SST89E/V564RD SST89E/V554RC: Security Features Application Note A
|
|
|
Top Searches for this datasheet
SST89E/V516RDx SST89E/V58RDx Security Features
SST89E/V564RD SST89E/V554RC: Security Features
Application Note August 2008
SST89E/V58RDx SST89E/V516RDx offer advanced security features that protect against software piracy code corruption resulting from accidental erasing programming internal flash memory locations. Through proper usage security features In-Application Programming (IAP) commands, possible attain protection code, while allowing flexibility authorized code updates. There different types security locks SST89E/V58RDx SST89E/V516RDx security system: hard lock SoftLock. These security lock types enabled internal flash blocks combinations. following general description each security lock type possible security lock options. commands (except Chip-Erase ProgSBx) issued from unlocked flash block (external memory always considered unlocked) disabled. commands issued from soft locked flash block flash block same security level lower enabled. Thus, commands issued from hard locked flash block soft locked flash block also enabled. sampled latched reset which prevents from being switched during middle code execution jumping external code.
HARD LOCK
When block hard locked, following security measures place: MOVC commands executed from program code residing unlocked (external memory always considered unlocked) soft locked flash block allowed access target address hard locked flash block. This protects against software piracy making code hard locked block inaccessible less secure code. external host mode commands (except Chip-Erase Prog-SBx) disabled hard locked flash block. sampled latched reset which prevents from being switched during middle code execution jumping external code.
SECURITY LOCK GUIDELINES Programming Security Lock Bits
There general ideas remember when programming security lock bits: Security SST89E/V58RDx SST89E/V516RDx controlled three security lock bits SB1, SB2, SB3. three bits programmed through external host mode using Prog-SB1, ProgSB2, Prog-SB3 commands. security bits always programmed regardless current security level. Once security lock bits been programmed, cannot unprogrammed except external host mode Chip-Erase command that will unprogram three security lock bits. status security lock bits checked time looking three bits located special function register SFST[7:5]. There eight possible combinations security lock bits. Security level security options that contain combinations each. This leaves total number different security lock options. (See Table 9-2) security lock options grouped into different security levels. four security levels individual security lock options described below summarized Table 7-1, Table 7-2, Table 9-1, Table 9-2.
SOFTLOCK
SoftLock allows flash contents read altered under secure environment. This lock option allows user update program code soft locked flash block executing commands from other flash block. flash block that soft locked will have following security measures place: MOVC commands executed from program code residing unlocked (external memory always considered unlocked) flash block allowed access target address soft locked flash block. This protects against software piracy making code soft locked block inaccessible less secure code.
©2008 Silicon Storage Technology, Inc. S72040-03-000 8/08
logo SuperFlash registered trademarks Silicon Storage Technology, Inc. These specifications subject change without notice.
SST89E/V516RDx SST89E/V58RDx Security Features
Application Note
Command Interactions
commands interact with security lock functions follows: commands executed from higher security level always access flash blocks lower security level (hard lock SoftLock unlock SoftLock unlock). commands executed from SoftLock unlock security level access other flash block same security level (SoftLock SoftLock, unlock unlock). security commands always enabled regardless security level executed from Block external memory. Chip-Erase always enabled from external memory regardless security level.
MOVC commands disabled from external memory flash blocks, executed either Block Block itself flash blocks external memory. following code segment will SST89E/V58RDx SST89E/V516RDx security level (100b) from security level (000b) using command with interrupt:
SFCF, #40H SFDT, #0AAH SFCM, #8FH enable commands program security setup issue Prog-SB1 command interrupt INT1# occurrence indicates completion
SECURITY LEVEL CODE CORRUPTION SOFTWARE PIRACY PREVENTION WITH CONTROLLED CODE UPDATE
Security level includes three security lock options. each these three security types, MOVC commands from external memory disabled sampled latched reset which prevents someone from switching during middle code execution jumping external code. Each will described separately.
