WO2000010074A1 - Microcontroller having allocation circuitry to selectively allocate and/or hide portions of a program memory address space - Google Patents
Microcontroller having allocation circuitry to selectively allocate and/or hide portions of a program memory address space Download PDFInfo
- Publication number
- WO2000010074A1 WO2000010074A1 PCT/US1999/018443 US9918443W WO0010074A1 WO 2000010074 A1 WO2000010074 A1 WO 2000010074A1 US 9918443 W US9918443 W US 9918443W WO 0010074 A1 WO0010074 A1 WO 0010074A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- program memory
- mode
- memory space
- program
- block
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/38—Concurrent instruction execution, e.g. pipeline, look ahead
- G06F9/3802—Instruction prefetching
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/38—Concurrent instruction execution, e.g. pipeline, look ahead
- G06F9/3802—Instruction prefetching
- G06F9/3814—Implementation provisions of instruction buffers, e.g. prefetch buffer; banks
Definitions
- the present invention relates to microcontroller systems having flash memory in a program memory address space and, in particular, to a microcontroller system that selectively allocates portions of the program memory space to either internal or external memories, or a combination thereof, for reasons of security of the internal memory contents.
- the present invention also relates to such microcontroller systems having security circuitry such that a program executing from one portion of the flash memory of the microcontroller can securely program or reprogram another portion of the flash memory.
- Microcontroller systems including memory are known in the art. With a conventional microcontroller system, blocks of the memory may be locked such that a locked block cannot be interrogated. This locking thus secures program code contained in the locked blocks from unauthorized access by f ⁇ rmware piraters and from accidental erasing and programming.
- a microcontroller system is desirable for a microcontroller system to be configurable such that blocks of memory can be locked from unauthorized interrogation or code corruption, but can also be reprogrammed and/or accessed under a predetermined secure environment.
- a microcontroller system includes program memory space allocation means.
- program memory space allocation means In a first mode of operation, a first block of program memory is hidden for code fetching such that a processor is prohibited from retrieving program instructions from the first block of program memory.
- the first block of program memory In a second mode, however, the first block of program memory is accessible for code fetching.
- the program memory space allocation means allocates the program memory space such that the processor may retrieve program instructions only from an external memory, that is not unitarily formed in the integrated circuit.
- the mode of operation of the program memory space allocation is controlled in response to the contents of a configuration register.
- a microcontroller system includes a security lock circuit to regulate access requests to contents of locations of a program memory.
- the regulation is selective, based on an operating mode of the security lock circuit, and also based on the source of the access request and the location of the program memory for which the access request is intended.
- one major advantage provided by the security lock circuit is that concurrent — j — programming (i.e., programming of one area of memory using instructions executing from another area of memory) can be initiated under predetermined secure conditions.
- FIG. 1 is a block functional illustration of an embodiment of a microcontroller system.
- Fig. 2 is a block functional illustration of an embodiment of a flash operation controller of the Fig. 1 microcontroller system.
- Fig. 3A is a table that summarizes security functions of the Fig. 1 microcontroller system.
- Fig. 3B is a table that further details the activated mode of the security lock circuit.
- Figs. 4A to 4C illustrate various states of program memory organization of the Fig. 1 microcontroller system.
- Fig. 1 illustrates, in block functional form, a microcontroller system 100 in accordance with an embodiment of the present invention, unitarily formed in an integrated circuit.
- the system 100 includes a microcontroller unit (MCU) core 103, designated by part number T8052 in Fig. 1.
- MCU microcontroller unit
- Embedded program memory 102 includes two independent program memory blocks 102a and 102b.
- the program memory blocks 102a and 102b are erasable and reprogrammable, and are preferably flash EEPROM of the type disclosed, for example, in U.S. Patent No. 5,572,054, issued November 5, 1996 and assigned to Silicon Storage Technology, Inc.
- Program memory block 102a (designated, for convenience of reference, as the "lower program block") is addressable at the standard 87C58 32 Kbytes of internal ROM area
- program memory block 102b (designated for convenience of reference as the "upper program memory block") is addressable at the high address end of the 8xC5x architecture.
- the microcontroller system 100 is configurable to address up to 64 Kbytes of program memory (not shown) external to the system 100.
- the system 100 also includes on-chip RAM (not shown) and is configurable to address external data RAM (not shown).
- a flash operation controller 104 (shown in more detail in Fig.
- a command/address decoder 106 interfaces the MCU core 103 to the addressable memory (whether program memory 102 or other addressable memory, internal or external), I/O ports, and configuration registers. Some of the configuration registers, particularly those within the flash operation controller, are discussed in greater detail later.
- I/O pads interface 108 includes circuitry for interfacing the various components of the system 100 to external devices (not shown), for example, external memory or an external host.
- test mode controller 1 10 assists in controlling the system 100 when it is operating in "external host mode", wherein an external "host” processor (not shown) is operating in place of the MCU core 103.
- An example of an external host is a PCB tester automated test equipment, a PC-controlled development board, or an OTP (one-time programmable) MCU programmer.
- OTP one-time programmable
- a primary function of the flash operation controller 104 is to control read and/or write access to the blocks 102a and 102b of the program memory 102, in accordance with the value stored in a "security byte".
- the flash control unit 201 controls such access responsive to the value of the security byte, as indicated by a field of the SuperFlash® Configuration register (SFCF) 202 which contains a decoding of the security byte.
- the security byte is located at the highest address location, FFFFh, of the microcontroller system 100 memory space. That is, the security byte is located at the highest location in upper program memory block 102b.
- either the entire program memory 102 may be locked; just the upper program memory block 102b may be locked; or both the lower program memory block 102a and the upper program memory block 102b may be unlocked.
- value of the security byte is a shorthand notation herein for the value of the field in the SFCF register 202 that is a decoding of the security byte.
- Precisely what it means for a block of memory to be "locked” or "unlocked” is discussed later.
- the table shown in Fig. 3A provides a summary of the effect that a particular value of the security byte has on the security functions of the system 100.
- both the program memory block 102a and program memory block 102b are unlocked.
- the default value of the security byte is FFh.
- the security byte value is other than FFh (i.e., has an "activated” value)
- security is activated to lock at least one of the program memory blocks 102a and 102b.
- the "move constant" (MOVC) instruction which in some instances could be used for read access of data from the program memory 102, is denied read access when the location of the MOVC instruction itself could be in either an unlocked flash memory location (i.e., a portion of the flash memory 102 is unlocked, as indicated by the activated value of the security byte) or may be in an external memory (as indicated by the signal at an External Enable, or EA#, input pin). Therefore, the contents of the internal flash program memory 102 are prevented from being read undesirably when any level of security is activated.
- the CHIP ERASE function operates regardless of the value of the security byte.
- the security byte is set back to the default value of FFh.
- the external host may freely program (or otherwise access) the program memory 102, via the SFDT "mailbox register" 204.
- the WDTD and WDTC registers shown in Fig. 2 are for controlling a watchdog timer and are not relevant to the present disclosure.
- the security byte at location FFFFh has the value F5h, only the upper program memory block 102b is locked, and the lower program memory block 102a is not locked.
- the lower program memory block 102a may be programmed (i.e., sector or block erase, write and verify operations) by program code executing from the upper program memory block 102b, but not by any program code executing from the external program code storage even though both program memory blocks 102a and 102b are security locked for any other access, such as External Mode Host Access.
- This security mechanism is known as "soft lock".
- the "soft lock” security mechanism allows the system to use a secure program code to perform in-system and in-field flash memory concurrent programming of the lower program memory block 102a under a predetermined secure environment.
- the table in Fig. 3A further illustrates this security lock feature. More details of the program memory addressable space are now discussed with reference to Figs. 4A to 4C, particularly relative to how the program memory organization is adaptable to address safety and security concerns. More specifically, Figs. 4A to 4C show three program memory organization and assignment options of the microcontroller system 100.
- the program (flash) memory 102 of the microcontroller system 100 includes two blocks, lower program memory block 102a and upper program memory block 102b.
- the lower program memory block 102a has 32 Kbytes, and occupies the address space OOOOh to 7FFFh.
- the 32 Kbytes of the lower program memory block 102a are organized as 512 rows (256 of
- the upper program memory block 102b has 4 Kbytes, and occupies the address space FOOOh to FFFFh.
- the 4 Kbytes of the upper program memory block 102b are organized as 128 rows (64 of 64- byte sectors per page, 7 X-address lines) and 256 columns (32 bytes per row,
- the address space 8000h to EFFFh is always reserved for external memory (not shown), which may be, for example, memory of a development system or hardware programmer.
- external memory not shown
- hidden for code fetching it is meant that program instructions in the block “hidden for code fetching" cannot be fetched and executed from locations of the hidden block.
- the concurrent programming field is the most significant bit of the SuperFlash® configuration register SFCF 202 (Fig. 2).
- the security of the program memory is enhanced. Furthermore, in combination with the security lock circuitry, the security of the program is further enhanced.
- Appendix A Attached hereto as Appendix A is the "SST89C58 Data Sheet" which is to be considered an integral part of this specification.
Abstract
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP99942170A EP1031072A1 (en) | 1998-08-14 | 1999-08-13 | Microcontroller having allocation circuitry to selectively allocate and/or hide portions of a program memory address space |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/134,242 | 1998-08-14 | ||
US09/135,410 US6505279B1 (en) | 1998-08-14 | 1998-08-14 | Microcontroller system having security circuitry to selectively lock portions of a program memory address space |
US09/135,410 | 1998-08-14 | ||
US09/134,242 US6339815B1 (en) | 1998-08-14 | 1998-08-14 | Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2000010074A1 true WO2000010074A1 (en) | 2000-02-24 |
Family
ID=26832105
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1999/018443 WO2000010074A1 (en) | 1998-08-14 | 1999-08-13 | Microcontroller having allocation circuitry to selectively allocate and/or hide portions of a program memory address space |
Country Status (2)
Country | Link |
---|---|
EP (1) | EP1031072A1 (en) |
WO (1) | WO2000010074A1 (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5014191A (en) * | 1988-05-02 | 1991-05-07 | Padgaonkar Ajay J | Security for digital signal processor program memory |
US5251304A (en) * | 1990-09-28 | 1993-10-05 | Motorola, Inc. | Integrated circuit microcontroller with on-chip memory and external bus interface and programmable mechanism for securing the contents of on-chip memory |
US5737760A (en) * | 1995-10-06 | 1998-04-07 | Motorola Inc. | Microcontroller with security logic circuit which prevents reading of internal memory by external program |
US5809544A (en) * | 1995-10-06 | 1998-09-15 | Motorola, Inc. | Microcontroller which limits access to internal memory |
US5911778A (en) * | 1996-12-31 | 1999-06-15 | Sun Microsystems, Inc. | Processing system security |
US5954818A (en) * | 1997-02-03 | 1999-09-21 | Intel Corporation | Method of programming, erasing, and reading block lock-bits and a master lock-bit in a flash memory device |
-
1999
- 1999-08-13 WO PCT/US1999/018443 patent/WO2000010074A1/en not_active Application Discontinuation
- 1999-08-13 EP EP99942170A patent/EP1031072A1/en not_active Withdrawn
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5014191A (en) * | 1988-05-02 | 1991-05-07 | Padgaonkar Ajay J | Security for digital signal processor program memory |
US5251304A (en) * | 1990-09-28 | 1993-10-05 | Motorola, Inc. | Integrated circuit microcontroller with on-chip memory and external bus interface and programmable mechanism for securing the contents of on-chip memory |
US5737760A (en) * | 1995-10-06 | 1998-04-07 | Motorola Inc. | Microcontroller with security logic circuit which prevents reading of internal memory by external program |
US5809544A (en) * | 1995-10-06 | 1998-09-15 | Motorola, Inc. | Microcontroller which limits access to internal memory |
US5911778A (en) * | 1996-12-31 | 1999-06-15 | Sun Microsystems, Inc. | Processing system security |
US5954818A (en) * | 1997-02-03 | 1999-09-21 | Intel Corporation | Method of programming, erasing, and reading block lock-bits and a master lock-bit in a flash memory device |
Also Published As
Publication number | Publication date |
---|---|
EP1031072A1 (en) | 2000-08-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6339815B1 (en) | Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space | |
US6505279B1 (en) | Microcontroller system having security circuitry to selectively lock portions of a program memory address space | |
JP2727520B2 (en) | Memory card and operating method thereof | |
US6976136B2 (en) | Flash memory protection scheme for secured shared BIOS implementation in personal computers with an embedded controller | |
EP0851358B1 (en) | Processing system security | |
US7493484B2 (en) | Method and apparatus for executing the boot code of embedded systems | |
US5210854A (en) | System for updating program stored in eeprom by storing new version into new location and updating second transfer vector to contain starting address of new version | |
US5327531A (en) | Data processing system including corrupt flash ROM recovery | |
JP6306578B2 (en) | Memory protection device and protection method | |
US5293610A (en) | Memory system having two-level security system for enhanced protection against unauthorized access | |
US6453397B1 (en) | Single chip microcomputer internally including a flash memory | |
US7165137B2 (en) | System and method for booting from a non-volatile application and file storage device | |
US6292874B1 (en) | Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges | |
US7979630B2 (en) | Data protection for non-volatile semiconductor memory block using block protection flags | |
JPH05173890A (en) | Data protecting microprocessor circuit for portable data carrier | |
KR20050113659A (en) | Universal memory device having a profile storage unit | |
US8417902B2 (en) | One-time-programmable memory emulation | |
US5721877A (en) | Method and apparatus for limiting access to nonvolatile memory device | |
US9542113B2 (en) | Apparatuses for securing program code stored in a non-volatile memory | |
CN110968254A (en) | Partition protection method and device for nonvolatile memory | |
JPH01219982A (en) | Ic card | |
US20060080497A1 (en) | Program-controlled unit | |
US20040186947A1 (en) | Access control system for nonvolatile memory | |
KR930004944B1 (en) | Memory system | |
EP1031072A1 (en) | Microcontroller having allocation circuitry to selectively allocate and/or hide portions of a program memory address space |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CA JP |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1999942170 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1999942170 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1999942170 Country of ref document: EP |