a specified data storage area of the memory by using software or hardware logic inside the chip; and the access target information of the designated port is obtained.
  • the access target is the specified data save area, restrict access to the specified data save area; and when the input second access authentication information matches the first access authentication information, permit access to the specified data save area.
  • memory data protection can be realized, and the system design complexity and cost of the chip are reduced.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A memory data protection method, an integrated circuit chip, and a storage medium. The method comprises setting first access authentication information for a specified data saving area of a memory (101). The method further comprises: obtaining information about an access target of a specified port, and limiting, when the access target is the specified data saving area, to access the specified data saving area (102); and obtaining second access authentication information, and allowing, when the second access authentication information matches the first access authentication information, the access to the specified data saving area (103).

Description

一种存储器数据保护方法、集成电路芯片及存储介质Memory data protection method, integrated circuit chip and storage medium
相关申请的交叉引用Cross-reference to related applications
本申请基于申请号为201610779105.0、申请日为2016年08月30日的中国专利申请提出,并要求该中国专利申请的优先权,该中国专利申请的全部内容在此引入本申请作为参考。The present application is based on a Chinese patent application filed on Apr. 30, 2016, the entire disclosure of which is hereby incorporated by reference.
技术领域Technical field
本申请涉及集成电路数据安全领域,尤其涉及一种存储器数据保护方法、集成电路芯片及存储介质。The present application relates to the field of integrated circuit data security, and in particular, to a memory data protection method, an integrated circuit chip, and a storage medium.
背景技术Background technique
通常,如片上系统(SoC,System on Chip)等芯片内部嵌入有存储器,如非易失性存储器(Flash)、只读存储器(ROM,Read Only Memory)、随机存取存储器(Ram,Random Access Memory)等存储器,用来存储应用程序和用户数据等,存储的应用程序和用户数据中包含了算法软件、指纹信息和密码信息等,而这些信息都是极为机密的,是芯片需要重点保护的对象。因此,芯片内存储器数据的保护变的越来越重要。Usually, a chip such as a system on chip (SoC) has a memory embedded therein, such as a nonvolatile memory (Flash), a read only memory (ROM), and a random access memory (Ram, Random Access Memory). The memory is used to store applications and user data, etc. The stored application and user data include algorithm software, fingerprint information, and password information, and the information is extremely confidential, and is an object that the chip needs to be protected. . Therefore, the protection of in-chip memory data becomes more and more important.
现有对芯片存储器数据加密方法通常需要增加额外的加密芯片对存储器进行加密,这样,一方面增加了成本和设计的复杂性,另一方面这种方法只能针对片外的存储器,对片内存储器则无能为力。Existing methods for encrypting chip memory data usually require an additional encryption chip to encrypt the memory, which increases the cost and design complexity on the one hand, and on the other hand, the method can only be used for off-chip memory, on-chip. Memory is powerless.
另一种加密方法,是基于一套安全协同规范,需要软硬件协同工作;比如需要软件处于安全模式下对相应的区域进行配置,才能使处于非安全模式下的软件不能访问安全模式下的存储器;如此,使芯片所在系统变得更加复杂,而且需要配合有这个功能的处理器内核,对于一些老版本的内 核则无法使用;并且当用联合测试工作组(JTAG,Joint Test Action Group)口等进行操作时,由于没有软件的配合,则起不到安全的效果。Another encryption method is based on a set of security collaboration specifications that require software and hardware to work together; for example, software needs to be configured in a secure mode to enable software in non-secure mode to access memory in secure mode. So, the system in which the chip is located becomes more complicated, and it needs to match the processor core with this function, for some old versions. The core is not available; and when it is operated by the Joint Test Action Group (JTAG), there is no security effect due to the lack of software.
还有一种方法是芯片量产的时候,直接将调试口的针脚(PIN)烧断或不封装出来,这样,一方面是需要修改封装,增加了工作量;另一方面,万一发现问题想要通过调试口查找问题时,但由于调试端口已经不可以使用,将会变得无法调试。Another method is to directly burn the pins (PIN) of the debugging port when the chip is mass-produced. On the one hand, it is necessary to modify the package and increase the workload; on the other hand, if you find the problem, To find the problem through the debug port, but since the debug port is no longer available, it will become unworkable.
因此,如何实现存储器数据保护,并降低系统设计复杂程度和成本,是亟待解决的问题。Therefore, how to implement memory data protection and reduce the complexity and cost of system design is an urgent problem to be solved.
发明内容Summary of the invention
有鉴于此,本申请期望提供一种存储器数据保护方法、集成电路芯片及存储介质,能实现存储器数据保护,并降低系统设计复杂程度和成本。In view of this, the present application is expected to provide a memory data protection method, an integrated circuit chip, and a storage medium, which can implement memory data protection and reduce system design complexity and cost.
为达到上述目的,本申请的技术方案是这样实现的:In order to achieve the above object, the technical solution of the present application is implemented as follows:
本申请提供了一种存储器数据保护方法,所述方法包括:为存储器的指定数据保存区设置第一访问认证信息;所述方法还包括:The present application provides a memory data protection method, the method comprising: setting a first access authentication information for a specified data storage area of a memory; the method further comprising:
获取指定端口的访问目标信息;当所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;Obtaining access target information of the designated port; when the access target is the specified data save area, restricting access to the specified data save area;
获取第二访问认证信息;Obtaining second access authentication information;
当第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。When the second access authentication information matches the first access authentication information, access to the designated data save area is permitted.
上述方案中,所述方法还包括:满足预设条件时,清除所述指定数据保存区的内容。In the above solution, the method further includes: when the preset condition is met, clearing the content of the specified data storage area.
上述方案中,所述满足预设条件时,清除所述指定数据保存区的内容,包括:In the above solution, when the preset condition is met, the content of the specified data storage area is cleared, including:
所述第二访问认证信息与所述第一访问认证信息匹配失败次数超出预设匹配失败次数阈值时,清除所述指定数据保存区的内容;和/或, Clearing the content of the specified data storage area when the number of times the second access authentication information fails to match the first access authentication information exceeds a preset matching failure threshold; and/or,
输入预设清除指令时,清除所述指定数据保存区的内容。When the preset clear command is input, the content of the specified data save area is cleared.
上述方案中,所述方法还包括:将所述第一访问认证信息存储在所述指定数据保存区。In the above solution, the method further includes: storing the first access authentication information in the designated data storage area.
本申请还提供了一种集成电路芯片,所述集成电路芯片包括:设置模块和控制模块;其中,The application also provides an integrated circuit chip, the integrated circuit chip comprising: a setting module and a control module; wherein
所述设置模块,配置为为存储器的指定数据保存区设置第一访问认证信息;The setting module is configured to set first access authentication information for a designated data storage area of the memory;
所述控制模块,配置为获取指定端口的访问目标信息;所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;输入的第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。The control module is configured to acquire access target information of the designated port; when the access target is the specified data save area, restrict access to the specified data save area; the input second access authentication information and the first access When the authentication information matches, the specified data storage area is allowed to be accessed.
上述方案中,所述控制模块,配置为满足预设条件时,清除所述指定数据保存区的内容。In the above solution, the control module is configured to clear the content of the specified data storage area when the preset condition is met.
上述方案中,所述控制模块,配置为所述第二访问认证信息与所述第一访问认证信息匹配失败次数超出预设匹配失败次数阈值时,清除所述指定数据保存区的内容;和/或,In the above solution, the control module is configured to clear the content of the specified data storage area when the number of times that the second access authentication information and the first access authentication information fail to match exceed the preset matching failure number threshold; and or,
输入预设清除指令时,清除所述指定数据保存区的内容。When the preset clear command is input, the content of the specified data save area is cleared.
上述方案中,所述设置模块,配置为将所述第一访问认证信息存储在所述指定数据保存区。In the above solution, the setting module is configured to store the first access authentication information in the designated data storage area.