SECURITY LEVEL SECURITY
Security level exists when three security lock bits unprogrammed. This default security state after Chip-Erase command been executed either through external host mode this state, Security-Status bits (SFST[7:5]) will read 000b. security level security features disabled both internal flash blocks both unlocked. MOVC command external host mode commands enabled both blocks.
Level SoftLock/SoftLock
This security type only reached from security level programming security through either external host mode Prog-SB2 leaving other bits unprogrammed. security level SoftLock/SoftLock: Both flash blocks soft locked.
SECURITY LEVEL SOFTLOCK/SOFTLOCK CODE CORRUPTION PREVENTION
Security level only reached from security level programming security through either external host mode Prog-SB1 leaving other bits unprogrammed. security level SoftLock/SoftLock: Both flash blocks soft locked. Security-Status bits (SFST[7:5]) will read 100b. External host mode Byte-Verify commands allowed. commands allowed long they reside within Block Block
commands except security commands Chip-Erase. security commands only executed from Block external memory, Block Chip-Erase only executed from external memory.
©2008 Silicon Storage Technology, Inc.
Security-Status bits (SFST[7:5]) will read 010b. external host mode commands (except ChipErase Prog-SBx) disabled. commands (except Chip-Erase) executed from either Block Block enabled. MOVC commands disabled from external memory flash blocks, executed either Block Block itself flash blocks external memory.
S72040-03-000
8/08
SST89E/V516RDx SST89E/V58RDx Security Features
Application Note code residing internal flash blocks protected from software piracy because inaccessible from external sources. code both blocks still updated controlled environment. Code executing Block update code Block vice versa. Thus, user design method perform field updates without exposing code residing internal flash blocks. However, since code either block altered possible that code performing those com, mands could become corrupt, which would turn corrupt other block. following code segment will SST89E/V58RDx SST89E/V516RDx security level SoftLock/SoftLock, (010b) from security level (000b) using command with interrupt:
SFCF,#40H SFDT, #0AAH SFCM, #83H enable commands program security setup issue Prog-SB2 command interrupt INT1# occurrence indicates completion
following code segment will show SST89E/V58RDx SST89E/V516RDx security level hard lock/SoftLock (001b) from security level unlock/ unlock (000b) using command with interrupt:
SFCF, #40H SFDT,#0AAH SFCM, #85H enable commands program security setup #85H "001" (Prog-SB3 command) interrupt INT1# occurrence indicates completion
following example will SST89E/V58RDx SST89E/V516RDx security level hard lock/SoftLock (110b) from security level SoftLock/SoftLock (100b).
SFCF, #40H SFDT, #0AAH SFCM, #83H enable commands program security setup #83H "110" (Prog-SB2 command) interrupt INT1# occurrence indicates completion
following example will SST89E/V58RDx SST89E/V516RDx security level hard lock/SoftLock (110b) from security level SoftLock/SoftLock (010b).
SFCF, #40H SFDT, #0AAH SFCM, #8FH enable commands program security setup #8FH "110" (Prog-SB1 command) interrupt INT1# occurrence indicates completion
Level Hard Lock/SoftLock
This security lock option reached from security levels Refer Table combinations. security level hard lock/SoftLock: Block hard locked Block soft locked. Security-Status bits (SFST[7:5]) will read 001b 110b. external host mode commands (except ChipErase Prog-SBx) disabled. Only Block Block Chip-Erase executed from external memory either flash blocks. MOVC commands from Block Block disabled, enabled from Block Block Since code Block hard locked, protected from code corruption because cannot altered. code residing Block Block completely protected from software piracy because cannot accessed externally. However, user still perform code updates Block using commands executed from secure Block This security state more secure than SoftLock/SoftLock state because code that updates Block resides Block which hard locked therefore protected from corruption.
Level Hard Lock/Hard Lock
Level hard lock/hard lock security level reached from security levels SST89E/V58RDx SST89E/V516RDx's current security level level 110b, then only security level hard lock/hard lock, reached. Table shows combinations going from security levels security level hard lock/hard lock: Both flash blocks hard locked. Security-Status bits (SFST[7:5]) will read 011b 101b. external host mode commands (except Chip-Erase Prog-SBx) disabled. MOVC commands disabled from external memory flash blocks, executed either Block Block itself flash blocks external memory.
©2008 Silicon Storage Technology, Inc.
S72040-03-000
8/08
SST89E/V516RDx SST89E/V58RDx Security Features
Application Note this mode, both blocks protected from software piracy code corruption because Program Erase commands (except Chip-Erase Prog-SBx) disabled. following code segment will SST89E/V58RDx SST89E/V516RDx security level hard lock/hard lock (101b) from security level SoftLock/SoftLock (100b) using command with interrupt:
SFCF, #40H SFDT, #0AAH SFCM, #85H enable commands program security setup issue Prog-SB3 command interrupt INT1# occurrence indicates completion SFCF, #40H SFDT, #0AAH SFCM, #85H enable commands program security setup #85H "001" (Prog-SB3 command) interrupt INT1# occurrence indicates completion
following code segment will show SST89E/V58RDx SST89E/V516RDx security level hard lock/hard lock (011b) from security level hard lock/ SoftLock using command with interrupt SFST[7:5] 001b:
SFCF, #40H SFDT, #0AAH SFCM, #83H enable commands program security setup issue Prog-SB2 command interrupt INT1# occurrence indicates completion
following code segment will SST89E/V58RDx SST89E/V516RDx security level hard lock/hard lock (011b) from security level SoftLock/SoftLock (010b) using command with interrupt: TABLE
7-1: SECURITY LEVEL HARD LOCK/SOFTLOCK COMBINATIONS
Current Security Level (Block Block (Unlock/Unlock) Current SFST[7:5] 000b 100b 010b (Hard Lock/SoftLock) Security Level (Block Block SFST[7:5] value 001b/110b 110b 110b
T7-1.0 2040
Device
SST89E/V58RDx SST89E/V516RDx
(SoftLock/SoftLock) (SoftLock/SoftLock)
TABLE
7-2: SECURITY LEVEL HARD LOCK/HARD LOCK COMBINATIONS
Current Security Level (Block Block (Unlock/Unlock) Current SFST[7:5] 000b 100b 010b 001b Security Level (Block Block SFST[7:5] value 011b/101b 101b 011b 011b/101b
T7-2.0 2040
Device
SST89E/V58RDx SST89E/V516RDx
(SoftLock/SoftLock) (SoftLock/SoftLock) (Hard Lock/SoftLock)
(Hard Lock/Hard Lock)
©2008 Silicon Storage Technology, Inc.
S72040-03-000
8/08
SST89E/V516RDx SST89E/V58RDx Security Features
Application Note
SECURITY LEVEL HARD LOCK/ HARD LOCK MAXIMUM SECURITY
Level reached from other security configurations simply programming unprogrammed security bits SB1, SB2, through either external host mode security level hard lock/hard lock: Both flash blocks hard locked. Security-Status bits (SFST[7:5]) will read 111b. external host mode commands (except ChipErase) disabled. commands disabled. MOVC commands disabled from external memory flash blocks, executed either Block Block itself flash blocks external memory. Execution external code disabled regardless EA#. only exception this code jumps code space that doesn't exist either internal block (8000H DFFFH SST89E/ V58RDx). this case, external code will executed (even doesn't exist!). this security state, internal code protected from both corruption software piracy since erase program commands disabled both flash blocks internal code externally inaccessible. Additionally, microcontroller only used start user code residing internal flash memory.
following code segment will SST89E/V58RDx SST89E/V516RDx security level (111b) from security level (000b) using commands with interrupts:
SFCF, #40H SFDT, #0AAH SFCM, #8FH enable commands program security setup issue Prog-SB1 command interrupt INT1# occurrence indicates completion
SFDT, #0AAH SFCM, #83H
program security setup issue Prog-SB2 command interrupt INT1# occurrence indicates completion
SFDT, #0AAH SFCM, #85H
program security setup issue Prog-SB3 command interrupt INT1# occurrence indicate completion
©2008 Silicon Storage Technology, Inc.
S72040-03-000
8/08
SST89E/V516RDx SST89E/V58RDx Security Features
Application Note
SECURITY LOCK LEVELS, OPTIONS, ACCESS
UUU/NN
Level Level
PUU/SS
UPU/SS
UUP/LS
Level
UPP/LL PPU/LS PUP/LL UPP/LL
PPP/LL
Level
2040 F01.0
Note:
programmed (Cell logic state unprogrammed (Cell logic state locked, hard locked, soft locked
FIGURE TABLE
Level
9-1: SECURITY LOCK LEVELS
9-1: SECURITY LOCK OPTIONS
Security Lock Bits1,2 SFST[7:5] Security Status Block Unlock SoftLock Block Unlock SoftLock Security Type security features enabled. MOVC instructions executed from external program memory disabled from fetching code bytes from internal memory, sampled latched Reset, further programming flash disabled. Level plus external host Byte-Verify disabled. Code Block program Block vice versa. Level plus external host Byte-Verify disabled. Code Block program Block Level plus external host Byte-Verify disabled, both blocks locked. Same Level hard lock/hard lock, will start code execution from internal memory regardless EA#.
T9-1.0 2040
SoftLock
SoftLock
Hard Lock
SoftLock
Hard Lock Hard Lock
Hard Lock Hard Lock
SFST[7:5] Security Lock Decoding Bits (SB1, SB2, SB3). Programmed (Cell logic state Unprogrammed (Cell logic state
©2008 Silicon Storage Technology, Inc.
S72040-03-000
8/08
SST89E/V516RDx SST89E/V58RDx Security Features
Application Note TABLE
Level
9-2: SECURITY LOCK ACCESS TABLE
SFST[7:5] 111b (Hard Lock both blocks) External Block 011b/101b (Hard Lock both blocks) External Source Address1 Block Target Address2 Block External Block External Block External Block External Block Block 001b/110b (Block SoftLock, Block Hard Lock) Block External Block Block Block External External Block External Block Block 010b (SoftLock both blocks) Block External Block Block Block External External Block External Block Block 100b (SoftLock both blocks) Block External Block Block Block External External Block External Block Block 000b (unlock) Block External Block Block Block External External Block External Byte-Verify Allowed External Host3 MOVC Allowed 516RDx 58RDx
T9-2.0 2040
Location MOVC instruction. Target address location byte being read. External host Byte-Verify access does depend source address.
©2008 Silicon Storage Technology, Inc. S72040-03-000 8/08
SST89E/V516RDx SST89E/V58RDx Security Features
Application Note
Silicon Storage Technology, Inc. 1171 Sonora Court Sunnyvale, 94086 Telephone 408-735-9110 408-735-9036 www.SuperFlash.com www.sst.com
©2008 Silicon Storage Technology, Inc. S72040-03-000 8/08
Other recent searches
XDUG14C4 - XDUG14C4 XDUG14C4 Datasheet
TPS54980 - TPS54980 TPS54980 Datasheet
SDE1516 - SDE1516 SDE1516 Datasheet
RTL8201L - RTL8201L RTL8201L Datasheet
RTL8201BL - RTL8201BL RTL8201BL Datasheet
IIM7010A - IIM7010A IIM7010A Datasheet
IIM7000 - IIM7000 IIM7000 Datasheet
IIM7010 - IIM7010 IIM7010 Datasheet
IIM7100 - IIM7100 IIM7100 Datasheet
MCP201 - MCP201 MCP201 Datasheet
LTC490 - LTC490 LTC490 Datasheet
AGB3301 - AGB3301 AGB3301 Datasheet
ADC08061 - ADC08061 ADC08061 Datasheet
ADC08062 - ADC08062 ADC08062 Datasheet
Privacy Policy | Disclaimer
© 2012 Datasheet Archive
