1. Field of the Invention
The present invention relates to a memory module for simultaneously providing at least one secure and at least one insecure memory area, as well as to a microcontroller having such a memory module.
2. Description of the Related Art
The present invention relates to the field of so-called secure microcontrollers, in particular in the automotive industry. For most applications in safety-relevant areas, non-manipulatable or non-viewable storage of data is an essential basic requirement. The keys for symmetric methods or private keys of asymmetric methods are secrets and therefore must be kept secret from attackers. Other applications require at least protection against changes, for example, storing of serial numbers or mileage, preventing chip tuning, etc.
It is therefore customary to provide secure environments for executing functions which must view and/or change these secrets. These environments usually include a “secure CPU” and a separate memory module for the secure non-volatile storing of data, also referred to as “secure NVM” (NVM=Non-Volatile Memory), which may be addressed only via the “secure CPU.”
For providing secure functions, it is contemplated to use microcontrollers which in addition to the usual microcontroller components such as CPUs, memory modules, buses, I/O interfaces, etc., also include a secure CPU and a secure memory module. Providing the secure environment in a microcontroller is, however, relatively complicated, which is due, in particular, to the technology of the non-volatile memories normally used today. The secure memory module is normally designed as a flash module and includes, like all flash memory modules, the actual memory cells (transistors), a write/read electronic unit for operating the memory (for example, a state machine, address buffers, data buffers, line decoders, column decoders, etc.), an interface unit for connecting the write/read electronic unit to the internal microcontroller bus, as well as an analog circuit part for supplying and/or amplifying voltage, and the like. In particular, this analog circuit part, which normally (for example, flash, EEPROM) includes a charge pump and a battery of amplifiers, requires a very large chip surface and results in considerable costs for the module.
It is therefore desirable to have to use only one memory module in secure microcontrollers for storing both secure and insecure data. However, in the memory modules used in the related art, the user (normally a CPU) accessing such a memory is able to view and modify the entire data area, so that one memory module is used for secure data and one memory module for insecure data.