In the field of semiconductor memories, flash memories have become rather popular, because they combine the capability of storing relatively large amounts of data with the possibility of modifying their content directly in the field.
Flash memories are, for example, used to store the code to be executed by data processing units (e.g., microcontrollers, microprocessors, coprocessors, digital signal processors and the like) in a variety of electronic apparatuses, such as personal computers, mobile phones, digital cameras, set-top boxes for cable or satellite or digital terrestrial television, just to mention a few.
In particular, using flash memories it is possible to modify the stored code without having to remove the memory component from the respective socket. It has thus become possible to, e.g., change the code, fix code bugs, update the code version directly at the premises of the users; the new code can be for example downloaded over the internet, or received directly by the mobile phone from the service provider company.
There are applications in which these possibilities offered by flash memories raise problems of security. Electronic piracy acts may for example cause the code stored in the memory to be read without authorization or to be corrupted.
Referring to a conventional flash memory, the modification of the data stored in the memory is related to the erase and program operations. Stored data can be shielded from undesired read, erase and program operations by means of particular protection arrangements, that allow to selectively protect/unprotect distinct sectors of the memory. For example, U.S. Pat. No. 5,974,500 describes a non-volatile memory device comprising a set of first access control bits to control the access authorization (to perform the operations of erasing, programming and reading) to the memory array, and a set of second control bits to control write access to the first access control bits, in such a way to consent to the changing of the memory access authorization. Every time the external devices request an access operation to the memory, they must provide their access authorizations thereto. In fact, according to this solution, to access a protected memory zone, it is necessary to change the memory access authorization; however, this change is performed without any particular security protocol, simply by issuing, on the part of the external device, a request to modify the access authorization; there is no control on which device is requesting to change the access authorization scheme.
Therefore, in view of the state of the art outlined in the foregoing, a need has arisen for a technique to implement security in a semiconductor memory, and particularly in respect of aspects relating the grant of access authorization to external devices in an efficient way, assuring a high level of security.