The present invention relates in general to the technical field of electronic components, in particular microelectronic components.
Specifically, the present invention relates to an electronic memory component or memory module, having at least one memory cell area in which physical states representing regular data are mapped by means of at least one mapping function that describes at least one error correction code, for example at least one Hamming code.
Specifically, the present invention furthermore relates to a method of operating at least one electronic memory component or memory module of the abovementioned type.
Electronic memory components, such as, for example,
E[rasable]P[rogrammable]R[ead]O[nly]M[emories],
E[lectrically]E[rasable]P[rogrammable]R[ead]O[nly]M[emories],
Flash memories,
R[ead]O[nly]M[emories] or
R[andom]A[ccess]M[emories],
allow the programming and writing and/or reading of digital data of the form “1” and “0”, which are often referred to as the written and erased state (bit), respectively. Occasionally, these data may be read erroneously due to wear, external influences or other causes.
This erroneous reading of the data may be counteracted for example by the use of an error correction code, in which the information is stored redundantly on the physical medium and an algorithm searches the data for errors while said data is being read in.
Typically, algorithms are used which can detect and/or correct one or more erroneous bits in a memory block of for example eight logic bits (which then correspond to more than eight physical bits). The correspondence between the physically stored bits P (=physical representation) of a memory block and the logically read bits K (=user representation) of the memory block is referred to as the mapping function A of the error correction code.
A Hamming code is fundamentally an error correction code in which the difference in bit structure from character to character is particularly great, in order to maximize the probability of complete correction of the character in the event of erroneous data transmission. Using the Hamming code, in which check locations can be obtained from various parity checks, it is fundamentally possible to construct codes for correcting more than one error. In the Hamming code, only some of the information locations in the code word or data word are supplemented to give even parity.
However, the algorithm used for error correction can in practice, for reasons of efficiency and cost, never detect all errors that are possible in principle; rather, it is still limited to detecting and possibly correcting relatively few bits per memory block. This conventional error-tolerant encoding of data is not always sufficient in security-critical applications, particularly when some characteristic error patterns in the bits occur much more frequently than other error patterns or can be generated deliberately by external manipulation.
Therefore, for example when encoding the counter for the money entered on a prepaid money card, care must always be taken to ensure that the physically stable state, that is to say the state in which the data memory could tilt as a result of physical processes after a number of years, corresponds to an empty account status so that the prepaid money card cannot be recharged with more money in an unauthorized manner.
In the prior art, it is also not easy to distinguish unwritten memory blocks from memory blocks that have already been written to once before. This represents a potential security risk, for example in the smart card sector.
On the basis of the above-described disadvantages and shortcomings, and in acknowledgement of the outlined prior art, it is an object of the invention to develop an electronic memory component or memory module of the type mentioned in the introduction, and a method, also of the type mentioned in the introduction, that is associated with this electronic memory component or memory module, such that on the one hand the error detection probability is considerably increased and on the other hand unwritten memory blocks can be reliably distinguished from memory blocks that have already been written to once before.
This object is achieved by an electronic memory component or memory module having the features indicated in claim 1 and by a method having the features indicated in claim 11. Advantageous arrangements and expedient developments of the present invention are characterized in the respective subclaims.
In accordance with the teaching of the present invention, a completely new approach to a microelectronic memory module (microelectronic memory component) with redundant data encoding for detecting and/or labeling invalid states, or states that are special in some other way, is hereby disclosed.
For this purpose, the mapping function that describes the error correction code, for example a Hamming code (=error correction code by means of which one erroneous bit within a data block can be corrected→what is known as single-error correction), has at least the specific property that, in addition to the mapping of all “normal” physical states representing the regular data, there is also in the memory at least one further physical state which represents an exceptional or special state and which can in any case be detected on the basis of its bit pattern, independently of whether only limited error detection or error correction is possible for the “normal” states, that is to say for the regular data, or of whether the error detection or error correction for the “normal” states is not limited.
This further physical state (or these further physical states) is (are) expediently selected such that unavoidable physical limitations of the memory medium are taken into account; thus, for example, in an EEPROM the state in which the memory cell transistors of any one bit are switched off and only leakage currents flow can be defined as a specific exceptional or special state. The implementation of the error correction code and the possible reactions to the various states can be effected in hardware or in software.
