How it Works
ST
Loading...
STM1404
User Manual
35 pgs358.63 Kb0
Table of contents
Loading...

ST STM1404 User Manual

security supervisor with battery switchover
Features
STM1404 supports FIPS-140 security level 4
– Four high-impedance physical tamper
customer-selectable and factory-
programmed
Supervisory functions
– Automatic battery switchover –RST
output (open drain) – Manual (push-button) reset input (MR – Power-fail comparator (PFI/PFO
Vccsw (V
switch output)
CC
– Low when switched to V – High when switched to V
indicator)
Battery low voltage detector (power-up)
) on tamper detection
)
)
CC
(BATT ON
BAT
STM1404
3 V FIPS-140
QFN16, 3 mm x 3 mm (Q)
Optional V
– (Available for STM1404A only)
Low battery supply current (5.3 µA typ)
Secure low profile 16-pin, 3 x 3 mm, QFN
package
RoHS compliance
– Lead-free components compliant with the
RoHS directive
(1.237 V)
REF

Table 1. Device summary

Standard
Device
STM1404A ✔✔✔ ✔✔ON Normal mode
STM1404B
STM1404C ✔✔✔ ✔Note
1. Reset output, power-fail comparator, battery low detection (SAL, RST, PFO, and BLD are open drain).
2. Normal mode: low when V
3. Contact local ST sales office for availability.
4. Pin 9 is the V
August 2008 Rev 5 1/36
supervisory
functions
(3)
✔✔✔ ✔Note
pin for STM1404A. It is the V
REF
Physical
tamper
(1)
inputs
is internally switched to VCC and high when V
OUT
Over/under
voltage
alarms
pin for STM1404B/C.
TPU
Over/under
temperature
alarms
V
REF
(1.237 V)
option
(4)
(4)
is internally switched to battery.
OUT
status,
V
OUT
during alarm
High-Z High
Ground High
Vccsw status,
during alarm
(2)
www.st.com
1
Contents STM1404
Contents
1 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.1 V
pin modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
OUT
1.1.1 STM1404A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.1.2 STM1404B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.1.3 STM1404C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2 Pin descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.1 SAL, security alarm output (open drain) . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.2 TP
2.3 TP
2.4 BLD, V
2.5 Active-low RST
2.6 MR
2.7 PFO
2.8 PFI, power-fail input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.9 V
2.10 V
2.11 V
2.12 V
2.13 V
2.14 V
, TP3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
1
, TP4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2
2.3.1 Vccsw, VCC switch output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
low voltage detect output (open drain) . . . . . . . . . . . . . . . . . . 13
BAT
output (open drain) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
, manual reset input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
, power-fail output (open drain) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
, reference voltage output (1.237, typ) . . . . . . . . . . . . . . . . . . . . . . . 14
REF
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
OUT
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
TPU
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
CC
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
BAT
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
SS
3 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.1 Reset input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.2 Push-button reset input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.3 Backup battery switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.4 Applications information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3.5 Negative-going V
transients and undershoot . . . . . . . . . . . . . . . . . . . . 17
CC
4 Tamper detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.1 Physical . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2/36
STM1404 Contents
4.2 Supply voltage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.3 Temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
5 Typical operating characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
6 Maximum ratings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
7 DC and AC parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
8 Package mechanical data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
9 Part numbering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
10 Revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3/36
List of tables STM1404
List of tables
Table 1. Device summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Table 2. Signal names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Table 3. I/O status in battery backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Table 4. Absolute maximum ratings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Table 5. Operating and AC measurement conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Table 6. DC and AC characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Table 7. Physical and environmental tamper detection levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Table 8. QFN16 – 16-lead, quad, flat package, no lead, 3 x 3 mm body size mechanical data. . . . 32
Table 9. Ordering information scheme (see Figure 31 on page 34 for marking information) . . . . . . 33
Table 10. Document revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
4/36
STM1404 List of figures
List of figures
Figure 1. Logic diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Figure 2. QFN16 connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Figure 3. Block diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Figure 4. Hardware hookup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Figure 5. Tamper pin (TP Figure 6. Tamper pin (TP Figure 7. Tamper pin (TP Figure 8. Tamper pin (TP
Figure 9. Power-fail comparator waveform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Figure 10. Supply voltage protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Figure 11. V
BAT
-to-V
Figure 12. Supply current vs. temperature (no load) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Figure 13. V
threshold vs. temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
PFI
Figure 14. Reset comparator propagation delay vs. temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Figure 15. Power-up t
Figure 16. Normalized reset threshold vs. temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Figure 17. PFI to PFO Figure 18. RST Figure 19. RST
output voltage vs. supply voltage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
response time (assertion) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Figure 20. Power-fail comparator response time (assertion) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 21. Power-fail comparator response time (de-assertion) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 22. V
to reset propagation delay vs. temperature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
CC
Figure 23. Maximum transient duration vs. reset threshold overdrive . . . . . . . . . . . . . . . . . . . . . . . . . 23
Figure 24. AC testing input/output waveforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Figure 25. MR
timing waveform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Figure 26. STM1404 switchover diagram, condition A (V Figure 27. STM1404 switchover diagram, condition B (V
Figure 28. Temperature hysteresis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Figure 29. QFN16 – 16-lead, quad, flat package, no lead, 3 x 3 mm body size, outline . . . . . . . . . . . 31
Figure 30. QFN16 – 16-lead, quad, flat package, no lead, 3 x 3 mm, recommended footprint . . . . . . 32
Figure 31. Topside marking information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
or TP3) normally high (NH) external hookup (switch closed) . . . . . . . . . 10
1
or TP3) normally high (NH) external hookup (switch open). . . . . . . . . . . 10
1
or TP4) normally low (NL) external hookup (switch closed) . . . . . . . . . . 10
2
or TP4) normally low (NL) external hookup (switch open). . . . . . . . . . . . 11
2
on-resistance vs. temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
OUt
vs. temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
rec
propagation delay vs. temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
< VSW) . . . . . . . . . . . . . . . . . . . . . . . . . 26
BAT
> VSW) . . . . . . . . . . . . . . . . . . . . . . . . . 26
BAT
5/36
Description STM1404

1 Description

The STM1404 family of security supervisors are a low power family of intrusion (tamper) detection chips targeted at manufacturers of POS terminals and other systems, to enable them to meet physical and/or environmental intrusion monitoring requirements as mandated by various standards, such as Federal Information Processing Standards (FIPS) Pub 140 entitled “Security Requirements for Cryptographic Modules,” published by the National Institute of Standards and Technology, U.S. Department of Commerce), EMVCo, ISO, ZKA, and VISA PED.
STM1404 will target the highest security level 4 and include both physical and environmental (voltage and temperature) monitoring.
The STM1404 include automatic battery switchover, RST (push-button) reset input (MR environmental tamper detect/security alarm, and battery low voltage detect features.
The STM1404A also offers a V is V
1.1 V
The STM1404 is available in three versions, corresponding to three modes of the V (supply voltage out), when the SAL detection:
(internally switched VCC or V
TPU
pin modes
OUT

1.1.1 STM1404A

V
stays ON (at VCC or V
OUT

1.1.2 STM1404B

V
is set to High-Z when SAL is driven low (activated).
OUT

1.1.3 STM1404C

V
is driven to ground when SAL is activated (may be used when V
OUT
directly to the V
All variants (see Table 1: Device summary) are pin-compatible and available in a security- friendly, low profile, 16-pin QFN package.
output (open drain), manual
), power-fail comparator (PFI/PFO), physical and/or
(1.237V) as an option on pin 9. On STM1404B/C this pin
REF
) when SAL is driven low (activated).
BAT
pin of the external SRAM that holds the cryptographic codes).
CC
).
BAT
(security alarm) is asserted (active-low) upon tamper
OUT
OUT
is connected
pin
6/36
STM1404 Description
Figure 1. Logic diagram
V
REF
(3)
or
V
BLD
V
TPU
(1)
BAT
V
CC
(2)
V
CCSW
MR
STM1404
PFI
TP1 (NH)
TP
TP
(NH)
TP
3
4
(NL)
1. V
2. Normal mode: low when V
3. SAL
Table 2. Signal names
only for STM1404A; V
REF
battery.
, RST, PFO, and BLD are open drain.
(1)
Vccsw
TPU
OUT
MR
2
(NL)
for STM1404B/C.
is internally switched to VCC and High when V
VCC switch output
Manual (push-button) reset input
PFI Power-fail input
- TP
TP
1
4
V
OUT
(2)
RST
(2)
PFO
(2)
SAL
(2)
BLD
(3)
V
REF
(3)
V
TPU
V
BAT
V
CC
V
SS
1. Normal mode: low when V battery.
2. SAL, RST, PFO, and BLD are open drain.
3. V
only for STM1404A; V
REF
is internally switched to VCC and high when V
OUT
TPU
Independent physical tamper detect pins 1 through 4
Supply voltage output
Active-low reset output
Power-fail output
Security alarm output
Battery low voltage detect
1.237 V reference voltage
Tamper pull-up (VCC or V
Backup supply voltage
Supply voltage
Ground
for STM1404B/C.
Note: See Section 2: Pin descriptions on page 11 for details.
V
OUT
(3)
RST
(3)
PFO
(3)
SAL
V
SS
AI09682a
is internally switched to
OUT
)
BAT
is internally switched to
