Semiconductor storage device

 

(57) Abstract:

The invention relates to a semiconductor memory device with multiple memory cells and is used mainly in the cards with an embedded microchip, such as card ID, credit cards, payment cards and other Technical result is to protect against unauthorized access to data stored in memory cells of the device. The device consists of a set of memory cells, the control circuit bit lines, the control circuit by a line of words, the control circuit allowing bit lines, the comparison circuit and the microprocessor. 2 C. and 8 C.p. f-crystals, 7 Il.

The invention relates to a semiconductor memory device with multiple memory cells arranged on the semiconductor substrate at the intersections of bit lines and lines of words and which are managed for programming content data by the control circuit lines of words and the control circuit bit lines.

This semiconductor memory device finds mainly used in the so-called cards with an embedded microchip, i.e. maps-identity, kreditavtal these cards can provide a microprocessor hard-saved by the operating system, which assumes fundamental functions such as the procedure for comparing the externally defined code with the stored code, and the like. Given in compliance with the microprocessor of the storage device inside the map in addition to storing the operating system are used to remember specific applications and settings that are required, for example, security checks and in any case must be kept secret. This card with an embedded microchip can be used for different applications, if the manufacture provide for the appropriate operating system with the appropriate software, if provided certain appropriate interfaces and reserve a storage device or area of the storage device to one or more external user programs.

Thus, the card manufacturer may provide for a user card with an embedded microchip storage device or area of the storage device for programming an external user. The user program can be installed, for example, special operations that are performed independently of the operating system Jenia card with an embedded microchip may be, additionally, there are that many different users can independently from each other to remember their respective programs in a card with an embedded microchip.

In any case, as in all critical from a security perspective, data processing systems, which serve, for example, to handle confidential or having a monetary value data should be provided with special protection against manipulation of data or unauthorized access to data. Therefore, you should ensure that essential for the safety data, which is an integral part of the operating system or a separate user programs, protected from unauthorized access. In the credit card, such as card with an embedded microchip that contains an integrated circuit with a nonvolatile memory (e.g., electrically erasable programmable read-only memory or ROM), and a microprocessor for protection against manipulations you want saved in non-volatile memory device, the user program could not have uncontrolled access to other user programs or subroutines of the operating system, which is also pending in energy is protection to control access to a storage device, which is known, for example, from DE 4115152 A1 or US 5452431.

In DE 4115152 A1 explained mainly three different events. In the first event in the scheme before executing the user program stored in EEPROM, the address at which starts the user program in the memory area stored in the two auxiliary registers. During execution of the program continuously compare the actual value on the address bus with the first auxiliary register and the counter value of the program with the second auxiliary register. From the first comparison determines whether the active user program. From the second comparison conclude whether the work is just in the address field, allowed for a user. For the case that the user is active and works in unauthorized areas, the microprocessor is called a reset signal in the initial state. This measure has the disadvantage that the circuit requires additional auxiliary registers and Comparators for n bits, and n represents the width of the address bus. In the case of the second event is proposed to control the counter programs and the value on the address bus through the PPRs is to and in the case of the first event, is called a reset signal in the initial state, if the user has access to unauthorized address area. This scheme has the disadvantage that it requires additional processor with the storage device. In the case of a third party or, respectively, of each scheme separately protected memory area has a different address bits of the highest significance (bits select the block). Before executing stored in one block programmable ROM user bits select the block remember in the auxiliary register. During program execution the actual address bits of the highest importance to continuously remember the second auxiliary register and compared with the first auxiliary register.

At various contents of the auxiliary registers it turns out that the active user program in a bad way addresses a different area of the program memory. Because this is the signal reset to the initial state. This scheme has the disadvantage that a small number of bits (e.g., two bits) may only be rigidly uniform, relatively coarse separation units (for example, a quarter of the entire memory). In addition, external Popescu program memory determines thus the size of the block for other external programs, so the memory usage is generally disadvantageous.

US 5452431 shows a protection circuit for controlling memory access, in particular for use in cards with an embedded microchip, in which all memory electrically erasable programmable read-only memory is divided into a reference region ZR ("Repertory Region") and the user ZA ("Application Region"), as well as public area ZP (Public Region"). Management of various memory ZR, ZA and ZP is separately through the address control circuit in such a way that certain address area give in accordance to the individual memory areas, i.e. define rigid boundaries of addresses. Commands for recording, reading and erasing of the corresponding areas of the memory in a given part to be blocked or be resolved through the address control circuit. The disadvantage of this scheme lies in the fact that the shared memory is installed in the manufacture of electrically erasable programmable read-only memory and cannot be changed by the user.

From EP-A-0129054 known semiconductor memory device, the appropriate restrictive part of paragraph 1 of the claims, which has on one line of the four words "functional is or erase.

The basis of the present invention therefore have the task of specifying the schema that simple measures, ensures that the external program can be accessed only in the areas of memory that are explicitly allowed to access, and at the same time allows flexible partitioning of allowed memory areas for different uses.

This task according to the invention is solved by a storage device referred to in paragraph 1 of the claims.

According to the invention provides that the storage cells of a line of words given in compliance with resolution along bit lines and controlled by means located and managed separately and independently from the control circuit bit line control circuit allowing bit lines allow memory cells to which to unlock the storage cells of a certain line of words is served to allow the value.

The scheme according to the invention is based on the special layout of the semiconductor memory device, which allows easy control of access to memory and at the same time flexible shared memory or, respectively, memory for various applications. Along with regulate the positioning of the assigned memory locations in the address space of the user programs, so ensured optimal use of limited available supply of memory, in particular, in the cards with an embedded microchip. At the same time, the invention allows relatively small additional circuit-technical cost reliable protection against unauthorized manipulation of data or unauthorised access to data, along with a control program memory can also be made in the control data memory.

Underlying the principle of the invention is an extension of the lines of words of programmable semiconductor memory device m bits, which do not lie in the normal address space and which contain information about access rights to the data stored in the normal bit lines words (page = page). When the number m of bits to allow memory cells separately from each other can run 2mapplications, i.e. areas of programs or data.

In one preferred form the further implementation of the invention can be provided that are located along the intersection of bit lines and lines of words of the memory cells located along the intersection of the lines is the your provided in the control circuit lines word driver circuit lines of words. This further for addressing as storage cells, and allow storage cells are provided with a common decoding scheme addresses.

The invention thus relates to a special structured storage device, i.e. to the so-called standard storage device, which along with normal cells from the side of the manufacturer's specified storage cell, designated in this case as permissive cells, and allow memory cells connected with the rest of the drivers line of words; the drivers of lines, words, and address decoders, thus, provided jointly for normal cells and permitting the cells, due to what turns out significant space saving. Various control normal and permissive cells is only through different bit lines.

In another preferred form of execution of the invention can be provided that is provided by microprocessor circuit for programming an operating system and at least one user program, and the microprocessor circuit when calling or, respectively, the execution of the program initialization issues managing th the user program memory area of the semiconductor memory device. Allow cells are additionally provided for allowing bit lines are addressed not in the normal way, and using the schema initialization. This initialization can be done in such a way that it is possible only once when loading the operating system and then the lesson more permissive cells allow a bit more is not volatile. In the case of one additional permitting bits per page), i.e. m = 1, can be divided two memory regions, for example, for two different user programs. The number of pages, which takes one user program can be chosen arbitrarily. Similarly, the placement of the user programs in the entire region of memory can be installed flexibly, and can also be undertaken separation of memory areas with an attachment at each other.

A preferred form of execution of the invention follow from the dependent claims.

Further characteristics, advantages and expedient forms of execution of the invention follow from the description of examples of implementation with the help of the attached drawings on which is shown:

Figure 1A is a schematic representation of the electron is about the principle of the invention;

Figure 1B is a simplified block representation is presented in figure 1A of the semiconductor storage device according to the invention;

Figure 2 is a schematic representation of a circuit according to one exemplary embodiment of the invention;

Figure 3 is a schematic representation of a circuit according to another exemplary embodiment of the invention;

Figure 4 schematic representation of a circuit according to another exemplary embodiment of the invention;

Figure 5 is a schematic representation of a circuit according to another exemplary embodiment of the invention;

Figure 6 schematic representation of a circuit according to another exemplary embodiment of the invention, and

Figure 7 is a schematic representation of a circuit according to another exemplary embodiment of the invention.

