In the SST89E/V58RD2/SST89E/V516RD2 cryptographic system has two different encryption ways: The hardware locks (Hard Lock) and the software locks (SomftLock). Altogether has 6 kind of different combinations with these two safe encryption way to the internal 2 Flash encryption.
1 hardware locks
After a SST89E/V58RD2/SST89E/V516RD2 interior memory’s memory block is locked by the hardware, has the following security feature:
①The MOVc order must is locking from the presence the area (the exterior procedure space usually is also thought that has not locked) carries out or by the soft encryption Flash space execution, does not allow the visit to protect the Flash block in the hardware the goal address. This may cause the hardware protectorate the code to contact with difficulty, prevents the software by the illegal duplication.
②All exterior main engine pattern and the IAP instruction the Flash block which (except chip-Erase/Prog-SBX) the except operation hardware locks.
③When replacement EA is locked saves, prevents in the code execution to cut and to jump to the exterior procedure space.
2 softwares lock
The software locks allows the Flash content to read under the safe and secure environment and rewriting. Is had the security feature below by the software encryption’s Flash block:
①The MOVC order must is locking from the presence the area (the exterior procedure space usually is also thought that has not locked) carries out, does not allow the visit to lock the Flash block address space in the software. This may cause the hardware protectorate the code to contact with difficulty, prevents the software by the illegal duplication.
②From must locks the IAP instruction which the area produces to forbid.
③Locks the IAP instruction which from the software the area produces to other same security rating or compares the low Flash block is the permission. Locks the IAP instruction which from the hardware the area produces the Flash block visit which locks to another software is also the permission.
④When replacement EA is locked saves, prevents in the code execution to cut and to jump to the exterior procedure space.
3 safe encryption instructions
3.1 safe Canadian mil programming
When the fever writes the safe Canadian mil has 6 to pay attention to the important points:
①SST89E/V58RD2/SSTB9E/V516RD2 encryption by three safe Canadian mil SB1, SB2 and SB3 control.
②3 safe Canadian mils may through the exterior main engine pattern or IAP Prog-SB1, Prog sB2 and Prog-SB3 program rewriting. The safe Canadian mil may change at will, does not use the consideration current security rating.
③Once after some Canadian mil were already compiled, can only cleans all 3 Canadian mil through the exterior main engine pattern or the IAP Chip-Erase order.
④The safe encryption bit status at any time penetrates the special function register SFST[7:5] inquiry.
⑤The safe Canadian mil has 8 kind of combinations, the security rating 3 have two choices, each choice has two kind of combinations. This altogether has 6 kind of different security encryption choice.
⑥6 safe encryption choices divide into 4 different security ratings.
3.2 IAP instruction influence
The IAP instruction to locks the function influence to be as follows safely:
①May visit the low security rating Flash block from the higher security rating execution’s IAP order the content.
②Or does not encrypt from the soft encryption the security rating IAP order to be possible to visit the same rank other Flash block.
③1 or the exterior procedure space carries out the IAP safety instruction from the Flash block not the security rating limit.
④The exterior procedure space carries out IAP entire piece cleaning instruction chipr-Erase not the security rating limit.
4 security ratings
4.1 security ratings 1– do not lock
When the complete 3 Canadian mil has not been burnt writes, is security rating l. This is also carries out the entire piece cleaning instruction chip-Erase default secure state after exterior main engine pattern or IAP. In secure state 1, secure state
Position SFST[7:5] is 000b, the internal Flash block security feature is forbidden, the MOVC instruction and the exterior main engine pattern and the IAP instruction may visit the internal 2 Flash space.
4.2 security ratings 2– prevent the code the misoperation
In the security rating 1, fever writes through the exterior main engine pattern or IAP the Prog-SBI adds mil SB1, other two Canadian mil does not burn writes, may go to the security rating 2. In security rating 2:
①2 Flash blocks softly encrypt.
②Secure state position SFST[7:5] is 100b.
③The exterior main engine pattern and IAP byte checking command Byte_Verifycommand may carry out. Permission in Blockl and Bloclk2 program execution IAP instruction.
④Does not permit from exterior procedure space execution to internal Flash the block MOVC order, but may carry out from BLocK0 either BLocK1 to oneself or other Flash block and the exterior procedure space MOVC order.
