Maxim-integrated Secure Microcontroller Uživatelský manuál Strana 74
- Strana / 187
- Tabulka s obsahem
- ŘEŠENÍ PROBLÉMŮ
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Secure Microcontroller User’s Guide
74 of 187
9. FIRMWARE SECURITY
One of the outstanding features of the secure microcontroller is its firmware security. The family far
surpasses the standard offering of ROM-based microcontrollers in keeping system attackers or
competitors from viewing the contents of memory. In a standard EPROM-based microcontroller, a
knowledgeable attacker can disable the EPROM security bit and have access to the entire memory
contents. The secure microcontroller’s improved security makes it a natural choice for systems with high
security requirements such as financial transaction terminals. However, the firmware security can also be
employed to keep competitors from copying proprietary algorithms. Allowing access to these algorithms
can create an instant competitor. This section describes the security features and their application. Also
included are guidelines to using microcontroller security within the framework of total system security.
As with memory map control, there are variations between the different secure microcontroller versions.
The original DS5000 has a high level of firmware security and the DS5002 has added several distinct
improvements. Note that the DS5001 has only minimal security and should only be applied when other
physical security is used or when security is not needed.
Security Overview
The usefulness of the security features are evident in an application dispenses services on a pay per
service basis. Electronically bypassing the security would allow the dispensing of the service for free,
resulting in lost revenue to the system owner. Another common application is the transmission of secret
information. The user’s algorithm and key data could be observed in an unsecured system, resulting in a
break in the secure transmission. The secure microcontroller family protects the contents of memory from
being viewed. This is done with a combination of circuit techniques and physical security. The
combination is a formidable defense. Regardless of the application, the secure microcontroller protects
the contents of memory from tampering and observation. This preserves secret information, access to
services, critical algorithms etc. The security features of the secure microcontroller include physical
security against probe, memory security through cryptographic scrambling, and memory bus security
preventing analysis of the CPU’s operation. The table below provides a brief summary of the versions
and their security features. A detailed description of each feature follows. In the description, elements that
are unique to a particular secure microcontroller version have that version underlined.
FEATURE DS5001 DS5000 DS5002
Security Lock
Yes
Yes
Yes
RAM memory
Yes
Yes
Yes
Encrypted memory
None
Yes, user must enable
Yes
Encryption Key
None
48 bits
80 bits (64 bits rev Bx)
Encryption Key Selection
None
User selected
True random number
Encryption Keys loaded
N/A
When user selects
Automatic, any new load/dump
Dummy bus access
None
Yes, when encrypted
Yes
On-chip Vector RAM
None
Yes, when encrypted
Yes
Self-Destruct Input
None
None
Yes
Die Top Coating
None
None
Optional (only on DS5002FPM)
Random Number Generator
Yes
None
Yes
9.1 Security Lock
The easiest way to dump (view) the memory contents of a secure microcontroller is using the bootstrap
loader. On request, the loader will transfer the contents of memory to a host PC. The security lock
prevents this. The lock is the minimal security feature, available even in the DS5001FP. Once set, the
security lock prevents the loader from accessing memory. In fact, no loader commands (except Unlock)
will work while the lock is set. The security lock is similar in function to an EPROM security bit on a
- Rev 1/14 1
- TABLE OF CONTENTS 2
- 4 of 187 4
- LIST OF FIGURES 5
- LIST OF TABLES 6
- 1. INTRODUCTION 7
- 1.2 Software Security 7
- Separate Address/Data Bus 8
- Large Nonvolatile Memory 8
- In-System Loading 8
- High-Reliability Operation 8
- 1.3 Product Description 9
- 2. SELECTOR GUIDE 12
- 13 of 187 13
- Scratchpad Registers 14
- Serial I/O 14
- Programmable Timers 14
- 15 of 187 15
- Parallel I/O 16
- Program/Data RAM Interface 16
- High-Reliability Circuitry 16
- Software Encryption Logic 16
- Security Lock Logic 16
- Vector RAM 17
- Timed-Access Logic 17
- Watchdog Timer 17
- Resident Loader ROM 17
