1. Features • • • • • • • • One 128 x 8 (1K bit) Configuration Zone Eight 256 x 8 (16K bits) User Zones Low Voltage Operation: 2.7V to 5.5V Two-wire Serial Interface 16-byte Page Write Mode Self-timed Write Cycle (10 ms max) Answer-to-Reset Register High Security Memory Including Anti-wiretapping – 64-bit Authentication Protocol (under exclusive patent license from ELVA) – Authentication Attempts Counter – Eight Sets of Two 24-bit Passwords – Specific Passwords for Read and Write – Sixteen Password Attempts Counters – Selectable Access Rights by Zone • ISO Compliant Packaging • High Reliability – Endurance: 100,000 Cycles – Data Retention: 100 Years – ESD Protection: 4,000V (min) • Low-power CMOS Table 1-1. 8 x 256 x 8 Secure Memory with Authentication AT88SC1608 Pin Configuration Name Description ISO Module Contact Standard Package Pin VCC Supply Voltage C1 8 GND Ground C5 1 SCL Serial Clock Input C3 6 SDA Serial Data Input/Output C7 3 RST Reset Input C2 7 Card Module Contact8-pin SOIC or PDIP VCC NC GND NC SDA NC 1 2 3 4 8 7 6 5 VCC RST SCL NC 2. Description The AT88SC1608 provides 17,408 bits of serial EEPROM memory organized as one configuration zone of 128 bytes and eight user zones of 256 bytes each. This device is optimized as a “secure memory” for the smart card market, secure identification for electronic data transfer, or components in a system, without the requirement of an internal microprocessor. 0971H–SMEM–6/08 The embedded authentication protocol allows the memory and the host to authenticate each other. When this device is used with a host which incorporates a microcontroller (e.g., AT89C51, AT89C2051, AT90S1200), the system provides an “anti-wiretapping” configuration. The device and the host exchange “challenges” issued from a random generator and verify their values through a specific cryptographic function included in each part. When both agree on the same result, the access to the memory is permitted. Figure 2-1. Security Methodology Device Card Number Verify A COMPUTE Challenge B Challenge B Host (Reader) COMPUTE Challenge A Challenge A VERIFY B VERIFY (RPW) DATA Read Password (RPW) VERIFY (WPW) Write 0 or 1 Write Password (WPW) DATA 3. Memory Access Depending on the device configuration, the host might carry out the authentication protocol and/or present different passwords for each operation, read or write. Each user zone may be configured for free access for read and write or for password-restricted access. To insure security between the different user zones (multiapplication card), each zone can use a different set of passwords. A specific AAC for each password and for the authentication provides protection against “systematic attacks.” When the memory is unlocked, the two-wire serial protocol is effective, using SDA and SCL. The memory includes a specific register providing a 32-bit data stream conforming to the ISO 7816-10 synchronous answer-to-reset. 2 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 Figure 3-1. VCC GND Block Diagram Power Mgt. Authentication Unit Random Generator Data Transfer SCL SDA ISO Interface RST Password Verification EEPROM Answer To Reset 4. Pin Descriptions 4.1 Supply Voltage (VCC) The VCC input is a 2.7V-to-5.5V positive voltage, supplied by the host. 4.2 Serial Clock (SCL) The SCL input is used to positive edge clock data into the device and negative edge clock data out of the device. 4.3 Serial Data (SDA) The SDA pin is bidirectional for serial data transfer. This pin is open-drain driven and may be wire-ORed with any number of other open drain or open collector devices. An external pull-up resistor should be connected between SDA and VCC. The value of this resistor and the system capacitance loading the SDA bus will determine the rise time of SDA. This rise time will determine the maximum frequency during read operations. Low value pull-up resistors will allow higher frequency operations while drawing higher average power supply current. 