Mitsubishi DS907x SIP manual On±chip Vector RAM, Self±Destruct Input, Microprobe/Die Top Coating

On±chip Vector RAM

A 48±byte RAM area is incorporated inside the DS5000FP and DS5002FP. This area maps to the first 48 locations of program memory to store reset and interrupt vectors. Any other data stored in the first 48 locations will be contained in this Vector RAM. The prin- cipal reason for the Vector RAM is that the reset and interrupt vectors are known logical addresses in the 8051 family. Thus an attacker could force a reset or interrupt and discover the encrypted address gener- ated by the Secure Microcontroller. By storing these Vectors in on±chip RAM, it is impossible to observe such relationships. Although it is very unlikely that an application program could be deciphered by observing the vector addresses, the Vector RAM eliminated this possibility. Note that the dummy accesses discussed above also occur while the Vector area is being accessed.

The Vector RAM is automatically loaded with the reset and interrupt vectors during Bootstrap Loading. This feature is transparent to operation and no action is required to use it. However, considering the Vector area feature can improve overall system security. As men- tioned above, the Vector RAM is instantaneously destroyed in the event of an unlock (also by a self±de- struct on DS5002FP). Since it is hidden and subject to destruction, the 48 bytes are the most secure memory in a system. Thus the most critical constants can also be stored there. This is an ideal location for storing DES keys for applications involving data encryption such as electronic funds transfer.

The Vector RAM is always used on a DS5002FP. The data stored between logical location 00h and 30h will be loaded into and executed for the Vector RAM. This data will not be duplicated in NV RAM accessed by the Byte± wide bus. The operation of DS5000FP Vector RAM is the same, but only when the encryption feature is enabled. When a DS5000FP has not had an Encryption Key loaded, the Vector RAM is left unused.

Self±Destruct Input

The Self±Destruct Input (SDI) is an active high input pin that is used to clear the security lock on a DS5002FP in response to an external event. The SDI is intended to be used with external tamper detection circuitry. It can be activated by an active high signal with or without operat-

ing power applied to the VCCI pin. Activation of the SDI pin instantaneously clears the Security Lock initiating the sequence of events described above. In addition, power is momentarily removed from all Byte±wide bus interface signals including the VCCO pin, resulting in loss of data by the external RAM. Address and data lines are also pulled low to remove any excess charge that could help retain data in that RAM. The SDI pin is deglitched so that a 2 μs pulse is required to activate it. However, this pin is sensitive so it should be grounded if not used. It is only available on the DS5002FP and DS2252FP products.

Microprobe/Die Top Coating

The DS5002FPM is provided with a special top±layer coating that is designed to prevent a microprobe attack. The coating is implemented with a second layer of metal on the microcontroller die. This metal will result in a short circuit of critical functions if probing is attempted. The probing action destroys the data that is secret. Also, security circuits and Vector RAM derive their power from this screen. Therefore they will be de±pow- ered if the top coating is removed, also destroying the secret data. In this event, any critical data stored on± chip will be destroyed and off±chip data is rendered use- less.

Random Number Generator

As mentioned above, the DS5002FP incorporates a hardware random number generator used by the Boot- strap Loader to generate Encryption Keys. The Ran- dom Number Generator is not a security circuit perse, but it is available to the application and can be used to improve the overall system security. Random numbers have numerous applications with respect to security. For example, to prevent an attacker from developing a histogram of code execution, the Random Number Generator could be used to decide how long to spend on particular activities. The random number is created 8 bits at a time. They are obtained by the application code at SFR location 0CFh. The random number takes 160 μs to develop. Reading a byte from register 0CFh will start the generation of another random number. After the random number is read, another will be avail- able approximately 160 μs later. The RNR bit (RPCTL.7; 0D8h) will be set to a logic 1 each time a new number is available. If the random number is read prior to RNR being set, the value will be 00.