Memory types
Besides the processor, the most important components of a microcontroller are various types of memory, which serve to store program code and data. Since smart card microcontrollers must be complete computers, they exhibit a characteristic division of memory into RAM, ROM and EEPROM. The exact division depends very strongly on the chip’s ultimate application area. In any case, an effort is always made to keep the RAM and EEPROM as small as possible, since they require the most space per bit.

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4432,

Figure 3.47 Comparison of the die area of a single bit cell for various types of memory. The dimensions shown here are approximate and relate to 0.8-μm technology. For comparison, the diameter of the first planar transistor in 1959 was 764 μm [Buchmann 96, Stix 96], the diameter of the dot at the end of each sentence in this book is 400 μm, the resolution limit of the human eye is 40 μm, the size of a bacterium is 0.4–2 μm and the size of a DNA double helix is 0.1 μm

In the case of multiapplication smart cards, which can manage several applications at the same time, the most commonly used chips have a ROM capacity that is roughly twice as
large as that of the EEPROM, in order to provide enough room to store the complex operating system code. For single-application smart cards, microcontrollers are selected whose EEPROM capacity is only slightly larger than the volume of the application data. All variable application data, along with some parts of the operating system, can thus be stored in EEPROM in order to make optimum use of the EEPROM, which takes up a relatively large amount of space on the die and is thus expensive. Integrating three different types of semiconductor memory into a single silicon die is a technically difficult task requiring a significant number of production steps and exposure masks. The different types of memory also occupy markedly different areas, due to their different structures and operating principles. For example, a RAM cell occupies about four times as much space as an EEPROM cell, which in turn occupies four times as much space as a ROM cell. This is why smart card microcontrollers have so little RAM, with 4 kB of RAM already considered to be large. If you consider that 16 kB of EEPROM or 64 kB of ROM can be put into the same area, you can understand why. A new type of memory technology for smart cards has become available relatively recently. This is called ‘Flash’ EEPROM, and it permits write and erase access times that are much shorter than with previously available types of EEPROM. The cell size is approximately half of that of a conventional EEPROM, depending on the particular design.

SLE5542 Cards,SLE5542 Cards Supplier, SLE5542 Silk Screen Printing Cards, SLE5542 Pre-printed Cards, ISO SLE5542 Cards, ISO SLE5542 Cards with Magnetic Stripe,

Figure 3.48 Classification chart for smart card microcontroller memories. Generally speaking, PROM and EPROM are no longer used in modern microcontrollers. FRAM is only starting to be used in smart cards

Table 3.4 Memory types used in smart card microcontrollers. For comparison, the area of the dot at the end of each sentence in this book is 125,660 μm2

SLE5542 Cards,SLE5542 Cards Supplier, SLE5542 Silk Screen Printing Cards, SLE5542 Pre-printed Cards, ISO SLE5542 Cards, ISO SLE5542 Cards with Magnetic Stripe,

The following three numeric examples illustrate these size relationships:
–A simple laser printer works at a resolution of 600 dpi (dots per inch), which means that the minimum possible dot size is 42.6 μm. Also, the dot at the end of this sentence has a diameter of 400 μm. If you wanted to print with a resolution equal to a 0.8-μm structure width, which is still used in semiconductor technology, you need a printer with a resolution of 32,000 dpi!
–High-capacity hard disk drives can store up to 11.6 billion bits per square inch. Under the idealized assumption that each bit occupies a square area, this yields an edge length of 0.24 μm for each bit cell. A ROM cell of a smart card microcontroller made using 0.8 μm technology requires 1700 times as much area for a single bit!
–With a CD-ROM, the situation is different. In this case, the storage density is 7.3 MB/cm2. This corresponds to an edge length of 1.4 μm for single bit cell, assuming square cells. This is around 80 times less than the area occupied by a ROM cell in 0.8μm technology. With DVDs (digital versatile disks), a density of 50.5 MB/cm2 is possible. A single bit thus occupies the area of a square with an edge length of 0.5 μm, which is 400 times smaller than a single ROM bit cell in 0.8-μm technology.

Table 3.5 Typical surface area distribution for a smart card microcontroller

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4432,

ROM (read-only memory)
As the name implies, this type of memory can only be read and cannot be written. No supply voltage is needed to retain data, since the data are ‘hard-wired’ in the memory.
A smart card’s ROM contains most of the operating system routines, as well as various test and diagnostic functions. These programs are built into the chip by its manufacturer when it is made. This is done by preparing a ROM mask from the program code and then using this mask to ‘burn’ the program into the chip using lithographic processes. In this case the data, which are the same for all chips of a production run, can only be entered into the ROM during manufacturing.