4.4 Reset (RST) When the RST input is pulsed high, the device will output the data programmed into the 32-bit answer-to-reset register. All password and authentication access will be reset. Following a reset, device authentication and password verification sequences must be presented to re-establish user access. 3 0971H–SMEM–6/08 5. Memory Mapping The first 16K bits of the memory are divided into eight user zones of 256 bytes each. Table 5-1. Zone Memory Map $0 $1 $2 $3 $4 $5 $6 $7 $000 256 bytes - User 0 $0F8 $000 User 1 User 6 $0F8 $000 256 bytes - User 7 $0F8 Note: “$” = hexadecimal value The last 1K bit of the memory is a configuration zone with specific system data, access rights, and read/write commands; it is divided into six subzones. 4 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 Table 5-2. Configuration Zone Configuration $0 $1 $2 $3 $4 $5 Answer-to-Reset $6 $7 Lot History Code $00 Card Manufacturer Code $08 Fabrication Fab Code AR0 Reserved AR1 AR2 AR3 AR4 AR5 AR6 AR7 $10 Access Reserved for Future Use AAC $18 Identification Number (Nc) $20 Authentication Cryptogram (Ci) $28 Secret Secret Seed (Gc) $30 Test Reserved for Memory Test $38 Passwords Note: PAC Write 0 PAC Read 0 $40 PAC Write 1 PAC Read 1 $48 PAC Write 2 PAC Read 2 $50 PAC Write 3 PAC Read 3 $58 PAC Write 4 PAC Read 4 $60 PAC Write 5 PAC Read 5 $68 PAC Write 6 PAC Read 6 $70 PAC Secure Code/Write 7 PAC Read 7 $78 AAC: Authentication Attempts Counter PAC: Password Attempts Counter AR0−7: Access Register for User Zone 0 to 7 5 0971H–SMEM–6/08 6. Fuses FAB, CMA, and PER are nonvolatile fuses blown at the end of each card life step. Once blown, these EEPROM fuses can not be reset. • The FAB fuse is blown by Atmel prior to shipping wafers to the card manufacturer. • The CMA fuse is blown by the card manufacturer prior to shipping cards to the issuer. • The PER fuse is blown by the issuer prior to shipping cards to the end user. The fuses are read and written in the configuration zone using the address $80. Table 6-1. Fuse Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 0 0 0 0 0 PER CMA FAB $80 When the fuses are all “1”s, read and write are allowed in the entire memory. Before blowing the FAB fuse, Atmel writes the entire memory to “1”, except the fabrication subzone and the secure code. Figure 6-1. Zone Access Rights Access FAB = 0 CMA = 0 PER = 0 Fabrication (Except CMC) Read Free Free Free Write Forbidden Forbidden Forbidden Fabrication (Only CMC) Read Free Free Free Write Secure Code Forbidden Forbidden Read Free Free Free Write Secure Code Secure Code Forbidden Read Free Free Free Write Secure Code Secure Code Forbidden Read Secure Code Secure Code Forbidden Write Secure Code Secure Code Forbidden Read Free Free Free Write Free Free Free Read Secure Code Secure Code Write PW Write Secure Code Secure Code Write PW Read Free Free Free Write Secure Code Secure Code Write PW Read AR AR AR Write AR AR AR Access Authentication Secret Test Passwords PAC User Zones Note: 6 CMC = Card Manufacturer Code AR = Access Rights as defined by the access register PW = Password AT88SC1608 0971H–SMEM–6/08 AT88SC1608 7. Configuration Zone • Answer-to-reset: 32-bit register defined by Atmel • Lot History Code: 32-bit register defined by Atmel • Fab Code: 16-bit register defined by Atmel • Card Manufacturer Code: 32-bit register defined by the card manufacturer • Access Registers Eight 8-bit access registers defined by the issuer (enable if “0”). The access register for each user zone will specify the privileges and requirements for access to that zone. Table 7-1. • Access Registers Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 WPE RPE ATE PW2 PW1 PW0 MDF PGO Write Password Enable (WPE) If enabled (WPE = “0”), the user is required to verify the write password to allow write operations in the user zone. If disabled (WPE = “1”), all write operations are allowed within the zone. Verification of the write password also allows the read and write passwords to be changed. During personalization (PER = “1”) the WPE bit is forced active even if set to “1”. This forces the issuer to verify the write password in order to write data to the user zone. This allows the security code (Write 7 password) to lock write functions during transportation. • Read Password Enable (RPE) If enabled (RPE = “0”), the user is required to verify either the read password or write password to allow read operations in the user zone. Read operations initiated without a verified password will return the status of the fuse bits ($00). Verification of the write password will always allow read access to the zone. RPE = “0” and WPE = “1” is allowed but is not recommended. • Authentication Enable (ATE) If enabled (ATE = “0”), a valid authentication sequence must be completed before access is allowed to the user zone. If disabled (ATE = “1”), authentication is not required for access. • Password Set Select (PW2, PW1, PW0) These three bits define which of the eight password sets must be presented to allow access to the user zone. Each access register may point to a unique password set, or access registers for multiple zones may point to the same password set. In this case, verification of a single password will open several zones, combining the zones into a single larger zone. • Modify Forbidden (MDF) If enabled (MDF = “0”), no write access is allowed in the zone at any time. • Program Only (PGO) If enabled (PGO = “0”), data within the zone may be changed from “1” to “0” but never from “0” to “1”. 7.1 Identification Number (Nc) An identification number with up to 56 bits is defined by the issuer and should be unique for each card. 7 0971H–SMEM–6/08 7.2 Cryptogram (Ci) The 64-bit cryptogram is generated by the internal random generator and modified after each successful verification of the cryptogram by the chip, on host request. The initial value, defined by the issuer, is diversified as a function of the identification number. 7.3 Secret Seed (Gc) The 64-bit secret seed, defined by the issuer, is diversified as a function of the identification number. 7.4 Memory Test Zone The memory test zone is a 64-bit free access zone for memory test. 7.5 Password Sets The password sets are eight sets of two 24-bit passwords for read and write operations, defined by the issuer. The write password allows the user to modify the read and write passwords of the same set. By default, the eighth set of passwords (Write 7/Read 7) is active for all user zones. • Secure Code A 24-bit password, defined by Atmel, that is different for each card manufacturer. The Write Password 7 is used as the secure code until the personalization is over (PER = 0). • Attempts Counters There are 16 8-bit password attempts counters (PACs), one for each password, and one other 8-bit attempts counter for the authentication protocol (AAC). The attempts counters limit the number of consecutive incorrect code presentations allowed (currently eight). 8. User Zones These zones are dedicated to user data. The access rights of each zone are programmable separately via the access registers. If several zones share the same password set, the set will be entered only once (after the part is powered up). Therefore, several zones can be combined into one larger zone. The user zone address should be changed each time a new zone is being reached. 9. Security Operations 9.1 Password Verification Compare the operation password presented with the stored one and write a new bit in the corresponding attempts counter for each wrong attempt. A valid attempt before the limit erases the attempts counter, and allows the operation to be carried out as long as the chip is powered. Only one password is active at a time. When a new password is presented, access privileges defined by the previous password become invalid. If the trials limit has been reached (i.e., the 8 bits of the attempts counter have been written), the password verification process will not be taken into account. 9.2 Authentication Protocol The access to a user zone may be protected by an authentication protocol in addition to password-dependent rights. 8 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 The authentication success is memorized and active as long as the chip is powered, unless a new authentication is initialized or RST becomes active. If the new authentication request is not validated, the card has lost its previous authentication and it should be presented again. Only the last request is memorized. The authentication verification protocol requires the host to perform an Initialize Authentication command, followed by a Verify Authentication command. The password and authentication may be presented at any time and in any order. If the trials limit has been reached, i.e., the 8 bits of the attempts counter have been written, the password verification or authentication process will not be taken into account. 10. Command Definitions and Protocols The communications protocol is based on the popular two-wire serial interface. Note that the most significant bit is transmitted first. Table 10-1. Device Commands Command Description 10.1 Code HEX Chip Select Instruction b7 b6 b5 b4 b3 b2 b1 b0 Write User Zone $B0 1 0 1 1 0 0 0 0 Read User Zone $B1 1 0 1 1 0 0 0 1 Write Configuration Zone $B4 1 0 1 1 0 1 0 0 Read Configuration Zone $B5 1 0 1 1 0 1 0 1 Set User Zone Address $B2 1 0 1 1 0 0 1 0 Verify Password $B3 1 0 1 1 0 0 1 1 Initialize Authentication $B6 1 0 1 1 0 1 1 0 Verify Authentication $B7 1 0 1 1 0 1 1 1 Set User Zone Address Figure 10-1. Set User Zone Address S T A R T Command Fuses Index * * * * * A C K Note: S T O P A10 A9 A8 A C K * = Don’t care bit At power-on, no access to the user zones is allowed until the Set User Zone Address command occurs. This command sets the three most significant bits of the byte address, corresponding to the user zone address. This address stays valid until the host sends a new one and as long as the chip is powered. 9 0971H–SMEM–6/08 10.2 Read Zone Figure 10-2. Read Zone S T A R T Command Byte Add (n) A7 0 – Data (n) A0 A C K Note: A C K D7 – Data (n+x) D7 D0 N A C K S T O P D0 – A C K z = 0: Read user zone z = 1: Read configuration zone The data byte address is internally incremented following the transmission of each data byte. As long as the AT88SC1608 receives an acknowledge from the host, it will continue to increment the data byte address and serially clock out sequential data bytes. During a read operation, the address will “roll over” from the last byte of the current zone to the first byte of the same zone. If the host is not allowed to read at the specified address, the device will transmit the data byte with all bits equal to “0”. 10.3 Write Zone Figure 10-3. Write Zone S T A R T Command Byte Add (n) A7 10110z00 – A C K Note: Data (n+x) Data (n) A0 D7 A C K – S T O P D7 D0 A C K – D0 A C K z = 0: Write user zone z = 1: Write configuration zone The lower four bits of the data byte address are internally incremented following the receipt of each data byte. The higher data byte address bits are not incremented, retaining the 16-byte write-page address. Each data byte within a page must only be loaded once. Once a stop condition is issued to indicate the end of the host’s write command, the device initiates the internally timed nonvolatile write cycle. An ACK polling sequence can be initiated immediately. After a write command, if the host is not allowed to write to some address locations, a nonvolatile write cycle will still be initiated. However, the device will only modify data at the allowed addresses. 10 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 10.4 Read Fuses Figure 10-4. Read Fuses S T A R T Command Fuses Add 10110101 10000000 A C K Note: N A C K S T O P 0 0 0 0 0 F2 F1 F0 A C K Fx = 1: fuse is not blown Fx = 0: fuse is blown The read fuses operation is always allowed. The device only transmits one data byte and waits for a new command. 10.5 Write Fuses Figure 10-5. Write Fuses S T A R T Command S T O P Fuses Add 1 0 0 0 0 0 0 0 1 0 1 1 0 1 0 0 A C K A C K The write fuses operation is only allowed under secure code control and no data byte is transmitted by the host. The fuses are blown sequentially: CMA is blown if FAB is equal to “0”, and PER is blown if CMA is equal to “0”. If the fuses are all “0”s, the operation is canceled and the device waits for a new command. Once a stop condition is issued to indicate the end of the host’s write operation, the device initiates the internal nonvolatile write cycle. An ACK polling sequence can be initiated immediately. Once blown, these fuses cannot be reset. 10.6 Answer-to-reset If RST is high during SCL clock pulse, the reset operation occurs according to the ISO 7816-10 synchronous answer-to-reset. The four bytes of the answer-to-reset register are transmitted least significant bit (LSB) first on the 32 clock pulses provided on SCL. Following a RST assertion, all password and authentication access privileges are reset. The values programmed by Atmel are shown in Figure 10-6 below. 11 0971H–SMEM–6/08 Figure 10-6. Answer-to-reset R E S E T $AA $2C 0 0 1 1 0 1 0 0 0 1 0 1 0 1 0 1 D0 10.7 D7 D8 – $A0 $55 1 0 1 0 1 0 1 0 0 0 0 0 0 1 0 1 D15 D16 – D23 D24 – D31 – Verify Password Figure 10-7. Verify Password S T A R T Index Command Pw(0) * * * * r p2 p1 p0 1 0 1 1 0 1 0 0 – D7 Pw(1) D0 A C K A C K D15 – S T O P Pw(2) – D23 D8 D16 A C K A C K A C K 1. Pw: Password, 3 bytes 2. The four bits “rppp” indicate the password to compare: r = 0: Write password r = 1: Read password ppp: Password set number (rppp = 0111 for the secure code) Once the sequence is completed and a stop condition is issued, there is a nonvolatile write cycle to update the associated attempts counter. In order to know whether or not the inserted password was correct, the device requires the host to perform an ACK polling sequence with the specific device address of $B5. When the write cycle has been completed, the ACK polling command ($B5, Read Configuration Zone) will return a valid ACK. This command should be followed by the byte address of the respective PAC. If the password presented is valid, the PAC will be set to $FF. If the password was not valid, the PAC will have one additional bit written to “0”. 10.8 Initialize Authentication Figure 10-8. Initialize Authentication S T A R T Q0(0) Command D7 1 0 1 1 0 1 1 0 – Q0(1) D0 A C K Note: 12 D15 A C K – S T O P Q0(7) D8 ... A C K D63 – D56 A C K Q0: Host random number, 8 bytes AT88SC1608 0971H–SMEM–6/08 AT88SC1608 The initialize authentication command sets up the random generator with the cryptogram (Ci), the secret seed (Gc), and the host random number (Q0). Once the sequence is completed and a stop condition is issued, there is a nonvolatile write cycle to write a new bit of the 8-bit AAC to “0”. In order to complete the authentication protocol, the device requires the host to perform an ACK polling sequence with the specific device address of $B7, corresponding to the verify authentication command. 10.9 Verify Authentication Figure 10-9. Verify Authentication S T A R T Q1(0) Command D7 1 0 1 1 0 1 1 0 A C K Note: – Q1(1) D0 D15 A C K – S T O P Q1(7) D8 ... A C K D63 – D56 A C K Q1: Host challenge, 8 bytes If Q1 is equal to Ci + 1, then the device writes Ci + 2 in memory in place of Ci; this must be preceded by the initialize authentication command. Once the sequence is completed and a stop condition is issued, there is a nonvolatile write cycle to update the associated attempts counter. In order to know whether or not the authentication was correct, the device requires the host to perform an ACK polling sequence with the specific device address of $B5 to read the AAC in the configuration zone. A valid authentication will result in the AAC cleared to $FF. An invalid authentication attempt will initiate a nonvolatile write cycle, but no clear operation will be performed on the AAC. 11. Device Operation 11.1 Clock and Data Transitions The SDA pin is normally pulled high with an external device. Data on the SDA pin may change only during SCL-low time periods (see Figure 11-2). Data changes during SCL-high time periods will indicate a start or stop condition as defined below. 11.2 Start Condition A high-to-low transition of SDA with SCL high is a start condition which must precede any other command (see Figure 11-1). 11.3 Stop Condition A low-to-high transition of SDA with SCL high is a stop condition. After a read sequence, the stop command will place the device in a standby power mode (see Figure 11-1). 13 0971H–SMEM–6/08 11.4 Acknowledge All addresses and data are serially transmitted to and from the device in 8-bit words. The device sends a zero to acknowledge that it has received each byte. This happens during the ninth clock cycle. During read operations, the host must pull the SDA line low during the ninth clock cycle to acknowledge that it has received the data byte. Failure to transmit this ACK bit will terminate the read operation. 11.5 Standby Mode The AT88SC1608 features a low-power standby mode that is enabled upon power-up and after the receipt of the stop bit and the completion of any internal operations. 11.6 Acknowledge Polling Once the internally-timed write cycle has started and the device inputs are disabled, acknowledge polling can be initiated. This involves sending a start condition followed by the device address representative of the operation desired. Only if the internal write cycle has completed will the device respond with a “0”, allowing the sequence to continue. Figure 11-1. Start and Stop Definition Note: The SCL input should be low when the device is idle. Therefore, SCL is low before a start condition and after a stop condition. Figure 11-2. Data Validity SDA SCL DATA STABLE DATA STABLE DATA CHANGE 14 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 Figure 11-3. Output Acknowledge 1 SCL 8 9 DATA IN DATA OUT START ACKNOWLEDGE 12. Absolute Maximum Ratings Operating Temperature . . . . . . . . . . . . . 0°C to +70°C Storage Temperature . . . . . . . . . . . . . . .−65°C to +150°C Voltage on Any Pin with Respect to Ground . . . . . . . . . . . . . . . . . . . . . −0.7V to VCC + 0.7V Maximum Operating Voltage . . . . . . . . . . . . . . . . . .6.25V Note: Stresses beyond those listed under “Absolute Maximum Ratings” may cause permanent damage to the device. This is a stress rating only; functional operation of the device at these or any other conditions beyond those indicated in the operational sections of this specification is not implied. Exposure to absolute maximum rating conditions for extended periods may affect device reliability. DC Output Current . . . . . . . . . . . . . . . . . . . . . . . 5.0 mA 15 0971H–SMEM–6/08 13. DC Characteristics Table 13-1. DC Characteristics Applicable over recommended operating range from: VCC = +2.7V to 5.5V, TAC = 0°C to +70°C. (unless otherwise noted). Symbol Parameter Max Units VCC(1) Supply Voltage 5.5 V ICC Supply Current VCC = 5.0V Read at 1 MHz 5.0 mA Supply Current VCC = 5.0V Write at 1 MHz 5.0 mA Standby Current VCC = 2.7V VIN = VCC or GND 1.0 µA ISB2 Standby Current VCC = 5.0V VIN = VCC or GND 20.0 µA ILI Input Leakage Current VIN = VCC or GND 1.0 µA ILI RST Input Leakage Current VIN = VCC or GND 20.0 µA ILO Output Leakage Current VOUT = VCC or GND 1.0 µA VIL Input Low Level (2) −0.3 VCC x 0.3 V VCC x 0.7 VCC + 0.5 V 0.4 V ICC ISB1 (1) Test Condition Typ 2.7 (2) VIH Input High Level VOL2 Output Low Level VCC = 2.7V Notes: Min IOL = 2.1 mA 1. This parameter is preliminary; Atmel may change the specifications upon further characterization. 2. VIL min and VIH max are reference only and are not tested. 16 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 14. Power Management If VCC falls below 1.9V, the chip stops working until it rises above 2.7V. 14.1 AC Characteristics Table 14-1. AC Characteristics(1) 5.0-volt Symbol Parameter Min Max Units fSCL Clock Frequency, SCL 1.0 MHz tLOW Clock Pulse Width Low 400 ns tHIGH Clock Pulse Width High 400 ns tAA Clock Low to Data Out Valid tHD.STA Start Hold Time 200 ns tSU.STA Start Set-up Time 200 ns tHD.DAT Data In Hold Time 10 ns tSU.DAT Data In Set-up Time 100 ns tR Inputs Rise Time (2) 550 (2) ns 100 ns 30 ns tF Inputs Fall Time tSU.STO Stop Set-up Time 200 ns tDH Data Out Hold Time 20 ns tWR Write Cycle Time tRST Reset Width High 600 ns tSU.RST Reset Set-up Time 50 ns tHD.RST Reset Hold Time 50 ns tVCC-RST Note: 10 Power-on Reset Time 2.0 ms ms 1. Applicable over recommended operating range from TAC = 0°C to +70°C, VCC = +2.7V to +5.5V, CL = 1 TTL Gate and 100 pF (unless otherwise noted) 2. This parameter is characterized and is not 100% tested. 14.2 Pin Capacitance Table 14-2. Pin Capacitance(1) Symbol Test Condition CI/O CIN Notes: Max Units Conditions Input/Output Capacitance (SDA)(2) 8 pF VI/O = 0V Input Capacitance (RST, SCL)(2) 6 pF VIN = 0V 1. Applicable over recommended operating conditions TAC = 25°C, f = 1.0 MHz, VCC = +2.7V 2. This parameter is characterized and is not 100% tested. 17 0971H–SMEM–6/08 15. Timing Diagrams Figure 15-1. Bus Timing Note: SCL: Serial Clock; SDA: Serial Data I/O Figure 15-2. Synchronous Answer-to-reset Timing tRST RST tAA SDA DO tSU.RST tHD.RST D1 D2 tAA SCL tHIGH tLOW 18 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 Figure 15-3. Write Cycle Timing 8th BIT ACK WORDn t WR STOP CONDITION Note: START CONDITION The write cycle Time tWR is the time from valid stop condition of a write sequence to the end of the internal clear/write cycle. SCL: Serial Clock SDA: Serial Data I/O 16. Ordering Information Ordering Code Package Voltage Range Temperature Range AT88SC1608-09ET-00 M2 – E Module 2.7V–5.5V Commerical (0°C–70°C) AT88SC1608-09PT-00 M2 – P Module 2.7V–5.5V Commerical (0°C–70°C) AT88SC1608-10PU-00 8P3 2.7V–5.5V Industrial (−40°C–85°C) AT88SC1608-10SU-00 8S1 2.7V–5.5V Industrial (−40°C–85°C) AT88SC1608-10WU-00 7 mil Wafer 2.7V–5.5V Industrial (−40°C–85°C) Package Type(1) Description M4 – E Module M4 ISO 7816 Smart Card Module M4 – P Module M4 ISO 7816 Smart Card Module with Atmel Logo 8S1 8-lead, 0.150” Wide, Plastic Gull Wing Small Outline Package (JEDEC SOIC) 8P3 8-lead, 0.300” Wide, Plastic Dual Inline Package (PDIP) Notes: 1. Formal drawings may be obtained from an Atmel sales office. 