DS5003FPM-16+ Datasheet DS5003FPM-16+, DS5003M-DNS+, DS5003-CS1+ | P16-P18

DS5003

Secure Microprocessor Chip

16 ______________________________________________________________________________________

TIMING

AND

BUS

CONTROL

ADDRESS/

DATA

ENCRYPTORS

BYTE-

WIDE

BUS

INTERFACE

SPECIAL

FUNCTION

REGISTERS

ENCRYPTION

KEYS

DATA REGISTERS

WITH ENHANCED

INDIRECT

ADDRESSING

(256 BYTES)

POWER

MONITOR

VECTOR

RAM

(48 BYTES)

CPU

OSC

XTAL1

R/W

SDI

CE1–CE4

BA0–BA14

BD0–BD7

PE1–PE4

XTAL2

RST

ALE

PROG

WATCHDOG

TIMER

PORT 0

P0.0

P0.1

P0.2

P0.3

P0.4

P0.5

P0.6

P0.7

PORT 1

P1.0

P1.1

P1.2

P1.3

P1.4

P1.5

P1.6

P1.7

PORT 2

P2.0

P2.1

P2.2

P2.3

P2.4

P2.5

P2.6

P2.7

PORT 3

P3.0

P3.1

P3.2

P3.3

P3.4

P3.5

P3.6

P3.7

ADDRESS

DATA

BOOTSTRAP

LOADER ROM

TXD

RXD

TIMER 0

TIMER 1

INT0

INT1

VRST

CCO

DS5003

Figure 8. Block Diagram

Security Circuitry

Figure 9 shows the on-chip functions associated with

the DS5003’s software security feature. Encryption logic

consists of an address encryptor and a data encryptor.

Although each encryptor uses its own algorithm for

encrypting data, both depend on the 64-bit key word

that is contained in the encryption key registers. Both

the encryptors operate during loading of the application

software and also during its execution.

The address encryptor translates each logical address,

i.e., the normal sequence of addresses that are gener-

ated in the logical flow of program execution, into an

encrypted address (or physical address) at which the

byte is actually stored. Each time a logical address is

generated, either during program loading or during

program execution, the address encryptor circuitry

uses the value of the 64-bit key word and of the

address itself to form the physical address, which are

presented on the address lines of the SRAM. The

encryption algorithm is such that there is one and only

one physical address for every possible logical

address. The address encryptor operates over the

entire memory range, which is configured during boot-

strap loading for access on the byte-wide bus.

As bootstrap loading of the application software is per-

formed, the data encryptor logic transforms the op

code, operand, or data byte at any given memory loca-

tion into an encrypted representation. As each byte is

read back to the CPU during program execution, the

internal data encryptor restores it to its original value.

When a byte is written to the external nonvolatile pro-

gram/data SRAM during program execution, that byte

is stored in encrypted form as well. The data encryption

logic uses the value of the 64-bit key, the logical

address to which the data is being written, and the

value of the data itself to form the encrypted data,

which is written to the nonvolatile program/data SRAM.

The encryption algorithm is repeatable, such that for a

given data value, encryption key value, and logical

address the encrypted byte is always the same.

However, there are many possible encrypted data val-

ues for each possible true-data value due to the algo-

rithm’s dependency on the values of the logical

address and encryption key.

DS5003

Secure Microprocessor Chip

______________________________________________________________________________________ 17

BOOTSTRAP

LOADER

RANDOM-

NUMBER

GENERATOR

ADDRESS

ENCRYPTOR

EXTERNAL

BYTE-WIDE

RAM

DATA

ENCRYPTOR

SECURITY

LOCK

64-BIT ENCRYPTION KEY

SECURE INTERNAL ADDRESS BUS

ENCRYPTED BYTE-WIDE

ADDRESS BUS

SECURE INTERNAL DATA BUS

PROGRAM

COUNTER

DATA

POINTER

ENCRYPTED BYTE-WIDE

DATA BUS

SDI

(SELF-DESTRUCT

INPUT)

Figure 9. Security Circuitry

DS5003

When the application software is executed, the

DS5003’s internal CPU operates as normal. Logical

addresses are calculated for op code fetch cycles and

also data read and write operations. The DS5003 can

perform address encryption on logical addresses as

they are generated internally during the normal course

of program execution. In a similar fashion, data is

manipulated by the CPU in its true representation.

However, data is also encrypted when it is written to the

external program/data SRAM, and is restored to its

original value when it is read back.

When an application program is stored in the previously

described format, it is virtually impossible to disassem-

ble op codes or to convert data back into its true repre-

sentation. Address encryption has the effect that the op

codes and data are not stored in the contiguous form in

which they were assembled, but rather in seemingly

random locations in memory. This effect makes it virtu-

ally impossible to determine the normal flow of the pro-

gram. As an added protection measure, the address

encryptor also generates dummy read-access cycles

whenever time is available during program execution.

Dummy Read Cycles

Like the DS5002FP, the DS5003 generates a dummy

read-access cycle to nonsequential addresses in exter-

nal SRAM memory whenever time is available during

program execution. This action further complicates the

task of determining the normal flow of program execu-

tion. During these pseudorandom dummy cycles, the

SRAM is read to all appearances, but the data is not

used internally. Through the use of a repeatable

exchange of dummy and true read cycles, it is impossi-

ble to distinguish a dummy cycle from a real one.

Encryption Algorithm

The DS5003 incorporates a proprietary hardware algo-

rithm that performs the scrambling of address and data

on the byte-wide bus to the SRAM. Improvements

include the following:

• 64-bit encryption key (protected by the security

lock function).

• Incorporation of DES-like operations to provide a

greater degree of nonlinearity.

• Customizable encryption.

Encryption Key

As previously described, the on-chip 64-bit encryption

key is the basis of both the address and data encryptor

circuits. When the loader is given certain commands,

the key is generated from an on-chip hardware ran-

dom-number generator. This action is performed just

prior to actually loading the code into the external

SRAM. This scheme prevents characterization of the

encryption algorithm by continuously loading new,

known keys. It also frees the user from the burden of

protecting the key selection process.

The random-number generator circuit uses the asyn-

chronous frequency differences of two internal ring

oscillators and the processor master clock (determined

by XTAL1 and XTAL2). As a result, a true random num-

ber is produced.

Vector RAM

A 48-byte vector RAM area is incorporated on-chip,

and is used to contain the reset and interrupt vector

code in the DS5003. It is included in the architecture to

help ensure the security of the application program.

If reset and interrupt vector locations were accessed

from the external nonvolatile program/data RAM during

the execution of the program, it would be possible to

determine the encrypted value of known addresses.

This could be done by forcing an interrupt or reset con-

dition and observing the resulting addresses on the

byte-wide address/data bus. For example, it is known

that when a hardware reset is applied, the logical pro-

gram address is forced to location 0000h and code is

executed starting from this location. It would then be

possible to determine the encrypted value (or physical

address) of the logical address value 0000h by observ-

ing the address presented to the external SRAM follow-

ing a hardware reset. Interrupt vector address

relationships could be determined in a similar fashion.

By using the on-chip vector RAM to contain the inter-

rupt and reset vectors, it is impossible to observe such

relationships. The vector RAM eliminates the unlikely

possibility that an application program could be deci-

phered by observing vector address relationships. Note

that the dummy accesses mentioned are conducted

while fetching from vector RAM.

The vector RAM is automatically loaded with the user’s

reset and interrupt vectors from the Intel hex file during

bootstrap loading.

Security Lock

Once the application program has been loaded into the

DS5003’s external and vector RAM, the security lock

can be enabled by issuing the Z command in the boot-

strap loader. While the security lock is set, no further

access to program/data information is possible by the

on-chip ROM. Access is prevented by both the boot-

strap loader firmware and the DS5003 encryptor cir-

cuits.

Access to the SRAM can only be regained by clearing

the security lock by the U command in the bootstrap

Secure Microprocessor Chip

18 ______________________________________________________________________________________

P1-P3 P4-P6 P7-P9 P10-P12 P13-P15 P16-P18 P19-P21 P22-P24

DS5003FPM-16+

Mfr. #:

Buy DS5003FPM-16+

Manufacturer:

Maxim Integrated

Description:

Microprocessors - MPU Soft MCU Chip

Lifecycle:

New from this manufacturer.

Delivery:

DHL FedEx Ups TNT EMS

Payment:

T/T Paypal Visa MoneyGram Western Union

DS5003FPM-16+

DS5003FPM-16+

Products related to this Datasheet