A. Technical Field
The present invention relates to secure micro-controllers using nonvolatile memory, and more particularly, to systems, devices, and methods of extending the functionality of a ROM code to operate complex nonvolatile memory.
B. Background of the Invention
In the embedded software field, ever increasing requirements on rich platforms, such as 32-bit ARM core, and the introduction of a variety of proprietary and non-proprietary frameworks makes the task of developing secure drivers for external nonvolatile memory (NVM) devices (e.g., NAND, NOR, SPI flash, EEPROM, etc.) a complex undertaking, especially for ROM code developers. Generally, the paths of development for external NVMs cannot be anticipated or predicted by developers. Additionally, the fact that NVMs, such as NAND flash, evolve much more rapidly than ROM code increases the difficulty in supporting newer and more complex external NVMs without replacing or prematurely obsoleting existing secure ROM code.
Secure ROM code typically undergoes a series of rigorous validation processes prior to the integration and deployment in microprocessor devices. Any correction of detected post-release errors requires an unacceptable amount of effort and resources to remedy the consequences, and, in the worst case, may lead to inoperability of the entire chip. For example, a microprocessor may fail to startup if the ROM code is too complicated to be validated.
Secure updates of drivers for external NVM devices that are oftentimes permanently attached to a computing device, are typically managed by a host, such as a PC, coupled to a microcontroller. The secure ROM code operates as a gatekeeper that authenticates data packets that host and the ROM code exchange over a communication channel, such as serial, I2C, or USB link. Host and ROM code communicate using a protocol that may comprise several commands to enable the data exchange and allow the host to control the microcontroller.
As external memory management or a set of commands varies over time (e.g., ECC management, sectors size, standard commands), the existing ROM code can no longer securely update complex and previously unknown drivers to support the newer memory types or additional commands. Thus, there exists a need to securely and flexibly modify the content of external memory.
Existing approaches attempt to limit costly modifications or replacements of ROM code that communicates with external memory by employing indirection tables. Alternatives include replacing faulty or outdated ROM code with dynamic code that is pre-loaded into the internal ROM of the device. However, such approaches unnecessarily require additional processing time and consume additional memory in their struggle to cope with the latest technology available in the marketplace. In addition, existing architectures are incapable of providing secure ROM code support for multiple external memories at the same time, which further complicates microprocessor integration.
What is needed are tools for system designers to overcome the above-described limitations.