Description As Internet connectivity and greater intelligence get integrated into more products, these products can also boast more potential points of vulnerability if left unprotected. Embedded security technologies, such as security supervisors, can safeguard these designs from hacking, counterfeiting, and other security breaches faced by Internet of things (IoT) designs. The MAX36010/MAX36011 are low-power security supervisors designed for fiscal memory, internet security, and IP protection applications that require certificate-based or other public key cryptography schemes. The devices also incorporate sophisticated security mechanisms to protect sensitive information in secure memory, two pairs of external sensor input, and environmental monitors (temperature and voltage sensors) that erase the secure memory when an attack condition is detected.
One SPI, one I²C, and one UART interfaces are provided for secure, flexible communication to external system nodes. Device control and configuration are performed through a SPI, I²C, or UART interface.
The MAX36010/MAX36011 include on-chip 1KB secure memory that is always protected by dynamic sensors and environmental sensors. When there is a tamper event, the 1KB secure memory is erased in less than 1μs after the DRS has been completed. Tamper source and time of tamper is recorded in battery-backed registers. The MAX36010/MAX36011 enter a reset state until the tamper source is removed.
A real-time clock (RTC) is used to keep the current date and time. It is also useful when a tamper event happens, the tamper time is recorded and stored in a battery-backed register. The RTC has an alarm function. An alarm can be set 12 days in advance. The application can use the alarm to trigger the host processor on a daily basis for regular status monitoring and time adjusting between the host and MAX36010/MAX36011. When an alarm event happens, an output pulse is sent to the ALM pin. The RTC comes with a trim function. Certain number of clocks could be added or subtracted from RTC counter so as to compensate the time drift caused by temperature change on external crystal.
The MAX36010/MAX36011 support high-speed encryption with hardware accelerators for AES, RSA, ECDSA, SHA-1, SHA-224, SHA-256, DES, and 3DES. The hardware accelerator has an individual clock that is generated from a 65MHz internal ring oscillator. The MAX36010/MAX36011 act as coprocessors to encrypt data for the host processor. A true hardware random number generator is included for key generation and challenge generation. The MAX36010/MAX36011 provide side-channel attack countermeasures along with cryptography function. The MAX36010 supports symmetric key generation for AES and DES/3DES; whereas the MAX36011 supports both symmetric and asymmetric key generation for AES, DES/3DES, RSA, and ECDSA.
Sensitive information can be stored in the 1KB NV SRAM. Sensitive data transfer is in cipher text mode. Data in NVSRAM is encrypted by an AES-128 key before data is sent over SPI, I²C, or UART. The host processor must decrypt the data with the corresponding AES-128 key to retrieve useful information.
The device is powered by a 3.3V supply. A battery connection is provided for applications that want to maintain secure memory data for years without draining the main power supply. In battery-backed mode, the secure memory and security sensors consume less than 750nA (typ).