MXPA98007933A - Memo semiconductor device - Google Patents

Memo semiconductor device

Info

Publication number
MXPA98007933A
MXPA98007933A MXPA/A/1998/007933A MX9807933A MXPA98007933A MX PA98007933 A MXPA98007933 A MX PA98007933A MX 9807933 A MX9807933 A MX 9807933A MX PA98007933 A MXPA98007933 A MX PA98007933A
Authority
MX
Mexico
Prior art keywords
memory
release
circuit
memory cells
line
Prior art date
Application number
MXPA/A/1998/007933A
Other languages
Spanish (es)
Inventor
Pockrandt Wolfgang
Zettler Thomas
Winnerl Josef
Georgakos Georg
Original Assignee
Siemens Ag 80333 Muenchen De
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Ag 80333 Muenchen De filed Critical Siemens Ag 80333 Muenchen De
Publication of MXPA98007933A publication Critical patent/MXPA98007933A/en

Links

Abstract

The invention relates to a semiconductor memory device with a large number of memory cells (3) arranged on a semiconductor substrate at points of intersection of bit lines and word lines, which can be controlled for programming with data contents. by a word line control circuit (4) and a bit line control circuit (5). Memory cells (3) of a word line are assigned release memory cells (12, 14) arranged along a line of release bits (9, 10, 13) and controllable by a control circuit of release bit lines (11) arranged and controllable separately and independently of the bit-line control circuit (5), which for the release of the memory cells (3) of a predetermined word line can give admission to a release value

Description

SEMICONDUCTOR MEMORY DEVICE FIELD OF THE INVENTION The invention relates to a semiconductor memory device with a large number of memory cells arranged on a semiconductor substrate at points of intersection of bit and word lines, which can be controlled for programming with data contents. by a word line control circuit and a bit line control circuit.
BACKGROUND OF THE INVENTION A semiconductor memory device such as this is preferably applied in so-called chip cards, that is, in identification cards, credit cards, debit cards and the like, which are equipped with an integrated circuit with a microprocessor. The manufacturer of a chip card can equip the microprocessor with a fixedly stored operating system, which is responsible for basic functions, for example, procedures for comparing a code entered from the outside with a stored code and the like. The memories subordinate to the microprocessor inside the chip card, in addition to storing the operating system, also serve to store certain applications and parameters, which are required, for example, for security review and which in any case must be kept secret. A chip card of this type can be used in multiple applications, if in its production a suitable operating system is provided with the corresponding programs, certain suitable interfaces are provided and a memory or a memory area is reserved for one or several programs of the external users. In this way, the card manufacturer can make a memory or memory area available to the user of the memory to program an external user program. In a program like this you can set, for example, certain operations that are developed independently of the operating system and refer only to the special data processing of the user. In a modality of particular multi-faceted applications of a chip card, it can also be foreseen that several different users can load their respective programs on the chip card independently of each other. In any case, in all security-critical data processing systems, which serve, for example, for the processing of confidential data or monetary values, special protection against data manipulation or access must be provided. not allowed to them. Therefore, care should be taken that the relevant data regarding security, which are part of the operating system or also of each user program, are protected against access by unauthorized persons. In the case of a credit card as an example of a chip card, which includes an integrated circuit with a non-fleeting memory (for example, an EEPROM or a ROM) and a microprocessor, to ensure against tampering it is necessary that a program of the user stored in non-fleeting memory does not have unchecked access to other user programs or operating system routines, which are also stored in non-fleeting memory. Avoiding this type of access can be guaranteed by a security circuit for monitoring access to memory, as is known, for example, from German Patent DE 41 15 152 Al or US Patent 5,452,431. In German Patent DE 41 15 152 Al, essentially three different measures are illustrated in this respect. In a first measure, in the circuit shown the address in which the user program starts in the memory area, it is stored before executing it in two auxiliary registers. During program execution, the value of the current address line is compared continuously with the first auxiliary register, and the count value of the program with the second auxiliary register. Through a first comparison, it is determined if a user program is active. Through a second comparison it is determined if at that moment one works in a zone of direction allowed for the program of the user. In case a user program is active and does not work in a permitted area, a restoration signal is triggered on the microprocessor. This measure has the disadvantage that the circuit needs auxiliary registers and additional comparators for n bits, where n is the amplitude of the address line. In a second measure, it is proposed to monitor the program counter and the value of the address line by means of an additional control processor with its own memory. As in the first measurement, a restoration signal is triggered when a user program accesses an address area that is not allowed. This circuit has the disadvantage that an additional processor with memory is required. In a third measure, or a third circuit, each one has memory areas to be protected separately with address bits of different maximum number (block selection bits). Before executing the user program stored in a PROM block, the block selection bits are stored in an auxiliary register. Dureinte the execution of the program, the bits of the major address line are stored in a second auxiliary record and compared with the first. If the content of the auxiliary records is different, it means that the active user program is accessing another program memory area in a non-permitted way. As a result, a restoration signal is triggered. This circuit has the disadvantage that in the case of a small number of bits (for example, two), only a regular, relatively coarse fixed block division (of, for example, a quarter of the total memory) is possible. In addition, a related memory zone can only be assigned to a foreign program. The foreign program with the greatest need for program memory thus determines the block size also for other external programs, so that the use of memory in general is not optimal. US Pat. No. 5,452,431 shows a security circuit for the monitoring of memory access to be applied in particular on chip cards, in which the memory area of the EEPROM is divided into a RR region ("Repertory Region") and a RA application region ("Region Applicaction"), as well as a public region RP ("Public Region"). The control of the different regions RR, RA and RP is effected separately via an address control circuit, so that certain address zones are assigned respectively to the memory regions, ie fixed address limits are determined . The write, read and delete commands of the respective memory regions can be blocked or released by the address control circuit in the given frame. The disadvantage of this circuit is that the division of the memory depends on the manufacture of the EEPROM and the user can no longer modify it. European Patent EP-A-0 129 054 discloses a semiconductor memory device according to the generic term of claim 1, which by word line has four "memory cells of function", which determine whether the data of a word line are protected against writing, reading or deletion.
OBJECTIVES AND ADVANTAGES OF THE INVENTION The present invention is based on the objective of providing a circuit that with simple measures guarantees that a foreign program can only access memory regions that are expressly authorized for an access, and that also allows a flexible division of the accessible memory regions in different applications. This objective is achieved by means of a memory semiconductor device according to claim 1. According to the invention it is provided that memory cells of a speech line are assigned release memory cells disposed along a line of memory. releasing bit and controllable by a control circuit of the release bit line arranged and controllable separately and independently of the control circuit of the bit line, which for the release of the memory cells of a predetermined word line can give admission to a release value. The circuit according to the invention is based on a special arrangement of a semiconductor memory, which allows easy monitoring of memory accesses and, simultaneously, a flexible division of memory, or of memory regions in various applications . In addition to adjusting a flexible memory size, the invention also offers the advantage of a free absolute positioning of the allocated memory regions in the address space of the user programs, so that an optimal utilization of the memory capacity is guaranteed. Limited availability especially in chip cards. Likewise, the invention makes it possible, with additional work of the comparatively minor circuit technique, a secure protection against the manipulation of data or the access to them not allowed, it being possible to perform in addition to the monitoring of the program memory also a monitoring of the data memory. The fundamental principle of the invention is the expansion of the word lines of a semiconductor memory programmable in m bits, which are not in the normal address space and which contain information on the access rights on the data stored in the line bits. of word (page) normal. With a number of m bits for the release memory cells, 2m applications can be made, that is, program regions, or data separated from each other. In a preferred embodiment of the invention, it can be envisaged that the memory cells arranged along the points of intersection of bit lines and word lines and the release memory cells disposed along the intersection points of the word lines and the release bit lines are jointly controlled by a word-line excitation circuit provided in the word-line control circuit. For the addressing of both the memory cells and also the release memory cells, a joint address decoding circuit can also be provided. Thus, the invention relates to a specially structured memory, that is to say, it is not a standard memory, in which in addition to normal cells there are ex-factory release memory cells referred to earlier as release cells, the cells being coupled of release memory with the other word line exciters; thus, the speech line drivers and the address decoders are provided together for the normal cells and the release cells, whereby a considerable surface saving is obtained. The different control of normal cells and cells of release is due only to different bit lines. In other embodiments of the invention, it can be envisaged to employ a microprocessor circuit for the execution of an operating system program and at least one user program, said circuit issuing when it is called, or executing an initialization program a control signal to the circuit control of the release bit line, by means of which a region of memory assigned to the user program can be activated. The release cells of the additionally provided release bit lines are not normally addressed, but through an initialization circuit. This can be designed, for example, in such a way that it is possible only once when loading the operating system, and then the occupation of the additional release cells of the release bits can no longer be modified. In the case of one additional release bit per page, that is, m = 1, two regions of memory can be separated, for example, for two different user programs. The number of pages occupied by a user program can be chosen at your discretion. The placement of the programs in the total region of memory can also be adjusted flexibly, and an interlaced division of the memory regions can also be realized. Preferred embodiments of the invention result from the sub-claims.
BRIEF DESCRIPTION OF THE DRAWINGS From the description of exemplary embodiments with the help of the attached drawings, other characteristics, advantages and convenient dispositions of the invention result. Figure IA is a schematic representation of an electrically programmable and erasable semiconductor memory, to illustrate the fundamental operating mode of the invention. Figure IB is a simplified block diagram of the semiconductor memory according to the invention, shown in Figure IA. Figure 2 is a schematic representation of a circuit according to an embodiment of the invention. Figure 3 is a schematic representation of a circuit according to another embodiment of the invention. Figure 4 is a schematic representation of a circuit in accordance with another embodiment of the invention. Figure 5 is a schematic representation of a circuit according to another embodiment of the invention. Figure 6 is a schematic representation of a circuit according to another embodiment of the invention. And Figure 7 is a schematic representation of a circuit in accordance with another embodiment of the invention.
DETAILED DESCRIPTION OF THE INVENTION Figure IA shows the constitution of a fixed, electrically modifiable memory 1 (EEPROM = Electrical Erasable Programmable ROM), whose advantage consists, as we already know, in that the integrated circuit can be deleted and reprogrammed, without having to remove it from the user's device and in which each byte of the memory can be deleted and rewritten several times separately. The erasure is effected by an electrical impulse. As a memory element, it serves 2 cells with a control electrode and an intermediate electrode not linked to the potential, which acts as a charge accumulator. The way of functioning of this type of fixed memories is basically known and is not illustrated here in more detail. The normal memory cells 3 of the memory semiconductor device 1 are arranged in large numbers at points of intersection of bit lines LB and LP word lines and can be controlled as known to the person skilled in the art, by means of a control circuit of word line 4 and a bit line control circuit 5. An address line 6 and a data line 7 are provided, in which the addresses or data are transported between the various components of the circuit. For reasons of a simpler presentation, only one line is shown for the address line 6 and the data line 7 respectively, when in fact a large number of lines is provided, for example 16. The line system can also consist of only one line, in this case processing the addresses and data in the multiplexer process over time. In Figure IA, of the usually large number of word lines, only four LPO to LP3 are shown, as well as only four lines of bits LBO to LB3. The reference numeral 8 schematically indicates an address decoder, whose constitution and operation are also known to the person skilled in the art and, therefore, are not illustrated in more detail. The security circuit according to the invention is based on a special arrangement or construction of the memory 1 according to Figures IA and IB, which allows easy monitoring of accesses to memory and a flexible division of memory 1 into various applications. The fundamental principle of the invention is the extension of the word line of the memory in m bits, which are not in the normal address space, and which contain information on the data access rights stored in the line bits of normal word (pages, or, pages). For this purpose, additional bit lines 9 and 10 are provided, which are hereinafter referred to as release bit lines., and which can be controlled independently of the (normal) bit line control circuit 5 through a control circuit of release bit lines 11. At the points of intersection of the word lines (normal) LPO to LP3 and the additionally provided release bit lines 9 and 10, release memory cells 12 are provided, which need not be different in their constitution and operation of the normal memory cells 3, and therefore, they can be manufactured together with the same. Release values are temporarily or permanently deposited in the release memory cells, in the manner explained below, which serve for the release of (normal) memory cells 3 from one or more predetermined word lines LPO to LP3 . Figure 2 shows a first exemplary embodiment of the invention, in which a single line of release bits 13 is provided with release memory cells 14, ie, m = 1. The data contents of the memory cells of release 14 of a line of release bits 13, can not be addressed as with (normal) memory cells 3, but is effected through an initialization circuit provided in the control circuit of release bit lines 11, not shown in detail in the figures. The initialization can be designed, for example, in such a way that it is possible only once when loading the operating system. Afterwards, the occupation of the additional release bit can no longer be modified (one bit per page, or, page). With one bit per page (m = 1), two memory regions 15 and 16 separated from each other can be selected, for example for two different user programs. The number of pages (pages) occupied by a user program can be chosen at will. The placement of user programs in the total region of memory is also flexible, which may be divided into regions of memory intertwined with each other. The memory region 15 is assigned, for example, by writing a logical zero in the correspondingly assigned release cells, while the memory region 16 is defined by writing a logical value of one. A microprocessor circuit 17 is assigned to the semiconductor memory 1, in which the operating system and the user programs are called, and which is connected via the address line 6 and the data line 7. with other memories or registers, for example, RAM, ROM or EEPROM, which, for simplicity, are indicated unitarily with the reference number 18. The operating system that runs in the microprocessor 17 has the highest hierarchical level, the programs of users are subordinate to that. When calling a user program, the microprocessor 17 operates a control signal, which is on a line 19. This process can also be executed by the operating system. In this way, the user program can only be active in the region of memory assigned to it. The control signal of the microprocessor 17 thus indicates whether a user program is active. Without further auxiliary registers, this control signal is compared in a simple manner with the extra bit of the release line 13. For this purpose, a comparison circuit is provided with an inverter 20 and a Y connector 21, which are connected as is shown in Figure 2. Intermediate storage of the address or part of it is not required. If a user program is active and accesses a region of memory that is not allowed, a restoration signal is triggered on line 22 in the microprocessor 17. However, it is also possible to not restore the microprocessor with the control signal, but execute another appropriate action. Figure 3 shows a second exemplary embodiment of the invention, in which, with respect to the first example, additional lines of release bits 13 are generally provided. As in the first embodiment, the additional m bits per Line of words LPO to LP3 can not be addressed normally, but through an initialization circuit. The initialization circuits for the additional bits of the release bit lines may be integrated, for example, into the control circuit of the release bit lines 11 (see FIG. IA). The initialization can also be designed in such a way that it is only possible once upon loading the operating system, and then the occupation of the release memory cells of the additional release bit lines can no longer be modified. With a number of m lines of release bits, 2m separate program regions can be separated for user programs, being able to choose at discretion the number of pages (pages) occupied by a user program, and also the placement of the programs of The user in the total memory region can be flexibly adjusted, particularly also in an intertwined division of the memory regions. Again, the operating system has the highest hierarchical level, the user programs are subordinate to that one. When calling a user program, a group of control signals is activated, or a vector of control signals on line 23, and only the operating system can activate this process. In this way, the respective user program can only be active in the region of memory assigned to it. The control signal vector of the microprocessor 17 indicates which applications of the maximum possible 2m are active. Before the start of the respective application, the bit value m Y assigned to the application is placed. The Y value is compared in each memory access with the content of the additional release bit X, by means of a comparator 24. If Y is different from X, it is an unauthorized access, and as a result an appropriate control signal is triggered , for example, a restoration signal on line 25, which restores the microprocessor 17. Figure 4 shows a third embodiment of the invention which, compared with the second example, is extended by an additional memory 26, the so-called access rights table memory. Again, the additional m release bits per word line LPO to LP3 can not be addressed in a normal manner, but through an initialization circuit. In addition, the occupation of the access rights table memory 26 is set in the initialization phase. The initialization circuit for the additional release bits, for example, may be newly integrated into the control circuit of release bit lines 11 (see Figure IA). The initialization can also be designed in such a way that it is only possible once when loading the operating system. Then, the occupation of the additional release bits and the access rights table memory can no longer be modified. With m additional release bits, again 2 separate program regions can be separated, being able to choose at discretion the number of pages (pages) occupied by a user program, and the placement of the user programs in the total region of memory is flexible, being again possible an interlaced division of the memory regions. The operating system has the highest hierarchical level, the user programs are subordinate to it. When calling a user program, a control signal is triggered, in the third embodiment according to FIG. 4, again a group of control signals, or a vector of control signals. Only the operating system can activate this process, so that the respective user program can only be active in the region of memory assigned to it. The control signal vector of the microprocessor 17 indicates which application of the maximum possible 2m is active. Before the start of the application, the bit value m Y assigned to the application is placed. The value is decoded in the access rights table of memory 26, which may be a separate memory with a smaller memory number. The inscriptions Rl, ..., Rk assigned to the respective application Y are compared by the comparator 24 with the content of the additional release bit X. If all the values Ri are different from X, it is an access not allowed. In reaction, a suitable control signal is generated, for example, a restoration signal on line 25. The introduction of the access rights table memory 26 allows a discretional fixation of the reciprocal access rights of the applications. In this way it is possible that an application A can access an application B, but, for example, not vice versa. When the operating system calls the user programs, it must be ensured that the processor control signals that protect the data are activated in time at the beginning of the application and that when they leave it they are deactivated again. The above can happen, for example, in the following way: if the operating system triggers the control signals before jumping to the user program, the jump command is marked as part of the user program. In the same way, the microprocessor 17 can automatically recognize the jump command to the user program region and activate the corresponding control signals. Figure 5 shows another example of embodiment of the invention that allows the setting of the rights of action of the user programs, as especially with regard to the read actions, write and erase. To this end, the semiconductor memory has a number n of additional release bit lines 13a for setting possible actions, as well as a comparator 28 connected via a line 30 with the n additional release bit lines 13a, which it is in contact with the microprocessor 17 via the lines 27 and 29. In the initialization, by correspondingly actuating the release memory cells of the additional release bit lines 13a, what actions can be carried out by a user program is set , that is, read, write or erase, in the assigned memory region. If the user program violates the state of action indicated or predetermined by the microprocessor 17 through the action state signal on line 27, by means of the control signal issued by the comparator 28 on line 29, a restoration of the microprocessor 17 can be started. Figure 6 shows another embodiment of the invention, in which the table of access rights 26 illustrated according to Figure 4, in a particularly simple way with regard to the circuit technique , is directly integrated into the memory cells release a number of k lines of release bits 13 (in this case, k is equal to or less than m). In the exemplary embodiment shown in FIG. 7, the advantageous characteristics of the embodiment examples according to FIGS. 5 and 6 are combined. By means of the circuit according to the invention, in addition to the setting of access rights for code regions of FIG. program, it is also possible to regulate access to data memory regions.

Claims (10)

NOVELTY OF THE INVENTION Having described the foregoing invention, it is considered a novelty, and therefore, the content of the following is claimed as property: CLAIMS
1. A semiconductor memory device with a large number of memory cells arranged on a semiconductor substrate at points of intersection of bit lines and word lines, which for programming with data contents can be controlled by a line control circuit of word and a bit-line control circuit, being assigned to the memory cells of a word line release memory cells arranged along a line of release bits and controllable by a bit-line control circuit of release arranged and controllable separately and independently of the bit-line control circuit, which for the release of the memory cells of a subordinate word line can give admission to a release value, and where m lines are provided for release bits for occupation by choosing at the discretion of a number of 2m cell program regions of memory of the semiconductor memory device, characterized in that the semiconductor memory device has a comparator, whose input is linked to the release bit lines and in which other input a control signal of a microprocessor circuit can be deposited, generating the comparator an exit signal if the values in their two incomes are different.
2. A memory semiconductor device according to claim 1, characterized in that an access rights table memory is provided for the storage of a table of access rights for setting the access rights of the 2ra. program regions.
3. A memory semiconductor device according to claim 2, characterized in that the access rights table is integrated within a number of k release bit lines.
4. A memory semiconductor device according to claim 1, characterized in that the memory cells arranged along the points of intersection of the bit lines and the word lines and the memory cells of the Disengagements arranged along the intersection points of the word lines and the release bit lines are controlled together by a word line driver circuit provided in the word line control circuit.
5. A memory semiconductor device according to claim 1, characterized in that a common address decoding circuit is provided for addressing both the memory cells and the release memory cells.
6. A memory semiconductor device according to claim 1, characterized in that the release bit control circuit has an initialization circuit to set the release values of the release memory cells. of a line of release bits.
7. A memory semiconductor device according to claim 1, characterized in that at least one microprocessor circuit is provided for executing an operating system program and at least one user program, emitting said circuit microprocessor when calling, or executing an initialization program, a control signal to the control circuit of release bit lines, by means of which a region of memory assigned to the user program of the semiconductor memory device can be activated.
8. A memory semiconductor device according to claim 7, characterized in that the microprocessor circuit, when calling, or executing a user program, it operates on a control signal through one or more control lines, on a comparator that is connected to one or several lines of release bits, and that on its part emits a control signal to the microprocessor, in case the user program violates the right of access or action, the term "action" referring to the functions read, write or delete.
9. A semiconductor memory device according to claim 1, characterized in that additionally n release bit lines are provided to set the possible actions, that is, read, write or delete functions.
10. A chip card with a microcircuit containing a semiconductor memory device according to claim 1 to 9.
MXPA/A/1998/007933A 1996-03-28 1998-09-28 Memo semiconductor device MXPA98007933A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE19612439.5 1996-03-28

Publications (1)

Publication Number Publication Date
MXPA98007933A true MXPA98007933A (en) 1999-04-06

Family

ID=

Similar Documents

Publication Publication Date Title
US5912453A (en) Multiple application chip card with decoupled programs
US6292874B1 (en) Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges
EP1029326B1 (en) Programmable access protection in a flash memory device
KR100205740B1 (en) A secure application card for sharing application data and procedures among a plurality of microprocessors
JP4708514B2 (en) Method for loading secure program into microprocessor card and microprocessor card including secure program
US5890191A (en) Method and apparatus for providing erasing and programming protection for electrically erasable programmable read only memory
JPH02210590A (en) Portable data carrier for storing and processing data
JP3878134B2 (en) Microprocessor circuit for data carrier and method for organizing access to data stored in memory
US6572024B1 (en) Memory array with address scrambling
US7409251B2 (en) Method and system for writing NV memories in a controller architecture, corresponding computer program product and computer-readable storage medium
JP2727527B2 (en) Method and circuit for protecting nonvolatile memory area
US6754794B2 (en) Chip card with integrated circuit
JP2004523827A (en) Microprocessor circuit with auxiliary register bank
US6034902A (en) Solid-state memory device
MXPA98007933A (en) Memo semiconductor device
JP4326054B2 (en) Method for protecting data in semiconductor electronic memory device and semiconductor electronic memory device
JPH0697442B2 (en) Micro computer
JP2591796B2 (en) IC card
JPH09231329A (en) Memory card
JPS63266562A (en) Semiconductor integrated circuit
JPH03253397A (en) Ic card
US20040170073A1 (en) Semiconductor storage unit
JPH05120891A (en) Semiconductor storage device
JPH0377180A (en) Microcomputer
KR20020078998A (en) Smart card capable of maintenence security between multi-application programs