CN114490503A

CN114490503A - High-performance low-power-consumption eSIM card chip system

Info

Publication number: CN114490503A
Application number: CN202210010169.XA
Authority: CN
Inventors: 何军
Original assignee: Guangzhou Wise Security Technology Co Ltd
Current assignee: Guangzhou Wise Security Technology Co Ltd
Priority date: 2022-01-06
Filing date: 2022-01-06
Publication date: 2022-05-13

Abstract

The invention discloses a high-performance low-power-consumption eSIM card chip system which comprises a CPU, an MMU memory management module, an eflash module, an ILM _ RAM module, a DLM _ RAM module, a PMU power consumption control module, a CLK clock control module, an AHB _ DMA module, a UCAA operation module, a HASH operation module, a DMA direct access module, an SM1 operation module, a DES operation module, an SM4 operation module and a configurable vector interrupt controller. The advantages are that: compared with other eSIM card chips on the market at present, the system has higher Java card execution efficiency and lower power consumption control under the same CPU frequency, and can be better used as a carrier for payment application communication of mobile equipment such as mobile phones, POS machines and the like.

Description

High-performance low-power-consumption eSIM card chip system

Technical Field

The invention relates to the technical field of an eSIM card chip, in particular to an eSIM card chip system with high performance and low power consumption.

Background

The eSIM card is a SIM card having two interface functions of ISO7816 and SWP, and an eSIM card chip on the market at present mainly faces to mobile payment applications and is used in chips of mobile devices such as mobile phones. At present, the eSIM card chip widely used in the market uses a 32-bit ARM series RISC processor, and has a 40KB SRAM and a 1MB FLASH inside for data storage. The eSIM card chip mainly uses AHB and APB bus structures. In the current market, various types of eSIM cards are applied more and more, and the scenes of using the functions of an encryption and decryption module in a chip are more and more, so that the eSIM card chip which has high performance and lower power consumption is a trend of the future mobile phone market for the standby time of batteries of mobile devices such as mobile phones.

In the mainstream eSIM card chip available in the market at present, there are two mainstream chips:

1. the bus structure used by the second eSIM card chip is as follows: peripheral modules with frequent system interaction, large data throughput and high performance requirement are hung on the AHB, and comprise a memory system, a system control module, DES, AES, SM1, SM3, SM4, PKE, CRC and the like. And the memory security management mechanism can provide high-security-level protection for the algorithm. The target algorithm is realized by calling a software library. Modules with less interaction times with a system, small data volume and low performance requirement are hung on an APB bus of the chip, and comprise 7816 modules, GPIO modules, SWP modules, SPI modules, RNG modules, Timer modules, WDT modules and the like.

The main characteristics of the on-chip NVM (particularly Flash) interface of the eSIM card chip are as follows: the page size is 512B, and the page/block erasing, page writing verification, page erasing verification and BUF clearing operation are supported. The NVM write operation is in minimum units of pages, so before executing various page write commands to the NVM, software must ensure that a full page of data is written, for which addresses within the page that have never been written can be written to full F, otherwise the validity of data read from unwritten addresses cannot be ensured.

The power consumption management of the eSIM card chip comprises the following steps: after the WFE instruction is executed and the Standby state is entered, all interrupt signals can wake up the chip. Standby mode is a low power mode that the system actively enters. The system can enter the standby mode when the 7816 interface and the SWP interface are not in the working state. When the chip enters the standby state, the activity of any interface directly wakes up the chip to exit the standby state. In the chip, the ISO7816 interface can enter a low power mode in case the reader stops the external clock. When the pin C6 of the SWP interface is in a SUSPENDED state, and the UICC receives response information that the SHDLC layer no longer communicates with the UICC request, and the SWP interface is in the SUSPENDED state, the SWP interface can enter a low power consumption mode.

The CPU Hold mode of the chip comprises a PKE low power consumption mode and a FLASH operation low power consumption mode, wherein the PKE low power consumption mode specifically comprises the following steps: in order to prevent the system power consumption from being overlarge during the operation of the PKE, the low power consumption mode can be selected by setting corresponding parameters of a power consumption control register. When the PKE low power consumption mode is selected, after the CPU starts the coprocessor to operate, the CPU clock is stopped so as to reduce the system power consumption. And after the operation of the coprocessor is finished, automatically recovering the CPU clock and exiting the low-power-consumption mode of the coprocessor. The FLASH operation low power consumption mode specifically comprises the following steps: in order to reduce the system power consumption during the operations of FLASH Erase and Program, a FLASH operation low power consumption mode can be selected by setting a FLASHLPMode parameter of a power consumption control register. When the FLASHLPMode is equal to 1, after the CPU starts FLASH Erase or Program, the CPU clock will stop to reduce the system power consumption. And after the Erase/Program is finished, automatically waking up the clock by the CPU, and exiting the FLASH operation low-power-consumption mode.

As can be seen from the CPU Hold mode operation flow of the chip, for PKE, the high-power-consumption operation of FLASH only stops the CPU clock to reduce the power consumption of the system, which is equivalent to a running mode for working.

The LLC layer ACT and SHDLC frame analysis of the chip is completely completed by upper layer software, and the SWP completes the CLT frame protocol analysis of the MAC layer and the LLC layer only on the hardware layer. Therefore, the function of the SWP interface is not powerful enough, and the software needs to do a lot of packet unpacking and protocol control communication according to the protocol, so the execution efficiency of the SWP interface is very low.

2. The bus structure used by the second eSIM card chip is as follows: the AHB bus is only hung with NVM memory, SRAM, and CPU; the hardware encryption coprocessor and the security encryption module are mounted on an APB bus, and the APB bus has lower access performance than an AHB bus, and the interruption clearing of APB peripheral interrupt needs to take a plurality of clock cycles, so that the performance is not high enough, and the protection provided by the algorithm is not high enough. The chip supports that the function of the SWP interface of the ETSI TS 102613 specification is not strong enough, the chip provides a DMA function to move data in an SWP hardware module, but a user program is required to analyze a data packet, and an SHDLC protocol is realized from a software layer, so that the communication management function of the SWP interface of the chip costs a large amount of system resources, and the function of the SWP interface is not strong enough.

The chip uses DMA function inside the SWP 7816 module for receiving and transmitting data on the interface. And no DMA IP controller is mounted on the AHB bus.

The low-power management of the chip comprises the control management of interface dormancy and the control management of dormancy awakening. The system enters deep sleep and all interfaces are required to be in a dormant state.

The eSIM chip is used for carrying out large-power-consumption operation, such as NVM erasing and writing, a PKE algorithm, and a CPU (central processing unit) is required to be in a light sleep state. When the operation is completed, the corresponding event will wake up the CPU. Thereupon, the CPU goes directly to execute a command after the WFE without jumping to the ISR. The flow of event wake shallow sleep CPU can be seen in fig. 1.

The total RAM capacity of the eSIM chip is 40KB, the CPU can access the eSIM chip, the RAM is general 32KB, and each communication interface of 8KB is a specific buffer. The NVM page size is 512B, with each page including 2 half pages of size 256B.

The page erasing operation of the eSIM chip is to erase all the pages of 512B at one time; the write operation of the eSIM chip uses specified double word programming in half page, namely, the address and data to be written are marked by writing the data to be written to the specified position in the buffer area. The write data must be a number of double words (N × 8 bytes). These marked doublewords will be data programmed at once after initiating the programming action. The programmed state: the read value is the write value. NVM programming time: TFP is 100 μ s +53 μ s × N, where N represents the number of doublewords of data. The NVM page 512B of this chip takes time 2 × (100 μ s +53 μ s × 32) ═ 3592 μ s to program. The specific process of the write operation is as follows: setting chip NVM control registers-write data to be programmed to NVM target address, start address must be double word aligned address, number of writes must be integer multiple of double word (8 bytes) -set chip NVM control registers-write 0xFFFFFFFF to NVM target page arbitrary address-user program set CPU enter sleep (WFE/WFI) -query SFR NVMSTS end, NVMSTS1 has errors-clear SFR NVMSTS and SFR NVMSTS 1.

The Javacard application is called an Applet and must conform to the Java Card specification. The basic structure of the Java card Applet is as follows:

1. install () method: when the Applet is downloaded to the JAVA card, an install () method is started to install the Applet, and parameters required by the Applet are transmitted to the Applet for installation.

2. register () method: after the Applet is installed, a register () method is called to register the Applet to the JCRE.

3. select () method: before a certain Applet is operated, the JCVM firstly calls a select () method to select the Applet.

4. process () method: the method is a core method when the Applet works. After the terminal sends command APDU to the card, COS receives the APDU first, then transfers the APDU to JCRE, and the JCRE sends the APDU to the process method of the currently selected Applet for processing. The Process method is generally designed into a branch selection structure, executes different processing methods according to different command APDUs, and returns a processing result to JCRE until the processing result is returned to the terminal. An Applet is developed and designed, and the main work is to write a process method according to requirements.

The main responsibilities of the GlobalPlatform environment (hereinafter referred to as OPEN) are to provide API for applications, command distribution, application selection, logical channel management (MANAGE CHANNEL commands are only handled by OPEN and not distributed to applications), and management of card content.

OPEN performs loading of AP code and associated card content management.

OPEN is also responsible for the installation of applications already loaded into the card. OPEN is to enforce the security principles defined for application loading and installation. These principles include verification of the application code and application loading and/or installation credentials provided by the card issuer.

Another important responsibility of OPEN is the distribution of APDU commands and the choice of application. When the OPEN receives the SELECT command, it sets the application specified in the SELECT command to the selected application to which subsequent application commands should be distributed.

Except for the MANAGE CHANNEL command and the SELECT command, all other commands are dispatched directly to the currently selected application on the base logical channel.

FIG. 2 is a system framework diagram of a conventional Java Card, and it can be seen that the bottom layer of the Java Card is Hardware, i.e., a chip. Located on the hardware is an operating system os (operating system), usually a customized micro operating system (RTOS), and on the operating system is a Java Card Runtime environment JCRE (Java Card Runtime environment), where the JCRE includes a Java Card Virtual machine JCVM (Java Card Virtual machine), and the JCVM can parse and execute Java Card bytecode, so that the Java Card application can run normally on the Card. The Global Platform runtime environment OPEN provides functions such as command distribution, application selection, logical channel management, and card content management for applications that can use these services by calling GP APIs located above the OPEN. The card issuer Security domain isd (issue Security domain) can manage the card content, the card life cycle and the application life cycle, is the basis of other Security domains, and is a representative of a card manager in the card; the supplemental Security domain ssd (supplemental Security domain) may provide a Security domain for the application provider, which is a representation of the application provider within the card. JC API (Java Card application programming interface) is an application program interface of Java Card, and applications App1, App2 running on Java Card can use services provided by JCRE through JC API.

Currently, eSIM cards are implemented based on a Java card platform. In a Java platform, Flash writing needs exist for writing Flash for multiple times to backup data and the like, and each APDU instruction ensures the atomicity of erasing Flash through a transaction mechanism. Therefore, the analysis speed of the APDU instruction and the writing speed of the Flash are improved, and the importance is high.

From the perspective of marketization, on the premise that the chip hardware performance of an eSIM card manufacturer is fixed, on one hand, optimization can be performed in a way of writing Java Applet source codes, a more scientific algorithm design method is used, and a code execution flow is optimized, so that high-time-consuming operations are executed more regularly and in a planned way, and the execution efficiency of the application can be directly improved. However, because the developer of the Applet is not controllable in the Java card environment, it is not feasible to propose optimization requirements from the programming perspective of the Applet, and the design method and the system improve the performance from the perspective of the parallelism of the Java virtual machine execution and the DMA. A method form needs to be loaded into a general Java virtual machine, and corresponding Java virtual machine codes are loaded according to the offset position, so that method calling is completed. The content of the data structure of the form format of each component of the Java card is stored in a Flash storage unit, and multiple Flash reading and erasing operations are required for reading and analyzing.

When the target application is selected to be executed by the Java virtual machine, the Java virtual machine finds the Flash storage position corresponding to the Java virtual machine code of the application, and loads the Flash storage position into the Java virtual machine for analysis and execution. For the stack operation, since the cache data is operated in the RAM of the chip, and the read-write speed of the RAM is far higher than that of the Flash memory domain, the execution speed of the stack operation is very high. However, due to the limitation of the hardware level of the existing Java card chip and the consideration of the chip cost, it is impossible to place all data in the RAM for operation, so most of the data can still be stored in the Flash memory, and the operation speed of the Flash memory is much lower than that of the RAM memory, so that the key factor influencing the execution efficiency of the Java API is the slow read-write speed of the Flash memory under a certain hardware condition.

From the mainstream eSIM card chip data on the market, when Flash is written, the CPU is in a stop state, the WFE and FEI instructions close the CPU clock, that is, after erasing and writing operations are performed on a program in the NVM, subsequent instructions are suspended, and the program can not be continuously executed until the erasing and programming operations are finished, which is equivalent to a running operation, and the execution performance of the Java card is affected. The internal parts of the eSIM card chips are not provided with a DMA controller mounted on an AHB bus, the functions of the eSIM card chips on an SWP interface are not efficient enough, and the management control of an SHDLC protocol, including the processes of assembling a data packet, analyzing the data packet, communicating timing and the like, needs to be carried out by a program, so that the power consumption of the chips is increased. In addition, the chips can be in a low power consumption mode only when communication is finished, and in the view of the Java card technology, power consumption control is based on application transactions, so that the working time of a CPU is longer, and the power consumption of the chips is increased.

Disclosure of Invention

An object of the present invention is to provide an eSIM card chipset system with high performance and low power consumption, thereby solving the aforementioned problems in the prior art.

In order to achieve the purpose, the technical scheme adopted by the invention is as follows:

an eSIM card chip system with high performance and low power consumption comprises a CPU, an MMU memory management module, an eflash module, an ILM _ RAM module, a DLM _ RAM module, a PMU power consumption control module, a CLK clock control module, an AHB _ DMA module, a UCAA operation module, a HASH operation module, a DMA direct access module, an SM1 operation module, a DES operation module, an SM4 operation module and a configurable vector interrupt controller;

the CPU is connected with an MMU memory management module through an I _ AHB bus, and the MMU memory management module is respectively connected with an eflash module and an ILM _ RAM module through a FLASH _ Ctrl interface and a RAM _ CTRL interface; the CPU is connected with an AHB _ DMA module, a UCAA module, a HASH module, a DMA direct access module, an SM1 operation module, a DES operation module and an SM4 operation module through an SYS _ AHB bus; the AHB _ DMA module is connected with the eFLASH module through a FLASH _ CTRL interface, and the AHB _ DMA module is connected with the ILM _ RAM module and the DLM _ RAM module through a RAM _ CTRL interface;

the SYS _ AHB bus is connected with an AHB2APB control line, and a watchdog, a counter, a cyclic redundancy check module, a pure digital true random number generator, a programmable IO module, an IIC interface module, an SPI interface module, a UART interface module, an SWP interface module and a 7816 interface module are connected to the AHB2APB control line;

the MMU memory management module is connected with an AHB2SFR control line through an SFR bus, and the CLK clock control module and the PMU power consumption control module are both connected on the AHB2SFR control line; the CLK clock management module is connected with an OSC _ HF clock and an OSC _ LF clock;

the CPU is connected with the configurable vector interrupt controller through a tightly coupled IP supporting single CPU clock cycle access;

the RAM _ CTRL interface is a control interface of the SRAM and is used for controlling the read-write operation of the SRAM;

the FLASH _ CTRL interface is a FLASH control interface and is used for controlling the read-write operation of FLASH;

the OSC _ HF clock is a source clock or provides a normal working clock for the system after frequency division;

and the OSC _ LF clock is a wake-up clock for waking up the CPU.

Preferably, for the application selected by the OPEN, the virtual machine executes the Remap operation of the MMU memory management module on the process method of the selected Applet application, that is, by means of the DMA direct access module, the execution code corresponding to the process method of the application is copied from the Flash address corresponding to the process method to the space of the ILM _ RAM module, and the corresponding code is executed in the RAM memory, so as to improve the execution efficiency;

the concrete process of the Remap operation is as follows:

moving programs with addresses n1 KB-n 2KB in Flash to n3 KB-n 4KB spaces in an ILM _ RAM module;

a remap source address register, a remap destination address register, and a remap length register;

remapping an enabling register and starting an acceleration mechanism; after remapping the enabling register, actually accessing n3 KB-n 4KB spaces of the SRAM when accessing n1 KB-n 2KB address spaces of the Flash;

after the register remapping configuration is completed, the DMA direct access module starts to move, and meanwhile, the CPU runs Java virtual machine codes.

Preferably, each new application selected by the Java virtual machine moves the content in the Flash to the memory as much as possible according to the source address of the Process form and the number of bytes of the form, so as to improve the execution efficiency of the Applet.

Preferably, when the Page content needs to be read from the Flash, the Page reading function of the DMA direct access module is used; when Page content in Flash is to be modified, the Page erasing and writing function of the DMA direct access module is used.

Preferably, the Java main cycle in the system drives the firmware by the interrupt on the interface, the firmware enters the WAIT mode after analyzing the APDU command, and after the system sends a response data packet to the host to complete the interrupt generation, the CPU is awakened from the WAIT mode and then enters a deeper low-power-consumption Stop mode;

if Flash is required to be erased and written, the Flash is erased and written according to pages by using a DMA direct access module, and a program runs in an ILM-RAM module; in this case, the CPU wakes up twice from the WAIT mode, once for a DMA Burst PageWrite completion interrupt, and once for an interface send completion interrupt; then entering a STOP mode;

the system provides a Burst writing function and limits the maximum length of each Burst writing to 64 words.

Preferably, the system comprises, in combination,

instructing a low power mode; the CPU executes an execution instruction to enter a low-power-consumption mode, which is divided into a STOP mode and a WAIT mode;

the STOP mode is specifically: setting a STOP instruction of the CUP, wherein in a STOP mode, except a part of circuits directly driven by an external clock and an internal OSCLF in a communication interface, clocks of other parts of the system are all stopped, and an analog module enters a STOP state so as to reduce the power consumption of the system; after the communication interface receives the data/command or the reset signal, the communication interface quits the STOP mode and the system clock is restored to the original value;

the WAIT mode specifically includes: setting a WAIT instruction of a CPU, enabling the CPU to enter a WAIT state, stopping a clock of the CPU to reduce power consumption, and exiting the WAIT state when an interrupt occurs;

a UCAA low power mode; when the Applet needs to use the UCAA algorithm, the algorithm is completed by calling a UCAA APIs function provided by the system, a register is set in the UCAA APIs function, and a UCAA low-power-consumption mode is selected; in the UCAA low-power-consumption mode, after the CPU starts the UCAA operation module, clocks of other parts of the system are stopped so as to reduce the power consumption of the system; after the operation is finished, automatically recovering the system clock and exiting the low power consumption state;

in the UCAA low-power-consumption mode, after the RSA algorithm starts to operate, the CLK clock management module, the eFlash module, the DES operation module and the SM1 operation module stop;

NVM erasing low power mode; when the Applet needs to use the erasing Flash, the erasing Flash is finished by calling a Writeflash API function provided by the system, the Writeflash API function sets a register according to the actual erasing or writing or moving function, and an NVM erasing low-power-consumption mode is selected; in the NVM erasing low-power-consumption mode, after the CPU starts the Flash Erase or Program, clocks of other parts of the system are stopped so as to reduce the power consumption of the system; after the Erase/Program is finished, automatically recovering the system clock and exiting the low power consumption state;

in the NVM erasing low power consumption mode, the CLK clock management module, the UCAA operation module, the DES operation module and the SM1 operation module are all stopped during the Flash Erase/Program period.

Preferably, the working flow of the Java virtual machine of the system is as follows:

s1, after the system is powered on, the CPU execution environment is initialized, the 7816 interface, the SWP interface, the ISR interface, the WriteFlash API and the Java _ Loop are copied to the ILM _ RAM module from the Flash by using the moving function of the DMA direct access module, and the initial address which can be used for Remap in the system is obtained: 0x00A 01000;

s2, initializing a system Java virtual machine;

s3, according to the detection result of the interface hardware, register configuration is carried out on the 7816 interface and the SWP interface, and the corresponding interface interruption of the register is enabled; setting Sys _ WaitingCnt and setting Sys _ JobCnt to be 0; entering a virtual machine main Loop Java _ Loop API from step S4, which is an IRAM program;

s4, if Sys _ Waitingcnt is not equal to 0, calling an assembly instruction to enable the system to enter a WAIT mode, and repeating the step S4 until the system is interrupted and awakened; if Sys _ WaitingCnt is equal to 0, go to step S5;

s5, calling an assembly instruction to enable the system to enter a STOP mode with the lowest power consumption;

s6, the system receives the APDU order, exits the STOP mode, if the current activation interface is 7816 interface, sets the APDU data buffer pointer to the data buffer of 7816 interface; if the current activated interface is the SWP interface, setting an APDU data buffer area pointer to a data buffer area of the SWP interface; sys _ JobCnt is decreased by 1;

s7, the Java virtual machine checks the APDU command, if the current command is not MANAGE CHANNE command or SELECT command, the step S9 is carried out; if the current instruction is an MANAGE CHANNEL instruction, the Java virtual machine performs corresponding processing, writes return data into the APDU data buffer, and then proceeds to step S10; if the current instruction is a SELECT command, go to step S8;

s8, after the current target application is selected by OPEN, Remap operation of MMU memory management module is executed to the process method of the application, that is, from the Flash address corresponding to the Process method of the application, the Flash page address corresponding to the Process method form bytecode thereof is copied to the space of the ILM _ RAM module by means of the moving function of the DMA direct access module, the form byte number RemapSize of the method is obtained and aligned to the whole K byte number, if RemapSize is larger than 12KB, setting RemapSize to be equal to 12KB, setting the source address of a remapping original address register to be the position of the whole K byte number address of the form Flash, setting the target address of a remapping target address register to be 0x00A01000, setting the length of a remapping length register to be RemapSize, enabling the register to execute the remapping function, and copying the Flash content of Remap to an ILM-RAM module by means of the parallel execution characteristic of a DMA direct access module and a CPU (Central processing Unit), wherein the maximum is 12 KB; the Java virtual machine writes the return data into the APDU data buffer, and then proceeds to step S10;

s9, calling the currently selected application by the Java virtual machine, analyzing the APDU instruction, and remapping the byte code corresponding to the process method operation of 12KB onto the ILM-RAM module, so that the execution efficiency of the Java analysis APDU instruction can be improved; if the processor of the Applet needs to write Flash, writing 512B data back to Flash by calling a system Wrtflash API, writing the data to a target Flash address by a DMA burst write function, setting Sys _ WaitingCnt to increase by 1 in the Wrtflash API, finishing interruption by a DMA direct access module, and setting Sys _ WaitingCnt to decrease by 1 time in the interruption service program; writing the return data into the APDU data buffer, and then proceeding to step S10;

s10, for the current interface, calling a system transmission API to transmit the data of the APDU data buffer to the host, setting Sys _ Waitingcnt in the transmission API to increase by 1, and enabling the DMA direct access module to finish the transmission of the interrupt, wherein Sys _ Waitingcnt is set to decrease by 1 in the interrupt service program;

s11, if Sys _ JobCNT is not equal to 0, returning to step S6; otherwise, the process returns to step S4.

Preferably, the UCAA operation module comprises an RSA algorithm, an SM2 algorithm and an ECC algorithm; the HASH operation module comprises an SHA1 algorithm, an SM3 algorithm and an SHA256 algorithm.

Preferably, the ILM _ RAM module is a single-port SRAM of 16 KB; the DLM _ RAM module is a single-port SRAM of 24 KB.

The invention has the beneficial effects that: 1. the system mounts the DMA direct access module on the AHB bus, so that the execution of the program can be parallelized to the maximum extent, the execution efficiency of the Java card is greatly improved, the working time of the chip is reduced, and the overall power consumption of the eSIM chip is reduced. 2. The ILM-RAM module is mounted on the SYS-AHB bus and connected with the CPU through the I-AHB bus, and codes needing speed acceleration are placed on the ILM-RAM module to be executed in use, so that parallelization can be performed to the maximum extent, execution efficiency of the Java card is greatly improved, working time of a chip is reduced, and overall power consumption of an eSIM chip is reduced. 3. The 7816 interface interrupt service program, the SWP interface interrupt service program, the DMA interrupt service program, the Writeflash API and other key function firmware codes are defined as programs which are logically on the ILM-RAM module, physically on the FLASH and executed in the ILM-RAM module, so that the instruction processing performance of the whole chip is improved. 4. The method comprises the steps that an APDU SELECT instruction is issued at a host end, when the Java card virtual machine receives and analyzes a new Applet to be selected, the Java card virtual machine further processes the obtained Procees method form of the selected Applet to obtain the corresponding FLASH page address and the byte number of the form, MMU Remap is carried out on the FLASH content of the section, and therefore remapping design is dynamic, namely when the Applet is switched, MMU Remap operation is carried out on the new Applet, speed-up processing is carried out on key codes, and therefore the efficiency of the Java card virtual machine is improved. 5. The Flash page is written by using the moving function of the DMA, so that the instruction is processed in a parallelized manner, and the execution performance of the chip is improved; the WriteFlash API is an ILM-RAM program, and the Procees method of the Applet runs in an ILM-RAM module, so that the Procees method can be normally run when FLASH page programming is carried out, and FLASH page writing in Java card application is frequently used operation, so that the performance of the Java card can be greatly improved. 6. The programming operation of Flash is carried out through the DMA direct access module, so that the parallel processing with the running firmware of the CPU can be realized. The minimum programming unit of FLASH in the chip is one WORD (4 bytes), the time for writing four bytes into FLASH is 25 microseconds, the programming time of a FLASH page 512B of the system is twice as fast as that of a FLASH page 512B of a mainstream eSIM (embedded system identification) chip on the market, when a Java card is applied to a DMA (direct memory access) Burst read-write function designed by the invention, the execution efficiency of the application of the Java card is higher, and the programming time of the FLASH is greatly reduced, so that the power consumption of the whole chip can be greatly reduced. One is that when a FLASH page is about to be fully written, the FLASH page needs to be erased and then data needs to be rewritten by using a DMA Burst write function, and under such a strategy, the power consumption of the eSIM card on the FLASH can be greatly reduced. 7. The system low-power consumption control architecture actively enters a low-power consumption mode based on the state of receiving and sending data packets by an interface; the transceiving buffer of the interface IP enables the interface to automatically send the data packet to the host when the CPU is in the Wait mode, thereby reducing the CPU processing time on the interface to the minimum, and reducing the overall power consumption of the eSIM chip. 8. The SWP interface supports communication control of the SHDLC protocol on a hardware level, the received data packet is data of the HCI layer, and a program does not need to spend a plurality of instructions to carry out SHDLC packet and SHDLC communication protocol control.

Drawings

FIG. 1 is a flow diagram of a conventional event wake-up shallow sleep CPU for an eSIM chip;

FIG. 2 is a diagram of a conventional Java Card system framework;

FIG. 3 is a schematic diagram of the architecture of the system in an embodiment of the invention;

FIG. 4 is a schematic diagram of a system providing a Burst write function according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention.

As shown in fig. 3, the embodiment provides a high-performance and low-power-consumption eSIM card chip system, which includes a CPU, an MMU memory management module, an eflash module, an ILM _ RAM module, a DLM _ RAM module, a PMU power consumption control module, a CLK clock control module, an AHB _ DMA module, a UCAA operation module, a HASH operation module, a DMA direct access module, an SM1 operation module, a DES operation module, an SM4 operation module, and a configurable vector interrupt controller;

the UCAA operation module comprises an RSA algorithm, an SM2 algorithm and an ECC algorithm; the specific inclusion of which algorithms can be selected according to the actual situation.

The HASH operation module comprises an SHA1 algorithm, an SM3 algorithm and an SHA256 algorithm; the specific inclusion of which algorithms can be selected according to the actual situation.

The ILM _ RAM module is a single-port SRAM of 16 KB; instruction RAM, usable for code remapping. Starting address: 0x00A00000

The DLM _ RAM module is a single-port SRAM of 24 KB; a data RAM;

the CLK clock management module comprises OSCHF and OSCLF;

and the OSC _ LF clock is a wake-up clock for waking up the CPU.

For a detailed explanation of the individual component modules in the system, see table 1.

TABLE 1 brief description of the various modules of the System

In the embodiment, the system adopts a domestic 32-bit RISC secure CPU core with an autonomous intellectual property, and common cryptographic algorithm hard cores such as SM1, SM4, AES, DES and the like are built in a chip, so that the system has the characteristics of strong function, multiple interfaces and low power consumption.

The CPU realizes central control, and the program storage space is in the on-chip FLASH (1 MB). The system SRAM size is 16KB +24KB, with 16KB being used for Remap functions in the present system. The CPU can access and control the corresponding register through a system AHB bus, thereby scheduling each IP to complete specific work. The system provides interrupt and DMA service, and realizes the quick response of IP requests and the quick data transportation. A block diagram of the system is shown in fig. 3.

CPU adopts domestic 32-bit safe RISC processor, and is connected with MMU through I _ AHB bus, and is connected with AHB bus through SYS-AHB control line. The CPU can execute a program in an ILM _ RAM module (instruction local memory bus) through an I _ AHB bus, and access the DLM _ RAM module (Data local bus) through an SYS _ AHB control line.

In this embodiment, for the application selected by the OPEN, the virtual machine executes the Remap operation of the MMU memory management module on the process method of the selected Applet application, that is, by means of the DMA direct access module, the execution code corresponding to the process method of the application is copied from the Flash address corresponding to the process method to the space of the ILM _ RAM module, and the corresponding code is executed in the RAM memory, so that the execution efficiency is improved.

In the embodiment, the read-write speed of Flash is low; but the speed of reading RAM can be up to 40 MHz. Therefore, the program in the Flash can be moved to the ILM-RAM module to be run so as to improve the execution speed of the program. The program can be configured in position and size (the position can be configured arbitrarily, and the size can only reach 16KB at most).

When a user wants to accelerate the program, the program needing to be accelerated is moved to the ILM-RAM module to accelerate the program operation. Software configures the Remap length, the starting address and the destination address, and starts a remapping function (REMAP _ EN), so that the program acceleration can be realized.

The specific process of the Remap operation is as follows:

after the relevant registers are configured by remapping, the DMA direct access module starts to move, and meanwhile, the CPU runs Java virtual machine codes, the DMA direct access module of the system only needs 8 microseconds to move 512-byte data from Flash to the memory, and the time of millisecond level is needed from the sending of a SELECT APDU instruction from the host end to the receiving of the next APDU instruction by the chip, so that the Process method of the target application is executed in the memory when the next instruction is analyzed.

The DMA direct access module supports data exchange between the memory and the memorizer and between the memorizer and the IO device, and does not need the participation of a CPU in the data transmission process, thereby improving the execution efficiency of the system. The functions are as follows: the data transfer speed among the instruction ram, the data ram, the peripheral ram and the Flash is improved; the CPU is conveniently released, and the execution efficiency of the system is improved; the speed of the CPU executing the instruction is improved by matching with the realization of a remapping function; and the page writing operation of Flash is realized in a matching way.

In this embodiment, in an actual user application, content in Flash is frequently modified, and after a Page (Page 512B), that is, 64 word-sized content is read out and partially modified, the entire Page is written back to Flash. Due to the fact that the chip Flash under the design programs the minimum unit of one word (4B), the whole page write-back function required by each application can only be gradually written back in a word mode.

The system provides a Burst writing function aiming at a continuous writing mode, the maximum length of each Burst writing is limited to 64 words, the purpose is to accelerate the writing speed, and the time comparison is as follows: 25us are needed for writing one word at a time, and the writing time of 64 words is 64 × 25(us) 1600 us; writing by burst, wherein 15us is needed, and 64word writing time is 27+63 × 15+5(us) is 977 us; the write speed of the present system can be improved by nearly 40% compared to the original.

The requirement that the system provides the Burst write function is as follows: 1. the analysis is based on the application practice, the content of the whole page is read out before the whole page is modified, the software overhead storage is cached, the content is written back slowly after the modification, and a DRAM cache of the whole page 512B is needed firstly by adopting the hardware design. 2. Meanwhile, in order to be compatible with the conventional word writing function, a one-bit register is added for indicating whether Burst writing or word writing is performed currently. 3. If the Burst full page writing function is adopted, the logic address issued by the application is required to be the starting address of one page. 4. And the hardware can increase a mark of complete reading and writing of the whole page or interrupt the control application for further processing.

The principle flow structure of the system providing Burst write functionality is shown in fig. 4. The realization of the function is carried out based on a DMA direct access module, and the main reason is that the DMA direct access module needs to have the read-write transfer function between the RAM and the Flash. The DMA direct access module relates to the condition of Flash operation, the completion state of the DMA direct access module can not be inquired after software is started, and then the software can simultaneously carry out other parallel operations.

The Flash page 512B is programmed by the Burst writing function in a Word mode, namely the programming time is 25us required for writing one Word at a time, and the time for writing 64 words is 64 × 25(us) ═ 1600us, which is twice as fast as the Flash page programming time of the mainstream eSIM chip on the market at present. NVM page size 512B, programming takes time 2 × 2 (100 μ s +53 μ s × 32 — 3592 μ s).

In this embodiment, for each new application selected by the Java virtual machine, the content in Flash is moved to the memory as much as possible to run according to the Process form source address and the form byte number, so as to improve the execution efficiency of the Applet.

In the system, when the Page content needs to be read from the Flash, the Page reading function of the DMA direct access module is used; when Page content in Flash is to be modified, the Page erasing and writing function of the DMA direct access module is used. Because the function of the DMA direct access module is used, the parallel processing with the running firmware of the CPU can be realized, and the performance of the system can be greatly improved. The minimum programming unit of the FLash chip of the system is Word, namely 4 bytes. The related information can be stored by writing a small amount of Word, so that the Flash programming power consumption of the whole eSIM card chip can be better reduced.

From the view of the eSIM card chips on the market today, there are situations where the NVM is read again during NVM erase or program, and subsequent instructions will be suspended. Aiming at the problem of the current eSIM card chip, in the design of the invention, the program is put into the ILM _ RAM module to run, the erasing and writing operations are executed, the program can continue to run, namely the CPU takes the instruction from the ILM _ RAM module and runs, and meanwhile, the Flash is in an erasing or programming state, thereby improving the running efficiency of the Java card.

From the prior art of the current Java card, a customized micro operating system (RTOS) is mostly used, under such an architecture, power consumption control of chips is not good, the chips can perform a low power consumption mode only when interface communication is finished, and from the Java card technology, the power consumption control is based on application transactions, so that the CPU working time is long, and the chip power consumption is increased.

The system of the invention does not use a customized micro operating system (RTOS), the Java main cycle drives the firmware by the interrupt on the interface, the firmware enters a WAIT mode after analyzing the APDU command, and after the chip finishes sending a response data packet to the host and finishes interrupt generation, the CPU is waken from the WAIT mode and then enters a deeper low-power-consumption Stop mode. If Flash is needed to be erased and written, because the Flash is erased and written according to pages by using a DMA direct access module and a program is run in an ILM _ RAM module, under the condition, a CPU is awakened twice from a WAIT mode, one time is that the DMA Burst PageWrite completes interruption, and the other time is that the interface sends the completion interruption; and then enters the STOP mode. Such a system architecture design enables a lowest power consumption state to be reached during instruction interaction of the eSIM card.

Under the designed system architecture, the 7816 interface IP of the chip can provide 255 bytes of receiving and sending buffers. The SWP interface IP supports the SHDLC protocol from the hardware layer, the data received by the firmware is the original upper layer data packet of the stripped SHDLC protocol layer, a 128B receiving and sending buffer area can be provided, and 4 SHDLC data packets can be received and sent at most. The receiving and sending buffers on the 7816 interface and the SWP interface of the system design can achieve the parallelism degree of the inner cores of the chips, when the interfaces send response data packets, the CPU enters a WAIT mode, and after the sending is finished, the CPU enters a STOP mode.

In this embodiment, in order to reduce the power consumption of the chip, the designed PMU power management module well implements low power management of the chip from a system level, and replaces an original clock with a gated clock in a circuit structure. When the UCAA and NVM erasing power consumption module work, other irrelevant working modules can be closed. In the chip Stop mode, the CPU, the DMA direct access module, the SWP interface, and other digital modules are turned off, and the OSC _ HF clock, the voltage regulator, the chip sensor (the voltage regulator and the chip sensor are basic functions of the system and are not shown in the system structure diagram), and other analog modules are turned off step by step. And in the Wait mode of the chip, the CPU clock, the ISO7816 interface and the SWP interface are closed, and the DMA direct access module and the eFLASH module can continue to work.

The PMU power consumption control module realizes low power consumption control and management of the system, including entering and exiting of a low power consumption mode, configuration of a low power consumption wake-up source and the like, and accords with the time sequence of an internal SFR bus interface.

