DSS002FP BYE D MM 2614130 0007515 463 MEDAL DALLAS SEMICONDUCTOR CORP DALLAS SEMICONDUCTOR DS5002FP Secure Micro FEATURES @ 8051 compatible uC for secure/sensitive applications Access 32, 64, or 128K bytes of nonvolatile SRAM for program and/or data storage In-system programming via on-chip serial port Capable of modifying its own program or data memory in the end system Firmware Security Features: Memory stored in encrypted form Encryption using onchip 64-bit key Automatic true random key generator SD! Self Destruct Input Top coating prevent microprobe Improved security over previous generations Protects memory contents from piracy Crashproof Operation Maintains all nonvoiatile resources for over 10 years in the absence of power Power-tail Reset Early Warning Powerfail Interrupt Watchdog Timer DESCRIPTION The DS5002FP Secure Micro Chip is a secure version of the DS5001FP 128K Micro Chip. In addition to the memory and i/O enhancements of the DS5001FP, the Secure Micro Chip incorporates the most sophisticated security features available in any microcontroller. The security features of the DS5002FP include an array of mechanisms which are designed to resist all levels of threat, including observation, analysis, and physical at- tack. As a result, a massive effort would be required to obtain any information about memory contents. Fur- thermore, the soft nature of the DS5002FP allows fre- quent modification of the secure information, thereby minimizing the value of any secure information ob- tained by such a massive effort. PIN ASSIGNMENT a 3 8 3 g PO.7/AD7 BA1O CEI iz i oli {80 79 78 77 76 75 7473 7271 70 6 68 67 68 6 \ 64 BAI PO.A/AD4 1 E-] p2e/at4s CEZ 2 oO 63( 21 CES PEZO 3 62,7 Cea BAgC] 4 61/7) pps Po.vap3C_] 60,3) P2./A13 Bags] 6 ss Bp2z PO.2/AD2C] 7 sat 7] P2wAl2 BA1gC__] & 57/- B01 PO.1/AD1 C7] 9 $6 (77 P2.avAit 10 5518 po.oMbo Ly 1 DS5002FP MES ML vocot] 12 63[ J SDI vec 13 52[J GND mseLC_] 14 517 p2.gai0 P1.oC is 602 P2.1/A9 BA14C_j 18 49 [ED P2.oas P41 17 482 XTAL1 BA12] 18 47 (2 xTAL2 P1.20] 10 48 [- P3.7/RD BA7L| 2 45 [P36 Pig 2 44771 P3.8T1 PEI ] 22 43([7 PF Ped Co 23 42 | VAST BaAsL = 26 27 2829 WH 31 32 39.34.36 36 3738 apo PS.4/T0 ~oOuNVEMhyOveraASo rardrsipateea cee fo Ss =aa & &gee The DS5002FP implements a security system which is an improved version of its predecessor, the DSS5000. Like the DS5000, the DS5002FP loads and executes application software in encrypted form. Up to 128K x 8 bytes of standard SRAM can be accessed via its byte widebus. This RAMis converted by the DS5002FP into lithiumbacked nonvolatile storage for program and data. As a result, the contents of the RAM and the execution of the software appear unintelligiole to the outside observer. The encryption algorithm uses an in- ternally stored and protected key. Any atternpt to dis. cover the key value results in its erasure, rendering the encrypted contents of the RAM useless. 052893 1/27bYE D MM 2614130 OO07516 STT MMDAL DS5002FP DALLAS SEMICONDUCTOR CORP The Secure Micro Chip offers a number of major en- hancements to the software security implemented in the previous generation DS5000. First, the DS5002FP provides a stronger software encryption algorithm which incorporates elements of DES encryption. Se- cond, the encryption is based on a 64-bit key word, as compared to the DS5000's 40-bit key. Third, the key can only be loaded from an on-chip true random num- ber generator. As a result, the true key value is never known by the user. Fourth, a Self-Destruct input pin (SDI) is provided to interface to external tamper detec- tion circuitry. With or without the presence of Voc, ac tivation of the SDI pin has the same effect as resetting the Security Lock: immediate erasure of the key word and the 48-byte Vector RAM area. Fifth, a special top coating of the die prevents access of information using microprobing techniques. Finally, customerspecific versions of the DS5002FP are available which incorpo- rate a one-of-a-kind encryption algorithm. When implemented as a part of a secure system de- sign, a system based on the DS5002FP can typically provide a level of security which requires more time and resources to defeat than itis worth to unauthorized indi- viduals who have reason to try. ORDERING INFORMATION The following versions of the DS5002FP are available as standard products from Dallas Semiconductor: PART # CLOCK PACKAGE DS5002FP-12 12 MHz 80pin QFP DS5002FP-16 16 MHz 80-pin QFP DS5002FPM-12 12 MHz 80_pin QFP with metal DS5002FPM-16 16 MHz 80pin QFP with metal Please contact Dallas Semiconductor for ordering in- formation on customer-specific versions of the DSS5002FP. BLOCK DIAGRAM Figure 1 is a block diagram illustrating the internal archi- tecture of the DS5002. The DS5002 is a secure imple- mentation of the DS5001 128K Micro Chip. As a result, It operates in an identical fashion to the DS5001 except where indicated. See the DS5001 Data Sheet for oper- ating details. 291 052803 2/27BYE D MM 26141350 0007517 736 MDAL DSso02FP EMICONDUCTOR CORF DS5002 BLOCK DIAGRAM Figure 1 DALLAS $ WATCHDOG TIMER Q my | ADDRESS < oi BAI5-0 xf 7e 16 Zz RST ae F 2 ee BD7-0 ALE 5 we oly a 3 Z e oui PROG E " 2 8 Pei = = ENCRYPTION SPECIAL sol FUNCTION KEYS REGISTERS PO.7 vec voc) DATA POWER - REGISTERS SHER, ~ me (128 BYTES) M PE vrsi P17 VECTOR RAM (48 BYTES) Vu P1.0 BOOTSTRAP LOADER ROM TXO RXO TIMER 0 TIMER 1 INTO INT1 052893 3/27 292B4E D MM 2634130 0007518 472 MDAL DALLAS SEMICONDUCTOR CORP DS5002FP PIN DESCRIPTION PIN NUMBER DESCRIPTION 11, 9, 7, 5, 1, 79, 77, 75 PO.0-P0.7 General purpose I/O Port 0. This port is open-drain and can not drive a logic 1. It requires external pull- ups. Port 0 is also the multiplexed Expanded Address/Data bus. When used in this mode, it does not require pul-ups. 15, 17, 19, 21, 25, 27, 29, 31 P1.0P1.7 General purpose I/O Port 1. 