ST ST33TPM12SPI User Manual

28-lead thin shrink small outline and 32-lead very thin fine pitch quad flat pack ECOPACK® packages

ST33TPM12SPI

Trusted Platform Module with SPI based on 32-bit ARM® SecurCore® SC300™ CPU

Data brief

	Features
	TPM features
	■ Single-chip Trusted Platform Module (TPM)
	■ Compliant with Trusted Computing Group	TSSOP28
	(TCG) Trusted Platform Module (TPM) Main
		VQFN32
	specifications 1.2, Level 2, Revision 116

■Based on TCG PC Client Specific TPM Interface Specifications 1.21

■SPI support up to 10 MHz

■Provisioned with Endorsement key and Endorsement Key certificate

■Support of clock suspension for power saving mode

■Support of Field Upgrade and Dictionary Attack protection

■Monotonic counter endurance guaranteed for 7 years

■Support of software and hardware physical presence

Hardware features

■ARM® SecurCore® SC300™ 32-bit RISC core

■Highly reliable CMOS EEPROM submicron technology

–30-year data retention at 25° C

–500,000 Erase/Write cycles endurance typical at 25° C

■Temperature range: 0°C to +70°C

■ESD protection up to 4 kV (HBM)

■3.3 V supply voltage range

■

Security features

■Active shield and environmental sensors

■Memory protection unit (MPU)

■Monitoring of environmental parameters (power and clock)

■Hardware and software protection against fault injection

■AIS-31 Class P2 compliant true random number generator (TRNG)

■Cryptographic algorithms:

–RSA key generation from 512 to 2048 with a 2-byte step

–RSA signature and encryption

–SHA-1 and SHA-256

–AES-128 in CTR mode

Performance and resource features

■SHA1 computation for 64-byte block: 155 µs(a)

■Signature with a 2048-bit key: 150 ms(a)

■Signature with a 1024-bit key: 30 ms(a)

■NV storage allocated space: 4 Kbytes (1.2 Kbytes used by EK certificate)

■Supported 2048-bit key slots:

–up to 10 key slots (without EK and SRK)

–1 key slot in volatile memory for highfrequency loading use case

a. Typical value with clock configuration in secure mode without communication time.

April 2012

Doc ID 023143 Rev 1

1/11

For further information contact your local STMicroelectronics sales office.

www.st.com

Description	ST33TPM12SPI

1 Description

The ST33TPM12SPI is a cost-effective and high performance Trusted Platform Module (TPM) targeting embedded system applications.

This device implements the functions defined by the Trusted Computing Group (www.trustedcomputinggroup.org) in the TCG Trusted Platform Module Specifications version 1.2 Level 2 Revision 116 ([1][2][3]), and is also based on the TCG PC Client specific TPM interface specifications 1.21 [5] and the PC Client implementation specification for conventional BIOS [6] for what concerns the TPM internal register list and bit definitions.

The ST33TPM12SPI is based on a secure MCU hardware platform.

The ST33TPM12SPI is built on a 32-bit ARM® reduced instruction set computing (RISC) processor which provides high cryptographic and general performances. A crypto-processor NESCRYPT is also present to support efficiently all public key cryptographic algorithms.

1.1Hardware features

The ST33TPM12SPI is based on a smartcard-class secure MCU that incorporates the most recent generation of ARM processors for embedded secure systems. Its SecurCore® SC300™ 32-bit RISC core is built on the Cortex™ M3 core with additional security features to help to protect against advanced forms of attacks.

Cadenced at 30 MHz, the SC300™ core brings great performance and excellent code density thanks to the Thumb®-2 instruction set.

The ST33TPM12SPI offers a fast slave serial peripheral interface (SPI) supported by an embedded hardware communication engine.

The ST33TPM12SPI features hardware accelerators for advanced cryptographic functions. The EDES peripheral provides a secure DES (Data Encryption Standard) algorithm implementation, while the NESCRYPT crypto-processor efficiently supports the public key algorithm.

The ST33TPM12SPI operates in the 0 to +70°C temperature and 3.3V supply voltage ranges.

In order to meet environmental requirements, ST offers these devices in different grades of ECOPACK® packages, depending on their level of environmental compliance. ECOPACK® specifications, grade definitions and device status are available at: www.st.com.

ECOPACK® is an ST trademark.

2/11	Doc ID 023143 Rev 1

ST33TPM12SPI	Description

Figure 1. ST33TPM12SPI hardware block diagram

ARM®		RAM	EEPROM	User	ST ROM		EDES	Security	NES-
							Accel-	Monitor-
SecurCore®
				ROM	(Boot		erator	ing and	CRYPT
SC300™ CPU
					software)		RAM	Control	RAM
Code/Data		MPU			ST ROM
Signature					Firewall
				AHB/APB Internal Bus
Clock				I/O Buffer			Three		True
		CRC		TIS Engine					Random
Generator							16-bit		Number
Module		Module
							timers	Generator
					SPI
			Multiplexed I/Os
RESET	TPMSTB	SS	MOSI	MISO	SCLK	TPMIRQ	PP		MS20046V1

Doc ID 023143 Rev 1

3/11

Pin and signal description	ST33TPM12SPI

2 Pin and signal description

2.1	Pinout descriptions
	Figure 2.	TSSOP28 pinout
				28
		NC	1			TPMSTB
		NC	2	27		TPMIRQ
		NC	3	26		MOSI
		GND	4	25		NC
		NC	5	24			VPS
		NC	6	23			MISO
				TSSOP28 22
		PP	7				SS
		NC	8	21			SCLK
		NC	9	20			NC
		VPS	10	19			NC
		GND	11	18			GND
		NC	12	17			NC
			13	16
		NC					RESET
		NC	14	15			NC
	Figure 3.	VQFN32 pinout

TPMSTB

32 GND 1

NC 2

NC 3

PP 4

NC 5

NC 6

VPS 7

GND 8

9

NC

TPMIRQ	NC	NC MOSI NC		NC	VPS
31 30 29 28 27 26 25							MISO
					24
					23
							SS
					22		SCLK
		QFN32			21		NC
					20		NC
					19		GND
					18		NC
					17		NC
10 11 12 13 14 15 16
NC	NC	RESET NC NC		NC	NC

4/11	Doc ID 023143 Rev 1