本申请还提供了一种存储介质,该计算机存储介质包括一组计算机可执行指令,所述计算机可执行指令配置为前述的方法的步骤。The application also provides a storage medium comprising a set of computer executable instructions configured as steps of the aforementioned method.
本申请还提供了一种集成电路芯片,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,The application also provides an integrated circuit chip comprising: a processor and a memory for storing a computer program capable of running on the processor,
其中,所述处理器用于运行所述计算机程序时,执行前述方法的步骤。Wherein the processor is configured to perform the steps of the foregoing method when the computer program is run.
本申请所提供的一种存储器数据保护方法、集成电路芯片及存储介质, 在芯片内部采用软件或硬件逻辑的方式,为存储器的指定数据保存区设置第一访问认证信息;获取指定端口的访问目标信息;所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;输入的第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。如此,只有输入的访问认证信息与指定数据保存区预设的访问认证信息一致时,才允许访问指定数据保存区,能实现存储器数据保护,且降低芯片所在系统设计复杂程度和成本。A memory data protection method, an integrated circuit chip and a storage medium provided by the present application, Setting a first access authentication information for a specified data storage area of the memory by using software or hardware logic inside the chip; acquiring access target information of the designated port; and restricting access when the access target is the specified data storage area Specifying a data save area; accessing the specified data save area when the input second access authentication information matches the first access authentication information. In this way, only when the input access authentication information is consistent with the access authentication information preset in the specified data storage area, access to the specified data storage area is allowed, memory data protection can be realized, and the system design complexity and cost of the chip are reduced.
附图说明DRAWINGS
图1为本申请存储器数据保护方法的流程示意图;1 is a schematic flow chart of a method for protecting a memory data of the present application;
图2为本申请芯片状态转换示意图;2 is a schematic diagram of state transition of a chip of the present application;
图3为本申请读取芯片密码的硬件逻辑示意图;3 is a schematic diagram of hardware logic for reading a chip password according to the present application;
图4为本申请芯片锁定的硬件逻辑示意图;4 is a schematic diagram of hardware logic of the chip locking of the present application;
图5为本申请芯片解锁的硬件逻辑示意图;FIG. 5 is a schematic diagram of hardware logic for unlocking a chip of the present application; FIG.
图6为本申请恢复出厂设置的硬件逻辑示意图;6 is a schematic diagram of hardware logic of restoring factory settings of the present application;
图7为本申请集成电路芯片的组成结构示意图。FIG. 7 is a schematic structural diagram of an integrated circuit chip of the present application.
具体实施方式detailed description
本申请中,为存储器的指定数据保存区设置第一访问认证信息;获取指定端口的访问目标信息;所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;输入的第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。In the application, the first access authentication information is set for the designated data storage area of the memory; the access target information of the designated port is acquired; and when the access target is the designated data storage area, the access to the designated data storage area is restricted; When the second access authentication information matches the first access authentication information, access to the designated data storage area is permitted.
下面结合实施例对本申请再作进一步详细的说明。The present application will be further described in detail below with reference to the embodiments.
本申请提供的存储器数据保护方法,如图1所示,所述方法包括:The memory data protection method provided by the present application is as shown in FIG. 1 , and the method includes:
步骤101:为存储器的指定数据保存区设置第一访问认证信息;Step 101: Set first access authentication information for a specified data storage area of the memory;
本申请提供的存储器数据保护方法可以采用芯片内部的软件实现,如 由启动程序来进行存储器数据保护,也可以通过芯片的硬件逻辑实现;这里,以硬件逻辑实现作为示例解释所述存储器数据保护方法;The memory data protection method provided by the present application can be implemented by using software inside the chip, such as The memory data protection by the startup program may also be implemented by the hardware logic of the chip; here, the memory data protection method is explained by taking the hardware logic implementation as an example;
通常,芯片包含ROM、RAM、Flash和其他可编程的存储器。其中,ROM用来存放启动程序,固化后不可改写,RAM用来存放中央处理器(CPU,Central Processing Unit)运行时的中间变量、Flash用来存放用户程序和一些用户信息,用户可以改写;Flash通常包含数据区域和非易失性随机访问存储器(NVR,Non-Volatile Random access memory)区域,两个区域相互独立,不可同时访问,需要通过配置寄存器选择访问哪个区域。数据区域用来存放用户程序和数据,NVR区域用来存放密码、坏块信息和其他用户的重要信息。所述指定数据保存区可以包括Flash的数据区域和NVR区域等;这里,可以首先为指定数据保存区设置第一访问认证信息,所述第一访问认证信息可以包括访问密码等;进一步的,可以设置多层密码,以提高安全效果;可以将密码保存在NVR区域,提高密码安全性。Typically, the chip contains ROM, RAM, Flash, and other programmable memories. The ROM is used to store the startup program, and cannot be rewritten after being solidified. The RAM is used to store the intermediate variables of the central processing unit (CPU, Central Processing Unit), and the Flash is used to store the user program and some user information, and the user can rewrite; It usually contains a data area and a non-Volatile Random Access Memory (NVR) area. The two areas are independent of each other and cannot be accessed at the same time. It is necessary to select which area to access through the configuration register. The data area is used to store user programs and data, and the NVR area is used to store passwords, bad block information, and important information of other users. The specified data storage area may include a data area and an NVR area of the flash, etc.; first, the first access authentication information may be set for the specified data storage area, where the first access authentication information may include an access password, etc.; further, Set a multi-layer password to improve security; you can save the password in the NVR area to improve password security.
步骤102:获取指定端口的访问目标信息;所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;Step 102: Obtain access target information of the designated port. When the access target is the designated data save area, restrict access to the designated data save area.
这里,所述指定端口包括在芯片的各输入输出(I/O,Input/Output)口,如COM口和JTAG口等中指定的一个以上的端口;所述访问目标信息包括:访问地址等;可以预先设定指定端口的访问权限,在指定端口访问所述指定数据保存区时需要进行身份认证;在芯片启动时,芯片可以将NVR区域的第一访问认证信息读取到寄存器中,在检测到所述指定端口的访问地址为所述指定数据保存区时,可以对所述指定数据保存区进行锁定,不允许对所述指定数据保存区进行访问;如此,可以限制非安全访问。Here, the designated port includes one or more ports specified in each input/output (I/O, Input/Output) port of the chip, such as a COM port and a JTAG port; and the access target information includes: an access address, and the like; The access authority of the designated port may be preset, and the identity authentication is required when the designated port accesses the specified data storage area; when the chip is started, the chip may read the first access authentication information of the NVR area into the register, and detect When the access address to the designated port is the designated data storage area, the specified data storage area may be locked, and access to the designated data storage area is not allowed; thus, non-secure access may be restricted.
步骤103:获取第二访问认证信息,当第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区;Step 103: Acquire second access authentication information, and when the second access authentication information matches the first access authentication information, allow access to the designated data storage area;
这里,所述第二访问认证信息可以通过正在进行访问的指定端口或其 他I/O口进行输入,所述第二访问认证信息包括访问密码等;Here, the second access authentication information may pass through a designated port that is being accessed or The input of the I/O port is performed, and the second access authentication information includes an access password and the like;
当所述第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。When the second access authentication information matches the first access authentication information, access to the designated data storage area is allowed.
进一步的,可以对芯片中所述指定数据保存区设置不锁定状态,当处于不锁定状态的时候,可以不受限制访问所述指定数据保存区。Further, the specified data storage area in the chip may be set to an unlock state, and when not in the unlock state, the designated data storage area may be accessed without restriction.
这里,设置不锁定状态的条件可以包括:当所述第一访问认证信息为预设默认信息时,和/或当所述指定端口无访问活动时;当所述第一访问认证信息为预设默认信息时,可以认为芯片刚刚初始化并没有需要保护的数据在所述指定数据保存区,因此,可以不对所述指定数据保存区进行访问保护;当所述指定端口无访问活动时,则认为无外部安全风险事件发生,因此,可以不对所述指定数据保存区进行访问保护,可以由芯片自身对所述指定数据保存区进行自由访问。Here, the setting of the unlocked state may include: when the first access authentication information is preset default information, and/or when the designated port has no access activity; when the first access authentication information is a preset In the default information, it can be considered that the data that the chip has just initialized and does not need to be protected is in the specified data storage area, and therefore, the specified data storage area may not be protected by access; when the designated port has no access activity, it is considered to be absent. An external security risk event occurs. Therefore, the specified data storage area may not be protected from access, and the specified data storage area may be freely accessed by the chip itself.
