JP2011180963A - Semiconductor integrated circuit device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To improve overall performance of writing data to a nonvolatile memory. <P>SOLUTION: A semiconductor integrated circuit device (10) includes a nonvolatile memory (108), a control unit (101), and a RAM (107). The control unit forms an address conversion table on the RAM on the basis of initial settings at power-on, and refers to the address conversion table to control writing data to a block in the nonvolatile memory. Since the RAM includes a logical/physical address conversion table, there is no need to write data to the nonvolatile memory in order to update the address conversion table in the nonvolatile memory, thereby reducing the time required for writing data in the nonvolatile memory. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a power cutoff countermeasure technique in a semiconductor integrated circuit device incorporating a nonvolatile memory, and relates to a technique effective when applied to a card microcomputer mounted on, for example, a non-contact type IC card.

  As an example of a semiconductor integrated circuit device incorporating a nonvolatile memory, a card microcomputer mounted on a non-contact IC card can be cited. The non-contact type IC card has an antenna inside the card, and can perform data communication using radio waves with an external device (reader / writer). The power supply for operating the contactless IC card can also be generated from radio waves, so it can be operated without a battery. However, if the card is moved away from the magnetic field during writing, writing is not possible due to power interruption. There is a risk of becoming perfect.

  Patent Document 1 describes a memory card in which stored information is not lost undesirably even when an operating power supply is interrupted during erasing and writing processes. According to this, the non-volatile memory has an erasure table in which a free information flag is associated with each physical address in the memory area, and an address conversion table in which a physical address in the memory area is associated with each logical address. The information flag indicates whether or not the corresponding memory area is erasable. The control circuit refers to the empty information flag in the erase table to determine the memory area to which the rewrite data is written, reflects the correspondence between the physical address and logical address of the memory area in which the data is written in the address conversion table, and Update the free / busy flag. The memory area to which the rewrite data is written is determined with reference to the empty information flag in the erase table, and rewriting is not performed in the same memory area as the memory area before rewriting.

  Patent Document 2 describes a recording technique in which even if the power is cut off during virtual sector erasure, the difference data is not impaired. According to this, for a nonvolatile recording medium having a plurality of blocked recording unit areas, a continuous writing operation is performed in each recording unit area, and a batch erasing operation is performed for each recording unit area. When a new file is overwritten and saved, the writing operation starts from the empty area immediately after the already written file in the recording unit area and is written in the recording unit area until the end of the writing operation. The file corresponding to the overwrite file is retained.

JP 2004-127185 A JP 2008-076669 A

  In the OS (Operating System) standard having a non-contact interface, if a power-off occurs during writing as a device, it is not possible to leave the data in the nonvolatile memory in a halfway state. Therefore, if the writing is not normally completed, the next data read request is made to output the data before the writing is performed.

  According to Patent Document 1, when a data write request occurs, writing to an empty area of a nonvolatile memory is performed, and overwriting to old data is not performed. An address conversion table used for conversion between a logical address and a physical address is formed in the nonvolatile memory, and the address conversion table in the nonvolatile memory is updated at the time of data writing processing to the nonvolatile memory. That is, every time data is written to the nonvolatile memory, the writing operation to the nonvolatile memory is required twice in order to write the data to the nonvolatile memory and update the address conversion table in the nonvolatile memory. Is done. The inventor of the present application examined the writing process to the non-volatile memory. If the address conversion table is formed in a memory different from the non-volatile memory, for example, a RAM (Random Access Memory), the address conversion table in the non-volatile memory is updated. Therefore, it has been found that the performance of the entire data writing process to the nonvolatile memory can be improved because the writing operation to the nonvolatile memory becomes unnecessary. However, when the address conversion table is formed in the RAM, the address conversion table in the RAM is lost due to power interruption, and measures against it are indispensable.

  In Patent Document 2, since an address conversion table used for conversion between a logical address and a physical address is not used, the relationship between the power shutdown and the address conversion table in the RAM is not considered.

  An object of the present invention is to provide a technique for improving the performance of the entire data writing process to the nonvolatile memory.

  The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

  The following is a brief description of an outline of typical inventions disclosed in the present application.

  That is, a nonvolatile memory, a control unit that can control data writing to the nonvolatile memory and data reading from the nonvolatile memory, and a RAM that can be randomly accessed by the control unit are provided. The non-volatile memory includes a page as a unit of writing, and the page includes a plurality of blocks each capable of storing data, and page management for managing data written in the plurality of blocks in units of the page. Information. An address conversion table forming function for forming an address conversion table for converting a logical address of the nonvolatile memory into a physical address in a first storage area of the RAM by an initial setting at power-up; A data writing function for controlling data writing to the block in the nonvolatile memory with reference to the address conversion table formed in the first storage area of the RAM. The data writing function includes a first function for copying stored data of a page including a block to which data is to be written to a second storage area of the RAM, and writing the data to the second storage area of the RAM. And a second function for writing data to the target block. Further, the data writing function includes a third function for updating page management information in the second storage area of the RAM in response to data writing by the second function, and the RAM after the page management information is updated. And a fourth function for writing data stored in the second storage area into a physical page of the nonvolatile memory that is a free page in the address conversion table.

  The effects obtained by the representative ones of the inventions disclosed in the present application will be briefly described as follows.

  That is, it is possible to provide a technique for improving the performance of the entire data writing process to the nonvolatile memory.

1 is a block diagram illustrating a configuration example of a card microcomputer as an example of a semiconductor integrated circuit device according to the present invention; FIG. It is explanatory drawing of the initial state of EEPROM contained in the said microcomputer for cards. It is a flowchart which shows the flow of operation | movement of the said microcomputer for cards. It is a flowchart which shows the flow of operation | movement when the write command is received in the said microcomputer for cards. It is a flowchart which shows the flow of operation | movement when the read command is received in the said microcomputer for cards. FIG. 3 is an explanatory diagram of a relationship between a memory format and a logical / physical address conversion table in the EEPROM. It is state explanatory drawing of the principal part when the write command for the purpose of data rewriting of the block contained in the said EEPROM is received. It is explanatory drawing of the state in which old data was copied to the predetermined area in RAM. It is state explanatory drawing after the update of the data copied to the writing area in RAM contained in the said microcomputer for cards. It is explanatory drawing of the data writing to the empty page in the said EEPROM. It is explanatory drawing of the comparison with the data in the said EEPROM, and the data of the area for writing of the said RAM. It is explanatory drawing of the change of the confirmation flag in the writing area in the said RAM, and the overwriting to the said EEPROM of the said confirmation flag. It is explanatory drawing of the update of the logical / physical address conversion table in the said RAM. It is explanatory drawing for demonstrating the determination criteria of an empty page. It is explanatory drawing for demonstrating the determination criteria of an empty page. It is explanatory drawing for demonstrating the determination criteria of an empty page. It is explanatory drawing for demonstrating the determination criteria of an empty page. It is explanatory drawing of the relationship between the rewriting unit of EEPROM, and the data size concerning rewriting. It is explanatory drawing of the relationship between the rewriting unit of EEPROM, and the data size concerning rewriting. It is explanatory drawing of the usage example of the non-contact-type IC card in which the said microcomputer for cards was mounted. It is a flowchart which shows the flow of a process in the host system couple | bonded with the reader / writer corresponding to the non-contact-type IC card carrying the said microcomputer for cards.

1. First, an outline of a typical embodiment of the invention disclosed in the present application will be described. Reference numerals in the drawings referred to in parentheses in the outline description of the representative embodiments merely exemplify what are included in the concept of the components to which the reference numerals are attached.

  [1] A semiconductor integrated circuit device (10) according to a typical embodiment of the present invention controls a nonvolatile memory (108), data writing to the nonvolatile memory, and data reading from the nonvolatile memory. And a RAM (107) that can be randomly accessed by the control unit. The non-volatile memory includes a page as a unit of writing, and the page includes a plurality of blocks each capable of storing data, and page management for managing data written in the plurality of blocks in units of the page. Information. An address conversion table forming function for forming an address conversion table for converting a logical address of the nonvolatile memory into a physical address in a first storage area of the RAM by an initial setting at power-up; A data writing function for controlling data writing to the block in the nonvolatile memory with reference to the address conversion table formed in the first storage area of the RAM. The data writing function includes a first function for copying stored data of a page including a block to which data is to be written to a second storage area of the RAM, and writing the data to the second storage area of the RAM. And a second function for writing data to the target block. Further, the data writing function includes a third function for updating page management information in the second storage area of the RAM in response to data writing by the second function, and the RAM after the page management information is updated. And a fourth function for writing data stored in the second storage area into a physical page of the nonvolatile memory that is a free page in the address conversion table.

  When the logical / physical address conversion table is provided in the nonvolatile memory, the data writing to the nonvolatile memory and the address conversion table update in the nonvolatile memory are performed every time the data is written to the nonvolatile memory. Therefore, as a result, the write operation to the nonvolatile memory is required twice.

  On the other hand, in the semiconductor integrated circuit device having the above configuration, since the logical / physical address conversion table is provided in the RAM, the write operation to the nonvolatile memory for updating the address conversion table in the nonvolatile memory is performed. Is no longer necessary. The logical / physical address conversion table in the RAM can be updated at a higher speed than in the case of the nonvolatile memory. For this reason, it is possible to improve the performance of the entire data writing process to the nonvolatile memory.

  In addition, the control unit forms an address conversion table for converting the logical address of the nonvolatile memory into a physical address in the first storage area of the RAM by the initial setting when the power is turned on. A simple address conversion table can be obtained.

  [2] In the above [1], the page management information includes a confirmation flag indicating that data has been normally written. The data write function determines whether or not the data written in the physical page of the non-volatile memory, which is an empty page in the address conversion table, matches the data in the second area of the RAM corresponding thereto. Including a fifth function. Further, the data writing function is used when the data written in the physical page of the non-volatile memory, which is an empty page in the address conversion table, and the corresponding data in the second storage area of the RAM match. After the value of the confirmation flag in the second storage area of the RAM is changed, the confirmation flag in the physical page is updated by overwriting the confirmation flag on the corresponding physical page in the nonvolatile memory. Includes 6 functions.

