1. Field of the Invention
The present invention refers to a method and an apparatus for writing to a target memory page of a memory, the memory specifically being a UCP-EEPROM (UCP-EEPROM=uniform channel programming electrically erasable read only memory).
2. Description of the Related Art
EEPROM memories (EEPROM=electrically erasable read only memory) make it possible to store data that remain after a supply voltage was disconnected from the respective EEPROM memory. Due to the possibility to construct very compact EEPROM memories, these memories are advantageously used in the field of mobile processor means and mobile memories. EEPROM memories are specifically used in the field of chip cards and smart cards, which are for example used for the protection of safety-relevant and sensitive areas and data. Due to the value alone of goods, privileges and data protected directly or indirectly by such EEPROM memories, the latter are targets of attacks such as systematic interruption of the supply voltage or the supply power, which is also termed tearing or tearing attack.
The so-called UCP-EEPROM memories represent a subspecies of the EEPROM memories. In order to save on space on a chip including the EEPROM memory, the bit/byte switches are omitted in one EEPROM cell field in the UCP-EEPROMs. In addition, the memory is organized in memory pages. Here a memory page consists of a number of bytes, half words or words, a word for example including 32 bits or 4 bytes. A memory page then includes for example 64 or 128 bytes.
In a memory page, single bits and bytes cannot be erased individually anymore, that is for example be set to a value of 0. Basically, it is possible to write single bits subsequently, that is subsequently set them to a state representing the value of 1 from a state representing the value of 0. While for many applications this may be a theoretically feasible procedure, it makes little sense for a known write operation to a memory, in which single bits are to be changed, since for example with using error detecting codes (EDC) or error correcting codes (ECC), it cannot be ruled out that single bits may have to be erased, that is brought into a state corresponding to a value of 0. This is, however, generally not possible for UCP-EEPROM memories because, as discussed above, single bits and bytes cannot be erased individually. Thus subsequent writing of a single bit would probably lead to a corruption of the ECC information or the EDC information. In other words, the use of the possibility of postprogramming or postwriting single bits makes little sense in the case of an ECC or EDC functionality incorporated into a memory.
This means, however, that for changing only one bit, byte or data word of the data of this page, the entire memory page must be erased and then written anew. This means that, starting from the erased state of the memory page, the bits to be written are written while the other bits change their states only subtly or not at all in terms of physics. Here the data of the memory page to be changed must be buffered in the meantime so that there is no loss of data in the case of a power failure.
In order to avoid meantime buffering of the memory page as described above, a so-called spare page is used. For this purpose, in addition to the architecture described above, the EEPROM cell field is organized by introducing so-called sectors. Here a number of memory pages are allocated to a sector S. Thus for example 32 memory pages (P1, . . . , P32) are collected in sector S. In order to avoid buffering a memory page to be programmed prior to erasure, a further memory page P0 is added to the sector, which helps to avoid time consuming EEPROM programming in the context of the buffering. This memory page P0 is present in an erased state and serves as a spare page. For programming, the potentially changed content of a memory page, for example memory page P25, is written to memory page P0. After the content has been checked in the new memory page P0, the old memory page P25 is erased and memory page P0 accordingly mapped to the memory. The erased memory page P25 now takes over the role of the old memory page P0. The respective erased memory page is termed the spare page.
As in this way the memory pages are no longer available in their original order in the sector but are “jumbled up” due to several programming processes, some additional bits, forming a so-called MapBlock or memory for a logical address of a memory page, are added to each memory page. To this MapBlock the so-called MapAddress or logical address of the memory page is written. Thus the introduction of the MapAddress and/or the MapBlock makes it possible to allocate a (logical) memory address to each physical memory page. This information must not be lost, not even due to a reset or current loss or tearing. In the MapBlock of each page, a number between 0 and 31 is then available as the MapAddress, if the respective memory page is no erased. Thus the MapAddress identifies a position of the respective memory page in a memory space that is, for example, in sector S. This makes an allocation of memory addresses and the respective physical page possible.
Thus, under normal operating conditions, in a sector S there is an erased memory page, the so-called spare page, and, starting from the above example, 32 data memory pages (data pages). Thus the 32 MapBlocks, each allocated to a memory page, have each logical address between 0 and 31 exactly once. Thus to each physical memory page, exactly one logical memory address representing the position of the respective physical memory page in the memory space, is allocated.
In the cell concept of the EEPROM memories, a write operation to a memory page of a sector causes a mostly slight disturb of all cells of all other pages of this sector. However, even if the cells of the other memory pages are disturbed only a little, this is still a cumulative effect which, as the case may be, may lead to a loss of data and/or to a reduction of the data integrity. In order to counter these disturbs, the concept of the refresh has been introduced. Here for example either memory pages are selected at random from time to time and copied afresh, or a time stamp, which is also termed DisturbCounter and which indicates which memory page is particularly “old”, is deposited for example into the MapBlock.
In connection with a supply voltage interruption, this, however, results in the following problem. If, for example by a tearing attack, power supply is interrupted during a programming process, that is during writing the new page and erasing the old page, two problematic scenarios may arise:    A. If a supply voltage interruption occurred during the write operation, the memory pages to which no new data was written during the programming process have already been subject to a disturb. In other words, these memory pages have already “seen” a disturb, which has disturbed the same. If then the invalid memory page generated in the interrupted write operation is erased, the sector with the old unchanged data will be restored, however, the information that a disturb has occurred will no longer be available and therefore lost. The same must subsequently be deposited in the form of a digital value in an (arbitrary) memory page of the respective sector. This can be effected for example by increasing the DisturbCounter. However, an attacker could in this moment interrupt the current supply again and the information on the disturb occurred would be irretrievably lost. In this way an attacker may succeed in introducing a large amount of disturbs into a sector without the system, that is the memory, being able to detect the same. The data integrity of the sector would deteriorate in the course of time so that it is possible that after a certain period of time the sector may even contain incorrect data.    B. If the current supply interruption occurred at the end of the write routine and/or the beginning of the erase routine, there will be a sector that comprises two more or less good memory pages, which are associated to the same logical address by the MapBlock. In this case a decision must be made, which memory page to keep and which memory page to release as the spare page. If for example the older memory page is kept and the younger memory page is erased, there will be the danger that the old memory page has only been “partly erased” in the course of the erase operation and can therefore no longer offer the required data integrity. In other words, it is possible in this case that the old memory page is no longer able to guarantee the required data holding. On the other hand, if the younger page is kept and the older one erased, it could well be that the new memory page will not yet have been completely written and will therefore also not be able to guarantee the required data holding.            Independent of which of the two memory pages is to be kept and which is to be released as the spare page, it is possible to erase one page and copy the other one to the location of the erased page. However, a supply voltage interruption (tearing) at exactly this moment in time could cause the information of wanting to copy the one page to be lost again.        
German patent specification DE 10322723 refers to an apparatus and a method of processing a state of a memory. The method in its utilization as a tearing service algorithm described therein can limit the problems discussed above. This tearing service algorithm is described in the following and is able to detect a tearing attack and log all disturbs without exception.
FIG. 5 shows a schematic representation of a structure of a memory or a sector of a memory as described in DE 10322723. The memory or sector comprises a plurality of memory pages 800-1 to 800-5, each of the memory pages 800-1 to 800-5 including a data area 810 for storing data, an allocation block or MapBlock 820, a marking area 830, and a time stamp area 840 for storing the DisturbCounter.
FIG. 6 shows a flow chart of a known method of processing a state of a memory. More precisely, FIG. 6 shows a part of a tearing service algorithm that is begun by a step shown in FIG. 6 after a start of the algorithm and an (optional) check of memory pages 800-1 to 800-5 of the sector of the memory. If a memory page Pg is to be copied to an empty memory page Pb being the spare page of the sector, and if an optionally performed analysis of the sector shows an error, for example in the form of erroneous memory pages, memory page Pg will be marked in a first step 910. For this purpose, a bit designated as TearingFlag TF1, is postprogrammed in marking block 830 of memory page Pg, which is identified in FIG. 6 by the designation Pg*. Such postprogramming of TearingFlag TF1 may be performed in the context of the UCP-EEPROM concept, as discussed above. Under normal operating conditions, TearingFlag TF1 is erased, that is has the value 0.
Subsequently, memory page Pb is erased in a second step 920. Following this, a second TearingFlag TF2 including marking block 830 of memory page Pg is programmed and/or written in a process step 930, so that TearingFlag TF2 also has the value 1. This is identified in FIG. 6 by the designation Pg**.
In a next step 940 memory page Pg is copied to memory page Pb, wherein on the one hand to time stamp area 840 of memory page Pb a correspondingly increased DisturbCounter is stored in the process and on the other hand the two TearingFlags TF1 and TF2 are erased and/or programmed with a value of 0. The content copied to memory page Pb and based on memory page Pg marked by the two TearingFlags TF1 and TF2 is also referred to as resolvent of Pg**, which in the context of the figures in the present application is also referred to as resolv(Pg**) and r(Pg**).
In a following step 950 the original memory page Pg is erased and thus becomes the new spare page. As TearingFlag TF1 of memory page Pg was not copied during copying step 940, so that TearingFlag TF1 of memory page Pb also has the value 0, the tearing service algorithm is ended in a next step.
FIG. 7 illustrates the content of the two memory pages Pg and Pb affected in the context of the tearing service algorithm described. Here the contents of the two memory pages Pg and Pb are represented in the form of six rectangles, each having an upper and a lower half. More precisely, FIG. 7 thus shows the change of the content of the physical memory pages by method steps 910-950. In the upper halves of the rectangles the content of memory pages Pg is represented, and in the lower halves the content of memory page Pb is represented. Here Pg and Pb also designate the original contents of the two memory pages prior to starting the tearing service algorithm. Under normal operating conditions, memory page Pb is the spare page, so that it should be present in an erased state, which in the context of the description in FIG. 7 could be identified by a zero. However, in order to furthermore enable a description of memory contents possible as a result of a tearing attack, memory page Pb also has a content that does not necessarily have to correspond to the content of an erased memory page.
Starting from the contents Pg and Pb memory page Pg is marked by marking step 910, which is emphasized by the superscript asterisk. Memory page Pb is erased by erase step 920, which is symbolized in FIG. 7 by the entry 0. The second TearingFlag TF2 of memory page Pg is set by marking step 930, which is represented in FIG. 7 by the marking Pg**. In step 940 the resolvent of memory page Pg** is written to memory page Pb, which is represented in FIG. 7 by the designation r(Pg**). Subsequently, memory page Pg is erased in erase step 950.
In the following, the function of the method and/or the tearing service algorithm described in FIG. 6 is discussed in closer detail according to a known method under tearing conditions or attack conditions. In order to complete the algorithm, the tearing service algorithm must be able to find to an appropriate location and/or a correct location from any location of the tearing service algorithm after an interruption of the supply voltage (tearing). This must be ensured even if a repeated number of interruptions takes place during the tearing service algorithm. All this must be performed without disturbs being forgotten or overlooked. If as a result of case B described above two memory pages have the same logical address in MapBlock 820, that is, if there is a so-called DoubleMapping, the method discussed will be started with method step 910. Here the fundamental decision must be made, which of the two memory pages affected is to be kept and which is to be erased. If the fundamental decision is made, that the younger page, that is the page time stamp area 840 of which indicates a younger age, will be kept, this memory page is treated as memory page Pg and the older memory page is processed as memory page Pb in the context of the method described in FIG. 6. Thus the following occurs: First memory page Pg is marked by TearingFlag TF1 so that from this moment on it can always be determined that a tearing service algorithm was initiated. In the case of an interruption of the supply voltage at the beginning of the tearing service algorithm, that is before TearingFlag TF1 is written and thus becomes “visible”, a DoubleMapping will again be detected in the case of a restart of the tearing service algorithm, and the algorithm begins afresh.
Subsequently, memory page Pb is erased. Thus, if the chip comprising the memory finds a sector with a memory page, in which only TearingFlag TF1 is set, and a second memory page, to which the same logical address is allocated, the tearing service algorithm will be completed beginning with method step 920. If the sector analogous has exactly one memory page with a TearingFlag TF1 set, with TearingFlag TF2 is not set, and also has an erroneous memory page, which in this case is a memory page not completely erased, the tearing service algorithm will also be completed with step 920, that is the erasure of the memory page Pb not completely erased. However, if the sector has a memory page with a TearingFlag TF1 set, and TearingFlag TF2 not set, and also has an erased memory page, the interruption of the supply voltage has occurred at the end of method step 920, that is at the erasure of memory page Pb, so that in this case the tearing service algorithm can be continued with step 930.
In step 930 TearingFlag TF2 of memory page Pg is set, and in the following step 940 the content of memory page Pg is copied to spare page Pb with a correspondingly increased DisturbCounter. Thus setting the second TearingFlag TF2 in memory page Pg marks the transition from erasing memory page Pb (step 920) to the step of writing of memory page Pb (step 940).
Thus, when the sector of the memory has a memory page with both TearingFlags TF1 and TF2 set, that is, has memory page Pg** and an erroneous memory page, then the tearing service algorithm was interrupted in the area of method steps 940 and/or 950. As in this case memory page Pb, that is the former spare page, cannot be erased, as this would lead to a loss of the information referring to the disturb in the form of the correspondingly increased DisturbCounter, memory page Pb must first be written completely. In principle, however, this is possible as it is clear, which information is to be written to memory page Pb, that is the content of memory page Pg with a correspondingly increased DisturbCounter and erased TearingFlags, that is the resolvents of Pg**. The difficulty here is that memory page Pb has experienced somewhat more than one write operation. In principle, memory page Pb may be subjected to up to three write operations. This involves a certain risk that due to the disturbs accompanying the programming and/or writing of memory page Pb, the erased bits, that is those bits of the page the value if which is 0 are also no longer optimal. The result may be a reduced life expectancy of the data stored in the respective memory page, that is a reduced data guarantee of for example 10 years.
For this reason, memory page Pb will be properly copied a second time in the tearing service algorithm in the context of the known method. For this purpose, however, memory page Pg** must first be erased in order to obtain a spare page. Moreover, it must be assured, that the information that page Pb must be copied anew does not get lost. This is realized in the known method by introducing copying step 960. In the context of step 960, memory page Pb is in fact written to the end, including, however, the setting of TearingFlag TF1 of memory page Pb.
After completion of step 960, the known method is continued with step 950, that is erasing memory page Pg in order to obtain a spare page, as illustrated in FIG. 6.
In this case, however, memory page Pb has TearingFlag TF1 set so that the tearing service algorithm is continued again with step 930, with memory pages Pb and Pg exchanging their roles. This makes it possible to realize the above mentioned necessity of a renewed copying of memory page Pb.
In other words, after step 960 has been completed, finally memory page Pg** is erased in the context of step 950, and the case differentiation leads back to step 930 so as to perform the copy operation mentioned. As already discussed, the tearing service algorithm is completed and therefore ended in the case that step 960 was not performed, that is that memory page Pb does not have TearingFlag TF1 set.
A substantial disadvantage of the known method consists in the fact that this method is functional in fully initialized sectors only, that is sectors, in which exactly one erased memory page is available as a spare page in the normal operating mode or in the normal case. This is due to the fact that method step 960 can be performed without difficulty only in a fully initialized sector. Under normal operating conditions, that is in normal operating mode, there can only be one erroneous memory page. For this reason, it is obvious which half written memory page is or must be written to the end in the context of method step 960. In the case of an only partly initialized sector, it is possible, however, that more than one memory page may come into question as the possible target memory page for method step 960. For example, if memory page Pb is already available in an erased state and another memory page produces an error in the context of an EDC method or an ECC method due to an insufficient erasure that has up to date not been detected, a loss of information will occur when in the context of the known method discussed in FIG. 6 the content of memory page Pg is copied and/or written over this insufficiently erased memory page. In this case, an erroneous memory page would be generated that might not withstand a later Check in the context of an ECC method or an EDC method. As memory page Pg** is erased due to erase step 950 following step 960, there is the great danger that due to the method of processing a state of a memory according to a known method a loss information and/or data may occur.
Another disadvantage of this known method is the necessary “side entry” into method step 960, which very often causes problems, particularly in the presence of hardware weaknesses. More precisely, this second, very serious, problem is that again a loss of information may occur. Assuming that the tearing service algorithm was performed up to the beginning of step 950, that is erasing memory page Pg, so that memory page Pg** is already partly erased and therefore contains “wobbly” data, it may occur that this memory page will not be detected as erroneous in a first analysis. In this case the content of this memory page, which may prove to be erroneous in a second readout attempt, is written to memory page Pb in the context of method step 960, so that memory page Pb is subsequently overwritten with wrong information, which could finally lead to a destruction of the data stored in memory page Pb. As subsequently memory page Pg is in turn erased in method step 950, this inevitably in turn leads to a loss of information.