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4442,

Figure 3.49 Basic functional structure of a ROM

PROM (programmable read-only memory)
PROM is not used in smart card microcontrollers, though it could offer several advantages. In contrast to ROM, PROM need not be programmed during manufacturing, but can be written shortly before the chip is fitted into its module. PROM also does not need any supply voltage to retain data. The main reason for not using PROM is that programming a PROM requires access to the address, data and control buses. This is precisely what should not be possible with smart cards, because it would allow data to not only be written but also read out. Since the memory holds confidential data, using PROM is strictly prohibited.

EPROM (erasable programmable read-only memory)
EPROMwas often used in the early years of smart card technology, since at that time it was the only type of memory that could retain data without a supply voltage and could also be written (although only once per bit). However, since an EPROM can only be erased using UV light, it cannot be erased in a smart card. This is why EPROM no longer has any practical significance. The only meaningful use for EPROMis to irreversibly store a chip number during semiconductor production, but this can now be realized using a special type of non-erasable EEPROM.

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Package Outlines Wire-Bonded Module M3,

Figure 3.50 Photo of a ROM cell at 1000× enlargement (left) and 11,200× enlargement (right) (Source: Giesecke & Devrient)

EEPROM (electrically erasable programmable read-only memory)
EEPROM, which is technically more complex than ROMor RAM, is used in smart cards for all data and programs that need to be modified or erased at some time. Functionally, an EEPROM corresponds to the hard disk of a PC, since it retains data in the absence of power and the data can be altered as necessary. EEPROM is thus non-volatile memory.  In principle, an EEPROM cell is a tiny capacitor that can be charged or discharged. The charge state can be interrogated by sensing logic. A charged capacitor represents a logic 1, while a discharged capacitor represents a logic 0. In order to store one data byte, eight of these small capacitors are needed, along with suitable sensing circuitry. The erased state of the EEPROM cell is the critical factor with regard to writing to the cell. In most types of EEPROM, the erased state is ˚1˚. An EEPROM has the property that an individual cell can only be programmed from its erased state to its unerased state, which in this example is ˚0˚. If an EEPROM cell is already in the ˚0˚ state, an entire EEPROM page must be erased in order to restore that bit to the ˚1˚ state. The algorithm that is usually used for an EEPROM write routine is described in Listing 3.1.

Listing 3.1 Pseudocode of a routine for writing complete EEPROM pages. If multiple pages or only part of a page is to be written, this routine should be nested in a higher-level routine. A similar procedure should be used if a write retry routine must be called in the event of an error. Here the erased state of the EEPROM is’FF’, and the written state is’00′

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4442,

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4441,

Figure 3.52 shows the cross-section of an EEPROM cell. The actual structure is somewhat more complicated, but this simplified diagram is a very useful aid to comprehension.
In order to understand how an EEPROM cell works, you need to understand its semiconductor background. In its simplest form, an EEPROM cell is essentially a modified field-effect transistor (MOSFET) built on top of a silicon substrate. A MOSFET is formed by first creating a source and a drain in the substrate and then placing a control gate between them. The current flowing from the source to the drain can be controlled by applying a potential to this gate. As long as no potential is present on the gate, no current can flow, since there are two diode junctions (n–p and p–n) between the source and the drain. If a positive potential is applied to the gate, electrons are drawn towards it from the substrate, forming an electrically conducting channel between the source and the drain. The FET is then conductive, and a current can flow. In an EEPROM cell, an additional ‘floating’ gate is located between the control gate and the substrate. It is not connected to any external voltage source, and the separation between it and the substrate is very small, on the order of 10 nm. The floating gate can be charged or discharged via the substrate using the tunnel effect (Fowler–Nordheim effect), which allows charge carriers to penetrate thin oxide layers that act as insulators. This requires a sufficiently large potential difference across this oxide layer, which is called the tunnel-oxide layer. Current flow from the source to the drain is controlled by the charge on the floating gate. This means that the state of this gate can be interpreted as a logic 0 or a logic 1 according to whether a current can flow through the gate. To charge the floating gate, a high positive voltage is applied to the control gate. This creates a large potential difference between the substrate and the floating gate, which in turn causes electrons to tunnel through the oxide layer to the floating gate, with a current that can be measured in picoamperes. The negative charge on the floating gate produces a high threshold voltage between the source and the drain, which means that the field-effect transistor is blocked. No current can flow between the source and the drain. Storing electrons in the floating gate is thus equivalent to storing data.

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4441,

Figure 3.54 Discharging an EEPROM cell

The potential needed to charge the EEPROM cell is about 17 V at the control gate, which is reduced to about 12 V at the floating gate by capacitive coupling. However, since smart card microcontrollers work with a supply voltage of only 1.8–5 V, a charge pump is needed to produce the necessary voltage. In principle, the charge pump is a cascaded voltage-multiplier circuit. It generates an output voltage of about 25 V from the low input voltage, which yields a voltage close to the necessary level of 17 V after stabilization. Depending on the structure of the cell, charging an EEPROM cell requires from 2 to 10 ms per memory page (1–32 bytes). To erase an EEPROM cell, a negative voltage is applied to the control gate. This causes the electrons to leave the floating gate and return to the substrate. The EEPROM cell is then discharged and the threshold voltage between the source and the drain is low, so the FET conducts.

The floating gate can also be discharged by heat or energetic radiation (such as X-rays orUV light), which causes it to return to its ‘secure’ state. This state is of fundamental significance in the design of smart card operating systems, since security barriers can be breached by deliberately altering ambient conditions if the secure state of the EEPROM is not used to store critical data. Depending on the technical implementation of an EEPROM cell, the secure state can correspond to a logic 0 or a logic 1. This is specific to each type of smart card microcontroller, and it should be confirmed with the manufacturer if necessary. EEPROM is one of the few types of semiconductor memory having a limited number of access cycles. It can be read any number of times, but it can be programmed only a limited number of times. The reason for this limitation can be found in its semiconductor structure. The life expectancy of an EEPROM depends strongly on the nature, thickness and quality of the tunnel-oxide layer between the floating gate and the substrate. Since this layer must be produced very early in the fabrication process, it is exposed to strong thermal stresses in subsequent fabrication steps. This may cause damage to the oxide layer, which in turn affects the useful life of the EEPROM cell. During fabrication, and every time the cell is written, the tunnel-oxide layer absorbs electrons that are not subsequently released. These ‘trapped’ electrons are located close to the channel between the source and the drain, and once they reach a certain number they have a stronger effect on the threshold potential than the charge stored in the floating gate. When this happens, the EEPROM cell has reached the end of its useful life. Although it can still be written, the charge on the floating gate has only a minimal effect on the characteristics of the channel between the source and the drain, so the threshold potential always remains the same. The number of possible write/erase cycles varies greatly, depending on structural details. Typical values range from 100,000 to 1,000,000 cycles over the entire range of operating temperature and voltage. At room temperature and using an optimum supply voltage, values that are 10 to 50 times greater can be achieved.

When an EEPROM cell is approaching the end of its life, its data retention time decreases. The retention time can range from hours to minutes or even seconds. The more exhausted the EEPROM becomes, i.e., the more electrons that have been absorbed by the tunnel oxide layer, the shorter is the retention time. A charged floating gate loses charge over time, due to insulation losses and quantummechanical effects. The time required for this to become noticeable can range from 10 to 100 years. In this regard, it is interesting to note that a charged floating gate holds 100,000 to 1,000,000 electrons, depending on the implementation. Currently, all semiconductor manufacturers guarantee data retention for 10 years. In order to increase this value, the contents of EEPROM cells can be periodically refreshed by reprogramming. However, this is only worthwhile when the data must be stored for a long time.

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Package Outlines Wire-Bonded Module M3,

Figure 3.55 This schematic diagram shows the operating principle of a charge pump circuit during charging (left) and discharging (right). These processes are repeated at a high frequency, causing the charge pump to produces a slightly pulsating DC voltage at its output.

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4432,

Figure 3.56 Displacement of the discharge curve of an EEPROM cell as a function of the number of executed program/erase cycles

Flash EEPROM (Flash electrically erasable programmable read-only memory)
Flash EEPROM, which is often simply called ‘Flash memory’, shares the property of nonvolatility with regular EEPROM. This means that it retains data in the absence of a supply voltage. It is very similar to EEPROM in its construction and operation. The basic difference between a Flash EEPROM and a normal EEPROM is in the writing process, which is based on hot-electron injection instead of the Fowler–Nordheim (tunneling) effect. ‘Hot’electrons are fast electrons produced by a high potential difference between the source and the drain. Some of these electrons penetrate the tunnel-oxide layer, due to the influence of a positively charged control gate, and are stored in the floating gate. This reduces the writing time to around 10 μs, which is a considerable improvement on the value of 2–10 ms for a regular EEPROM. The name ‘Flash’ comes from this extremely short programming time. Another advantage is that the programming voltage is only 12 V, compared with 17 V for EEPROMs.

There are several smart card microcontrollers with Flash EEPROM, which is primarily used in smart card microcontrollers as a replacement for mask-programmed ROM. Using a microcontroller with Flash EEPROM can reduce the development time of a smart card project by several months, since this eliminates the need to generate ROM masks. Unfortunately, it is extremely difficult to make semiconductor devices having EEPROM and Flash EEPROM on the same chip. Consequently, in practice a microcontroller with Flash EEPROM usually does not contain any regular EEPROM. Instead, the EEPROM is replaced by a Flash EEPROM of around 8 kB, which has the smallest possible page size in order to minimize the impact on the smart card operating system. The page size of the Flash memory used to replace the ROMis generally significantly larger (e.g., 64–128 bytes), since the routines stored in this memory are written only rarely. When the chip is fabricated, a boot loader is stored in a small ROM to allow the smart card manufacturer to load program code and data into the Flash EEPROM. Current Flash EEPROM cells have a guaranteed data retention period of at least 10 years, at least 100,000 write/erase cycles and typical page sizes of 8–128 bytes. There are a few isolated smart card microcontrollers that have unusually large memories, frequently on the order of 1–2 MB. They are always fabricated using Flash memories with page sizes of up to 64 kB. This yields significant area savings with regard to the address and control lines, so memories of this size can be realized in chips having the maximum possible area of 25 mm2.

AT89SC168,AT89SC168 smart card,AT89SC168 smart cards

Figure 3.57 An AT89SC168 smart card microcontroller with Flash EEPROM. The functional components at the top are (from left to right) the logic unit, RAM and CPU. The EEPROM charge pump and Flash EEPROM can be seen at the bottom (from left to right) (Source: Atmel)

FRAM (ferroelectric random-access memory)
FRAM is a new development in semiconductor technology. Despite its name, FRAM is not volatile like RAM, but instead retains its content without a supply voltage. This type of memory exploits the properties of ferroelectric materials in order to store data. Its cell structure is similar to that of EEPROM, but with a ferroelectric material located between the control gate and the floating gate. FRAM is potentially ideal for smart card memory, since it has very desirable properties as a data storage medium. Only 5 V is needed for programming, the programming time is around 100 ns and the maximum number of programming cycles is around one trillion. The integration density is similar to that of Flash EEPROM. However, FRAM has two disadvantages. The first is a limited number of read cycles, which makes a type of refresh cycle necessary. The second, which is more significant, is that producing FRAMs involves processing steps that are difficult to master. Up to now, little effort has been made to use this technology in smart card microcontrollers. However, this could change in a few years, since FRAM technology possesses all the features needed to allow it to completely supplant EEPROMs, which are presently used almost exclusively.

SLE5542,SLE5542 Contact Smart Cards,SLE4442 Contact Smart Cards,Memory Overview SLE 4442,

Figure 3.58 Cross-section of a FRAM cell in 0.35-μm technology. The light horizontal bands are aluminum metallization layers, and the dark vertical bars are interconnections (‘vias’) between the layers. The trapezopidal horizontal area at the lower right is the actual FRAM cell. The width of the cell is approximately 1.5 μm

RAM (random-access memory)
In smart cards,RAMis the memory used to hold data that are stored or altered during a session. The number of accesses is unlimited. RAM needs a power supply in order to operate. If power is switched off or fails temporarily, the content of the RAM is undefined. A RAM cell consists of several transistors, connected such that they work as a bistable multivibrator. The state of this multivibrator represents the stored value of one bit in the RAM. TheRAMused in smart cards is static (SRAM), which means that its contents do not have to be periodically refreshed. It is thus not dependent on an external clock, in contrast to dynamicRAM (DRAM). It is important for the RAM to be static, since it must be possible to stop the clock signal to a smart card.With dynamic RAM, this would cause the stored information to be lost.