Using the above-described measures, it is possible for example to label a memory block as not yet written, by defining this state as a specific exceptional or special state in the error correction code. In the example of a prepaid money card, the physically stable state (which could be set after a number of years if no countermeasures are taken) may be defined as “unwritten”.
In accordance with a preferred arrangement of the present invention, additionally all further physical states which can be generated in a relatively simple manner by manipulation of the memory, such as, for example, by irradiation with electromagnetic particles or waves, can be characterized as exceptional or special states in the error correction code. These states can then be detected unambiguously by the software and/or by the hardware of the prepaid money card, so that manipulations of the memory can be counteracted.
Security-related data or features of a chip can also be protected by means of essentially the same method, for example by said area being designed such that in normal operation no exceptional or special states can occur, but on the other hand for example the erasure of a memory block in this area generates an exceptional or special state.
This exceptional or special state in a security-related memory region which is preferably embedded in at least one doped receiving substrate can then be detected, and thus appropriate measures, such as a “hardware exception” or mode changes, can be performed by the controlling C[entral]P[rocessing]U[nit] in order to ensure the security of the entire memory content and chip. In a particularly advantageous manner, EEPROM fuses (for example configuration and trim values), which inter alia define the degree of locking of a smart card chip, can be protected using this technique.
In the context of the present invention, it is perfectly possible to deliberately write the memory blocks with an exceptional or special state, for example in order to label them as unwritten or, as in the case of the EEPROM, in order to quickly initialize a large number of blocks for the first time with “zero”. This has the advantage that the subsequent write operation takes only half the time, since preinitialization is no longer required. In such a case, for example two different states corresponding to zero then exist, namely the exceptional or special state “erased” and the actual data item “zero”; in the read operation these two “zeros” behave differently.
An error detection probability that is increased in accordance with the invention is also highly significant with regard to detecting and monitoring potential attacks on the memory component or memory module, since in particular memory components or memory modules in security-related applications, such as chip cards, smart card controllers or the like, are frequently the target of various possible attacks.
Whereas in this connection “pure” security-related data can be protected and checked in a simple manner using (software) algorithms, protection and checking by means of (software) algorithms is not practical for executable program code, particularly in view of the sensitivity of executable program code with respect to modifications; even for any operating parameters or the like which may have been stored in the memory cell area, a software-based solution is not appropriate.
In principle, various attacks are conceivable which alter the content of the memory (or memory cell area) or manipulate the read operation in such a way that altered data or incorrect program commands are read. In order to increase the service life of memory components or memory modules, an error correction circuit is often used which makes it possible, for example, to detect and correct one-bit errors. Such an error correction circuit is also used, in a modified form, to detect a range of possible attacks, and this allows a reaction, for instance a deactivation, of the chip.
One possible attack is the illumination of the memory component or memory module by means of electromagnetic waves, in particular by means of light. As a countermeasure, for example, light sensors are integrated on the chip and the sensitive parts of the circuit, along with the memory cell area, are covered to the largest possible extent with metal, in order to prevent the illumination from having any effect. Additional bits which may be used explicitly as sensor, or read accesses performed at intervals without selection of a byte, are also conceivable.
The covering with metal does not prevent the memory component or memory module from being illuminated with light of a suitable wavelength through the substrate, that is to say “from behind”. It is also conceivable that at high intensity the metal covering is no longer sufficient. Light sensors cover only parts of the chip surface; local illumination may thus possibly not be determined at all.
Additional bits considerably increase the surface area of the memory matrix or memory cell area, without increasing the local sensitivity compared with the particularly inventive development presented below. Additional read accesses may also detect attacks on individual bits, but are more unreliable in the case of disturbances varying over time due to the sequential performance of the two read accesses and double memory access time.
Accordingly, the present invention further relates to an error correction circuit provided for the additional “life-long” detection of possible attacks on the memory component or memory module (→“local in-time validation” by means of the error correction code, in particular by means of the Hamming code, in accordance with the present invention), implemented or integrated in at least one electronic memory component or memory module of the type mentioned above and/or operating in accordance with the method of the type mentioned above.
