How it Works
ST
Loading...
AN2377
Application note
14 pgs153.39 Kb0
Table of contents
Loading...

ST AN2377 Application note

AN2377
Application note
Using the STM1403/1404 security supervisors
to clear external SRAM
Introduction
The STM1403/1404 is a family of low power intrusion (tamper) detection security supervisors for the Point of Sale (POS) terminal market. They enable manufacturers to meet security standards such as FIPS-140 (NIST, US Dept. of Commerce), EMV Co, ISO, ZKA (Germany) and Visa PED. Until recently, many of these intrusion detection functions were implemented by using several discrete devices. The STM1403/1404 integrates all these functions into a small profile security-friendly QFN package. The STM1403/1404 meets most price, performance and board space objectives while ensuring customers are able to meet current and future security certification requirements for physical and environmental tamper detection.
June 2006 Rev 1 1/14
www.st.com
Contents AN2377
Contents
1 Targeted applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.1 High security module (HSM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.2 Security levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.3 STM1403 integrated functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.4 STM1404 for security level 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2 How it works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1 Physical tamper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 Over/under voltage detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.3 Over/under temperature detection (STM1404 only) . . . . . . . . . . . . . . . . . . 7
2.4 Clearing external memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.5 Clearing the external memory using a negative charge pump (STM140xB) 8
3 Efficiency results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5 Revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2/14
AN2377 List of figures
List of figures
Figure 1. Federal information processing standard 140 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Figure 2. Circuit connection to drive SRAM V
Figure 3. Circuit connection when using negative charge pump (STM140xB) . . . . . . . . . . . . . . . . . . 9
to ground (STM140xC) . . . . . . . . . . . . . . . . . . . . . . 8
CC
3/14
List of tables AN2377
List of tables
Table 1. STM1403/1404 V
Table 2. 1 Mb SRAM clear characterization results - Vendor1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Table 4. 1 Mb SRAM clear characterization results - Vendor3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Table 3. 1 Mb SRAM clear characterization results - Vendor2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Table 5. Revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
status during alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
OUT
4/14
AN2377 Targeted applications

1 Targeted applications

The STM1403/1404 family can be used in the High Security Module (HSM) of a Point of Sale system such as: POS terminals, PCs with cash drawers, standalone credit authorization / debit card terminals, electronic cash registers, vending machines, standalone check readers and signature capture devices.

1.1 High security module (HSM)

The STM1403/1404 may be incorporated into the HSM which also includes the cryptographic module with the crypto keys stored in secure SRAM. The STM1403/1404 devices integrate most, if not all, of the key functions necessary to continuously monitor physical tamper inputs, supply voltages (primary Vcc and secondary battery back-up) and ambient temperature (STM1404 only).
When an intrusion is detected, an alarm is issued by the STM1403/1404 device. Once the alarm is received by the system it can immediately initiate a process to "zeroize" the cryptographic keys in volatile SRAM to prevent the intruder from gaining access to them. The HSM is thus rendered non-functional, until shipped back to the factory for diagnostic tests and re-coding.

1.2 Security levels

There are different levels of security certification depending on the system application. As an example, the FEDERAL INFORMATION PROCESSING STANDARDS (FIPS-140) publication provides a standard used by Federal organizations when these organizations specify that cryptographic-based security systems are necessary to provide protection for sensitive data. There are many other country specific and industry specific standards that POS system vendors are required to meet.
The STM1403/1404 family has been defined to meet these standards for physical and environmental tamper detection.
Figure 1. Federal information processing standard 140
5/14
Loading...
+ 9 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use