Maxim Integrated Secure Microcontroller User Manual
Page 16
Secure Microcontroller User’s Guide
16 of 187
Parallel I/O
Four SFRs provide access for the four parallel I/O port latches. These I/O ports are denoted as P0, P1, P2,
and P3. 32 bits of parallel I/O is available through these I/O ports. However, up to 16 bits are sacrificed
when the expanded bus mode is used to interface to external memory and up to 6 bits can be sacrificed if
any external interrupt inputs, timer counter inputs, or serial I/O functions are used. When using the
bytewide bus, ports are not affected.
Program/Data RAM Interface
Secure microcontrollers provide a nonmultiplexed bytewide bus that connects to external SRAM. They
also make this RAM nonvolatile, decode memory access for it, and write-protect portions designated as
program memory. The bytewide bus consists of up to 16 address lines (depending on the version), eight
data lines, read/write control, and decoded chip enables. When accessing the SRAM via its bytewide bus,
there is no activity on the ports. Thus if memory access is restricted to this bus, all ports are free for use
by the application. In module form, the microprocessor is already connected to SRAM via the bytewide
bus making program and data memory access appear internal. Secure microprocessors can also access
memory using the multiplexed expanded bus consisting of Port 0 and 2,
WR (P3.6) and RD (P3.7). This
is usually undesirable since it consumes port pins that can be used for other activity. If expanded bus
access is desired, up to 64kB ROM and 64kB RAM can be accessed in the same manner as a traditional
8051. Each version has different provisions for using the expanded bus, depending on memory map and
user’s configuration. These issues are discussed in the Programmer’s Guide in Section
High-Reliability Circuitry
This feature ensures proper operation of the micro and maintains the contents of the program/data RAM
in the absence of V
CC
using a self-contained lithium energy source. The logic provided includes the
power-fail warning interrupt, automatic power-down and power-on reset. As a result, the program/data
RAM can be modified whenever necessary during execution of the user’s software but remains
unchanged when V
CC
is absent. The circuitry also maintains the internal scratchpad RAM and certain
SFRs during a power-down condition.
Software Encryption Logic
DS5000 and DS5002 series parts provide software security circuits that include the address encryptor,
data encryptor, and the encryption key word. When the device is operating in the encryption mode and
using the program/data RAM, the address encryptor is used to transform “logical” addresses on the
internal address bus into encrypted addresses that appear on the bytewide memory bus to the RAM.
Similarly, the data encryptor transforms data on the internal data bus into encrypted data during write
operations on the bytewide memory bus. When data is read back, the data encryptor restores it to its true
value. Although each encryptor uses its own algorithm for encrypting data, both depend on the encryption
key word stored on-chip.
Security Lock Logic
The security lock logic prevents a read or write to any program/data RAM location using the bootstrap
loader. In addition, it inhibits the device from fetching code in the expanded bus mode. By disabling
access to key internal resources, this feature precludes unauthorized disassembly of application software
contained in program/data RAM. In contrast with an EPROM security bit, clearing the security lock
wipes the entire RAM area.