  When the fifth function determines whether the data written in the physical page of the non-volatile memory matches the corresponding data in the second area of the RAM, and the two data match The sixth function changes the value of the confirmation flag in the second storage area of the RAM, and then overwrites the corresponding physical page in the nonvolatile memory with the physical page. The confirmation flag at is updated. Since the validity of the data can be determined based on the value of the confirmation flag, the reliability of the data can be improved. Furthermore, since the data erasing process is not performed in the overwriting process as compared with the normal data writing, the data writing function can be completed in a short time as a whole. For this reason, even when non-contact communication is performed, it is possible to complete the necessary data communication earlier than in the case of performing the write operation twice in the nonvolatile memory as in the prior art. It is possible to reduce the possibility of power interruption during writing.

  [3] In the above [2], the page management information can include a time stamp. At this time, the third function can be provided with a function of updating the time stamp by adding 1 to the current value of the time stamp, corresponding to the data writing by the second function.

  Since the validity of the data can be determined from the time stamp, the reliability of the data can be improved.

  [4] In the above [3], the page management information can include a logical page number of a page including the page management information and a checksum for the page management information.

  Since the validity of the data can be determined based on the logical page number and the checksum for the page management information, the reliability of the data can be improved.

  [5] In the above [4], when there are a plurality of physical pages having the same logical page number that are activated by the reset of the control unit in the address conversion table forming function, the page conversion information in the physical page is displayed. A seventh function for determining the empty page based on the above can be included.

  By determining the empty page by the seventh function, the writing destination (empty page) by the fourth function can be determined.

  [6] In the above [5], the seventh function includes a case where both the checksum and the confirmation flag are normal and the time stamps are different between a plurality of physical pages having the same logical page number. The function of determining the smaller value of the time stamp as the empty page can be included. The seventh function includes a physical page in which at least one of the time stamp, the logical page number, the confirmation flag, and the checksum among a plurality of physical pages having the same logical page number is determined to be abnormal. Can be included as a free page. The seventh function includes a function of determining, from among a plurality of physical pages having the same logical page number, a physical page for which it has been determined that data has not been normally written or not, as a free page. Can be included. The seventh function is a function that, among a plurality of physical pages having the same logical page number, a physical page for which data other than the confirmation flag is determined to be normal is valid and a different physical page is determined as the free page Can be included.

  According to the above empty page determination function, the empty page is determined by determining the validity of the data in consideration of the occurrence timing of power interruption, that is, at which stage of writing the power interruption has occurred. Therefore, it is determined that either the old data in the nonvolatile memory or the new data to be written is always valid, thereby making it possible to perform appropriate empty page determination.

2. Details of Embodiments Embodiments will be further described in detail.

<Embodiment 1>
FIG. 1 shows a card microcomputer as an example of a semiconductor integrated circuit device according to the present invention.

  The card microcomputer 10 shown in FIG. 1 is not particularly limited, but is formed on a single semiconductor substrate such as a single crystal silicon substrate by a known semiconductor integrated circuit manufacturing technique, and is mounted on a non-contact IC card. It is a chip microcomputer.

  The card microcomputer 10 includes a plurality of functional modules each having a predetermined function, which are used to transmit various signals via an address bus ABUS for transmitting an address signal and a data bus DBUS for transmitting data. The exchanges are coupled so that they can be exchanged.

  The card microcomputer 10 includes a CPU (central processing unit, control unit) 101, an I / O (input / output) port 102, a watchdog timer (WDT) 103, a system control logic 104, a security logic 105, and a ROM (Read Only). A memory (read only memory) 106 and a RAM (random access memory) 107 are provided. The CPU 101 controls the overall operation of the card microcomputer 10 by executing a predetermined program. The I / O port 102 has a 2-channel I / O external interrupt shared port (I / O-1 / IRQ, I / O-2 / IRQ). A watchdog timer (WDT) 103 detects a case where a regular watchdog operation is not performed because a program executed by the CPU 101 falls into an illegal state such as a hang-up. The system control logic 104 controls the operation of the card microcomputer system under the control of the CPU 101. The security logic 105 includes firewall management for the purpose of maintaining the safety of the system. The ROM 106 stores a program executed by the CPU 101. The RAM 107 is a memory that can be randomly accessed by the CPU 101 and is not particularly limited, but is a dynamic RAM or a static RAM. As will be described later in detail, an address conversion table is formed in the RAM 107 under the control of the CPU 101.

  The card microcomputer 10 includes an EEPROM (electrically erasable programmable ROM, nonvolatile memory) 108, a plurality of timers (TMR1, TMR2, TMR3) 109, a remainder multiplication coprocessor 110, a DES coprocessor 111, and an AES. A coprocessor 112 is provided. The EEPROM 108 is an example of a nonvolatile memory. The data write operation to the EEPROM 108 and the data read operation from the EEPROM 108 are controlled by the CPU 101. In this sense, the CPU 101 is also referred to as a “control unit”. A plurality of timers (TMR1, TMR2, TMR3) 109 are used to know the passage of a fixed time by counting clocks. The remainder multiplication coprocessor 110, the DES coprocessor 111, and the AES coprocessor 112 execute predetermined arithmetic processing such as cryptographic operation processing. In this example, the remainder multiplication coprocessor 110 is provided with a RAM (CRAM) used as a work area for arithmetic processing in the coprocessor.

  Further, the card microcomputer 10 is provided with a random number generation circuit (RNG) 113, a pseudo random number generation circuit (DNG) 114, a contact interface (UART) 115, a non-contact interface 116, and an analog control circuit 117. A random number generation circuit (RNG) 113 generates a random number. A pseudo random number generation circuit (DNG) 114 generates pseudo random numbers. The contact interface (UART) 115 enables various signals to be exchanged while being in contact with an external device (reader / writer). The non-contact interface 116 allows various signals to be exchanged with an external device (reader / writer) in a non-contact state. In this example, a communication buffer (BUF) for data input / output is provided in the non-contact interface 116. The analog control circuit 117 has an input switching function. When the analog control circuit 117 is in contact with an external device (reader / writer), the reset signal RES, the clock signal CLK, and the like are connected via a contact interface terminal provided in the non-contact IC card. The power supply voltages Vcc and Vss can be captured. The power supply voltages Vcc and Vss are used as power supplies for operating the card microcomputer 10. The card microcomputer 10 can be reset by the reset signal RES. Further, a power-on reset signal is generated by the analog control circuit 117 when the card microcomputer 10 is turned on. When the power to the card microcomputer 10 is turned on, the card microcomputer 10 is initialized by the power-on reset signal. In addition, the analog control circuit 117 enables communication with an external device (reader / writer) via radio waves when not in contact with the external device (reader / writer). In this case, the power supply of the card microcomputer 10 is generated by rectification and smoothing of the RF carrier signal of an external device (non-contact reader / writer device) that receives via the antenna 118. Also in this case, when the power to the card microcomputer 10 is turned on, the card microcomputer 10 is initialized by the power-on reset signal.

  For example, when the non-contact IC card on which the card microcomputer 10 is mounted is moved away from the magnetic field of the external device during the non-contact communication, the power cut-off during the data writing is the RF carrier signal. As a result, the power supply that should be generated by rectifying and smoothing the RF carrier signal is not generated sufficiently, and the power supply is cut off during communication. It is to end.

  FIG. 2 shows the initial state of the EEPROM 108.

  Although not particularly limited, the EEPROM 108 includes a power shutdown countermeasure area 202 and power shutdown countermeasure non-target areas (power shutdown non-measure areas) 203 and 204. Measures are taken to prevent a decrease in device reliability even when the power is shut off during data writing to the power shutdown countermeasure area 202. However, such measures are not taken for data writing to the non-power-off countermeasure target areas 203 and 204. The areas 203 and 204 (other data areas) that are not subject to power shutdown measures can be used for storing data that does not need to be rewritten.

  The CPU 101 manages the physical memory space and logical memory space in the EEPROM 108 by basically dividing them into units called pages of a certain size. A page is identified by a physical page number (hereinafter, the number may be abbreviated as “No.”) or a logical page number. The association between the logical page number and the physical page number is realized by a logical / physical address conversion table. A page in the EEPROM 108 includes a block (data block) “Block” in which a plurality of data is stored, and a page management information area 201 in which page management information is stored. Data writing to the EEPROM 108 is performed in units of pages.

  FIG. 6 shows the relationship between the memory format in the EEPROM 108 and the logical / physical address conversion table.

  As shown in FIG. 6A, as a countermeasure against power interruption during writing, one of the plurality of pages in the EEPROM 108 is always an empty page, and new data is written to this empty page. Is called. In the example shown in FIG. H'70 is an empty page, and a block belonging to the empty page is distinguished from a block of another page by being a "vacant block (empty block)".

  The page management information recorded in the page management information area 201 includes a time stamp (TS), a logical page number, and the like as shown in an enlarged view in FIG. (H'00), a confirmation flag (H'81), a first checksum (CS1) for the page management information, and a second checksum (CS2) for the data block. The time stamp is used to determine a free page as will be described later. Logical page No. Is a logical page number in the EEPROM 108. It is. The confirmation flag is a flag for indicating that data has been normally written. The first checksum for the page management information includes a time stamp and a logical page number. And the second checksum for the data block is the total value of the words of the data block in the page. The first checksum and the second checksum are each used for error detection.

  As shown in FIG. 6B, the logical / physical address conversion table includes a logical page No. And physical page No. , And a physical address for the logical address is obtained by referring to the logical / physical address conversion table 601. Also, by referring to this logical / physical address conversion table 601, the physical page number of the empty page in the EEPROM 108 is displayed. Can be obtained. Such a logical / physical address conversion table 601 is formed in the RAM 107 by initialization processing after power-on reset of the card microcomputer 10.

  FIG. 3 shows an operation flow of the card microcomputer 10.

  When the power supply voltages Vcc and Vss are input to the card microcomputer 10 or when the power supply voltage is supplied via the antenna 118 (301), a power-on reset signal is generated in the analog control circuit 117, thereby The card microcomputer 10 is initialized. That is, by executing a predetermined reset processing program by the CPU 101, hardware (H / W) initialization processing and software (S / W) initialization processing in the card microcomputer 10 are performed (302). 303), the logical / physical address conversion table is created (304). In the logical / physical address conversion table, the entire power shutdown countermeasure target area 202 (see FIG. 2) in the EEPROM 108 is scanned by the CPU 101, and is constructed in a predetermined area of the RAM 107 based on the scan result. In the logical / physical address conversion table, the physical page number of the empty page is displayed. Is also included. The determination criteria for empty pages will be described in detail later. After the logical / physical address conversion table is created, the card microcomputer 10 enters a command reception waiting state (305). In this state, when a write command or a read command is received, processing corresponding to the command is performed under the control of the CPU 101 (306).

  FIG. 4 shows a flow of operation when a write command is received by the card microcomputer 10.

  Hereinafter, the operation of the card microcomputer 10 will be described with reference to FIG. The write command is issued from a reader / writer serving as an external device, and the write command issued from the reader / writer includes a block number for which data is to be rewritten and data related to rewrite.

  When a write command is received (401), the command is decoded by the CPU 101, and address conversion processing is first performed based on the decoding result (402). FIG. 7 shows the state of the main part when a write command intended to rewrite data in block 1 (Block 1) is received. In this example, H′00 to H′70 in the EEPROM 108 are set as power cutoff countermeasure target areas. Although not particularly limited, the rewrite unit (page size) of the EEPROM 108 is 64 bytes, and the data size (block size) required for rewriting is 16 bytes.

  Logical page No. corresponding to block 1 (Block 1). To physical page No. Conversion to is performed with reference to the logical / physical address conversion table 601 in the RAM 107.

  Next, based on the address conversion result in step 402, the old data is copied to a predetermined area of the RAM 107 (403). FIG. 8 shows a state where old data has been copied to a predetermined area of the RAM 107. In this example, the stored data of the page (physical page No. H′00) including the block 1 (Block 1) to be rewritten is copied to the write area 801 of the RAM 107.

  Next, in step 403, the data copied to the write area 801 of the RAM 107 is updated (404). FIG. 9 shows a state after the data copied in the write area 801 of the RAM 107 in step 403 is updated. In this example, the data of block 1 (Block 1) in the write area 801 is changed to data (Block 1 ') related to the write command. Along with this change, the time stamp is updated from “TS” to “TS + 1”, the confirmation flag is updated from “H′81” to “H′FF”, and the value of the first checksum is “CS1”. To “CS1 ′” and the value of the second checksum is updated from “CS2” to “CS2 ′”.

  Next, data is written to an empty page in the EEPROM 108 (405). That is, referring to the logical / physical address conversion table 601, the physical page number of the empty page in the EEPROM 108 is displayed. Is obtained ("H'70" in this example), and as shown in FIG. 10, the data in the write area 801 of the RAM 107 (updated in step 404) is written in this empty page.

  After the data is written in step 405, the physical page No. in the EEPROM 108 is checked as shown in FIG. 11 to confirm whether the data has been written correctly. The H'70 data (data written in step 405) is compared with the data in the write area 801 of the RAM 107 (write source data) (406).

  If it is determined as a result of the data comparison in step 406 that both data match, this means that the data writing in step 405 has been performed correctly. In this case, the confirmation flag is overwritten. (407). That is, as a result of the data comparison in step 406, if it is determined that the two data match, as shown in FIG. 12, the confirmation flag in the write area 801 of the RAM 107 is “H′FF”. To the data indicating confirmation completion, for example, “H′81”, and the confirmation flag after the change is changed to a physical page No. in the EEPROM 108. The data of H'70 is overwritten (overwritten). In this overwriting, data other than the confirmation flag need not be written, and therefore all data other than the confirmation flag in the write area 801 of the RAM 107 is changed to “H′FF”. The overwriting in step 407 is completed in a short time because the data erasing process is not performed as compared with the data writing in step 405. In other words, in step 407, data other than the confirmation flag is overwritten with “H′FF”, and as a result, only data indicating confirmation completion is updated in the write area 801 of the RAM 107.

  If it is determined as a result of the data comparison in step 406 that the two data do not match, this means that the data writing in step 405 has not been performed correctly. To do.

  After overwriting in step 407, the logical / physical address conversion table 601 is updated (408). That is, as shown in FIG. 13, in order to match the contents of the logical / physical address conversion table 601 with the state of the EEPROM 108, the logical page No. H'00 physical page No. Is changed from “H′00” to “H′70”, and the physical page number of the empty page is changed. Is changed from “H′70” to “H′00”.

  The data rewriting corresponding to the received write command is thus completed.

  Next, the empty page determination performed in the logical / physical address conversion table creation in step 304 in FIG. 3 will be described in detail. Logical page numbers equal to each other. When there are two physical pages having “”, the CPU 101 determines a free page according to the following criteria.

  The following four cases can be given as criteria for determining the free page.

<< Case 1 >>
First, Case 1 will be described.

  As shown in FIG. 14, logical page numbers equal to each other. In the two physical pages having H′00, the first checksum (CS1, CS1 ′) and the second checksum (CS2, CS2 ′) are correct, and the confirmation flag (H′81) is overwritten normally. However, the time stamps may be different from each other. In such a case, the data with the larger time stamp is regarded as valid data. That is, the time stamp should have been changed from “TS” to “TS + 1” as a result of the data copied to the write area 801 of the RAM 107 being updated in step 404 (see FIG. 9). The larger time stamp is the valid data. Therefore, a physical page No. having a time stamp of “TS + 1” is stored. H'70 is determined to be a valid page, and a physical page No. having a time stamp of “TS”. H′00 is determined as an empty page, and the determination result is written in the logical / physical address conversion table 601.

  This case is a case where the power is turned off after the logical / physical address conversion table is updated in step 408, and is the most general case (see FIG. 4).

<< Case 2 >>
Case 2 will be described.

  As shown in FIG. 15, for example, the physical page No. 70 page management information, time stamp, logical page No. If at least one of the confirmation flag, the first checksum, and the second checksum is an impossible value (abnormal value), it is determined to be invalid data (Invalid data). 70 is determined to be an empty page, and the determination result is written in the logical / physical address conversion table 601.

  In this case, the physical page No. Since there is a possibility that the data has become an abnormal value due to the power being cut off during the data writing to the data 70, the data before the data writing (the old data of the EEPROM 108, which is the physical data in this example) The data of page No. H'00) is made valid (valid data page) (see FIG. 4).

<< Case 3 >>
Case 3 will be described.

  As shown in FIG. 16, logical page numbers equal to each other. In the two physical pages having H'00, the first checksum (CS1, CS1 ') and the second checksum (CS2, CS2') are correct, respectively. The time stamp of H'70 is the physical page No. Compared to H'00, although it is +1 (updated), physical page No. A case where the confirmation flag of H′70 remains H′FF is considered. In such a case, the physical page No. H′70 is determined to be an empty page, and the determination result is written in the logical / physical address conversion table 601.

  In this case, it is considered that although the data has been normally written, it has not been confirmed whether the data has been normally written or not based on the data comparison in step 406 due to the power shutdown. Data before the data writing (old data of the EEPROM 108, in this example, data of physical page No. H'00) is validated (see FIG. 4).

<< Case 4 >>
Case 4 will be described.

  As shown in FIG. 17, logical page numbers equal to each other. In the two physical pages having H'00, the first checksum (CS1, CS1 ') and the second checksum (CS2, CS2') are correct, respectively. The time stamp of H'70 is the physical page No. Despite being incremented by 1 compared to H′00, the physical page No. A case where the confirmation flag of H′70 is an abnormal value (except “H′FF”) is conceivable. In such a case, the physical page No. H′00 is determined as an empty page, and the determination result is written in the logical / physical address conversion table 601.

  In this case, although it was confirmed that the data was normally written based on the data comparison in step 406, the power may have been cut off during the overwriting of the confirmation flag in step 407. It is determined that data other than the confirmation flag is normally written. For this reason, in this example, the data after writing the data (new data in the EEPROM 108, data in the physical page No. H'70 in this example) is validated (see FIG. 4).

  According to the above empty page determination standard, the empty page is determined by determining the validity of the data in consideration of the occurrence timing of power interruption, that is, at which stage of writing, the data validity. Thus, it is determined that either the old data or the new data to be written is always valid, whereby appropriate empty page determination can be performed, and the reliability of data read from the EEPROM 108 can be improved.

  Here, according to the prior art, when the logical / physical address conversion table 601 is provided in the EEPROM 108, the data writing to the EEPROM 108 and the address conversion table update in the EEPROM 108 are updated every time data is written to the EEPROM 108. As a result, the write operation to the EEPROM 108 is required twice.

  On the other hand, in this embodiment, since the logical / physical address conversion table 601 is provided in the RAM 107, a write operation to the EEPROM 108 for updating the address conversion table in the EEPROM 108 becomes unnecessary. The logical / physical address conversion table 601 in the RAM 107 can be updated faster than in the case of the EEPROM 108. For this reason, it is possible to improve the performance of the entire data writing process to the EEPROM 108.

  In the data writing process, if it is determined that the two data match as a result of the data comparison in step 406, the confirmation flag is overwritten (407). However, in this overwriting, it is not necessary to write data other than the confirmation flag. Therefore, all data other than the confirmation flag in the write area 801 of the RAM 107 is changed to “H′FF”. The overwriting in step 407 can be completed in a shorter time because the data erasing process is not performed compared to the data writing in step 405. Therefore, the overwrite of the confirmation flag does not hinder the improvement of the performance of the entire data writing process to the EEPROM 108.

  In addition, since the data erasure process is not performed in the overwrite (overwrite process) in step 407 as compared with the normal data write, the data write process can be completed in a short time as a whole. It becomes. Therefore, even when non-contact communication is performed, necessary data communication (write communication or the like) can be completed earlier than in the case where the write operation is performed twice in the nonvolatile memory as in the related art. This makes it possible to reduce the possibility of power interruption during communication.

  Next, an operation when a read command is received by the card microcomputer 10 will be described.

  FIG. 5 shows an operation flow when the card microcomputer 10 receives a read command.

  The read command is issued from the reader / writer, and the write command issued from the reader / writer includes information such as a block number from which data is to be read.

  When a read command is received (501), as in the case where the write command is received, the command is decoded by the CPU 101, and address conversion processing is first performed based on the decoding result (502). The logical page number of the block from which data is to be read. To physical page No. Conversion to is performed with reference to the logical / physical address conversion table 601 in the RAM 107. The obtained physical page No. Is copied from the EEPROM 108 to a predetermined area of the RAM 107 (503), and data corresponding to the read command is output to the reader / writer from the copied data (504).

  Next, the relationship between the rewrite unit of the EEPROM 108 and the data size required for rewrite will be described.

  The card microcomputer 10 is provided with a page management information area 201 in which page management information is stored for each rewriting unit of the EEPROM 108, and the page management information is scanned in the initial setting resulting from the power-on reset. Thus, a logical / physical address conversion table 601 is formed. According to such a card microcomputer 10, the following relationship exists between the rewrite unit of the EEPROM 108 and the data size (data size requested by the user) required for rewriting.

  For example, as shown in FIG. 18A, when the rewrite unit of the EEPROM 108 is 32 bytes and the data size (data size requested by the user) is 1 byte or 16 bytes, the case of the above embodiment Similarly, the number of memory rewrites is one. However, when the data size is 32 bytes, the number of memory rewrites is two. That is, when the rewrite unit of the EEPROM 108 is 32 bytes and the data size is 32 bytes, the write data is first divided into 16 bytes as shown in FIG. (16 bytes) is written to an empty page, and the logical / physical address conversion table 601 in the RAM is updated (181). Then, the physical address No. which has become a free page by the processing of step 181 is displayed. The remaining data (16 bytes) and page management information (16 bytes) are written, and the logical / physical address conversion table 601 in the RAM is updated (182). Thus, when the rewrite unit of the EEPROM 108 is 32 bytes and the data size is 32 bytes, the number of rewrites is two. If the EEPROM 108 has a rewrite unit of 32 bytes and the data size exceeds 32 bytes, the number of rewrites may further increase.

  Further, when the rewrite unit of the EEPROM 108 is 32 bytes, as shown in FIG. 18C, the area that can be used for writing user data due to the presence of page management information (16 bytes) Since it becomes half of the area 202 (see FIG. 2), it is not practical.

  As shown in FIG. 19A, when the rewrite unit of the EEPROM 108 is 128 bytes and the data size (data size requested by the user) is 1 byte or 112 bytes or less, the above embodiment is used. Similarly, the number of memory rewrites is one. However, when the data size exceeds 113 bytes, the number of memory rewrites is two. Note that the writing process when the rewrite unit of the EEPROM 108 is 128 bytes and the data size exceeds 113 bytes is the same as the case shown in FIG.

  When the rewrite unit of the EEPROM 108 is 128 bytes, the page management information (16 bytes) is as small as 1/8 of the rewrite unit (128 bytes) of the EEPROM 108 as shown in FIG. It is considered practical.

  Considering the above, it is desirable to set the relationship between the rewrite unit of the EEPROM 108 and the data size required for rewriting so that the data size required for rewriting (data size requested by the user) is equal to or smaller than the rewrite unit of the EEPROM 108. .

  Further, the memory usage of the EEPROM 108 should be as small as possible in the page management information in the power shutdown countermeasure target area 202 (see FIG. 2).

  In the above embodiment, the rewrite unit (page size) of the EEPROM 108 is 64 bytes, and the data size (block size) required for rewriting is 16 bytes. This setting is considered appropriate for the above reason.

  Next, a usage example of a non-contact type IC card on which the card microcomputer 10 is mounted will be described.

  As shown in FIG. 20, the non-contact IC card 212 on which the card microcomputer 10 is mounted can be used as a traffic ticket, a financial card, and an entry / exit card.

  When the non-contact IC card 212 is used as a traffic ticket, the reader / writer 211 writes various information such as the card balance, the ticket gate passage time, and the station that has passed the ticket gate into the EEPROM 108 in the non-contact IC card 212. It is.

  When the non-contact type IC card 212 is used as a financial card, various information such as the balance of the card, withdrawal / deposit date / time, etc. are written into the EEPROM 108 in the non-contact type IC card 212 by the reader / writer 211.

  When the non-contact type IC card 212 is used as an entry / exit card, various information such as a room entry time and a room exit time are written into the EEPROM 108 in the non-contact type IC card 212 by the reader / writer 211.

  Also, various information transmitted from the reader / writer 211 can be encrypted and then written to the EEPROM 108 in the non-contact type IC card 212, and read data from the EEPROM 108 can be decrypted and output to the reader / writer 211. Encryption processing and decryption processing in this case can be performed at high speed using the remainder multiplication coprocessor 110, DES coprocessor 111, AES coprocessor 112, etc. in the card microcomputer 10.