19 0971H–SMEM–6/08 17. Smart Card Modules Ordering Code: 09ET-00 Module Size: M2 Dimension*: 12.6 x 11.4 [mm] Glob Top: Round: ∅ 8.0 [mm] max Thickness: 0.58 [mm] max Pitch: 14.25 [mm] Ordering Code: 09PT-00 Module Size: M2 Dimension*: 12.6 x 11.4 [mm] Glob Top: Square: 8.8 x 8.8 [mm] Thickness: 0.58 [mm] Pitch: 14.25 [mm] *Note: The module dimensions listed refer to the dimensions of the exposed metal contact area. The actual dimensions of the module after excise or punching from the carrier tape are generally 0.4 mm greater in both directions (i.e., a punched M2 module will yield 13.0 x 11.8 mm). 20 AT88SC1608 0971H–SMEM–6/08 AT88SC1608 18. Packaging Information 18.1 Ordering Code: 10SU-00 8-lead SOIC C 1 E E1 L N Ø TOP VIEW END VIEW e b COMMON DIMENSIONS (Unit of Measure = mm) A A1 D SIDE VIEW SYMBOL MIN NOM MAX A 1.35 – 1.75 A1 0.10 – 0.25 b 0.31 – 0.51 C 0.17 – 0.25 D 4.80 – 5.05 E1 3.81 – 3.99 E 5.79 – 6.20 e NOTE 1.27 BSC L 0.40 – 1.27 θ 0˚ – 8˚ Note: These drawings are for general information only. Refer to JEDEC Drawing MS-012, Variation AA for proper dimensions, tolerances, datums, etc. 3/17/05 R 1150 E. Cheyenne Mtn. Blvd. Colorado Springs, CO 80906 TITLE 8S1, 8-lead (0.150" Wide Body), Plastic Gull Wing Small Outline (JEDEC SOIC) DRAWING NO. REV. 8S1 C 21 0971H–SMEM–6/08 18.2 Ordering Code: 10PU-00 8-lead PDIP E 1 E1 N Top View c eA End View COMMON DIMENSIONS (Unit of Measure = inches) D e D1 A2 A b2 b3 b 4 PLCS Side View L SYMBOL NOM MAX NOTE 2 A – – 0.210 A2 0.115 0.130 0.195 b 0.014 0.018 0.022 5 b2 0.045 0.060 0.070 6 b3 0.030 0.039 0.045 6 c 0.008 0.010 0.014 D 0.355 0.365 0.400 D1 0.005 – – 3 E 0.300 0.310 0.325 4 E1 0.240 0.250 0.280 3 0.150 2 e 3 0.100 BSC eA L Notes: MIN 0.300 BSC 0.115 0.130 4 1. This drawing is for general information only; refer to JEDEC Drawing MS-001, Variation BA, for additional information. 2. Dimensions A and L are measured with the package seated in JEDEC seating plane Gauge GS-3. 3. D, D1 and E1 dimensions do not include mold Flash or protrusions. Mold Flash or protrusions shall not exceed 0.010 inch. 4. E and eA measured with the leads constrained to be perpendicular to datum. 5. Pointed or rounded lead tips are preferred to ease insertion. 6. b2 and b3 maximum dimensions do not include Dambar protrusions. Dambar protrusions shall not exceed 0.010 (0.25 mm). 01/09/02 R 22 2325 Orchard Parkway San Jose, CA 95131 TITLE 8P3, 8-lead, 0.300" Wide Body, Plastic Dual In-line Package (PDIP) DRAWING NO. REV. 8P3 B AT88SC1608 0971H–SMEM–6/08 AT88SC1608 Revision History Doc. Rev. Date Comments 0971H 6/2008 Implemented revision history 23 0971H–SMEM–6/08 Headquarters International Atmel Corporation 2325 Orchard Parkway San Jose, CA 95131 USA Tel: 1(408) 441-0311 Fax: 1(408) 487-2600 Atmel Asia Room 1219 Chinachem Golden Plaza 77 Mody Road Tsimshatsui East Kowloon Hong Kong Tel: (852) 2721-9778 Fax: (852) 2722-1369 Atmel Europe Le Krebs 8, Rue Jean-Pierre Timbaud BP 309 78054 Saint-Quentin-enYvelines Cedex France Tel: (33) 1-30-60-70-00 Fax: (33) 1-30-60-71-11 Atmel Japan 9F, Tonetsu Shinkawa Bldg. 1-24-8 Shinkawa Chuo-ku, Tokyo 104-0033 Japan Tel: (81) 3-3523-3551 Fax: (81) 3-3523-7581 Technical Support [email protected] Sales Contact www.atmel.com/contacts Product Contact Web Site www.atmel.com/products/securemem Literature Requests www.atmel.com/literature Disclaimer: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN ATMEL’S TERMS AND CONDITIONS OF SALE LOCATED ON ATMEL’S WEB SITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Atmel does not make any commitment to update the information contained herein. Unless specifically provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel’s products are not intended, authorized, or warranted for use as components in applications intended to support or sustain life. © 2008 Atmel Corporation. All rights reserved. Atmel®, logo and combinations thereof, Cryptomemory ® and others, are registered trademarks or trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be trademarks of others. 0971H–SMEM–6/08