This invention relates to the field of digital processing systems, more particularly to the control of memory in digital processing systems, and most particularly to methods and systems of limiting the access of some applications to certain portions of memory.
Low-cost semiconductor random access memory (RAM) has enabled many advances in electrical appliances. This memory enables small devices without permanent magnetic storage to store large quantities of data. When this memory is non-volatile memory, such as FLASH(trademark) memory, the data is stored even when power to the device is removed. Non-volatile RAM has enabled system designers to extend the life of a product and reduce product support costs, by enabling the non-volatile RAM to store system configuration and control data. This system data previously had to be hard-wired into the read only memory (ROM) of the appliance. Once assembled, the hard-wired memory is fixed and cannot easily be changed. Non-volatile memory allows the system to be reprogrammed to correct errors or to add functionality to the system at a later date.
The ability to update or add to the contents of the system memory, typically called firmware, is especially important in many hand-held devices such as personal digital assistants (PDAs) and modern scientific calculators. This ability enables these devices to download programs to increase or tailor the functionality of the devices to the needs of the users. For example, some PDAs are programmed with special software to record customer survey information, enabling those taking the surveys to enter their preferences directly into the device memory via the touch screenxe2x80x94thus eliminating the need for pencils, paper, and scanners.
Likewise, advanced calculators are programmed with specific software packages to expand the functionality of the calculators in various fields. For example, circuit analysis or stress analysis packages simplify everyday engineering tasks, while teaching packages, which may include processing routines and data, prepare classroom calculators for a series of classroom experiments.
While modern memory enables upgrades, the commercial feasibility of such upgrades is limited by the ability to extract reasonable royalties from the users of the packages. Without some sort of effective protection there is a great risk that the downloadable programs will be copied and the authors of the programs will not receive compensation adequate to ensure the continued supply of the programs.
The protection must make the programs difficult to copy. One way to make the programs difficult to copy is through encryption. Once the programs are installed in memory, however, it often is relatively easy to read the unencrypted program out of the memory. This is especially true in systems that allow execution of user-written programs. If the system does not enable a memory dump, the user often can write a program to dump the memory to an output device. Thus, what is needed is a method and system of limiting the ability of the user to access portions of the system memory without compromising the ability of the operating system to utilize the restricted portions.
Objects and advantages will be obvious, and will in part appear hereinafter and will be accomplished by the present invention which provides a method and system for limited access to system memory. One embodiment of the claimed invention provides a method of limiting access to a secure portion of memory. The method comprises the steps of: providing a memory having a system memory portion and a secure portion, providing a logic gate to prevent write operations to the secure portion of memory, and providing an access signal to open the logic gate. The access signal generated by the execution of a specific sequence of instructions from the system memory portion. The sequence of instructions typically is a sequence of eight instructions. According to one embodiment of the disclosed invention, the execution of the specific sequence of instructions must occur from a specific region of the system memory portion.
According to another embodiment of the disclosed invention, an electronic device is provided. The electronic device has a memory system comprising: a restricted block, a protected block, an unprotected block, and a memory controller. The memory controller only allows write access to the restricted block from within the restricted block, and only allows write access to the protected block from within the protected and restricted blocks. The memory controller only allows write access to the protected block upon the execution of a predetermined sequence of instructions. One embodiment of the disclosed invention requires a predetermined sequence of eight instructions. Another embodiment of the disclosed invention requires the predetermined sequence of instructions be executed from within the restricted block.
The method and system disclosed herein enable the distribution of software routines for electronic devices while limiting the risk of piracy. The routines typically are encrypted using a public-key/private-key encryption scheme. Each device has a unique key used to unlock the routine, allowing the routine to be stored unencrypted in the system memory. The memory controller limits the ability of a casual user to read out the routine in unencrypted form. Using the hardware gate taught by this invention provides sufficient protection to enable the market for aftermarket software for devices such as palm-top computers and hand held calculators.