Security & Chip Card ICs SLE 66C168PE 8/16-Bit Security Controller with enhanced instruction set for large memories in 0.22 m CMOS Technology 68-Kbytes ROM, 2304 Bytes RAM, 16-Kbytes EEPROM Dual Key Triple DES Preliminary Short Product Information 01.05 SLE 66C168PE Short Product Information Ref.: SPI_SLE 66C168PE_0105 This document contains preliminary information on a new product under development. Details are subject to change without notice. Revision History: Current Version 01.05 Previous Releases: 02.04 Page Important: Further information is confidential and on request. Please contact: Infineon Technologies AG in Munich, Germany, Security & Chip Card ICs, Tel +49 - (0)89 234-80000 Fax +49 - (0)89 234-81000 E-Mail: security.chipcard.ics@infineon.com Edition 2005 Published by Infineon Technologies AG, CC Applications Group St.-Martin-Strasse 53, D-81541 Munchen (c) Infineon Technologies AG 2002 All Rights Reserved. Attention please! The information herein is given to describe certain components and shall not be considered as warranted characteristics. Terms of delivery and rights to technical change reserved. We hereby disclaim any and all warranties, including but not limited to warranties of non-infringement, regarding circuits, descriptions and charts stated herein. Infineon Technologies is an approved CECC manufacturer. Information For further information on technology, delivery terms and conditions and prices please contact your nearest Infineon Technologies Office in Germany or our Infineon Technologies Representatives world-wide (see address list). Warnings Due to technical requirements components may contain dangerous substances. For information on the types in question please contact your nearest Infineon Technologies Office. Infineon Technologies Components may only be used in life-support devices or systems with the express written approval of Infineon Technologies, if a failure of such components can reasonably be expected to cause the failure of that life-support device or system, or to affect the safety or effectiveness of that device or system. Life support devices or systems are intended to be implanted in the human body, or to support and/or maintain and sustain and/or protect human life. If they fail, it is reasonable to assume that the health of the user or other persons may be endangered. SLE 66C168PE 16-Bit Security Controller with enhanced instruction set for large memories in 0.22m CMOS Technology, 68-Kbyte ROM, 2304 Bytes RAM, 16-Kbyte EEPROM, Dual Key Triple DES Accelerator Features * * * New New * * Instruction set opcode compatible with standard SAB 8051 processor New New New * * * * * * * New * * * * * New * Downward compatibility to existing SLE 66CxxxP products for existing masks without using the new features * * * Typically saves up to 90 % code space and increases execution speed up to 80 %. Dedicated, non-standard architecture with execution time 6 times faster than standard SAB 8051 processor at same external clock. (Up to 18 times faster using internal frequency PLL x 3 compared to external clock). * * * 68 Kbytes User ROM for application programs 16 Kbytes MicroSlim-EEPROM 2 Kbytes XRAM, 256 bytes internal RAM Enhanced Memory Management and Protection Unit (MMU) with application and user defined segments * * * Dual Key Triple DES (DDES) CC EAL5+ certification according to BSI-PP-0002 planned True Random Number Generator with Firmware test function Increased internal clock frequency for maximum performance Internal frequency is automatically adjusted to guarantee a given limited power consumption Two 16-bit Autoreload Timer Power saving sleep mode Ext. Clock freq. 1 up to 7.5 MHz for int. Clock up to 33 MHz UART for handling serial interface in accordance with ISO/IEC 7816 part 3 supporting transmission protocols T=1 and T=0 Supply voltage range:1.8 V, 3.0 V, 5.0 V Support of current consumption limits by GSM / UICC applications < 10 mA @ 5.5 V < 6 mA @ 3.3 V < 4 mA @ 1.98 V Operating Temperature range: -25 to +85C Storing temperature range: -40 to +125C ESD protection larger than 6 kV (HBM) MicroSlim-EEPROM CRC Module 16-bit Interrupt Module New EEPROM programming voltage generated on chip New * * * * * * * * * * Preliminary - Short Product Information Adjustable frequency according to available power or required performance * Additional enhanced instructions for direct physical memory access of >64kByte Code executions during E-programming for faster personalization Internal Clock with up to 33 MHz: Programmable internal frequency (PLL x1, x2, x3, x4 and free running mode(s)). * Addressable memory up to 16 Mbyte * * New 8/16-bit microcomputer in 0.22 m CMOS technology 3/8 Write cycle time 0.7ms Erase cycle time 0.7 ms Typical programming time (erase & write) incl. firmware 2 ms Fast personalization mode < 0.9 ms per page Enhanced Error Correction Unit controlled by OS Reading and programming byte by byte Flexible page mode for 1 to 64 bytes write/erase operation 32 bytes security area (OTP) Minimum of 500.000 write/erase cycles @ 25C per page. Maximum of 16.500.000 write/erase cycles per sector Typical data retention of 10 years @ 25C 01.05 SLE 66C168PE Memory Management and Protection Unit New * * * * * New * * Anti Snooping * * Addressable memory of up to 16 Mbyte Separates OS (system mode) and application (user mode) * * System routines called by interrupts OS can restrict access to peripherals in application mode * Variable application orientated segments defined and controlled by OS Code execution from XRAM possible Automatic randomization smoothing of power profile Effective HW-countermeasures against SEMA/DEMA, SPA/DPA, DFA and Timing-Attacks Non standard dedicated Smart Card CPU - Core Active Shield with automatic and user controlled attack detection Hardware countermeasures controlled by True Random Number Generator Targeted Certification * * * Enhanced multi-application support by 16 descriptors for system / application mode CC EAL5+ VISA level 3 CAST Security Features * * * * Support Enhanced sensor concept: * * * * * * * Low and high voltage sensors Frequency sensors and filters * Light Sensor * * * * * * * Security reset detection * * * * Current control oscillator (ICO) Document References Temperature Sensor Life Test Function for Sensors (UMSLC) Bus confusion * * * Sparkling SFR encryption for DDES and ACE, CRC module and RNG 32 bytes security PROM, hardware protected for batch-, wafer-, die-individual security data. Unique chip identification number for each chip * ISO/IEC 7816 EMV 2000 GSM 11.11, 11.12, 11.18 ETSI TS 102 221 Confidential Data Book SLE 66CxxxPE Qualification report Chip delivery specification for wafer with chip-layout (die size, orientation,...) Module specification package, etc. containing Additional memory for customer-defined security FabKey on request * MED - memory encryption/decryption device for XRAM, ROM and EEPROM Development Tools Overview * Security optimized layout and layout scrambling * * Fast IRAM erase Enhanced Error correction unit (ECU) Testmode * Application notes Supported Standards Glitch Sensors Memory Security New HW-& SW-Tools (Emulator, ROM Monitor, Card Emulator, Simulator, Softmasking) * Irreversible Lock - Out of test-mode Preliminary - Short Product Information 4/8 description of Qualification report module Short Product Information Software Development Kit SDK CC Short Product Information ROM Monitor RM66PE Short Product Information Emulator ET66PE Hitex or ET66PE KSC Short Product Information Smart Mask Package 01.05 SLE 66C168PE Performance DDES- Accelerator (typical values, based on internal test results) Operation Data Block Length Encryption Time for an 8-Byte Block incl. Data Transfer New 5 MHz 15 MHz 33 MHz* 56-bit Single DES Encryption 64 bit 23 s 8 s 3.5 s 112-bit Triple DES Encryption 64 bit 35 s 12 s 5.3 s * preliminary values Ordering Information Type Package1 SLE 66C168PE C Die (sawn, unsawn) SLE 66C168PE M5 M5.1 Voltage Temperature Range Range 1.8 V; 3.0 V; 5.0 V - 25C to + 70C or or 3.0 V; 5.0 V - 25C to + 85C Frequency Range (int. clock frequency Frequency Range (ext. clock frequency) 1 MHz - 5 MHz Up to 33 MHz or 1 MHz - 7.5 MHz For ordering information please refer to the databook and contact your sales representative. 1 available as wire-bonded module (M5) for embedding in plastic cards or as die (C) for customer packaging Preliminary - Short Product Information 5/8 01.05 SLE 66C168PE Pin Configuration VCC GND CLK RST SLE 66C168PE I/O Figure 1: Pin Configuration Pin Definitions and Functions Symbol Function VCC Operating voltage RST Reset input CLK Processor clock input GND Ground I/O Bi-directional data port Preliminary - Short Product Information 6/8 01.05 SLE 66C168PE General Description The SLE66C168PE is one member of the improved 66PE-series of Infineon Technologies. This high performance security controller is manufactured in advanced 0.22 m CMOS technology. It is downward compatible to existing 66P controller derivatives. The well known ECO2000 8/16 bit CPU provides the high efficiency of the SAB 8051 instruction set extended by additional powerful instructions together with enhanced performance, memory sizes and security features compared to existing 66P derivatives. Performance: The internal clock frequency can be adjusted to a level up to 33 MHz either as a multiple of 1,2,3,4 to the external frequency or independent of the clock rate of the terminal with the help of the internal clock. It is adjustable according to either available power requirements or required performance: * New Increased internal clock frequency for maximum performance, e.g. for high performance with max. frequency in payment applications. * Automatically adjusted frequency for a max. given power consumption, e.g. by GSM or UMTS requirements. Memory: The SLE66C168PE offers 68 Kbytes of User-ROM, 256 byte internal RAM, 2048 byte XRAM and 16 Kbytes MicroSlim-EEPROM, to fulfill the requirements of mainly standard GSM an SDA payment applications. The large ROM size allows to place applications in the ROM-mask and to keep the EPROM free for customer data. In addition it saves mask development costs, as one mask may be used for different customer projects. The enhanced Memory Management and Protection Unit allows a secure separation of the operating system and different applications. It allows to separate the memories in application orientated segments, which can be controlled by the OS. Furthermore, the MMU makes a secure downloading of applications possible even after personalization of a card. These new features suit the requirements of the next generation of multi application operating systems. Voltage Clock Reset ROM 68 Kbyte XRAM 2 Kbyte 16-Bit CPU with MMU & ECO 2000 Instruction Set EEPROM 16 Kbyte DES Accelerator Address-/Data Bus Sleep Mode Logic Sensors/Filters Interrupt Voltage Regulator two 16-bit Timer CRC Random Number Generator UART Clock generated Figure 2: Block Diagram SLE 66C168PE The new platform is designed to address up to 16Mbyte. However this feature is only available upon request and will clearly require a change in the existing tool environment. In addition, new instructions have been implemented in the design for an efficient direct access of physical memory >64KByte up to16 MByte. Preliminary - Short Product Information 7/8 01.05 SLE 66C168PE Security features: Since the very beginning, security is an integrated part of Infineons product development, as proved by various certificates (ITSEC, CC, Proton, VISA, ZKA, Mondex). The so called "integral security concept" for the 66P series ensures: * * * A secret storage of any confidential code, data and keys Protection against side channel attacks such as: Simple Power Analysis (SPA) , Differential Power Analysis (DPA), Protection against Differential Fault Analysis (DFA), Electromagnetic Emanation Attack (EMA) and other possible HW or SW attacks Peripherals: The CRC module allows the easy generation of checksums according to ISO/IEC 3309 (16-Bit-CRC). To minimize the overall power consumption, the chip card controller IC offers a sleep mode. The UART supports the halfduplex transmission protocols T=0 and T=1 according to ISO/IEC 7816-3. All relevant transmission parameters can be adjusted by software, as e.g. the clock division factor, direct/inverse convention and the number of stop bits. Additionally, the I/O port can be driven by communication routines realized in software. The HW-DES module supports symmetric crypto algorithms according to the Data Encryption Standard in the Electronic Code Book Mode. The random number generator (RNG) is able to supply the CPU with true random numbers on all conditions. The advanced sensor concept includes various sensors for any kind of attack scenarios and even more important a "Life Test " for sensors. As an important feature, the chip provides an on-chip security, which fulfills the strong security requirements of a Common Criteria evaluation at an EAL5+ level. In conclusion, the SLE 66C168PE fulfills all the requirements of today's chip card applications and is especially designed for GSM, SDA payment and PayTV applications. The SLE66C168PE integrates outstanding memory sizes, additional peripherals in combination with enhanced performance and optimized power consumption on a minimized die size. Preliminary - Short Product Information 8/8 01.05