The following table lists the instantiation parameters of the SRAM controller.
|1||1||Enables the execute from SRAM feature.|
|4096||(multiple values)||Number of 32bit words in the SRAM (can be overridden by |
|(see RTL)||(see RTL)||Compile-time random default constant for scrambling key.|
|(see RTL)||(see RTL)||Compile-time random default constant for scrambling nonce.|
|(see RTL)||(see RTL)||Compile-time random default constant for LFSR seed.|
|(see RTL)||(see RTL)||Compile-time random default constant for LFSR permutation.|
Referring to the Comportable guideline for peripheral device functionality, the module
sram_ctrl has the following hardware interfaces defined
- Primary Clock:
- Other Clocks:
- Bus Device Interfaces (TL-UL):
- Bus Host Interfaces (TL-UL): none
- Peripheral Pins for Chip IO: none
- Interrupts: none
|fatal_error||This fatal alert is triggered when a fatal TL-UL bus integrity fault is detected, or if the initialization mechanism has reached an invalid state.|
|SRAM_CTRL.BUS.INTEGRITY||End-to-end bus integrity scheme.|
|SRAM_CTRL.CTRL.CONFIG.REGWEN||The SRAM control register is protected by a REGWEN.|
|SRAM_CTRL.EXEC.CONFIG.REGWEN||The SRAM execution enable register is protected by a REGWEN.|
|SRAM_CTRL.EXEC.CONFIG.MUBI||The SRAM execution enable register is multibit encoded.|
|SRAM_CTRL.EXEC.INTERSIG.MUBI||The SRAM execution enable signal coming from OTP is multibit encoded.|
|SRAM_CTRL.LC_ESCALATE_EN.INTERSIG.MUBI||The life cycle escalation enable signal is multibit encoded.|
|SRAM_CTRL.LC_HW_DEBUG_EN.INTERSIG.MUBI||The life cycle hardware debug enable signal is multibit encoded.|
|SRAM_CTRL.MEM.INTEGRITY||End-to-end data/memory integrity scheme.|
|SRAM_CTRL.MEM.SCRAMBLE||Data is scrambled with a keyed reduced-round PRINCE cipher in CTR mode.|
|SRAM_CTRL.ADDR.SCRAMBLE||Address is scrambled with a keyed lightweight permutation/diffusion function.|
|SRAM_CTRL.INSTR.BUS.LC_GATED||Prevent code execution from SRAM in non-test lifecycle states.|
|SRAM_CTRL.RAM_TL_LC_GATE.FSM.SPARSE||The control FSM inside the TL-UL gating primitive is sparsely encoded.|
|SRAM_CTRL.KEY.GLOBAL_ESC||Scrambling key and nonce are reset to a fixed value upon escalation, and bus transactions going to the memory will be blocked.|
|SRAM_CTRL.KEY.LOCAL_ESC||Scrambling key and nonce are reset to a fixed value upon local escalation due to bus integrity or counter errors, and bus transactions going to the memory will be blocked.|
|SRAM_CTRL.INIT.CTR.REDUN||The initialization counter is duplicated.|
|SRAM_CTRL.SCRAMBLE.KEY.SIDELOAD||The scrambling key is sideloaded from OTP and thus unreadable by SW.|
|SRAM_CTRL.TLUL_FIFO.CTR.REDUN||The TL-UL response FIFO pointers are implemented with duplicate counters.|
The table below lists other SRAM controller signals.
|Multibit life cycle hardware debug enable signal coming from life cycle controller, asserted when the hardware debug mechanisms are enabled in the system.|
|Multibit life cycle escalation enable signal coming from life cycle controller, asserted if an escalation has occurred.|
|Key derivation request going to the key derivation interface of the OTP controller.|
|Ephemeral scrambling key coming back from the key derivation interface of the OTP controller.|
|Multibit value coming from the OTP HW_CFG partition (EN_SRAM_IFETCH), set to kMuBi8True in order to enable the |
|Attributes for physical memory macro.|
The interface to the key derivation interface inside the OTP controller follows a simple req / ack protocol, where the SRAM controller first requests an updated ephemeral key by asserting the
The OTP controller then fetches entropy from CSRNG and derives an ephemeral key using the SRAM_DATA_KEY_SEED and the PRESENT scrambling data path as described in the OTP controller spec.
Finally, the OTP controller returns a fresh ephemeral key via the response channels (
otbn_otp_key_o), which complete the req / ack handshake.
The key and nonce are made available to the scrambling primitive in the subsequent cycle.
The wave diagram below illustrates this process.
If the key seeds have not yet been provisioned in OTP, the keys are derived from all-zero constants, and the
*.seed_valid signal will be set to 0 in the response.
It should be noted that this mechanism requires the CSRNG and entropy distribution network to be operational, and a key derivation request will block if they are not.
Note that the req/ack protocol runs on
The SRAM controller synchronizes the data over via a req/ack handshake primitive
prim_sync_reqack.sv primitive as shown below.
Note that the key and nonce output signals on the OTP controller side are guaranteed to remain stable for at least 62 OTP clock cycles after the
ack signal is pulsed high, because the derivation of a 64bit half-key takes at least two passes through the 31-cycle PRESENT primitive.
Hence, if the SRAM controller clock
clk_i is faster or in the same order of magnitude as
clk_otp_i, the data can be directly sampled upon assertion of
If the SRAM controller runs on a significantly slower clock than OTP, an additional register (as indicated with dashed grey lines in the figure) has to be added.
lc_escalate_en_i is set to any different value than
lc_ctrl_pkg::Off, the current scrambling keys are discarded and reset to
RndCnstSramNonce in the subsequent cycle.
Any subsequent memory request to
prim_ram_1p_scr will then be blocked as well.
This mechanism is part of the life cycle state scrapping and secret wiping countermeasure triggered by the alert handler (global escalation).
Note that if any local bus integrity or counter errors are detected, the SRAM controller will locally escalate without assertion of
The behavior of local escalation is identical to global escalation via