R EM MICROELECTRONIC - MARIN SA Theseus™ Gold 96 3G EMTG96-3G 96kB FLASH Memory Smart Card IC Environment Single 3.0V to 5.0V supply ± 10% -25 to +85 0C operating temperature Max supply current 10mA > 4 kV ESD Protection HBM CPU Software compatible CMOS 8051 industry standard High speed non standard architecture with 16 bit CPU performance level Up to 20 MHz internal CPU clock Idle and stop mode selectable modes Memory Control Memory Management Unit (MMU) Application Secure OS partitioning EEPROM Erase write control EEPROM with Flash mode I/O ISO 7816-3 compliant electrical interface ISO 7816-3 compliant reset and response T=0 T=1 protocols True Random Number Generator Security Out of frequency, voltage detection Unique chip identification number Notification of tampering Hardware Random Number Generator Internal clock generation DPA/SPA resistance mechanisms Memories 2048 bytes Ram 64KB OTPROM 32KB EEPROM Ö 10 year data retention Ö Endurance >100k write cycles 1.5 KB ROM (Bootrom) Chip forms Wafer sawn or unsawn Back grinding and distressing options 180 microns max thickness Die size < 20 mm2 Modules Applications Mobile communication : Phase 2, 2+, 2.5 Banking Health, loyalty, membership cards Industry Standard Accelerated 8051 core ISO 7816-3 interface Clocks Security interface Reset and Control 256 bytes local RAM Security sensors Memory Mapping and Control Interface (MMU) 1792 Bytes RAM 1.5KB Mask ROM 64 KB OTPROM 32KB EEPROM Charge Pump Figure 1 Copyright © 2005, EM Microelectronic-Marin SA 1 www.emmicroelectronic.com R Theseus™ Gold 96 3G EMTG96-3G Introduction The EMTG96-3G, also known as THESEUS™ Gold 96 3G, is a member of the Theseus family of devices designed specifically for smart card applications. It is software compatible with the industry standard 8051 micro-controller, to guarantee the maximum availability of qualified software. The hardware implementation of the core is a modern design not relying on microcode, with an increase of up to 4 times on a standard 8051's clocks per instruction. Security of the family of devices makes them particularly suitable in electronic commerce and sensitive data areas. This is accomplished in hardware, with not only protection against out of parameter operation of the device, but hardware memory management to protect against software security attacks. The CPU clock is derived from its own internal oscillator, so preventing attacks by clock manipulation, or extrapolating program execution by monitoring current variations on clock edges. The need to support the emerging multifunction cards requires that the device under software control can download an application and run it when the device is in the field embedded in a plastic card. This application can be in the form of a script to be executed by an interpreter or as a raw binary directly executed by the processor. The device has to be protected against the downloading of attack software designed to corrupt or uncover the working or data contained in the device. Traditionally this has been a software function, which relies on the total integrity of the embedded software. EMTG96-3G implements the first level of protection in hardware. This maximises the security of the device, and allows the reusability of developed certified code, by isolating it from the actual hardware implementation of the device. This protection mechanism allows for a Secure Operating System to be embedded into the device at manufacture, which has access rights to features of the device that are denied to applications that can be loaded into the device at manufacture or in the field. The Secure Operating System allocates to each application programme, areas of the memory resources of the device. The hardware then ensures that when the application code is executing only accesses to these designated spaces are made. An extension of application mode has been developed to facilitate Java Card virtual machine integration. Serial interface EMTG96-3G offers a unique serial interface compliant with the ISO 7816-3 specification with several modes implemented allowing serial connections at 9600 up to 357K bits per second at 3.57MHz. EMTG96-3G supports T=0 asynchronous half duplex character transmission protocol, T=1 asynchronous half duplex block transmission and a proprietary T=14 protocol used for fast loading of Code into the OTP by the card manufacturer. It handles minimum guard time requirements between characters specified by ISO7816-3 specification automatically. The THESEUS™ family is designed to be compatible with the ISO7816-3 specification defining the characteristics of Integrated Circuit Cards commonly referred to as smart cards. Random Number Generator The on chip random number generator is fully Fips1401 compliant, providing a rapid stream of truly random numbers. This allows use of the random numbers generated beyond just the provision of numbers for randomising transmissions or generating keys. Clocks EMTG96-3G has its own internal oscillator this allows the core of the device to be independent of the external clock. The processor can also be clocked much faster than the IO CLK signal. This ensures the elimination of fraudulent attacks involving frequency jitter and unequal mark space ratios. The internal clock generator is connected to the core via a divider that is under the control of the software. This allows the Operating System writer to control the trade off between execution speed and power drawn by the device. Extending battery life in hand help applications where slow interfaces are involved. Anti tampering EMTG96-3G has extensive anti tampering provision including the monitoring of the connection to the device to ensure that deviations beyond a prescribed criteria result in the device being closed down before its operating conditions are violated. On chip voltage regulators Several on chip regulators isolate the various elements of the device from variations and fluctuations in the supply voltage. This allows elements to be characterised precisely, as they operate at one fixed voltage, which in turn maximises the endurance of the device. In systems where application isolation is not needed, the security mechanism acts as a general protection unit trapping software errors. Copyright © 2005, EM Microelectronic-Marin SA 2 www.emmicroelectronic.com R Theseus™ Gold 96 3G EMTG96-3G Technical Data Absolute Maximum Ratings Parameter Symbol Limit Values Supply Operating Volt Vcc min -0.3 Voltage at remaining pin Vpin Vss –0.3 Power dissipation Ptot Storage temperature IccI DC Characteristics Parameter Symbol typical -40 Unit max 6 V Vcc+0.3 V +60 mW +125 °C Limit Values Unit TA min -25 typical Ambient temperature max +85 °C Supply Voltage Vcc 2.7 3/5 5.5 V Supply Current Icc 6 (Note 1) mA Supply Current idle IccI 200 (Note 2) µA Supply Current stopped IccS 100 (Note 3) µA Note 1: The supply current at 3.3V refers to a clock frequency of 5 Mhz Note 2: The supply current at 3.3V and a clock frequency of 1 Mhz, at +25 0C Note 3: The supply current at 3.3V and +25 oC IO pin: Parameter Symbol Conditions min max Unit H input voltage VIH IIhmax =±20µA 0.7 * Vcc Vcc V L input voltage VIL IIL max =±20µA -0.3 0.8 V H output voltage (Note 1) VOH Vcc V VOL IOhmax = +20µA IOlmax = -1mA 0.7 * Vcc L output voltage 0 0.4 V Rise Fall Time tr, tF CIN = COUT = 30 pF 1 µS NOTE 1: Assumes 20KΩ Pull up resistor on interface device Clock (CLK) Parameter Symbol Condition Min Max Unit H output voltage VOH IOhmax = +20 µA Vcc-0.7 Vcc V L output voltage VOL 0.5 V Rise Fall Time tr, tF IOlmax = -20µA CIN = COUT = 30 pF 0 Symbol Condition Min H output voltage VOH IOhmax = +20 µA L output voltage VOL Rise Fall Time tr, tF IOlmax = -20µA CIN = COUT = 30 pF Reset(RST) Parameter 9% CLK period Max Unit Vcc-0.7 Vcc V 0 0.6 V 400 µs EM Microelectronic-Marin SA (EM) makes no warranty for the use of its products, other than those expressly contained in the Company's standard warranty which is detailed in EM's General Terms of Sale located on the Company's web site. EM assumes no responsibility for any errors which may appear in this document, reserves the right to change devices or specifications detailed herein at any time without notice, and does not make any commitment to update the information contained herein. No licenses to patents or other intellectual property of EM are granted in connection with the sale of EM products, expressly or by implications. EM's products are not authorized for use as components in life support devices or systems. © EM Microelectronic-Marin SA, 02/05, Rev. D Copyright © 2005, EM Microelectronic-Marin SA 3 www.emmicroelectronic.com