4.3 security ratings 3
The security rating 3 are to the code misoperation and the software copyright protection, but the control routine promotes, has included 6 safe encryption choice 3 ranks. In each encryption way, is forbidden from the exterior procedure space execution’s MOVC order, Li when replacement takes a sample and the lock saves, prevents some people and jumps the belt exterior code in the code execution middle cut.
(1)Soft Lock/Soft Lock
This secure state can only 1 instruction fever writes from the security rating through the exterior main engine pattern or IAP the Prog-SB2 adds mil SB2 to obtain, other 2 Canadian mil has not burnt writes. In security rating 3:
①2 Flash blocks encrypt softly.
②Secure state position SFST[7:5] is 010b.
③All main engine pattern order (except chip-Erase and Prog-SBx) is forbidden.
④All BlockO and Block1 the execution IAP order (except lAPchip-Erase) is the permission.
⑤The exterior procedure space execution instruction is forbidden to internal Flash the spatial MOVC, but permits in internal Block0 either the Block1 execution to the internal or the exterior procedure space’s MOVC instruction.
The presence may prevent in the internal Flash block’s procedure code to duplicate, because the outside resources cannot visit the internal code, but 2 block’s codes may in may control in the environment promotes. May promote the Block0 code in the Block1 execution’s code, vice versa. No matter any way, because may rewrite in each BLocK code through IAP, will realize these IAP instruction code existence the possibility which will misuse.
(2)Hard Lock/Soft Lock
This safe encryption choice may from the security rating 1, 2 and 3 promotion comes up. In security rating 3:
①Block1 by hardware encryption, BlockO by software encryption.
②Encryption status byte SFST[7:5] is 001b or 110b.
③All main engine pattern order (except chip-Erase and Prog-SBx) is forbidden.
④Only then Block1 to] BlockO makes the IAP operation. In exterior storage space IAP Chip-Erase may to the internal Flash block operation.
⑤Block0 to Block1 MOVC: The order is forbidden, but Block1 to the BlockO MOVC order is the permission. As a result in the Block1 code by the hardware encryption, cannot rewrite, may prevent the code the misoperation. Because exterior cannot visit, 1 and the Block 0 codes is protected completely in Block, prevents to duplicate. However, the user may also move the Block1 IAP order to realize the code promotion to the BlockO revision. -
|
(3)Hard Lock/Hard Lock
This security rating may from security rating l, 2 and 3 promotion. If the SST89E/V58RD2/SST89E/V516RD2 current condition is the rank 3(ll0b), it can promote condition only then security rating 4 Hard Lock/Hard Lock. In security rating 3:
①2 Flash blocks by hardware encryption.
②Encryption status byte SFST[7:5] is 011b or 101b.
③All main engine pattern order (except chip-Erase and Prog-SBx) is forbidden.
④From the exterior procedure space to internal Flash MOVC, is forbidden, but Block0 either Block1 to interior or exterior MOVC: The instruction is the permission. In this pattern, because all programming and the erase command (except chip-Erase and Prog-SBx) are forbidden, 2 Flash blocks are protected.
5 security ratings 4
The security rating 4 are Hard Lock/Hard the Lock highest encryption rank. It may writes 3 Canadian mil SB1, SB2 and SB3 from any safe establishment through the exterior main engine pattern or the IAP instruction fever. In security rating 4:
①The internal 2 Flash block encrypts hardly.
②Encryption status byte SFST[7:5] is 011b or 101b.
③Exterior main engine pattern’s all orders (except the Chip_Erase order) are forbidden.
④All IAP instruction is forbidden.
⑤Instruction is forbidden from the exterior procedure space to internal Flash the block MOVC, but may carry out from BLockO and the Block1 execution to internal Flash and the exterior storage space.
⑥Does not allow to carry out the exterior procedure code, no matter EA is 1 or 0, only if the code adjusts the address code which the inner space does not exist (to SST89E/V58RD2, from 8000H to DFFFH).
Because forbids internal Flash to clean and the programming, moreover the internal code cannot visit, in this encryption condition, the internal code may prevent to rewrite by mistake or the duplication. Moreover, MCU only might start by now from the internal Flash space user code to start.
