ANALOG DEVICES ADSP-2141L handbook
Contents
1. of Input Pin Name Pins Output Function External Memory Bus Address 25 0 26 Address Output Pins for Program Data Byte and I O Spaces 13 Bits 2183 13 Bits from Overlay Register Note 0 not used for 32 bit memory Data 31 0 32 VO Data I O Pins for Program and Data Memory Spaces D31 0 are used for wide bus data memory D23 0 are used for DSP Program RAM D23 8 are used for I O Space D23 8 are used for DSP Data RAM D15 8 are used for byte memory D23 16 are also used as Byte Space Addresses Interrupts IRQ2 1 Edge or Level Sensitive Interrupt Request IRQLO 1 I Level Sensitive Interrupt Requests IRQLI 1 Level Sensitive Interrupt Requests IRQE 1 I Edge Sensitive Interrupt Request Bus Signals BR 1 I Bus Request Input BG 1 Bus Grant Output BGH 1 Bus Grant Hung Output PMS 1 Program Memory Select Output DMSL 1 Data Memory Select Output Lower 16 Bits for 32 DM DMSH 1 Upper Memory Select Output Upper 16 Bits for 32 Bit DM Not Used for 16 DM BMS 1 Byte Memory Select Output IOMS 1 T O Space Memory Select Output CMS 1 O Combined Memory Select Output PMS DMS IOMS BMS RD 1 Memory Read Enable Output WR 1 Memory Write Enable Output Miscellaneous MMAP 1 I Memory Map Select Input 1 Overlay External at 0x0000 BMODE 1 I Boot Option Control Input 0 BDMA 1 IDMA CLKIN XTAL 2 I Clock or Quartz Crystal Input 1 2 of the ADSP 2141 Clock CLKOUT 1 Proce2. 0713 0 LX 1dW 9015 10d AQUI 12 oLION SN 8 6 IeiloN sng8 ozlon sn _ 5 zlon sn ezlon sng ON LX ld IvzcloN sng REV 0 38 ADSP 2141L PACKAGE DESCRIPTION Package Details The package shown below is a 208 lead metric quad flatpack Measurements are listed in English and metric Because this package is designed as a metric package Analog Devices recommends that you use these measurements for any PCB layout OUTLINE DIMENSIONS Dimensions shown in inches and mm 208 Lead Metric Plastic Quad Flatpack MQFP Nonhermetic 0 164 4 10 1 256 31 40 MAX 1 248 31 20 SQ 0 041 1 03 1 240 31 00 0 035 0 88 0 031 0 78 p SEATING PLANE 1 124 28 10 TOP VIEW 1 120 28 00 SQ PINS DOWN 1 116 27 90 0 003 0 08 MAX LEAD 52 105 Y COPLANARITY 53 020 050 Sel be 0 010 0 25 0 020 0 50 0 011 0 27 0 144 3 59 BSC 0 009 0 22 0 136 3 39 LEAD PITCH 0 007 0 17 LEAD WIDTH NOTE THE ACTUAL POSITION OF EACH LEAD IS WITHIN 0 003 0 08 FROM ITS IDEAL POSITION WHEN MEASURED IN THE LATERAL DIRECTION CENTER FIGURES ARE TYPICAL UNLESS OTHERWISE NOTED THE 208 LEAD MQFP IS A METRIC PACKAGE ENGLISH DIMENSIONS PROVIDED ARE APPROXIM
3. Total power dissipation for this example is Pint 61 mW 34 35 36 37 38 39 40 41 42 FREQUENCY MHz Figure 31 Power vs Frequency REV 0 35 ADSP 2141L Pin Configurations For all multiplexed pins the active sense is determined by the mode selected Pin Pin Name Pin Pin Name Pin Pin Name Pin Pin Name Pin Pin Name 1 5 43 85 VDD 127 GND 169 GND 2 EE 44 GND 86 GND 128 ADDR 0 170 DATA 0 3 GND 45 MPLX_BUS 30 87 MPLX6 129 ADDR I 111 DATA I 4 ECLK 46 MPLX BUS 29 88 MPLX5 130 ADDR 2 172 DATA 2 5 ELOUT 47 MPLX_BUS 28 89 MPLX BUS 15 131 ADDR 3 173 DATA 3 6 ELIN 48 MPLX BUS 27 90 MPLX BUS 14 132 VDD 174 VDD 7 EINT 49 VDD 91 MPLX BUS 13 133 ADDR 4 175 GND 8 EBR 50 GND 92 MPLX BUS 12 134 ADDR 5 176 DATA 4 9 EBG 51 MPLX BUS 26 93 VDD 135 ADDR 6 177 DATA 5 10 MMAP 52 MPLX_BUS 25 94 GND 136 ADDR 7 178 DATA 6 11 BMODE 53 MPLX BUS 24 95 MPLX BUS 11 137 ADDR 8 170 DATA 7 12 BUS_MODE 54 96 MPLX_BUS 10 138 ADDR 9 180 DATA S 13 BUS_SEL 55 MPLX_BUS 23 97 MPLX BUS 9 139 ADDR 10 181 DATA 9 14 EE SK 56 MPLX BUS 22 98 MPLX BUS 140 ADDR II1 182 DATA 10 15 EE CS 57 VDD 99 VDD 141 ADDR 12 183 DATA 11 16 EE_DI 58 GND 100 GND 142 ADDR 13 184 DATA 12 17 EE_DO 59 MPLX_BUS 21 101 143 GND 185 DATA 13
4. PINOUT PCI Mode 05 1 05 04125 16 1 549 ATOS and lolviva zl viva elviva and vlviva slviva glviva lviva slviva lelviva lorviva Izilviva lerlviva pilviva Istlviva and otlviva Lilviva Igiviva lerlviva lozlviva zlviva and lezlviva lezlviva pzlviva szlviva loziviva Uzlviva szlviva 62171 06 1 Drelviva 195393 101 1 2 4 110 MPLX_BUS Pci_ad 109 MPLX_BUS Pci_ad 108 MPLX BUS Pci 111 MPLX BUS Pci ad 105 BUS Pci ad 156 ADDR 25 155 ADDR 24 154 ADDR 23 153 ADDR 22 152 ADDR 21 151 ADDR 20 150 VDD 149 ADDR 19 148 ADDR 18 147 ADDR 17 146 ADDR 16 145 ADDR 15 144 ADDR 14 143 GND 142 ADDR 13 141 ADDR 12 140 ADDR 11 139 ADDR 10 138 ADDR 9 137 ADDR 8 136 ADDR 7 135 ADDR 6 134 ADDR 5 133 ADDR 4 132 VDD 131 ADDR 3 130 ADDR 2 129 ADDR 1 128 ADDR 0 127 GND 126 XTAL 125 CLKIN 114 VDD 113 CLKOUT 112 GND 107 GND 106 VDD gt Not to Scale PCI MODE t S o a lt IDENTIFIER 28 PWDACK 29 30 31 32 33 34 35 36 VDD 37 q L40 31 41 MPLX RESET Pci rst 39 BR BG BGH GND 38 VDD 42 43 GND 44 30 45 29 46 28 47 27 48 VDD 49 GND 50 26 51 2
5. from RNG are marked as trusted Keys that are negotiated or imported from outside systems are marked untrusted although they may still be quite secure Separate trusted and untrusted key hierarchies may be main tained and customer applications may choose which trust level is required for a given command For most key management operations the CGX interface must be used However for certain high performance encryption hashing applications the CGX interface may be bypassed and either the DSP or a host processor may exercise direct control over the hash encrypt block REV 0 ADSP 2141L COMMAND SUMMARY Approximately 40 CGX Commands are supported in the API to the ADSP 2141L General Utilities INIT DEFAULT RANDOM GET CHIPINFO SELF TEST Symmetrical Key Management UNCOVER KEY GEN KEY GEN KEK GEN RKEK SAVE KEY LOAD KEY DERIVE KEY TRANSFORM KEY DESTROY KEY EXPORT KEY IMPORT KEY Symmetrical Encryption ENCRYPT DECRYPT LOAD KG Hash HASH INIT HASH DATA HASH ENCRYPT HASH DECRYPT PRF Functions MERGE KEY MERGE LONG KEY EXTRACT LONG KEY PRF DATA PRF KEY Asymmetrical Key Management GEN PUBKEY GEN NEWPUBKEY GEN NEGKEY EXPORT PUBKEY IMPORT PUBKEY Asymmetrical Encryption PUBKEY ENCRYPT PUBKEY DECRYPT Digital Signatures SIGN VERIFY Math Utilities ADD VECTOR SUB VECTOR MULT VECTOR EXP VECTOR SHIFT VECTOR Extended Mode LOAD EXTENDED EXECUTE EXTENDED REV 0 Initia
6. 0x2000 Ox1FFF MEMORY MAPPED 0x1800 REGISTERS 0x17FF PROTECTED 0x1000 OxOFFF 4K KERNEL RAM DMOVLAY 000F 0x0000 KERNEL MODE SHADED KERNEL SPACE PAGE 8K EXTERNAL DMOVLAYL 1 DMOVLAYH 000 UP 64 MEGAWORDS EXTERNAL DATA MEMORY DMOVLAYL ALTERNATES 2 1 2 1 8K EXTERNAL PAGE 1 DMOVLAYL 2 DMOVLAYH 000 8K KERNEL PAGE 8191 DMOVLAYL 2 DMOVLAYH FFF 0 Figure 3 Data Memory REV 0 ADSP 2141L RQ2 now can include interrupt sources from the crypto subsystem depending on interrupt mask registers new read register has been added to indicate the state of interrupt enable and interrupt masks The kernel mode control subsystem has been added to super vise the protected mode of operation of the DSP core Internal RAM protection logic has been added to allow the kernel to seize increments of 1K word of internal PRAM and DRAM Bus mode configuration 218x vs PCI pins have been added 32K words of kernel program ROM have been added to the DSP memory space See the Memory Map section Kernel Mode Control kernel mode control subsystem provides the following functions which serve to enforce the security integrity of the ADSP 2141L Provide a means to securely enter the kernel mode Provide a means to properly exit the kernel mode Prevent user mode access to protected memory and register locations Manage interrup
7. 18 VDD 60 BUS 20 102 MPLX_BUS 7 144 ADDR 14 186 DATA 14 19 GND 61 MPLX BUS 19 103 MPLX BUS 6 145 ADDR 15 187 DATA 15 20 PF 7 INT 62 MPLX BUS 18 104 MPLX BUS 5 146 ADDR 16 188 VDD 21 PF 6 63 GND 105 MPLX BUS 4 147 ADDR I7 180 GND 22 PF 5 64 VDD 106 VDD 148 ADDR 18 190 DATA 16 23 PF 4 65 VDD 107 GND 149 ADDR 19 191 DATA 17 24 PF 3 66 GND 108 BUS 3 150 VDD 102 18 25 PF 2 67 MPLX_BUS 17 109 MPLX BUS 2 151 ADDR 20 103 DATA 19 26 68 MPLX BUS 16 110 MPLX BUS I 152 ADDR 21 194 DATA 20 27 0 69 2 111 MPLX BUS 0 153 ADDR 22 195 DATA 21 28 PWD 70 PCI 112 GND 154 ADDR 23 196 VDD 29 PWDACK 71 VDD 113 CLKOUT 155 ADDR 24 197 GND 30 72 GND 114 VDD 156 ADDR 25 198 DATA 22 31 BG 73 PCI STOP 115 GND 157 DTO 199 DATA 23 32 BGH 74 MPLX10 116 158 TFSO 200 DATA 24 33 IRQE 75 MPLX11 117 RD 159 RFSO 201 DATA 25 34 IRQLO 76 118 DMSH 160 DRO 202 DATA 26 35 IRQLI 77 VDD 119 DMSL 161 SCLKO 203 DATA 27 36 IRQ2 78 GND 120 5 162 DTI 204 DATA 28 37 VDD 79 MPLX3 121 BMS 163 TFS1 205 DATA 29 38 GND 80 MPLX7 122 5 164 RFS1 206 DATA 30 39 MPLX_RESET 81 MPLX9 123 IOMS 164 DRI 207 DATABB1 40 MPLX12 82 MPLX8 124 VDD 166 SCLKI 208 ERESET 41 MPLX_BUS 31 83 GND 125 167 GND 42 VDD 84 126 XTAL 168 VDD 36 REV 0 ADSP 2141L
8. pF Figure 23 Typical Output Rise Time vs Load Capacitance C at Maximum Ambient Operating Temperature 18 16 14 12 10 8 4 2 NOMINAL 2 4 0 50 100 150 200 250 C pF OR HOLD ns o VALID OUTPUT DELAY Figure 24 Typical Output Valid Delay or Hold vs Load Capacitance C at Maximum Ambient Operating Temperature TEST CONDITIONS Output Disable Time Output pins are considered to be disabled when they have stopped driving and started a transition from the measured output high or low voltage to a high impedance state The out put disable time tpys is the difference of tugAsungp and tpgcay as shown in the Output Enable Disable diagram The time is the interval from when a reference signal reaches a high or low voltage level to when the output voltages have changed by 0 5 V from the measured output high or low voltage The decay time tpecay is dependent on the capacitive load and the current load 4 on the output pin It can be approximated by the fol lowing equation C 0 5V tpgcay 7 from which Unis T MEASURED DECAY REV 0 is calculated If multiple pins such as the data bus are disabled the measurement value is that of the last pin to stop driving INPUT R 1 5V 1 5V OUTPUT Figure 25 Voltage Reference Levels for AC Measure ments Except Output Enable Disable Output Enable Time Output pins are considered to be en
9. 10 ns MPLX_BUS Data Hold After MPLX9 Low 2 ns Switching Characteristics Start of Write to MPLX9 Low 1 5 ns Start of Write to MPLX9 High 15 ns NOTES Start of Write MPLX7 Low and MPLX6 Low 21 Write Pulse ends before MPLX9 Low use specifications typsu tix Write Pulse ends after MPLX9 Low use specifications This is the earliest time for MPLX9 Low from Start of Write For Write cycle relationships please refer to the ADSP 2100 Family User s Manual gt kw lt MPLX9 IACK gt r kw MPLX7 IS X X X X MPLX6 IWR x tiku MPLX_BUS IAD15 0 DATA d AAAA AAA Figure 20 IDMA Write Long Write Cycle IDMA Mode Multiplex Bus 30 REV 0 ADSP 2141L Parameter Min Max Unit Read Long Read Cycle IDMA Mode Multiplex Bus Timing Requirements tree Low Before Start of Read 0 ns trp Duration of Read 15 ns Switching Characteristics MPLX9 High After Start of Read 15 ns trkps MPLX BUS Data Setup Before MPLX9 Low 0 5 7 ns MPLX_BUS Data Hold After End of Read 0 ns KDD MPLX BUS Data Disabled After End of Read 14 ns MPLX_BUS Previous Data Enabled After Start of Read 0 ns tmpv MPLX BUS Previous Data Valid After Start of Read 15 ns MPLX BUS Previous Data Hold After Start of Read 5 ns trrpH2 MPLX BUS Previous Data Hold After St
10. Boot Mode Selection Boot Mode Pins BMODE MMAP Byte Wide BDMA Boot Mode 0 0 Host Bus IDMA Boot Mode 1 0 External Program Boot Mode 0 1 The hardware pin states are not relevant after the ADSP 2141L comes out of power up reset Refer to the ADSP 2141L User s Manual available from IRE for information on BDMA IDMA and external program boot modes COMMAND INTERFACE This section provides a general overview of the software com mand interface to the crypto functions in the ADSP 2141L Refer to the ADSP 2141 CGX Interface Programmer s Guide available from http www ire ma com proddoc htm for more details Overview The ADSP 2141L provides an embedded crypto library that provides a command interface API Application Programming Interface to outside applications These commands are referred to as CGX CryptoGraphic eXtensions The CGX API simultaneously enforces certain security policies within the ADSP 2141L and insulates applications from the details of many complex cryptographic operations The security policy built into the ADSP 2141L has some of the following rules e Unencrypted red keys may never be retrieved from the ADSP 2141L Keys within the ADSP 2141L are marked with an attributes field that specifies key type and trust level key s type field must match the use a requested opera tion i e cannot use a KEK to encrypt traffic Keys generated internal to the ADSP 2141L 1
11. TIMING PARAMETERS PCI Clock Guaranteed Over Operating Temperature and Digital Supply Range The ADSP 2141L is targeted for use in PCI add on slave card designs It provides glueless interface to the PCI bus bus drivers are compliant with PCI interface electrical switching and drive capability specifications C BE 7 4 REQ64 ACK64 64 Parameter Min Max Unit Timing Requirements 25 100 ns CLK High Time 11 ns Low Time 11 ns CLK Slew Rate 1 4 V ns RST Slew Rate 50 mV ns NOTES Rise and fall times are specified in terms of the edge rate measured in V ns This slew rate must be met across the minimum peak to peak portion of the waveform as shown in Figure 8 The minimum RST slew rate applies only to the rising deassertion edge of the reset signal and ensures that system noise cannot render an otherwise monotonic signal to appear to bounce in the switching range 0 6 0 5 E 2V p p 0 4 MINIMUM 0 3Vcc 0 2Vcc Figure 8 Clock Waveform 418 REV 0 ADSP 2141L Parameter Min Max Unit PCI Bus Interface Timing Requirements CLK to Signal Valid 2 11 ns ton CLK to Low Z Delay 2 ns CLK to High Z Delay 28 ns tsu Input Setup to CLK 7 ns ty Input Hold After CLK 1 ns tRST OFF RST Active to Outputs High Z 40 ns oe VrEsT 4 OU
12. cycle delay for synchronization The memory access consumes an additional processor cycle Once an access has occurred the latched address is automati cally incremented and another access can occur Through the IDMAA register the ADSP 2141L can also specify the starting address and data format for DMA operation Figure 6 illustrates a typical system configuration for the IDMA mode Siis ADSP 2141L EXTERNAL MEMORY BUS ADSP 2141 CLKOUT 1 2X a BYTE CRYSTAL MEMORY BOOT LOADER INTERRUPT 16 SOURCES SPACE 2048 LOCATIONS SPORT1 SCLK1 RFS1 OR IRQO PROGRAM SERIAL TFS1 DT1 OR FO rel DR1 OR FI SEGMENTS SPORTO SCLKO PM RFSO DEVICE TFSO DATA DTO OVERLAY 8192 8 16 SEGMENTS SYSTEM 4 UP TO 32M x 32 gt INTERFACE OR CONTROLLER MPLX31 16 RESET PCI_CLK PCI_PAR PCI STOP NC VDD OR GND ADDRO FROM THE ADSP 2141 NC IS NO CONNECT FOR 32 BIT MEMORY Figure 6 ADSP 2141L IDMA System Configuration 12 ADSP 2141 ADDR1 IS WIRED 0 REV 0 ADSP 2141L PCI Bus Mode Figure 7 illustrates a typical system configuration for the PCI mode EXTERNAL MEMORY BUS ADSP 2141 CLKOUT ADDR25 0 1 2X CLOCK CLKIN OR CRYSTAL XTAL BYTE MEMORY BOOT PF0 6 LOADER INTERRUPT 16 BIT VO SPACE 2048 LOCATIONS SOURCES IRQ2 TRQLO IRGL1 SPORT1 e
13. 021 1 tod sn 221 12d sng 1 d sng 5995 19d LX1dIN i2d sng SE yim REV 0 ADSP 2141L PINOUT 2183 Mode 05 1 0539 04125 1531 1539 13125 and aNd lolviva viva elviva aNd slviva slviva viva slviva lelviva lollviva Izilviva ellviva stlviva aNd oLlviva Liviva Ieiviva leilviva 04 1 lizlviva Izzlviva ezlviva Ivziv1va Isclv1va ozlviva Lzliviva ezlviva lezlviva loelviva relviva 195393 291 891 691 091 191 291 591 91 991 991 291 891 691 07 1 LAL 221 6271 921 421 8 1 621 081 181 281 est vet 681 981 481 881 681 061 161 261 561 v6L Ser 961 261 861 661 002 102 202 02 toz soz 902 702 902 101 1 2 3 4 co lt lt sys 154 ADDR 23 153 ADDR 22 152 ADDR 21 151 ADDR 20 150 VDD 149 ADDR 19 148 ADDR 18 147 ADDR 17 146 ADDR 16 145 ADDR 15 144 ADDR 14 143 GND IDENTIFIER 142 ADDR 13 141 ADDR 12 140 ADDR 11 139 ADDR 10 138 ADDR 9 137 ADDR 8 136 ADDR 7 135 ADDR 6 134 ADDR 5 133 ADDR 4 132 VDD ADSP 2141L 131 ADDR 3 130 ADDR 2 129 ADDR 1 128 ADDR 0 127 GND 126 XT
14. Address Latch End 4 ns NOTES Start of Address Latch MPLX7 Low and MPLXS8 High Start of Write or Read MPLX7 Low and MPLX6 Low or MPLX5 Low 3End of Address Latch MPLX7 High or MPLX8 Low MPLX9 TACK tika MPLX8 IAL MPLX7 IS YY YY V V YY YY VY S XXXXXX XXXXXX MPLX5 OR MPLX6 IRD OR IWR Figure 18 IDMA Address Latch IDMA Mode Multiplex Bus 28 REV 0 ADSP 2141L Parameter Min Max Unit Write Short Write Cycle Mode Multiplex Bus Timing Requirements tkw MPLX9 Low Before Start of Write 0 ns Duration of Write 2 15 ns tipsu MPLX_BUS Data Setup Before End of Write 4 5 ns MPLX BUS Hold After End of Write gt 4 3 ns Switching Characteristic kuw Start of Write to MPLX9 High 15 ns NOTES Start of Write MPLX7 Low and MPLX6 Low End of Write MPLX7 High or MPLX6 High Write Pulse ends before MPLX9 Low use specifications tipsu If Write Pulse ends after MPLX9 Low use specifications tkw MPLX9 IACK gt MPLX7 IS MPLX6 IWR canssa XXXII XXXXXXXXX Figure 19 IDMA Write Short Write Cycle IDMA Mode Multiplex Bus REV 0 29 ADSP 2141L Parameter Min Max Unit Write Long Write Cycle Mode Multiplex Bus Timing Requirements tw MPLX9 Low Before Start of Write 0 ns trksu BUS Data Setup Before MPLX9 Low 0 5tcg
15. DATA 023 0 Figure 16 External Memory Read ADSP 2141L DSP Initiated 26 REV 0 ADSP 2141L Parameter Min Max Unit Serial Ports Timing Requirements SCLK Period 50 ns tscs DR TFS RFS Setup Before SCLK Low 4 ns tscH DR TFS RFS Hold After SCLK Low 7 ns tscp Width 15 ns Switching Characteristics tec CLKOUT High to SCLKOUT 0 251 0 251 10 ns tscpE SCLK High to DT Enable 0 ns tscpv SCLK High to DT Valid 15 ns TFS RFSour Hold After SCLK High 0 ns tgp TFS RFSour Delay from SCLK High 15 ns tscpH DT Hold After SCLK High 0 ns Alt to DT Enable 0 ns trpv TES Alt to DT Valid 14 ns tscpp SCLK High to DT Disable 15 ns trpv RFS Multichannel Frame Delay Zero to DT Valid 15 ns CLKOUT SCLK DR TFSi RFSin RFSout TFSout TFSout ALTERNATE FRAME MODE gt RFSout MULTICHANNEL MODE FRAME DELAY 0 MFD 0 TDE ttov gt TFSin ALTERNATE FRAME MODE trov gt RFSin MULTICHANNEL MODE FRAME DELAY 0 MFD 0 Figure 17 Serial Ports REV 0 21 ADSP 2141L Parameter Min Max Unit IDMA Address Latch IDMA Mode Multiplex Bus Timing Requirements tarp Duration of Address Latch 10 ns trasu MPLX_BUS Address Setup Before Address Latch End 5 ns MPLX_BUS Address Hold After Address Latch End 3 ns Low Before Start of Address Latch 3 0 ns trALS Start of Write or Read After
16. DRIVE CURRENTS Figures 28 and 29 show typical I V characteristics for the output drivers of the ADSP 2141L The curves represent the current drive capability of the output drivers as a function of output voltage 100 80 Vpp 3 3V 25 C 60 Vpp 3 6V 0 C Vpp 3 0V 70 C Vpp 3 0V 70 C 20 Vpp 3 3V 25 C SOURCE CURRENT mA 3 6V 0C 0 5 1 0 1 5 2 0 2 5 3 0 3 5 4 0 SOURCE VOLTAGE Figure 28 Typical Drive Currents PCI Pins 80 Vpp 3 3V 25 C 60 Vou Vpn 3 6 0 C 40 20 Vpp 3 0V 70 Vpp 3 0V 70 C Vpp 3 3 25 C SOURCE CURRENT mA VoL Von 3 6V 0 C 0 0 5 1 0 1 5 2 0 2 5 3 0 3 5 4 0 SOURCE VOLTAGE Figure 29 Typical Drive Currents Addr Dbus rd wr Pins 34 Total power dissipation has two components due to inter nal circuitry and one due to the switching of external output drivers Internal power dissipation depends on the sequence in which instructions execute and the data operands involved See Ipp calculation in Electrical Characteristics section Internal power dissipation is calculated this way Prr Ipon X Vpp The external component of total power dissipation is caused by the switching of output pins Its magnitude depends on the number of output pins that switch during each cycle O the maximum frequency
17. at which the pins can switch f the load capacitance of the pins C the voltage swing of the pins Vpp The external component is calculated using OxCx Vop x f load capacitance should include the processor s package capacitance Cm The frequency f includes driving the load high and then back low REV 0 ADSP 2141L Example POWER INTERNAL i 940 In an application where external data memory is used and no other outputs are active power dissipation is calculated as follows 840 Assumptions P 740 External data memory is accessed every cycle with 50 of the ER address pins switching d 640 External data memory writes occur every other cycle with 50 of the data pins switching Q 540 Each address and data pin has 10 pF total load at the pin D 440 The application operates at Vpp 3 3 V and tcx 25 ns m Total Power Dissipation f 340 internal power dissipation from Power vs Frequency B S Rm graphs Figures 30 31 Figure 30 Power vs Frequency C x Vpp x f is calculated for each output POWER IDLE of Pins x C xVpp xf Address DMS 8 x10 pF 3 32 40 MHz 348mW Data Output WR 9 x10 pF 3 32 x20 MHz 19 6mW RD 1 x10 pF 3 32 40 MHz 2 2mW n CLKOUT 1 10 x3 37V x20MHz 44mW n 61 0 mW e
18. com proddoc htm Only one level of kernel mode nesting is permitted An interrupt to a user mode vector location while in nested kernel mode will also trigger the violation reset logic Once the interrupt service routine is finished the return from interrupt must return control back to the kernel at the address overlay that was originally interrupted otherwise the protection logic will issue a chip reset Hash and Encrypt Block Overview The encrypt block is tightly coupled to the hash block in the ADSP 2141L and therefore the two are discussed together Refer to Figure 4 Hash Encrypt Functional Block Diagram for the following description The algorithms implemented in the combined hash and encryp tion block are DES Triple DES MD 5 and SHA 1 Data can be transferred to and from the module once to perform both hashing and encryption on the same data stream The DES encrypt decrypt operations are highly paralleled and pipelined and execute full 16 round DES in only four clock cycles The internal data flow and buffering allows parallel execution of hashing and encryption where possible and allows processing of data concurrently with I O of previous and subsequent blocks PAD CONSUME AND VERIFY READ CONTEXT 16 32 BIT OUTPUT BUS Figure 4 Hash Encrypt Functional Block Diagram REV 0 5 ADSP 2141L Context switching is optimized to minimize the overhead of changing cryptographic key
19. signal which may be connected to the interrupt input of the host system The HMASK register provides the mask to select which interrupt source is enabled A pair of status registers HUMSTAT and HMSTAT allow the host firmware to read the status of any interrupt source either before or after the mask is applied Laser Variable Storage The laser variables are configured through 256 Fuses in the ADSP 2141L which are programmed during IC manufacture Each ADSP 2141L produced is programmed with a unique set of Laser Variables Local Storage Variable LSV the Master Key Encryption Key Internal Seed Variable INTERNAL INTERRUPTS RESET POWER DOWN SPORTO Tx SPORTO Rx BDMA INT TIMER INT SPORT1 Tx SPORT1 Rx ADSP 2183 INTERRUPT CONTROLLER EXTERNAL INTERRUPTS IRQE CRYPTO INTERRUPT SUBSYSTEM BOUNDRY EXT MEM CONFLICT HASH ENC ERROR e 48 Program Control Data enables disables various fea tures and configures the ADSP 2141L CRC of the Laser Data to verify integrity of the laser bits The LSV is a unique triple DES master key encrypting key that allows the ADSP 2141L to securely store data primarily other keys off chip for later reloading This is necessary if more storage space is needed than is available with on chip RAM or if keys need to be saved and restored after a power outage Each ADSP 2141L produced is programmed with a unique randomly generated local storage variable The interna
20. source Although this is not necessary to ensure the quality of the random numbers it meets the criteria for NIST approved random num ber generation algorithm Public Key Accelerator PKAC The public key arithmetic coprocessor otherwise known as a BigNum processor is designed to support long vector calcula tions of the kind needed to perform RSA Diffie Hellman and Elliptic Curve operations The PKAC can perform multiplication squaring addition and subtraction on arbitrary length bit vectors The CGX software is responsible for setting the address register for the operands and result as well as specifying the length and operation type Once the operation type field is written the processor polls the opera tion complete status while the calculation is carried out The PKAC utilizes the protected kernel RAM for input output and intermediate variable storage It may only be accessed from the secure kernel mode Since public key computations typically take many milliseconds to complete they may be preempted using a DSP interrupt Most application interaction with the public key accelerator will occur via the CGX software interface see the Command Inter face section Both high level public key operations such as RSA Sign or Create Diffie Hellman Key as well as primitive operations such as Multiply Vector Add Long Vector etc are presented via the CGX interface PCI Cardbus Interface ADSP 2141L appears as a tar
21. 25 C 8 pF NOTES 1 Bidirectional pins 20 31 0 RFS1 SCLK0 SCLK1 TFS0 TFS1 IAD0 15 2 Input only pins IRQ2 BR BMODE BUS MODE BUS SEL DRO PWD IRQLI IRQE IS IRD IWR IAL 3Input only pins CLKIN RESET IRQ2 BR MMAP BMODE BUS MODE BUS SEL DRO DR1 PWD IRQLO IRQLI IS IRD IWR IAL Output pins BG PMS DMSL DMSH BMS IOMS CMS RD WR IACK PWDACK 0 25 DT1 CLKOUT FL2 0 gt Although specified for TTL outputs all ADSP 2141L outputs are CMOS compatible and will drive to Vpp and GND assuming no dc loads 9 Guaranteed but not tested 7 Output pins BG PMS DMSL BMS IOMS DMSH CMS RD WR PWDACK A0 A25 DT 1 CLKOUT FL2 0 EE DI EE CS EE SK 50 V on BR CLKIN active to force three state condition 9 Three statable pins A0 A25 D0 D31 PMS DMSL DMSH BMS IOMS CMS RD WR 70 DT1 5 0 SCLK1 50 51 RFSO RFS1 IADO IADI5 PFO PF7 10Tdle refers to ADSP 2141L state of operation during execution of IDLE Instruction Deasserted pins are driven to either GND 11 Current reflects device operating with no output loads 0 4 V and 2 4 V For typical supply currents refer to Power Dissipation section measurement taken with 93 of instructions executing from internal memory and 7 from external memory operations are executing fro
22. 41L can perform parallel execution of both functions from the same source and destination buffers For encrypt then hash and decrypt then hash operations the processing must be sequential but minimum latency is still provided through the pipeline chaining design An offset may be specified between the start of hashing and the start of encryption to support certain protocols such as IPsec A mutable bit handler is also provided on the hash engine to facilitate IPsec AH processing Random Number Generator RNG Block hardware random number generator provides a true non deterministic noise source for the purpose of generating keys Initialization Vectors IVs and other random number require ments Random numbers are provided as 16 bit words to the kernel The CGX kernel requests random numbers as needed to perform requested CGX commands such as CGX Gen Key and can also directly supply from 1 to 65 535 random bytes to a host application via the Random command Public Key Accelerator The public key accelerator module works in concert with the kernel firmware to provide full public key services to the host application The kernel provides macro level functions to perform Diffie Hellman key agreement RSA encrypt or decrypt DSA compute and verify digital signatures The hardware accel erator block speeds computation intensive operations such as large vector multiply add subtract square REV 0 PCI Cardbus
23. 5 52 ELIN 6 VDD 18 GND 19 PF 7 INT_H 20 PWD IRQE IRGLO IRGLi RQZ EE Do 17 ECLK 4 ELOUT 5 EE SK 14 EE CS 15 EE DI 16 6 21 5 22 PF 4 23 PF 3 24 2 25 PF 1 26 PF 0 27 BMODE 11 BUS MODE 12 MPLX BUS Pci ad MPLX BUS Pci ad MPLX BUS Pci MPLX BUS Pci BUS SEL 13 MPLX12 Pci re MPLX BUS Pci ad MPLX BUS Pci ad MPLX BUS Pci ad vol 50 201 LOL 001 66 86 46 96 56 v6 6 26 16 06 68 88 48 98 58 v8 8 28 18 08 62 82 42 9L S bl L 22 02 69 89 29 99 99 v9 9 e 0 6 85 48 9 5 10 c o c 6 6 1 4 9 i d sng 1 d sng 0992 aNd 1 4 5 6 ope i2d sng 12d sng aNd 1 1 pipe tod sn tod sna Jespi 1d SX1dIN 19d 9X1d IN aNd 19d 8X1dIN 19d 6X1dIN 1 1999 19 as 19d LLXIdN I2d 0LX ld 9015 10d and _ AQUI 19d 19d ZX1dN 9 12d 5ng8 2 12d 5n8 8 i2d sng 021 12d sng
24. 9 ms DSA Verify lt 66 ms KEY MANAGEMENT BLOCK Laser Programmed Unique Triple DES Cryptovariable Protects Off Chip Storage Support for Secure Storage of Both Secret Keys and Public Private Key Pairs Trust Model Rules Enforcement Only Encrypted Keys May Be Exported Off the Chip Internal Key Cache for 15 Keys Can Be Expanded to 700 Keys On Chip Keys May Also Be Securely Stored Off Chip Allowing Unlimited Storage DSP CORE 40 MIPS Sustained Performance Single Cycle Instruction Execution Single Cycle Context Switch Zero Overhead Looping Low Power Dissipation 16K Words 16K x 24 On Chip Program RAM 16K Words 16K x 16 On Chip Data RAM 64M Words Off Chip Program and Data Memory Programmable 16 Bit Interval Timer with Prescale PCI BUS CARDBUS INTERFACE 32 Bit 3 3 V Bus Interface 33 MHz or 40 MHz Bus Speed Bus Master and Target Modes Can Directly DMA Between Crypto Functions and Other PCI Bus Agents 66 MHz speed pending chip characterization GENERAL DESCRIPTION The ADSP 2141L SafeNet DSP is a highly integrated embedded security processor that incorporates a sophisticated general purpose DSP along with a number of high performance Cryp tographic function blocks as well as PCI DMA and Serial EEPROM interfaces It is fabricated in 0 35 CMOS triple layer metal technology and uses a 3 3 V power supply It is available in a 208 lead MQFP package with a commercial 0 C to 70 C temperature range DSP Co
25. AL TOP VIEW Not to Scale 2183 MODE 125 CLKIN 114 VDD 113 CLKOUT 112 GND 111 MPLX_BUS IAD 110 MPLX_BUS IAD 109 MPLX_BUS IAD 108 MPLX BUS IAD 107 GND 106 VDD 105 MPLX_BUS IAD QM ee HES RAIL RN RR RISISIRIS 199 18 e les 11 2 165 5 I iuolw aa we axzacgsvraatgi z fdoZ2EBESBBS SSSSIDPEEPELEROBERESDBBSSLISSSSSRERSEER 690 0 gt lt gt gt 060555652556 i szzouuug E 5 2222 22 AAAA OH o gt 2222 22 m m m m m m m m o ox l ic a x zz E a voL 801 201 LOL 001 66 86 46 96 S6 v6 56 26 16 06 68 88 48 98 58 v8 8 28 18 08 62 82 22 92 92 vL L 22 0L 69 89 49 99 59 v9 9 29 19 09 65 85 48 95 95 vs 55 Islav sng 9 LJavy sng ON PX 1d aNd slavvsna Ielav sng lorlavi sna and pLlavisna stlavi sna HMI 9X ld QN5 ON EX1dW HVd lod
26. ANALOG DEVICES DSP ADSP 2141L APPLICATIONS SECURE KERNEL CONTROL Security Coprocessor for High Speed Networking Prod Tamper Resistant Isolation of Cryptographic Functions ucts Routers Switches Hubs Enforces Security Perimeter Around Crypto Functions Cryptographic Core for Firewalls Hardware Encryptors and Crypto Storage Locations and More Anticloning Protection Crypto Peripheral for Implementing Secure NIC Adapt Secure Algorithm Download ers 10 100 Ethernet Token Ring ISDN Secure Modem on a Chip V 34 ADSL SafeNet CGX LIBRARY On Chip SafeNet CGX Crypto Library with Flexible CGX FEATURES API DES CRYPTO BLOCK Includes Chained and Parallel Execution Commands 640 Mbps Sustained Performance Single DES Such as Hash and Encrypt 214 Mbps Sustained Performance Triple DES Embodied as 32K Words 32K x 24 Kernel Program Supports All Modes ECB CBC 64 Bit OFB and 1 8 Mask Programmed into On Chip ROM 64 Bit CFB Includes Automatic Padding On Chip Protected 4K x 16 Security Scratchpad RAM Implements IPsec ESP Transforms Autonomously at 3 155 Mbps Rates 3 DES 5 1 RANDOM NUMBER GENERATOR Hardware Based Nondeterministic Random Number HASH BLOCK Generator Hardware Based SHA 1 and MD 5 Hashing Generates Internal Session Keys That Are Never 253 Mbps Sustained Performance SHA 1 Exposed Outside of the SafeNet DSP 315 Mbps Sustained Performance MD 5 Redundant Fail Safe Design Implements IPse
27. ATE AND MUST NOT BE USED FOR BOARD DESIGN PURPOSES C3654 5 1 00 rev 0 ORDERING GUIDE Part Number Ambient Temperature Range Instruction Rate Package Description Package Option ADSP 2141LKS N1 0 to 70 C 40 MHz 208 Lead MQFP S 208 ADSP 2141LKS E1 0 C to 70 C 40 MHz 208 Lead MQFP S 208 NOTES ADSP 2141LKS NI is an electrically equivalent full function production non x grade version of the product described in this data sheet Full function Triple DES enabled full 168 bit key length full 2048 bit public key lengths red keys allowed The ADSP 2141LKS E1 is an electrically equivalent full function production non x grade version of the product described in this data sheet except for the following Encryption DES only with maximum 56 bit key length Triple DES is disabled Public Key Algorithms Public Key Algorithms limited to 1024 bit max modulus Red keys not allowed in hardware crypto context REV 0 39 PRINTED IN U S A
28. Interface A full 40 MHz 33 MHz PCI bus interface has been added to the core DSP functions The 32 bit PCI interface supports both bus master and target modes The ADSP 2141L is capable of using DMA to directly access data on other PCI entities and pass that data through its encryption hash engines 32 Bit DMA Controller ADSP 2141L incorporates a high performance 32 bit DMA controller which can be set up to move data efficiently between Host PCI memory the hash encrypt blocks and or external memory The DMA controller can be used with the PCI bus in master mode thus autonomously moving 32 bit data with mini mal DSP intervention Up to 255 long words 1020 bytes can be moved in a burst at up to 160 Mbytes per second Application Registers application registers are a set of memory mapped registers that facilitate communications between the ADSP 2141L and a host processor via the PCI bus One of the registers is a mailbox that is 44 bytes long and set up to hold the CGX command structure passed between the host and DSP processors The application registers also provide the mechanism that allows the DSP and the external host to negotiate ownership of the hash encrypt block Serial EEPROM Interface serial EEPROM interface allows an external nonvolatile memory to be connected to the ADSP 2141L for storing PCI configuration information Plug and Play as well as general purpose nonvolatile storage For example encryp
29. MS is enabled for generation of CMS the CMS is activated for DSP access to external memory only NOT for DMA controller accesses Bus Mode Descriptions The Pin Function Descriptions Bus Mode table shows the multiplexed pins in 2183 and PCI mode For more information on the PCI pins MPLX1 MPLX12 see the Pin Functions Description PCI Mode Multiplex Bus table on the following page PIN FUNCTION DESCRIPTIONS Bus Mode of Input 2183 Mode PCI Mode Bus Mode Pins Output bus_mode 0 bus_sel 0 bus_mode 1 bus_sel 0 MPLX_RESET 1 I RESET_1 Pci_rst MPLX1 1 UO Pci cbe3 MPLX2 1 IO Pci cbe2 MPLX3 1 LO Pci cbel MPLX4 1 Vo Pci_cbe0 MPLX5 1 IRD Pci_idsel MPLX6 1 I IWR Pci_gnt MPLX7 1 VO IS Pci_frame MPLX8 1 IO IAL Pci devsel MPLX9 1 Pci trdy MPLXIO 1 IO FLO Pci perr MPLX11 1 VO FLI Pci MPLXI2 1 FL2 Pci_req MPLX BUS 31 0 32 IO IAD15 0 Pci_ad15 0 N C 31 16 Pci_ad31 16 Power GND 24 Ground Pins VDD 22 Power Supply Pins 3 3 Total 208 Includes the pins from this table and the I O Hardware Pin Function Description table 10 REV 0 ADSP 2141L IDMA Mode Multiplex Bus Pin Definition IDMA Port 218x Mode PIN FUNCTION DESCRIPTIONS IDMA Mode Multiplex Bus Pin Name IDMA Name Pins Description MPLX5 IRD 1 I IDMA Port Read Input MPLX6 IWR 1 IDMA Port Write Input MPLX7 IS 1 I IDMA Port Select MPLX8 IAL 1 I IDMA P
30. Parameter Min Max Unit External Memory Read ADSP 2141L DMA Initiated Timing Requirements Read Low to Data Valid 0 8 ns tAA Address DMSx Valid to Data Valid 0 5 3 w ns tsUR Data Valid Before Read Deasserted 4 ns Data Hold After Read Deasserted 1 ns Switching Characteristics ta Clock to Address and DMSx Active 5 9 ns tASR Address DMSx Setup Before Read Low 2 ns Address DMSx Hold After Clock 2 ns Address DMSx Hold After Read High 0 5 7 ns Clock High to RD Low 8 12 ns trp Read Pulsewidth 0 5 lt 5 ns RD High to Read Write Low 0 5 lt 3 ns 1 If wait state s added then referenced to last wait state clock interval 2 w DMA wait states X bee 25ns REF 40MHz DSP CLOCK _ 556351 OUT EXT ADDR 25 0 EXT DMSH EXT DMSL EXT RD EXT DATA D31 0 Figure 14 External Memory Read ADSP 2141L DMA Initiated EOM REV 0 ADSP 2141L Parameter Min Max Unit External Memory Write ADSP 2141L DSP Initiated Switching Characteristics ta Clock to Address xMS 1 6 ns tpw Data Setup Before Write Deasserted 0 51 7 ns tpu Data Hold After Write Deasserted 0 251 3 5 ns twp Write Pulsewidth 0 51 5 w ns twpE Write Low to Data Enabled 0 ns tasw Address xMS Setup Before Write Low 0 251 4 ns tppR Data Disable Before Write Read Low 0 25tcK 4 ns tcwg Clock High to Write Low 0 251 0 51 9 ns t
31. Red KEK loading Most of the PCDB settings may be overridden with a digitally signed token which may be loaded into the ADSP 2141L when it boots These tokens are created by IRE and each is targeted to a specific ADSP 2141L using a hash of its unique identity Downloadable Secure Code The ADSP 2141L allows additional security functions to be added to the device through a secure download feature Up to 16K words of code may be downloaded into internal memory within the DSP and this code can be given the security privileges of the kernel firmware All downloaded firmware is authenticated with a digital signature and verified with an on chip public key Additional functions could include new encryption hash or public key algorithms such as IDEA RC 4 RIPEMD elliptic curve or any other application that needs direct control over the protected cryptographic hardware Ox3FFF 8K KERNEL TOP KERNEL MODE 8K KERNEL BASE KERNEL MODE PMOVLAYL F PMOVLAYH 000 8K INTERNAL PAGE PMOVLAYL C 0x2000 PMOVLAYH 000 PMOVLAYL LS NIBBLE OF PMOVLAY 8K INTERNAL PMOVLAYH MS 3 NIBBLES OF PMOVLAY SHADED KERNEL SPACE 0x0000 PMOVLAYL 0 PMOVLAYH 000 COMMON BANK ARCHITECTURE OVERVIEW This section provides an architecture level description of the unique function blocks within the ADSP 2141L Memory Map The ADSP 2141L memory map is very similar to that of the ADSP 2183 DSP except that it includes
32. SCLK1 RFS1 OR IRQO PROGRAM SERIAL pid OVERLAY DEVICE MEMORY DT1 OR FO OR FI PMS 8192 8K x 24 PM SEGMENTS SPORTO CMS SCLKO OPTIONAL RFSO SERIAL 5 DEVICE 4 TFSO DRO PCI PORT PCI CBE3 0 PCI IDSEL PCI REG PCI GNT PCI FRAME BUS PCI_DEVSEL ARBITER PCI_TRDY PCI_SERR PCI AD31 0 PCI RST ADDRO FROM THE 2141 PCI IS NO CONNECT FOR 32 BIT MEMORY PCI PAR V ADSP 2141 ADDR1 IS WIRED TO RAM AQ PCI IRDY PCI STOP VDD OR GND INTA PF7 INT H SEGMENTS UP TO 32M 32 PCI BUS VDD Figure 7 ADSP 2141L PCI System Configuration REV 0 13 ADSP 2141L DEVICE OPERATION OPERATIONAL MODES Security Modes The ADSP 2141L operates in one of two security modes kernel mode or user mode The mode switching is performed on the fly as program execution proceeds Kernel mode is entered via a jump or call to address 0x2000 with PMOVLAY set to 0x000F Kernel mode will exit on its own once it has completed a requested operation or terminates due to an error Special interrupt handling is performed if the DSP is executing in kernel mode While executing a CGX command in kernel mode it is possible to interrupt to a nonprotected vector loca tion and then invoke the kernel again during the interrupt han dler The IF CONDITION RTI instruction must be used to return to the kernel from the interrupt handler The return ad
33. TPUT Vetep 3 3V SIGNALING OUTPUT CURRENT LEAKAGE CURRENT THREE STATE OUTPUT CLK INPUT Figure 9 Output Top and Input Timing Measurement Conditions REV 0 19 ADSP 2141L Parameter Min Max Unit Clock Signals and Reset Timing Requirements CLKIN Period 50 100 ns TcKIL CLKIN Width Low 15 ns CLKIN Width High 15 ns Switching Characteristics CLKOUT Width Low 0 5 7 ns tckH CLKOUT Width High 0 5 7 ns tckoH CLKIN High to CLKOUT High 0 20 ns Control Signals Timing Requirement trsp RESET Width Low 5tck ns NOTE Applies after power up sequence is complete Internal phase lock loop requires no more than 2000 CLKIN cycles assuming stable CLKIN not including crystal oscillator start up time CLKIN CLKOUT Figure 10 Clock Signals and Reset 20 REV 0 ADSP 2141L Parameter Min Max Unit Interrupts and Flags Timing Requirements trrs IRQx FI or PFx Setup Before CLKOUT Low 3 4 0 251 15 ns IRQx FI PFx Hold After CLKOUT High 4 0 251 ns Switching Characteristics trou Flag Output Hold After CLKOUT Low 0 51 7 ns trop Flag Output Delay from CLKOUT Low 0 5 5 ns NOTES TE IRQx and FI inputs meet tips and typy setup hold requirements they will be recognized during the current clock cycle otherwise the signals will be recogni
34. The contexts also contain registers to reload the byte count from a previous operation which is part of the hashing context as well as an IV also called salt for decrypting a black key if necessary Once a crypto context has been loaded and the operation defined data is processed by writing it to a data input FIFO At the I O interface data is always written to or read from the same address Internally the hash and encryption functions have separate 512 bit FIFOs each with their own FIFO man agement pointers Incoming data is automatically routed to one or both of these FIFOs depending on the operation in progress Output from the encryption block is read from the data output FIFO In encrypt hash or decrypt hash operations the data is also automatically passed to the hashing data input FIFO Output from the hash function is always read from the digest register of the appropriate crypto context The initialization vector to be used for a crypto operation can be loaded as part of a crypto context When an operation is complete the same context will contain the resulting IV produced at the end which can be saved away and restored later to continue the operation with more data In certain packet based applications such as IPsec a feature is available that avoids the need for the control software to generate and load random IVs for outgoing encrypted packets Effec tively the IV register can be configured to be automatically
35. abled when they have made a transition from a high impedance state to when they start driving The output enable time tgya is the interval from when a reference signal reaches a high or low voltage level to when the output has reached a specified high or low trip point as shown in the Output Enable Disable diagram If multiple pins such as the data bus are enabled the measurement value is that of the first pin to start driving REFERENCE SIGNAL Vou MEASURED Vou MEASURED Von MEASURED 0 5V 2 0V OUTPUT Vor MEASURED 0 5V VoL VoL MEASURED MEASURED OUTPUT STOPS OUTPUT STARTS DRIVING DRIVING HIGH IMPEDANCE STATE TEST CONDITIONS CAUSE THIS VOLTAGE LEVEL TO BE APPROXIMATELY 1 5V Figure 26 Output Enable Disable lot TO OUTPUT 1 5V PIN 50 X Figure 27 Equivalent Device Loading for ments Including All Fixtures 33 ADSP 2141L Table IV Thermal Ratings MQFP Package Rating Description Symbol Value MQFP Still Air Value MQFP 9500 fpm Thermal Resistance Case to Ambient Oca 30 7 C W 16 7 C W Thermal Resistance Junction to Ambient Oja 35 C W 21 C W Thermal Resistance Junction to Case 4 3 C W 4 3 C W ENVIRONMENTAL CONDITIONS POWER DISSIPATION The following figures assume a four layer JEDEC printed circuit board PD Tcasg Case Temperature C OUTPUT
36. art of Read PM2 tex 5 ns NOTES Start of Read MPLX7 Low and MPLX5 Low End of Read MPLX7 High or MPLX5 High 3DM read or first half of PM read Second half of PM read MPLX9 IACK kun MPLX7 IS X X X X XN Y gt MPLX6 IRD X 7 tikos MPLX_BUS IAD15 0 READ DATA Figure 21 IDMA Read Long Read Cycle IDMA Mode Multiplex Bus REV 0 31 ADSP 2141L Parameter Min Max Unit IDMA Read Short Read Cycle IDMA Mode Multiplex Bus Timing Requirements tier Low Before Start of Read ns tmp Duration of Read 15 ns Switching Characteristics trae MPLXO High After Start of Read 15 ns MPLX_BUS Data Hold After End of Read 0 ns trkpp MPLX BUS Data Disabled After End of Read 14 ns MPLX_BUS Previous Data Enabled After Start of Read 0 ns tmpv MPLX BUS Previous Data Valid After Start of Read 15 ns NOTES Start of Read MPLX7 Low and MPLX5 Low End of Read MPLX7 High or MPLX5 High MPLX9 IACK tikr 4 MPLX7 IS X X X X XN MPLX6 IRD N J MPLX_BUS IAD1 PREvious BU 22 A DATA Figure 22 IDMA Read Short Read Cycle IDMA Mode Multiplex Bus 22 REV 0 ADSP 2141L CAPACITIVE LOADING Figures 23 and 24 show the capacitive loading characteristics of the ADSP 2141L RISE TIME 0 4V 2 4V ns 0 50 100 150 200 250 300 C
37. aw Address xMS Setup Before Write High 0 75tck 6 w ns tay Address xMS Hold After Clock 1 ns twRA Address x MS Hold After Write High 0 251 4 ns twwR Write High to Read Write Low 0 5 5 ns 1 If wait state s added then referenced to last wait state clock interval 2 w DSP wait states X REV 0 DSP CLOCK OUT EXT ADDR A13 0 25ns REF 40MHz EXT WR XX EXT DATA D23 0 LS Figure 15 External Memory Write ADSP 2141L DSP Initiated 25 ADSP 2141L Parameter Min Max Unit External Memory Read ADSP 2141L DSP Initiated Timing Requirements Read Low to Data Valid O 5tck 10 w ns Address xMS Valid to Data Valid 0 75 11 5 ns tsUR Data Valid Before Read Deasserted 9 ns tgpH Data Hold After Read Deasserted 0 ns Switching Characteristics ta Clock to Address xMS Active 1 6 ns TASR Address xMS Setup Before Read Low 0 25tcg 4 ns Address xMS Hold After Clock 1 ns Address xMS Hold After Read High 0 25tcK 3 ns terp Clock High to RD Low 0 25tcK 2 0 251 7 ns tgp Read Pulsewidth 0 51 5 w ns RD High to RD or WR Low 0 51 5 ns 1 If wait state s added then referenced to last wait state clock interval 2 w DSP wait state X fg 25s REF 40MHz DSP CLOCK S N EXT
38. c AH and HMAC Transforms Up to 1 3 Mbits of Random Data Available per Second FUNCTIONAL BLOCK DIAGRAM KERNEL MODE CONTROL BUS_MODE IDMA MODE 16 IDMA INTERFACE INTERRUPTS ADSP 218x DSP CORE MODE KERNEL ROM PROTECTED SPORT 0 lt 32K x 24 KERNEL SERIAL cn PROG ROM 4K x 16 PORTS 16K x 24 DATA ROM INTERRUPT 16K x 16 CONTROLLER PCI OR CARDBUS INTERFACE BUS MODE EMI BUS BUS SEL EXTERNAL LASER SERIAL MEMORY VARIABLE EEPROM INTERFACE STORE INTERFACE 26 BITS ADDR PF7 INT H RAM ROM SafeNet is a registered trademark of Information Resource Engineering IRE REV 0 Information furnished by Analog Devices is believed to be accurate and reliable However no responsibility is assumed by Analog Devices for its use nor for any infringements of patents or other rights of third parties One Technology Way P O Box 9106 Norwood MA 02062 9106 U S A which may result from its use No license is granted by implication or Tel 781 329 4700 World Wide Web Site http www analog com otherwise under any patent or patent rights of Analog Devices Fax 781 326 8703 O Analog Devices Inc 2000 ADSP 2141L PUBLIC KEY ACCELERATOR Accelerator for Math Intensive Public Key Operations Diffie Hellman Negotiate lt 29 ms 1024 Bit Modulus 180 Bit Exponent RSA 1024 Bit Sign lt 29 ms RSA 1024 Bit Verify 6 ms DSA Sign lt 3
39. dress and PMOVLAY page must match the interrupted ad dress and PMOVLAY page If not the violation reset logic will be triggered Only one level of kernel mode nesting is permitted An interrupt to a nonprotected vector location while in nested kernel mode will also trigger the violation reset logic While in kernel mode it is possible to interrupt to a protected vector location In this case the processor remains in kernel mode The IF CONDITION RTI instruction must be used to return the processor from the interrupt handler There is no imposed limit on the number of nested interrupts to a protected vector location Bus Modes The ADSP 2141L Host Bus may be configured for one of two personalities IDMA Mode or PCI Bus Mode The selection of mode is made with two hardware control inputs BUS and BUS SEL at boot time Table II Bus Mode Selection Bus Mode Pins BUS MODE BUS SEL IDMA Mode 0 0 PCI Bus Mode 1 0 This selection may not be changed after the ADSP 2141L comes out of power up reset It is typically expected that the bus mode signals are tied to ground or VDD on the PC Board Boot Modes The ADSP 2141L may be bootstrap loaded from one of three sources byte wide memory host processor bus or external program memory The selection of mode is made with two hardware control inputs BMODE and MMAP When the host processor boot mode is selected any one of the two bus modes may be used 14 Table
40. get on the PCI Bus as a single contiguous memory space of 128k bytes In this memory space the host can access the following unprotected internal crypto registers of the ADSP 2141L IDMA access to the DSP s internal program memory PM and data memory DM Paged access to external memory connected to the ADSP 2141L The Kernel RAM KRAM if it has been unprotected by an extended mode program As a PCI Master the ADSP 2141L can transfer data between unprotected internal crypto registers and FIFOs of the ADSP 2141L and PCI Host memory External memory and PCI Host memory A 32 bit DMA engine within the ADSP 2141L facilitates these transfers and permits full PCI bandwidth use Serial EEPROM Interface The serial EEPROM interface allows the ADSP 2141L to auto matically read the PCI configuration parameters at chip power up IRE can provide the data content for the EEPROM to properly set the chip device vendor ID type and properties for full com pliance with the PCI Plug and Play standards In addition to being used for storage of host bus parameters any extra space in the EEPROM may be accessed by the DSP either in user mode or kernel mode Support for this function is not included in the standard CGX command set Refer to the ADSP 2141 User s Manual for the information on the data contents of the EEPROM Refer to http www analog com industry dsp ire html Table I Interrupt Sources Inte
41. ions are recommended to avoid performance degradation or loss of functionality WARNING ESD SENSITIVE DEVICE 16 REV 0 SPECIFICATIONS RECOMMENDED OPERATING CONDITIONS ADSP 2141L K Grade Parameter Min Max Unit Supply Voltage 3 0 3 6 Ambient Operating Temperature 0 70 ELECTRICAL CHARACTERISTICS DC SPECIFICATIONS K Grade Parameter Test Conditions Min Typ Max Unit Vin Hi Level Input Voltage Vpp max 2 0 V Vin Hi Level CLKIN Reset Voltage Vpp max 2 4 Lo Level Input Voltage 3 Vpp min 0 4 Hi Level Output Voltage Vpp min 0 5 mA 2 4 min 100 6 0 3 Vor Lo Level Output Voltage Vpp 7 min 2 mA 0 4 V Hi Level Input Current Vpp max Vin Vpp max 10 Lo Level Input Current 3 Vpp max Vin 0V 10 Three State Leakage Current Vpp max Vin Vpp max 10 uA Three State Leakage Current Vpp max 0 V 8 Ipp Supply Current Idle Vpp 3 3 TAMB 25 C tex 25 ns 16 mA tex 30 ns 15 mA Ipp Supply Current Dynamic 3 3 TAMB 25 C tcx 25 2 195 mA tck 30 ns 165 mA Input Pin Capacitance 614 Vi 2 5 V fi 1 0 MHz Tams 25 C 8 pF Co Output Pin Capacitance 15 15 Vin 2 5 V fin 1 0 MHz
42. ity boundary does not enclose the database where keys are stored those keys must be protected from compromise Black key is a satisfactory way to meet this FIPS requirement Random Number Generator RNG Block The random number generator is designed to provide highly random nondeterministic binary numbers at a high delivery rate with little software intervention The random numbers are acces sible to the kernel firmware in a 16 bit register that may be read by the DSP in kernel mode Once the register is read the RNG immediately generates a new 16 bit value that is available within 12 microseconds All application level access to random numbers should occur through the Kernels CGX_RANDOM command see the Command Summary section The random number generator is designed using a shot noise true entropy source which is sampled by the master 40 MHz clock of the ADSP 2141L The entropy source then feeds a complex nonlinear combinatorial circuit that produces the final RNG output based on the interaction of the entropy source and the 40 MHz system clock Over 200 stages of Linear Feedback Shift Register LFSR are incorporated into the RNG design In order to facilitate FIPS 140 1 compliance an option may be selected during CGX kernel initialization to enable an ANSI X9 17 Annex C post randomizer to be applied to the output of the RNG This randomizer applies the DES ECB algorithm multiple times to further disperse and whiten the random
43. l for BR BG cycle relationships 2 is asserted when the bus is granted and the processor requires control of the bus to continue CLKOUT 5 BR lt tes CLKOUT EM GER T PMS DMSL BMS RD WR gt tsp lt gt tsec BG tspe tse tsps Figure 12 Bus Request Bus Grant 22 REV 0 ADSP 2141L Parameter Min Max Unit External Memory Write ADSP 2141L DMA Initiated Switching Characteristics ta Clock to Address and DMSx 5 9 ns tpw Data Setup Before Write Deasserted O 5tck 2 ns Data Hold After Write Deasserted 0 51 8 ns twp Write Pulsewidth 0 51 5 w ns twpE Write Low to Data Enabled 5 ns tasw Address DMSx Setup Before Write Low 1 ns tppR Data Disable Before Write Read Low 0 ns Clock High to Write Low 6 12 ns taw Address DMSx Setup Before Write High 0 51 2 w ns tay Address and DMSx Hold After Clock 2 ns Address 8 Hold After Write High 0 5tcx 7 ns Write High to Read Write Low 0 51 3 ns 1 If wait state s added then referenced to last wait state clock interval 2 w DMA wait states X lt 25ns REF 40MHz DSP CLOCK OUT EXT ADDR 25 0 EXT WR EXT DATA 031 0 Figure 13 External Memory Write ADSP 2141L DMA Initiated REV 0 23 ADSP 2141L
44. l seed variable is used to randomly initialize the RNG circuits before the entropy is mixed in Each ADSP 2141L produced is programmed with a unique randomly generated internal seed variable which is loaded into the RNG at chip boot time and cannot ever be read by software The 48 Program Control Data Bits PCDBs include configura tion for permitted key lengths algorithm enables red KEK loading internal IC pulse timing characteristics The PCDBs provide configuration data that falls into three categories Internal IC pulse timing characteristics ADSP 2141L hardware version number field ADSP 2141L feature enables The first two categories consist of data that cannot be altered once the ADSP 2141L has been fabricated The feature enables can be overridden using a factory token enabler which may be passed to the CGX kernel as part of the CGX INIT command This token is digitally signed with an IRE private key and verified internal to the ADSP 2141L with its public key The CGX INIT command is documented in the ADSP 2141 CGX Interface Programmers Guide available from http www ire ma com proddoc htm DSP INTERRUPT H E CONTEXT1 DONE INTH TO HOST HOST UNMASKED STATUS REGISTER HASH ENC ERROR Figure 5 Interrupt Controller Block Diagram g REV 0 ADSP 2141L PIN FUNCTIONS Descriptions This section describes the physical I O hardware on the ADSP 2141L PIN FUNCTION DESCRIPTIONS I O Hardware
45. lizes Secure Kernel and Allow Reconfiguration of the ADSP 2141L Restores Factory Default Settings Generates Random Numbers between 1K and 64K bytes Returns ADSP 2141L System Information Runs a suite of self tests on the hardware and CGX Loads and Decrypts a Secret Key Generates a Secret Key Generates an Internal Key Encryption Key Generates a Key Recovery Key Encryption Key Saves a key protected by the Recovery Key Imports a Red plaintext User Secret Key Derives a Secret Key from a Pass Phrase Transforms a Secret Key using IPsec Removes Secret Key from the KCR Exports IRE format Secret Key Imports an IRE format Secret Key Encrypts Data Decrypts Data Loads Secret Key into HW SW Key Generator Initializes the Hash Operator Hash Customer Data Hash and Encrypt Customer Data Hash and Decrypt Customer Data Combines two secret keys into one key Combines two secret keys into a data string long key Creates a secret key from a data string long key Hash multiple data items using HMAC Completes the above HMAC and create secret key Generates a Public Keyset Public and Private Parts Generates a part of a Public Keyset Generates a Diffie Hellman Derived Secret Key Exports an IRE format Public Key Imports an IRE format Public Key Encrypts Data using RSA Public Key Decrypts Data using RSA Public Key Digitally Signs a Message Verifies a Digital Signature Performs a Vector Add Operation Performs a Vecto
46. m internal memory concurrently with PCI transactions Initialization operations are executed from external memory 14 Applies to MQFP package type 15 Output pin capacitance is the capacitive load for any three stated output pin Specifications subject to change without notice REV 0 17 ADSP 2141L DC SPECIFICATIONS PCI Bus Pins K Grade Parameter Test Conditions Min Max Unit Vin Hi Level Input Voltage 0 5 Vpp Vpp 0 5 Lo Level Input Voltage 2 0 5 0 3 Vpp V Hi Level Output Voltage 3 Tour 500 0 9 VoL Lo Level Output Voltage Tour 1500 pA 0 1 Vpp Hi Level Input Current 0 Vm Vpp 10 Lo Level Input Current 0 Vm Vpp 10 Three State Leakage Current 0 lt lt Vpp 10 Three State Leakage Current 0 lt lt Vpp 10 Input Pin Capacitance Tamp 25 C 10 pF PCI CLK Pin Capacitance 25 C 5 12 pF Cipszr PCIIDSEL Pin Capacitance 25 C 8 pF Pin Inductance 20 nH NOTES Bidirectional pins MPLX_BUS 31 0 MPLX1 4 MPLX7 10 MPLX12 Input only pins MPLX_RESET MPLX5 MPLX6 PCI PCI PAR PCI IRDY PCI STOP 3Output only pins MPLX11 Leakage currents include High Z output leakage for bidirectional buffers with three state outputs gt Lower capacitance of IDSEL MPLX_5 input only pin allows for nonresistive connection to Address Data bus
47. on by allowing only internal secure kernel mode access to this RAM A public keyset and a cache of up to 15 secret keys may be stored in kernel RAM Secure key storage may be expanded to 700 secret keys by assigning segments of the DSP s internal data RAM to be protected Furthermore a virtually unlimited number of data encryption keys may be stored in an encrypted form in off chip memory Encrypt Block The encrypt block performs high speed DES and Triple DES encrypt decrypt operations All four standard modes of DES are supported Electronic Code Book ECB Cipher Block Chaining CBC 64 bit Output Feedback OFB and 1 bit 8 bit and 64 bit Cipher Feedback CFB The DES encrypt decrypt operations are highly pipelined and execute full 16 round DES in only four clock cycles Hardware support for padding insertion verification and removal further accelerates the encryption operation Con text switching is provided to minimize the overhead of changing crypto keys and Initialization Vectors IVs to nearly zero Hash Block The secure hash block is tightly coupled with the encrypt block and provides hardware accelerated one way hash functions Both the MD 5 and SHA 1 algorithms are supported Combined operations that chain both hashing and encrypt decrypt functions are provided in order to significantly reduce the processing time for data that needs both operations applied For hash then encrypt and hash then decrypt operations the ADSP 21
48. ort Address Latch MPLX9 IACK 1 Port Access Ready Acknowledge MPLX10 FLO 1 Output Flags MPLXII 1 Output Flags MPLX12 FL2 1 Output Flags MPLX_BUS IAD 16 IO IDMA Data I O PCI Port PIN FUNCTION DESCRIPTIONS PCI Mode Multiplex Bus Pin Name PCI Name Pins Description Pci_cbe3 1 Bus Command Byte Enable 3 MPLX2 Pci_cbe2 1 Bus Command Byte Enable 2 MPLX3 Pci_cbel 1 Bus Command Byte Enable 1 MPLX4 Pci 0 1 Bus Command Byte Enable 0 MPLX5 Pci_idsel 1 I Initialization Device Select MPLX6 Pci_gnt 1 I Bus Grant MPLX7 Pci_frame 1 Cycle Frame MPLX8 Pci_devsel 1 VO Device Select MPLX9 Pci_trdy 1 I O Target Ready MPLX10 Pci_perr 1 Io Parity Error MPLXII Pci serr 1 UO System Error MPLXI2 Pci req 1 PCI Bus Request MPLX_BUS Pci_ad15 0 Pci_ad31 16 32 PCI Address Data Bus PF7 INT_H Pci_intA 1 PCI Interrupt Request SYSTEM INTERFACE specifying only the starting address of the block This increases The ADSP 2141L may be integrated into a wide variety of sys tems including those that already have a microprocessor and those that will use the ADSP 2141L as the main processor The device can be configured into one of two Host Bus modes IDMA or PCI IDMA Bus Mode The IDMA bus mode operates the same as in a native ADSP 218x device as described in this section The IDMA port provides an efficient means of communication between a host system and the ADSP 2141L The po
49. r Subtract Operation Performs a Vector Multiply Operation Performs a Vector Exponentiate Operation Performs a Vector Right or Left Shift Operation Loads Enables Extended Downloaded Algorithm Block Executes Extended Downloaded Algorithm Block 15 ADSP 2141L ABSOLUTE MAXIMUM RATINGS Supply Voltage cese tr re 0 3 V to 4 6 V Input Voltage 0 5 V to Vpp 0 5 V Output Voltage Swing 0 5 V to Vpp 0 5 V Operating Temperature Range Ambient 0 C to 70 C Storage Temperature Range Lead Temperature 5 sec MQFP 280 C CAUTION Frequency Dependency For Timing Specifications tcx is defined as 0 5tcxy The ADSP 2141L uses an input clock with a frequency equal to half the instruction rate a 20 0 MHz input clock which is equivalent to 50 ns yields a 25 ns processor cycle equivalent to 40 MHz tcx values within the range of 0 5tcxy period should be substituted for all relevant timing parameters to obtain the specification value Example togy 0 5tcx 7 ms 0 5 25 ns 7 ns 8 ns ESD electrostatic discharge sensitive device Electrostatic charges as high as 4000 V readily accumulate on the human body and test equipment and can discharge without detection Although the ADSP 2141L features proprietary ESD protection circuitry permanent damage may occur on devices subjected to high energy electrostatic discharges Therefore proper ESD precaut
50. re The DSP is a standard Analog Devices ADSP 218x core with full ADSP 2100 family compatibility The ADSP 218x Core combines the base DSP components from the ADSP 2100 family with the addition of two serial ports a 16 bit internal port a byte DMA port a programmable timer Flag I O extensive interrupt capabilities and on chip program and data memory The external memory interface of the 218x core has been extended to support up to 64M words addressing for both program and data memory Some core enhancements have been added in the ADSP 2141L including on chip security ROM and interrupt functions Refer to the Analog Devices ADSP 2183 data sheet for further information SafeNet CGX Library Secure Kernel SafeNet CGX Library is a crypto library embodied as firm ware a secure kernel that is mask programmed into ROM within the DSP This solution protects the library from tampering The Library provides the Application Programming Interface API to applications that require security services from the ADSP 2141L Those applications may be software executing in user mode on the DSP or they may be external host software accessing the ADSP 2141L via a PCI bus Approximately 40 Crypto commands called CGX CryptoGraphic eXtensions are provided at the API and a simple control block structure is used to pass arguments into the secure kernel and return status The CGX library includes integrated drivers for the various hard
51. rnal Interrupt Sources External Interrupt Sources Interrupt Notes Interrupt Notes Reset or Power Up PUCR 1 IRQ2 Edge or Level Sensitive Power Down IRQLI Level Sensitive SPORTO Transmit IRQLO Level Sensitive SPORTO Receive Edge Sensitive BDMaA Interrupt IRQI Edge or Level Sensitive 5 Transmit Mixed with IRQ1 IRQO Edge or Level Sensitive SPORTI Receive Mixed with IRQO Timer REV 0 ADSP 2141L Interrupt Controller The DSP core of the ADSP 2141L provides a powerful set of interrupt sources A total of 14 interrupt sources are available although two pairs are multiplexed yielding 12 simultaneous sources Refer to Table I The ADSP 2141L enhances the existing interrupt controller within the ADSP 218x DSP Core with some additional func tions related to the crypto functional blocks and the external host bus interfaces Two additional interrupt controller sub systems have been added to the basic interrupt controller as shown in Figure 5 The DSP interrupt controller allows programming between one and nine sources for the IRQ2 interrupt to the DSP The DIMASK register provides the mask to select which interrupt source is enabled A pair of status registers DUMSTAT and DMSTAT allow the DSP firmware to read the status of any interrupt source either before or after the mask is applied The host interrupt controller allows programming between one and five sources for the PF7 INT_H interrupt output
52. rt is used to access the on chip program memory and data memory of the DSP with only one DSP cycle per word overhead The IDMA port cannot however be used to write to the DSP s memory mapped control registers The IDMA port has a 16 bit multiplexed address and data bus and supports reading or writing 16 bit data DM or 24 bit program memory PM The IDMA port is completely asyn chronous and can be written to while the ADSP 2141L is oper ating at full speed The DSP memory address is latched and then automatically incremented after each IDMA transaction An external device can therefore access a block of sequentially addressed memory by REV 0 throughput as the address does not have to be sent for each memory access The IDMA port access occurs in two phases The first is the IDMA address latch cycle When the acknowledge is asserted a 14 bit address and 1 bit destination type can be driven onto the bus by an external device The address specifies an on chip memory location the destination type specifies whether it is a DM or PM access The falling edge of the address latch signal latches this value to the IDMAA register Once the address is stored data can either be read from or written to the ADSP 2141L s on chip memory Asserting the select line IS and the appropriate read or write line IRD and IWR respectively signals the ADSP 2141L that a particular transaction is required In either case there is a one processor
53. s loaded as part of a crypto context can be stored off chip in a black or encrypted form If the appropri ate control bit is set HECNTL 15 the DES or 3 DES key will be decrypted immediately after it is written into the context register The hardware handles this decryption automatically The Key Encryption Key KEK that covers the black keys is loaded in a dedicated write only KEK register within the ADSP 2141L The IV for decrypting the black secret key is called salt and must be stored along with the black key as part of the context Note that 3 DES CBC mode is used for pro tecting 3 DES black keys and single DES CBC is used for single DES black keys When black keys are used the key decrypt operation adds a 6 cycle overhead 0 15 us 40 MHz for DES keys or 36 cycle overhead 0 9 us 40 MHz for triple DES keys each time a new crypto context is loaded Note that if the same context is used for more than one packet operation the key decryption does not need to be performed again Depending on the sequencing of operations this key decryption may in fact be hidden from a performance impact perspective if other operations are underway This is because the black key decryption process only requires that the DES hardware be available For example if the DSP is reading the previous hash result from the output FIFO the black key decryption can be going on in parallel Also note that the data driver firmware does NOT have to
54. s to near zero The software interface to the module consists of a set of memory mapped registers all of which are visible to the DSP and most of which can be enabled for host access via the PCI bus A set of five 16 bit registers define the operation to be performed the length of the data buffer to be processed in bytes the offset between the start of hashing and encryption or vice versa and the padding operation If the data length is unknown at the time the encrypt decrypt operation is started the data length register may be set to zero which specifies special handling In this case data may be passed to the hash encrypt block indefinitely until the end of data is encountered At that time the operation is terminated by writing a new control word to the hash encrypt control register either to process the next packet or to invoke the idle state if there is no further work to do This will close out the processing for the packet including the addition of the selected crypto padding A set of seven status registers provides information on when a new operation can be started when there is space available to accept new data when there is data available to be read out and the results from the padding operation Crypto Contexts There are two sets of crypto context registers Each context contains a DES or triple DES key initialization vector and precomputed hashes inner and outer of the authentication key for HMAC operations
55. significantly more off chip memory addressing and has additional crypto registers which are accessible to the user DSP Core The DSP core is architecturally identical to the ADSP 218x with a few exceptions The memory map includes additional external memory addressing through the PMOVLAY and DMOVLAY mecha nisms For more information see the Memory Map section Additional memory mapped crypto registers are available in the kernel data RAM space The PF7 INT_H flag pin may be reassigned to be the host interrupt output 8K EXTERNAL PAGE 0 PMOVLAYL 1 PMOVLAYH 000 8K EXTERNAL PAGE 1 PMOVLAYL 2 PMOVLAYH 000 8K KERNEL PAGE 8191 PMOVLAYL 2 PMOVLAYH FFF UP TO 64 MEGAWORDS EXTERNAL PROGRAM MEMORY gt PMOVLAYL ALTERNATES 2 1 2 1 Figure 1 Program Memory 0 Ox3FFF 8K KERNEL TOP 8K KERNEL KERNEL MODE KERNEL MODE PMOVLAYL C PMOVLAYL D 0x2000 PMOVLAYH 000 PMOVLAYH 000 PMOVLAYL LS NIBBLE OF PMOVLAY PMOVLAYH MS 3 NIBBLES OF PMOVLAY SHADED KERNEL SPACE 8K KERNEL KERNEL MODE PMOVLAYL E PMOVLAYH 000 8K KERNEL KERNEL MODE PMOVLAYL F PMOVLAYH 000 8K INTERNAL PMOVLAYL 0 PMOVLAYH 000 Oxi FFF 8K EXTERNAL 0 0000 Figure 2 Program Memory 1 Ox3FFF 32 MEMORY MAPPED REGISTERS 8160 WORDS INTERNAL 8K INTERNAL DMOVLAYL 0 DMOVLAYH 000 Ox3FEO Ox3FDF
56. ssor Clock Output Serial Ports SPORTO SCLKO 1 IO Serial Port 0 Clock DRO 1 Serial Port 0 Receive Data Input RFSO 1 IO Serial Port 0 Receive Frame Sync DTO 1 Serial Port 0 Transmit Data Output TFSO 1 IO Serial Port 0 Transmit Frame Sync SPORTI Port Configuration System Control Reg gt 1 Serial Port 0 Other SCLKI 1 IO Serial Port 1 Clock DRI 1 Serial Port 1 Receive Data Input Flag In RFS1 1 IO Serial Port 1 Receive Frame Sync IRQO DTI 1 Serial Port 1 Transmit Data Output Flag Out TFSI 1 IO Serial Port 1 Transmit Frame Sync IRQ1 Power Down PWD 1 I Power Down Initiate Control PWDACK 1 Power Down Acknowledge REV 0 9 ADSP 2141L of Input Pin Name Pins Output Function Flags PF6 0 7 IO Programmable I O Pins PF7 INT_H 1 IO Programmable I O Pin or Interrupt Output Host Mode Emulator EE 1 Emulator Only EBR 1 Emulator Only EBG 1 Emulator Only ERESET 1 Emulator Only EMS 1 Emulator Only EINT 1 Emulator Only ECLK 1 Emulator Only ELIN 1 Emulator Only ELOUT 1 Emulator Only Serial EEPROM Interface EE DI 1 Serial EEPROM Data EE_DO 1 I Serial EEPROM Data Out EE_CS 1 Serial EEPROM Chip Select EE_SK 1 Serial EEPROM Clock Bus Select BUS MODE 1 I Processor Bus Select BUS SEL 1 I Bus Select PCI Bus Dedicated Pins PCI CLK 1 1 IO PCI Parity Bit PCI IRDY 1 IO PCI Initiator Ready PCI STOP 1 PCI Abort Transfer When D
57. ted black keys could be stored into EEPROM for fast recovery after a power outage Interrupt Controller DSP core provides support for 14 interrupt sources includ ing six external and eight internal All interrupts are prioritized into 12 levels and interrupt nesting may be enabled or disabled under software control The security block interrupt controller provides enhancements to the DSP interrupt functions Primarily the interrupt controller provides a new interrupt generation capability to the DSP or to an external host processor Under programmable configuration control a crypto interrupt may be generated due to completion of certain operations such as encrypt complete hash complete The interrupt may either be directed at the DSP core on IRQ2 or provided on an out put line PF7 INT to a host subsystem Laser Variable Storage The laser variable storage consists of 256 bits of tamper proof factory programmed data that is only accessible to the internal function blocks and the security kernel Included in these laser variable bits are Local Storage Variable master key encryption key Randomizer Seed to supplement the true entropy fed into the RNG Program Control Data enables disables various features and configures the ADSP 2141L CRC of the Laser Data to verify laser data integrity ADSP 2141L The Program Control Data Bits PCDBs include configuration for permitted key lengths algorithm enables
58. ts during kernel mode executions Manage the reset function to ensure that sensitive variables in DSP registers are erased Most of the kernel mode control functions are implemented in the hardware of the ADSP 2141L and are not directly visible to nonkernel applications user mode Any attempt by a user mode application program running on the DSP to access a kernel space addresses PRAM 0x2001 0x3FFF PMOVLAY 000C 000F or DRAM 0x0000 0x17FF DMOVLAY 000 results in an immediate chip reset and all sensitive registers and memory locations are erased Kernel mode may only be entered via a call jump or increment to address 0x2000 with PMOVLAY REGISTER 7 21 ADDRESS 16 32 BIT INPUT BUS MUTABLE BIT PROCESSING HASH BLOCK ENCRYPT THEN HASH DECRYPT THEN HASH PAD INSERTION set to 0 000 Once in kernel mode any branch to nonkernel space program memory causes the DSP to return to user mode Note For security reasons when in kernel mode the DSP does not respond to Emulator bus requests The kernel mode can be interrupted during execution however during certain periods where sensitive data is being moved all interrupts are disabled Within the interrupt service routine another call to the kernel CGX call may be made if desired although there are limitations on which CGX commands may preempt another For information see the ADSP 2141L CGX Interface Programmer s Guide http www ire ma
59. updated with new random numbers for each encrypted packet with almost no software intervention Padding When the input data is not a multiple of eight bytes a 64 bit DES block the encrypt module can be configured to automati cally append pad bytes There are several options for how the padding is constructed which are specified using the pad control word of the operation description Options include zero padding pad length character padding PKCS 7 incrementing count with trailing pad length and next header byte for IPsec or fixed character padding Note that for the IPsec and 5 7 pad protocols there are cases where the padding not only fills out the last 8 byte block but also causes an additional 8 byte block of padding to be added For the hash operations padding is automatically added as specified in the MD 5 and SHA 1 standards When the hash final command is issued indicating the last of the input data the algorithm specified padding and data count bits are added to the end of the hash input buffer prior to computing the hash Data Offsets Certain security protocols including IPsec require portions of a data packet to be hashed while the remainder of the data is both hashed and encrypted The ADSP 2141L supports this require ment through the OFFSET register which allows specifying the number of 32 bit dwords of offset between the hash and encrypt decrypt operations Black Key Loads The cryptographic key
60. wait for the key to be decrypted before writing data to the input FIFO The hard ware automatically waits for the key to be decrypted before beginning to process data for a given packet So with efficient pipeline programming it is possible to make the impact of black key essentially zero The KEK for key decryption is loaded via the secure kernel firmware using one of the CGX key manipulation commands For more information see the Command Summary section This KEK is typically the same for all black keys since it is usually protecting local storage only It is designated the DKEK in the CGX API One of the laser programmed configuration bits specifies whether red plaintext keys are allowed to be loaded into the ADSP 2141L from a host If the AllowRedKeyLoad laser bit is not set keys may only be loaded in their black form This is useful in systems where export restrictions limit the key length that may be used or where the external storage environment is untrusted TR REV 0 ADSP 2141L If the AllowRedKeyLoad bit is set keys may be loaded either in their black form or in the red or unencrypted form Note that the laser configuration bit may be overridden with a signed enabler token For more information see the Laser Variable Storage section Depending on the definition of the security module boundary in a given application FIPS 140 1 may require the use of black keys to protect key material In other words if the secur
61. ware crypto blocks on the chip This allows the program mer to ignore those details and concentrate on other product design issues CGX library firmware runs under a protected mode state of the DSP as described in the Kernel Mode Control section following This guarantees the security integrity of the system during the execution of CGX processes and for example prevents disclosure of cryptographic key data or tampering with a security operation Kernel Mode Control The Kernel Mode Control subsystem is responsible for enforcing the security perimeter around the cryptographic functions of the ADSP 2141L The device may operate in either user mode kernel space is not accessible or kernel mode kernel space is accessible at a given time When in kernel mode the kernel RAM and certain protected crypto registers and functions kernel space are accessible only to the CGX library firmware The Library executes host requested macro level functions and then returns control to the calling application The kernel mode control subsystem resets the DSP should any security violation occur such as attempting to access a protected memory location while in user mode 12 REV 0 ADSP 2141L Protected Kernel RAM The 4K x 16 kernel RAM provides a secure storage area on the ADSP 2141L for sensitive data such as keys or intermediate calculations during public key operations The Kernel Mode Control subsystem above enforces the protecti
62. zed on the following cycle Refer to the Interrupt Controller Operation section in the Program Control chapter of the ADSP 2100 Family User s Manual for further informa tion on interrupt servicing Edge sensitive interrupts require pulsewidths greater than 10 ns level sensitive interrupts must be held low until serviced IRQO IRQI IRQ2 IRQLI PFO 1 PF2 PF5 PF6 Flag Outputs PFx FLO FL1 FL2 Flag trop CLKOUT tron FLAG OUTPUTS 4 irn IRQx FI PFx F trs Figure 11 Interrupts and Flags REV 0 21 ADSP 2141L Parameter Min Max Unit Bus Request Bus Grant Timing Requirements Hold After CLKOUT High 0 251 2 ns tps BR Setup Before CLKOUT Low 0 251 17 ns Switching Characteristics on tsp CLKOUT High to xMS RD WR Disable 0 25tcg 10 ns tsps xMS RD WR Disable to BG Low 0 ns tsp BG High to xMS RD WR Enable 0 ns xMS RD WR Enable to CLKOUT High 0 251 6 ns tspBH xMS RD WR Disable to BGH Low 0 ns BGH High to xMS RD WR Enable 0 ns NOTES xMS PMS DMSL DMSH CMS IOMS BMS BR is an asynchronous signal If BR meets the setup hold requirements it will be recognized during the current clock cycle otherwise the signal will be recognized on the following cycle Refer to the ADSP 2100 Family User s Manua
Download Pdf Manuals
Related Search
ANALOG DEVICES ADSP 2141L handbook analog devices adsp-21489 analog devices dsp book analog devices inc. adi adsp-21060lcw-160