WO2006064318A1 - Method to secure writing in memory against attacks by radiation or other means - Google Patents

Method to secure writing in memory against attacks by radiation or other means Download PDF

Info

Publication number
WO2006064318A1
WO2006064318A1 PCT/IB2005/003476 IB2005003476W WO2006064318A1 WO 2006064318 A1 WO2006064318 A1 WO 2006064318A1 IB 2005003476 W IB2005003476 W IB 2005003476W WO 2006064318 A1 WO2006064318 A1 WO 2006064318A1
Authority
WO
WIPO (PCT)
Prior art keywords
write
log
data
atomic
writes
Prior art date
Application number
PCT/IB2005/003476
Other languages
French (fr)
Inventor
Nicolas Giraud
Original Assignee
Axalto Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Axalto Sa filed Critical Axalto Sa
Publication of WO2006064318A1 publication Critical patent/WO2006064318A1/en

Links

Classifications

    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C16/00Erasable programmable read-only memories
    • G11C16/02Erasable programmable read-only memories electrically programmable
    • G11C16/06Auxiliary circuits, e.g. for writing into memory
    • G11C16/10Programming or data input circuits
    • G11C16/102External programming circuits, e.g. EPROM programmers; In-circuit programming or reprogramming; EPROM emulators
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C16/00Erasable programmable read-only memories
    • G11C16/02Erasable programmable read-only memories electrically programmable
    • G11C16/06Auxiliary circuits, e.g. for writing into memory
    • G11C16/10Programming or data input circuits
    • G11C16/102External programming circuits, e.g. EPROM programmers; In-circuit programming or reprogramming; EPROM emulators
    • G11C16/105Circuits or methods for updating contents of nonvolatile memory, especially with 'security' features to ensure reliable replacement, i.e. preventing that old data is lost before new data is reliably written
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C16/00Erasable programmable read-only memories
    • G11C16/02Erasable programmable read-only memories electrically programmable
    • G11C16/06Auxiliary circuits, e.g. for writing into memory
    • G11C16/22Safety or protection circuits preventing unauthorised or accidental access to memory cells

Definitions

  • This invention concerns a method and a device to secure an electronic assembly implementing a program to be protected. More precisely, the purpose of the method is to propose a defence against attacks by radiation, flash, light, laser, glitch or other and more generally against any attack disturbing the execution of the program instructions. These attacks modify the instructions to be executed, resulting in non-execution or incorrect execution of certain parts of the program.
  • a program When a program is executed by a microprocessor, attacks for example by injecting faults via laser, glitch or electromagnetic radiation modify the instruction codes executed by the processor: the program instructions may be replaced by instructions producing a different effect. Consequently, a security processing sequence in an operating system for smart cards may be made inoperative by an attacker. Applied during an instruction sequence designed to write in non volatile memory of the card, these attacks may disable security writes used, for example, to count a number of incorrect authentications. Through this type of attack, the attacker also prevents the card from storing security-related events.
  • one solution consists in setting flags in a byte of the RAM (Random Access Memory) at regular intervals and in checking, at a particular point in the execution of the software, that all flags which should be set have actually been set. Setting up this type of defence is tedious, however, since specific volatile memory areas must be allocated and processing added in the code to be protected, wherever this is required. In addition, since attacks of this type are becoming shorter and more precise, the known solutions are becoming less effective. Firstly, the attack may be too short to have any effect on the setting of flags: the flags in RAM may indicate to the program that all writes have been made correctly, even if this is not the case. Secondly, the flag verification software may itself be disturbed.
  • One purpose of this invention is to protect all writes contained in the program.
  • Another purpose of this invention is to propose efficient protection even for very short attacks.
  • This invention concerns a method to secure the write in storage means of an electronic assembly comprising information processing means, said method comprising an atomic write process to write data recorded in a write log, characterised in that it consists in checking a sequence of atomic writes in said storage means by setting in said write log one or more indicators in memory as proof of one of more successive writes recorded in said log.
  • This invention also concerns an electronic module in which said method is implemented, a card comprising said module and a program to implement said method.
  • - figure 1 is a diagrammatic representation of an example of a device in which the method according to this invention is implemented;
  • - figure 2 is a diagrammatic representation of the content of part of the memory of a device in which the known atomic write process is implemented;
  • FIG. 3 is a graph representing the various steps of a known atomic write process
  • FIG. 4 is a graph representing the various steps of one form of realisation of the method according to this invention.
  • FIG. 5 is a diagrammatic representation of the content of part of the memory of a device according to a first form of realisation in which the method according to this invention is implemented;
  • FIG. 6 is a diagrammatic representation of the content of part of the memory of a device according to a second form of realisation in which the method according to this invention is implemented.
  • the purpose of the method according to the invention is to secure an electronic assembly and for example a portable object such as a smart card implementing a program.
  • the electronic assembly comprises at least processing means such as a processor and storage means such as a memory.
  • the program to be secured is installed in the memory, for example ROM (Read Only Memory) type, of said assembly.
  • the electronic assembly described below corresponds to an onboard system comprising an electronic module 1 illustrated on figure L
  • This type of module is generally realised as a monolithic integrated electronic microcircuit, or chip, which once physically protected by any known means can be assembled on a portable object such as for example a smart card, microcircuit or integrated circuit card (microprocessor card, etc.) or other card which can be used in various fields.
  • the electronic module 1 comprises a microprocessor CPU 3 with a two-way connection via an internal bus 5 to a non volatile memory 7 of type ROM, EEPROM (Electrical Erasable Programmable Read Only Memory), Flash, FeRam or other containing the program PRO 9 to be executed and a transaction buffer 10 containing a write log used for temporary data storage, a volatile memory 11 of type RAM, input/output means I/O 13 to communicate with the exterior.
  • EEPROM Electrical Erasable Programmable Read Only Memory
  • Flash Flash
  • FeRam or other containing the program PRO 9 to be executed
  • a transaction buffer 10 containing a write log used for temporary data storage
  • a volatile memory 11 of type RAM volatile memory 11 of type RAM
  • input/output means I/O 13 to communicate with the exterior.
  • the method according to the invention consists in checking that each write in non volatile memory while executing the program 9 is executed correctly.
  • the method according to the invention consists in checking the atomic write of data in non volatile memory by setting in a write log, when executing a program 9, an indicator in memory as proof of a write.
  • the "write log” means the list of all write operations to be made atomically on the memory, the log containing control data and/or data to be written and/or any other type of information.
  • a sequence of "atomic” writes means all writes recorded in the write log such that, if the log is validated (sequence closed), all the writes are made, even in the event of attack; if the log is not validated, none of said writes is made.
  • writing the indicator in memory is made atomic with the write of the planned data in the write log.
  • Each write in the log and the indicator are atomic, so the fact that the proof indicator is in memory guarantees that the data has actually been written. By checking that the proof indicator is present, the program ensures a posteriori that the write was made. If the write was not made, various measures can then be taken, such as, for example, triggering by program 9 of a security defence, interruption of program execution or setting of a fraud indicator in non volatile memory 7 to indicate that a fraudulent attack has taken place and for example to prohibit any future use of the operating system.
  • the methods used to make several atomic writes in the memory and more especially in the non volatile memory 7 of a microprocessor card as an anti-tearing mechanism are known. They use for example, as shown on figure 2, the transaction buffer 10; the transaction buffer 10 is located in the non volatile memory 7 and acts as log for the writes to be made.
  • the known atomic write process may consist of the following sequence (refer to figure 3):
  • step A After opening the atomic session (step A), for each write (step B), the process consists in creating (step C) an entry in the write log of the transaction buffer 10 comprising the control data (Control Data) (address
  • AdM AdM , Adr2, Adr3 length of useful data, L1 , L2, L3 ) and the useful data (Data) (Datai , Data2, Data3, ...) (see figure 2).
  • step D When closing the atomic session (step D) 1 the process validates the transaction buffer to indicate that it contains an atomic write sequence. The method then consists in reading (steps E, G) each entry in the log and making, then checking the corresponding write, repeating each incorrect write (step F). Then in step H, the method invalidates the transaction buffer to indicate that it contains no atomic write sequence.
  • step E If the writes of the atomic sequence are interrupted, the process resumes at step E as long as the transaction buffer has not been invalidated.
  • This type of atomic write process protects against an interruption in the atomic session in progress: it guarantees that either the writes recorded in the write log of the transaction buffer are ignored and none of the writes recorded is made if the session has not been closed; or all the writes recorded in the log of the transaction buffer are made if the session has been closed.
  • the method according to this invention therefore consists in combining the known atomic data write process with the write of a write indicator.
  • the indicator is entered in the write log.
  • the data and indicator writes are made atomic...
  • the mode of realisation of this invention described below and illustrated on figure 4 combines the atomicity process like that described above and a counter acting as indicator of the successive writes in non volatile memory during a command, and for example a counter of the number of writes which is incremented on each new write.
  • the value (Counter) of the write counter (C1 , C2, C3) in EEPROM is included in the block of control data of the write log of the atomicity process (Control Data).
  • the value of the write counter is included in the atomicity data of the write log of the atomicity process (Atomicity Data).
  • the counter is incremented (step C- figure 4) and the control and atomicity data are updated in the same block, under the protection of a checksum (CKS1 , CKS2, CKS3 on figure 5 or CKS on figure 6, depending on the form of realisation) on part or all of the data (step C).
  • the counter is incremented on each new write in the atomic session.
  • the atomicity process guarantees that once the atomic session has been closed, all the writes recorded in the log will be made completely. This mode of realisation guarantees that each incrementation of the counter is atomic with the corresponding write in the log.
  • each incrementation of the counter during the atomic session corresponds to a write actually made when closing the atomic session.
  • step C after opening the atomic session, on each new write, i.e. on each new entry in the write log of the transaction buffer 10, the counter is incremented (step C).
  • the new value of the counter is written with the control data of the entry concerned (C1 , figure 5) or in the atomicity data (Ci, figure 6).
  • the value of the counter before opening the atomic session is stored in the atomicity data (C, figure 6).
  • the value of the counter is compared with the expected value and if they match and the other checks planned in the known atomic write processes are also correct, the buffer is validated.
  • the value of the counter C before opening the session is then assigned the value of the counter at closure.
  • This form of realisation implementing a counter provides a means of checking during program execution and/or when closing the atomic session that the writes planned in the log have been made by comparing the actual value of the counter with the expected value.
  • the method according to the invention consists in incrementing said counter and making each atomic write simultaneously. If an attack occurs during the write, the write will not be made correctly, the counter will not be incremented and the value of the counter will be different from the expected value; the attack is therefore detected and a specific action is carried out by the program or the processor.
  • Two methods can be used to make the recording of a new write in the write log of the transaction buffer and the incrementation of the write counter in non volatile memory atomic: the counter is placed in the same block as all or some of the control and/or atomicity data and/or the useful data of the atomicity process; and/or the counter and all or some of the control and/or atomicity data and/or the useful data are protected by the same checksum which validates this write, either of the two methods alone is sufficient to guarantee atomicity.
  • the writes in the non volatile memory 7 of type EEPROM generally encountered in smart cards are made in blocks (usually 64 or 128 bytes). All the bytes programmed in a given block are written simultaneously, making the write of several bytes in the same block atomic.
  • the programming duration is the same, whether for a single byte in the block or for all bytes in the block, of the order of 1 to 5 ms. This duration must be multiplied by the number of blocks to be written.
  • Atomicity can be achieved by using this intrinsic property of EEPROM.
  • the method according to the invention consists according to the second method in calculating a checksum (CKS1 , CKS2, CKS3 on figure 5, CKS on figure 6) on the value of the counter and on all or some of the control and/or atomicity data and/or the useful data and making the write in the log simultaneously and in writing the value obtained for the checksum in the log.
  • the method according to the invention then consists in verifying the checksum by comparing it with the precalculated value written in memory.
  • the checksum may concern the indicator and all or some of the useful data, and/or one or more items of atomicity data and/or one or more items of control data depending on the form of realisation chosen.
  • the protection of the write counter and of the control data by a checksum guarantees the efficiency of the mechanism with any non volatile memory and for example with memory types other than EEPROM.

Abstract

The method according to this invention concerns a method to secure the write in storage means of an electronic assembly comprising information processing means, said method comprising an atomic write process to write data recorded in a write log. The method consists in checking a sequence of atomic writes in said storage means by setting in said write log one or more indicators in memory as proof of one of more successive writes recorded in said log. This invention also concerns the electronic module in which said method is implemented and the card comprising said module.

Description

METHOD TO SECURE WRITING IN MEMORY AGAINST ATTACKS BY
RADIATION OR OTHER MEANS
This invention concerns a method and a device to secure an electronic assembly implementing a program to be protected. More precisely, the purpose of the method is to propose a defence against attacks by radiation, flash, light, laser, glitch or other and more generally against any attack disturbing the execution of the program instructions. These attacks modify the instructions to be executed, resulting in non-execution or incorrect execution of certain parts of the program.
TECHNICAL FIELD
When a program is executed by a microprocessor, attacks for example by injecting faults via laser, glitch or electromagnetic radiation modify the instruction codes executed by the processor: the program instructions may be replaced by instructions producing a different effect. Consequently, a security processing sequence in an operating system for smart cards may be made inoperative by an attacker. Applied during an instruction sequence designed to write in non volatile memory of the card, these attacks may disable security writes used, for example, to count a number of incorrect authentications. Through this type of attack, the attacker also prevents the card from storing security-related events.
Amongst the known defences, one solution consists in setting flags in a byte of the RAM (Random Access Memory) at regular intervals and in checking, at a particular point in the execution of the software, that all flags which should be set have actually been set. Setting up this type of defence is tedious, however, since specific volatile memory areas must be allocated and processing added in the code to be protected, wherever this is required. In addition, since attacks of this type are becoming shorter and more precise, the known solutions are becoming less effective. Firstly, the attack may be too short to have any effect on the setting of flags: the flags in RAM may indicate to the program that all writes have been made correctly, even if this is not the case. Secondly, the flag verification software may itself be disturbed.
One purpose of this invention is to protect all writes contained in the program.
Another purpose of this invention is to propose efficient protection even for very short attacks.
SUMMARY OF THE INVENTION
This invention concerns a method to secure the write in storage means of an electronic assembly comprising information processing means, said method comprising an atomic write process to write data recorded in a write log, characterised in that it consists in checking a sequence of atomic writes in said storage means by setting in said write log one or more indicators in memory as proof of one of more successive writes recorded in said log.
This invention also concerns an electronic module in which said method is implemented, a card comprising said module and a program to implement said method.
BRIEF DESCRIPTION OF THE DRAWINGS
Other purposes, features and advantages of the invention will appear on reading the description which follows of the implementation of the method according to the invention and of a mode of realisation of an electronic system designed for this implementation, given as a non-limiting example, and referring to the attached drawings in which:
- figure 1 is a diagrammatic representation of an example of a device in which the method according to this invention is implemented; - figure 2 is a diagrammatic representation of the content of part of the memory of a device in which the known atomic write process is implemented;
- figure 3 is a graph representing the various steps of a known atomic write process;
- figure 4 is a graph representing the various steps of one form of realisation of the method according to this invention;
- figure 5 is a diagrammatic representation of the content of part of the memory of a device according to a first form of realisation in which the method according to this invention is implemented;
- figure 6 is a diagrammatic representation of the content of part of the memory of a device according to a second form of realisation in which the method according to this invention is implemented.
WAY OF REALISING THE INVENTION
The purpose of the method according to the invention is to secure an electronic assembly and for example a portable object such as a smart card implementing a program. The electronic assembly comprises at least processing means such as a processor and storage means such as a memory. The program to be secured is installed in the memory, for example ROM (Read Only Memory) type, of said assembly.
As a non-limiting example, the electronic assembly described below corresponds to an onboard system comprising an electronic module 1 illustrated on figure LThis type of module is generally realised as a monolithic integrated electronic microcircuit, or chip, which once physically protected by any known means can be assembled on a portable object such as for example a smart card, microcircuit or integrated circuit card (microprocessor card, etc.) or other card which can be used in various fields.
The electronic module 1 comprises a microprocessor CPU 3 with a two-way connection via an internal bus 5 to a non volatile memory 7 of type ROM, EEPROM (Electrical Erasable Programmable Read Only Memory), Flash, FeRam or other containing the program PRO 9 to be executed and a transaction buffer 10 containing a write log used for temporary data storage, a volatile memory 11 of type RAM, input/output means I/O 13 to communicate with the exterior.
The method according to the invention consists in checking that each write in non volatile memory while executing the program 9 is executed correctly.
The method according to the invention consists in checking the atomic write of data in non volatile memory by setting in a write log, when executing a program 9, an indicator in memory as proof of a write. The "write log" means the list of all write operations to be made atomically on the memory, the log containing control data and/or data to be written and/or any other type of information. A sequence of "atomic" writes means all writes recorded in the write log such that, if the log is validated (sequence closed), all the writes are made, even in the event of attack; if the log is not validated, none of said writes is made. According to this invention, writing the indicator in memory is made atomic with the write of the planned data in the write log.
Each write in the log and the indicator are atomic, so the fact that the proof indicator is in memory guarantees that the data has actually been written. By checking that the proof indicator is present, the program ensures a posteriori that the write was made. If the write was not made, various measures can then be taken, such as, for example, triggering by program 9 of a security defence, interruption of program execution or setting of a fraud indicator in non volatile memory 7 to indicate that a fraudulent attack has taken place and for example to prohibit any future use of the operating system.
The methods used to make several atomic writes in the memory and more especially in the non volatile memory 7 of a microprocessor card as an anti-tearing mechanism are known. They use for example, as shown on figure 2, the transaction buffer 10; the transaction buffer 10 is located in the non volatile memory 7 and acts as log for the writes to be made. The known atomic write process may consist of the following sequence (refer to figure 3):
After opening the atomic session (step A), for each write (step B), the process consists in creating (step C) an entry in the write log of the transaction buffer 10 comprising the control data (Control Data) (address
AdM , Adr2, Adr3 length of useful data, L1 , L2, L3 ) and the useful data (Data) (Datai , Data2, Data3, ...) (see figure 2).
When closing the atomic session (step D)1 the process validates the transaction buffer to indicate that it contains an atomic write sequence. The method then consists in reading (steps E, G) each entry in the log and making, then checking the corresponding write, repeating each incorrect write (step F). Then in step H, the method invalidates the transaction buffer to indicate that it contains no atomic write sequence.
If the writes of the atomic sequence are interrupted, the process resumes at step E as long as the transaction buffer has not been invalidated.
This type of atomic write process protects against an interruption in the atomic session in progress: it guarantees that either the writes recorded in the write log of the transaction buffer are ignored and none of the writes recorded is made if the session has not been closed; or all the writes recorded in the log of the transaction buffer are made if the session has been closed.
However, this type of process does not protect against disturbances in system operation which allow the session to continue: one of the writes planned in the atomic session could be prevented without being detected by the atomicity mechanism.
The method according to this invention therefore consists in combining the known atomic data write process with the write of a write indicator. The indicator is entered in the write log. The data and indicator writes are made atomic...
The mode of realisation of this invention described below and illustrated on figure 4 combines the atomicity process like that described above and a counter acting as indicator of the successive writes in non volatile memory during a command, and for example a counter of the number of writes which is incremented on each new write.
As shown on figure 5, according to one form of realisation of the invention, the value (Counter) of the write counter (C1 , C2, C3) in EEPROM is included in the block of control data of the write log of the atomicity process (Control Data). According to another form of realisation illustrated on figure 6, the value of the write counter is included in the atomicity data of the write log of the atomicity process (Atomicity Data). For each new write in the atomic session, the counter is incremented (step C- figure 4) and the control and atomicity data are updated in the same block, under the protection of a checksum (CKS1 , CKS2, CKS3 on figure 5 or CKS on figure 6, depending on the form of realisation) on part or all of the data (step C). The counter is incremented on each new write in the atomic session. The atomicity process guarantees that once the atomic session has been closed, all the writes recorded in the log will be made completely. This mode of realisation guarantees that each incrementation of the counter is atomic with the corresponding write in the log. When closing the atomic session in progress, each incrementation of the counter during the atomic session corresponds to a write actually made when closing the atomic session.
As shown on figure 4 therefore, after opening the atomic session, on each new write, i.e. on each new entry in the write log of the transaction buffer 10, the counter is incremented (step C). Depending on the form of realisation, the new value of the counter is written with the control data of the entry concerned (C1 , figure 5) or in the atomicity data (Ci, figure 6). The value of the counter before opening the atomic session is stored in the atomicity data (C, figure 6). When closing the atomic session, the value of the counter is compared with the expected value and if they match and the other checks planned in the known atomic write processes are also correct, the buffer is validated. The value of the counter C before opening the session is then assigned the value of the counter at closure.
This form of realisation implementing a counter provides a means of checking during program execution and/or when closing the atomic session that the writes planned in the log have been made by comparing the actual value of the counter with the expected value.
The method according to the invention consists in incrementing said counter and making each atomic write simultaneously. If an attack occurs during the write, the write will not be made correctly, the counter will not be incremented and the value of the counter will be different from the expected value; the attack is therefore detected and a specific action is carried out by the program or the processor. Two methods can be used to make the recording of a new write in the write log of the transaction buffer and the incrementation of the write counter in non volatile memory atomic: the counter is placed in the same block as all or some of the control and/or atomicity data and/or the useful data of the atomicity process; and/or the counter and all or some of the control and/or atomicity data and/or the useful data are protected by the same checksum which validates this write, either of the two methods alone is sufficient to guarantee atomicity. The writes in the non volatile memory 7 of type EEPROM generally encountered in smart cards, are made in blocks (usually 64 or 128 bytes). All the bytes programmed in a given block are written simultaneously, making the write of several bytes in the same block atomic. The programming duration is the same, whether for a single byte in the block or for all bytes in the block, of the order of 1 to 5 ms. This duration must be multiplied by the number of blocks to be written.
Atomicity can be achieved by using this intrinsic property of EEPROM. By placing the proof indicator of a write in the same block as the data to be written in the write log, if the proof indicator is present we can be certain that the data has actually been written.
Placing the write counter in the same block as the control and/or atomicity data and/or the useful data of the atomicity process helps improve the performance of the protection mechanism. No extra block writes are required, which helps to limit the number of writes.
The method according to the invention consists according to the second method in calculating a checksum (CKS1 , CKS2, CKS3 on figure 5, CKS on figure 6) on the value of the counter and on all or some of the control and/or atomicity data and/or the useful data and making the write in the log simultaneously and in writing the value obtained for the checksum in the log. The method according to the invention then consists in verifying the checksum by comparing it with the precalculated value written in memory. Note that the checksum may concern the indicator and all or some of the useful data, and/or one or more items of atomicity data and/or one or more items of control data depending on the form of realisation chosen. The protection of the write counter and of the control data by a checksum guarantees the efficiency of the mechanism with any non volatile memory and for example with memory types other than EEPROM.

Claims

1- Method to secure the write in storage means (7) of an electronic assembly comprising information processing means, said method comprising an atomic write process to write data recorded in a write log, characterised in that it consists in checking a sequence of atomic writes in said storage means by setting in said write log one or more indicators in memory as proof of one or more successive writes recorded in said log.
2- Method according to claim 1 , characterised in that it consists in making the write of the data in the log and that of the indicator are atomic.
3- Method according to claim 1 or 2, characterised in that it consists in protecting said indicator and the data in the write log with the same checksum when writing said indicator and said data.
4- Method according to one of claims 1 to 3, characterised in that the atomicity of the writes is increased by using a property of some memories according to which the writes are made in blocks, said indicator being placed in the same block as the data to be written in the log.
5- Method according to one of claims 1 to 4, characterised in that it consists in setting said indicator by incrementing a counter on each new write.
6- Method according to claim 5, characterised in that it consists in placing the value of said counter in the same block of data to be written as the control and/or atomicity data and/or the useful data of the write log.
7- Method according to one of claims 1 to 6, characterised in that it consists in triggering an action if the write of said data is not made. 8- Electronic module including information processing means and storage means containing a program to be executed and a write log recording the writes of an atomic write process, characterised in that the information processing means include means, when executing the program, to set in said write log one or more indicators in memory as proof of one or more successive writes recorded in said log.
9- Card characterised in that it comprises the electronic module according to claim 8.
10- Computer program comprising program code instructions to execute the steps of the method according to one of claims 1 to 7 when said program is run in an electronic assembly.
PCT/IB2005/003476 2004-12-13 2005-11-21 Method to secure writing in memory against attacks by radiation or other means WO2006064318A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP04292970.3 2004-12-13
EP04292970A EP1670000A1 (en) 2004-12-13 2004-12-13 Method for securing writing in memory against attacks by rays or other methods

Publications (1)

Publication Number Publication Date
WO2006064318A1 true WO2006064318A1 (en) 2006-06-22

Family

ID=34931596

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2005/003476 WO2006064318A1 (en) 2004-12-13 2005-11-21 Method to secure writing in memory against attacks by radiation or other means

Country Status (2)

Country Link
EP (1) EP1670000A1 (en)
WO (1) WO2006064318A1 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8468294B2 (en) 2009-12-18 2013-06-18 Sandisk Technologies Inc. Non-volatile memory with multi-gear control using on-chip folding of data
US8842473B2 (en) 2012-03-15 2014-09-23 Sandisk Technologies Inc. Techniques for accessing column selecting shift register with skipped entries in non-volatile memories
US8897080B2 (en) 2012-09-28 2014-11-25 Sandisk Technologies Inc. Variable rate serial to parallel shift register
US9076506B2 (en) 2012-09-28 2015-07-07 Sandisk Technologies Inc. Variable rate parallel to serial shift register
US9224502B1 (en) 2015-01-14 2015-12-29 Sandisk Technologies Inc. Techniques for detection and treating memory hole to local interconnect marginality defects
US9269446B1 (en) 2015-04-08 2016-02-23 Sandisk Technologies Inc. Methods to improve programming of slow cells
US9342446B2 (en) 2011-03-29 2016-05-17 SanDisk Technologies, Inc. Non-volatile memory system allowing reverse eviction of data updates to non-volatile binary cache
US9490035B2 (en) 2012-09-28 2016-11-08 SanDisk Technologies, Inc. Centralized variable rate serializer and deserializer for bad column management
US9564219B2 (en) 2015-04-08 2017-02-07 Sandisk Technologies Llc Current based detection and recording of memory hole-interconnect spacing defects
US9748001B2 (en) 2009-07-06 2017-08-29 Sandisk Technologies Llc Bad column management with bit information in non-volatile memory systems
US9934872B2 (en) 2014-10-30 2018-04-03 Sandisk Technologies Llc Erase stress and delta erase loop count methods for various fail modes in non-volatile memory
US10032524B2 (en) 2015-02-09 2018-07-24 Sandisk Technologies Llc Techniques for determining local interconnect defects

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4507751A (en) * 1982-06-21 1985-03-26 International Business Machines Corporation Method and apparatus for logging journal data using a log write ahead data set
US5532463A (en) * 1993-05-26 1996-07-02 Solaic (Societe Anonyme) Process for making secure the writing of sensitive data into the EEPROM data storage memory of a memory card and a memory card for use in the process
FR2742893A1 (en) * 1995-12-20 1997-06-27 Schlumberger Ind Sa Writing to re-writable memory e.g. memory card, smart card or non-contact card
US5715431A (en) * 1993-04-13 1998-02-03 Mondex International Limited Tamper proof security measure in data writing to non-volatile memory

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4507751A (en) * 1982-06-21 1985-03-26 International Business Machines Corporation Method and apparatus for logging journal data using a log write ahead data set
US5715431A (en) * 1993-04-13 1998-02-03 Mondex International Limited Tamper proof security measure in data writing to non-volatile memory
US5532463A (en) * 1993-05-26 1996-07-02 Solaic (Societe Anonyme) Process for making secure the writing of sensitive data into the EEPROM data storage memory of a memory card and a memory card for use in the process
FR2742893A1 (en) * 1995-12-20 1997-06-27 Schlumberger Ind Sa Writing to re-writable memory e.g. memory card, smart card or non-contact card

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"WRITE ATOMICITY WITH STORAGE HARDWARE", IBM TECHNICAL DISCLOSURE BULLETIN, IBM CORP. NEW YORK, US, vol. 33, no. 2, 1 July 1990 (1990-07-01), pages 422 - 425, XP000123669, ISSN: 0018-8689 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9748001B2 (en) 2009-07-06 2017-08-29 Sandisk Technologies Llc Bad column management with bit information in non-volatile memory systems
US8468294B2 (en) 2009-12-18 2013-06-18 Sandisk Technologies Inc. Non-volatile memory with multi-gear control using on-chip folding of data
US9342446B2 (en) 2011-03-29 2016-05-17 SanDisk Technologies, Inc. Non-volatile memory system allowing reverse eviction of data updates to non-volatile binary cache
US8842473B2 (en) 2012-03-15 2014-09-23 Sandisk Technologies Inc. Techniques for accessing column selecting shift register with skipped entries in non-volatile memories
US8897080B2 (en) 2012-09-28 2014-11-25 Sandisk Technologies Inc. Variable rate serial to parallel shift register
US9076506B2 (en) 2012-09-28 2015-07-07 Sandisk Technologies Inc. Variable rate parallel to serial shift register
US9490035B2 (en) 2012-09-28 2016-11-08 SanDisk Technologies, Inc. Centralized variable rate serializer and deserializer for bad column management
US9934872B2 (en) 2014-10-30 2018-04-03 Sandisk Technologies Llc Erase stress and delta erase loop count methods for various fail modes in non-volatile memory
US9224502B1 (en) 2015-01-14 2015-12-29 Sandisk Technologies Inc. Techniques for detection and treating memory hole to local interconnect marginality defects
US10032524B2 (en) 2015-02-09 2018-07-24 Sandisk Technologies Llc Techniques for determining local interconnect defects
US9269446B1 (en) 2015-04-08 2016-02-23 Sandisk Technologies Inc. Methods to improve programming of slow cells
US9564219B2 (en) 2015-04-08 2017-02-07 Sandisk Technologies Llc Current based detection and recording of memory hole-interconnect spacing defects

Also Published As

Publication number Publication date
EP1670000A1 (en) 2006-06-14

Similar Documents

Publication Publication Date Title
WO2006064318A1 (en) Method to secure writing in memory against attacks by radiation or other means
JP5114617B2 (en) Secure terminal, program, and method for protecting private key
US6202176B1 (en) Method of monitoring the correct execution of software programs
US6453397B1 (en) Single chip microcomputer internally including a flash memory
US20080022396A1 (en) Memory data protection device and IC card LSI
US20080181407A1 (en) Method for protecting a control device against manipulation
US8375253B2 (en) Detection of a fault by long disturbance
CN105718208A (en) Design method for Flash program memory protection and hardware implementation device
US20060289656A1 (en) Portable electronic apparatus and data output method therefor
EP1739519A1 (en) Method to secure the execution of a program against attacks by radiation or other
US7207066B2 (en) Method for protecting a microcomputer system against manipulation of data stored in a storage arrangement of the microcomputer system
RU2467390C2 (en) Method and apparatus for safe storage and safe reading of useful data
KR930004944B1 (en) Memory system
CN112149065B (en) Software defense fault injection method
JPH1083294A (en) Operating method for controller equipped with storage device programmable through programming device
CN104573509A (en) System time protection method and system time protection device
US20190212930A1 (en) Data storage chip and data access method
US7806319B2 (en) System and method for protection of data contained in an integrated circuit
CN113434247B (en) Safety protection method for JAVA card virtual machine
CN112970019A (en) Apparatus and method for enhancing hardware assisted memory security
CN113626805B (en) Buffer overflow attack defense method and system based on RISC-V and unexecutable memory
CN116628767B (en) Method for preventing flash system firmware attack after system start and flash controller
WO2006090231A2 (en) Method to secure writing in memory against attacks by radiation or other
CN116186798A (en) MCU firmware safety protection system and method, electronic equipment and storage medium
EP2256658A1 (en) Method of executing an application embedded in a portable electronic device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05803775

Country of ref document: EP

Kind code of ref document: A1