进一步的,所述芯片还设置有一种以上的对所述指定数据保存区进行出厂复位的方法,包括:当所述第二认证信息与所述第一认证信息匹配失败次数大于预设的匹配失败次数阈值时,和/或,当芯片接收到预设的复位指令时,对所述指定数据保存区进行出厂复位。Further, the chip is further provided with one or more methods for performing a factory reset on the specified data storage area, including: when the second authentication information matches the first authentication information, the number of failed failures is greater than a preset matching failure. When the threshold is reached, and/or, when the chip receives the preset reset command, the designated data save area is factory reset.
具体的,当所述第二认证信息与所述第一认证信息匹配失败次数大于预设的匹配失败次数阈值时,可以认为有故意的攻击行为,安全风险最大,为保护所述指定数据保存区的数据不被非法获取,可以进行出厂复位;同时,可以给芯片预设复位指令,在用户忘记所述第一认证信息的情况下,为了不使芯片无法使用而浪费,可以采用预设复位指令对所述指定数据保存区进行复位,起到重新使用所述芯片的作用;为了防止一旦用户忘记了芯片预设的密码而无法使用芯片的情况发生,基于保护存储器数据的基础,通过向芯片输入一组预设复位指令,使芯片强制将预设的密码清除,为了保护用户程序和用户数据,要先将所有数据区域擦除,之后再擦除NVR区 域,这样可以防止某种原因导致NVR区域中的密码被擦除后,用户程序和数据被泄露的情况发生。Specifically, when the number of failures of matching the second authentication information with the first authentication information is greater than a preset threshold of the number of matching failures, the intentional attack behavior may be considered as the maximum security risk, and the specified data storage area is protected. The data is not illegally obtained, and can be resetted by the factory. At the same time, the chip can be reset by the preset instruction. In case the user forgets the first authentication information, in order to avoid wasting the chip, the preset reset command can be used. Resetting the designated data storage area to play the role of reusing the chip; in order to prevent the user from being unable to use the chip once the user forgets the password of the chip preset, based on the protection of the memory data, by inputting to the chip A set of preset reset commands causes the chip to forcibly clear the preset password. To protect the user program and user data, all data areas must be erased before erasing the NVR area. Domain, this prevents the user program and data from being leaked after the password in the NVR area is erased for some reason.
实际应用中,可以采用硬件逻辑电路实现存储器数据的保护;首先,可以为芯片设定多种状态,相应的,芯片可以工作在不同的状态下,如图2所示,芯片的状态可以包括:In practical applications, hardware logic circuits can be used to protect the memory data. First, various states can be set for the chip. Accordingly, the chip can work in different states. As shown in FIG. 2, the state of the chip can include:
不锁定状态:密码为存储器被擦除后的默认值,即密码无效,此时,即使检测到指定端口有动作,芯片也不进入锁定状态;Unlocked state: The password is the default value after the memory is erased, that is, the password is invalid. At this time, even if it is detected that the specified port has an action, the chip does not enter the locked state;
预锁定状态:密码有效,但是检测逻辑没有检测到调试端口有任何动作时处于的状态,此状态下程序可以正常运行;Pre-locked state: The password is valid, but the detection logic does not detect the state that the debug port is in any action. In this state, the program can run normally;
锁定状态:密码有效,检测逻辑检测到指定端口的动作,将芯片锁定,即限制访问所述指定数据保存区,运行在Flash里的程序被暂停,不能访问被保护的存储器;Lock status: The password is valid, the detection logic detects the action of the specified port, locks the chip, that is, restricts access to the specified data storage area, and the program running in the Flash is suspended, and the protected memory cannot be accessed;
解锁状态:芯片被锁定后,进行了成功解锁后的状态,程序恢复运行,被保护的存储器空间解除保护;Unlocked state: After the chip is locked, the state after successful unlocking is performed, the program resumes operation, and the protected memory space is unprotected;
出厂状态:上述任何状态下,都可以进行恢复出厂设置的操作,操作完成后,即为出厂状态,此状态下用户程序、数据和密码等信息均被擦除,存储器可以被主机访问。Factory state: In any of the above states, the factory reset operation can be performed. After the operation is completed, it is the factory state. In this state, the user program, data and password information are erased, and the memory can be accessed by the host.
芯片密码的读取流程如图3所示,可以采用硬件逻辑实现芯片密码的读取;芯片上电复位后,控制器会自动去存储器的NVR区域读取密码,即读取所述第一访问认证信息,并将密码存在寄存器中。此时,如果密码是有效密码,则进入预锁定状态;如果是无效密码,则进入不锁定状态。The process of reading the chip password is as shown in FIG. 3, and the hardware logic can be used to read the chip password; after the chip is powered on, the controller automatically reads the password in the NVR area of the memory, that is, reads the first access. Authentication information and the password is stored in the register. At this time, if the password is a valid password, it enters the pre-lock state; if it is an invalid password, it enters the unlock state.
具体的,上电复位后,芯片控制器自动读取存储器NVR区域的密码数据,读回密码数据(DATA);将读回的DATA锁存到寄存器中,产生密码(PASSWORD)信号;比较PASSWORD是否为出厂密码,产生标记(FLAG)信号;判断FLAG的值,FLAG=1表示当前密码是出厂密码,进入不锁定 状态;FLAG=0表示当前密码不是出厂密码,进入预锁定状态;进入预锁定状态后,主机可以访问存储器,并开始监控调试端口的动作。Specifically, after the power-on reset, the chip controller automatically reads the password data of the NVR area of the memory, reads back the password data (DATA), latches the read back DATA into the register, generates a password (PASSWORD) signal, and compares whether the PASSWORD is For the factory password, generate a flag (FLAG) signal; determine the value of FLAG, FLAG=1 means the current password is the factory password, enter no lock Status; FLAG=0 means that the current password is not the factory password and enters the pre-lock state; after entering the pre-lock state, the host can access the memory and start monitoring the action of the debug port.
图4为芯片锁定的硬件逻辑示意图;当新密码烧写到指定位置,新密码可在下次复位后生效;上电复位后,密码被读出,如果是有效密码则进入预锁定状态;此时,如果检测逻辑检测到指定端口有访问芯片的动作,那么芯片进入锁定状态,主机不可以访问存储器,即可以防止代码和用户信息外泄,也可以防止代码和用户数据被恶意改写。这里,判断密码是否有效的方法包括判断新密码是否是初始密码,如果是初始密码,则认为密码处于无效状态;其中,所述指定端口,比如JTAG,又称调试端口,一般都需要外部提供一个时钟信号TCK,没有动作的时候,时钟处于低电平,有动作时则有高低电平的切换;因此,可以利用上升沿来计数,计到一定值之后,即可以判断JTAG动作有效,把锁定(LOCK)信号拉高;LOCK信号为高后,则锁定存储器;CLOCK是工作时钟,利用TCK的上升沿信号TCK_P进行计数,计数到N后,LOCK拉高,表明锁定存储器;图中数据选择器(MUX)只是一个示意图,并不是真正的逻辑电路。当LOCK=1时,“无效访问”穿过MUX,表示存储器不能被访问;当LOCK=0时,“主机访问请求”穿过MUX,表示存储器可以被访问。Figure 4 is a hardware schematic diagram of the chip lock; when the new password is programmed to the specified location, the new password can take effect after the next reset; after the power-on reset, the password is read, and if it is a valid password, it enters the pre-lock state; If the detection logic detects that the specified port has access to the chip, the chip enters a locked state, and the host cannot access the memory, thereby preventing code and user information from being leaked, and preventing the code and user data from being maliciously rewritten. Here, the method for determining whether the password is valid includes determining whether the new password is the initial password, and if it is the initial password, the password is considered to be in an invalid state; wherein the designated port, such as JTAG, also called the debug port, generally needs to provide an external one. When the clock signal TCK has no action, the clock is at a low level, and when there is an action, there is a switch between high and low levels; therefore, the rising edge can be used to count, and after a certain value is counted, the JTAG action can be determined to be valid, and the lock is enabled. (LOCK) signal is pulled high; after the LOCK signal is high, the memory is locked; CLOCK is the working clock, which is counted by the rising edge signal TCK_P of TCK. After counting to N, LOCK is pulled high, indicating that the memory is locked; the data selector in the figure (MUX) is just a schematic diagram, not a real logic circuit. When LOCK = 1, "invalid access" passes through the MUX, indicating that the memory cannot be accessed; when LOCK = 0, the "host access request" passes through the MUX, indicating that the memory can be accessed.
图5为芯片解锁的硬件逻辑,当芯片被锁定了之后,可以通过向芯片的相应寄存器写入密码的方式来解锁芯片,即输入所述第二访问认证信息来解锁芯片;当存储器被锁定之后,调试端口虽然不可以访问存储器,但是,可以访问内部的解锁寄存器,可以通过配置总线将密码写入到解锁寄存器,进行解锁。为了提高解锁难度,可以设置多个密码寄存器,以增加密码的位宽。5 is a hardware logic for unlocking a chip. After the chip is locked, the chip can be unlocked by writing a password to a corresponding register of the chip, that is, inputting the second access authentication information to unlock the chip; when the memory is locked Although the debug port does not have access to the memory, it can access the internal unlock register, and the password can be written to the unlock register through the configuration bus to unlock. In order to increase the difficulty of unlocking, multiple password registers can be set to increase the bit width of the password.
