Mitsubishi Motors DS5000TK User Manual
Page 73
USER’S GUIDE
050396 72/173
73
SECURITY LOCK
Ordinarily, the easiest way to dump (view) the memory
contents of a Secure Microcontroller is using the Boot-
strap Loader. On request, the Loader will transfer the
contents of memory to a host PC. This is prevented by
the Security Lock. The lock is the minimal security fea-
ture, available even in the DS5001. Once set, the Secu-
rity Lock prevents the Loader from gaining access to
memory. In fact, no Loader commands (except Unlock)
will work while the Lock is set. The Security Lock is simi-
lar in function to an EPROM security bit on a single chip
microcontroller. It prevents a programmer from reading
the memory. In addition, the Security Lock prevents the
microcontroller from executing code on the Expanded
bus of Ports 0 and 2. Thus an attacker can not add a
memory and use MOVC instructions that would force
the microcontroller to read out the contents of protected
memory. However, the Secure Microcontroller Security
Lock does provide one important difference from
EPROM security bits. When the Security Lock is
cleared, it destroys the RAM contents. If a knowledge-
able user were to physically erase the security bit in an
EPROM–based microcontroller, the memory contents
would remain to be read. The Security Lock consists of a
multiple bit latch distributed throughout the micropro-
cessor with circuits that collapse the lock in the event of
tampering. Clearing the lock starts an irreversible
destructive process that acts differently for each device
as described below.
In a DS5001 clearing the lock causes the loader to
manually write over the first 32K bytes of NV RAM with
zeros. Thus the contents of memory would be erased.
This is obviously a low level of security but would deter
casual inspection. In a DS5000 or DS5002, clearing the
lock causes an instantaneous erasure of the Encryption
Key and Vector RAM. This action is unpreventable once
the lock is cleared and happens independent of V
CC
or
crystal. Once the erasure has occurred, a DS5000,
assumes a non–secure (brand–new) state. In a
DS5002, the Loader proceeds to load a new Encryption
Key once the erasure has occurred. In both, the Boot-
strap Loader will then proceed to overwrite the first
32K bytes of RAM if power is available and the crystal is
still present. This last action is for thoroughness. In sys-
tems that really require security, the Lock should be
combined with Memory Encryption (discussed below).
Thus the instantaneous erasure of the Encryption Key
renders the contents of memory useless since it can no
longer be properly deciphered.
The Security Lock is set via the Bootstrap Loader using
the “Z” command. Once issued, the Loader will continue
to communicate with a user but will not perform other
commands. The Loader will respond with an error mes-
sage in the event that further commands are issued.
While the Lock is set, the Loader has no access to the
Byte–wide bus memory. The Security Lock can be
cleared using the “U” command. Issuing this command
to a locked part results in the destructive process
described above. No confirmation is requested. The
status of the Security Lock can be read by application
software at MCON.0. This bit is only a status flag and
can not be affected by the software.
RAM Memory
NV RAM provides a useful way to store program and
data. The contents can be retained for a long period, but
can be changed when desired. This attribute is impor-
tant when considering security. No matter what probing
techniques are used on a ROM, the contents remain un-
affected. With resources and patience, a determined
attacker will obtain the contents of a ROM based prod-
uct. NV RAM can be destroyed on demand. The user’s
physical security must simply remove the power (V
CC
and V
BAT
) from a microprocessor chip to eliminate the
memory contents. Thus NV RAM provides flexibility as
well as security. Enough physical security can be com-
bined with even a DS5001 to provide a very secure sys-
tem. The DS5002 even provides a direct facility to
destroy memory discussed below.
Encrypted Memory
The heart of Secure Microcontroller security is the
memory encryption function. Since the NV RAM is vis-
ible, the memory contents and memory bus are
encrypted. That is, in real time, the addresses and data
moving between the RAM and the microcontroller are
scrambled by on–chip encryption circuits. Thus an
attacker that observes the RAM contents or memory
bus will see unintelligible addresses and data. Figure
9–1 shows the conceptual diagram of the memory
encryptor for a DS5000 series device. Figure 9–2
shows the encryptor for a DS5002.