This article describes many of the embedded security features in the various DS36xx secure manager products.
Intrusion prevention in many systems had traditionally been left to the specific demands of that application and to the individual creativity of the system designer. To provide enhanced security in an ever-more-interconnected society, various entities have defined specific standards to eliminate potential holes in the creation of a "secure system." Whether the system is a cash register or a file server, the task of security is essentially identical: prevent any open path for a hacker trying to compromise that system security.
The DS36xx secure manager products integrate a CPU supervisor, NVSRAM controller, real-time clock (RTC), temperature sensor, analog-to-digital converter (ADC), random number generator (RNG), and the I/Os and support circuitry necessary to operate this monitoring device on either system power or a battery. These products reduce component count and unload the continuous system monitoring requirements that would otherwise be placed on the processor in secure applications such as point-of-sale (PoS) terminals, PIN pads, secure communications, set-top boxes, alarm systems, or gaming systems. The secure manager products support the highest security level requirements of the FIPS-140.2, Common Criteria, PCI-PED, and EMV-4.1 certification entities. Table 1 presents selection options presently available or in development.
|Part Number||I/O||Analog Voltages Monitored¹||Digital Inputs Monitored||Internal Key Memory||External Memory Control||Random Number Generator||Over-Voltage Monitor||Battery Monitor|
|¹Does not include VCCI and VBAT monitors.|
The secure manager products are low-cost, space-efficient components that offer a premier security solution for many applications. By using the high levels of integration in these devices, valuable system resources can be fully utilized for the principal application while the secure manager handles the generally mundane, but very critical, security monitoring chores.
All tamper inputs are constantly monitored in parallel. At the instant in which any tampering is detected, the following simultaneous actions are initiated:
- Tamper latches record the monitor channel that initiated the tamper event
- The tamper output asserts to alert the system processor
- The current time is frozen in the Time Stamp registers
- Encryption key memory is immediately erased (if applicable)
- External SRAM memory is immediately erased (if applicable)
Recovery from a tamper event begins with identification of the source of the event. The tamper latches and the event time stamp will remain frozen until the condition causing the tamper event has been corrected and the latches have been reset.
A traditional CPU supervisor function monitors the VCCI power supply, providing a reset signal to the microprocessor when the supply is out of tolerance. A tamper reaction to an abnormally high VCCI supply is also included in many of the products.
An ADC register monitors the battery voltage, which is readable through the I/O port. Tamper reaction to an abnormally low or high battery voltage is included in most of the product offerings.
Time Keeping and Tamper-Event Time Stamp
The integrated RTC provides a time reference for tamper-event recording and recovery. Time-of-day alarm and CPU watchdog functions are also included in many of the product offerings.
External Analog Supply Monitoring
Besides the internal VCCI and VBAT monitoring functions, the secure manager products offer multiple configurations of analog inputs. These inputs monitor external power supplies or other critical bias conditions, depending on specific application requirements.
External Digital Signal Monitoring
Most of these devices also include digital input channel(s), which can be utilized for a tamper response to some user-defined conditions. Using standard TTL input thresholds, these inputs could be directly fed from other on-board logic controls. If needed, the inputs can be configured with a resistive-divider network to monitor additional bias sources.
Internal Encryption Key Memory
Most of the devices include a nonvolatile encryption key memory array, accessible through the I/O port. In the event of a tamper, the encryption key memory is rapidly erased.
External Memory Control and Security
Several of the secure manager products include a tamper-reactive nonvolatile SRAM controller, with provisions to supply battery-backed power and control logic for external memory support. When VCCI power is within tolerance, the external SRAM is powered from that VCCI supply. Should the external power supply fail, access to the SRAM is inhibited. The battery is automatically switched in to provide backup power to that external memory.
Power for External Support Circuitry
A battery-backed power supply output is provided for any critical external support circuitry required for continuous operation. The output supply voltage is either the VCCI supply, if within the defined tolerance, or VBAT.
Random Number Generator
Most of the secure manager products contain a pseudo-random number generator (RNG), which provides a seed value for the user to generate their own FIPS 140.2-compliant random number. Upon initial application of VCCI power, the RNG is seeded using several natural sources of randomness. Until the device is ready, the RNG will output zeros data. Once a non-zero byte is read, any number of additional random bytes can be read in 128-byte blocks. This read cycle can be repeated any number of times until the user has retrieved sufficient random data to seed a software-controlled random number generation.
An on-chip temperature sensor monitors the system environment. High- and low-temperature limits, and appropriate tamper reaction if those operational limits are violated, counter any intended thermal attack.
Discrete System Identification
Each device contains a unique serial number, readable through the I/O port. This silicon serialization allows for discrete end-item system identification. The products are manufactured so that no two devices will ever contain the same serial number.
The product family is offered in chip-scale ball grid array (CSBGA) packages. By minimizing exposed pins, this packaging further enhances the security of the data and control signals.