进一步的,为了防止暴力解密,还加入了解锁次数的限制,解锁不成功超过一定次数,则进行恢复出厂设置操作。芯片的解锁的具体步骤包括: a:输入的密码被写入到解锁寄存器;b:密码正确,UNLOCK_EN拉高一个时钟周期;b:LOCK信号被拉低;c:存储器被解锁;如果解锁次数到达预定值,则开始进行恢复出厂设置的步骤,包括:解锁失败次数达到规定的M次;CLEAR_EN拉高,表明通知恢复出厂设置逻辑开始恢复出厂设置;RECOVER_EN拉高,表明开始恢复出厂设置。Further, in order to prevent brute force decryption, a limit on the number of unlocking times is also added, and if the unlocking is unsuccessful for more than a certain number of times, the factory reset operation is performed. The specific steps of unlocking the chip include: a: The entered password is written to the unlock register; b: the password is correct, UNLOCK_EN is pulled high for one clock cycle; b: the LOCK signal is pulled low; c: the memory is unlocked; if the unlocked number reaches the predetermined value, the recovery is started. The setting steps include: the number of unlock failures reaches the specified number of times; CLEAR_EN is pulled high, indicating that the notification factory reset logic starts to restore the factory setting; RECOVER_EN is pulled high, indicating that the factory reset is started.
图6为恢复出厂设置的硬件逻辑实现方式;在不锁定状态、预锁定状态、锁定状态、解锁状态中的任何一种状态,都可以通过恢复出厂设置操作恢复到出厂状态,即存储器全部被擦除的状态。执行完恢复出厂设置后,用户密码和数据被擦除。恢复出厂设置时,RECOVER_EN被拉高,表示正在进行恢复出厂设置操作,结束后RECOVER_EN被拉低,表示操作完成,这时候采RECOVER_EN的下降沿,生成RECOVER_EN_N信号,用RECOVER_EN_N信号作为MUX的Select端,将LOCK拉低,表示用户存储器不被锁定,用户可以通过调试端口访问存储器;Figure 6 shows the hardware logic implementation of the factory reset; any state of the unlocked state, the pre-locked state, the locked state, and the unlocked state can be restored to the factory state by the factory reset operation, that is, the memory is completely wiped. The status of the division. After performing the factory reset, the user password and data are erased. When the factory setting is restored, RECOVER_EN is pulled high, indicating that the factory reset operation is in progress. After the end, RECOVER_EN is pulled low, indicating that the operation is completed. At this time, the falling edge of RECOVER_EN is used to generate the RECOVER_EN_N signal, and the RECOVER_EN_N signal is used as the Select end of the MUX. Pull LOCK low, indicating that the user memory is not locked, the user can access the memory through the debug port;
进行恢复出厂设置操作具体包括:RECOVER_EN拉高,表示恢复出厂设置操作开始;擦除Flash数据区域,擦除Flash NVR区域;RECOVER_EN拉低,表示恢复出厂设置操作结束;采样到RECOVER_EN的下降沿RECOVER_EN_N,并用RECOVER_EN_N来将LOCK拉低,表示存储器不被锁定;存储器可以被访问;The operation of restoring the factory settings includes: RECOVER_EN is pulled high, indicating that the factory reset operation starts; erasing the Flash data area, erasing the Flash NVR area; RECOVER_EN is low, indicating that the factory reset operation ends; sampling the falling edge of RECOVER_EN RECOVER_EN_N, And use RECOVER_EN_N to pull LOCK low, indicating that the memory is not locked; the memory can be accessed;
其中,防止误操作,写入出厂设置启动命令可以遵循一定规则,由用户最终确定实收进行恢复出厂设置。Among them, to prevent misoperation, the factory setting start command can follow certain rules, and the user finally determines the actual receipt to restore the factory settings.
本申请提供的集成电路芯片,如图7所示,所述集成电路芯片包括:设置模块71和控制模块72;其中,The integrated circuit chip provided by the present application, as shown in FIG. 7, the integrated circuit chip includes: a setting module 71 and a control module 72;
所述设置模块71,用于为存储器的指定数据保存区设置第一访问认证信息;The setting module 71 is configured to set first access authentication information for a designated data storage area of the memory;
本申请提供的存储器数据保护方法可以采用集成电路芯片内部的软件 实现,如由启动程序来进行存储器数据保护,也可以通过芯片的硬件逻辑实现;这里,以硬件逻辑实现作为示例解释所述存储器数据保护方法;The memory data protection method provided by the present application can use software inside the integrated circuit chip The implementation, such as the memory data protection by the startup program, can also be implemented by the hardware logic of the chip; here, the memory data protection method is explained by taking the hardware logic implementation as an example;
通常,芯片包含ROM、RAM、Flash和其他可编程的存储器。其中,ROM用来存放启动程序,固化后不可改写,RAM用来存放CPU运行时的中间变量、Flash用来存放用户程序和一些用户信息,用户可以改写;Flash通常包含数据区域和NVR区域,两个区域相互独立,不可同时访问,需要通过配置寄存器选择访问哪个区域。数据区域用来存放用户程序和数据,NVR区域用来存放密码、坏块信息和其他用户的重要信息。所述指定数据保存区可以包括Flash的数据区域和NVR区域等;这里,可以首先为指定数据保存区设置第一访问认证信息,所述第一访问认证信息可以包括访问密码等;进一步的,可以设置多层密码,以提高安全效果;可以将密码保存在NVR区域,提高密码安全性。Typically, the chip contains ROM, RAM, Flash, and other programmable memories. Among them, the ROM is used to store the startup program, and can not be rewritten after curing. The RAM is used to store the intermediate variables of the CPU runtime, the Flash is used to store the user program and some user information, and the user can rewrite; the Flash usually includes the data area and the NVR area, The areas are independent of each other and cannot be accessed at the same time. It is necessary to select which area to access through the configuration register. The data area is used to store user programs and data, and the NVR area is used to store passwords, bad block information, and important information of other users. The specified data storage area may include a data area and an NVR area of the flash, etc.; first, the first access authentication information may be set for the specified data storage area, where the first access authentication information may include an access password, etc.; further, Set a multi-layer password to improve security; you can save the password in the NVR area to improve password security.
所述控制模块72,用于获取指定端口的访问目标信息;当所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;当输入的第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区;The control module 72 is configured to acquire access target information of the designated port; when the access target is the designated data save area, restrict access to the specified data save area; when the input second access authentication information is When the first access authentication information matches, the access to the specified data storage area is allowed;
这里,所述指定端口包括在芯片的各I/O口,如COM口和JTAG口等中指定的一个以上的端口;所述访问目标信息包括:访问地址等;可以预先设定指定端口的访问权限,在指定端口访问所述指定数据保存区时需要进行身份认证;在芯片启动时,芯片可以将NVR区域的第一访问认证信息读取到寄存器中,在检测到所述指定端口的访问地址为所述指定数据保存区时,可以对所述指定数据保存区进行锁定,不允许对所述指定数据保存区进行访问;如此,可以限制非安全访问。Here, the designated port includes one or more ports specified in each I/O port of the chip, such as a COM port and a JTAG port; the access target information includes: an access address, etc.; access of the designated port may be preset Privilege, when the designated port accesses the specified data storage area, identity authentication is required; when the chip is started, the chip can read the first access authentication information of the NVR area into the register, and detect the access address of the specified port. When the designated data storage area is reserved, the specified data storage area may be locked, and access to the specified data storage area is not allowed; thus, non-secure access may be restricted.
所述第二访问认证信息可以通过正在进行访问的指定端口或其他I/O口进行输入,所述第二访问认证信息包括访问密码等;当所述第二访问认 证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。The second access authentication information may be input through a designated port or other I/O port that is being accessed, the second access authentication information includes an access password, etc.; when the second access authentication When the certificate information matches the first access authentication information, access to the specified data storage area is permitted.
进一步的,可以对芯片中所述指定数据保存区设置不锁定状态,当处于不锁定状态的时候,可以不受限制访问所述指定数据保存区;这里,设置不锁定状态的条件可以包括:当所述第一访问认证信息为预设默认信息时,和/或当所述指定端口无访问活动时;当所述第一访问认证信息为预设默认信息时,可以认为芯片刚刚初始化并没有需要保护的数据在所述指定数据保存区,因此,可以不对所述指定数据保存区进行访问保护;当所述指定端口无访问活动时,则认为无外部安全风险事件发生,因此,可以不对所述指定数据保存区进行访问保护,可以由芯片自身对所述指定数据保存区进行自由访问。Further, the specified data storage area in the chip may be set to an unlocked state, and when in the unlocked state, the specified data storage area may be accessed without restriction; wherein the condition of setting the unlocked state may include: When the first access authentication information is preset default information, and/or when the designated port has no access activity; when the first access authentication information is preset default information, it may be considered that the chip has just been initialized and does not need to be The protected data is in the designated data storage area, and therefore, the specified data storage area may not be protected by access; when the designated port has no access activity, no external security risk event is considered to occur, and therefore, the The data save area is designated for access protection, and the specified data save area can be freely accessed by the chip itself.
进一步的,所述芯片还设置有一种以上的对所述指定数据保存区进行出厂复位的方法,包括:当所述第二认证信息与所述第一认证信息匹配失败次数大于预设的匹配失败次数阈值时,和/或,当芯片接收到预设的复位指令时,对所述指定数据保存区进行出厂复位;当所述第二认证信息与所述第一认证信息匹配失败次数大于预设的匹配失败次数阈值时,可以认为有故意的攻击行为,安全风险最大,为保护所述指定数据保存区的数据不被非法获取,可以进行出厂复位;同时,可以给芯片预设复位指令,在用户忘记所述第一认证信息的情况下,为了不使芯片无法使用而浪费,可以采用预设复位指令对所述指定数据保存区进行复位,起到重新使用所述芯片的作用;为了防止一旦用户忘记了芯片预设的密码而无法使用芯片的情况发生,基于保护存储器数据的基础,通过向芯片输入一组预设复位指令,使芯片强制将预设的密码清除,为了保护用户程序和用户数据,要先将所有数据区域擦除,之后再擦除NVR区域,这样可以防止某种原因导致NVR区域中的密码被擦除后,用户程序和数据被泄露的情况发生。Further, the chip is further provided with one or more methods for performing a factory reset on the specified data storage area, including: when the second authentication information matches the first authentication information, the number of failed failures is greater than a preset matching failure. When the threshold is received, and/or when the chip receives the preset reset command, the designated data save area is factory reset; when the second authentication information matches the first authentication information, the number of failures is greater than the preset. When the matching failure threshold is used, it can be considered that there is intentional attack behavior, and the security risk is the greatest. To protect the data of the specified data storage area from being illegally obtained, the factory reset can be performed; at the same time, the chip can be reset by default. If the user forgets the first authentication information, in order not to waste the chip, the preset data storage area may be reset by using a preset reset instruction, thereby playing the role of reusing the chip; The user forgets the password of the chip preset and cannot use the chip. Based on the basis of protecting the memory data. Basically, by inputting a set of preset reset commands to the chip, the chip forcibly clears the preset password. To protect the user program and user data, all data areas must be erased first, and then the NVR area is erased. This prevents After some reason causes the password in the NVR area to be erased, the user program and data are leaked.
实际应用中,可以采用硬件逻辑电路实现存储器数据的保护; In practical applications, hardware logic circuits can be used to protect the memory data;
首先,可以为芯片设定多种状态,相应的,芯片可以工作在不同的状态下,如图2所示,芯片的状态可以包括:First, various states can be set for the chip. Accordingly, the chip can work in different states. As shown in FIG. 2, the state of the chip can include:
不锁定状态:密码为存储器被擦除后的默认值,即密码无效,此时,即使检测到指定端口有动作,芯片也不进入锁定状态;Unlocked state: The password is the default value after the memory is erased, that is, the password is invalid. At this time, even if it is detected that the specified port has an action, the chip does not enter the locked state;
预锁定状态:密码有效,但是检测逻辑没有检测到调试端口有任何动作时处于的状态,此状态下程序可以正常运行;Pre-locked state: The password is valid, but the detection logic does not detect the state that the debug port is in any action. In this state, the program can run normally;
锁定状态:密码有效,检测逻辑检测到指定端口的动作,将芯片锁定,即限制访问所述指定数据保存区,运行在Flash里的程序被暂停,不能访问被保护的存储器;Lock status: The password is valid, the detection logic detects the action of the specified port, locks the chip, that is, restricts access to the specified data storage area, and the program running in the Flash is suspended, and the protected memory cannot be accessed;
解锁状态:芯片被锁定后,进行了成功解锁后的状态,程序恢复运行,被保护的存储器空间解除保护;Unlocked state: After the chip is locked, the state after successful unlocking is performed, the program resumes operation, and the protected memory space is unprotected;
出厂状态:上述任何状态下,都可以进行恢复出厂设置的操作,操作完成后,即为出厂状态,此状态下用户程序、数据和密码等信息均被擦除,存储器可以被主机访问。Factory state: In any of the above states, the factory reset operation can be performed. After the operation is completed, it is the factory state. In this state, the user program, data and password information are erased, and the memory can be accessed by the host.
芯片密码的读取流程如图3所示,可以采用硬件逻辑实现芯片密码的读取;芯片上电复位后,控制器会自动去存储器的NVR区域读取密码,即读取所述第一访问认证信息,并将密码存在寄存器中。此时,如果密码是有效密码,则进入预锁定状态;如果是无效密码,则进入不锁定状态。The process of reading the chip password is as shown in FIG. 3, and the hardware logic can be used to read the chip password; after the chip is powered on, the controller automatically reads the password in the NVR area of the memory, that is, reads the first access. Authentication information and the password is stored in the register. At this time, if the password is a valid password, it enters the pre-lock state; if it is an invalid password, it enters the unlock state.
具体的,上电复位后,芯片控制器自动读取存储器NVR区域的密码数据,读回DATA;将读回的DATA锁存到寄存器中,产生PASSWORD信号;比较PASSWORD是否为出厂密码,产生FLAG信号;判断FLAG的值,FLAG=1表示当前密码是出厂密码,进入不锁定状态;FLAG=0表示当前密码不是出厂密码,进入预锁定状态;进入预锁定状态后,主机可以访问存储器,并开始监控调试端口的动作。Specifically, after power-on reset, the chip controller automatically reads the password data of the memory NVR area, reads back DATA; latches the read back DATA into the register to generate a PASSWORD signal; compares whether PASSWORD is a factory password, and generates a FLAG signal. ; judge the value of FLAG, FLAG=1 indicates that the current password is the factory password, enter the unlock state; FLAG=0 indicates that the current password is not the factory password, enter the pre-lock state; after entering the pre-lock state, the host can access the memory and start monitoring Debug port action.
图4为芯片锁定的硬件逻辑示意图;当新密码烧写到指定位置,新密 码可在下次复位后生效;上电复位后,密码被读出,如果是有效密码则进入预锁定状态;此时,如果检测逻辑检测到指定端口有访问芯片的动作,那么芯片进入锁定状态,主机不可以访问存储器,即可以防止代码和用户信息外泄,也可以防止代码和用户数据被恶意改写。这里,判断密码是否有效的方法包括判断新密码是否是初始密码,如果是初始密码,则认为密码处于无效状态;其中,所述指定端口,比如JTAG,又称调试端口,一般都需要外部提供一个时钟信号TCK,没有动作的时候,时钟处于低电平,有动作时则有高低电平的切换;因此,可以利用上升沿来计数,计到一定值之后,即可以判断JTAG动作有效,把LOCK信号拉高;LOCK信号为高后,则锁定存储器;CLOCK是工作时钟,利用TCK的上升沿信号TCK_P进行计数,计数到N后,LOCK拉高,表明锁定存储器;图中MUX只是一个示意图,并不是真正的逻辑电路。当LOCK=1时,“无效访问”穿过MUX,表示存储器不能被访问;当LOCK=0时,“主机访问请求”穿过MUX,表示存储器可以被访问。Figure 4 is a schematic diagram of the hardware of the chip lock; when the new password is programmed to the specified location, the new secret The code can take effect after the next reset; after the power-on reset, the password is read, and if it is a valid password, it enters the pre-lock state; at this time, if the detection logic detects that the specified port has access to the chip, the chip enters the locked state. The host can't access the memory, which prevents code and user information from leaking out, and prevents code and user data from being maliciously overwritten. Here, the method for determining whether the password is valid includes determining whether the new password is the initial password, and if it is the initial password, the password is considered to be in an invalid state; wherein the designated port, such as JTAG, also called the debug port, generally needs to provide an external one. Clock signal TCK, when there is no action, the clock is at a low level, when there is an action, there is a switch between high and low level; therefore, the rising edge can be used to count, after counting a certain value, it can be judged that the JTAG action is valid, and LOCK is The signal is pulled high; after the LOCK signal is high, the memory is locked; CLOCK is the working clock, which is counted by the rising edge signal TCK_P of TCK. After counting to N, the LOCK is pulled high, indicating that the memory is locked; the MUX in the figure is only a schematic diagram, and Not a real logic circuit. When LOCK = 1, "invalid access" passes through the MUX, indicating that the memory cannot be accessed; when LOCK = 0, the "host access request" passes through the MUX, indicating that the memory can be accessed.
图5为芯片解锁的硬件逻辑,当芯片被锁定了之后,可以通过向芯片的相应寄存器写入密码的方式来解锁芯片,即输入所述第二访问认证信息来解锁芯片;当存储器被锁定之后,调试端口虽然不可以访问存储器,但是,可以访问内部的解锁寄存器,可以通过配置总线将密码写入到解锁寄存器,进行解锁。为了提高解锁难度,可以设置多个密码寄存器,以增加密码的位宽。进一步的,为了防止暴力解密,还加入了解锁次数的限制,解锁不成功超过一定次数,则进行恢复出厂设置操作。芯片的解锁的具体步骤包括:a:输入的密码被写入到解锁寄存器;b:密码正确,UNLOCK_EN拉高一个时钟周期;b:LOCK信号被拉低;c:存储器被解锁;如果解锁次数到达预定值,则开始进行恢复出厂设置的步骤,包括:解锁失败次数达到规定的M次;CLEAR_EN拉高,表明通知恢复出厂设置逻辑开始恢复 出厂设置;RECOVER_EN拉高,表明开始恢复出厂设置。5 is a hardware logic for unlocking a chip. After the chip is locked, the chip can be unlocked by writing a password to a corresponding register of the chip, that is, inputting the second access authentication information to unlock the chip; when the memory is locked Although the debug port does not have access to the memory, it can access the internal unlock register, and the password can be written to the unlock register through the configuration bus to unlock. In order to increase the difficulty of unlocking, multiple password registers can be set to increase the bit width of the password. Further, in order to prevent brute force decryption, a limit on the number of unlocking times is also added, and if the unlocking is unsuccessful for more than a certain number of times, the factory reset operation is performed. The specific steps of unlocking the chip include: a: the input password is written to the unlock register; b: the password is correct, UNLOCK_EN is pulled up one clock cycle; b: the LOCK signal is pulled low; c: the memory is unlocked; if the unlocking number reaches The predetermined value starts the step of restoring the factory settings, including: the number of unlock failures reaches the specified number of times; CLEAR_EN is pulled high, indicating that the notification factory reset logic starts to recover. Factory setting; RECOVER_EN is pulled high to indicate the start of factory reset.
图6为恢复出厂设置的硬件逻辑实现方式;在不锁定状态、预锁定状态、锁定状态、解锁状态中的任何一种状态,都可以通过恢复出厂设置操作恢复到出厂状态,即存储器全部被擦除的状态。执行完恢复出厂设置后,用户密码和数据被擦除。恢复出厂设置时,RECOVER_EN被拉高,表示正在进行恢复出厂设置操作,结束后RECOVER_EN被拉低,表示操作完成,这时候采RECOVER_EN的下降沿,生成RECOVER_EN_N信号,用RECOVER_EN_N信号作为MUX的Select端,将LOCK拉低,表示用户存储器不被锁定,用户可以通过调试端口访问存储器;Figure 6 shows the hardware logic implementation of the factory reset; any state of the unlocked state, the pre-locked state, the locked state, and the unlocked state can be restored to the factory state by the factory reset operation, that is, the memory is completely wiped. The status of the division. After performing the factory reset, the user password and data are erased. When the factory setting is restored, RECOVER_EN is pulled high, indicating that the factory reset operation is in progress. After the end, RECOVER_EN is pulled low, indicating that the operation is completed. At this time, the falling edge of RECOVER_EN is used to generate the RECOVER_EN_N signal, and the RECOVER_EN_N signal is used as the Select end of the MUX. Pull LOCK low, indicating that the user memory is not locked, the user can access the memory through the debug port;
进行恢复出厂设置操作具体包括:RECOVER_EN拉高,表示恢复出厂设置操作开始;擦除Flash数据区域,擦除Flash NVR区域;RECOVER_EN拉低,表示恢复出厂设置操作结束;采样到RECOVER_EN的下降沿RECOVER_EN_N,并用RECOVER_EN_N来将LOCK拉低,表示存储器不被锁定;存储器可以被访问;The operation of restoring the factory settings includes: RECOVER_EN is pulled high, indicating that the factory reset operation starts; erasing the Flash data area, erasing the Flash NVR area; RECOVER_EN is low, indicating that the factory reset operation ends; sampling the falling edge of RECOVER_EN RECOVER_EN_N, And use RECOVER_EN_N to pull LOCK low, indicating that the memory is not locked; the memory can be accessed;
其中,防止误操作,写入出厂设置启动命令可以遵循一定规则,由用户最终确定实收进行恢复出厂设置。Among them, to prevent misoperation, the factory setting start command can follow certain rules, and the user finally determines the actual receipt to restore the factory settings.
在实际应用中,设置模块71和控制模块72可以由集成电路芯片的处理器或硬件逻辑等实现。In practical applications, the setup module 71 and the control module 72 can be implemented by a processor or hardware logic or the like of an integrated circuit chip.
以上所述,仅为本申请的最佳实施例而已,并非用于限定本申请的保护范围,凡在本申请的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本申请的保护范围之内。The above is only the preferred embodiment of the present application, and is not intended to limit the scope of the present application. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present application should be included in Within the scope of protection of this application.
在前述实施例的基础上,本申请还提供了一种存储介质,该计算机存储介质包括一组计算机可执行指令,所述计算机可执行指令配置为执行:Based on the foregoing embodiments, the present application further provides a storage medium including a set of computer executable instructions configured to execute:
为存储器的指定数据保存区设置第一访问认证信息;获取指定端口的访问目标信息;当所述访问目标为所述指定数据保存区时,限制访问所述 指定数据保存区;Setting first access authentication information for a specified data storage area of the memory; acquiring access target information of the designated port; and restricting access when the access target is the specified data storage area Specify the data save area;
获取第二访问认证信息;Obtaining second access authentication information;
当第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。When the second access authentication information matches the first access authentication information, access to the designated data save area is permitted.
所述计算机可执行指令配置为执行:满足预设条件时,清除所述指定数据保存区的内容。The computer executable instructions are configured to execute: clearing content of the specified data save area when a predetermined condition is met.
所述计算机可执行指令配置为执行:所述第二访问认证信息与所述第一访问认证信息匹配失败次数超出预设匹配失败次数阈值时,清除所述指定数据保存区的内容;The computer executable instructions are configured to: when the number of times the second access authentication information matches the first access authentication information fails to exceed a preset matching failure threshold, clear the content of the specified data storage area;
和/或,and / or,
输入预设清除指令时,清除所述指定数据保存区的内容。When the preset clear command is input, the content of the specified data save area is cleared.
所述计算机可执行指令配置为执行:将所述第一访问认证信息存储在所述指定数据保存区。The computer executable instructions are configured to execute: storing the first access authentication information in the designated data save area.
进一步地,一种集成电路芯片,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,Further, an integrated circuit chip includes: a processor and a memory for storing a computer program executable on the processor,
其中,所述处理器用于运行所述计算机程序时,执行:Wherein the processor is configured to execute when the computer program is executed:
为存储器的指定数据保存区设置第一访问认证信息;获取指定端口的访问目标信息;当所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;Setting first access authentication information for the designated data storage area of the memory; acquiring access target information of the designated port; and restricting access to the specified data storage area when the access target is the designated data storage area;
获取第二访问认证信息;Obtaining second access authentication information;
当第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。When the second access authentication information matches the first access authentication information, access to the designated data save area is permitted.
所述计算机可执行指令配置为执行:满足预设条件时,清除所述指定数据保存区的内容。The computer executable instructions are configured to execute: clearing content of the specified data save area when a predetermined condition is met.
所述处理器用于运行所述计算机程序时,执行: The processor is configured to execute when the computer program is executed:
所述第二访问认证信息与所述第一访问认证信息匹配失败次数超出预设匹配失败次数阈值时,清除所述指定数据保存区的内容;Clearing the content of the specified data storage area when the number of times the first access authentication information fails to match the first access authentication information exceeds a preset matching failure number threshold;
和/或,and / or,
输入预设清除指令时,清除所述指定数据保存区的内容。When the preset clear command is input, the content of the specified data save area is cleared.
所述处理器用于运行所述计算机程序时,执行:The processor is configured to execute when the computer program is executed:
将所述第一访问认证信息存储在所述指定数据保存区。The first access authentication information is stored in the designated data storage area.
工业实用性Industrial applicability
本申请提供了一种存储器数据保护方法、集成电路芯片及存储介质,在芯片内部采用软件或硬件逻辑的方式,为存储器的指定数据保存区设置第一访问认证信息;获取指定端口的访问目标信息;所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;输入的第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。如此,只有输入的访问认证信息与指定数据保存区预设的访问认证信息一致时,才允许访问指定数据保存区,能实现存储器数据保护,且降低芯片所在系统设计复杂程度和成本。 The present application provides a memory data protection method, an integrated circuit chip, and a storage medium. The first access authentication information is set for a specified data storage area of the memory by using software or hardware logic inside the chip; and the access target information of the designated port is obtained. When the access target is the specified data save area, restrict access to the specified data save area; and when the input second access authentication information matches the first access authentication information, permit access to the specified data save area. In this way, only when the input access authentication information is consistent with the access authentication information preset in the specified data storage area, access to the specified data storage area is allowed, memory data protection can be realized, and the system design complexity and cost of the chip are reduced.

