Maxim Integrated Secure Microcontroller User Manual

Secure Microcontroller User’s Guide

8 of 187

The DS5002FP secure microprocessor chip offers the highest level of security, with permanently enabled
memory encryption, an 80-bit random encryption key, and a self-destruct input for tamper protection. The
DS5000FP soft microprocessor chip and DS5000(T) and DS2250(T) soft microcontroller modules offer
lesser, but still substantial, protection with optional data encryption and a 48-bit encryption key.

Separate Address/Data Bus

Soft microprocessor chips provide a nonmultiplexed address/data bus that interfaces to memory without
interfering with I/O ports. This bytewide bus connects directly to standard CMOS SRAM in 32kB x 8 or
128kB x 8 densities with no glue logic. Note that this is in addition to the standard 8051 port 0 and 2
multiplexed bus. In module form, the bytewide bus is already connected directly to on-board SRAM, so
the memory access becomes transparent and the I/O ports are free for application use. The extra memory
bus also allows for a time-of-day function; all soft microcontroller modules are available with built-in
real-time clocks (RTCs). Battery backup and decoding is automatically handled by the microprocessor.

Large Nonvolatile Memory

Soft microprocessor chips provide nonvolatile memory control for standard CMOS SRAM. Modules
combine the microprocessor chip with memory and lithium backup. This includes conditionally write-
protected chip enables and a power-supply output that switches between +5V and battery backup. The
chip enables are decoded automatically based on user-selectable memory sizes and partitioning.
Partitioning defines the portion of memory used for program and data segments. Areas that are designated
program are always write-protected and are treated as ROM. Data areas are write-protected only when
power is out of tolerance. A large nonvolatile memory is useful for data logging and as flexible program
storage. Memory is retained for over 10 years at room temperature in the absence of power by ultra-low-
leakage lithium-backed circuits.

In-System Loading

The in-system programming capability lets the user update program code at any time. This program
loading is supervised by a built-in ROM-based bootstrap loader. The ROM loader becomes transparent
once program loading is complete. All devices allow program loading via the serial port. Data memory
can also be retrieved using this loader function. Selected versions provide other parallel loading protocols
as well. In-system loading allows a system to be configured during final system test. A user can load
custom software, diagnostic routines, or calibration constants. If something changes or new features arise,
the system can then be reprogrammed while in the field.

High-Reliability Operation

Secure microcontroller devices are designed for unsupervised operation in remote locations. Special
features prevent a system from running out of control during transient events. These include a reset when
power is out of tolerance; an early warning power-fail interrupt that allows software to save critical data;
and a watchdog to reset the micro if it gets lost. Also, nonvolatile memory allows software to save the
operating state so a task can be resumed when power returns to normal. The secure microcontroller
family consists of three chips and their associated modules. Differences stem from I/O, memory access,
and security features. The DS5000FP is used in DS2250T and DS5000(T) modules. A full selector guide
with all memory and speed permutations is provided in the next section.