Since most potential attacks on memory components or memory modules cannot be focused at will, it is assumed, particularly on account of the small size of the memory cell area and on account of the metal covering which may lead to scattering of the disturbances, that possibly at least one entire byte is affected. If, expediently, it is ensured that all bits of a byte are placed very close next to one another, then, by expanding or modifying the error correction circuit, it can be made possible that relevant attacks are detected with very low expenditure.
Therefore, a Hamming code preferably selected as error correction code, which is intended to enable the correction of one-bit errors in memory cells, requires a Hamming distance of 3, that is to say that each valid code word or data word must differ from any other code word or data word in at least three bits (if two binary words of the same length, for example bytes, are compared with one another, then, in accordance with DIN 44300, the number of bits in which the two binary words of the same length differ from one another is what is referred to as the “Hamming distance”; this is used for error detection and error correction in that data units which have arrived via the transmission path are compared with valid characters; any necessary correction of the characters is effected in accordance with the probability principle).
A Hamming distance of 3 means that, for code words or data words having eight data bits, additionally at least four redundant bits are required (the data bits and the redundant bits together correspond, in a manner which is essential to the invention, to the physical states P, that is to say to the physical representation). In this connection, it is possible or expedient to select the Hamming code such that each valid twelve-bit code word or twelve-bit data word contains at least two set bits (=“1”: state “high”) and at least two erased bits (=“0”: state “low”).
Each valid twelve-bit code word or twelve-bit data word therefore has a minimum Hamming distance of 2 for special states in which all bits of a byte are set (=“1”) (what is known as the “all-1 state” in relation to a code word or data word) or in which all bits of a byte are erased (=“0”) (what is known as the “all-0 state” in relation to a code word or data word). Accordingly, data having one-bit errors can be unambiguously distinguished from these exceptional or special states which, according to the invention, are represented by the at least one further physical state and which in any case can be detected on the basis of their bit pattern.
When using an error correction code configured in such a way, it is possible for states in which all bits are set (=“1”) (what is known as the “all-1 state”) or in which all bits are erased (=“0”) (what is known as the “all-0 state”) to be interpreted as invalid states. The occurrence of such invalid states during reading of the data indicates an attack affecting the entire byte, such as, for example, an illumination of the memory cell or memory cell area or of the sense amplifiers, or else a completely erased (and not reprogrammed) memory cell.
According to a particularly advantageous development of the invention, it is possible to detect the exceptional or special states by means of at least one twelve-fold “and” operation (twelve-fold “and” gate, preferably having twelve inputs) or by means of at least one twelve-fold “nor” operation (twelve-fold “nor” gate, preferably having twelve inputs). In this connection care must be taken, when generating the error correction code, to ensure that the testability of the memory module or memory component according to the present invention is not negatively affected.
Since the testing also requires states in which all bits are set (=“1”) (what is known as the “all-1 state”) and in which all bits are erased (=“0”) (what is known as the “all-0 state”), a changeover which allows these states is required in the test mode. Expediently, an error correction code is proposed in the present case which correctly continues important bit patterns in the test mode and fulfills the above-described requirements in the normal mode.
Test mode: redundant bit 3=parity of the data bits 7,6,5,4,1
Normal mode: redundant bit 3=negated parity of the data bits 7,6,5,4,1
In summary, it can be ascertained that the above-disclosed expansion or modification of the error correction circuit for the additional detection of possible attacks on the memory component or memory module combines a number of advantages, for instance
high local sensitivity (one byte);
correction of one-bit attacks (in the case of intact memory cells);
independence of the time response of the read and write operations;
no increase in access times,
sensitivity to all attacks which affect all bits of a byte in the same way;
no need to modify the memory matrix;
very low expenditure for the implementation of the detection of exceptional and special states; and
simple changeover between normal mode and test mode.
As regards the hardware configuration of the error correction circuit, the redundant bits computed or determined during regular programming (writing) may be physically stored in an inverted manner in the normal mode and in a noninverted manner in the test mode. Accordingly, in accordance with an advantageous development of the present error correction circuit, at least one computation unit intended for computing and/or determining redundant bits is provided, at least one multiplexing unit
to which inverted redundant bits can be applied in the normal mode and/or
to which noninverted redundant bits can be applied in the test mode being connected downstream of said computation unit.
