7 dummy bus access, 8 on-chip vector ram, Ummy – Maxim Integrated Secure Microcontroller User Manual

Secure Microcontroller User’s Guide

79 of 187

decrypted by the micro. Once a new Key is loaded, it will allow all commands to work properly within
the same Bootstrap session since memory access is done using the correct Key. Exiting and re-entering
the Bootstrap Loader, then doing a Dump will not work since this action would first result in Loading a
new Encryption Key. The microcontroller would no longer be able to decrypt the RAM contents. This
extra precaution is used regardless of the Security Lock. It prevents an attacker from retrieving memory
through the Bootstrap Loader even if the programmer forgets to lock the DS5002FP. Once the Security
Lock is set, all Bootstrap Loader access to the memory is prohibited.

9.7 Dummy Bus Access

The secure microcontroller disguises its memory contents through encryption. Additional steps are also
used to prevent analysis of the bus activity by 8051-savy hackers. Both the DS5000FP and DS5002FP
insert dummy MOVX read operations when possible. In the 8051 architecture, there are typically two
identical memory accesses per instruction cycle, but most operations so nothing with the second program
fetch. In the secure microcontroller, a pseudo-random address is generated for the dummy cycle and this
random memory address is actually fetched, but the dummy data is discarded. The real and dummy
accesses are interleaved according to a pseudo-random process so that the execution always appears the
same. During these pseudo-random cycles, the RAM is to all appearance read. Thus by repeatedly
switching between real and dummy access, it is impossible to distinguish a dummy cycle from a real one,
and a large percentage of the memory fetches will be garbage that has no meaning. The dummy accesses
are always performed on a DS5002FP, but are only used on a DS5000FP when encryption is enabled.

9.8 On-Chip Vector RAM

A 48-byte RAM area is incorporated inside the DS5000FP and DS5002FP. This area maps to the first 48
locations of program memory to store reset and interrupt vectors. Any other data stored in the first 48
locations will be contained in this Vector RAM. The principal reason for the Vector RAM is that the reset
and interrupt vectors are known logical addresses in the 8051 family. Thus an attacker could force a reset
or interrupt and discover the encrypted address generated by the secure microcontroller. By storing these
Vectors in on-chip RAM, it is impossible to observe such relationships. Although it is very unlikely that
an application program could be deciphered by observing the vector addresses, the Vector RAM
eliminated this possibility. Note that the dummy accesses discussed above also occur while the Vector
area is being accessed.

The Vector RAM is automatically loaded with the reset and interrupt vectors during Bootstrap Loading.
This feature is transparent to operation and no action is required to use it. However, considering the
Vector area feature can improve overall system security. As mentioned above, the Vector RAM is
instantaneously destroyed in the event of an unlock (also by a self-destruct on DS5002FP). Since it is
hidden and subject to destruction, the 48 bytes are the most secure memory in a system. Thus the most
critical constants can also be stored there. This is an ideal location for storing DES keys for applications
involving data encryption such as electronic funds transfer.

The Vector RAM is always used on a DS5002FP. The data stored between logical location 00h and 30h
will be loaded into and executed for the Vector RAM. This data will not be duplicated in NV RAM
accessed by the Bytewide bus. The operation of DS5000FP Vector RAM is the same, but only when the
encryption feature is enabled. When a DS5000FP has not had an Encryption Key loaded, the Vector
RAM is left unused.