2 ram memory, Emory – Maxim Integrated Secure Microcontroller User Manual

Secure Microcontroller User’s Guide

75 of 187

single-chip microcontroller, in that it prevents a programmer from reading the memory. In addition, the
security lock prevents the microcontroller from executing code on the expanded bus of Ports 0 and 2.
Thus an attacker cannot add a memory and use MOVC instructions to would force the microcontroller to
read out the contents of protected memory. However, the secure microcontroller security lock does
provide one important difference from EPROM security bits. When the security lock is cleared, it
destroys the RAM contents. If a knowledgeable user were to physically erase the security bit in an
EPROM-based microcontroller, the memory contents would remain to be read. The security lock consists
of a multiple bit latch distributed throughout the microprocessor with circuits that collapse the lock in the
event of tampering. Clearing the lock starts an irreversible destructive process that acts differently for
each device as described below.

In a DS5001 clearing the lock causes the loader to manually write over the first 32KB of NV RAM with
zeros. Thus the contents of memory would be erased. This is obviously a low level of security but deters
casual inspection. In a DS5000 or DS5002, clearing the lock causes an instantaneous erasure of the
Encryption Key and Vector RAM. This action is unpreventable once the lock is cleared and happens
independent of V

CC

or operating frequency. Once the erasure has occurred, a DS5000 assumes a

nonsecure state. In a DS5002, the Loader proceeds to load a new Encryption Key once the erasure has
occurred. In both, the Bootstrap Loader will then proceed to overwrite the first 32KB of RAM if power is
available and the crystal is still present. Thus the instantaneous erasure of the Encryption Key effectively
renders the contents of memory useless since it can no longer be properly deciphered.

The Security Lock is set via the Bootstrap Loader using the “Z” command. Once issued, the Loader will
continue to communicate with a user but will not perform other commands. The Loader will respond with
an error message in the event that further commands are issued. While the Lock is set, the Loader has no
access to the Byte–wide bus memory. The Security Lock can be cleared using the “U” command. Issuing
this command to a locked part results in the destructive process described above. No confirmation is
requested. The status of the Security Lock can be read by application software at MCON.0. This bit is
only a status flag and cannot be affected by user software.

Important Application Note

The memory contents of a secure microcontroller are not secure unless both the security lock bit is set
AND the memory encryption feature is activated via the bootstrap loader. (The memory encryption
feature is activated automatically in the DS5002FP) Failure to set the lock bit may result in incomplete
protection of the memory contents.

9.2 RAM Memory

NV RAM provides a useful way to store program and data. The contents can be retained for a long
period, but can be changed when desired. This attribute is important when considering security. No matter
what probing techniques are used on a ROM, the contents remain unaffected. With resources and
patience, a determined attacker will obtain the contents of a ROM based product. NV RAM can be
destroyed on demand. The user’s physical security must simply remove the power (V

CC

and V

BAT

) from a

microprocessor chip to eliminate the memory contents. Thus NV RAM provides flexibility as well as
security. Enough physical security can be combined with even a DS5001 to provide a very secure system.
The DS5002 even provides a direct facility to destroy memory discussed below.