This means that, during the programming or write operation, the additional necessary bits for the uncorrected user data corresponding to the user representation (=in reality the data bits) are initially expediently computed and/or determined by means of the computation unit provided for computing and/or determining redundant bits.
These additional necessary bits are preferably
in the normal mode
in the test mode
and forwarded by the multiplexing unit as redundant bits.
After combining these redundant bits with the user data D, this combined data can be stored as physical data, that is to say can be physically stored.
In order now to detect the exceptional or special state in the error correction code within the context of the read operation, with regard to the hardware there may be provided, in a manner essential to the invention,
at least one twelve-fold “and” gate to which the data bits and the redundant bits can be applied
[→interpretation of states in which all bits are set (=“1”) (what is known as the “all-1 state”) as invalid states] and/or
at least one twelve-fold “nor” gate to which the data bits and the redundant bits can be applied
[→interpretation of states in which all bits are erased (=“0”) (what is known as the “all-0 state”) as invalid states].
According to an advantageous development of the present error correction circuit
the redundant bits which are nonnegated in the test mode and/or
the redundant bits which are negated in the normal mode (for this purpose at least one inverter unit I may expediently be connected upstream of that input of the multiplexing unit which is provided for the normal mode) may be switched through by at least one multiplexing unit, to which the redundant bits can be applied, to at least one correction unit which is connected downstream of the multiplexing unit.
Preferably, the correction unit computes or determines the expected redundant bits from the data bits and compares said expected redundant bits, which are independent of the (test or normal) mode, with the redundant bits which have been switched through by the multiplexing unit, said redundant bits being nonnegated in the test mode and negated in the normal mode. From this comparison, as is customary in the case of Hamming codes, any incorrect bit can be directly ascertained, and this enables direct correction by the correction unit.
The present invention furthermore relates to the use of at least one electronic memory component or memory module of the abovementioned type in order to detect and/or label invalid physical states or physical states that are special in some other way.
The present invention finally relates to the use of the method of the abovementioned type in order to implement at least one additional safety feature in at least one smart card, in particular in at least one smart card controller unit.
As explained above, there are various possibilities for advantageously configuring and developing the teaching of the present invention. For this purpose, on the one hand reference is made to the claims that are dependant on claim 1 and claim 11; on the other hand, further arrangements, features and advantages of the present invention will be explained in more detail below with reference to the example of embodiment illustrated in FIGS. 2 to 4B.
In the Figures:
Identical or similar arrangements, elements or features bear the same references in FIGS. 1 to 4B.
As shown in
The implementation as shown in
As an alternative or in addition to this, the implementation as shown in
In summary, in relation to the method as shown in
The example of embodiment, shown in
Assigned to this memory cell (matrix) 10 are two external sources 12a, 12b, a central bit line 14, a word line 16 arranged between bit line 14 and first source 12a or second source 12b, and a control gate 18 located between bit line 14 and word line.
In the memory module 100 shown, a high voltage is required to program or erase. In this connection, in order to keep the maximum voltage that has to be handled as low as possible, the programming voltage is divided into a positive fraction and a negative fraction. This leads to the situation where the p-doped receiving substrate 20, in which the memory cells 10 are formed, can also be connected to a negative potential.
Since a potential illumination attack on the memory component or memory module 100 cannot be focused at will, it is assumed, particularly on account of the small size of the memory cell area (=memory cell matrix 10), that at least one entire byte is affected by such a light attack. If, then, it is ensured that all bits of a byte are placed very close next to one another, the error correction circuit 200 can be used to detect a corresponding illumination attack with relatively low expenditure.
Therefore, the Hamming code selected as error correction code, which enables the correction of one-bit errors in the memory cell area 10, requires a Hamming distance of 3, that is to say that each valid code word or data word differs from any other code word or data word in at least three bits. A Hamming distance of 3 means that, for eight-bit code words or eight-bit data words D (D0, D1, D2, D3, D4, D5, D6, D7), additionally at least four redundant bits R (R0, R1, R2, R3) are required.