The system provides a plurality of low-power consumption control modes to meet the requirements of various occasions on power consumption. The method comprises the following specific steps:

1. instructing a low power mode; the CPU executes an execution instruction to enter a low-power-consumption mode, which is divided into a STOP mode and a WAIT mode;

2. a UCAA low power mode; when the Applet needs to use the UCAA algorithm, the algorithm is completed by calling a UCAA APIs function provided by the system, a register is set in the UCAA APIs function, and a UCAA low-power-consumption mode is selected; in the UCAA low-power-consumption mode, after the CPU starts the UCAA operation module, clocks of other parts of the system are stopped so as to reduce the power consumption of the system; after the operation is finished, automatically recovering the system clock and exiting the low power consumption state;

3. NVM erasing low power mode; when an Applet needs to use an erasable Flash, the erasable Flash is finished by calling a Writeflash APIs function provided by a system, the Writeflash APIs function sets a register according to the actual erasing or writing or moving function, the target address at the moment is the address in the Flash, the register of a DMA (direct memory access) is configured, after the register is remapped to finish interruption, the Writeflash APIs immediately return without waiting; selecting an NVM erasing low-power consumption mode; in the NVM erasing low-power-consumption mode, after the CPU starts the Flash Erase or Program, clocks of other parts of the system are stopped so as to reduce the power consumption of the system; after the Erase/Program is finished, automatically recovering the system clock and exiting the low power consumption state;

The system supports a plurality of awakening modes and awakening source software configuration. The awakening source is: 1. GPIO awakening, supporting all GPIOs (GPIO 0-GPIO 10); 2. waking up at fixed time; 3. interface awakening (7816 interface, SWP interface, IIC interface, SPI interface and UART interface); 4. and interrupting the awakening.

In the system of the present invention, the STOP low power consumption is the state in which the chip consumes the lowest power. In the stop state, analog modules such as an OSC _ HF clock, a voltage regulator, a chip sensor and the like are all in the stop low-power consumption state, and the RAM and the digital circuit clock are all closed. And a step-by-step control strategy is adopted for entering and exiting the STOP state, so that the influence of current change on the voltage regulator is reduced. The circuit is turned off step by step when entering the STOP process, and the circuit is turned on step by step when exiting the STOP process.

Compared with the existing chip, the system provides more low-power consumption control clocks, so that the power consumption of the whole chip can be lower.

In this embodiment, since the system mounts the DMA controller (i.e., the DMA direct access module) and the ILM _ RAM module on the AHB bus, the speed of parallel processing of data can be greatly increased, and the eSIM card can have the characteristics of high performance and low power consumption.

The IRAM program is stored in the IRAM, different from the REMAP remapping range sequence execution, the logic address of the IRAM program is in the ILM _ RAM space, and the CPU can directly access and execute the program in the IRAM program; the IRAM program is directly compiled and generated by a compiler and is stored in Flash; in actual chip use, after the chip is powered on, a certain section of IRAM program stored in Flash can be moved to the IRAM by a management program or a user program.

In the invention, important key codes such as communication interfaces ISO7816/SWP ISR, WriteFlash API, Java _ Loop and the like are set into logical addresses on an ILM _ RAM space and physical addresses in a section in a Flash space by modifying a link file in a project, namely, an IRAM program is generated by compiling.

The system mainly uses a 7816 interface and an SWP interface. And dynamic detection of external interfaces, namely the 7816 interface and the SWP interface, by hardware is supported. The 7816 interface detection result will inform the software by 7816 reset interrupt mode, and the SWP interface detection will inform the software by interface detection interrupt mode.

The whole process of the Java virtual machine of the system is divided into three stages of initial configuration, application activation and application completion. In the initial configuration stage, the parameters of the SWP IP are mainly configured by software, and whether the external SWP interface is supported or not is detected to determine whether the SWP interface is enabled or not. And after the initial configuration is completed, entering an application activation phase. Because each IP in the chip supports interruption, software can realize application based on interface interruption, thereby realizing parallel processing of multi-interface application.

The Sys _ JobCnt is initially set to 0, and is increased by 1 when an APDU command is received in 7816_ ISR or SWP _ ISR, and is decreased by 1 in Java _ Loop. When the Sys _ JobCnt is not 0, the APDU command analysis is carried out, and the Sys _ JobCnt is used for controlling the processing flow of the virtual machine, so that the 7816 interface and the SWP interface can work in parallel, an RTOS is not needed, and the system power consumption can be reduced better.

The Sys _ Waitingcnt is initially set to be 0, the Sys _ Waitingcnt is increased by 1 when the Applet calls the 7816 interface to transmit the API, and the Sys _ Waitingcnt is decreased by 1 when the transmission is completed in the 7816_ ISR. If the system uses the SWP interface, the Sys _ WaitngCnt is increased by 1 when the Applet calls the SWP send API, and the Sys _ WaitngCnt is decreased by 1 when the send is complete in the SWP _ ISR. In Java _ Loop, the mode is either Wait mode or Stop mode according to whether Sys _ Waitingcnt is 0. Sys _ WaitingCnt is increased by 1 when the Applet calls the WriteFlash APIs, and is decreased by 1 when the transmission is complete in the DMA _ ISR.

The working flow of the Java _ Loop virtual machine of the system is as follows:

s2, initializing a system Java virtual machine;

s3, according to the detection result of the interface hardware, register configuration is carried out on the 7816 interface and the SWP interface, and the corresponding interface interruption of the register is enabled; setting Sys _ WaitingCnt and setting Sys _ JobCnt to be 0; entering a virtual machine main Loop Java _ Loop API which is an IRAM program from step S4;

s8, after the current target application is selected by OPEN, Remap operation of MMU memory management module is executed to the process method of the application, that is, from the Flash address corresponding to the Process method of the application, the Flash page address corresponding to the Process method form bytecode thereof is copied to the space of the ILM _ RAM module by means of the moving function of the DMA direct access module, the form byte number RemapSize of the method is obtained and aligned to the whole K byte number, if RemapSize is larger than 12KB, setting RemapSize to be equal to 12KB, setting the source address of a remapping original address register to be at the position of the whole K byte number address of the Flash in the form, setting the target address of a remapping target address register to be 0x00A01000, setting the length of a remapping length register to RemapSize, enabling the register to execute a remapping function, and copying the Flash content of Remap to an ILM _ RAM module by means of the parallel execution characteristic of a DMA direct access module and a CPU (Central processing Unit), wherein the maximum is 12 KB; the Java virtual machine writes the return data into the APDU data buffer, and then proceeds to step S10;

By adopting the technical scheme disclosed by the invention, the following beneficial effects are obtained:

the invention provides a high-performance low-power-consumption eSIM card chip system, wherein a DMA direct access module is mounted on an AHB bus, so that the execution of a program can be parallelized to the maximum extent, the execution efficiency of a Java card is greatly improved, the working time of a chip is reduced, and the overall power consumption of an eSIM chip is reduced. The system is provided with an ILM-RAM module mounted on an SYS-AHB bus and connected with a CPU through an I-AHB bus, and codes needing speed acceleration are placed on the ILM-RAM module to be executed in use, so that parallelization can be performed to the maximum extent, execution efficiency of the Java card is greatly improved, working time of a chip is reduced, and overall power consumption of an eSIM chip is reduced. The system defines 7816 interface interrupt service program, SWP interface interrupt service program, DMA interrupt service program, Writeflash API and other key function firmware codes as programs which are logically on the ILM-RAM module, physically on the FLASH and executed in the ILM-RAM module, so as to improve the instruction processing performance of the whole chip. The system issues an APDU SELECT instruction at a host end, when the Java card virtual machine receives and analyzes a new Applet to be selected, the Java card virtual machine further processes the obtained FLASH page address corresponding to the Procees method form of the selected Applet and the byte number of the form, and MMU Remap is carried out on the FLASH content of the section, so that the remapping design is dynamic, namely, when the Applet is switched, the Remap operation is carried out on the new Applet by the MMU, the speed-increasing processing is carried out on the key code, and the efficiency of the Java card virtual machine is improved. The system writes a Flash page by using the moving function of the DMA, so that the instruction is processed in a parallelized manner, and the execution performance of a chip is improved; the WriteFlash API is an ILM-RAM program, and the Procees method of the Applet runs in an ILM-RAM module, so that the Procees method can be normally run when FLASH page programming is carried out, and FLASH page writing in Java card application is frequently used operation, so that the performance of the Java card can be greatly improved. The programming operation of the system to Flash is carried out through the DMA direct access module, so that the system can be parallelized with the running firmware of the CPU. The minimum programming unit of FLASH in the chip is one WORD (4 bytes), the time for writing four bytes into FLASH is 25 microseconds, the programming time of a FLASH page 512B of the system is twice as fast as that of a FLASH page 512B of a mainstream eSIM (embedded system identification) chip on the market, when a Java card is applied to a DMA (direct memory access) Burst read-write function designed by the invention, the execution efficiency of the application of the Java card is higher, and the programming time of the FLASH is greatly reduced, so that the power consumption of the whole chip can be greatly reduced. One is that when a FLASH page is about to be fully written, the FLASH page needs to be erased and then data needs to be rewritten by using a DMA Burst write function, and under such a strategy, the power consumption of the eSIM card on the FLASH can be greatly reduced. The system low-power consumption control architecture actively enters a low-power consumption mode based on the state of receiving and sending data packets by an interface; the transceiving buffer of the interface IP enables the interface to automatically send the data packet to the host when the CPU is in the Wait mode, thereby reducing the CPU processing time on the interface to the minimum, and reducing the overall power consumption of the eSIM chip. The SWP interface supports communication control of the SHDLC protocol on a hardware level, the received data packet is data of the HCI layer, and a program does not need to spend a plurality of instructions to carry out SHDLC packet and SHDLC communication protocol control.

The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and improvements can be made without departing from the principle of the present invention, and such modifications and improvements should also be considered within the scope of the present invention.

Claims

1. An eSIM card chip system of high performance low-power consumption characterized in that: the system comprises a CPU, an MMU memory management module, an eflash module, an ILM-RAM module, a DLM-RAM module, a PMU power consumption control module, a CLK clock control module, an AHB-DMA module, a UCAA operation module, a HASH operation module, a DMA direct access module, an SM1 operation module, a DES operation module, an SM4 operation module and a configurable vector interrupt controller;

and the OSC _ LF clock is a wake-up clock for waking up the CPU.

2. The high-performance low-power eSIM card chipset system of claim 1, wherein: aiming at the application selected by the OPEN, the virtual machine executes the Remap operation of the MMU memory management module on the process method of the selected Applet application, namely, by means of a DMA direct access module, the corresponding execution code is copied to the space of the ILM-RAM module from the Flash address corresponding to the process method of the application, and the corresponding code is executed in the RAM memory, so that the execution efficiency is improved;

the concrete process of the Remap operation is as follows:

3. The high-performance low-power eSIM card chipset system of claim 2, wherein: and for each new application selected by the Java virtual machine, the content in the Flash is moved to the memory to run as much as possible according to the source address of the Process form and the number of bytes of the form, so that the execution efficiency of the Applet is improved.

4. The high-performance low-power eSIM card chipset system of claim 3, wherein: when the Page content needs to be read from the Flash, the Page reading function of the DMA direct access module is used; when the Page content in Flash needs to be modified, the Page erasing and writing function of the DMA direct access module is used.

5. The high-performance low-power eSIM card chipset system of claim 4, wherein: the Java main cycle in the system drives firmware by the interruption on the interface, the firmware enters a WAIT mode after resolving an APDU instruction, and after the system sends a response data packet to a host to complete the interruption generation, a CPU is awakened from the WAIT mode and then enters a deeper low-power consumption Stop mode;

6. The high-performance low-power eSIM card chipset system of claim 5, wherein: the system comprises a plurality of devices which are connected with each other,

7. The high-performance low-power eSIM card chipset system of claim 6, wherein: the working flow of the Java virtual machine of the system is as follows:

s2, initializing a system Java virtual machine;

8. The high-performance low-power eSIM card chipset system of claim 1, wherein: the UCAA operation module comprises an RSA algorithm, an SM2 algorithm and an ECC algorithm; the HASH operation module comprises an SHA1 algorithm, an SM3 algorithm and an SHA256 algorithm.

9. The high-performance low-power eSIM card chipset system according to claim 1, wherein: the ILM _ RAM module is a single-port SRAM of 16 KB; the DLM _ RAM module is a single-port SRAM of 24 KB.