Figure 1 shows the construction of an electrically controllable permanent storage device 1 (electrically erasable programmable ROM = EEPROM), the advantage of which, as you know, is that the integrated circuit is erasable programmable and again, without having to remove it from the user equipment, and that each individual byte of the storage device can repeatedly be washed separately and fit. Tis what Estrada and the galvanically isolated intermediate electrode, which acts as the storage charge. The principle of such permanent storage devices is generally known and need not be explained here in more detail. Normal memory cells 3 of the semiconductor storage device 1 are located on the semiconductor substrate in large numbers at the intersections of bit lines BL and lines of words WL and are managed affordable professional manner by a control circuit lines, words 4 and the control circuit bit lines 5. Provided by the address bus 6 and the data bus 7, are transferred address or data between different parts of the schema.

To facilitate the transfer of addresses and data transfer is shown only on one line, although in reality there are many lines, for example, 16 lines. The bus system may also consist of one line, and in this case, addresses and data are analysed using a temporary seal.

In Fig. 1A presents only four lines of words WL0-WL3 and only four bit lines BL0-BL3, as a rule, a large number of lines, words and bit lines.

Position 8 schematically denotes an address decoder, konstruksiyon protection scheme is based on a special arrangement or accordingly, the design of the storage device 1 according to figure 1A and figure 1B, which allows simple control of memory access and flexible division of the storage device 1 in various applications. Underlying the principle of the invention is an extension lines of words of storage devices on m bits, which do not lie in the normal address space and which contain information about access rights to the data stored in the normal bit lines words (pages or pages).

For this there are m additional bit lines 9 and 10, in the following denoted as allowing bit line and can be controlled via the control circuit allowing bit lines 11 independently of the (normal) control circuit bit lines 5. At the intersection (normal) lines of words WL0-WL3 and additionally provided for allowing bit lines 9 and 10 are provided to allow the storage cell 12, which by design and principle of operation may not differ from the normal memory cells 3 and therefore can be manufactured together with the normal memory cells 3. To allow memory cells temporarily or permanently UCLA the normal memory cells 3 one or many specific lines of words WL0-WL3.

Figure 2 shows the first exemplary embodiment of the invention, which provides only one resolution, bit line 13 to allow the storage cells 14, i.e. m = 1. The data allow the memory cells 14 of the first resolution bit line 13 cannot be addressed as in (normal) memory cells 3, and are provided in the control circuit allowing bit lines 11 schema initialization, which is not presented in detail on the figures. The implementation of the initialization provided only once and only when loading the operating system. After that the employment of additional permissive bits (one bit per page or page) no longer changes. When single-bit per page (m = 1) can be selected separately from each other two memory regions 15 and 16, for example, for two different user programs. Number of pages (pages), which takes the program, when this is chosen arbitrarily. Likewise flexible is the placement of user programs throughout the area of memory, and they can be divided into nested one into another area of memory. The memory 15, for example, is assigned by writing a logical zero in sootvetstvuyuschego value unit.

Semiconductor memory device mapped (assigned) to the microprocessor 17, which are caused by or are the operating system and user program, which, through the address bus 6 and the data bus 7 is connected with further storage devices and registers, for example a memory with random access, continuous memory or electrically erasable programmable read-only memory, which are indicated for simplicity, the same reference position 18.

Working in the microprocessor 17, the operating system has the highest level of the hierarchy, the user's program as compared with it are subordinate. When calling a user program by the microprocessor 17 starts the control signal, which lies on the line 19. This operation can only be invoked by the operating system. Thus, the user program can be active only in the assigned area of memory.

The control signal of the microprocessor 17 points thus whether the active user program. Without additional auxiliary register this control signal is compared in a simple way with extrabits resolution line 13. For this purpose, provided the interstitial memorizing the entire address or part thereof is not required. If the user is active and has access to unauthorized memory in the microprocessor 17 is called the signal reset on line 22. However, it is also possible not to return control signal to the microprocessor to its original state, and to cause another action.

Figure 3 shows a second exemplary embodiment of the invention, compared with the first implementation in generalized form provided by m allowing bit lines 13. As in the first exemplary embodiment, m additional bits per line words WL0-WL3 are not normally addressable, and are set through the circuit initialization. The initialization scheme for the additional bits allow bit lines may, for example, be integrated within the control circuit allowing bit lines 11 (see figure 1A). Initialize this again can be done so that it is possible only once when loading the operating system and after classes allow storage cells more permissive bit lines can no longer be changed.

When the number m of resolving bit lines separately can be shared for user programs which I arbitrarily and also can be installed flexibly placement of user programs in the entire memory area, in particular, also divided into nested one into another area of memory. The operating system also has a high degree of hierarchy, the user's program are subordinate in comparison to it. When calling a user program on line 23 calls the group of control signals or, respectively, the vector of the control signal, which may cause the operation only by the operating system. Thus, the corresponding user program can be active only in the assigned area of memory.

The vector control signal from the microprocessor 17 then indicates which of the 2mpossible applications are active. Before the start of the corresponding application is launched assigned m-bit - value of Y. the Value of Y at each memory access compared to the actual additional content allow bits X through the comparison circuit 24. When the inequality of the values at the inputs of the comparison circuit 24, i.e., if Y is not equal to X, that is, unauthorized access, and in response to this comparison circuit produces an output signal, postepowania of the invention, which is compared with the second example of extended storage device 26, the so-called mass storage device permission tables. Again m additional bits allow the line of words WL0-WL3 are not addressable in the normal way, and are determined by the schema initialization. In addition, the occupation of additional storage device permission tables 26 is set in the initialization phase.

The initialization scheme to allow additional bits may again be executed integrated within the control circuit allowing bit lines 11 (see figure 1A). Initialization may be performed so that it is possible only once when loading the operating system. After this lesson, allow additional bits and storage device table access rights can no longer be changed.

When m additional bits allow separately can be shared again 2mareas of programs, and number of pages (pages that are engaged in the program, can be chosen arbitrarily, and placement programs in the entire memory space is flexible, and again is vosmoy, the user's program are subordinate.

When calling a user program is invoked by the control signal, in the third exemplary embodiment according to figure 4 again, the group of control signals or, respectively, the vector of the control signal. This operation can be invoked only by the operating system, so the corresponding user program can be active only in the assigned memory area. The vector control signal from the microprocessor 17 this again shows how out of a maximum possible 2mapplication is active. Before you start the application runs given in compliance with the application of the m-bit value of y is decode in the permissions table storage device permission tables 26, which may be a separate storage device, of course, with a smaller number of cells.

Assigned to the appropriate use of Y k parameters R1, ... , Rk are compared by the comparison circuit 24 with relevant additional content allow bits of X. If for all Ri is true that Ri is not equal to X, that is unauthorized access. In response to this comparison circuit produces the output of the STV permission tables 26 allows any establishing mutual rights of access applications. Thus, it is possible that the use of A can have access to application B, but not, for example, the use of B - to use A.

When calling a user program through the operating system should be provided that protects the data control signals of the CPU run time if we start the application and when leaving the application again erased. This may occur, for example, as follows: if the operating system runs the control signals before entering the user program, then the transition is marked as part of the user program. Similarly, the microprocessor 17 can automatically recognize a command to transition into the field of user and run the appropriate control signals.

Figure 5 shows a further exemplary embodiment of the invention, which allows the establishment of rights of action of the user programs, in particular, regarding the recording, reading and erasing. For this purpose, the semiconductor memory device includes n number of additional permissive bit lines 13A to establish the possible actions, and is also connected by line 30 with n additional permitting and initialization for the account of the relevant installation permitting storage cells more permissive bit lines 13A install, what action, i.e. reading, writing or erasing can be performed by the user in the corresponding assigned memory area. Upon breach by the user of the status of action that indicated or specified laying on line 27 signal status of the actions due to the control signal generated by the comparison circuit 28 on line 29 may be caused, for example, the return of the microprocessor 17 to its original state.

Figure 6 shows a further exemplary embodiment of the invention, which are explained according to figure 4 the permissions table 26 completed integrated particularly simple circuit-technical way directly to allow memory cells of the set k permissive bit lines 13 (k is equal to or less than m).

As presented in the figure 7 example run combined the preferred characteristics of the example of execution according to figure 5 and figure 6.

Due corresponding to the invention of the scheme along with the establishment of rights of access to areas of the program code can, in addition, also to regulate access to memory data.

1. Semiconductor storage device with lots of sapajou and intended for programming data by the control circuit lines words (4) and the control circuit bit lines (5), moreover, memory cells (3) correspond to the resolution along bit lines (9, 10, 13) and are controlled by a control circuit allowing bit lines (11) allow the storage cells (12, 14), on which to unlock the storage cells (3) on the appropriate line of words (WL0-WL3) serves to allow the value, and there are many m allowing bit lines (9, 10, 13) intended for freely chosen employment manymareas of the programmes of memory cells (3) devices, characterized in that it further comprises a comparison circuit (24), one input (X) which is connected to allow bit lines (9, 10, 13), a different input (Y) which is designed to supply the control signal (23) from the microprocessor (17), and the comparison circuit (24) produces the output signal (25) when the inequality of the values on its inputs.

2. The device under item 1, characterized in that it further comprises a storage device permission tables (26) designed to establish access rights mareas of the programmes of memory cells.

3. The device according to p. 2, characterized in that the permissions table is made integrated permitting zapomina is seesa fact, which is located along the intersection of bit lines and lines of words of the memory cells (3) and along the intersections of the lines of words and allow bit lines (9, 10, 13) allow storage cells (12, 14) is arranged to control, jointly by means provided in the control circuit lines words (4) your schema.

5. Device according to any one of paragraphs.1-4, characterized in that it contains the address decoder designed for addressing memory cells (3) and allow storage cells (12, 14).

6. Device according to any one of paragraphs.1-5, characterized in that the control scheme allowing bit lines (11) contains the schema initialization, intended to establish the permissive values to allow the bit lines (9, 10, 13) designed to allow unlocking of memory cells (12,14).

7. Device according to any one of paragraphs.1-6, characterized in that the microprocessor (17) is designed to run the operating system programs and at least one user, and when you call or when the program is initialized, the microprocessor issues a control signal to the control circuit allowing bit lines (11), pore what about the storage device.

8. Device according to any one of paragraphs.1-7, characterized in that when calling or executing a user control signal from the microprocessor (17) is applied to the comparison circuit (24) for one or more control lines (19, 23), and the input of the comparison circuit (24) is connected with a resolution of bit line, and produced in the comparison circuit (24) control signal (25) is issued to the microprocessor provided access violation or breach of the functions read, write, or erase.

9. Device according to any one of paragraphs.1-8, characterized in that it additionally contains many n allow bit lines used to carry out the functions read, write, or erase.

10. Card with an embedded microchip, characterized in that it contains a semiconductor storage device according to any one of paragraphs.1-9.

 

Same patents:

The invention relates to a synchronous dynamic memory with random access

The invention relates to videooperation storage devices and can be used as a dual port memory

Storage device // 2101785
The invention relates to electronics and is intended for use in a synchronous random access memory devices

The invention relates to a semiconductor device crash survivable memory and method of programming, more precisely to erasable and electrically programmable read-only memory having a cell in the form of structures AND IS NOT, and how, enabling optimized programming data using the above ROM

The invention relates to the field of computer engineering and can be used as a buffer storage device in the system of collecting and processing information

Programmer // 2078381
The invention relates to computing and can be used to control and record the information in field-programmable gate arrays, including permanent and reprogrammable storage device

The invention relates to programmable permanent storage devices such as electrically erasable ROM (EEPROM)

The invention relates to non-volatile memory and method of programming

The invention relates to a method of programming a memory device and enables the simultaneous control of threshold levels when performing a two-level or multi-level programming

FIELD: semiconductor memory devices.

SUBSTANCE: device has a lot of memory elements, each of which contains input and output areas, isolating film, channel area, shutter electrode, area for storing electric charges, device also contains large number of periphery circuits, containing reading amplifier, register for storing recorded data of memory elements, register, which preserves the flag, indicating end of record during its check, and circuit, which after recording operation compares value, read from memory cell, to value, fixed by flag at the end of record, and overwrites value indicated by the flag.

EFFECT: higher reliability of operation.

5 cl, 71 dwg

FIELD: information technology.

SUBSTANCE: flash memory element for electrically programmable read-only memory is meant for data storage when power is off. On a semiconductor base with a source and drain between the latter, there is a tunnelling layer, an auxiliary tunnelling layer, a memory layer, blocking layer and a switch. The auxiliary tunnelling and blocking layers are made from material with high dielectric permeability, from 5 to 2000, exceeding the dielectric permeability of the material of the tunnelling layer made from SiO2.

EFFECT: as a result there is reduction of voltage (4 V) and time (10-7 s) for recording/erasing information and increase in data storage time (up to 12 years).

7 cl, 1 dwg

FIELD: information technology.

SUBSTANCE: memory cell for high-speed controlled gate-region potential EEPROM, the electric circuit of the memory cell having an n(p)-MOS transistor, first and second diodes, a capacitor, a number, an address and a bit line, wherein the cathode (anode) of the first diode is connected to the number line and the source of the n(p)-MOS transistor, its anode is connected to the anode of the second diode, the region under the gate of the n(p)-MOS transistor and the first lead of the capacitor, the second lead of which is connected to the gate of the n(p)-MOS transistor and the address line, and the cathode of the second diode is connected to the drain region of the n(p)-MOS transistor and the bit line, wherein the electric circuit of the memory cell additionally includes a p(n)-field-effect transistor, a common and control line, wherein its source is connected to the region under the gate of a MOS transistor, the gate is connected to the control line and the drain is connected to the common line.

EFFECT: higher reliability of memory cell work.

2 cl, 6 dwg

FIELD: electronics.

SUBSTANCE: invention relates to microelectronics. Restoring memory element has a substrate with a conducting electrode located on its working surface. Said conducting electrode has an active layer of dielectric. Second conducting electrode is located on the active layer. Conducting electrode located on the working surface and/or the second conducting electrode are made from metal. Dielectric layer is metal oxide from which conducting electrode located on the working surface and/or the second conducting electrode is made.

EFFECT: technical result is lower voltage of reprogramming, as well as reduction of consumed power for reprogramming.

14 cl, 1 dwg

FIELD: digital memory technologies.

SUBSTANCE: board has rewritable power-independent memory and control circuit, means for storing address, pointing at limit between authentication area and non-authentication area, circuit for changing size of said areas. Reading device contains estimation means, reading information, pointing at number of times, for which digital data can be read, and playback means. Second device variant additionally has means for digital output of contents.

EFFECT: higher efficiency.

3 cl, 23 dwg

FIELD: information technologies.

SUBSTANCE: server provides Web answers which may contain contents of data tables in database. Server supports cache (for example in system memory) where contents can be stored (including contents of data tables) for enhancement of efficiency of subsequent providing this content for Web client requests satisfaction. Server performs data tables monitoring as for changes, and when particular data table is changed the elements in cache which are dependent on particular data table are invalidated. Additionally, in response to Web client request for Web answer, the server assigns cache dependence on database at least part of created Web answer (for example for contents retrieved from data table) based on commands executed when Web answer is created. At least part of created Web answer is subsequently cached in server cache area.

EFFECT: functionality enhancement.

12 cl, 5 dwg

Up!