In this connection, the Hamming code in the example of embodiment shown in
Therefore, each valid twelve-bit code word or twelve-bit data word has a minimum Hamming distance of 2 for special states in which all bits of a byte are set (=“1”) (what is known as the “all-1 state” Z1; cf.
When using the error correction code shown in
In the example of embodiment of the error correction circuit 200 shown in
Specifically, the twelve-fold “and” operation is implemented in the form of a twelve-fold “and” gate G1 which has twelve inputs, namely four inputs for the four redundant bits R (R0, R1, R2, R3) and eight inputs for the eight data bits D (D0, D1, D2, D3, D4, D5, D6, D7). Similarly, the twelve-fold “no” operation is implemented in the form of a twelve-fold “nor” gate GO which likewise has twelve inputs, namely four inputs for the four redundant bits R (R0, R1, R2, R3) and eight inputs for the eight data bits D (D0, D1, D2, D3, D4, D5, D6, D7).
In this connection, from the representation shown in
With respect to the example of an embodiment shown in
Since the testing (⇄test mode T in a test unit or multiplexing unit M; cf.
Test mode T:
redundant bit R3=parity of the fifth data bit D7, D6, D5, D4, D1
redundant bit R2=parity of the fifth data bit D7, D6, D3, D2, D0
redundant bit R1=parity of the fifth data bit D7, D5, D4, D3, D0
redundant bit R0=parity of the fifth data bit D6, D4, D3, D2, D1
Normal mode N:
redundant bit R3=negated parity of the fifth data bit D7, D6, D5, D4, D1
redundant bit R2=negated parity of the fifth data bit D7, D6, D3, D2, D0
redundant bit R1=negated parity of the fifth data bit D7, D5, D4, D3, D0
redundant bit R0=negated parity of the fifth data bit D6, D4, D3, D2, D1
Using the microelectronic memory module 100 (cf.
In the representation shown in
These additional necessary bits, led via a first data bus B1 of width 4, are
in the normal mode N
in the test mode T
After combining these redundant bits R with the user data D, which is led via a second data bus B2 of width 8, this combined data is stored as physical data P.
During the read operation L shown in
in the test mode T the nonnegated redundant bits and
in the normal mode the negated redundant bits through to the correction unit U (cf.
directly in the test mode T and
in an “inverted-back” manner in the normal mode N by the multiplexing unit M to the correction unit U.
In other words, this means that in the context of the read operation L the inverting by means of the inverter unit I and the multiplexing unit M is reversed; the correction unit U, which consequently “knows” nothing of the test mode T and normal mode N, computes and/or determines the expected redundant bits (as in the case of the write operation; cf.
As a result, (error-)corrected data K which is available to the user, that is to say the logically read bits (=user representation; cf.
100 electronic memory component or memory module, in particular microelectronic memory component or memory module
10 memory cell area or memory cell matrix
12
a first source
12
b second source
14 bitline
16 wordline
18 control gate
20 receiving substrate
200 error correction circuit
A mapping function of an error correction code
B1 first data bus, in particular with bus width 4, for the programming or write operation S
B2 second data bus, in particular with bus width 8, for the programming or write operation S
B1′ first data bus, in particular with bus width 4, for the read operation L
B2′ second data bus, in particular with bus width 8, for the read operation L
C computation unit, in particular for computing and/or determining redundant bits
D eight data bits, namely D0 zero data bit
EN input of the multiplexing unit M provided for the normal mode N
ET input of the multiplexing unit M provided for the test mode T
G0 twelve-fold “nor” gate
G1 twelve-fold “and” gate
I inverter unit
K user representation, in particular corrected data, namely corrected bits or logically read bits
L read operation: signal to user (second exceptional or special state)
M multiplexing unit
N normal mode
P physical representation: physical bits or physically stored bits
R four redundant bits, namely R0 zero redundant bit
S programming or write operation by the user (first exceptional or special state)
T test mode
U correction unit
Z0 all-0 state, that is to say all bits of a byte are erased (=“0”)
Z1 all-1 state, that is to say all bits of a byte are set (=“1”)
Number | Date | Country | Kind |
---|---|---|---|
102 54 342.0 | Nov 2002 | DE | national |
03100721.4 | Mar 2003 | EP | regional |
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/IB03/05106 | 11/10/2002 | WO | 5/18/2005 |