Claims (10)

  1. 一种存储器数据保护方法,所述方法包括:为存储器的指定数据保存区设置第一访问认证信息;所述方法还包括:A memory data protection method, the method comprising: setting a first access authentication information for a specified data storage area of the memory; the method further comprising:
    获取指定端口的访问目标信息;当所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;Obtaining access target information of the designated port; when the access target is the specified data save area, restricting access to the specified data save area;
    获取第二访问认证信息;Obtaining second access authentication information;
    当第二访问认证信息与所述第一访问认证信息匹配时,允许访问所述指定数据保存区。When the second access authentication information matches the first access authentication information, access to the designated data save area is permitted.
  2. 根据权利要求1所述的方法,其中,所述方法还包括:满足预设条件时,清除所述指定数据保存区的内容。The method of claim 1, wherein the method further comprises: clearing the content of the designated data save area when the preset condition is met.
  3. 根据权利要求2所述的方法,其中,所述满足预设条件时,清除所述指定数据保存区的内容,包括:The method of claim 2, wherein when the predetermined condition is met, clearing the content of the specified data save area comprises:
    所述第二访问认证信息与所述第一访问认证信息匹配失败次数超出预设匹配失败次数阈值时,清除所述指定数据保存区的内容;Clearing the content of the specified data storage area when the number of times the first access authentication information fails to match the first access authentication information exceeds a preset matching failure number threshold;
    和/或,and / or,
    输入预设清除指令时,清除所述指定数据保存区的内容。When the preset clear command is input, the content of the specified data save area is cleared.
  4. 根据权利要求1所述的方法,其中,所述方法还包括:将所述第一访问认证信息存储在所述指定数据保存区。The method of claim 1, wherein the method further comprises storing the first access authentication information in the designated data save area.
  5. 一种集成电路芯片,所述集成电路芯片包括:设置模块和控制模块;其中,An integrated circuit chip, the integrated circuit chip comprising: a setting module and a control module; wherein
    所述设置模块,配置为为存储器的指定数据保存区设置第一访问认证信息;The setting module is configured to set first access authentication information for a designated data storage area of the memory;
    所述控制模块,配置为获取指定端口的访问目标信息;所述访问目标为所述指定数据保存区时,限制访问所述指定数据保存区;获取第二访问认证信息;当第二访问认证信息与所述第一访问认证信息匹配时,允许访 问所述指定数据保存区。The control module is configured to acquire access target information of the designated port; when the access target is the specified data save area, restrict access to the designated data save area; acquire second access authentication information; and when the second access authentication information Allow access to the first access authentication information Ask the specified data save area.
  6. 根据权利要求5所述的集成电路芯片,其中,所述控制模块,配置为满足预设条件时,清除所述指定数据保存区的内容。The integrated circuit chip of claim 5, wherein the control module is configured to clear content of the designated data save area when the preset condition is met.
  7. 根据权利要求6所述的集成电路芯片,其中,所述控制模块,配置为所述第二访问认证信息与所述第一访问认证信息匹配失败次数超出预设匹配失败次数阈值时,清除所述指定数据保存区的内容;和/或,The integrated circuit chip according to claim 6, wherein the control module is configured to clear the second access authentication information and the first access authentication information when the number of matching failures exceeds a preset matching failure threshold Specify the contents of the data save area; and/or,
    输入预设清除指令时,清除所述指定数据保存区的内容。When the preset clear command is input, the content of the specified data save area is cleared.
  8. 根据权利要求5所述的集成电路芯片,其中,所述设置模块,配置为将所述第一访问认证信息存储在所述指定数据保存区。The integrated circuit chip of claim 5 wherein said setting module is configured to store said first access authentication information in said designated data save area.
  9. 一种存储介质,该计算机存储介质包括一组计算机可执行指令,所述计算机可执行指令配置为执行权利要求1至4任一项所述的方法的步骤。A storage medium comprising a set of computer executable instructions configured to perform the steps of the method of any one of claims 1 to 4.
  10. 一种集成电路芯片,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,An integrated circuit chip comprising: a processor and a memory for storing a computer program capable of running on the processor,
    其中,所述处理器用于运行所述计算机程序时,执行权利要求1至4任一项所述方法的步骤。 Wherein the processor is operative to perform the steps of the method of any one of claims 1 to 4 when the computer program is run.
PCT/CN2017/089040 2016-08-30 2017-06-19 Memory data protection method, integrated circuit chip, and storage medium WO2018040678A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610779105.0 2016-08-30
CN201610779105.0A CN107784235A (en) 2016-08-30 2016-08-30 A kind of memory data protecting method and IC chip

Publications (1)

Publication Number Publication Date
WO2018040678A1 true WO2018040678A1 (en) 2018-03-08

Family

ID=61299957

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/089040 WO2018040678A1 (en) 2016-08-30 2017-06-19 Memory data protection method, integrated circuit chip, and storage medium

Country Status (2)

Country Link
CN (1) CN107784235A (en)
WO (1) WO2018040678A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115051819A (en) * 2022-03-01 2022-09-13 深圳开源互联网安全技术有限公司 Request response method, device, computer equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6738913B1 (en) * 1999-01-19 2004-05-18 Fujitsu Limited Storage device and access control method
CN102216998A (en) * 2008-12-16 2011-10-12 桑迪士克公司 Controlled data access to non-volatile memory
WO2011124625A1 (en) * 2010-04-09 2011-10-13 St-Ericsson Sa Method and device for protecting memory content
US20150089247A1 (en) * 2013-09-23 2015-03-26 Samsung Electronics Co., Ltd. Storage medium having security function and security method thereof
CN105279458A (en) * 2014-06-20 2016-01-27 株式会社东芝 Storage apparatus, communication apparatus, and storage control system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6738913B1 (en) * 1999-01-19 2004-05-18 Fujitsu Limited Storage device and access control method
CN102216998A (en) * 2008-12-16 2011-10-12 桑迪士克公司 Controlled data access to non-volatile memory
WO2011124625A1 (en) * 2010-04-09 2011-10-13 St-Ericsson Sa Method and device for protecting memory content
US20150089247A1 (en) * 2013-09-23 2015-03-26 Samsung Electronics Co., Ltd. Storage medium having security function and security method thereof
CN105279458A (en) * 2014-06-20 2016-01-27 株式会社东芝 Storage apparatus, communication apparatus, and storage control system

Also Published As

Publication number Publication date
CN107784235A (en) 2018-03-09

Similar Documents

Publication Publication Date Title
JP5419776B2 (en) Semiconductor device and data processing method
TWI732175B (en) Secure device state apparatus and method and lifecycle management
TWI402682B (en) Memory protection for embedded controllers
TWI648652B (en) Technology to repair compromised system boot code
JP5607546B2 (en) Method and apparatus for controlling system access during a protected mode of operation
US6622184B1 (en) Information processing system
US20070237325A1 (en) Method and apparatus to improve security of cryptographic systems
JP2011210037A5 (en)
TW200832427A (en) Virtual secure on-chip one time programming
BRPI0710396B1 (en) trusted platform field update system and reliable platform field update method
TWI775346B (en) System and method preventing rollback attacks
WO2020063975A1 (en) Partition protection method and apparatus for non-volatile memory
JP6518798B2 (en) Device and method for managing secure integrated circuit conditions
KR102432451B1 (en) Semiconductor device and method for operating semiconductor device
WO2018040678A1 (en) Memory data protection method, integrated circuit chip, and storage medium
CN111026683A (en) Method for accessing memory
TWI738020B (en) Electronic machine and its control method
JP5761880B2 (en) Automobile
JP5603993B2 (en) Electrical unit and data processing method
Fukami et al. Exploiting RPMB authentication in a closed source TEE implementation
CN114968117A (en) Memory protection system
KR20240005406A (en) Secure processor performing user authentication, and user device including the same
JP2010286866A (en) Micro-controller device
JP2008289716A (en) Illegal operation prevention device for game machine, its method, and game machine

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17844984

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17844984

Country of ref document: EP

Kind code of ref document: A1