49, 50, 51, 56, 58, 60, 64, 66 P2.0-P2.7 General purpose /O Port 2. Also serves as the MSB of the Expanded Address bus. 36 P3.0 RXD General purpose I/O port pin 3.0. Also serves as the receive signal for the on board UART. This pin should NOT be connected directly toa PC COM port. 38 P3.1 TXD General purpose I/O port pin 3.1. Also serves as the transmit signal for the on board UART. This pin should NOT be connected directly toa PC COM port. 39 P3.2 INTO General purpose I/O port pin 3.2. Also serves as the active low External Inter- rupt 0. 40 P3.3 INT4 General purpose I/O port pin3.3. Also serves as the active low External Inter- rupt 1. 41 P3.4 TO General purpose I/O port pin 3.4. Also serves as the Timer 0 input. 44 P3.5 T1 General purpose I/O port pin 3.5. Also serves as the Timer 14 input. 45 P3.6 WR General purpose I/O port pin. Also serves as the write strobe for Expanded bus operation. 46 P3.7 RD General purpose I/O port pin. Also serves as the read strobe for Expanded bus operation. 34 RST Active high reset input. A logic 1 applied to this pin will activate a reset state. This pin is pulled down internally so this pin can be left unconnected if not used. An RC power-on reset circuit is not needed and is NOT recommended. 70 ALE Address Latch Enable. Used to de-multiplex the multiplexed Expanded Address/Data bus on Port 0. This pin is normally connected to the clock input on a '373 type transparent latch. 47, 48 XTAL2, XTAL1 Used to connect an external crystal to the internal oscillator. XTAL1 is the input to an inverting amplifier and XTAL2 is the output. 52 GND Logic ground. 13 Voc +5V 052893 4/27DSss002FP > BYE D MM 2634130 0007519 509 MEDAL | DALLAS SEMICONDUCTOR CORE _ PIN NUMBER DESCRIPTION 12 Veco Veg Output. This is switched between Vcc and V, | by internal circuits based on the level of Voc. When power is above the lithium input, power will be drawn from Voc. The lithium cell remains isolated from a load. When Vcc is below V_,, the Voco switches to the V_; source. Veco should be connected to the Voc pin of an SRAM. 54 Vil Lithium Voltage Input. Connect to a lithium cell greater than Vi imin end no greater than V, imax as shown in the electrical specifications. Nominal value is +3V. 16, 8, 18, 80, 76, 4, 6, 20, 24, 26, 28, 30, 33, 35, 37 BA14-0 Byte-wide Address bus bits 14-0. This bus is combined with the non--multi- jexed data pus (B07 0) to access NVSRAM. Decoding is performec! using CET through CE4, Therefore, BA15 is not actually needed. Reacd/write access is controlled by R/W. BA14-0 connect diractly to an 8K, 32K, of 128K SRAM. Ifan 8K RAM is used, BA13 and BA1 4 will be unconnected. If a 128K SRAM is used, the micro converts CE2 and CES to serve as A16 ard A15 respectively. 71, 69, 67, 65, 61, 59, 57, 55 BD7-0 Bytewide Data bus bits 7-0. This 8 bit bi-directional bus is combined with the nonmultiplexed address bus (BA14-0) to access NVSRAM. Desodin is parformed on CET and CE2. Read/write access is controlled by . BD70 connect directly to an SRAM, and optionally to a Real-time Clock or other peripheral. 10 RW Read/Write. This signal provides the write enable to the SRAMs on the Byte wide bus. It is controlled by the memory map and Partition. The blocks selected as Program (ROM) will be write protected. 74 CET Chip Enable 1. This is the primary decoded chip enable for memory access onthe Bytewide bus. It connects tothe chip enable input of one SRAM. CE1 is lithium backed. It will remain in a logic high inactive state when Vic falls below Vi}. CE2 Chip Enable 2. This chip enable is provided to access a second 321 block of memory. It connects to the chip enable input of one SRAM. When MSEL=0, the micro converts CE2 into A16 for a 128K x 8 SRAM. CE? is lith- ium backed and will remain at a logic high when Vcc falls below V1. CES Chip Enable 3. This chip enable is provided to access a third 32K block of memory. It connects to the chip enable input of one SRAM. When MSEL=0, the micro converts CE into A15 for a 128K x 8 SRAM. CE3 is lithium lacked and will remain at a logic high when Vcc falls below V,/. 62 CE4 Chip Enable 4. This chip enable is provided to access a fourth 32K block of memory. It connects to the chip enable input of one SRAM. When MSEL=0, this signal is unused. CE4 is lithium backed and will remain at a logic high when Voc falls below Vi}. 78 PE1 Peripheral Enable 1. Accesses data memory between addresses 00:0h and 3FFFh when the PES bit is set to a logic 1. Commonly used to chip enable a Bytewide real-time Clock such as the DS1283. PE1 is lithium backed and will remain at a logic high when Vc falls below V_). Connect PET to battery backed functions only. 052899 5/27BYE D MM 26134130 0007520 220 MMDAL Dsso02FP DALLAS SEMICONDUCTOR CORP PIN NUMBER DESCRIPTION 3 PES Peripheral Enable 2. Accesses data memory between addresses 4000h and 7FFFh when the PES bit is set to a logic 1. PE2 is lithium backed and will remain at a logic high when Vcc falls below VL. Connect PE2 to battery backed functions only. 22 PE3 Peripheral Enable3. Accesses data momar betwoen addresses 8000h and BFFFh when the PES bitis setto a logic 1. PE3 is not lithium backed and can be connected to any type of peripheral function. If connected to a battery backed chip, it will need additional circuitry to maintain the chip enable in an inactive state when Voc < Vi). 23 PE4 Peripheral Enable 4. Accesses data memory between addresses CO00h and FFFFh when the PES bitis set to a logic 1. PE4 is not lithium backed and can be connected to any type of peripheral function. H connectedtoa battery backed chip, it will need additional circuitry to maintain the chip enable in an inactive state when Vcc < Vi). 