Data Scrambling Feature in C868P Microcontroller

Application Note, V 0.1, July 2003
AP08009
C868P
Data Scrambling Feature in
C868P Microcontroller
Microcontrollers
N e v e r
s t o p
t h i n k i n g .
Edition 2003-07-01
Published by
Infineon Technologies AG
81726 München, Germany
© Infineon Technologies AG 2006.
All Rights Reserved.
LEGAL DISCLAIMER
THE INFORMATION GIVEN IN THIS APPLICATION NOTE IS GIVEN AS A HINT FOR THE
IMPLEMENTATION OF THE INFINEON TECHNOLOGIES COMPONENT ONLY AND SHALL NOT BE
REGARDED AS ANY DESCRIPTION OR WARRANTY OF A CERTAIN FUNCTIONALITY, CONDITION OR
QUALITY OF THE INFINEON TECHNOLOGIES COMPONENT. THE RECIPIENT OF THIS APPLICATION
NOTE MUST VERIFY ANY FUNCTION DESCRIBED HEREIN IN THE REAL APPLICATION. INFINEON
TECHNOLOGIES HEREBY DISCLAIMS ANY AND ALL WARRANTIES AND LIABILITIES OF ANY KIND
(INCLUDING WITHOUT LIMITATION WARRANTIES OF NON-INFRINGEMENT OF INTELLECTUAL
PROPERTY RIGHTS OF ANY THIRD PARTY) WITH RESPECT TO ANY AND ALL INFORMATION GIVEN
IN THIS APPLICATION NOTE.
Information
For further information on technology, delivery terms and conditions and prices please contact your nearest
Infineon Technologies Office (www.infineon.com).
Warnings
Due to technical requirements components may contain dangerous substances. For information on the types
in question please contact your nearest Infineon Technologies Office.
Infineon Technologies Components may only be used in life-support devices or systems with the express
written approval of Infineon Technologies, if a failure of such components can reasonably be expected to
cause the failure of that life-support device or system, or to affect the safety or effectiveness of that device or
system. Life support devices or systems are intended to be implanted in the human body, or to support
and/or maintain and sustain and/or protect human life. If they fail, it is reasonable to assume that the health
of the user or other persons may be endangered.
C868P
Revision History:
2003-07
Previous Version:
-
Page
V 0.1
Subjects (major changes since last revision)
Controller Area Network (CAN): License of Robert Bosch GmbH
We Listen to Your Comments
Any information within this document that you feel is wrong, unclear or missing at all?
Your feedback will help us to continuously improve the quality of this document.
Please send your proposal (including a reference to this document) to:
[email protected]
AP08009
Data Scrambling Feature in C868P Microcontroller
Table of Content
Page
1
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
2
2.1
2.2
Hardware Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Type of EEPROM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Hardware Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
3
3.1
3.1.1
3.1.2
3.2
3.3
Data Scrambling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Customer Specific Tool DataScrambler . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Inputs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
4
4.1
4.2
Functional Description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Checksum Test. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Limitations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
5
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
List of Figures
Figure 1
Figure 2
Page
Three-wire connection to SPI EEPROM. . . . . . . . . . . . . . . . . . . . . . . . . .5
Data Scrambling Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Application Note
3
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Introduction
1
Introduction
The C868P microcontroller offers the feature of Data Scrambling which provides code
protection for external EEPROM. The customer’s original hex code can be scrambled
using a dedicated key and PC tools provided by Infineon Technologies. The scrambled
code is then burned into the EEPROM. The C868P microcontroller, interfacing with the
external EEPROM, will then unscrambled the EEPROM code, load the descrambled
code (customer’s original hex code) to SRAM and finally run from SRAM.
This application note briefly describes the hardware interface of the EEPROM with the
C868P microcontroller and the EEPROM functions implemented by the C868P
bootstrap loader. At the later section, Data Scrambling features, tool, requirements,
procedures, functions, checksum test and limitations are elaborated.
Application Note
4
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Hardware Interface
2
Hardware Interface
2.1
Type of EEPROM
The type of external EEPROM supported is SPI serial EEPROM. Serial EEPROM
devices offer significant advantages over parallel devices in applications where lower
data transfer rates are acceptable. They also require less board space and allow
microcontroller I/O pins to be conserved. This is valuable to the low pin count C868P
microcontroller. Furthermore, SPI specification is easy to be implemented in software.
Additionally, please note that only EEPROM in 32-byte page mode is supported. There
is no limitation on the size of the EEPROM. However, as the SRAM size is 8Kbyte, It is
suggested to use EEPROM (≥8Kbyte) so that all SRAM content can be loaded to
EEPROM.
2.2
Hardware Configuration
The SPI EEPROM is connected to the C868P microcontroller in three-wire configuration
as shown in Fig.1. In this configuration, the SPI EEPROM serial data in (SI) and serial
data out (SO) are both connected to the same C868P I/O pin, thereby saving a pin. This
is possible because the C868P I/O pins can be dynamically reprogrammed as input or
output.
V DDP
EEPROM
1
7
CS
P1.3
HOLD
6
P1.1
3
WP
SCK
5
P1.2
8
SI
VCC
SO
GND
2
4
240R
V SSP
Figure 1
Three-wire connection to SPI EEPROM
Application Note
5
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Data Scrambling
3
Data Scrambling
3.1
Customer Specific Tool DataScrambler
Key
DataSPage
Data
Scrambler
SHEX-File
HEX-File
By IFX,
customerspecific
By customer
Figure 2
Data Scrambling Flow
DataScrambler (GUI version)
• DataScrambler (DataScramble.exe) is a dialog based application, which acts as a
user friendly front end for Data Scrambling
(Windows->Start->Programs->C868DataScrambler->DataScrambler)
• It can run on Win95/98/2000 and Win NT(4.0) (Intel processors)
• Three parameters: Key, DataSPage and HexFile.hex
• Generate scrambled SHexFile.hex (in C:\Temp)
DataScrambler (Command prompt)
• DataScrambler (DS.exe) is an executable file which can run on DOS-prompt.
(Windows->Start->Programs->MS-DOS Prompt) on Win98;
(Windows->Start->Programs->Accessories->Command Prompt) on Win2000
• Three parameters: Key, DataSPage and HexFile.hex
• Generate scrambled SHexFile.hex (in current directory)
The invocation of DataScrambler is done on DOS-prompt as in the following example:
DS
DS
Key DataSPage HEX-File
D5000084C1485350 A3 testhex.hex
Application Note
6
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Data Scrambling
3.1.1
Inputs
Key
DataSPage
HexFile.hex
[8-byte Key provided by Infineon Technologies]
[Starting page of data in EEPROM of SHEX-file]
[Input HEX-file for scrambling]
Key
The 8-byte Key is unique to each customer and project. It is provided to customer on
request by Infineon Technologies.
DataSPage
DataSPage (one byte) ranges from 0x01 to 0xFF. It is the starting page number of data
in EEPROM where the data portion of input HEX-file will not be scrambled. The customer
should ensure that the data in the input HEX-file starts from the address:
Starting address of data (in input HEX-file) = 3210*DataSPage -1010
For example:
When DataSPage is 0xF8, the start address should be 3210*24810 -1010=792610
Therefore the data in the input HEX-file should start from address 0x1EF6.
HexFile.hex
The purpose of Data Scrambling is to offer code protection for customer’s code. Thus for
enhanced security measure, customer is encouraged to fill the GAPs in the input
HEX-file with random code if the GAPs are large.
3.1.2
Output
The scrambled SHEX-file (SHexFile.hex) is generated based on the Key and
DataSPage values entered by customer. This SHEX-file contains:
•
•
•
•
Scrambler header
Scrambled code
Unscrambled data
End of file record
Note: DataScrambler is capable of generating 8Kbyte of SHEX-file. In addition to the 10byte scrambler header, the input HEX-file should not be more than (8K-10)byte,
otherwise error message will be generated when executing the DataScrambler.
Application Note
7
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Data Scrambling
3.2
•
•
•
•
Requirements
DataScrambler Setup <ap0800901_DataScrambling_C868P.exe>
The 8-byte Key
SPI EEPROM
Customer’s Hex code
3.3
Procedure
Step 1: Unzip the ap0800901_DataScrambling_C868P.exe file and double click on the
setup.exe to install the DataScrambler.
– If path is not amended, the DataScramble.exe and DS.exe should be installed in
C:\Program Files\C868 DataScrambler\DataScrambler
Step 2: To execute Data Scrambler GUI version1), double click on DataScramble.exe
found in the mentioned directory.
– A dialog based application will popped up.
Step 3: Enter the 8-byte Key and the DataSPage.
Step 4: Choose the input HEX-file for data scrambling and the resultant SHEX-file.
Step 5: Click on Scramble button.
– SHEX-file (SHexFile.hex) will be generated at the chosen directory.
Step 6: Load/program this SHEX-file into the external EEPROM.
Step 7: Connect this EEPROM to C868P microcontroller as described in Section 2.2.
– You are ready!
When power supply is switched on, the C868P will access the EEPROM directly. When
0D5H is detected, the C868P will undergo descrambling routine and load the
descrambled code into SRAM. Finally it will jump to the beginning of SRAM and execute
the instructions.
1)
For Command Prompt version of DataScrambler, copy the DS.exe into other directory, C:\DataS for example.
Open a MS-DOS console window and enter C:\DataS . To execute the DataScrambler, type DS followed by
three command line parameters: 8-byte Key, DataSPage and the input HEX-file (with full path if it is not in the
current directory). The output SHEX-file will then be generated in the current directory.
Application Note
8
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Functional Description
4
Functional Description
After boot-up from bootrom, the C868P microcontroller will access the EEPROM directly.
It will try to read the first byte (Password) of the EEPROM. There are three different
scenarios:
If the Password is 0A5H, the C868P will directly load program from the EEPROM to
SRAM and then execute from SRAM after loading is completed. The (re)programming
of this EEPROM can be found in application note ap08006. The C868P will always load
8Kbytes of code.
If the Password is 0D5H, the C868P will identify EEPROM as a scrambled code and
unscrambled the EEPROM code. It will then load the descrambled code (customer’s
original hex code) to SRAM and finally run from SRAM. The C868P will always load
8Kbytes of code.
If the Password is neither 0A5H nor 0D5H, the C868P will enter a state where the
content of the SRAM are cleared. This is for security purpose.
4.1
Checksum Test
The one-byte Checksum is obtained by XOR-ing all of the customer’s original code
(excluding the data). It is generated by DataScrambler and included in the output SHEXfile.
While descrambling and downloading the program from the EEPROM, the bootrom will
XOR the code and calculate the checksum. If the checksum is correct (the calculated
checksum tallies with the Checksum value obtained in the EEPROM), the C868P will
continue to download the remaining data from EEPROM to the SRAM.
If the checksum is incorrect (the calculated checksum does not tally with the Checksum
value obtained in the EEPROM), the C868P will attempt to re-access the EEPROM from
the beginning. If the checksum remains incorrect after 10 attempts, the C868P will enter
a state where the content of the SRAM are cleared.
Application Note
9
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Functional Description
4.2
Limitations
1. No UART bootup is allowed to prevent SRAM content being read out. i.e. the minidebugger cannot be connected in the C868P microcontroller.
2. Scrambled code will have to be programmed/loaded into EEPROM using other means
like Programmer or normal C868 microcontroller.
3. Only loading to SRAM is supported.
Application Note
10
V 0.1, 2003-07
AP08009
Data Scrambling Feature in C868P Microcontroller
Glossary
5
Glossary
SRAM
On-chip ram mapped at address 0000H to 1FFFH
SPI
Serial Peripheral Interface
UART
Full-Duplex Serial Interface
DS
DataScrambler
GUI
Graphical User Interface
Application Note
11
V 0.1, 2003-07
Infineon goes for Business Excellence
“Business excellence means intelligent approaches and clearly
defined processes, which are both constantly under review and
ultimately lead to good operating results.
Better operating results and business excellence mean less
idleness and wastefulness for all of us, more professional
success, more accurate information, a better overview and,
thereby, less frustration and more satisfaction.”
Dr. Ulrich Schumacher
http://www.infineon.com
Published by Infineon Technologies AG