OUT
7/36
Description STM1404
Figure 2. QFN16 connections
V
CCSW
14
(1)
V
CC
13
V
12
OUT
RST
(2)
BLD
16
1
(2)
PFI
15
(2)
SS
2
3
4
5
TP
(NH)
11
10
8
76
TP
(NH)
TP
3
(NL)
TP
1
2
(NL)
MR
SAL
V
Note: See Section 2: Pin descriptions on page 11 for details.
1. Normal mode: low when V battery.
, RST, PFO, and BLD are open drain.
2. SAL
3. V
only for STM1404A; V
REF
is internally switched to VCC and high when V
OUT
for STM1404B/C.
TPU
Figure 3. Block diagram
V
CC
(1,2)
MR
PFI
BAT54J
V
BAT
(1)
V
INT
COMPARE
V
SO
COMPARE
V
RST
COMPARE
V
PFI
V
BAT
(2)
PFO
V
REF
or
9
V
TPU
(3)
4
AI09683
is internally switched to
OUT
V
OUT
V
CCSW
t
rec
Generator
RST
PFO
(3)
(3)
V
DET
V
HV
V
TP1 (NH)
TP2 (NL)
TP3 (NH) TP4 (NL)
LV
1. Required for battery-reverse charging protection
2. User supplied
3. Open drain
4. V
only for STM1404A; V
REF
for STM1404B/C
TPU
8/36
COMPARE @
POWER-UP
1.237V V
REF
Generator
COMPARE
COMPARE
High Temp.
Sense
TA > T
H
Low Temp.
Sense
TA < T
L
V
V
AI09684a
BLD
SAL
TPU
REF
(3)
(4)
(4)
(3)
STM1404 Description
Figure 4. Hardware hookup
(1)
Unregulated
Voltage
Regulator
V
IN
V
CC
0.1μF
V
CC
V
CCSW
STM1404
V
OUT
V
CC
V
CC
(2)
C
LPSRAM
R1
R2
(e.g., Switches, Wire Mesh)
1. Normal mode: low when V battery.
PFI
Push-Button
BAT54J
1.0μF
From Actuator Device
is internally switched to VCC and high when V
OUT
MR
(4)
V
BAT
TP
1
TP
2
TP
3
TP
4
(3)
PFO
(3)
RST
(3)
BLD
(3)
SAL
(5)
V
REF
or
V
TPU
To Microprocessor NMI
To Microprocessor Reset
To Microprocessor
To ADC
To Physical Tamper Pins TP
is internally switched to
OUT
X
AI09690a
2. Capacitor (C) is typically ≥ 10 µF.
3. Open drain
4. Diode is required for battery reverse charge protection.
5. V
only for STM1404A; V
REF
for STM1404B/C
TPU
Figure 5. Tamper pin (TP1 or TP3) normally high (NH) external hookup (switch
closed)
V
(STM1404A)
OUT
V
Switch Normally Closed;
Tamper Detection on Open
or
(STM1404B/C)
TPU
TP1 or TP
(1)
R
AI09698a
1. R typical is 10 MΩ. Resistors must be protected against conductive materials.
9/36
3
Description STM1404
Figure 6. Tamper pin (TP1 or TP3) normally high (NH) external hookup (switch
open)
V
(STM1404A)
OUT
V
or
(STM1404B/C)
TPU
(1)
R
Tamper Detection when Closed
Switch Normally Open
TP1 or TP
3
AI10461a
1. R typical is 10 MΩ. Resistors must be protected against conductive materials.
Figure 7. Tamper pin (TP2 or TP4) normally low (NL) external hookup (switch
closed)
V
(STM1404A)
OUT
V
Switch Normally Closed;
Tamper Detection on Open
or
(STM1404B/C)
TPU
(1)
R
TP2 or TP
4
AI09699a
1. R typical is 10 MΩ. Resistors must be protected against conductive materials.
Figure 8. Tamper pin (TP2 or TP4) normally low (NL) external hookup (switch open)
Switch Normally Open;
Tamper Detection when Closed
1. R typical is 10 MΩ. Resistors must be protected against conductive materials.
10/36
V
OUT
V
(STM1404B/C)
TPU
(STM1404A)
or
(1)
R
TP2 or TP
AI10462a
4
STM1404 Pin descriptions

2 Pin descriptions

See Figure 1: Logic diagram and Table 2: Signal names for a brief overview of the signals connected to this device.

2.1 SAL, security alarm output (open drain)

This signal can be generated when ANY of the following conditions occur:
V
V
When any of the physical tamper inputs, TP
T
T
> VHV, where VHV = upper voltage trip limit (4.2 V typ); and where V
INT
V
;
BAT
< VLV, where VLV = lower voltage trip limit (2.0 V typ); and where V
INT
V
; or
BAT
to TP4, change from their normal states to
1
= VCC or
INT
= VCC or
INT
the opposite (i.e., intrusion of a physical enclosure).
> TH, where TH is an upper temperature trip limit specified by the customer (+80°C,
A
+85°C, and +95°C), factory-programmed (STM1404 only);
< TL, where TL is a lower temperature trip limit specified by the customer (–25°C or
A
–35°C), factory-programmed (STM1404 only);
Note: 1 The default state of the SAL
output during initial power-up is undetermined.
2 The alarm function will operate either with V
from V
2.2 TP1, TP
CC
to V
3
BAT
.
Physical tamper detect pin set normally to high (NH). They are connected externally through a closed switch or a high-impedance resistor to V the case of STM1404B/C. A tamper condition will be detected when the input pin is pulled low (see Figure 5 and Figure 6 on page 10). If not used, tie the pin to V or V
2.3 TP2, TP
(for STM1404B/C).
TPU
4
Physical tamper detect pin set normally to low (NL). They are connected externally through a high-impedance resistor or a closed switch to V when the input pin is pulled high (see Figure 7 and Figure 8 on page 10). If not used, tie the pin to V
SS
.

2.3.1 Vccsw, VCC switch output

This output is low when V V
; in this mode it may be used to turn on an external p-channel MOSFET switch which
CC
can source an external device directly from V the STM1404).
(see Section 2.10: V
OUT
on or when the part is internally switched
CC
(in the case of STM1404A) or V
OUT
(for STM1404A)
OUT
. A tamper condition will be detected
SS
on page 13) is internally switched to
OUT
for currents greater than 80 mA (bypassing
CC
TPU
(in
This pin goes high when V “BATTERY ON” indicator.
is internally switched to V
OUT
11/36
and may be used as a
BAT
Loading...
+ 24 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use