[go: up one dir, main page]

US20190050297A1 - Memory devices and systems with security capabilities - Google Patents

Memory devices and systems with security capabilities Download PDF

Info

Publication number
US20190050297A1
US20190050297A1 US16/164,332 US201816164332A US2019050297A1 US 20190050297 A1 US20190050297 A1 US 20190050297A1 US 201816164332 A US201816164332 A US 201816164332A US 2019050297 A1 US2019050297 A1 US 2019050297A1
Authority
US
United States
Prior art keywords
memory
measured value
expected value
value
accord
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US16/164,332
Inventor
Antonino Mondello
Lance W. Dover
Fabio Indelicato
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Micron Technology Inc
Original Assignee
Micron Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Micron Technology Inc filed Critical Micron Technology Inc
Priority to US16/164,332 priority Critical patent/US20190050297A1/en
Assigned to MICRON TECHNOLOGY, INC. reassignment MICRON TECHNOLOGY, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: DOVER, LANCE W., INDELICATO, FABIO, MONDELLO, ANTONINO
Assigned to MORGAN STANLEY SENIOR FUNDING, INC., AS COLLATERAL AGENT reassignment MORGAN STANLEY SENIOR FUNDING, INC., AS COLLATERAL AGENT SUPPLEMENT NO. 11 TO PATENT SECURITY AGREEMENT Assignors: MICRON TECHNOLOGY, INC.
Assigned to JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT reassignment JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT SUPPLEMENT NO. 2 TO PATENT SECURITY AGREEMENT Assignors: MICRON TECHNOLOGY, INC.
Publication of US20190050297A1 publication Critical patent/US20190050297A1/en
Assigned to MICRON TECHNOLOGY, INC. reassignment MICRON TECHNOLOGY, INC. RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS). Assignors: MORGAN STANLEY SENIOR FUNDING, INC., AS COLLATERAL AGENT
Assigned to MICRON TECHNOLOGY, INC. reassignment MICRON TECHNOLOGY, INC. RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS). Assignors: JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • G06F11/1461Backup scheduling policy
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/1666Error detection or correction of the data by redundancy in hardware where the redundant component is memory or memory area
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2201/00Indexing scheme relating to error detection, to error correction, and to monitoring
    • G06F2201/83Indexing scheme relating to error detection, to error correction, and to monitoring the solution involving signatures

Definitions

  • the present disclosure is related to memory devices and systems.
  • the present disclosure is related to nonvolatile memory having security hardware capable of verifying the genuineness of its memory content.
  • a computer system Upon system boot, reset, and shutdown, a computer system executes one or more routines to self-test, identify, initialize, and/or disable devices, memory, and other components of the system.
  • Computer systems typically store these routines in nonvolatile memory and implicitly trust their genuineness. As a result, corrupted routines, such as those created by malicious programmers, can exploit this trust to corrupt the computer system.
  • a dedicated microprocessor e.g., a secured cryptoprocessor
  • the dedicated microprocessor may perform this authentication for several hardware devices, memory, and other components across the computer system.
  • the dedicated microprocessor must use the computer system bus to send and receive authentication data. This opens the computer system up to “man in the middle” or “bus sniffing” attacks, wherein the valid authentication data could be read from the system bus, altered, and/or replaced with falsified data.
  • FIG. 1 is a block diagram of a system having a memory device configured in accordance with an embodiment of the present technology.
  • FIG. 2 is a flow diagram illustrating a routine that is executed, at least in part, by a nonvolatile memory device in accordance with an embodiment of the present technology.
  • FIG. 3 is a schematic view of a system that includes a memory device in accordance with embodiments of the present technology.
  • the technology disclosed herein relates to nonvolatile memory configured to verify the genuineness of its memory content.
  • a person skilled in the art will understand that the technology may have additional embodiments and that the technology may be practiced without several of the details of the embodiments described below with reference to FIGS. 1-3 .
  • the memory devices are primarily described in the context of devices incorporating NAND-based storage media (e.g., NAND flash).
  • Memory devices configured in accordance with other embodiments of the present technology, however, can include other types of memory devices (e.g., 3D-NAND, phase change memory, ferroelectric, etc.) and/or can include main memories that are not NAND-based (e.g., NOR-based) or only partially NAND-based.
  • 3D-NAND 3D-NAND
  • phase change memory ferroelectric, etc.
  • main memories that are not NAND-based (e.g., NOR-based) or only partially NAND-based.
  • a central processing unit controls operations of the various components of the system, including its nonvolatile memory.
  • the CPU executes one or more routines stored in the nonvolatile memory.
  • these routines can instruct the CPU and/or a dedicated microprocessor to carry out an authentication procedure to reduce the likelihood that the CPU will execute malicious, defective, or otherwise corrupted code.
  • these routines can instruct the CPU and/or the dedicated microprocessor to take a measurement of the contents of all or a subset of the memory content of the nonvolatile memory device to compare this measurement with an expected value.
  • the CPU and/or the dedicated microprocessor can determine whether or not to trust the memory content based on whether the measurement and the expected value accord with one another.
  • the CPU and/or the dedicated microprocessor executes the authentication procedure does not mean that the routines are necessarily trustworthy. For example, one or more of the routines can be corrupted such that it instructs or causes the CPU and/or the dedicated microprocessor to bypass the authentication procedure altogether.
  • the CPU and the dedicated microprocessor use the system bus to send and receive authentication data, the authentication procedures can be circumvented and/or otherwise thwarted by “man in the middle” or “bus sniffing” attacks.
  • Nonvolatile memory configured in accordance with several embodiments of the present technology, however, address these and other limitations of conventional computer systems.
  • One embodiment of the present technology is a memory device comprising a controller, security hardware, and a main memory.
  • the main memory includes a plurality of memory regions and at least one reserved memory region.
  • the security hardware and/or the controller are configured to (1) take a measurement of memory content stored in the plurality of memory regions to obtain a measured value, (2) compare the measured value to an expected value, and (3) replace the memory content with a genuine backup of the memory content stored in the at least one reserved memory region if the measured value and the expected value are not in accord.
  • Incorporating security functionality into the memory device provides several advantages over conventional computer systems.
  • First, embedding security hardware into the memory device that is capable of internally performing memory content measurements and internally evaluating the genuineness of the memory content avoids the transmission of authentication data over the system bus. This reduces the likelihood that the computer system will be compromised by “man in the middle” or “bus sniffing” attacks.
  • Second, system board design efforts and costs are reduced by embedding security facilities in a device that is already part of the system board and reducing the bill of materials (BOM) of the board.
  • Third, embedding security facilities in the memory device reduces the workload of the host device controller and the system bus.
  • Fourth, providing the memory device with dedicated security hardware increases the speed and performance of the computer system, as hardware implementation of cryptographic functions can be one or more orders of magnitude (e.g., 10 to 100 times) faster than software implementation thereof.
  • FIG. 1 is a block diagram of a system 101 having a memory device 100 configured in accordance with an embodiment of the present technology.
  • the memory device 100 includes a main memory 102 and a controller 106 operably coupling the main memory 102 to a host device 108 (e.g., an upstream central processor (CPU)).
  • the memory device 100 further includes security hardware 104 operably coupled to the controller 106 and to the main memory 102 via security data bus 116 and memory data bus 117 , respectively.
  • the main memory 102 includes a plurality of memory regions, or memory units 120 , which include a plurality of memory cells 122 .
  • Memory units 120 can be individual memory dies, memory planes in a single memory die, a stack of memory dies vertically connected with through-silicon vias (TSVs), or the like.
  • each of the memory units 120 can be formed from a semiconductor die and arranged with other memory unit dies in a single device package (not shown).
  • one or more of the memory units 120 can be co-located on a single die and/or distributed across multiple device packages.
  • the memory cells 122 can include, for example, NAND flash and/or other suitable storage elements (e.g., NOR flash, read only memory (ROM), electrically erasable programmable ROM EEPROM, erasable programmable ROM (EPROM), ferroelectric, magnetoresistive, phase change memory, etc.) configured to store data persistently or semi-persistently.
  • NAND flash and/or other suitable storage elements (e.g., NOR flash, read only memory (ROM), electrically erasable programmable ROM EEPROM, erasable programmable ROM (EPROM), ferroelectric, magnetoresistive, phase change memory, etc.) configured to store data persistently or semi-persistently.
  • the main memory 102 and/or the individual memory units 120 can also include other circuit components (not shown) (e.g., memory subsystems), such as multiplexers, decoders, buffers, read/write drivers, address registers, data out/data in registers, etc., for accessing and/or programming (e.g., writing) the memory cells 122 and other functionality, such as for processing information and/or communicating with the controller 106 .
  • other circuit components e.g., memory subsystems
  • circuit components e.g., memory subsystems
  • multiplexers e.g., decoders, buffers, read/write drivers, address registers, data out/data in registers, etc.
  • programming e.g., writing
  • the main memory 102 further includes a reserved memory region 112 .
  • the reserved memory region 112 can be located on the same memory die as an individual memory unit 120 .
  • the reserved memory region 112 can be an individual memory die; memory planes in a single memory die; a stack of memory dies vertically connected with TSVs, or the like; formed from a semiconductor die and arranged with other reserved memory regions in a single device package (not shown); and/or distributed across multiple device packages.
  • the reserved memory region 112 may correspond to a single memory unit 120 or to multiple memory units, including memory units on different die.
  • the reserved memory region 112 can include a plurality of NAND-based memory cells, such as the memory cells 122 . In other embodiments, the reserved memory region 112 can include NOR-based, read only, or other suitable memory cells that differ from the memory cells 122 . As discussed in greater detail below, the restricted memory region 112 stores backups of genuine routines, firmware, and/or other data of the memory device 100 (e.g., of the memory units 120 ) and/or of the system 101 . For this reason, the address of the reserved memory region 112 , in some embodiments, can be restricted or otherwise hidden from the controller 106 and/or from the host device 108 .
  • the address of the reserved memory region 112 can be accessed only when the memory device 100 (e.g., the security hardware 104 and/or the controller 106 ) determines one or more routines, firmware, and/or other data has been unexpectedly modified and/or otherwise corrupted.
  • the addressing scheme for reading from and/or programming (e.g., writing) to the reserved memory region 112 can be different than the addressing scheme for reading from and/or programming to other memory regions within the main memory 102 .
  • only hardware components e.g., the security hardware 104 and/or the controller 106 ) capable of accommodating the different addressing scheme of the reserved memory region 112 are capable of reading from and/or programming to the reserved memory region 112 .
  • the controller 106 can be a microcontroller, special purpose logic circuitry (e.g., a field programmable gate array (FPGA), an application specific integrated circuit (ASIC), etc.), or other suitable processor.
  • the controller 106 can include a processor 110 configured to execute instructions stored in memory.
  • the memory of the controller 106 includes an embedded memory 132 configured to store various processes, logic flows, and routines for controlling operation of the memory device 100 , including managing the main memory 102 and handling communications between the memory device 100 and the host device 108 .
  • the embedded memory 132 can include memory registers storing, e.g., memory pointers, fetched data, etc.
  • the embedded memory 132 can also include read-only memory (ROM) for storing micro-code.
  • the controller 106 can directly read, write, or otherwise program (e.g., erase) the various memory regions of the main memory 102 , such as by reading from and/or writing to groups of memory cells 122 (e.g., memory pages and/or memory blocks 128 ).
  • groups of memory cells 122 e.g., memory pages and/or memory blocks 128 .
  • the controller 106 communicates with the host device 108 over a system bus 115 .
  • the host device 108 and the controller 106 can communicate over a serial interface, such as a serial attached SCSI (SAS), a serial AT attachment (SATA) interface, a peripheral component interconnect express (PCIe), or other suitable interface (e.g., a parallel interface).
  • SAS serial attached SCSI
  • SATA serial AT attachment
  • PCIe peripheral component interconnect express
  • the host device 108 can send various requests (in the form of, e.g., a packet or stream of packets) to the controller 106 .
  • a request can include a command to write, erase, return information, and/or to perform a particular operation (e.g., a TRIM operation).
  • the security hardware 104 can include components necessary to perform internal memory content measurements (e.g., without using the system bus 115 ) and/or to cryptographically sign messages sent to the host device 108 .
  • the security hardware 104 can include a secure hash algorithm engine to perform secure hash algorithms (SHAs) (e.g., SHA-2) and/or other hash calculations (e.g., using hash-based message authentication code (HMAC)).
  • SHAs secure hash algorithms
  • HMAC hash-based message authentication code
  • the security hardware 104 can include one or more security registers to store volatile parameters (e.g., customer secret keys, unique device identifiers (UIDs), golden measurements of the memory array, etc.) and/or nonvolatile parameters (e.g., session keys).
  • the security hardware 104 can also include nonvolatile monotonic counters to implement secure commands and to provide data exchange protection between the memory device 100 and the host device 108 (e.g., by guaranteeing anti-replay strength). Therefore, in the embodiment illustrated in FIG. 1 , the memory device 100 is capable of implementing the trusted platform module (TPM) specification of the Trusted Computing Group®. In another embodiment, the memory device 100 can operate based on proprietary, application specific, or other suitable procedures. For example, the security hardware 104 can be suited for mobile devices in general or for a particular mobile device type or device manufacturer. Although shown as stand-alone hardware in the embodiment illustrated schematically in FIG. 1 , the security hardware 104 (e.g., in part or in entirety) can be embedded into the controller 106 and/or into the main memory 102 in other embodiments.
  • TPM trusted platform module
  • FIG. 2 is a flow diagram illustrating a routine 240 that is executed, at least in part, by a memory device (e.g., memory device 100 ; FIG. 1 ) in accordance with an embodiment of the present technology.
  • the routine 240 starts when it receives a command (e.g., from the host device 108 ; FIG. 1 ).
  • the routine 240 can begin when it receives a power on, power off, and/or reset command from the host device 108 .
  • the memory device 100 e.g., the controller 106 ; FIG. 1
  • the routine 240 instructs the memory device 100 (e.g., the controller 106 and/or the security hardware 104 ; FIG. 1 ) to measure at least a portion of its memory content.
  • the routine 240 can instruct the memory device 100 to measure the memory content of the startup, shutdown, and/or reset routines by calculating or otherwise obtaining a measured value (e.g., hash value) corresponding to the memory content.
  • the memory device 100 e.g., the controller 106
  • control logic can store the current core memory address of the memory content to be measured, translate the core memory address into an address of appropriate length for the security hardware 104 , and manage read timing through the SHA engine of the security hardware 104 .
  • control logic and/or components of the control logic e.g., the buffer
  • the control logic and/or components of the control logic can be omitted, for example, when low data throughput is acceptable and/or when the memory bus throughput and the security bus throughput align.
  • the routine 240 compares an expected value, such as a golden hash value (e.g., stored in security registers of the security hardware 104 ), to the measured value obtained from the measurement of the memory content to determine whether the memory device 100 is trustworthy (e.g., whether the startup, shutdown, and/or reset routines have been unexpectedly modified or otherwise corrupted). If the routine 240 determines that the expected value and the measured value are in accord, the routine 240 can proceed to block 247 to direct the memory device 100 to cryptographically sign the measured value.
  • an expected value such as a golden hash value (e.g., stored in security registers of the security hardware 104 )
  • the routine 240 can proceed to block 247 to direct the memory device 100 to cryptographically sign the measured value.
  • the routine 240 can direct the memory device 100 to send the signed measured value and/or other authentication information to the host device 108 over the system bus (e.g., system bus 115 ; FIG. 1 ).
  • the routine 240 can also restore access of the main memory 102 (e.g., of the startup, shutdown, and/or reset routines) to the host device 108 .
  • the routine 240 can flag the memory device 100 (e.g., the memory content of the main memory 102 ) as untrustworthy and/or can proceed to carry out other remedial measures at block 246 .
  • the routine 240 can access a reserved memory region of the main memory 102 (e.g., reserved memory region 112 ; FIG. 1 ) to replace the unexpectedly modified or otherwise corrupted memory content with a backup of genuine memory content (e.g., genuine routines, firmware, and/or other data) of the memory device 100 and/or of the computer system (e.g., system 101 ; FIG. 1 ).
  • genuine memory content e.g., genuine routines, firmware, and/or other data
  • the routine 240 can instruct the memory device 100 (e.g., the controller 106 and/or the security hardware 104 ) to measure the backup of the memory content, calculate a corresponding measured value, and compare the corresponding measured value to an expected value before replacing the unexpectedly modified or otherwise corrupted memory content with the backup of the memory content stored in the reserved memory region 112 .
  • the corresponding measured value of the backup of the memory content can be compared to an expected value (e.g., a value unique to the reserved memory region 112 ) that is different than the expected value used in the comparison at blocks 244 and 245 above.
  • the corresponding measured value of the backup of the memory content can be compared to an expected value that is equivalent (e.g., the same) as the expected value used in the comparison at blocks 244 and 245 above. If the routine 240 determines that the backup of the memory content stored in the reserved memory region 112 has itself been unexpectedly modified or otherwise corrupted, the routine 240 can perform other remedial measures. For example, the routine 240 can direct the memory device 100 to enter a safe mode and/or to send a warning to a user (e.g., a system administrator) of a potential problem. In response to this warning, the user can have the option to correct the problem or to exit out of the safe mode and ignore the warning.
  • a user e.g., a system administrator
  • the host device 108 can request for the memory device 100 to load the untrustworthy memory content of the main memory 102 .
  • the routine 240 can block the host device 108 from accessing (e.g., reading and/or programming) the untrustworthy memory content of the memory device 100 but can otherwise restore access of the main memory 102 to the host device 108 .
  • the memory device 100 in response to read and/or programming requests from the host device 108 , can return static values, such as 0x00 or 0xFF, rather than the information requested by the host device 108 .
  • FIG. 3 is a schematic view of a system that includes a memory device in accordance with embodiments of the present technology. Any one of the foregoing memory devices described above with reference to FIGS. 1-2 can be incorporated into any of a myriad of larger and/or more complex systems, a representative example of which is system 390 shown schematically in FIG. 3 .
  • the system 390 can include a semiconductor device assembly 300 , a power source 392 , a driver 394 , a processor 396 , and/or other subsystems and components 398 .
  • the semiconductor device assembly 300 can include features generally similar to those of the memory device described above with reference to FIGS. 1-2 , and can, therefore, include various features of memory content authentication.
  • the resulting system 390 can perform any of a wide variety of functions, such as memory storage, data processing, and/or other suitable functions. Accordingly, representative systems 390 can include, without limitation, hand-held devices (e.g., mobile phones, tablets, digital readers, and digital audio players), computers, vehicles, appliances, and other products. Components of the system 390 may be housed in a single unit or distributed over multiple, interconnected units (e.g., through a communications network). The components of the system 390 can also include remote devices and any of a wide variety of computer readable media.
  • hand-held devices e.g., mobile phones, tablets, digital readers, and digital audio players
  • computers vehicles, appliances, and other products.
  • Components of the system 390 may be housed in a single unit or distributed over multiple, interconnected units (e.g., through a communications network).
  • the components of the system 390 can also include remote devices and any of a wide variety of computer readable media.
  • routine 240 illustrated in FIG. 2 is not limited to startup, shutdown, and/or reset routines and can be carried out to authenticate other system components and/or memory content corresponding to other hardware devices, memory, and routines.
  • certain aspects of the new technology described in the context of particular embodiments may also be combined or eliminated in other embodiments.
  • advantages associated with certain embodiments of the new technology have been described in the context of those embodiments, other embodiments may also exhibit such advantages and not all embodiments need necessarily exhibit such advantages to fall within the scope of the technology. Accordingly, the disclosure and associated technology can encompass other embodiments not expressly shown or described.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)

Abstract

Several embodiments of systems incorporating memory devices are disclosed herein. In one embodiment, a memory device can include a controller, a main memory operably coupled to the controller, and security hardware operably coupled to the controller and to the main memory. The main memory can include a plurality of memory regions and at least one reserved memory region configured to store genuine backups of memory content stored in the plurality of memory regions. In operation, the security hardware is configured to measure memory content of the plurality of memory regions before startup, shutdown, and reset of the memory device; compare the measured value to an expected value; and direct the controller to replace the memory content with a genuine backup of the memory content stored in the at least one reserved memory region if the measured value and the expected value are not in accord.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation of U.S. application Ser. No. 15/632,907, filed Jun. 26, 2017, which is incorporated herein by reference in its entirety.
    • TECHNICAL FIELD
  • The present disclosure is related to memory devices and systems. In particular, the present disclosure is related to nonvolatile memory having security hardware capable of verifying the genuineness of its memory content.
    • BACKGROUND
  • Upon system boot, reset, and shutdown, a computer system executes one or more routines to self-test, identify, initialize, and/or disable devices, memory, and other components of the system. Computer systems typically store these routines in nonvolatile memory and implicitly trust their genuineness. As a result, corrupted routines, such as those created by malicious programmers, can exploit this trust to corrupt the computer system.
  • To identify corrupted routines before they affect the computer system, several systems include a dedicated microprocessor (e.g., a secured cryptoprocessor) to authenticate (e.g., using cryptographic keys) system hardware devices, memory, and other components and their corresponding routines before allowing them to communicate and interact with the remainder of the computer system. The dedicated microprocessor may perform this authentication for several hardware devices, memory, and other components across the computer system. Thus, the dedicated microprocessor must use the computer system bus to send and receive authentication data. This opens the computer system up to “man in the middle” or “bus sniffing” attacks, wherein the valid authentication data could be read from the system bus, altered, and/or replaced with falsified data.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a block diagram of a system having a memory device configured in accordance with an embodiment of the present technology.
  • FIG. 2 is a flow diagram illustrating a routine that is executed, at least in part, by a nonvolatile memory device in accordance with an embodiment of the present technology.
  • FIG. 3 is a schematic view of a system that includes a memory device in accordance with embodiments of the present technology.
    •  DETAILED DESCRIPTION
  • As discussed in greater detail below, the technology disclosed herein relates to nonvolatile memory configured to verify the genuineness of its memory content. A person skilled in the art, however, will understand that the technology may have additional embodiments and that the technology may be practiced without several of the details of the embodiments described below with reference to FIGS. 1-3. In the illustrated embodiments below, the memory devices are primarily described in the context of devices incorporating NAND-based storage media (e.g., NAND flash). Memory devices configured in accordance with other embodiments of the present technology, however, can include other types of memory devices (e.g., 3D-NAND, phase change memory, ferroelectric, etc.) and/or can include main memories that are not NAND-based (e.g., NOR-based) or only partially NAND-based.
  • In conventional computer systems, a central processing unit (CPU) controls operations of the various components of the system, including its nonvolatile memory. When the system is powered on, powered off, or reset the CPU executes one or more routines stored in the nonvolatile memory. In some instances, these routines can instruct the CPU and/or a dedicated microprocessor to carry out an authentication procedure to reduce the likelihood that the CPU will execute malicious, defective, or otherwise corrupted code. As part of the authentication procedure, these routines can instruct the CPU and/or the dedicated microprocessor to take a measurement of the contents of all or a subset of the memory content of the nonvolatile memory device to compare this measurement with an expected value. In this manner, the CPU and/or the dedicated microprocessor can determine whether or not to trust the memory content based on whether the measurement and the expected value accord with one another. However, simply because the CPU and/or the dedicated microprocessor executes the authentication procedure does not mean that the routines are necessarily trustworthy. For example, one or more of the routines can be corrupted such that it instructs or causes the CPU and/or the dedicated microprocessor to bypass the authentication procedure altogether. Similarly, as discussed above, because the CPU and the dedicated microprocessor use the system bus to send and receive authentication data, the authentication procedures can be circumvented and/or otherwise thwarted by “man in the middle” or “bus sniffing” attacks. Nonvolatile memory configured in accordance with several embodiments of the present technology, however, address these and other limitations of conventional computer systems.
  • One embodiment of the present technology is a memory device comprising a controller, security hardware, and a main memory. The main memory includes a plurality of memory regions and at least one reserved memory region. The security hardware and/or the controller are configured to (1) take a measurement of memory content stored in the plurality of memory regions to obtain a measured value, (2) compare the measured value to an expected value, and (3) replace the memory content with a genuine backup of the memory content stored in the at least one reserved memory region if the measured value and the expected value are not in accord.
  • Incorporating security functionality into the memory device provides several advantages over conventional computer systems. First, embedding security hardware into the memory device that is capable of internally performing memory content measurements and internally evaluating the genuineness of the memory content avoids the transmission of authentication data over the system bus. This reduces the likelihood that the computer system will be compromised by “man in the middle” or “bus sniffing” attacks. Second, system board design efforts and costs are reduced by embedding security facilities in a device that is already part of the system board and reducing the bill of materials (BOM) of the board. Third, embedding security facilities in the memory device reduces the workload of the host device controller and the system bus. Fourth, providing the memory device with dedicated security hardware increases the speed and performance of the computer system, as hardware implementation of cryptographic functions can be one or more orders of magnitude (e.g., 10 to 100 times) faster than software implementation thereof.
