Safeguarding boot code and other critical data: how little-known data protection settings in NOR Flash can help improve system reliability

This article describes a number of features of the operation of SpiFlash NOR Flash memories from Winbond which may be used to protect critical data. These protection features help designers to avoid the risk that their system will be disabled because of bit errors caused by noise, or because a host SoC mistakenly overwrites critical data.

By Ken Lin, Deputy Director of Flash Memory Technical Marketing and Application Engineering, Winbond Electronics Corporation, www.winbond.com


SPI NOR Flash is the electronics design engineer’s favourite memory type for low-density, high-reliability storage of application code and data in embedded systems with a storage requirement of up to 512Mbits.

To facilitate broad adoption across the industry, NOR Flash memory technology follows certain standards, for instance governing the serial interface to a host microcontroller or SoC. One of these standard features is the way in which NOR Flash allows the system designer to configure protection of stored data. Protection may be applied to a specified fraction of the entire memory array in which mission-critical data is stored: most often, this is boot code, since if boot code were impaired or lost, the entire system would be disabled.

Protection helps to ensure that data in protected blocks is not corrupted, for instance by noise, or mistakenly erased and overwritten by a faulty operation implemented by the host system. If an Erase or Program command specifies a memory region that contains a protected block, this command will be ignored. In other words, protected blocks are tagged as Read-only memory.

The way in which the standard approach to data protection was implemented many years ago in NOR Flash has more recently, however, begun to constrain designers’ flexibility in their use of the higher-density memory devices available today. This has prompted Winbond to introduce new, proprietary extensions to the standard protection functions to give more control over the block size and the operation of the protection function. This article describes the reason for introducing these new features, and outlines their uses for system designers who use NOR Flash memory.

Increase in protected block sizes

When the data protection function was created many years ago, NOR Flash memory densities were much smaller than they are today. At that time, just three Block Protection (BP) bits in the Flash IC’s status register were enough to specify the portion of the total memory array that needed to be protected. In a Winbond NOR Flash memory device’s datasheet, these status register bits are shown as BP0, BP1 and BP2. These three bits give eight options for selecting the size of the protected region, from as little as 1/64th of the array to as much as ½.

Fig. 1: The BPx bits in the status register of a NOR Flash device allow the user to specify the size of the protected region. (Source: Winbond W25Q128JV datasheet)

So the maximum granularity available to the user is 1/64th of the total array. The problem today is that embedded systems require more storage than before, and Flash memory manufacturers have responded by providing products with larger memory capacity. The Winbond W25Q128JV, for instance, is a 128Mbit memory: a 1/64th portion is 2Mbits. But what if the system designer only needs to apply protection to boot code, and not to any other code or data? And the boot code is just 50kbits?

In this case, a protected region of 2Mbits would store just 50kbits of code, and so – because the region has Program and Erase protection – most of the protected block will remain empty.

Now Winbond has introduced a new feature to solve this problem: it is the ‘SEC’ status register bit shown at the far left in Figure 1. This SEC bit allows the designer to specify protection at the sector rather than the block level. As Figure 2 shows, this divides the array into portions as small as 1/4096th – 32kbits in the W25Q128JV part, for instance. This gives the designer the flexibility to protect very small pieces of critical code, such as boot code, while leaving almost all of the memory array free of Program/Erase protection and available for storage of any other code and data.

Fig. 2: The SEC register bit enables protection to be specified at the sector level. (Source: Winbond W25Q128JV datasheet)

Figure 2 also shows, highlighted in yellow, another feature introduced by Winbond: the TB (Top/Bottom) register bit. By default (TB=0), the allocation of block or sector protection starts at the bottom of the memory array of addresses. This is because most CPUs boot from the bottom of the array, so the protected region holding boot code should be located at the bottom for the fastest operation and the most efficient use of main memory.

Intel CPUs, however, boot from the top. So with the TB bit, Winbond gives users of Intel devices the option to allocate memory addresses at the top of the array for block or sector protection, by configuring TB=1 in the status register.

Applying block protection to almost an entire array

In standard NOR Flash memory ICs, the option to configure blocks for Program/Erase protection starts with the smallest 1/64th increment, and enables protection for up to half of the array, as shown in Figure 2. In some applications, however, the requirement for storage of user data is nil or almost nil, and nearly all the memory array is occupied by boot and fixed application code. An example of such an application is a TV remote control: here, only a small amount of unprotected memory space is required for infrequent end-user configuration settings (for instance to pair the remote control to a new media device). Nearly all the memory space is for application code, which will not change and so benefits from Program/Erase protection.

A status register bit provided by Winbond meets this application requirement. It is the Complement (CMP) bit: this reverses the protection setting asserted by the BP and SEC bits. If the BP bits are configured to protect a 1/64th portion of the memory array with the default setting of CMP=0, when CMP=1 protection will be applied to a 63/64th portion of the array, and only 1/64th will remain unprotected.

Reinforced protection with hardware lock on status register settings

To provide additional confidence in the protection of critical data such as boot code, a NOR Flash memory IC can apply a hardware lock to the block/sector protection firmware (register) settings. This is achieved via the WP pin (see Figure 3). The status of the WP pin is controlled with the SRP (Status Register Protect) register bit.

 

Fig. 3: pin assignments on the W25Q128JV SOIC package, showing the Write Protect (WP) pin. (Source: W25Q128JV datasheet)

 

 

Some users might be familiar with the WP pin in parallel Flash devices, which has a simple Write Protect function. The function of the WP pin in serial NOR Flash devices is different: it protects the register settings that configure the Program/Erase protection of blocks and sectors via the BP and SEC register bits. Once the BP and SEC settings are made and the WP pin is asserted (WP=Low), no change to the BP and SEC settings may be made without pulling the WP pin High.

The ultimate protection of critical data

Users of serial NOR Flash devices such as the Winbond SpiFlash® series of products can guarantee that protected regions will never be programmed or erased after shipment from the factory – effectively turning protected blocks into one-time programmable (OTP) memory space.

This is achieved by applying a permanent lock to the block and sector protection register settings. The so called Active Permanent Lock can be applied with the SRL (Status Register Lock) register bit. This permanently, irrevocably locks the data in protected blocks. If a bug is found in protected code in future, or an important security update needs to be applied in the field, it cannot be done if the Active Permanent Lock has been implemented. This is a serious consequence, and so Winbond requires a special instruction sequence to be followed to implement Active Permanent Lock, which is only available by application to Winbond – the instructions are not listed in the datasheet.

For most users, a better option is the Power Supply Lock-Down function: this has the same effect of locking the status register settings when the device is active, but each time the device is powered down the status register lock is lifted. This leaves a window open to change the register settings every time the device is powered on before the Power Supply Lock-Down is implemented again.

Enhanced data protection with advanced Flash features

This article has described a number of features of the operation of SpiFlash NOR Flash memories from Winbond which may be used to protect critical data. These protection features help designers to avoid the risk that their system will be disabled because of bit errors caused by noise, or because a host SoC mistakenly overwrites critical data.

The range of options for protecting data, and for locking the protection settings, is not necessarily well known even by long-standing users of NOR Flash memory devices. System designers can take advantage of them to improve the reliability of their products’ field operation, simply by using the full array of register settings provided by Winbond in SpiFlash NOR Flash devices.

Please contact mkt_online@winbond.com if you have any further questions.


Related


Slimming program for medical operating devices

Operating devices in the medical sector are not only subject to strict controls and requirements. Nowadays design demands are becoming more and more important for developers of medical HMI devices. De...

Establishing a root of trust to secure the IoT

Security is not something that any developer can ignore. It is no longer safe, for the OEM or their customers, to assume that their product or service is immune to cyber attacks. The sheer size of the...

 

Arrow and Analog Devices strategic partnership and collaborative approach to provide solutions for our customers.