32 PROG Invokes the Bootstrap loader on a falling edge. This signal should be debounced so that only one edge is detected. If connected to ground, the micro will enter Bootstrap loading on power up. This signal is pulled up inter- nally. 42 VRST This VO pin indicates that the power supply (Vcc) has fallen below the Vccmin level and the micro is in a reset state. When this occurs, the DS5002FP will drive this pin toa logic 0. Because the micro is lithium backed, this signal is guaranteed even when Voc=0V. Because it is an /O pin, it will also force a reset if pulled low externally. This allows multiple parts to syn- chronize their powerdown resets. PF This output goes to a logic 0 to indicate that the micro has switched to lithium backup. This corresponds to Vcc < V4. Because the microis lithium backed, this signal is guaranteed even when Voc=0V. The normal application of this signal is to contro! lithium powered current to isolate battery backed functions form non-battery backed functions. 14 MSEL Memory select. This signal controls the memory size selection. When MSEL= +5V, the DS5002FP expects to use 32K x 8 SRAMs. When MSEL = OV, the DS5002FP expects to use a 128K x 8 SRAM. MSEL must be con- nected regardless of Partition, Mode, etc. SDI SelfDestruct Input. An active high on this pin causes an unlock procedure, This results in the destruction of Vector RAM, Encryption Keys, and the loss of power from Vcco. This pin should be grounded if not used. 72 CEIN This is a non-battery backed version of CET. Itis not generally useful since the DS002 can not be used with EPROM due to its encryption. 73 NC Do not connect. 052893 /27 295Dsso02FP bHE D SECURE OPERATION OVERVIEW The DS5002FP incorporates encryption of the activity on its Byte~wide Address/Data bus to prevent unautho- rized access to the program and data information con- tained in the nonvolatile RAM. Loading an applica- tion program in this manner is performed via the Bootstrap Loader using the general sequence de- scribed below: Clear Security Lock Set memory map configuration as for DS5001 Load application software Set Security Lock . Exit Loader Loading of application software into the program/data RAM is performed while the DS5002 is in its Bootstrap Load mode. Loading is only possible when the Security Lock is clear. If the Security Lock has previously set, thenit mustbe cleared by issuing the Z command from the Bootstrap Loader. Resetting the security lock instantly clears the previous key word and the contents of the vector RAM. In addition, the Bootstrap ROM writes zeroes into the first 32K of external RAM. ae enn The user's application software is loaded into external CMOS SRAM via the *L command in scrambled form through on-chip eneryptor circuits. Each external RAM address is an encrypted representation of an on-chip logical address. Thus, the sequential instructions of an ordinary program or data table are stored non~sequen- tially in RAM memory. The contents of theprogram/data RAM are also encrypted. Each byte in RAM is en- crypted by a key and addressdependent encryptor circuit such that identical bytes are stored as different values in different memory locations. The encryption of the program/data RAM is dependent onan on-chip 64-bit key word. The key is loaded by the ROM firmware just prior to the time that the applica- MB 2634130 00075e1 1b? BMDAL tion software is loaded, and is retained as nonvolatile information in the absence of Vcc by the lithium backup circuits. After loading is complete, the key is protected by setting the on-chip Security Lock, which is also re- tained as nonvolatile information in the absence of Vcc. Any attempt to tamper with the key word and thereby gain access to the true progranvdata RAM contents re- sults in the erasure of the key word as well as the RAM contents. During execution of the application software, logical ad- dresses on the DS5002 that are generated from the pro- gram counter ordata pointer registers are encrypted be- fore they are presented on the Byte-wide Address Bus. Opcodes and data are read back and decrypted before they are operated on by the CPU, Similarly, data values written to the external nonvolatile RAM storage during program execution are encrypted before they are presented on the Bytewide data bus during ihe write operation. This encryption/decryption process is per- formed in real time such that no execution time is lost as compared to the non-encrypted DS5001 or 8951 run- ning at the same clock rate. As aresult, operation of the encryptor circuitry is transparent to the application soft- ware. Unlike the DS5000, the DS5002FP chip's security fea- ture is always enabled. SECURITY CIRCUITRY The on-chip functions associated with the D'S5002's software security feature are depicted in Figure 2. En- cryption logic consists of an address encryptor and a data encryptor. Although each encryptor uses its own algorithm for encrypting data, both depend on the 64-bit key word which is contained in the encryption key registers. Both the encryptors operate during loading of the application software and also during its execution. DALLAS SEMICONDUCTOR CORP 052893 7/27 296BYE D MM 2614130 0007522 OT3 BMDAL DS5002 SECURITY CIRCUITRY Figure 2 DATA POINTER PROGRAM COUNTER DS5002FP DALLAS SEMICONDUCTOR CORP | | | | The address encryptor translates each logical ad- dress, i.e., the normal sequence of addresses that are generated in the logical flow of program execution, into an encrypted address (or physical address) at which the byte is actually stored. Each time a logical ad- dress is generated, either during program loading