  • FIG. 1 is a block diagram of a system 101 having a memory device 100 configured in accordance with an embodiment of the present technology. As shown, the memory device 100 includes a main memory 102 and a controller 106 operably coupling the main memory 102 to a host device 108 (e.g., an upstream central processor (CPU)). The memory device 100 further includes security hardware 104 operably coupled to the controller 106 and to the main memory 102 via security data bus 116 and memory data bus 117, respectively. The main memory 102 includes a plurality of memory regions, or memory units 120, which include a plurality of memory cells 122. Memory units 120 can be individual memory dies, memory planes in a single memory die, a stack of memory dies vertically connected with through-silicon vias (TSVs), or the like. In one embodiment, each of the memory units 120 can be formed from a semiconductor die and arranged with other memory unit dies in a single device package (not shown). In other embodiments, one or more of the memory units 120 can be co-located on a single die and/or distributed across multiple device packages. The memory cells 122 can include, for example, NAND flash and/or other suitable storage elements (e.g., NOR flash, read only memory (ROM), electrically erasable programmable ROM EEPROM, erasable programmable ROM (EPROM), ferroelectric, magnetoresistive, phase change memory, etc.) configured to store data persistently or semi-persistently. The main memory 102 and/or the individual memory units 120 can also include other circuit components (not shown) (e.g., memory subsystems), such as multiplexers, decoders, buffers, read/write drivers, address registers, data out/data in registers, etc., for accessing and/or programming (e.g., writing) the memory cells 122 and other functionality, such as for processing information and/or communicating with the controller 106.
  • As shown in the illustrated embodiment, the main memory 102 further includes a reserved memory region 112. In some embodiments, the reserved memory region 112 can be located on the same memory die as an individual memory unit 120. In other embodiments and similar to the memory units 120, the reserved memory region 112 can be an individual memory die; memory planes in a single memory die; a stack of memory dies vertically connected with TSVs, or the like; formed from a semiconductor die and arranged with other reserved memory regions in a single device package (not shown); and/or distributed across multiple device packages. In these and still other embodiments, the reserved memory region 112 may correspond to a single memory unit 120 or to multiple memory units, including memory units on different die. The reserved memory region 112 can include a plurality of NAND-based memory cells, such as the memory cells 122. In other embodiments, the reserved memory region 112 can include NOR-based, read only, or other suitable memory cells that differ from the memory cells 122. As discussed in greater detail below, the restricted memory region 112 stores backups of genuine routines, firmware, and/or other data of the memory device 100 (e.g., of the memory units 120) and/or of the system 101. For this reason, the address of the reserved memory region 112, in some embodiments, can be restricted or otherwise hidden from the controller 106 and/or from the host device 108. In these and other embodiments, the address of the reserved memory region 112 can be accessed only when the memory device 100 (e.g., the security hardware 104 and/or the controller 106) determines one or more routines, firmware, and/or other data has been unexpectedly modified and/or otherwise corrupted. In these and still other embodiments, the addressing scheme for reading from and/or programming (e.g., writing) to the reserved memory region 112 can be different than the addressing scheme for reading from and/or programming to other memory regions within the main memory 102. Thus, in these embodiments, only hardware components (e.g., the security hardware 104 and/or the controller 106) capable of accommodating the different addressing scheme of the reserved memory region 112 are capable of reading from and/or programming to the reserved memory region 112.
  • The controller 106 can be a microcontroller, special purpose logic circuitry (e.g., a field programmable gate array (FPGA), an application specific integrated circuit (ASIC), etc.), or other suitable processor. The controller 106 can include a processor 110 configured to execute instructions stored in memory. In the illustrated example, the memory of the controller 106 includes an embedded memory 132 configured to store various processes, logic flows, and routines for controlling operation of the memory device 100, including managing the main memory 102 and handling communications between the memory device 100 and the host device 108. In some embodiments, the embedded memory 132 can include memory registers storing, e.g., memory pointers, fetched data, etc. The embedded memory 132 can also include read-only memory (ROM) for storing micro-code. In operation, the controller 106 can directly read, write, or otherwise program (e.g., erase) the various memory regions of the main memory 102, such as by reading from and/or writing to groups of memory cells 122 (e.g., memory pages and/or memory blocks 128).
  • The controller 106 communicates with the host device 108 over a system bus 115. In some embodiments, the host device 108 and the controller 106 can communicate over a serial interface, such as a serial attached SCSI (SAS), a serial AT attachment (SATA) interface, a peripheral component interconnect express (PCIe), or other suitable interface (e.g., a parallel interface). The host device 108 can send various requests (in the form of, e.g., a packet or stream of packets) to the controller 106. A request can include a command to write, erase, return information, and/or to perform a particular operation (e.g., a TRIM operation).
  • The security hardware 104 can include components necessary to perform internal memory content measurements (e.g., without using the system bus 115) and/or to cryptographically sign messages sent to the host device 108. For example, the security hardware 104 can include a secure hash algorithm engine to perform secure hash algorithms (SHAs) (e.g., SHA-2) and/or other hash calculations (e.g., using hash-based message authentication code (HMAC)). Furthermore, the security hardware 104 can include one or more security registers to store volatile parameters (e.g., customer secret keys, unique device identifiers (UIDs), golden measurements of the memory array, etc.) and/or nonvolatile parameters (e.g., session keys). The security hardware 104 can also include nonvolatile monotonic counters to implement secure commands and to provide data exchange protection between the memory device 100 and the host device 108 (e.g., by guaranteeing anti-replay strength). Therefore, in the embodiment illustrated in FIG. 1, the memory device 100 is capable of implementing the trusted platform module (TPM) specification of the Trusted Computing Group®. In another embodiment, the memory device 100 can operate based on proprietary, application specific, or other suitable procedures. For example, the security hardware 104 can be suited for mobile devices in general or for a particular mobile device type or device manufacturer. Although shown as stand-alone hardware in the embodiment illustrated schematically in FIG. 1, the security hardware 104 (e.g., in part or in entirety) can be embedded into the controller 106 and/or into the main memory 102 in other embodiments.
  • FIG. 2 is a flow diagram illustrating a routine 240 that is executed, at least in part, by a memory device (e.g., memory device 100; FIG. 1) in accordance with an embodiment of the present technology. At block 241, the routine 240 starts when it receives a command (e.g., from the host device 108; FIG. 1). For example, the routine 240 can begin when it receives a power on, power off, and/or reset command from the host device 108. At block 242 and in response to the command, the memory device 100 (e.g., the controller 106; FIG. 1) prevents or blocks the host device 108 from accessing (e.g., reading and/or programming) the main memory (e.g., the startup, shutdown, and/or reset routines stored within the main memory 102; FIG. 1).
