 English |
|
|
|
|
|
|
|
| DS5002FP_06 Datasheet, PDF (15/25 Pages) Dallas Semiconductor – Secure Microprocessor Chip | |||
| |||
| ◁ |
DS5002FP Secure Microprocessor Chip
SECURE OPERATION OVERVIEW
The DS5002FP incorporates encryption of the activity on its byte-wide address/data bus to prevent unauthorized
access to the program and data information contained in the NV RAM. Loading an application program in this
manner is performed by the bootstrap loader using the general sequence described below:
1) Clear security lock.
2) Set memory map configuration as for DS5001FP
3) Load application software
4) Set security lock
5) Exit loader
Loading of application software into the program/data RAM is performed while the DS5002FP is in its bootstrap
load mode. Loading is only possible when the security lock is clear. If the security lock has previously set, then it
must be cleared by issuing the âZâ command from the bootstrap loader. Resetting the security lock instantly clears
the previous key word and the contents of the Vector RAM. In addition, the bootstrap ROM writes 0âs into the first
32k of external RAM.
The userâs application software is loaded into external CMOS SRAM by the âLâ command in âscrambledâ form
through on-chip encryptor circuits. Each external RAM address is an encrypted representation of an on-chip logical
address. Thus, the sequential instructions of an ordinary program or data table are stored nonsequentially in RAM
memory. The contents of the program/data RAM are also encrypted. Each byte in RAM is encrypted by a key- and
address-dependent encryptor circuit such that identical bytes are stored as different values in different memory
locations.
The encryption of the program/data RAM is dependent on an on-chip 64-bit key word. The key is loaded by the
ROM firmware just prior to the time that the application software is loaded, and is retained as nonvolatile
information in the absence of VCC by the lithium backup circuits. After loading is complete, the key is protected by
setting the on-chip security lock, which is also retained as nonvolatile information in the absence of VCC. Any
attempt to tamper with the key word and thereby gain access to the true program/data RAM contents results in the
erasure of the key word as well as the RAM contents.
During execution of the application software, logical addresses on the DS5002FP that are generated from the
program counter or data pointer registers are encrypted before they are presented on the byte-wide address bus.
Op codes and data are read back and decrypted before they are operated on by the CPU. Similarly, data values
written to the external nonvolatile RAM storage during program execution are encrypted before they are presented
on the byte-wide data bus during the write operation. This encryption/decryption process is performed in real time
such that no execution time is lost as compared to the non-encrypted DS5001FP or 8051 running at the same
clock rate. As a result, operation of the encryptor circuitry is transparent to the application software.
Unlike the DS5000FP, the DS5002FP chipâs security feature is always enabled.
SECURITY CIRCUITRY
The on-chip functions associated with the DS5002FPâs software security feature are depicted in Figure 9.
Encryption logic consists of an address encryptor and a data encryptor. Although each encryptor uses its own
algorithm for encrypting data, both depend on the 64-bit key word which is contained in the Encryption Key
registers. Both the encryptors operate during loading of the application software and also during its execution.
15 of 25
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese