The present invention relates to self-test technique for a nonvolatile memory, and more particularly, it relates to memory self-test method and circuit for checking the soundness of a nonvolatile memory necessary to be in sufficient security.
In an LSI for storing highly confidential data or programs, or an LSI including a security circuit for an IC card or the like, significant data or programs with high confidentiality are stored in a nonvolatile memory such as a flash memory or a FeRAM. For example, in a nonvolatile memory of an LSI for an IC card, personal information, authentication data or cryptographic key data for a cryptographic system is stored. Since very significant contents are thus stored in a nonvolatile memory, it is necessary to provide means for preventing a malicious third party from decoding or modifying the data. For this purpose, it is effective to encode data to be stored in a nonvolatile memory.
In order to further increase the security level, information corresponding to a security status is stored in a nonvolatile memory so as to restrict an invalid access itself. In some conventional technique for security protection, the number of fails made in authentication for accessing a nonvolatile memory is written in the nonvolatile memory, and when the number exceeds a given value, it is regarded that an invalid access is being made. Thus, authentication to be made thereafter is rejected, confidential data stored in the nonvolatile memory is deleted, or the starting time in next power supply is elongated.
Even when such means for protecting the security is provided, however, an invalid access cannot be effectively restricted unless the number of authentication fails is correctly incremented. In the case where physical modification for disabling data write is made on a nonvolatile memory by, for example, fixing a write enable signal to a disable state or disconnecting a power line necessary for data write, information corresponding to a security status stored in the nonvolatile memory cannot be updated. As a result, even when authentication fails are repeatedly made, the number of fails is not incremented, and hence, it is impossible to restrict the invalid access.
It can be checked whether or not a nonvolatile memory has been physically modified, namely, the soundness of the nonvolatile memory can be checked, by verifying written data. However, when the verification is performed every time data is written, the power consumption is increased and the data write speed is lowered, and in addition, the lifetime of the nonvolatile memory may be shortened because the number of memory accesses is thus increased.