- 4. PROGRAMMER’S GUIDE 18
- 4.1.1 Internal Registers 19
- 21 of 187 21
- DS5000 SERIES MCON REGISTER 24
- Partition Table 25
- 29 of 187 29
- 30 of 187 30
- 32 of 187 32
- Figure 4-9. DS5000 SFR Map 34
- 35 of 187 35
- PCON, 087H 36
- Power Control Register 36
- Timer Control Register 37
- TCON, 088H 37
- Timer Mode Register 38
- TMOD, 089H 38
- Serial Control Register 39
- SCON, 098H 39
- Interrupt Enable Register 40
- IE, 0A8H 40
- Interrupt Priority Register 41
- IP, 0B8H 41
- DS5001 CRC Register 42
- CRC, 0C1H 42
- MCON, 0C6H 42
- 43 of 187 43
- PAA 43
- DS5001/DS5002 MCON Register 44
- Program Status Word Register 45
- PSW, 0D0H 45
- RPCTL, 0D8H 46
- RPS, 0DAH 47
- 4.9 Instruction Set 48
- 4.10 Addressing Modes 48
- 49 of 187 49
- 4.11 Program Status Flags 50
- 5. MEMORY INTERCONNECT 51
- DS5002FP 54
- 6. LITHIUM/BATTERY BACKUP 58
- 6.1 Data Retention 58
- Battery-Backed Circuits 58
- Battery-Attach Procedure 59
- Battery Lifetime 60
- Using Lithium Cells 61
- Freshness Seal 61
- 7. POWER MANAGEMENT 62
- 7.1 Idle Mode 62
- 63 of 187 63
- 7.2 Stop Mode 64
- 7.4 Power-Fail Interrupt 64
- 7.5 Total Power Failure 65
- 7.6 Partial Power Failures 66
- 8. SOFTWARE CONTROL 68
- 8.1 Timed Access 68
- Figure 8-1. Timed Access 69
- 8.2 Watchdog Timer 70
- 8.3 CRC Memory Verification 71
- 72 of 187 72
- Figure 8-2. CRC Code Example 73
- 9. FIRMWARE SECURITY 74
- Security Overview 74
- 9.1 Security Lock 74
- 9.2 RAM Memory 75
- 9.3 Encrypted Memory 76
- 77 of 187 77
- 9.4 Encryption Algorithm 78
- 9.5 Encryption Key 78
- 9.7 Dummy Bus Access 79
- 9.8 On-Chip Vector RAM 79
- 9.9 Self-Destruct Input 80
- 81 of 187 81
- Avoid Clear Text 82
- Avoid CRC or Checksum 83
- Use Random Values 83
- Change Code 83
- External Circuits 84
- Tamper Protection 84
- 10. RESET CONDITIONS 85
- 10.1 Reset Sources 85
- Reset Status Bits 85
- Table 10-A. SFR Reset States 86
- 10.1.1 Power-On Reset 87
- 10.1.2 No-V 88
- Power-On Reset 88
- 10.1.3 External Reset 88
- 10.1.4 Watchdog Timer Reset 88
- 10.2 Memory Map 89
- 10.3 Interrupts 90
- 10.4 Timers 90
- 91 of 187 91
- 11. INTERRUPTS 92
- 11.1 Interrupt Sources 92
- 11.2 External Interrupts 93
- 11.3 Timer Interrupts 93
- 11.4 Serial Port Interrupts 93
- 11.6 Simulated Interrupts 94
- 11.7 Interrupt Priorities 96
- 11.8 Interrupt Acknowledge 97
- 12. PARALLEL I/O 99
- 12.1 Output Functions 102
- 12.2 Input Function 103
- 12.5 RPC Interrupts 106
- 12.6 RPC Protocol 107
- 12.7 DMA Operation 107
- 108 of 187 108
- 13. PROGRAMMABLE TIMERS 109
- 13.1 Functional Description 109
- 110 of 187 110
- 13.2 Mode 0 111
- 13.3 Mode 1 111
- 13.4 Mode 2 112
- 13.5 Mode 3 114
- 14. SERIAL I/O 115
- 14.1 Function Description 115
- Serial Port Control Register 117
- 14.2 Baud Rate Generation 118
- 119 of 187 119
- 14.4 Asynchronous Operation 120
- 121 of 187 121
- 122 of 187 122
- 123 of 187 123
- 124 of 187 124
- Mode 2 and 3 125
- 126 of 187 126
- 127 of 187 127
- 128 of 187 128
- 15. CPU TIMING 130
- 15.1 Oscillator 130
- 15.2 Instruction Timing 131
- 132 of 187 132
- 136 of 187 136
- 16. PROGRAM LOADING 137
- 138 of 187 138
- 16.4 Exiting the Loader 139
- 142 of 187 142
- 16.8 Command Line Interface 143
- 16.9 Command Line Syntax 143
- Important Application Note 144
- 16.10 Command Summaries 145
- 146 of 187 146
- 147 of 187 147
- 16.11 Error Messages 148
- 16.12 Intel Hex File Format 149
- 152 of 187 152
- 153 of 187 153
- 154 of 187 154
- 17. REAL-TIME CLOCK (RTC) 155
- 17.1 DS5000T/DS2250T RTC 155
- 156 of 187 156
- 17.3 Registers 160
- 17.4 Special Bits 160
- 17.5 DS2251T/DS2252T RTC 162
- 17.6 Memory Map 163
- 165 of 187 165
- 166 of 187 166
- 168 of 187 168
- 169 of 187 169
- 170 of 187 170
- 171 of 187 171
- 172 of 187 172
- 173 of 187 173
- 174 of 187 174
- 175 of 187 175
- 18. TROUBLESHOOTING 176
- 177 of 187 177
- 178 of 187 178
- 18.7 Do’s and Don’ts 179
- 180 of 187 180
- 19. INSTRUCTION SET DETAILS 181
- MNEMONIC 183
Související produkty a manuály pro Hardware Maxim-integrated Secure Microcontroller
Hardware Maxim-integrated High-Speed Microcontroller Users Guide: DS80C390 S Uživatelský manuál
(158 stránky)
(158 stránky)
Hardware Maxim-integrated High-Speed Microcontroller Users Guide: Network Mi Uživatelský manuál
(221 stránky)
(221 stránky)
Hardware Maxim-integrated MAX31782 Uživatelský manuál
(223 stránky)
(223 stránky)
Hardware Maxim-integrated 78M6631 Uživatelský manuál
(32 stránky)
(32 stránky)
© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.022 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce