 English |
|
|
|
|
|
|
|
| DS5002FP_1 Datasheet, PDF (6/29 Pages) Dallas Semiconductor – Secure Microprocessor Chip | |||
| |||
| ◁ |
DS5002FP
SECURE OPERATION OVERVIEW
The DS5002FP incorporates encryption of the activity on its byte-wide address/data bus to prevent
unauthorized access to the program and data information contained in the nonvolatile RAM. Loading an
application program in this manner is performed via the Bootstrap Loader using the general sequence
described below:
1. Clear Security Lock.
2. Set memory map configuration as for DS5001FP.
3. Load application software.
4. Set Security Lock.
5. Exit Loader.
Loading of application software into the program/data RAM is performed while the DS5002FP is in its
Bootstrap Load mode. Loading is only possible when the Security Lock is clear. If the Security Lock has
previously set, then it must be cleared by issuing the âZâ command from the Bootstrap Loader. Resetting
the Security Lock instantly clears the previous key word and the contents of the Vector RAM. In addition,
the Bootstrap ROM writes 0s into the first 32k of external RAM.
The userâs application software is loaded into external CMOS SRAM via the âLâ command in
âscrambledâ form through on-chip encryptor circuits. Each external RAM address is an encrypted
representation of an on-chip logical address. Thus, the sequential instructions of an ordinary program or
data table are stored non-sequentially in RAM memory. The contents of the program/data RAM are also
encrypted. Each byte in RAM is encrypted by a key- and address-dependent encryptor circuit such that
identical bytes are stored as different values in different memory locations.
The encryption of the program/data RAM is dependent on an on-chip 64-bit key word. The key is loaded
by the ROM firmware just prior to the time that the application software is loaded, and is retained as
nonvolatile information in the absence of VCC by the lithium backup circuits. After loading is complete,
the key is protected by setting the on-chip Security Lock, which is also retained as nonvolatile
information in the absence of VCC. Any attempt to tamper with the key word and thereby gain access to
the true program/data RAM contents results in the erasure of the key word as well as the RAM contents.
During execution of the application software, logical addresses on the DS5002FP that are generated from
the program counter or data pointer registers are encrypted before they are presented on the byte-wide
address bus. Opcodes and data are read back and decrypted before they are operated on by the CPU.
Similarly, data values written to the external nonvolatile RAM storage during program execution are
encrypted before they are presented on the byte-wide data bus during the write operation. This
encryption/decryption process is performed in real time such that no execution time is lost as compared to
the non-encrypted DS5001FP or 8051 running at the same clock rate. As a result, operation of the
encryptor circuitry is transparent to the application software.
Unlike the DS5000FP, the DS5002FP chipâs security feature is always enabled.
SECURITY CIRCUITRY
The on-chip functions associated with the DS5002FPâs software security feature are depicted in Figure 2.
Encryption logic consists of an address encryptor and a data encryptor. Although each encryptor uses its
6 of 29
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese