The present invention relates to a microcomputer equipped with a built-in memory, and particularly to a security holding function for data written into the built-in memory.
FIG. 2 is a schematic block diagram of a conventional microcomputer.
The microcomputer 10 includes a central processing unit (hereinafter called “CPU”) 11 that executes processing and control in accordance with programs, and a rewritable or reprogrammable nonvolatile memory (hereinafter called “flash ROM”) 12 in which the programs or the like are stored. A read controller 13 connects between the CPU 11 and the flash ROM 12.
The read controller 13 has the function of reading data such as the programs written into the flash ROM 12 in accordance with a read request (address ADR intended for reading and control signal CON) made from the CPU 11 and supplying the read data RDM to the CPU 11, and outputting the read data to an external circuit 21 when the data RDM is not set to an outward output inhibited state. That is, the flash ROM 12 has a continuous address space partitioned in units called sectors every constant memory area and contains therein security information SEC indicative of whether the output of data to the outside should be inhibited, which has been set to each sector. When an address ADR intended for reading is designated, the flash ROM 12 outputs the security information SEC of the corresponding sector along with data RDM read from the address ADR.
On the other hand, the read controller 13 has a selector (SEL) 13a. When the output of the data to the outside is not inhibited based on the security information SEC, the read controller 13 selects data RDM and outputs it to an external circuit 21. When the output thereof to the outside is inhibited, the read controller 13 selects a fixed value FIX and outputs it to the external circuit 21.
The CPU 11 is further connected to an internal bus 14. A plurality of functional blocks 15a, 15b, such as a peripheral input/output unit which performs the input/output of signals from and to peripheral circuits, a timer which counts a set time, etc., and an external memory controller 16 are connected to the internal bus 14. The external memory controller 16 performs reading/writing of data from and to an external read-only memory (hereinafter called “ROM”) 23 and a random access memory (hereinafter called “RAM”) 24 via an external bus 22 provided outside the microcomputer 10.
When an address ADR intended for reading is outputted from the CPU 11 in the microcomputer 10, the flash ROM 12 reads data RDM from the designated address ADR and outputs security information SEC for the corresponding sector. The security information SEC is supplied to the selector 13a of the read controller 13 as a selection signal. If the output of data to the outside is inhibited by the security information SEC, then the selector 13a selects a fixed value FIX and outputs it to the external circuit 21. If the output thereof to the outside is allowed by the security information SEC, then the selector 13a selects read data RDM and outputs it to the external circuit 21.
Thus, the data RDM set to the outward output inhibited state is prevented from being outputted to the external circuit 21. Hence, the security of the data stored in the flash ROM 12 can be protected.
The above prior art refers to patent documents 1 (Japanese Unexamined Patent Publication. No. Hei 8(1996) -137757) and 2 (Japanese Unexamined Patent Publication No. 2004-185536).
Incidentally, a memory control circuit equipped with a CPU 11, memories 12a and 12b which store therein information containing programs to be executed by the CPU 11, a program area monitoring circuit 30 which monitors an area accessed by the corresponding program being executed by the CPU 11, an access inhibition setting register 20 which stores therein access inhibition setting information for inhibiting external access to each memory, a memory access inhibition signal generating circuit 40 which generates a memory access inhibition signal for inhibiting the access to the memory, based on the result of monitoring by the program area monitoring circuit and the access inhibition setting information, and a memory access control circuit 50 which controls the reading of information stored in each memory from the memory to the outside on the basis of the memory access inhibition signal, has been described in FIG. 1 and its descriptive text of a patent document 3 (Japanese Unexamined Patent Publication No. 2004-355383), for example.
However, the microcomputer 10 involves a problem in that when the CPU 11 is started up with the external ROM 23 or RAM 24 as a boot device (corresponding to a memory device with a startup program stored therein), the contents of the flash ROM 12 can be read regardless of the security information SEC depending on the programs from the internal flash ROM 12 via the read controller 13, the CPU 11, the internal bus 14, the external memory controller 16 and the external bus 22.