DS5240 Datasheet, PDF(2/3 Page) Dallas Semiconductor – High-Speed Secure Microcontroller

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

DS5240 Datasheet, PDF (2/3 Pages) Dallas Semiconductor – High-Speed Secure Microcontroller

◁

An NDA is required for full disclosure of details. Contact factory.

DS5240

DESCRIPTION

The DS5240 is a high-speed 8051 compatible security processor with built- in system features designed to

meet the stringent FIPS-140 and Common Criteria validations required by banking regulations

worldwide. Based on Dallas Semiconductorâs battery-backed technology and fast-erase SRAM design,

the DS5240 supports rapid âzeroizationâ of secure information as a tamper response. Security-related

features included on-chip are a fine- line top- level metal grid to protect underlying circuitry from

tampering, a Modulo Arithmetic Accelerator (MAA) using words up to 4096-bits in length for

calculations including Public Key Infrastructure (PKI), a random number generator for key creation,

multiple on-chip environmental sensors to detect out-of-range conditions and generate a tamper response,

and a user-available DES engine for arbitrary data encryption. The user DES engine supports both single

and triple-DES (3DES) cryptographic operations. Other on-chip features include a true-time clock with

alarm interrupt/wake-up capability, a CRC-16/32 generator, a phase- locked loop (PLL) to simplify crystal

selection and to isolate internal chip clocks from external system clock, extended memory addressing of

up to 4MB program and 4MB data and a 1kB stack (part of 5kB total SRAM) for high- level language

support, circuitry to control battery backing of certain internal circuits and external SRAM for storage of

program and/or data, and sleep, idle and power management modes for low power applications.

The DS5240âs comprehensive security measures create a trusted computing environment for the most

sensitive applications. These measures include an array of features specifically designed to resist known

threats including observation, analysis, and physical attack. They are designed such that a massive effort

would be required to obtain information about the contents of the chip (e.g., stored encryption keys)

and/or external memory. Furthermore, the âsoftâ nature of the DS5240 (SRAM storage) allows frequent

modification of secure information, either program or data.

The DS5240 implements a physical and logical security system that is more extensive than found in its

predecessor, the DS5002 secure microcontroller. Like the DS5002, the DS5240 executes application

software from encrypted storage. However, on the DS5240, the encryption implemented is a true block

cipher, according to the Data Encryption Standard (DES or triple-DES). Attempts to discover the keys

through physical tampering result in their erasure, rendering the encrypted contents of external memory

useless. Up to 4MB of program space and 4MB of data space can be accessed through a dedicated,

nonmultiplexed byte-wide bus leaving all port pins available for I/O functions. The contents of external

memory are maintained during power-off by power from a battery connected to the DS5240. In the

absence of VCC, battery power maintains the memory. A small lithium coin cell can provide more than 10

years of data retention.

All the security features of the DS5002 are implemented in the DS5240, with two distinctions. First,

encryption of the address bus is not employed for external program memory (only the program

information on the data bus is encrypted) and second, there are no dummy read cycles performed on the

embedded bus. Strong new security measures are added to the DS5240, including selectable 3DES

encryption of program memory where the encryption is based on 112-bit (two word) keys that are

automatically generated by the random number generator. There are also two self-destruct inputs (SDI)

provided. One SDI controls destruction of external program and data, cache memory, key registers and

selected areas of internal SRAM. The second SDI functions as an interrupt, allowing the user to take

advantage of the DS5240âs ability to respond to a detected attack under software control. The DS5240

also offers a number of selectable built- in countermeasures against known attack methodologies. The

device incorporates on-chip sensors to monitor âout-of-rangeâ conditions, and these sensors can force the

device to undergo a special destructive reset if desired. Finally, the DS5240 supports optional timed-

access write operations to the parallel I/O port pins, making certain attack approaches ineffective.

2 of 3

▷