A. Technical Field
The present invention relates generally to microcontrollers, and more particularly, to technologies that enable protection of content, such as intellectual property elements, stored with a microcontroller. Microcontrollers with these features are commonly referred to as secure microcontrollers.
B. Background of the Invention
Content protection within a processor or microcontroller has been a challenge for the electronic industry for some time. As semiconductor technology has advanced, certain microcontrollers have become complex systems-on-chip. Critical system functions previously implemented in hardware can now be implemented in software, allowing Original Equipment Manufacturers (“OEMs”) to rapidly provide high-value, low-cost microcontroller solutions to a market. For example, programmable nonvolatile memory-based microcontrollers allow frequent system updates, including code modifications and the addition of new functions by numerous application/content providers to the microcontroller.
Oftentimes, these code modifications and/or new functions may represent valuable intellectual property owned by the provider and may be susceptible to unauthorized access by other parties. Additionally, software implementations within a microcontroller are typically easier to reverse-engineer than hardware. As a result, nonvolatile memory-based electronic devices may include hardware data protection that attempts to secure this intellectual property within the electronic device.
Microcontrollers typically include a storage area reserved for access control information in accordance with the data area in a nonvolatile memory. The data area can be arranged either as a single entity containing all memory cells for data storage or in a plurality of memory segments according to the physical structure of the memory array. In prior art systems, access control to a particular segment is enforced by hardware. Program code can be executed by the processor, but read and write operations are prohibited because of the control setting. Typically, the only way to cancel this protection is to first erase both the protected program code and its corresponding access control information.
This approach provides effective data protection but also incurs significant cost overhead in terms of extra memory areas for control information and CPU time in erasure and reprogramming, even for a minor program update. Overhead in CPU time not only decreases system efficiency, it also increases program management complexity.
This simple security arrangement but rigid formation imposes too many restrictions and may be a burden on the end-user. As program codes for microcontroller operation become more sophisticated and complicated, it may be advantageous to use available software libraries provided by an OEM and other vendors instead of creating a full program from scratch. A software library includes major algorithm routines and specific functions, and is ready for use by subroutine calls. Such a software library represents significant value as intellectual property (“IP”) to the end products. Furthermore, program development may involve different developers at different development stages, with the possibility of off-shore support and maintenance. This multi-layer program development and multi-developer participation therein results in a complex environment in which securely maintaining proprietary IP content is difficult.
Current access control schemes also lack direct readout of operating parameters in the program memory space. Operating parameters are normally set during system initialization and stored as data tables in nonvolatile memory so data can be retained in case of power loss. It is common practice to store these critical parameters in the same nonvolatile memory with the system program(s) of the microcontroller. If the protected program area is only for execution and prohibits the reading of data, then the reading of operating parameters can be an issue.
The above limitations present a challenge for IP protection in systems-on-chip, especially for low-cost but highly integrated electronic systems such as secure microcontrollers.