Table of Contents
Advertisement
USER'S GUIDE
SECTION 9: FIRMWARE SECURITY
One of the most unique features of the Secure Micro-
controller is its firmware security. The family far sur-
passes the standard offering of ROM based microcon-
trollers in keeping system attackers or competitors from
viewing the contents of memory. In a standard EPROM
based microcontroller, a knowledgeable attacker can
disable the EPROM security bit and have access to the
entire memory contents. The Secure Microcontroller's
improved security makes it a natural choice for systems
with high security requirements such as financial trans-
action terminals. However, the firmware security can
also be employed to keep competitors from copying pro-
prietary algorithms. Allowing access to these algo-
rithms can create an instant competitor. This section
describes the security features and their application.
FEATURE
Security Lock
RAM memory
Encrypted memory
Encryption Key
Encryption Key Selection
Encryption Keys loaded
Dummy bus access
On–chip Vector RAM
Self–Destruct Input
Die Top Coating
Random Number Generator
SECURITY OVERVIEW
Security features are useful if an application dispenses
services on a pay per service basis. Electronically
bypassing the security would allow the dispensing of the
service for free, resulting in lost revenue to the system
owner. Another common application is the transmission
of secret information. The user's algorithm and key data
could be observed in a unsecured system, resulting in a
break in the secure transmission. The Secure Micro-
controller Family is designed to protect the contents of
memory from being viewed. This is done with a com-
050396 71/173
DS5001
Yes
Yes
None
Yes, user must enable
None
None
User selected
N/A
When user selects
None
Yes, when encrypted
None
Yes, when encrypted
None
None
Yes
72
Also included are guidelines to using microcontroller
security within the framework of total system security.
As with memory map control, there are variations
between the different Secure Microcontroller versions.
The original DS5000 has a high level of firmware secu-
rity and the DS5002 has added several distinct improve-
ments. Note that the DS5001 has only minimal security
and should only be applied when other physical security
is used or when security is not needed. The table below
provides a brief summary of the versions and their secu-
rity features. A detailed description of each feature fol-
lows. In the description, elements that are unique to a
particular Secure Microcontroller version have that ver-
sion underlined.
DS5000
Yes
Yes
48 bits
Automatic, any new load, dump
None
None
None
bination of circuit techniques and physical security. The
combination is a formidable defense. Regardless of the
application, the secure microcontroller protects the con-
tents of memory from tampering and observation. This
preserves secret information, access to services, criti-
cal algorithms etc. The security features of the Secure
Microcontroller include physical security against probe,
memory security through cryptographic scrambling,
and memory bus security preventing analysis of the
CPU's operation. The features mentioned above and
described below protect the application code and data.
DS5002
Yes
Yes
Yes
64 bits
True random number
Yes
Yes
Yes
Optional (DS5002FPM)
Yes
- Quick Links:
- Section 1 Introduction
Hide quick links:
Advertisement
Table of Contents
