DE102017102147B4 - Subsequent patchable memory (OTP) with bit memory cells and method of patching same - Google Patents

Abstract

Subsequent patchable memory (OTP) having bit memory cells organized into bits or bytes or data words having a bit, byte or word address, the memory cells being in a programmed and an unprogrammed state, wherein the the programmed state and the unprogrammed state differ and wherein a method exists to bring selected individual bit memory cells from unprogrammed to programmed state independently of other bit memory cells, and wherein a non-programmed state of a bit memory cell can be assigned a first logical state and in which the programmed state of a bit memory cell can be assigned a second logic state, and wherein the memory has n memory areas (PATT, PATT... PATT), each having logical pointers for program procedures and / or data tables and / or data for one or more Have processors or finite state machines, and - where n is a whole positive number greater than or equal to 1 and - where every i-th memory area (PATTwith 1≤i≤n) of the n memory areas (PATT, PATT ...... PATT) one or more contiguous address areas within the memory (OTP) that do not overlap and wherein a jth memory area (PATT) of the n memory areas (PATT, PATT ...... PATT) at one or more predefined address locations within the memory area - hereinafter referred to as predefined address space whose definition applies to all memory areas within the respective address area relative to the beginning of the address area of the respective memory area - one or more unprogrammed bit cells, and / or one or more unprogrammed bytes and / or • one or more unprogrammed data words and • no programmed bit cells and • no programmed bytes and • no programmi and at least one memory area (PATT) is the first memory area and wherein the first memory area (PATT) in the predefined address space within the first memory area (PATT) a pointer to contains the second memory area (PATT) if it is not the jth memory area (PATT) and wherein a previous memory area (PATTwith 1≤k-1≤j-1) in the predefined address space within the previous memory area (PATTwith 1≤ k-1≤j-1) contains a pointer to the subsequent memory area (PATTwith 2≤k≤j) if it is not the jth memory area (PATT).

Description

preamble

The invention relates to the patching of program parts in a write once memory (OTP). The invention is particularly directed to a post-patch memory (OTP) having bit memory cells organized into bits or bytes or data words having a bit, byte or word address, and a method for locating and calling a program procedure Such an OTP memory or for finding a data table or data in such an OTP memory and a method for changing the program procedures to be located and / or data and / or data tables for such an OTP memory. It is an arrangement for program control, in particular an arrangement for performing a special program for loading or starting programs and indeed for patching program parts for the removal of vulnerabilities, is.

General introduction

Especially in microelectronic circuits for the automotive industry, software parts in the microelectronic switching circuits are accommodated as so-called firmware. A memory used in this case may be an OTP memory. OTP stands for English "one-time programmable", which means that the bits of the memory can only be brought from a non-programmed state into a programmed state once and are typically not erasable.

During software development, undetected errors in the program logic or changed technical conditions may make it necessary to replace parts of the program code in the OTP memory even after the start of series production. The problem arises that the individual bits of an OTP memory cell can only be written once, i. Depending on the technology used, they can only be reprogrammed from 0 to 1 or from 1 to 0 once. Changing the memory bit again is no longer possible. The method proposed below and the proposed memory organization make it possible, despite this restriction, to exchange parts of the program logic. At the same time, it is still possible to verify the validity of the current memory contents (e.g., via a checksum).

State of the art

1. (1) Bereitstellen eines einmalig programmierbaren (OTP) Speichers und von Mitteln die dazu geeignet sind, die Bits des OTP-Speichers zu modifizieren, wobei ein oder mehrere Speicherstellen Sprung-Befehle umfassen, die in den Original-Code im OTP-Speicher so eingefügt werden, dass Unterprogrammaufrufe aus den besagten Speicherstellen vorgenommen werden anstatt direkt in das Unterprogramm an die Startadresse selbst zu springen;
2. (2) Programmierung einer neuen Unterprogrammroutine in einem zuvor nicht programmierten OTP-Speicherbereich;
3. (3) Patchen einer Speicherstelle in der Form, dass nach dem Patchen der Sprung zu dem Unterprogramm gelöscht wird und stattdessen ein Sprung an die neue Unterprogrammstelle erfolgt.

From the US 2015 0 317 152 A1 For example, a method is known that supports patching of program code into OTP stores. The program code is stored directly in the OTP memory and executed from there. The program code in the OTP memory is executed at the subprogram level. The procedure of US 2015 0 317 152 A1 includes the following steps:

1. (1) providing a one-time programmable memory (OTP) and means adapted to modify the bits of the OTP memory, one or more memory locations comprising jump instructions inserted into the original code in the OTP memory be that subroutine calls are made from the said memory locations instead of jumping directly to the subroutine at the start address itself;
2. (2) programming a new subroutine routine in a previously unprogrammed OTP memory area;
3. (3) Patching a memory location such that, after patching, the jump to the subroutine is cleared and instead a jump is made to the new subroutine location.

In addition, the Scripture reveals DE 10 2014 006 998 A1 a method for configuring a correction code for a programmable memory. The programmable memory of the DE 10 2014 006 998 A1 includes data bit cells. A data word comprises according to the technical teaching of DE 10 2014 006 998 A1 a group of data bit cells. That in the DE 10 2014 006 998 A1 The disclosed method comprises identifying a first location in the programmable memory where correction is required and modifying a data word at the first location to a predetermined data value, and writing a correction code for correction to a correction code location and storing the correction code location.

From the Scriptures GB 2 231 419 A A method for overwriting the information stored in a programmable read only memory (PROM) is known. According to the technical teaching of GB 2 231 419 A the programmable read-only memory should have at least a section with predefined executable program instructions in its address area, as well as a non-programmed address area and means for correlation information. According to the technical teaching of GB 2 231 419 A The method proposed there has a step for storing new program data in the previously unprogrammed area. In a further step, the means for correlation information are reprogrammed so that this new program code is correlated with the old program code. At the beginning of already existing program information is a Command is provided, which causes the processor to first consult the said means for correlation information before the already existing code is executed. If the means for correlation information signal this leads, according to the technical teaching of GB 2 231419 A However, the processor does not use the already existing code, but the said new code.

The in the US 2015 0 317 152 A1 , of the GB 2 231 419 A and the DE 10 2014 006 998 A1 In each case, the technical teachings disclosed assume that the instruction set of the processor used for program execution contains at least one "neutral" or special instruction and whose OP code additionally represents the value of an unprogrammed OTP memory cell. This is not the case with all processors. Therefore, no standard processors can be used. In addition, this command must not change the state of the overall system during its execution. The existence of such a command is not necessary in the solution proposed here. The advantages of the proposed solution are not limited thereto.

Object of the invention

The invention is therefore based on the object to provide a solution which does not have the above disadvantages of the prior art and has further advantages.

This object is achieved by a device according to claim 1 and method according to claim 2, 3 and 4.

Solution of the task

A technique is proposed for patching an OTP memory with a possible validation of the respective memory areas. OTP stands for English One-Time Programmable, which means that the bits of this memory can only be changed from an unprogrammed to a programmed state once. The process is therefore not reversible. The non-programmed state of such a bit is preferably associated with a first logical state and the programmed state of such a bit with a second logical state. In contrast, MTP memory can be seen. MTP stands for English Multiple-Times-Programmable, which means that the bits of this memory can be changed several times from an unprogrammed to a programmed state. Therefore, programming with MTP must be reversible in some way.

To make it possible to change all or part of existing software residing in an OTP memory of a microelectronic memory, it is necessary to provide additional OTP memory with an additional OTP memory address space and specify a matching method to existing subroutine calls into new program calls that result in a later program flow in this additional OTP memory for these subroutines. Such a method called "patch" process is of particular importance for the automotive industry, since in the case of findings from statistical market data, it may happen that there is a need to adapt the program sequence to the new findings even after the automobiles have been delivered.

During the patch process, this additional OTP memory address space is filled with new program code and / or new data to implement the new insights. This new program code and / or this new data replace the previous program code and / or the previous data. For this purpose, it is necessary to mark the previous program code and / or the previous data as invalid, so that the computer does not continue to use this program code and / or the previous data. Furthermore, it is necessary to tell the computer where to find the new program code and / or the new data instead. Finally, the new data and / or the new program code must be recognized by the computer as valid and therefore be marked as valid.

Simultaneously with the patching process of the exchange of software and / or data or parts thereof, a validation of the existing and valid memory contents, ie the software and the data or parts thereof, may be made.

For this purpose, it is proposed that all subprogram calls into the address area of the OTP memory are not programmed directly. Instead, each call to the patchable subroutines and access to data in patch-bar organized blocks of data is executed so that the call references an address translation table (PATT).

Furthermore, it is proposed that all data calls into the address area of the OTP memory are likewise not programmed directly. Instead, any access to data in patch-bar organized blocks is done so that the access references the address translation table (PATT).

The address translation table (PATT) necessarily includes an entry for each subroutine and each patchable data block, and in addition to these at least one further unprogrammed entry at a predefined address space or in the predefined address space. This unprogrammed entry is preferably, but not necessarily, at the beginning of the entire address space of the memory area of the Address Translation Table (PATT). In this exemplary case, the beginning of the address space of the memory area of the address translation table (PATT) is the predefined address of the memory area of the address translation table (PATT). This unprogrammed entry at the predefined address of the memory area of the address translation table (PATT) is referred to below as zero-entry. Not all information stored at the predefined address or in the predefined address space of the memory area of the address translation table (PATT) is always used as a non-programmed entry, but only a predetermined part of this information. However, in some versions it is possible to use as unprogrammed entry all information stored at the predefined address of the memory area of the address translation table (PATT). For the purposes of this disclosure, zero-entry does not mean that all memory cells of the unprogrammed entry must not be programmed. It simply means that it must be a predefined value that can not be reset after programming one or more memory cells of the unprogrammed entry and therefore signals a particular status of the address translation table (PATT). In principle, the predefined address of the memory area of the address translation table (PATT) may be located at each address of the memory area of the address translation table (PATT). However, a placement of the predefined address of the memory area of the address translation table (PATT) in the first address of the memory area of the address translation table (PATT) or in the last address of the memory area of the address translation table (PATT) is particularly preferred. It is also conceivable to use a plurality of predefined addresses of the memory area of the address translation table (PATT) with similar content as a predefined address space for the purpose of redundancy and to evaluate these.

The OTP memory may contain additional information such as test information about the current memory configuration and the associated OTP memory content at the predefined address of the memory area of the address translation table (PATT) next to this non-programming entry. This additional information is referred to below as the CRC entry.

The additional information may also include content other than such a CRC entry.

It particularly preferably contains any additional information with test data.

In order to call a subroutine, a currently valid address translation table (PATT _j ) in the plurality of possible address translation tables (PATT ₁ to PATT _n ) and their corresponding memory area are first searched for. This valid address translation table (PATT _j ) is recognized as such at the zero entry at the predefined address or in the predefined address space of its memory area of the relevant address translation table (PATT _j ).

All invalid address translation tables (PATT ₁ to PATT _j-1 ) are recognized as such at the no longer existing zero entry at the predefined address or in the predefined address space of their memory area. In particular, a zero entry that exists no longer exists if at least one memory cell - for example a single bit - of the entry at the predefined address or in the predefined address space of this memory area of the considered address translation table (PATT _k ) (with 1 ≤k≤j) is instead "programmed" to an expected state of this memory cell in the case of a zero-entry of "unprogrammed" instead of in an unexpected state.

Based on call information, the computer can then access a referencing memory cell in the valid address translation table (PATT _j ). Its logical content is a pointer which preferably points to the program code of the code to be executed in the case of a patched subroutine or to a data block to be used in the case of patched data.

Preferably, the entry at the predefined address of a memory area of an invalid address translation table (PATT ₁ to PATT _j-1 ) instead of a zero entry contains a program pointer to a subsequent address translation table (PATT ₂ to PATT _j ).

The individual address translation tables (PATT ₁ to PATT _j ) are thus preferably linked together by the program pointers in the predefined address or in the predefined address space of their respective memory areas to a chain of address translation tables (PATT ₁ to PATT _j ). In this case, all the address translation tables (PATT ₁ to PATT _j-1 ) are invalid except for the last address translation table (PATT _j ) and only the last address translation table (PATT _j ) is valid.

The entries at the predefined addresses or in the predefined address space of the respective memory areas of all address translation tables (PATT ₁ to PATT _j-1 ) except for the last address translation table (PATT _j ) contain pointers to the respective subsequent address translation table (PATT ₂ to PATT _j ). Only the entry at the predefined address or in the predefined address space of the respective memory area of the valid address translation table, the last address translation table (PATT _j ) in the chain of address translation tables (PATT ₁ to PATT _j ), contains at the predefined address or in the predefined address space of the respective memory area of the last address translation tables (PATT ₁ to PATT _j-1 ) a zero-entry.

To find the valid address translation table (PATT _j ), the computer sequentially checks the address translation tables (PATT ₁ to PATT _j-1 ), preferably starting with the first address translation table (PATT ₁ ). If the entry at the predefined address or in the predefined address space of the memory area of the first address translation table (PATT ₁ ) is not a zero entry, the computer recognizes that the first address translation table (PATT ₁ ) is invalid. Particularly preferably, the content of the entry at the predefined address or in the predefined address space of the memory area of the first address translation table (PATT ₁ ) is itself a pointer to the subsequent second address translation table (PATT ₂ ).

If the entry at the predefined address or in the predefined address space of the memory area of the second address translation table (PATT ₂ ) is not a zero entry, the computer recognizes that the second address translation table (PATT ₂ ) is invalid. Particularly preferably, the content of the entry at the predefined address or in the predefined address space of the memory area of the second address translation table (PATT ₂ ) itself is a pointer to the subsequent third address translation table (PATT ₃ ).

This is done by the computer for all in the chain of address translation tables (PATT ₁ to PATT _j ) until, by a zero entry at the predefined address or in the predefined address space of the memory area of the jth address translation table (PATT _j ) valid address translation table (PATT _j ).

Thus, the computer has recognized the memory area of the valid address translation table (PATT _j ) and can use the information contained therein. Preferably, this process is performed only once at the start of the computer system or after a reset of the same. This saves time during the actual program execution. Therefore, it makes sense if the computer stores and uses the start address of the valid memory area and / or the start addresses of important subroutines at a suitable location. Finally, this method can be used to compile and use a jump table from various address translation tables (valid as well as invalid) in the memory of the computer.

For each patchable subroutine, the valid address translation table (PATT _j ) has a pointer that points to the particular subroutine in the computer's memory. Incidentally, such a pointer can refer back to a pointer table itself, which has not proven to be very efficient in reality. Each call of a patchable subroutine therefore first determines the valid address translation table (PATT _j ) and then the pointer to the relevant subroutine in the memory of the computer whereupon the program of the computer is continued in exactly this location in the memory of the computer. Each patchable subroutine is never called directly, but always indexed. An exception exists only if the reference is made via an entry in the valid address translation table (PATT _j ).

In order to verify the contents of the OTP memory in operation (English "runtime"), it is possible, at a second predefined address of the valid address translation table (PATT _j ), which may be equal to the first predefined address or part of the predefined address space may be to program additional information. If this second predefined address of the valid address translation table (PATT _j ) is equal to the first predefined address of the valid address translation table (PATT _j ), the part of the entry is written to the first predefined address of the address translation tables (PATT ₁ to PATT _j ) used for this additional information is not for deciding whether the address translation tables (PATT ₁ to PATT _j ) are valid or not used and also not used as pointers to subsequent address translation tables (PATT ₂ to PATT _j ). The part of the entry on the first predefined address of the address translation tables (PATT ₁ to PATT _j) responsive to the decision whether the address translation tables (PATT ₁ to PATT _j) are valid or is not used and / or as a pointer subsequent address translation tables (PATT ₂ to PATT _j ) is not used for this additional information. The additional information may be, for example, a CRC check sum of the program code which should be active after the patch process. So unless the patch process has been successful should and should a memory cell for whatever reason should be unstable, a single bit dump truck can be recognized, which is of particular importance in safety-relevant applications, for example in the automobile.

Any program version created by such a patch, that is, by the process of the correction delivery already delivered, requires unprogrammed memory space in the OTP program memory. The address space size of this required unprogrammed memory space in the OTP memory includes the size of the address translation table (PATT) plus the size of the executable code for the subprograms to be changed. In this way, these subprograms can be changed if there is enough OTP space available.

The proposed device relates to a subsequently patchable memory (OTP) in a computer system, in particular in a monolithically integrable microcomputer system, the memory cells are in a first logical state and can be brought by programming once bit selectively in a second logic state. Therefore, such a memory in English with "One-Time.Programmable" = OTP = one-time programmable called. Here, "patch-bar" means that a method can be specified with which faulty or for some other reason to be modified routines of the software can be exchanged for other routines. (Such SW blocks to be exchanged are referred to as patches hereinafter.) Post-patch memory (OTP) includes bit memory cells typically organized into bits or bytes, or data words having a bit, byte, or word address around them Be able to address memory cells. The memory cells may be in a programmed and an unprogrammed state. The programmed state of the memory cells and the unprogrammed state of the memory cells are different from each other. The programmed state of the memory cells is preferably assigned to a first logical state and the unprogrammed state of the memory cells is assigned to a second logical state. For the application of the method described below, it is important that there is a method of isolating individual bit storage cells from the unprogrammed state and thus from the first logic state to the programmed state and thus to the second logic state. It is now proposed to provide the patchable memory with n memory areas (PATT ₁ , PATT _2, ... PATT _n ), each having logical pointers for program procedures and / or data tables and / or data for one or more Processors or finite state machines. Here, n should be a whole positive number greater than or equal to 1. Each memory area (PATT _j with 1≤j≤n) consists of one or more address-related address areas within the memory. These address ranges do not overlap. Each memory area has a first address position which points to the first element of the relevant memory area and from which the address space of the relevant memory area extends up to the memory position of the last memory cell of the relevant memory area.

A memory area of the n memory areas (PATT ₁ , PATT _2, ... PATT _n ) has a plurality of non-programmed bit cells, or a non-programmed bit, at a predefined address position or in the predefined address space relative to its first address position within this memory area Byte or an unprogrammed data word, referred to below as "zero entry". This definition of the predefined address position applies to all memory areas within the respective address areas with respect to the first address position within the respective memory area. The sub-device described below may be present multiple times within a device. A memory area (PATT ₁ ) of the n memory areas is a first memory area. At least one jth memory area (PATT _j with 1≤j≤n) has at this predefined address position within the memory area a plurality of unprogrammed bit cells, or one or more unprogrammed bytes or one or more non-programmed data words (zero entry) , The jth memory area may therefore also be the first memory area, but does not have to be. If the first memory area (PATT ₁₎ identical to the j-th memory region (PATT _j), so has the first memory area (PATT ₁₎ at these predefined address location within the first memory area (PATT ₁₎ one or more unprogrammed bit cells , or one or more unprogrammed bytes or one or more non-programmed data words (zero entry). Particularly preferably, the first memory area (PATT ₁ ) at the predefined address position on a logical pointer to the second memory area (PATT ₂ ), if it is not the j-th memory area (PATT _j ).

If the second memory area (PATT ₂ ) is identical to the j-th memory area (PATT _j ), this second memory area (PATT ₂ ) again has one or more unprogrammed bit memories at the predefined address position within the second memory area (PATT ₂ ). Cells, or one or more unprogrammed bytes, or one or more non-programmed data words (zero entry). Particularly preferably, the second memory area (PATT ₂ ) at the predefined address position a logical pointer to the third memory area (PATT ₃ ), if it is not the j-th memory area (PATT _j ), that is the valid memory area.

If the third memory area (PATT ₃ ) is identical to the j-th memory area (PATT _j ), then this third memory area (PATT ₃ ) again has one or more unprogrammed bit memories at the predefined address position within the third memory area (PATT ₃ ). Cells, or one or more unprogrammed bytes, or one or more non-programmed data words (zero entry). Particularly preferably, the third memory area (PATT ₃ ) at the predefined address position on a logical pointer to the fourth memory area (PATT ₄ ), if it is not the j-th memory area (PATT _j ), that is the valid memory area.

This can be continued until the (j-1) th memory area (PATT _j-1 ).

Since the (j-1) th memory area (PATT _j-1 ) is not identical with the j-th memory area (PATT _j ), this (j-1) -th memory area (PATT _j-1 ) again has the predefined one Address location within the (j-1) -th memory area (PATT _j-1 ) one or more unprogrammed bit cells, or one or more unprogrammed bytes or one or more non-programmed data words (zero entry) on. Particularly preferably, the (j-1) -th memory area (PATT _j-1 ) has a logical pointer to the j-th memory area (PATT _j ) at the predefined address position.

The j-th memory area (PATT _j with 1≤j≤n) has one or more unprogrammed bit cells, or one or more unprogrammed bytes, or one or more unprogrammed ones, at this predefined address location within the memory area, as previously described Zero Entry, which can be used as an identifier for the end of a search sequence and can be used as a flag for the valid lookup table. This marks the jth memory area as valid.

A preceding memory area (PATT _k-1 with 1≤k-1≤j-1) thus contains at the predefined address position a pointer to the following memory area (PATT _k with 2≤k≤j) if it is not the jth memory area (PATT _j ) is.

In order to find the valid memory area, a special procedure for finding and calling a program procedure in this memory is now proposed on this basis. The method begins by reading out the memory value at the predefined address of the k th memory area (PATT _k ). Preferably, it is the first memory area (PATT ₁ ). This is followed by checking whether the memory value of the predefined address or in the predefined address space of the first memory area (PATT ₁ ) is a zero-entry. In the event that it is not a zero-enty, the determination of the subsequent memory area (PATT _{k + 1} ) may be dependent on the read-out memory value.

The steps of reading the memory value at the predefined address (or the memory values in the predefined address space) of a (k + 1) th memory area (PATT _{k + 1} ) and verifying that the memory value of the predefined address of the first Memory area (PATT ₁ ) is a zero-entry, and determining the subsequent memory area (PATT _{k + 1} ) in the case that it is not a zero-enty, then follow log for the k + 1-th memory area as k + 1> n. With each pass, k is increased by preferably one. In the event that it is a zero-entry, the process is aborted and it follows the determination of the logical pointer for the program procedure to be found by means of a predetermined offset within the k-th memory area (PATT _k ). After having determined in this way the logical pointer for the program procedure to be found, the program procedure to be found is invoked with the aid of this logical pointer.

This proposed method can also be described differently. It is a method for finding a data table or data in a memory as described above. The proposed method comprises reading the memory value at the predefined address (or the memory values in the predefined address space) of the k th memory area (PATT _k ), followed by checking the read memory value for whether the memory value of the predefined address of the k memory area memory area (PATT _k ) is a zero-entry. In the event that it is not a zero-enty, the determination of the subsequent memory area (PATT _{k + 1} ), if necessary depending on the read memory value and repeating the steps for the k + 1-th memory area (PATT _{k + 1} ) to k + 1> n. In the case of a zero-entry, instead of this, the determination of the logical pointer for the data table or the data to be found follows by means of a predefined offset within the kth memory area (PATT _k ) and reading out of the data table or the data table to be found Data to be found using this determined in this way logical pointer.

There will now be a method for changing the program procedures and / or data and / or data tables to be found for the one described Memory proposed. A first step is to determine a j + 1th memory area (PATT _{j + 1} ) of the n memory areas to follow the current jth memory area (PATT _j ). At least parts of this j + 1 th memory area (PATT _{j + 1} ) are completely in the state "not programmed". However, at least the said predefined address must contain a zero entry within this j + 1 th memory area (PATT _{j + 1} ). There now follows the programming of the logical pointers for program procedures and / or data tables and / or data for one or more processors or finite state machines in the j + 1th memory area (PATT _{j + 1} ) and the programming of a non-zero entry value into the bits and / or bytes and / or data words of the predefined address of the jth memory area (PATT _j ), which determines the logical pointer for the data table or the data to be found by means of a predetermined offset within the j-th memory area (PATT _j ). As a result, the previous j + 1-th memory area (PATT _{j + 1} ) becomes the new j-th memory area (PATT _j ).

list of figures

• 1 1 shows the change of an exemplary memory structure at delivery (patch level 0), after the first patch process (patch level 1) and after the second patch process (patch level 2).

Of the OTP Memory is split into three memory areas during the patching process ( PATT ₁ . PATT ₂ . PATT ₃ ) assigned. The length of the memory areas can vary.

The predefined address space for the marking of the respective memory area is here, for example, always at the beginning of the respective memory area. At the beginning (patch level 0), the first memory area ( PATT ₁ ) in this predefined address space only a "zero-entry". This means that this address space within the first memory area ( PATT ₁ ) is not programmed. As a result, the program can recognize that the following pointers, here by way of example two pointers, which are labeled PATT [0] and PATT [1], and the following program code are valid. The pointers PATT [0] and PATT [1], for example, each point to a procedure in this program code, whereby they become known to the software and thus become usable. In addition, the first memory area contains a CRC checksum, which applies to the currently valid program version.

The rest of the OTP Memory is unused and not programmed.

During an exemplary subsequent first patch operation, the patch state is brought into the patch level 1.

On the one hand, this exemplary process includes programming the zero-entry in the predefined address space of the first memory area with the pointer to the second memory area. On the one hand, this marks the first memory area as invalid, because no zero-entry is left in the predefined address space. On the other hand, the software makes it possible to find the second memory area, which now provides the desired jump addresses and data instead of the first memory area.

In this patch state (patch level 1), the second memory area ( PATT ₂ ) in the predefined address space again only a "zero-entry". This means that this address space within the second memory area ( PATT ₂ ) is not programmed again. In this way, the program can recognize that the following pointers, here again by way of example, the two pointers, which are labeled PATT [0] and PATT [1], and the subsequent program code are valid. However, the pointers PATT [0] and PATT [1] now show an example of a now changed procedure in this program code, whereby they are known for the software instead of the previously used procedures and thus become usable. In addition, the second memory area ( PATT ₂ ) an adapted CRC checksum, which applies to the currently valid version of the program and to the previous one.

The remainder of the OTP Memory is still unused and not programmed.

During the exemplary second patch process, the patch state is brought into patch level 2.

This process comprises on the one hand the programming of the zero entry of the second memory area ( PATT ₂ ) with the pointer to the third memory area ( PATT ₃ ). This marks on the one hand the second memory area ( PATT ₂ ) is invalid because no zero-entry is left in its predefined address space. On the other hand, the software makes it possible to find the third memory area ( PATT ₃ ), which instead of the second memory area ( PATT ₂ ) provides the required jump addresses and data.

In this patch state (patch level 2), the third memory area ( PATT ₃ ) in the predefined address space again only a "zero-entry". This means that this address space is within the third memory area ( PATT ₃ ) not again is programmed. In this way, the program can recognize again that the following pointers, here again by way of example the two pointers which are labeled PATT [0] and PATT [1], and the subsequent program code are now valid. However, the pointers PATT [0] and PATT [1] now show an example of a now changed for the second time procedure in this program code, whereby they are known for the software instead of the previously used procedures and thus become usable. In addition, the third memory area ( PATT ₃ ) a re-adjusted CRC checksum, which applies to the version of the program that is now valid and has changed compared to the previous program versions.

The remainder of the OTP Memory is again unused and not programmed.

glossary

Zero-Entry
The n memory areas ( PATT ₁ , PATT _2, ...... PATT _n ) each have one or more non-programmed bit cells and / or one or more unprogrammed bytes and / or one or more unprogrammed data words at predefined locations to the predefined one or more predefined address positions relative to their first address position within their respective memory area Address locations. Preferably, it is an entry in the bit width of a pointer. If this is not completely programmed, a software can recognize that it is a valid entry. However, if the entry is programmed, this entry may, for example, contain the pointer (reference) to the next memory area.

Patch A patch is a software or firmware or end-user-proofing delivery that corrects security vulnerabilities, fixes bugs, or upgrades previously unavailable features. A patch is the delivery of a bug fix for executable programs or operating systems and may also contain minor feature enhancements. A patch may also be an update to extend the existing functionality of executable programs while providing troubleshooting. A patch may also be a bug fix to fix bugs in the program source code that could otherwise cause malfunction. A patch can also be a hotfix for a particularly important, urgent fix for executable programs or operating systems, but does not include new functionality. A patch for a binary program usually replaces one or more files with a new version. Binary program patches are mostly released by proprietary software vendors for their own programs. Patches for binary programs are also widespread among software pirates. Here a patch is usually bypassed a copy protection. Also in the computer game scene patches are used to modify games.
(Source https://de.wikipedia.org/wiki/Patch_%28Software%29)

patch-bar
a memory is then patchable if it allows a patch of the data and programs stored in it after delivery, and if a procedure can be specified as to how this patch can be delivered.

Predefined address and predefined address space
For the purposes of this disclosure, this is understood to mean an information technology storage object which comprises at least one bit and may be composed of different information. For example, it may be a structure that is referred to in the programming language C as a "record" and is declared with the declarator "struct". The elements of such a record do not necessarily have to be successively successive, but can preferably be placed in memory in always the same way. If the address of a record element is known, then the other elements are also known. If in this disclosure of predefined address and / or a predefined address space is mentioned, so that the address space of such a predefined structure is meant. At least one element of this structure represents the pointer to the next memory area, or alternatively represents the zero-entry if all bits of that element are in the unprogrammed state. The element can of course be a record again.

LIST OF REFERENCE NUMBERS

MTP

stands for English "Multiple-Times-Programmable", which means multiply programmable. With MTP Memory is thus called a memory in which each bit of this memory is repeatedly programmable and therefore can be erased in a manner not further defined;

OTP

stands for English "one-time programmable", which means only once programmable. With OTP Memory is thus called a memory in which each bit of this memory is programmable only once;

PATT ₁

first storage area of the first address translation table;

PATT ₂

second memory area of the second address translation table;

PATT ₃

third memory area of the third address translation table;

PATT _j-1

(j-1) -th memory area with 1≤ (j-1) <j≤n of the (j-1) -th address translation table;

PATT _j

j-th memory area with 1≤j≤n of the jth address translation table;

PATT _n

nth memory area of the nth address translation table;

List of quoted writings

US 2015 0 317 152 A1 GB 2 231 419 A DE 10 2014 006 998 A1

Claims (4)

Subsequent patchable memory (OTP) having bit memory cells organized into bits or bytes or data words having a bit, byte or word address, the memory cells being in a programmed and an unprogrammed state, wherein the the programmed state and the unprogrammed state differ; and wherein a method exists to bring selected individual bit memory cells from unprogrammed to programmed state independently of other bit memory cells, and wherein a non-programmed state of a bit memory cell can be assigned a first logic state, and - wherein the programmed state of a bit memory cell, a second logic state can be assigned and - wherein the memory n memory areas (PATT ₁ , PATT _2, ...... PATT _n ), having as stored content respectively logical pointers for program procedures and / or data tables and / or data for ei where n is a whole positive number greater than or equal to 1, and where every i-th memory area (PATT _i with 1≤i≤n) of the n memory areas (PATT ₁ , PATT ₂ ,. ..... PATT _n ) consists of one or more contiguous address areas within the memory (OTP) which do not overlap and - wherein a jth memory area (PATT _j ) of the n memory areas (PATT ₁ , PATT _2, .. .... PATT _n ) at one or more predefined address positions within the memory area - hereinafter called predefined address space whose definition applies to all memory areas within the respective address area relative to the beginning of the address area of the respective memory area - • one or more unprogrammed Bit cells, and / or • one or more unprogrammed bytes and / or • one or more unprogrammed data words, and • no programmed bit cells and • no programmed bytes and • no programmed data words, in the following all called "zero-entry", and - wherein at least one memory area (PATT ₁ ) is the first memory area and - wherein the first memory area (PATT ₁ ) in the predefined address space within the first memory area (PATT ₁ ) contains a pointer to the second memory area (PATT ₂ ) if it is not the j-th memory area (PATT _j ), and - a preceding memory area (PATT _k-1 with 1≤k-1≤j -1) in the predefined address space within the previous memory area (PATT _k-1 with 1≤k-1≤j-1) contains a pointer to the subsequent memory area (PATT _k with 2≤k≤j) if it is not the j -th memory area (PATT _j ) is. Method for finding and calling a program procedure in an OTP memory Claim 1 - Readout of the memory values from the predefined address space of a k-th memory area (PATT _k ) with 1≤k≤n, wherein k = 1 can be selected in particular at the first execution of the method; - Check whether the memory values from the predefined address space of the kth memory area (PATT _k ) are zero-entry - In the event that it is NOT a zero-enty: • Determining a subsequent memory area (PATT _{k + 1} ) possibly in dependence on the read-out memory values and repeating the steps of this claim for the k + 1-th memory area and possibly on these subsequent memory areas up to k + 1>n; In the case of a zero-entry: determining a logical pointer for the program procedure to be found by determining the content of a memory location within the k-th memory area (PATT _k ) by means of a predetermined offset; Calling the program procedure to be found using this determined logical pointer; Method for finding a data table or data in an OTP memory Claim 1 - Readout of the memory values from the predefined address space of a k-th memory area (PATT _k ) with 1≤k≤n, wherein k = 1 can be selected in particular at the first execution of the method; - Check whether the memory values from the predefined address space of the kth memory area (PATT _k ) are zero-entry - In the event that it is NOT a zero-enty: • Determine the following memory area (PATT _{k + 1} ) possibly in dependence on the read-out memory value and repeating the steps of this claim for the k + 1-th memory area and possibly on these subsequent memory areas up to k + 1>n; In the case of a zero-entry: determining a logical pointer for the data table or the data to be found by determining the content of a memory location within the k-th memory area (PATT _k ) by means of a predetermined offset; • reading the data table or the data to be found by means of this determined logical pointer; Method for changing the program procedures and / or data and / or data tables for a memory to be found Claim 1 comprising the steps of - determining a j + 1-th memory area (PATT _{j + 1} ) of the n memory areas to follow the current j-th memory area, wherein at least parts of this j + 1-th memory area are completely in the state "not programmed" and wherein at least the predefined address space within this j + 1 th memory area must contain a zero entry; Programming the logical pointers for program procedures and / or data tables and / or data for one or more processors or finite state machines into the j + 1 th memory area (PATT _{j + 1} ); Programming a value deviating from the zero entry into the bits and / or bytes and / or data words of the predefined address space of the jth memory area (PATT _j ), which determines the logical pointer for the data table or the data to be found by means of a predetermined one Offsets within the j-th memory area (PATT _j ) enable the previous j + 1-th memory area to become the new j-th memory area;

Images