or during program execution, the address encryptor cir- cuitry uses the value of the 64-bit key word and of the address itself to form the physical address which will be presented onthe address lines ofthe RAM. Theencryp- tion algorithm is such that there is one and only one physical address for every possible logical address. The address encryptor operates over the entire memory range which is configured during Bootstrap Loading for access on the Bytewide Bus. As Bootstrap Loading of the application software is per- formed, the Data Encryptor logic transforms the op- code, operand, or data byte at any given memory loca- tion into an encrypted representation. As each byte is read back to the CPU during program execution, the internal Data Encryptor restores it to its original value. When a byte is written to the external nonvolatile pro- gram/data RAM during program execution, that byte is stored in encrypted form as well. The data encryption logic uses the value of the 64-bit key, the logical ad- ENCRYPTED BYTEWIDE ADDRESS BUS ADDRESS Gaara ee cADDRESS aps ! NU | GENERATOR | ExT EN AL BOOTSTRAP | RAM LOADER 64-BIT ENCRYPTION KEY SECURITY | LOCK ! ENCRYPTED BYTEWIDE | DATA BUS Beats encesron 8 | L spi | (SELF-DESTRUCT INPUT) dress to which the data is being written, and the value of the data itself to form the encrypted data which is written to the nonvolatile program/data RAM. The encryption algorithm is repeatable, such that for a given data value, encryption key value, and logical address the encrypted byte will always be the same. However, there are many possible encrypted data values for each possible true data value due to the algorithms dependency on the values of the logical address and encryption key. When the application software is executed, the internal CPU of the DS&002 operates as normal. Logical ad- dresses are calculated for opcode fetch cycles and also data read and write operations. The DS5002 has the ability to perform address encryption on logical ad- dresses as they are generated internally during the nor- mal course of program execution. In a similar fashion, data is manipulated by the CPU in its true representa- tion. However, it is also encrypted when it is written to the external program/data RAM, and is restored to its original value when it is read back. When an application program is stored in the format de- scribed above, it is virtually impossible to disassemble opcodes or to convert data back intoits true representa- tion. Address encryption has the effect that the op- 052893 8/27DS5002FP BYE D codes and data are not stored in the contiguous form in which they were assembled, but rather in seemingly random locations in memory. This in itself makes it virtu- ally impossible to determine the normal flow of the pro- gram. As an added protection measure, the Address Encryptor also generates dummy read access cycles whenever time is available during program execution. DUMMY READ CYCLES Like the DS5000, the DS5002FP generates a dummy read access cycle to non-sequential addresses in ex- ternal RAM memory whenever time is available during program execution. This action has the effect of further complicating the task of determining the normal flow of program execution. During these pseudo-random dummy cycles, the RAM is read to all appearance, but the data is not used internally. Through the use of a re- peatable exchange of dummy and true read cycles, itis impossible to distinguish a dummy cycle from a real one. ENCRYPTION ALGORITHM The DS5002FP incorporates a proprietary algorithm im- plemented in hardware which performs the scrambling of address and data on the bytewide bus to the static RAM. This algorithm has been greatly strengthened with respect to its DS5000 predecessor. Improvements include: 1. 64-bit encryption key 2. Incorporation of DESike operations to provide a greater degree of nonlinearity. 3. Customizable encryption The encryption circuitry uses a 64-bit key value (compared to the DS5000's 40-bit key) which is stored on the DS5002 die and protected by the Security Lock function described below. In addition, the algorithm has been strengthened to incorporate certain opera- tions used in DES encryption, so that the encryption of both the addresses and data is highly nonlinear. Unlike the DS5000, the encryption circuitry in the DS5002 is al- ways enabled. Dallas Semiconductor can customize the encryption cir- cuitry by laser programming the die to insure that a unique encryption algorithm is delivered to the custom- er. In addition, the customerspecific version can be branded as specified by the customer. Please contact 052893 9/27 BH 2614130 0007523 T3T BBDAL Dallas Semiconductor for ordering information of cus- tomerspecific versions. ENCRYPTION KEY As described above, the on-chip 64-bit Encryption Key is the basis of both the address and data encryptor cir- cuits. The DS5002 provides a key management system which is greatly improved over the DS500). The DS5002 does not give the user the ability to selecta key. Instead, when the loader is given certain commands, the key is set based on the value read from an on-chip hardware random number generator. This action is per- formed just priorto actually loading the code intc: the ex- ternal RAM. This scheme prevents characterization of the encryption algorithm by continuously loading new, known keys. It also frees the user from the burden of protecting the key selection process. The random number generator circuit uses the asynch- ronous frequency differences of two internal ring oscil- lator and the processor master clock (determined by XTAL1 and XTAL2). As a result, a true random sumber is produced. VECTOR RAM A 48-byte vector RAM area is incorporated cn-chip, and is used to contain the reset and interrupt vector code in the DS5002. It is included in the architecture to help insure the security of the application program. If reset and interrupt vector locations were accessed from the external nonvolatile program/data RAM during the execution of the program, then it would be possible to determine the encrypted value of known adclresses. This could be done by forcing an interrupt or reset condition and observing the resulting addresses on the Bytewide address/data bus. For example, it is known that when a hardware reset is applied the logical pro- gram address is forced to location 0000H and code is executed starting from this location. It would then be possible to determine the encrypted value (or johysical address) of the logical address value 0000H by observ- ing the address presented to the external RAM following a hardware reset. Interrupt vector address relat onships could be determined in a similar fashion. By using the on-chip vector RAM to contain the interrupt and reset vectors, it is impossible to observe such relationships. Although it is very unlikely that an application program could be deciphered by observing vector address rela- DALLAS SEMICONDUCTOR CORP ____ 298b4E D tionships, the vector RAM eliminates this possibility. Note that the dummy accesses mentioned above are conducted while fetching from vector RAM. The Vector RAM is automatically loaded with the users reset and interrupt vectors during bootstrap loading. SECURITY LOCK Once the application program has been loaded into the DS5002s NVRAM, the Security Lock may be enabled by issuing the Z" command in the Bootstrap Loader. While the Security Lock is set, no further accass to pro- grary data information is possible via the on-chip ROM. Access is prevented by both the bootstrap loader firm- ware and the DS5002FP encryptor circuits. Access to the NVRAM may only be regained by clearing the Security Lock via the U command in the Bootstrap Loader. This action triggers several events which de- feat tampering. First, the encryption key is instanta- neously erased. Without the encryption key, the DS5002FP is no longer able to decrypt the contents of the RAM. Therefore, the application software can no longer be correctly executed, nor can it be read back in its true form via the Bootstrap Loader. Second, the Vec- tor RAM areais also instantaneously erased, so that the reset and vector information is lost. Third, the Bootstrap Loader firmware sequentially erases the encrypted RAM area. Lastly, the loader creates and loads a new random key. The Security Lock bit itself is constructed using a multi- ple-bit latch which is interlaced for self-destruct in the event of tampering. The lock is designed to set-up a domino-effect such that erasure of the bit will result in an unstoppable sequence of events that clears critical data including encryption key and vector RAM. In addi- tion, this bit is protected from probing by the topcoating feature mentioned below. SELFDESTRUCT INPUT The SelfDestruct Input (SDI) pin is an active high input which is used to reset the Security Lock in response to an external event. The SDI input is intended to be used with external tamper detection circuitry. It can be acti- vated with or without operating power applied to the Vec MH 26143390 0007524 47b MMDAL DS5002FP pin. Activation of the SDI pin instantly resets the securi- ty lock and causes the same sequence of events de- scribed above for this action. In addition, power is mo- mentarily removed from the Bytewide bus interface including the Veco pin, resulting in the loss of data in ex- ternal RAM. TOP LAYER COATING The DS002 is provided with a special topayer coating that is designed to prevent a probe attack. This coating is implemented with secondlayer metal added through special processing of the microcontroller die. This addi- tional layer is not a simple sheet of metal, but rather a complex Jayout that is interwoven with power and ground which are in turn connected to logic for the Encryption Key and the Security Lock. As a result, any attempt to remove the layer or probe through it will re- sult in the erasure of the security lock and/or the loss of encryption key bits. BOOTSTRAP LOADING Initial loading of application software into the DS5002 is performed by firmware within the on-chip Bootstrap Loader communicating with a PC via the onchip serial port in a manner which is almost identical to that for the DS5001. The user should consult the DS5001 data sheet as a basis of operational characteristics of this firmware. Certain differences in loading procedure exist in order to support the security feature. These differ- ences are documented below. Table 1 summarizes the commands accepted by the bootstrap loader. When the Bootstrap Loader is invoked, the 128~byte scratchpad RAM area is automatically overwritten with zeroes, and then used for variable storage for the boot- strap firmware. Also, a set of 8 bytes are generated us- ing the random number generator circuitry and are saved as a potential word for the 64-bit encryption key. Any read or write operation to the DS5002s external program/data SRAM can only take place if the Security Lock bit is in a cleared state. Therefore, the first step which is taken in the loading of a program should be the clearing of the Security Lock bit through the U com- mand. DALLAS SEMICONDUCTOR CORP 299 052893 10/27Dsso02FP BYE D MM 2614150 0007525 802 MBDAL DS5002 SERIAL BOOTSTRAP LOADER COMMANDS Table 1 COMMAND FUNCTION Cc Return CRC16 of the program/data NVRAM Dump Intel Hex file Fill program/data NVRAM Get Data from P1, P2, and P3 N/A on the DS5002FP Load Intel Hex file Qi nyo Toggle modem available bit Set Freshness Seal - All program and data will be lost Put data into PO, P1, P2, and P3 Read status of NVSFRs (MCON, RPCTL, MSL, CALIB) Trace (echo) incoming Intel Hex code Clear security lock Verity program/data NVRAM with incoming Intel Hex data Write Special Function Registers - (MCON, RPCTL, MSL, CALIB) N/Sp<f} cj a} ayuyZzpsetr Set security lock Execution of certain bootstrap loader commands will re- sult in the loading of the newly generated 64bit random number into the encryption key word. These com- mands are as follows: a. Fill F b. Load L c. Dump D d. Verify v e. CRC Cc Execution of the Fill and Load commands will result in the data loaded into the NVRAM in an encrypted form determined by the value of the newlygenerated key word. The subsequent execution of the Dump com- mand within the same bootstrap session will cause the contents of the encrypted RAM to be read out and trans- mitted back to the host PC in decrypted form. Similarly, execution of the Verify command within the same boot- strap session will cause the incoming absolute hex data to be compared against the true contents of the en- crypted RAM, and the CRC command will retum the CRC value calculated from the true contents of the en- crypted RAM. As long as any of the above commands are executed within the same bootstrap session, the 052893 11/27 DALLAS SEMICONDUCTOR CORP loaded key value will remain the same and contents of the encrypted program/data NVRAM may be read or written normally and freely until the Security Lock bit is set. When the Security Lock bit is set using the Z command, no further access to the true RAM contents is possible using any bootstrap command or by any other means. INSTRUCTION SET The DS5002FP executes an instruction set that is object code compatible with the industry standard 8051 microcontroller. As a result, software development packages such as assemblers and compilers that have been written for the 8051 are compatible with the DS5002FP. A complete description of the instruction set and operation are provided in the User's Guide sec- tion of the Soft Microcontroller Data Book. Also note that the DS5002FP is embodied in the DS2252(T) module. The DS2252(T) combines the DS$5002FP with between 32K and 128K of SRAM, anda lithium call. An optional Realtime Clock is a'so avail- able in the DS2252T. This is packaged in a 40pin SIMM module.b4HE D MEMORY ORGANIZATION Figure 3 illustrates the memory map accessed by the DS5002FP. The entire 64K of program and 64K of data are potentially available to the Bytewide bus. This pre- serves the 1/O ports for application use. The user con- trols the portion of memory that is actually mapped to the Bytewide bus by selecting the Program Range and Data Range. Any area not mapped into the NVRAM is reached via the Expanded bus on Ports 0 & 2. An alter- MM 2614130 00075eb 749 MEDAL DS5002FP nate configuration allows dynamic Partitioning of a 64K space as shown in Figure 4. Selecting PES=1 provides another 64K of potential data storage or memory mapped peripheral space as shown in Figure 5. These selections are made using Special Function Registers. The memory map and its controls are covered in detail in the Users Guide section of the Soft Microcontroller Data Book. MEMORY MAP OF THE DS5002FP WITH PMe=1 Figure 3 PROGRAM MEMORY FFFFH PROGRAM RANGE _ \\ LOSS \ PROGRAM 9000h LEGEND: V7, = BYTE-WIDE BUS ACCESS (ENCRYPTED) =| = EXPANDED BUS (PORTS 0 AND 2) DATA MEMORY (MOVX) Yj DATA @ DATARANGE Re = NOT AVAILABLE DALLAS SEMICONDUCTOR CORP 052893 12/27ssoerP UE Do 2634230 0007527 b85 MDAL - MEMORY MAP OF THE DS5002FP WITH PME=0 Figure 4 PROGRAM MEMORY DATA MEMORY (MOVX) SR V///3 V/; Vj = NVRAM MEMORY bx = NOT AVAILABLE = EXPANDED BUS (PORTS 0 AND 2) FFFFh PARTITION + - be LSA DT fy 0000h MEMORY MAP OF THE DS5002FP WITH PES=1 Figure 5 PROGRAM MEMORY DATA MEMORY (MOVX) 64K FFFFh rowel Y GF RR NOT ACCESSIBLE ZA BYTE-WIDE PROGRAM (ENCRYPTED) 32K 16K DALLAS SEMICONDUCTOR CORP 052803 13/27 302bYE D MM 2614130 0007528 511 MMDAL as s002F Figure 6 illustrates a typical memory connection for a using two 32K byte SRAMs. The Byte-wide Address system using a 128K byte SRAM. Note that in this con- bus connects to the SRAM address lines. The bi-direc- figuration, both program and data are stored in a com- tional Bytewide data bus connects the data I/O lines of mon RAM chip Figure 7 shows a similar system with the SRAM. DS5002FP CONNECTION TO 128K X 8 SRAM Figure 6 DSS5002FP HM628128 are: ) eT BA14-BAO0 recreetrerresessesesasnnes tetttire BD7-800 DALLAS SEMICONDUCTOR CORP 952893 14/27 303osso02FP BYE D MM 2614130 0007525 458 MMDAL DS5002FP CONNECTION TO 64K X 8 SRAM Figure 7 DSS5002FP HM62256 EEN oe te) BD?7-BD0 POWER MANAGEMENT The DS5002FP monitors Voc to provide Power-fail Reset, early warning Power-fail Interrupt, and switch over to lithium backup. It uses an internal band-gap ref- erence in determining the switch points. These are called Vpew. Vecmin, and V\\ respectively. When Voc drops below Vpry, the DS5002FP will perform an inter- rupt vector to location 2Bh if the power fail warning was enabled. Full processor operation continues regard- less. When power falis further to Vccmin, the DS5002FP invokes a reset state. No further code execution will be performed unless power rises back above Vocmin- All decoded chip enables and the RW signal go to an inactive (logic 1) state. Vcc is still the power source at this time. When Voc drops further to 052893 15/27 DALLAS SEMICONDUCTOR CORP 304 below V,,, internal circuitry will switch to the lithium cell for power. The majority of internal circuits will be dis- abled and the remaining nonvolatile states will be retained. Any devices connected to Vcco will be pow- ered by the lithium cell at this time. Veco will be at the lithium battery voltage less a diode drop. This clrop will vary depending on the load. Low power SRAMs should be used for this reason. When using the DS5002FP, the user must select the appropriate battery to match the RAM data retention current and the desired backup life- time. Note that thelithium cellis only loaded when Voc < Vi. The User's Guide has more information on this topic. The trip points Vocyin and Vpry are listed in the electrical specifications.bYE D MM 2614130 0007530 17T MEDAL DSS5002FP ELECTRICAL SPECIFICATIONS The DS&002FP adheres to all AC and DC electrical lute maximum ratings and unique specifications for the specifications published for the DS5001FP. The abso- DS5002FP are listed below. ABSOLUTE MAXIMUM RATINGS* Voltage on Any Pin Relative to Ground 0.3V to 7.0V Operating Temperature 0C to +70C Storage Temperature 40C to 70C Soklering Temperature 260C for 10 seconds This is a stress rating only and functional operation of the device at these or any other conditions above those indicated in the operation sections of this specification is not implied. Exposure to absolute maxi- mum rating conditions for extended periods of time may affect reliability. DC CHARACTERISTICS {ta=0C to 70C; Vec=5V + 10%) PARAMETER SYMBOL MIN TYP MAX UNITS NOTES Input Low Voltage Vit 0.3 0.8 v 1 Input High Voltage Vint 2.0 Voc+0.3 Vv 1 Input High Voltage (RST, XTAL1, Vino 3.5 Voect+0.3 Vv 1 PROG) Output Low Voltage Vou 0.15 0.45 Vv 1 @ loy=1.6 mA (Ports 1, 2, 3) Output Low Voltage Voi2 0.15 0.45 Vv 1 @ |qy=3.2mA (Port 0, ALE, PF, BA15-0, BD7-0, RW, CEIN, CEI, PE1-4) Output High Voltage Vout 2.4 48 Vv 1 @ lon=-80 mA (Ports 1,2, 3) Output High Voltage Vone 2.4 4.8 Vv 1 @ loy=400 LA (Ports 0, ALE, PF, BA15~0, BD7-0, R/W, CEIN, CE14, PE1-4) Input Low Current tie 50 HA Vin=0.45V (Ports 1, 2, 3) Transition Current; 1 to 0 In -500 pA Vin=2.0V (Ports 1, 2, 3) SDI Input Low Voltage Vis 0.4 v 1 SDI Input High Voltage Vins 2.0 Veco Vv 1 SDI Pull-Down Resistor Resp 25 60 KQ Battery-Backup Quiescent Current IBaT 5 76 nA 7 DALLAS SEMICONDUCTOR CORP 052893 16/27 305BYE D MM 2624130 0007531 O06 MMDAL psso02FP DC CHARACTERISTICS (cont'd) (ta=O0C to 70C; Voc=5V + 10%) PARAMETER SYMBOL MIN TYP MAX UNITS NOTES Input Leakage Current ht +10 pA 0.45<Vin, Voc (Port 0, MSEL) RST Pulldown Resistor Rre 40 150 KQ VRST Pullup Resistor Rva 47 KQ PROG Pullup Resistor Rpr 40 KQ Power Fail Warning Voltage Veprw 4.25 4.37 4.50 Vv 1 Minimum Operating Voltage Vecmin 4.00 412 4.25 Vv 1 Lithium Supply Voltage Van 2.5 4.0 Vv 1 Operating Current lec 36 mA 2 Idle Mode Current hote 7.0 mA 3 Stop Mode Current Istop 80 pA 4 Pin Capacitance Cin 10 pF 5 Output Supply Voltage (Veco) Veco Vec-0.3 Vv 1,2 Output Supply Batterybacked Veco2 Vi 0.55 Vv 18 Mode (Veco, CE14, PE12) Output Supply Current lecot 7 mA 6 @ Veco=Vec 0.8V Lithiumbacked Quiescent Current hy 5 75 nA 7 Reset Trip Point in Stop Mode 1 w/BAT=3.0V 4.0 4.25 w/BAT=3.3V 44 4.65 AC CHARACTERISTICS (ta=0C to70C; Vec=0V to 5V) PARAMETER SYMBOL MIN TYP MAX UNITS NOTES SDI Pulse Reject tspr 2 us 10 SDI Pulse Accept tspa 10 us 10 DALLAS SEMICONDUCTOR CORP 052893 17/27 306BYE D MM 26141430 0007532 Tue MDAL DS5002FP DALLAS SEMICONDUCTOR CoRP AC CHARACTERISTICS EXPANDED BUS MODE TIMING SPECIFICATIONS (ta=0C to70C; Vec=5V + 10%) # |PARAMETER SYMBOL MIN MAX UNITS 1 | Oscillator Frequency t/toLK 1.0 12 (-12) MHz 16 (-16) 2 |ALE Pulse Width tal Pw toi K-40 ns Address Valid to ALE Low tavALL teLK-40 ns 4 | Address Hold After ALE Low tavaay toLk-35 ns 14 | RD Pulse Width taopw 6toLK-100 ns 15 | WR Pulse Width twrew 6teL-100 ns 16 | RD Low to Valid Data In @12 MHz troLpv Sto. -165 ns @16 MHz Stor 7105 ns 17 | Data Hold after RD High trpHDv 0 ns 18 | Data Float after RD High tRDHDz 2toL K-70 ns 19 | ALE Low to Valid Data In @12 MHz taLivp Bto_K-150 ns @16 MHz 8to K-90 ns 20 | Valid Addr. to Valid Data In @12 MHz tavpv Sti -165 ns @16 MHz Stor -105 ns 21 | ALE Low to RD or WR Low taLLRDL 3toiK-50 3tciK+50 ns 22 | Address Valid to RD or WR Low tavRDL 4toLK-130 ns 23. | Data Valid to WR Going Low tpvwRL toi K-60 ns 24 | Data Valid to WR High @12 MHz tovwaH 7toiK-150 ns @16 MHz 7to_,-90 ns 25 | Data Valid after WR High twRHDv toiK-50 ns 26 | RD Low to Address Float tapLaz i) ns 27 | RD or WR High to ALE High tRDHALH teLk-40 te_K+50 ns 052893 18/27 307DS5002FP EXPANDED DATA MEMORY READ CYCLE b4E D MM 2614130 0007533 789 MEDAL DALLAS SEMICONDUCTOR CORP PAS PORTO ne(21) epee (19) \_/ eS 20} pO Oa] oats (re OR DPL) d DATAIN A7-A0 INSTR (PCL) IN PORT 2 EXPANDED DATA MEMORY WRITE CYCLE P2.7P2.0 OR A15A8 FROM DPH xX At5AB FROM PCH / ALE cal \___J a | & WR +3} @) (23) > $$ A7A0 A7A0 INSTA PORTO (Rn OR DPL) } DATA OUT YX (PCL} iN @ PORT 2 P2.7-P2.0 OR A15-A8 FROM PDH xX A15-A8 FROM PCH 052883 19/27 308> BYE D MM 2624130 0007534 615 MEDAL DSs002FP CTOR COR} AC CHARACTERISTICS (cont'd) DALLAS SEMNTCONDU EXTERNAL CLOCK DRIVE (ta = 0C to70C; Voc = 5V + 10%) # | PARAMETER SYMBOL MIN MAX UNITS 28 | External Clock High Time @12 MHz toLKHPW 20 ns @16 MHz 15 ns 29 | External Glock Low Time @12 MHz to_KLPW 20 ns @16 MHz 15 ns 30 | External Clock Rise Time @12 MHz toLKA 20 ns @16 MHz 15 ns 31 | External Clock Fall Time @12 MHz toLKr 20 ns @16 MHz 15 ns EXTERNAL CLOCK TIMING pf 052893 20/27 309BYE D MM 26141350 0007535 751 MMDAL DS5002FP DALLAS SEMICONDUCTOR CORP AC CHARACTERISTICS (cont'd) POWER CYCLING TIMING (ta = 0C to70C; Voc = SV + 10%) # | PARAMETER SYMBOL MIN MAX UNITS 32 | Slew Rate from Vecemin te Vii tr 130 HS 33 | Crystal Start up Time tesu (note 9) 34 | Power On Reset Delay tpor 21504 tok POWER CYCLE TIMING Vv, Vprw> Veemn Vu 7 INTERRUPT SERVICE ROUTINE sox SITU f JU INTERNAL RESET LITHIUM CURRENT 062893 21/27 310BYE D MM 26234130 000753b 694 MMDAL DSSOZEP AC CHARACTERISTICS (contd) DALLAS SEMICONDUCTOR CORP SERIAL PORT TIMING MODE 0 (ta = 0C to70C; Veg = SV + 10%) # | PARAMETER SYMBOL MIN MAX UNITS 35 | Serial Port Clock Cycle Time tspcLk 12tcLK ps 36 | Output Data Setup to Rising Clock Edge tpocH 10te_ K-133 ns 37 | Output Data Hold after Rising Clock Edge tcHpo 2torK-117 ns 38 | Clock Rising Edge to Input Data Valid tcHpv 10te_-133 ns 39 | Input Data Hold after Rising Clock Edge tenpiv 0 ns SERIAL PORT TIMING -- MODE 0 Pe tor tele tet ete tr de | noma o10ck L} LJ LI LILI LI Lo 1 > @ DATA OUT Qo 1 x 2 x 3 x 4 Xx 5 x 6 x 7 SETTI | WRITE TO SBUF REGISTER WPUTORTA XXX XX XX XMM X KNX TF a. VALID VALID VALID VAUD VALID VALID VALID CLEAR RI 052893 22/27 311B4YE D MM 2644150 0007537 524 MMDAL Dsso02FP DALLAS SEMICONDUCTOR CORP AC CHARACTERISTICS BYTEWIDE ADDRESS/DATA BUS TIMING (ta = 0C to70C; Veg = 5V + 10%) # |PARAMETER SYMBOL MIN MAX UNITS 40 | Delay to Bytewide Address Valid from tcEILPA 30 ns CE1, CE2 or CE1N Low During Opcode Fetch 41 | Pulse Width of CE14, PE14 or CE1N tcepw 4teL K-35 ns 42. | Byte-wide Address Hold After CE1, CE2 tCE1HPA 2tor K-20 ns or CE1N High During Opcode Fetch 43 | Byte-wide Data Setup to CE1, CE2 or tovcE1H Iter K+40 ns CE1N High During Opcode Fetch 44 | Bytewide Data Hold After CE1, CE2 or tcE1HOV 10 ns CEN High During Opcode Fetch 45 | Byte-wide Address Hold After CE1-4, tcEHDA 4toiK-30 ns PE14, or CEiN High During MOVX 46 | Delay from Bytewide Address Valid tCELDA 4tciK-35 ns CE1-4, PE14, or CE1N Low During MOVX 47 | Bytewide Data Setup to CE14, PE14, or tpacEH AtcL +40 ns CEN High During MOVX (read) 48 | Bytewide Data Hold After CE1-4, PE1-4, tcEHDV 10 ns or CE1N High During MOVX (read) 49. | Bytewide Address Valid to R/W Active taVRWL Stork 35 ns During MOVX (write) 50 | Delay from R/W Low to Valid Data Out tawLpv 20 ns During MOVX (write) 51 | Valid Data Out Hold Time from CE1-4, tcEHDV Itoi K-15 ns PE14, or CE1N High 52 | Valid Data Out Hold Time from R/W High tRawHDv ) ns 53 | Write Pulse Width (R/W Low Time) tRwLPW 6tciK-20 rs 062893 23/27 312* BYE D MM 2634130 0007538 460 mmDAL DALLAS SEMICONDUCTOR CORF BYTEWIDE BUS TIMING DS5002FP Jeo wacune cvcre +e mace crcie je machinecrcie | Prd 2p ated set egs pegare ds Fed Perr bepate ts fel me = JUUU UU J ne A ATW $5 \i__ . mes ea Peour xt poout ot. oe PC OUT ? on es PC OUT Ez, Pe} eZ__|_ -____- 55 to On cEIN oO Or eG) @> fe 168 c BDO. BO7 OATAIN DATAIN DATAIN Gata; $K__paraout | RPC AC CHARACTERISTICS DBB READ (ta = OC to70C; Vee = 5V + 10%) # | PARAMETER SYMBOL MIN MAX UNITS 54 | CS, Ag Setup to RD tan 0 ns 55 | CS, Ag Hold After RD tra 0 ns 56 | RD Pulse Width tar 160 ns 57 | CS, Ag to Data Out Delay tap 130 ns 58 | RD to Data Out Delay trap 0 130 ns 59 | RD to Data Float Delay trpz 85 ns 052803 24/27 313bYE D MM 2614130 0007539 3T? MMDAL oSs002FP RPC AC CHARACTERISTICS DBB WRITE (ta = 0C to70C; Veg = SV + 10%) # =| PARAMETER SYMBOL MIN MAX UNITS 60 | CS, A Setup to WR taw ) ns 61A | CS, Hold After WR twa 0 ns 61B | Ao, Hold After WR twa 20 ns 62 | WR Pulse Width tww 160 ns 63 | Data Setup to WR tow 130 ns 64 | Data Hold After WR two 20 ns AC CHARACTERISTICS DMA (ta = 0C to70C; Veg = 5V + 10%) # | PARAMETER SYMBOL MIN MAX UNITS 65 | DACK to WR or RD tacc ft) ns 66 | RD or WA to DACK tcac 0 ns 67 | DACK to Data Valid taco 0 130 ns 68 | RD or WR to DRO Cleared tora 110 ns AC CHARACTERISTICS PROG (ta = 0C to70C; Veg = BV + 10%) # =|PARAMETER SYMBOL MIN MAX UNITS 69 | PROG Low to Active tpRa 48 CLKS 70 | PROG High to Inactive teri 48 CLKS CORP DALLAS SEMICONDUCTOR 052893 25/27 314BYE D MM 2634130 0007540 019 MMDAL Dss002FP DALLAS SEMICONDUCTOR CORP RPC TIMING MODE READ OPERATION CSOR AOD 7 1h >| 68) Oe DATA -S DATA VALID WRITE OPERATION GS OR AO WA 60 +_@)__+| ) - ) DATA -_ DATA VALID DMA DAK YY 2 deel. >|) DATA VALID xX KX vai @l-- ek NOTES: 1. 2. All voltages are referenced to ground. Maximum operating Io is measured with all output pins disconnected; XTAL1 driven with tcLKR: te_kF=10 ns, Vi = 0.5V; XTAL2 disconnected; RST = PORTO = Vec, MSEL = Vgs. Idle mode Iip_e is measured with all output pins disconnected; XTAL1 driven with totkr, tcLkr = 10 ns, Vi. = 0.5V; XTAL2 disconnected; PORTO = Vcc, RST = MSEL = Vg. Stop mode Igtop is measured with all output pins disconnected; PORTO = Voc? XTAL2 not connected; RST = MSEL = XTAL1 = Vgg. Pin Capacitance is measured with a test frequency 1 MHz, ta = 25C. 052893 26/27 315BYE D MM 2614330 OOO7S4L TSS MMDAL DALLAS SEMICONDUCTOR CORP 6. Igco is the maximum average operating current that can be drawn from Voco in normal operation. DSS002FP 7. ly is the current drawn from V,; input when Voc = OV and Veco is disconnected. Battery-backed mode: 2.5V < Vear < 4.0; Veco < Veats Vep1 should be < Viis for IBAT max. 8. Vocog is measured with Vcc < Vij, and a maximum load of 10 pA on Veco. 9. Crystal start-up time is the time required to get the mass of the crystal into vibrational motion from the time that power is first applied to the circuit until the first clock pulse is produced by the on-chip oscillator. The user should check with the crystal vendor for a worst case specification on this time. 10. SDI is deglitched to prevent accidental destruction. The pulse must be longer than tgpr to pass the deglitch- er, but SDI is not guaranteed unless it is longer than tgpa. DS5002FP CMOS MICROCONTROLLER et G > D > 64 m al O 25 80 L ____ Oe A: Cc Qo MILLIMETERS PIM MIN | NOM | MAX A - 2.91 | 3.15 B 0.25 | 0.35 | 0.45 Cc - 0.80 - D 19.85 | 20.00 | 20.15 E 13.85 | 14.00 | 14.15 F 17.40 | 17.86 | 18.20 G 23.40 | 23.86 | 24.20 H 0.40 - 13 | 0 - 10 052893 27/27 316