Mike Britchfield (VP for EMEA Sales) talks about why Analog Devices have a collaborative approach with Arrow Arrow’s design resources are key, from regional FAEs in the field to online des...


WE MAKE IT YOURS! Garz & Fricke to present the latest HMIs and SBCs at Electronica 2018

Sascha Ulrich, Head of Sales at Garz & Fricke, gives you a quick overview about the latest SBC, HMI and Panel-PC Highlights at electronica 2018. Learn more about the SANTOKA 15.6 Outdoor HMI, the ...


Macronix Innovations at electronica 2018

Macronix exhibited at electronica 2018 to showcase its latest innovations: 3D NAND, ArmorFlash secure memory, Ultra Low Vcc memory, and the NVM solutions with supreme quality mainly focusing on Automo...


ams CEO talks about their sensor solutions that define the mega trends of the future

In this video Alexander Everke, ams’ CEO, talks to Alix Paultre of EETimes about their optical, imaging and audio sensor solutions in fast-growing markets – from smartphones, mobile device...


Intel accelerated IoT Solutions by Arrow

Arrow is showing Intel’s Market Ready Solutions in a Retailer shop with complete eco environment. From sensors via gateways into the cloud, combined with data analytics, the full range of Intel ...


CSTAR - Manufacturers of cable assembly from Taiwan

CSTAR was founded in 2010 in Taipei, Taiwan. Through years of experience, we are experts in automotive products, LCD displays, LCD TVs, POS, computers, projectors, laptops, digital cameras, medical ca...


NXP Announces LPC5500 MCU Series

Check this video to discover the new NXP microcontroller LPC5500, the target application and focus area. Links to more information: LPC5500 Series: World’s First Arm® Cortex® -M...


Molex Meets Solutions at Electronica

These are exciting times in the electronics world as Molex migrates from a pure connectors company to an innovate solutions provider. Solutions often start at the component level, such as the connecto...


Alix Paultre investigates Bulgin's new optical fiber rugged connector range at Electronica 2018

Alix Paultre interviews Bulgin's Engineering Team Leader Christian Taylor to find out more about the company's new range of optical fiber connectors for harsh environments. As the smallest rug...


Cypress MCU and Connectivity are the best choice for real-world IoT solutions.

Cypress’ VP of Applications, Alan Hawse, explains why people should use Cypress for their IoT connectivity and MCU needs. Cypress wireless connectivity and MCU solutions work robustly and sea...


Chant Sincere unveils their latest High Speed/High Frequency connection solutions at Electronica 2018

Chant Sincere has been creating various of product families to provide comprehensive connection solutions to customers. USB Series Fakra Series QSFP Series Metric Connector Series Fibro ...


Addressing the energy challenge of IoT to unleash billions of devices

ON Semiconductor introduces various IoT use cases targeted towards smart homes/buildings, smart cities, industrial automation and medical applications on node-to-cloud platforms featuring ultra-low po...


ITECH, world leading manufacturer of power test instruments, shinned on electronica 2018

ITECH, as the leading power electronic instruments manufacturer, attended this show and brought abundant test solutions, such as automotive electronics, battery test, solar array simulator, and electr...


ITECH new series give users a fantastic user experience

ITECH latest series products have a first look at the electronics 2018, such as IT6000B regenerative power system, IT6000C bi-directional programmable DC power supply, IT6000D high power programmable ...


SOTB™ Process Technology - Energy Harvesting in Embedded Systems is Now a Reality

Exclusive SOTB technology from Renesas breaks the previous trade-off between achieving either low active current or low standby current consumption – previously you could only choose one. With S...


E-Mail Newsletters

nlsc240

Our 3 E-Mail Newsletters: EETimes/EDN Europe, Embedded News and Power Electronics News inform about the latest news in technology and products, as well as technical know-how like white papers, webinars, articles, etc.


B & S / ECE Magazine

- latest issue is online now -

November 2018

Content Highlights

Cover Story

Internet-connected displays make the industrial IoT more visible

Download now