  FIG. 21 shows a host system (computer system) coupled to the reader / writer 211 corresponding to the non-contact type IC card 212 on which the card microcomputer 10 with the power cut-off measure taken as described above is mounted. By performing this process, the ability of the card microcomputer 10 is exhibited.

  That is, the host system coupled to the reader / writer 211 corresponding to the non-contact type IC card 212 establishes a non-contact communication connection with the card microcomputer 10 in the non-contact type IC card 212 according to a predetermined communication protocol ( 2101), in the previous non-contact communication connection, it is determined whether or not the processing interruption due to the power interruption has occurred (2102). This determination can be made by comparing the data in the EEPROM 108 in the card microcomputer 10 with the expected value in the host system. If it is determined in step 2102 that processing interruption due to power interruption has not occurred (Y), desired access to the non-contact IC card 212 is started from the host system. (2105). However, if it is determined in step 2102 that the processing interruption due to the power interruption has occurred (N), the data related to the processing interruption caused by the power interruption is, if necessary, The data is written in the EEPROM 108 in the card microcomputer 10 (2104).

  Although the invention made by the present inventor has been specifically described based on the embodiments, it is needless to say that the present invention is not limited thereto and can be variously modified without departing from the gist thereof.

  For example, the power shutdown countermeasure non-target areas 203 and 204 (other data areas) in the EEPROM 108 may be omitted, and the entire storage area of the EEPROM 108 may be used as the power shutdown countermeasure target area 202.

  Instead of the EEPROM 108, a flash memory which is another nonvolatile memory can be applied.

10 card microcomputer 101 CPU
102 I / O port 103 Watchdog timer 104 System control logic 105 Security logic 106 ROM
107 RAM
108 EEPROM
109 Multiple Timers 110 Residue Multiplication Coprocessor 111 DES Coprocessor 112 AES Coprocessor 113 Random Number Generation Circuit 114 Pseudo Random Number Generation Circuit 115 Contact Interface 116 Contactless Interface 117 Analog Control Circuit 118 Antenna 201 Page Management Information Area 202 Power Shutdown Countermeasure Target Area 203, 204 Power-off prevention target area 211 Reader / writer 212 Non-contact IC card 601 Logical / physical address conversion table 801 Write area

Claims (6)

Non-volatile memory;
A control unit capable of controlling data writing to the nonvolatile memory and data reading from the nonvolatile memory;
RAM randomly accessible by the control unit,
The non-volatile memory includes a page as a writing unit,
The page includes a plurality of blocks each capable of storing data, and page management information for managing the data written in the plurality of blocks in units of pages,
An address conversion table forming function for forming an address conversion table for converting a logical address of the nonvolatile memory into a physical address in a first storage area of the RAM by an initial setting at power-up;
A data writing function for controlling data writing to a block in the nonvolatile memory with reference to the address conversion table formed in the first storage area of the RAM,
The data writing function includes a first function for copying storage data of a page including a block to which data is to be written to the second storage area of the RAM;
A second function for writing data to the block to which the data is written in the second storage area of the RAM;
A third function for updating page management information in the second storage area of the RAM in response to data writing by the second function;
A fourth function for writing data stored in the second storage area of the RAM to a physical page of the nonvolatile memory that is set as an empty page in the address conversion table after the page management information is updated. A semiconductor integrated circuit device. The page management information includes a confirmation flag indicating that data has been successfully written,
The data write function determines whether or not the data written in the physical page of the non-volatile memory, which is an empty page in the address conversion table, matches the data in the second area of the RAM corresponding thereto. A fifth function to
The second storage area of the RAM when the data written in the physical page of the non-volatile memory, which is an empty page in the address conversion table, matches the corresponding data in the second storage area of the RAM. And a sixth function for updating the confirmation flag in the physical page by overwriting the corresponding physical page in the nonvolatile memory after changing the value of the confirmation flag. 2. The semiconductor integrated circuit device according to 1. The page management information further includes a time stamp,
3. The semiconductor integrated circuit according to claim 2, wherein the third function includes a function of updating the time stamp by adding 1 to a current value of the time stamp in response to data writing by the second function. apparatus.   4. The semiconductor integrated circuit device according to claim 3, wherein the page management information further includes a logical page number of a page including the page management information, and a checksum for the page management information.   The address conversion table forming function is activated by resetting the control unit, and when there are a plurality of physical pages having the same logical page number, a seventh page for determining the empty page based on page management information in the physical page. 5. The semiconductor integrated circuit device according to claim 4, comprising a function. In the seventh function, when both the checksum and the confirmation flag are normal between a plurality of physical pages having the same logical page number and the time stamps are different from each other, the smaller value of the time stamp is determined. A function to determine that the page is free,
Among a plurality of physical pages having the same logical page number, a physical page in which at least one of the time stamp, the logical page number, the confirmation flag, and the checksum is determined to be abnormal is determined as the free page. Function and
A function of determining, as a free page, a physical page that has been determined that the data has not been successfully written out of a plurality of physical pages having the same logical page number;
6. A function of validating a physical page for which data other than the confirmation flag is determined to be normal among a plurality of physical pages having the same logical page number, and determining a physical page different from the physical page as the empty page. The semiconductor integrated circuit device described.

Images