  • At block 243, the routine 240 instructs the memory device 100 (e.g., the controller 106 and/or the security hardware 104; FIG. 1) to measure at least a portion of its memory content. For example, the routine 240 can instruct the memory device 100 to measure the memory content of the startup, shutdown, and/or reset routines by calculating or otherwise obtaining a measured value (e.g., hash value) corresponding to the memory content. In some embodiments, the memory device 100 (e.g., the controller 106) can utilize control logic (e.g., a buffer and/or timing logic) while taking the measurement of the memory content to pipeline memory array reads into the security hardware 104. This can be useful for particularly large memory content measurements and/or when the memory data bus throughput and the security bus throughout do not align. For example, the control logic can store the current core memory address of the memory content to be measured, translate the core memory address into an address of appropriate length for the security hardware 104, and manage read timing through the SHA engine of the security hardware 104. In other embodiments, the control logic and/or components of the control logic (e.g., the buffer) can be omitted, for example, when low data throughput is acceptable and/or when the memory bus throughput and the security bus throughput align.
  • At blocks 244 and 245, the routine 240 compares an expected value, such as a golden hash value (e.g., stored in security registers of the security hardware 104), to the measured value obtained from the measurement of the memory content to determine whether the memory device 100 is trustworthy (e.g., whether the startup, shutdown, and/or reset routines have been unexpectedly modified or otherwise corrupted). If the routine 240 determines that the expected value and the measured value are in accord, the routine 240 can proceed to block 247 to direct the memory device 100 to cryptographically sign the measured value. In these and other embodiments, the routine 240 can direct the memory device 100 to send the signed measured value and/or other authentication information to the host device 108 over the system bus (e.g., system bus 115; FIG. 1). The routine 240 can also restore access of the main memory 102 (e.g., of the startup, shutdown, and/or reset routines) to the host device 108.
  • On the other hand, if the routine 240 determines that the expected value and the measured value are not in accord, the routine 240 can flag the memory device 100 (e.g., the memory content of the main memory 102) as untrustworthy and/or can proceed to carry out other remedial measures at block 246. For example, the routine 240 can access a reserved memory region of the main memory 102 (e.g., reserved memory region 112; FIG. 1) to replace the unexpectedly modified or otherwise corrupted memory content with a backup of genuine memory content (e.g., genuine routines, firmware, and/or other data) of the memory device 100 and/or of the computer system (e.g., system 101; FIG. 1).
  • To ensure that the backup stored in the reserved memory region 112 has not been unexpectedly modified or otherwise corrupted, the routine 240, in some embodiments, can instruct the memory device 100 (e.g., the controller 106 and/or the security hardware 104) to measure the backup of the memory content, calculate a corresponding measured value, and compare the corresponding measured value to an expected value before replacing the unexpectedly modified or otherwise corrupted memory content with the backup of the memory content stored in the reserved memory region 112. In some embodiments, the corresponding measured value of the backup of the memory content can be compared to an expected value (e.g., a value unique to the reserved memory region 112) that is different than the expected value used in the comparison at blocks 244 and 245 above. In other embodiments, the corresponding measured value of the backup of the memory content can be compared to an expected value that is equivalent (e.g., the same) as the expected value used in the comparison at blocks 244 and 245 above. If the routine 240 determines that the backup of the memory content stored in the reserved memory region 112 has itself been unexpectedly modified or otherwise corrupted, the routine 240 can perform other remedial measures. For example, the routine 240 can direct the memory device 100 to enter a safe mode and/or to send a warning to a user (e.g., a system administrator) of a potential problem. In response to this warning, the user can have the option to correct the problem or to exit out of the safe mode and ignore the warning. If the user chooses the latter, the host device 108 can request for the memory device 100 to load the untrustworthy memory content of the main memory 102. In other embodiments, the routine 240 can block the host device 108 from accessing (e.g., reading and/or programming) the untrustworthy memory content of the memory device 100 but can otherwise restore access of the main memory 102 to the host device 108. In still other embodiments, in response to read and/or programming requests from the host device 108, the memory device 100 can return static values, such as 0x00 or 0xFF, rather than the information requested by the host device 108.
  • FIG. 3 is a schematic view of a system that includes a memory device in accordance with embodiments of the present technology. Any one of the foregoing memory devices described above with reference to FIGS. 1-2 can be incorporated into any of a myriad of larger and/or more complex systems, a representative example of which is system 390 shown schematically in FIG. 3. The system 390 can include a semiconductor device assembly 300, a power source 392, a driver 394, a processor 396, and/or other subsystems and components 398. The semiconductor device assembly 300 can include features generally similar to those of the memory device described above with reference to FIGS. 1-2, and can, therefore, include various features of memory content authentication. The resulting system 390 can perform any of a wide variety of functions, such as memory storage, data processing, and/or other suitable functions. Accordingly, representative systems 390 can include, without limitation, hand-held devices (e.g., mobile phones, tablets, digital readers, and digital audio players), computers, vehicles, appliances, and other products. Components of the system 390 may be housed in a single unit or distributed over multiple, interconnected units (e.g., through a communications network). The components of the system 390 can also include remote devices and any of a wide variety of computer readable media.
  • From the foregoing, it will be appreciated that specific embodiments of the invention have been described herein for purposes of illustration, but that various modifications may be made without deviating from the disclosure. For example, the routine 240 illustrated in FIG. 2 is not limited to startup, shutdown, and/or reset routines and can be carried out to authenticate other system components and/or memory content corresponding to other hardware devices, memory, and routines. In addition, certain aspects of the new technology described in the context of particular embodiments may also be combined or eliminated in other embodiments. Moreover, although advantages associated with certain embodiments of the new technology have been described in the context of those embodiments, other embodiments may also exhibit such advantages and not all embodiments need necessarily exhibit such advantages to fall within the scope of the technology. Accordingly, the disclosure and associated technology can encompass other embodiments not expressly shown or described.

Claims (26)

I/We claim:
1. A memory device comprising:
a controller;
a main memory operably coupled to the controller, the main memory having one or more user memory regions and at least one reserved memory region; and
security hardware operably coupled to the controller and to the main memory, the security hardware configured to
measure memory content stored in the one or more user memory regions to obtain a measured value,
compare the measured value to an expected value,
based on the comparison, determine that the measured value and the expected value are not in accord, and
based on the determination, initiate a replacement of the memory content stored in the one or more user memory regions with a genuine backup of the memory content stored in the at least one reserved memory region.
2. The memory device of claim 1, wherein the controller is configured to prevent access to the main memory at least until the measured value is obtained.
3. The memory device of claim 1, wherein the security hardware is further configured to flag the memory device as untrustworthy based on the determination.
4. The memory device of claim 1, wherein the measured value is a first measured value and the expected value is a first expected value, and wherein, before initiating a replacement of the memory content with the genuine backup of the memory content based on the determination, the security hardware is further configured to:
measure the genuine backup of the memory content stored in the at least one reserved memory region to obtain a second measured value;
compare the second measured value to a second expected value; and
replace the memory content stored in the one or more user memory regions with the genuine backup of the memory content stored in the at least one reserved memory region only if the second measured value and the second expected value are in accord.
5. The memory device of claim 4, wherein the first expected value and the second expected value are equivalent.
6. The memory device of claim 4, wherein the security hardware is further configured to
based on the comparison of the second measured value and the second expected value, determine that the second measured value and the second expected value are not in accord; and
based on the determination that the second measured value and the second expected value are not in accord, direct the memory device to enter a safe mode and/or send a warning message.
7. The memory device of claim 4, wherein the security hardware is further configured to
based on the comparison of the second measured value and the second expected value, determine that the second measured value and the second expected value are in accord; and
based on the determination that the second measured value and the second expected value are in accord, replace the memory content stored in the one or more user memory regions with the genuine backup of the memory content stored in the at least one reserved memory region.
8. The memory device of claim 4, wherein the security hardware is further configured to pipeline memory array reads of the memory content and/or of the genuine backup of the memory content into the security hardware using at least one of a buffer and timing logic.
9. The memory device of claim 1, wherein the security hardware includes at least one of a secure hash algorithm engine, one or more monotonic counters, and one or more security registers.
10. The memory device of claim 1, wherein the memory content is at least one of a startup routine, a shutdown routine, and a reset routine.
11. The memory device of claim 1, wherein the controller comprises the security hardware.
12. A method for authenticating genuineness of memory content in a memory device having a controller, security hardware, and a main memory, wherein the main memory includes one or more user memory regions and at least one reserved memory region, the method comprising:
measuring memory content of the one or more user memory regions to obtain a measured value;
comparing the measured value to an expected value using the security hardware;
based on the comparison, determining that the measured value and the expected value are not in accord; and
based on the determination, replacing, using the controller, the memory content of the one or more user memory regions with a genuine backup of the memory content stored in the at least one reserved memory region.
13. The method of claim 12, wherein the measured value is a first measured value and the expected value is a first expected value, and wherein, before replacing the memory content with the genuine backup of the memory content, the method further comprises:
measuring the genuine backup of the memory content stored in the at least one reserved memory region to obtain a second measured value;
comparing the second measured value to a second expected value using the security hardware; and
replacing the memory content of the one or more user memory regions with the genuine backup of the memory content stored in the at least one reserved memory region only if the second measured value and the second expected value are in accord.
14. The method of claim 13, wherein the first expected value and the second expected value are equivalent.
15. The method of claim 13, further comprising
based on the comparison of the second measured value and the second expected value, determining that the second measured value and the second expected value are not in accord; and
based on the determination that the second measured value and the second expected value are not in accord, directing the memory device to enter a safe mode and/or send a warning message.
16. The method of claim 13, further comprising
based on the comparison of the second measured value and the second expected value, determining that the second measured value and the second expected value are in accord; and
based on the determination that the second measured value and the second expected value are in accord, replacing the memory content stored in the one or more user memory regions with the genuine backup of the memory content stored in the at least one reserved memory region.
17. The method of claim 12, wherein the method further comprises preventing access to the main memory at least until the measured value is obtained.
18. The method of claim 12, wherein the memory content of the one or more user memory regions includes at least one of a startup routine, a shutdown routine, and a reset routine.
19. A memory system comprising:
a host device; and
a memory device including
a controller,
a main memory operably coupled to the controller, the main memory having one or more user memory regions and at least one reserved memory region, and
security hardware operably coupled to the controller and to the main memory, wherein the security hardware is configured to:
measure memory content stored in the one or more user memory regions to obtain a measured value,
compare the measured value to an expected value,
based on the comparison, determine that the measured value and the expected value are not in accord, and
based on the determination, initiate a replacement of the memory content stored in the one or more memory regions with a genuine backup of the memory content stored in the at least one reserved memory region.
20. The system of claim 19, wherein the controller is configured to prevent the host device from accessing the main memory at least until the measured value is obtained.
21. The system of claim 19, wherein the measured value is a first measured value and the expected value is a first expected value, and wherein, before initiating a replacement of the memory content with the genuine backup of the memory content, the security hardware is further configured to:
measure the genuine backup of the memory content stored in the at least one reserved memory region to obtain a second measured value;
compare the second measured value to a second expected value; and
replace the memory content stored in the one or more user memory regions with the genuine backup of the memory content stored in the at least one reserved memory region only if the second measured value and the second expected value are in accord.
22. The system of claim 21, wherein the first expected value and the second expected value are equivalent.
23. The system of claim 21, wherein
the security hardware is further configured to determine that the second measured value and the second expected value are not in accord based on the comparison of the second measured value to the second expected value; and
the host device or the controller is configured to flag the memory device as untrustworthy based on the determination that the second measured value and the second expected value are not in accord.
24. The system of claim 21, wherein the security hardware is further configured to
based on the comparison of the second measured value and the second expected value, determine that the second measured value and the second expected value are in accord; and
based on the determination that the second measured value and the second expected value are in accord, replace the memory content stored in the one or more user memory regions with the genuine backup of the memory content stored in the at least one reserved memory region.
25. The system of claim 19, wherein the memory content of the plurality of memory regions includes at least one of a startup routine, a shutdown routine, and a reset routine.
26. The system of claim 19, wherein the controller comprises the security hardware.
US16/164,332 2017-06-26 2018-10-18 Memory devices and systems with security capabilities Abandoned US20190050297A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US16/164,332 US20190050297A1 (en) 2017-06-26 2018-10-18 Memory devices and systems with security capabilities

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/632,907 US10296421B2 (en) 2017-06-26 2017-06-26 Memory devices and systems with security capabilities
US16/164,332 US20190050297A1 (en) 2017-06-26 2018-10-18 Memory devices and systems with security capabilities

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US15/632,907 Continuation US10296421B2 (en) 2017-06-26 2017-06-26 Memory devices and systems with security capabilities

Publications (1)

Publication Number Publication Date
US20190050297A1 true US20190050297A1 (en) 2019-02-14

Family

ID=64693222

Family Applications (2)

Application Number Title Priority Date Filing Date
US15/632,907 Active 2037-07-07 US10296421B2 (en) 2017-06-26 2017-06-26 Memory devices and systems with security capabilities
US16/164,332 Abandoned US20190050297A1 (en) 2017-06-26 2018-10-18 Memory devices and systems with security capabilities

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US15/632,907 Active 2037-07-07 US10296421B2 (en) 2017-06-26 2017-06-26 Memory devices and systems with security capabilities

Country Status (1)

Country Link
US (2) US10296421B2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230325539A1 (en) * 2022-04-06 2023-10-12 Whitestar Communications, Inc. Mitigating against a persistent consistent threat in a network device based on reducing temporal surface area

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3337039B1 (en) * 2016-12-14 2020-07-22 Nxp B.V. Monotonic counter and method of operating a monotonic counter
EP3337120B1 (en) 2016-12-14 2021-04-21 Nxp B.V. Network message authentication and verification
US10715321B2 (en) 2017-12-22 2020-07-14 Micron Technology, Inc. Physical unclonable function using message authentication code
US10906506B2 (en) 2017-12-28 2021-02-02 Micron Technology, Inc. Security of user data stored in shared vehicles
US10924277B2 (en) 2018-01-25 2021-02-16 Micron Technology, Inc. Certifying authenticity of stored code and code updates
US10778661B2 (en) 2018-04-27 2020-09-15 Micron Technology, Inc. Secure distribution of secret key using a monotonic counter
US11271721B2 (en) * 2019-03-25 2022-03-08 Micron Technology, Inc. Distributed secure array using intra-dice communications to perform data attestation
US10868679B1 (en) * 2019-07-25 2020-12-15 Cypress Semiconductor Corporation Nonvolatile memory device with regions having separately programmable secure access features and related methods and systems
US11221800B2 (en) 2020-03-02 2022-01-11 Micron Technology, Inc. Adaptive and/or iterative operations in executing a read command to retrieve data from memory cells
US11086572B1 (en) 2020-03-02 2021-08-10 Micron Technology, Inc. Self adapting iterative read calibration to retrieve data from memory cells
US12009034B2 (en) 2020-03-02 2024-06-11 Micron Technology, Inc. Classification of error rate of data retrieved from memory cells
US11029890B1 (en) 2020-03-02 2021-06-08 Micron Technology, Inc. Compound feature generation in classification of error rate of data retrieved from memory cells
US11740970B2 (en) 2020-03-02 2023-08-29 Micron Technology, Inc. Dynamic adjustment of data integrity operations of a memory system based on error rate classification
TWI743715B (en) 2020-03-24 2021-10-21 瑞昱半導體股份有限公司 Method and apparatus for performing data protection regarding non-volatile memory
US11257546B2 (en) 2020-05-07 2022-02-22 Micron Technology, Inc. Reading of soft bits and hard bits from memory cells
US11562793B2 (en) 2020-05-07 2023-01-24 Micron Technology, Inc. Read soft bits through boosted modulation following reading hard bits
US11081200B1 (en) 2020-05-07 2021-08-03 Micron Technology, Inc. Intelligent proactive responses to operations to read data from memory cells
US11899829B2 (en) * 2020-12-01 2024-02-13 Micron Technology, Inc. Memory systems and devices including examples of generating access codes for memory regions using authentication logic
US11537298B2 (en) 2020-12-01 2022-12-27 Micron Technology, Inc. Memory systems and devices including examples of accessing memory and generating access codes using an authenticated stream cipher
US20230073503A1 (en) * 2021-09-07 2023-03-09 Micron Technology, Inc. Security file system for a memory system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040111626A1 (en) * 2002-12-09 2004-06-10 Doron Livny Security processing of unlimited data size
US20060133607A1 (en) * 2004-12-22 2006-06-22 Seagate Technology Llc Apparatus and method for generating a secret key
US20090144582A1 (en) * 2005-12-30 2009-06-04 Lenovo (Beijing) Limited Anti-virus method based on security chip
US20100146231A1 (en) * 2008-12-08 2010-06-10 Microsoft Corporation Authenticating a backup image with bifurcated storage
US20150019793A1 (en) * 2013-07-09 2015-01-15 Micron Technology, Inc. Self-measuring nonvolatile memory devices with remediation capabilities and associated systems and methods

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115461A1 (en) * 2001-12-14 2003-06-19 O'neill Mark System and method for the signing and authentication of configuration settings using electronic signatures

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040111626A1 (en) * 2002-12-09 2004-06-10 Doron Livny Security processing of unlimited data size
US20060133607A1 (en) * 2004-12-22 2006-06-22 Seagate Technology Llc Apparatus and method for generating a secret key
US20090144582A1 (en) * 2005-12-30 2009-06-04 Lenovo (Beijing) Limited Anti-virus method based on security chip
US20100146231A1 (en) * 2008-12-08 2010-06-10 Microsoft Corporation Authenticating a backup image with bifurcated storage
US20150019793A1 (en) * 2013-07-09 2015-01-15 Micron Technology, Inc. Self-measuring nonvolatile memory devices with remediation capabilities and associated systems and methods

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230325539A1 (en) * 2022-04-06 2023-10-12 Whitestar Communications, Inc. Mitigating against a persistent consistent threat in a network device based on reducing temporal surface area
US11880496B2 (en) * 2022-04-06 2024-01-23 Whitestar Communications, Inc. Mitigating against a persistent consistent threat in a network device based on reducing temporal surface area

Also Published As

Publication number Publication date
US20180373598A1 (en) 2018-12-27
US10296421B2 (en) 2019-05-21

Similar Documents

Publication Publication Date Title
US10296421B2 (en) Memory devices and systems with security capabilities
US9613214B2 (en) Self-measuring nonvolatile memory devices with remediation capabilities and associated systems and methods
US9317450B2 (en) Security protection for memory content of processor main memory
US12531734B2 (en) Certifying authenticity of stored code and code updates
US10523444B2 (en) Solid state storage device with command and control access
US11960632B2 (en) Data attestation in memory
EP2229653A2 (en) System and method for updating read-only memory in smart card memory modules
US11870779B2 (en) Validating an electronic control unit of a vehicle
US8886955B2 (en) Systems and methods for BIOS processing
US20220158823A1 (en) Validating data stored in memory using cryptographic hashes
US11816202B2 (en) Run-time code execution validation
US20210232688A1 (en) Determine whether to perform action on computing device based on analysis of endorsement information of a security co-processor
US20200310776A1 (en) Over-the-air update validation
CN101164048B (en) Security system implemented in the memory card
US11228443B2 (en) Using memory as a block in a block chain
US12143519B2 (en) Using memory as a block in a block chain
KR20250031758A (en) Storage device, authentication device, and authentication system

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICRON TECHNOLOGY, INC., IDAHO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MONDELLO, ANTONINO;DOVER, LANCE W.;INDELICATO, FABIO;REEL/FRAME:047219/0920

Effective date: 20170626

AS Assignment

Owner name: MORGAN STANLEY SENIOR FUNDING, INC., AS COLLATERAL

Free format text: SUPPLEMENT NO. 11 TO PATENT SECURITY AGREEMENT;ASSIGNOR:MICRON TECHNOLOGY, INC.;REEL/FRAME:048082/0860

Effective date: 20190115

Owner name: JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT, IL

Free format text: SUPPLEMENT NO. 2 TO PATENT SECURITY AGREEMENT;ASSIGNOR:MICRON TECHNOLOGY, INC.;REEL/FRAME:048082/0889

Effective date: 20190115

Owner name: MORGAN STANLEY SENIOR FUNDING, INC., AS COLLATERAL AGENT, MARYLAND

Free format text: SUPPLEMENT NO. 11 TO PATENT SECURITY AGREEMENT;ASSIGNOR:MICRON TECHNOLOGY, INC.;REEL/FRAME:048082/0860

Effective date: 20190115

Owner name: JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT, ILLINOIS

Free format text: SUPPLEMENT NO. 2 TO PATENT SECURITY AGREEMENT;ASSIGNOR:MICRON TECHNOLOGY, INC.;REEL/FRAME:048082/0889

Effective date: 20190115

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

AS Assignment

Owner name: MICRON TECHNOLOGY, INC., IDAHO

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:MORGAN STANLEY SENIOR FUNDING, INC., AS COLLATERAL AGENT;REEL/FRAME:050718/0764

Effective date: 20190731

AS Assignment

Owner name: MICRON TECHNOLOGY, INC., IDAHO

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT;REEL/FRAME:051026/0568

Effective date: 20190731

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION