OPTIGA TRUST X SLS 32AIA [INFINEON]
OPTIGA™ Trust X减少了集成工作量且易于使用– 使得它成为缺少安全专家而又想快速进入市场的客户的理想选择。这款优异的安全解决方案提高了性能且降低了功率损耗。可用于非富集操作系统,也可以采用紧凑型封装。这种方案提供了新功能和商业模式,可以丰富服务内容,提高竞争力。;
| 型号: | OPTIGA TRUST X SLS 32AIA |
| 厂家: | 
Infineon |
| 描述: | OPTIGA™ Trust X减少了集成工作量且易于使用– 使得它成为缺少安全专家而又想快速进入市场的客户的理想选择。这款优异的安全解决方案提高了性能且降低了功率损耗。可用于非富集操作系统,也可以采用紧凑型封装。这种方案提供了新功能和商业模式,可以丰富服务内容,提高竞争力。 |
| 文件: | 总35页 (文件大小:1317K) |
| 中文: | 中文翻译 | 下载: | 下载PDF数据表文档文件 |
Chip Card & Security
OPTIGA™ Trust X
Datasheet
Key Features
High-end security controller
Turnkey solution
Mutual authentication using ECDSA
DTLS client IETF standard RFC 6347
Secure communication using DTLS
Compliant with the USB Type-C™ Authentication standard
I2C interface
Up to 10 kB user memory
Cryptographic support: ECC NIST P256 and P384, AES-128 (via DTLS client), SHA-256, TRNG, DRNG
PG-USON-10-2 package (3 x 3 mm)
Standard & extended temperature ranges
Full system integration support with Host Software Library
Common Criteria Certified EAL6+ (high) hardware
Crypto ToolBox with ECC NIST P256, P384, SHA-256 (sign, verify, key generation, ECDH, key derivation)
Device Security Monitor
Lifetime for Industrial Automation and Infrastructure is 20 years and 15 years for other Application Profiles
Benefits
Protection of IP and data
Protection of business case
Protection of corporate image
Safeguarding of quality and safety
Applications
Industrial control and automation
Consumer electronics and Smart home
Medical devices
About this document
Scope and purpose
This Datasheet provides information to enable integration of a security device, and includes package,
connectivity and technical data.
Intended audience
This Datasheet is intended for device integrators and board manufacturers.
Datasheet
www.infineon.com
Please read the Important Notice and Warnings at the end of this document
1
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Introduction
About this document ............................................................................................................................1
1
Introduction ................................................................................................................................3
Broad range of benefits ......................................................................................................................3
Enhanced security ..............................................................................................................................3
Fast and easy integration ...................................................................................................................3
Applications .......................................................................................................................................3
Device Features..................................................................................................................................3
1.1
1.2
1.3
1.4
1.5
2
System Block Diagram ................................................................................................................ 6
3
3.1
Interface and Schematics............................................................................................................. 8
System Integration Schematics..........................................................................................................8
4
4.1
4.2
Description of packages............................................................................................................... 9
PG-USON-10-2...................................................................................................................................9
Production sample marking pattern .................................................................................................10
5
5.1
Technical Data...........................................................................................................................12
I2C Interface Characteristics.............................................................................................................12
I2C Standard/Fast Mode Interface Characteristics .......................................................................12
I2C Fast Mode Plus Interface Characteristics ............................................................................... 13
Electrical Characteristics..............................................................................................................14
DC Electrical Characteristics........................................................................................................14
AC Electrical Characteristics ........................................................................................................14
Start-Up of I2C Interface.............................................................................................................. 15
Startup after Power-On .......................................................................................................... 15
5.1.1
5.1.2
5.1.3
5.1.4
5.1.5
5.1.6
5.1.6.1
5.1.6.2
Startup for Warm Resets ........................................................................................................16
6
Connecting to Host ....................................................................................................................18
OPTIGA™ Trust X Host Software Architecture.................................................................................18
Release Package Folder Structure ....................................................................................................18
Host Software Folder Structure........................................................................................................19
Porting Notes ...................................................................................................................................21
Communication with OPTIGA™ Trust X...........................................................................................21
Reference code on XMC4500 for communicating with OPTIGA™ Trust X ........................................23
6.1
6.2
6.3
6.4
6.5
6.6
7
OPTIGA™ Trust X Commands .....................................................................................................26
8
8.1
8.2
Security Monitor ........................................................................................................................27
Security Events.................................................................................................................................27
Security Policy..................................................................................................................................27
9
RoHS Compliance ......................................................................................................................28
10
10.1
Appendix A – Infineon I2C Protocol Registry Map..........................................................................29
IFX I2C Protocol Variations ............................................................................................................... 31
11
11.1
Appendix B – Power Management ...............................................................................................33
Low Power Sleep Mode.................................................................................................................... 33
Revision history..................................................................................................................................34
Datasheet
2
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Introduction
1
Introduction
As embedded systems (e.g. IoT devices) are increasingly gaining the attention of attackers, Infineon offers the
OPTIGA™ Trust X as a turnkey security solution for industrial automation systems, smart homes, consumer
devices and medical devices. This high-end security controller comes with full system integration support for
easy and cost-effective deployment of high-end security for your assets.
1.1
Broad range of benefits
Integrated into your device, the OPTIGA™ Trust X supports protection of your brand and business case,
differentiates your product from your competitors, and adds value to your product, making it stronger against
cyberattacks.
1.2
Enhanced security
The OPTIGA™ Trust X is based on advanced security controller with built-in tamper proof NVM for secure
storage and Symmetric/Asymmetric crypto engine to support ECC 256, AES-128 and SHA-256. This new security
technology greatly enhances your overall system security.
1.3
Fast and easy integration
The turnkey setup – with full system integration and all key/certificate material preprogrammed – reduces your
efforts for design, integration and deployment to a minimum. As a turnkey solution, the OPTIGA™ Trust X
comes with preprogrammed OS/Application code locked and with host-side modules to integrate with host
micro controller software. The extended temperature range of −40°C to +105°C combined with a standardized
I2C interface and the small PG-USON-10-2 footprint will facilitate onboarding in your existing ecosystem.
Almost 30 years in a market-leading position with nearly 20 billion security controllers shipped worldwide are the
result of Infineon's strong expertise and its commitment to make security a success factor for you.
1.4
Applications
The OPTIGA™ Trust X covers a broad range of use cases necessary for many types of applications that include
the following:
a) Network node protection such as TLS or DTLS
b) Protect the Authenticity, Integrity and Confidentiality of your product, data and IP
c) Mutual Authentication
d) Secure Communication
e) Datastore Protection
f) Lifecycle Management
g) Platform Integrity Protection
h) Secure Updates
1.5
Device Features
The OPTIGA™ Trust X comes with upto 10kB user memory that can be used to store X.509 certificates.
OPTIGA™ Trust X is based on Common Criteria Certified EAL6+ (high) hardware enabling it to prevent physical
attacks on the device itself and providing high assurance that the keys or arbitrary data stored cannot be
accessed by an unauthorized entity. OPTIGA™ Trust X supports a highspeed I2C communication interface of up
to 1MHz (FM+).
Datasheet
3
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Introduction
Table 1
Type
Products
Description
Temperature range
Package
OPTIGA™ Trust Embedded security solution
−25°C to +85°C Standard
Temperature Range (STR)
PG-USON-10-2
X
for connected devices
SLS 32AIA020X4
OPTIGA™ Trust Embedded security solution
−40°C to +105°C Extended PG-USON-10-2
X
Temperature Range (ETR)
for connected devices
SLS 32AIA020X2
Evaluation Kit
Includes host micro controller connected to
Board
OPTIGA™ Trust
X with USB/Ethernet
adapters to connect to external world which
enables you to evaluate OPTIGA™ Trust X
features and start the Design-In activity
Infineon and its distribution partners offer a wide range of customization options (e.g. X.509 certificate
generation and key provisioning) for the security chip.
Table 2
Abbreviation
AES
Abbreviations
Definition
Advanced Encryption Standard
Application Programming Interface
Authentication
API
AUTH
CA
Certification Authority
DTLS
DRNG
EAL
Datagram Transport Layer Security
Deterministic Random Number Generator
Evaluation Assurance Level
Elliptic Curve Cryptography
Elliptic Curve Diffie Hellman
Elliptic Curve Digital Signature Algorithm
Extended Temperature Range
Internet Engineering Task Force
Internet of Things
ECC
ECDH
ECDSA
ETR
IETF
IOT
IP
Intellectual Property
I2C
Inter-Integrated Circuit
NIST
OCP
OS
National Institute of Standards and Technology
OPTIGA™ Crypto and Protected Communication
Operating System
PAL
Platform Abstraction Layer
Public Key Infrastructure
PKI
RFC
Request For Comments
TLS
Transport Layer Security
Datasheet
4
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Introduction
Abbreviation
TRNG
SHA
Definition
True Random Number Generator
Secure Hash Algorithm
Stock Keeping Unit
SKU
STR
Standard Temperature Range
Universal Synchronous Bus
USB
Datasheet
5
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
System Block Diagram
2
System Block Diagram
The following figure depicts the system block diagram for OPTIGA™ Trust X.
Figure 1
System Block Diagram
The System Block Diagram is explained below for each layer.
1. Local Host
o
o
Application – This is the target application which utilizes OPTIGA™ Trust X for its security needs
DTLS – DTLS client aka. OCP Library provides APIs for performing Mutual Authentication and
Encrypted Communication using OPTIGA™ Trust X
o
o
AUTH – Authentication aka. Integration Library provides APIs for performing One Way
Authentication for Brand Protection and IP Protection using OPTIGA™ Trust X
Command Library – Provides APIs to send and receive commands to and from OPTIGA™ Trust X.
Any TLS stack can be integrated to offload crypto operations to OPTIGA™ Trust X via this
Command Library.
o
Crypto Lib Wrapper – Provides wrapper APIs for Third Party crypto library, mainly used in One
Way Authentication
o
o
o
Crypto Library – External cryptographic software which is used for One Way Authentication
OPTIGA Comms – Provides wrapper APIs for communication with OPTIGA™ Trust X
Infineon I2C Protocol – Infineon protocol over I2C (IFX I2C) to communicate with OPTIGA™ Trust
X
o
PAL – A layer that abstracts platform specific drivers (e.g. i2c, timer, gpio, sockets etc.)
2. OPTIGA™ Trust X
o
Arbitrary Data Objects – The target application can store upto 4.5kB (~4600 bytes) of data into
OPTIGA™ Trust X
o
o
o
X.509 – Upto 4, X.509 based Certificates can be stored into OPTIGA™ Trust X
Keys – Upto 4, ECC based keys can be stored into OPTIGA™ Trust X
Mutual Authentication Trust Anchor – Customer PKI domain Trust Anchor for Mutual
Authentication (TLS/DTLS) can be stored into OPTIGA™ Trust X
Datasheet
6
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
System Block Diagram
o
o
Firmware Update Trust Anchor – Customer PKI domain Trust Anchor for Firmware Updates can
be stored into OPTIGA™ Trust X
Crypto Functions - OPTIGA™ Trust X provides cryptographic functions and protocols that can be
invoked via local host
Note:
Unique ECC private keys and X.509 Certificates – During production at Infineon fab, unique
asymmetric keys (private and public) are generated. The public key is signed by customer specific CA
and resulting X.509 certificate issued is securely stored on OPTIGA™ Trust X. Special measures are
taken to prevent leakage and modification of private key at the Common Criteria Certified
production site
Datasheet
7
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Interface and Schematics
3
Interface and Schematics
This section explains the schematics of the product and gives some recommendations as to how the controller
should be externally connected.
3.1
System Integration Schematics
Figure 1 illustrates how to integrate OPTIGA™ Trust X to your local host.
Figure 2
System Integration Schematic Diagram
Note:
Value of the pullup resistors depends on the target application circuit and the targeted I2C
frequency.
Datasheet
8
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Description of packages
4
Description of packages
This chapter provides information on the package types and how the interfaces of each product are assigned to
the package pins. For further information on compliance of the packages with European Parliament Directives,
see “RoHS Compliance” on Page 28.
For details and recommendations regarding the assembly of packages on PCBs, please see the following:
http://www.infineon.com/cms/en/product/technology/packages/
4.1
PG-USON-10-2
The package dimensions (in mm) of the controller in PG-USON-10-2 packages are given below.
Figure 3
PG-USON-10-2 Package Outline
The following figure shows the footprint of the PG-USON-10-2 package:
Figure 4
PG-USON-10-2 Package Footprint
The figure below shows the PG-USON-10-2 in top view:
Datasheet
9
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Description of packages
Figure 5
PG-USON-10-2 top view
4.2
Production sample marking pattern
The following figure describes the productive sample marking pattern on PG-USON-10-2.
Figure 6
PG-USON-10-2 sample marking pattern
The black dot indicates pin 01 for the chip. The following table describes the sample marking pattern:
Table 3
Marking table for PG-USON-10-2 Packages
Description
Indicator
LOT CODE
ZZ
Defined and inserted during fabrication
Indicates the Certifying Authority Serial Number / SKU#, e.g. "00" would
mean "SKU#0"
H/E
H = "Halogen-free", E = "Engineering samples"
This indicator is followed by "YYWW", where YY is the "Year" and WW is
the "Work Week" of the production. This is inserted during fabrication.
Engineering samples have "E YYWW" and productive samples have "H
YYWW"
Datasheet
10
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Description of packages
Indicator
Description
12345
Convention: T&#$@
where:
The letter "T" indicates the OPTIGA Trust family
& indicates whether the product is a Trust X or Trust E controller
# indicates whether the controller is an ETR (E) or STR (S) variant
$ specifies the OPTIGA™ Trust X/E release version number
@ specifies the software version
Example: "TXE10" means 'OPTIGA™ Trust X', 'ETR variant', 'release
version 1', 'software version 0'
The contacts and their functionality are given in the table below.
Table 4
Pin
01
Contact Definitions and Functions of PG-USON-10-2 Packages
Type
GND
NC
Function
Supply voltage (Ground)
Not connected
02
I/O
Serial Data Line (SDA)
Not connected
03
NC
04
NC
Not connected
05
NC
Not connected
06
NC
Not connected
07
I/O
Serial Clock Line (SCL)
Active Low Reset (RST)
Supply voltage (VCC)
08
IN
09
PWR
10
Datasheet
11
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Technical Data
5
Technical Data
This section summarizes the technical data of the product. It provides the operational characteristics as well as
the electrical DC and AC characteristics.
5.1
I2C Interface Characteristics
Table 5
I2C Operation Supply and Input Voltages
Parameter
Symbol
Values
Unit Note or Test Condition
Min.
1.62
−0.3
Typ.
–
Max.
5.5
Supply voltage
VCC_I2C
VIN_I2C
V
SDA, SCL input
voltage
VCC_I2C + 0.5 or
5.51
V
VCC_I2C
operational
range
is
in
the
supply
–
−0.3
5.5
V
VCC_I2C is switched off
–
1) Whichever is lower
5.1.1
I2C Standard/Fast Mode Interface Characteristics
For operation of the I2C interface, the electrical characteristics are compliant with the I2C bus specification Rev. 4
for "standard-mode" (fSCL up to 100 kHz) and "fast-mode" (fSCL up to 400 kHz), with certain deviations as stated in
the table below.
Note:
TA as given for the operating temperature range of the controller unless otherwise stated.
Table 6
I2C Standard Mode Interface Characteristics
Parameter
Symbol
Values
Unit
Note or Test Condition
Min.
Typ.
Max.
fSCL
0
–
100
kHz
SCL clock frequency
Input low-level
VIL
−0.3
–
–
0.3 * VCC_I2C
0.4
V
V
VOL1
0
Sink current 3 mA;
VCC_I2C ≥ 2.7 V
Sink current 2 mA;
VCC_I2C < 2.7 V
Low-level output
voltage
IOL
3
2
mA
ns
VOL = 0.4 V;
VCC_I2C ≥ 2.7 V
Low-level output
current
–
–
–
VOL = 0.4 V; VCC_I2C
2.7 V
Cb ≤ 400 pF;
VCC_I2C ≥ 2.7 V
Cb ≤ 200 pF;
VCC_I2C < 2.7 V
<
tOF
Output fall time from
VIHmin to VILmax (at
device pin)
–
250
Cb
–
VCC_I2C ≥ 2.7 V
VCC_I2C < 2.7 V
Capacitive load for
each bus line
–
400
200
pF
Datasheet
12
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Technical Data
Table 7
I2C Fast Mode Interface Characteristics
Parameter
Symbol
Values
Unit
Note or Test Condition
Min.
0
Typ.
Max.
400
fSCL
VIL
–
–
–
kHz
V
SCL clock frequency
Input low-level
−0.3
0
0.3 * VCC_I2C
0.4
VOL1
V
Sink current 3 mA;
VCC_I2C ≥ 2.7 V
Sink current 2 mA;
VCC_I2C < 2.7 V
Low-level output
voltage
IOL
tOF
Cb
3
2
mA
ns
VOL = 0.4 V;
VCC_I2C ≥ 2.7 V
VOL = 0.4 V; VCC_I2C
2.7 V
Cb ≤ 400 pF;
VCC_I2C ≥ 2.7 V
Cb ≤ 200 pF;
VCC_I2C < 2.7 V
VCC_I2C ≥ 2.7 V
VCC_I2C < 2.7 V
Low-level output
current
–
–
–
–
<
20 *
Output fall time from
VIHmin to VILmax (at
device pin)
250
VCC_I2C
/
5.5 V1
152
Capacitive load for
each bus line
400
200
pF
1) A min. capacitive load is necessary to reach tOF
2) A min. capacitive load is necessary to reach tfmin
5.1.2
I2C Fast Mode Plus Interface Characteristics
For operation of the I2C interface, the electrical characteristics are compliant with the I2C bus specification Rev. 4
for "fast mode plus" (fSCL up to 1 MHz), with certain deviations as stated in the table below.
Note:
TA as given for the operating temperature range of the controller unless otherwise stated.
Table 8
I2C Fast Mode Plus Interface Characteristics
Parameter
Symbol
Values
Unit
Note or Test Condition
Min.
0
Typ.
Max.
1000
fSCL
VIL
–
–
–
kHz
V
SCL clock frequency
Input low-level
−0.3
0
0.3 * VCC_I2C
0.4
VOL1
V
Sink current 3 mA;
VCC_I2C ≥ 2.7 V
Sink current 2 mA;
VCC_I2C < 2.7 V
Low-level output
voltage
IOL
3
2
mA
ns
VOL = 0.4 V;
VCC_I2C ≥ 2.7 V
VOL = 0.4 V; VCC_I2C
2.7 V
Cb ≤ 150 pF
Low-level output
current
–
–
–
<
tOF
20 *
Output fall time from
VIHmin to VILmax (at
device pin)
120
VCC_I2C
/
5.5 V1
Datasheet
13
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Technical Data
Parameter
Symbol
Values
Unit
Note or Test Condition
Min.
Typ.
Max.
Cb
151
Capacitive load for
each bus line
–
150
pF
1) A min. capacitive load is necessary to reach tOF
5.1.3
Electrical Characteristics
Note:
TA as given for the operating temperature range of the controller unless otherwise stated. All
currents flowing into the controller are considered positive.
5.1.4
DC Electrical Characteristics
TA as given for the controller’s operating ambient temperature range unless otherwise stated.
All currents flowing into the controller are considered positive.
Table 9
Electrical Characteristics
Parameter
Symbol
Min.
Values
Unit
Note or Test Condition
Typ.
–
–
Max.
5.5
5.5
Supply voltage
Supply current1
VCC
VCC_I2C
1.62
1.62
V
V
Overall functional range
Supply voltage range for
operation of I2C
ICCAVG
–
–
20.0
70
–
mA
While running a typical
authentication profile
TA = 25°C; VCC = 5.0 V
TA = 25°C; VCC_I2C = 3.3 V;
I2C ready for operation
(no bus activity), all
other inputs at VCC, no
other interface activity
IIL = −50 μA to +20 μA
IIL = −50 μA to +20 μA
Supply current, in sleep ICCS3
mode
100
A
RST input low voltage VIL
RST input high voltage VIH
−0.3
0.7 * VCC
–
–
0.2 * VCC
VCC + 0.3
V
V
1) Supply current can be limited from 6mA to 15mA by software commands.
5.1.5
AC Electrical Characteristics
TA as given for the controller’s operating ambient temperature range unless otherwise stated.
All currents flowing into the controller are considered positive.
Table 10
AC Characteristics
Symbol
Parameter
Values
Unit
Note or Test Condition
Min.
Typ.
Max.
VCC rampup time
tVCCR
1
–
1000
s
400 mV to 90% of VCC
target voltage ramp
Datasheet
14
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Technical Data
The VCC ramp is depicted in Figure 7. 90% of the target supply voltage must be reached within tVCCR after it has
exceeded 400 mV. Moreover, its variation must be kept within a ±10% range.
VCC
110%
target supply voltage range
90%
400 mV
t
tVCCR
Figure 7
Vcc Rampup
5.1.6
Start-Up of I2C Interface
There are 2 variants possible for performing the startup procedure:
Startup after power-on
Startup for warm resets
5.1.6.1
Startup after Power-On
The activation of the I2C interface after power-on needs the following reset procedure.
VCC is powered up and the state of the SDA and SCL line are set to high level during power-up
The first transmission may start at the earliest tSTARTUP after power-up of the device
The following figure shows the startup timing of the I2C interface for this case.
Datasheet
15
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Technical Data
tVCCR
VCC
0.4 V
tSTARTUP
SCL
RST
SDA
trans- mission 1
trans- mission n
Bus-Idle
Power-up
Start-up
Figure 8
Startup of I2C Interface after Power-On
Table 11
Startup of I2C Interface After Power-On
Parameter
Symbol
Values
Unit
ms
Note or Test Condition
Min.
10
Typ.
Max.
Startup time
tSTARTUP
5.1.6.2
Startup for Warm Resets
When using the reset signal for triggering a warm reset after power-on, the activation of the I2C interface needs
the following reset procedure
VCC remains powered up.
The terminal stops I2C communication. SDA and SCL lines are set to high level before RST is set to low level.
After its falling edge, RST has to be kept at low level for at least t1. At the latest t2 after the falling edge of
RST, the terminal must set RST to high level.
The first transmission may start at the earliest tSTARTUP after the rising edge of RST
The following figure shows the timing for this startup case.
Datasheet
16
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Technical Data
Figure 9
Startup of I2C Interface for Warm Resets
Note:
If NVM programming was requested prior to the reset, tSTARTUP will be extended from a typical value
of 10 ms to a maximum of 12 ms.
Table 12
Startup of I2C Interface for Warm Resets1
Parameter
Symbol
Values
Unit
Note or Test Condition
Min.
Typ.
Max.
Startup time
Rise time
tSTARTUP
tR
10
ms
s
1
1
From 10% to 90% of
signal amplitude
From 10% to 90% of
signal amplitude
Fall time
tF
t1
s
Reset detection
Reset low
10
10
s
s
2500
1) Reset triggered by software (without power off/on cycle)
Datasheet
17
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
6
Connecting to Host
6.1
OPTIGA™ Trust X Host Software Architecture
In Figure 1 the System Block Diagram was explained which covered the OPTIGA™ Trust X Host Library layers. In
following sections, we will cover how to communicate with OPTIGA™ Trust X using I2C.
Figure 10
OPTIGA™ Trust X Host Software Architecture
6.2
Release Package Folder Structure
The following figure shows the release package structure when OPTIGA™ Trust X is installed/extracted on PC.
Figure 11
Release Package Folder Structure
Datasheet
18
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
1. <INSTALLDIR> is the root directory to which the release contents are installed or extracted. The
content of each subdirectory under installed directory <INSTALLDIR> is explained below.
2. CACertificates
This directory contains OPTIGA™ Trust X Test and Productive Trust-Anchor/CA certificates.
3. DemoUI
This directory contains binaries and Demo UI Application for OPTIGA™ Trust X.
4. Documentation
This directory contains all common OPTIGA™ Trust X documentation.
5. Host
This directory contains source files, header files, binaries, documents, API as compiled help (CHM) and
sample application for OPTIGA™ Trust X Host Software.
6. PC
This directory contains source files, header files, binaries and sample application for OPTIGA™ Trust X PC
Software.
7. TestServer
This directory contains Sample Test Server Application and Test certificates required for DTLS client feature
demonstration
6.3
Host Software Folder Structure
The following figure shows the Host Software folder structure when OPTIGA™ Trust X is installed on PC.
Figure 12
Host Software Folder Structure
1. Bin
This directory contains prebuilt binaries for Eval Kit based on XMC4500 Relax Kit v1 that communicates with
OPTIGA™ Trust X.
2. Documentation
Datasheet
19
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
This directory contains documentation outlining software for Eval Kit based on XMC4500 Relax Kit v1.
3. Projects
This directory contains project files for Eval Kit based on XMC4500 Relax Kit v1.
4. Source
This directory contains all source files for OPTIGA™ Trust X Host Software Library.
Further the following figure elaborates the Host Software source folder structure.
Figure 13
Host Source Folder Structure
1. auth – This folder contains sources for One Way Authentication which are platform independent. The layer is
also known as Integration Library.
2. cmd – This folder contains sources for all OPTIGA™ Trust X commands which are platform independent.
3. common – This folder contains sources that are common for all functionality (e.g. utilities).
4. cryptolib – This folder contains binaries for crypto library wrapper which is platform independent.
5. dtls – This folder contains sources for Mutual Authentication and Encrypted Communication using DTLS
client, which are platform independent. The layer is also known as OCP Library.
6. ifx_i2c – This folder contains sources for Infineon protocol over I2C (aka IFX I2C).
Datasheet
20
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
7. include – This folder contains header files for all Host Software.
8. pal – This folder contains all the platform dependent code.
9. transparent_channel – This folder contains transparent channel communication mainly used for Eval Kit.
6.4
Porting Notes
The Platform Abstraction Layer (PAL) APIs have to be updated to integrate the OPTIGA™ Trust X host libraries
in the local host target platform.
The PAL reference code for the XMC4500 Relax kit is provided as part of package which can be used. The
implementation can be referred in “<INSTALLDIR>/Host/Source/pal/xmc4500” and the header files are
available in “<INSTALLDIR>/Host/Source/Include” with the required APIs used by upper layers. The header
files are platform agnostic and would not require any change.
6.5
Communication with OPTIGA™ Trust X
The hardware/platform resource configuration with respect to I2C master and GPIOs (Vdd and Reset) are to be
updated in pal_ifx_i2c_config.c. These configurations are used by the IFX I2C implementation to communicate
with OPTIGA™ Trust X.
1.
Update I2C master platform specific context[e.g. (void*)&i2c_master_0]
001
002
003
004
005
006
007
008
009
010
011
012
013
014
/**
* \brief PAL I2C configuration for OPTIGA
*/
pal_i2c_t optiga_pal_i2c_context_0 =
{
/// Pointer to I2C master platform specific context
(void*)&i2c_master_0,
/// Slave address
0x30,
/// Upper layer context
NULL,
/// Callback event handler
NULL
};
2. Update platform specific context for GPIOs (Vdd and Reset) [e.g. (void*)&pin_3_4]
001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
/**
* \brief Vdd pin configuration for OPTIGA
*/
pal_gpio_t optiga_vdd_0 =
{
// Platform specific GPIO context for the pin used to toggle Vdd
(void*)&pin_3_4
};
/**
* \brief Reset pin configuration for OPTIGA
*/
pal_gpio_t optiga_reset_0 =
{
// Platform specific GPIO context for the pin used to toggle Reset
(void*)&pin_3_3
};
3.
Update PAL I2C APIs [pal_i2c.c] to communicate with OPTIGA™ Trust X
Datasheet
21
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
The pal_i2c is expected to provide the APIs for I2C driver initialization, de-initialization, read, write and set
bitrate kind of operations
a) pal_i2c_init
b) pal_i2c_deinit
c) pal_i2c_read
d) pal_i2c_write
e) pal_i2c_set_bitrate
In few target platforms, the I2C master driver initialization (pal_i2c_init) is done during the platform start up. In
such an environment, there is no need to implement pal_i2c_init and pal_i2c_deinit functions. Otherwise, these
(pal_i2c_init & pal_i2c_deinit) functions must be implemented as per the upper layer expectations based on the
need. The details of these expectations are available in the Host library API documentation (chm).
The reference implementation of PAL I2C based on XMC4500 Relax kit does not need to have the platform I2C
driver initialization explicitly done as part of pal_i2c_init as it is taken care by the DAVE library initialization.
Hence pal_i2c_init & pal_i2c_deinit are not implemented.
In addition to the above specified APIs, the PAL I2C must handle the events from the low level I2C driver and
invoke the upper layer handlers registered with PAL I2C context for the respective transaction as shown in the
below example.
001
002
003
004
005
006
//I2C driver callback function when the transmit is completed successfully
void i2c_master_end_of_transmit_callback(void)
{
invoke_upper_layer_callback(gp_pal_i2c_current_ctx,
(uint8_t)PAL_I2C_EVENT_TX_SUCCESS);
}
In above example the I2C driver callback, when transmit is successful invokes the handler to inform the result.
4.
5.
6.
Update PAL GPIO [pal_gpio.c] to power on and reset the OPTIGA™ Trust X
a) pal_gpio_set_high
b) pal_gpio_set_low
Update PAL Timer [pal_os_timer.c] to enable timer
a) pal_os_timer_get_time_in_milliseconds
b) pal_os_timer_delay_in_milliseconds
Update Event management for the asynchronous interactions for IFX I2C [pal_os_event.c]
a) pal_os_event_register_callback_oneshot
b) scheduler_timer_isr
The pal_os_event_register_callback_oneshot function is expected to register the handler and context
provided as part of input parameters and triggers the timer for the requested time.
001
002
003
004
005
006
007
008
009
010
011
void pal_os_event_register_callback_oneshot(
register_callback callback,
void* callback_args,
uint32_t time_us)
{
callback_registered = callback;
callback_ctx = callback_args;
//lint --e{534} suppress "Return value is not required to be checked"
TIMER_SetTimeInterval(&scheduler_timer , (time_us*100));
Datasheet
22
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
012
013
TIMER_Start(&scheduler_timer);
}
And the handler registered must be invoked once the timer is elapsed as shown in scheduler_timer_isr
001
002
003
004
005
006
007
008
009
010
011
012
void scheduler_timer_isr(void)
{
TIMER_ClearEvent(&scheduler_timer);
//lint --e{534} suppress "Return value is not required to be checked"
TIMER_Stop(&scheduler_timer);
TIMER_Clear(&scheduler_timer);
if (callback_registered)
{
callback_registered((void*)callback_ctx);
}
}
6.6
Reference code on XMC4500 for communicating with OPTIGA™ Trust X
001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
031
032
033
034
035
036
static volatile uint32_t optiga_pal_event_status;
extern void ifx_i2c_pl_pal_event_handler(
void *p_ctx,uint8_t event);
void optiga_pal_i2c_event_handler (
void* upper_layer_ctx,
uint8_t event);
pal_i2c_t optiga_pal_i2c_context_0 =
{
/// Pointer to I2C master context
(void*)&i2c_master_0,
/// Slave address
0x30,
/// Upper layer context
NULL,
/// Callback event handler
pal_i2c_slave_1_event_handler
};
// Pal optiga slave 1 event handler
void optiga_pal_i2c_event_handler(
void* upper_layer_ctx,
uint8_t event)
{
optiga_pal_event_status = event;
}
/* Function to verify I2C communication*/
pal_status_t test_optiga_communication(void)
{
pal_status_t pal_return_status;
uint8_t data_buffer[10] = {0x82};
uint16_t data_length =1;
// Set callback handler for i2c
optiga_pal_i2c_context_0.upper_layer_event_handler
Datasheet
23
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
037
038
039
040
041
042
043
044
045
046
047
048
049
050
051
052
053
054
055
056
057
058
059
060
061
062
063
064
065
066
067
068
069
070
071
072
073
074
075
076
077
078
079
080
081
082
083
084
085
086
087
088
089
090
091
092
= optiga_pal_i2c_event_handler;
// Send 0x82 command to slave to check the state
optiga_pal_event_status = PAL_I2C_EVENT_BUSY;
do
{
pal_return_status =
pal_i2c_write(&optiga_pal_i2c_context_0,
data_buffer, data_length);
if (pal_return_status == PAL_STATUS_FAILURE)
{
break;
}
// Wait until slave completes write operation
}
while (optiga_pal_event_status !=
PAL_I2C_EVENT_TX_SUCCESS);
optiga_pal_event_status = PAL_I2C_EVENT_BUSY;
data_length = 4;
// Read the response for 0x82 command
do
{
pal_return_status =
pal_i2c_read(&optiga_pal_i2c_context_0 ,
data_buffer ,
data_length);
if (pal_return_status == PAL_STATUS_FAILURE)
{
break;
}
// Wait until slave completes read operation
} while (optiga_pal_event_status !=
PAL_I2C_EVENT_RX_SUCCESS);
return pal_return_status;
}
/***************************************************************
* Main Function
*************************************************************/
/**
* This function is the entry point of sample.
*
* \retval
*
*
*/
0 on success
1 on failure
int32_t main(Void)
{
DAVE_STATUS_t status;
Datasheet
24
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Connecting to Host
093
094
095
096
097
098
099
100
101
102
103
104
105
106
107
108
pal_status_t pal_return_status;
// Initialize your host code here (e.g. timers etc)
// Initialisation of DAVE Apps for XMC4500
status = DAVE_Init();
// Stop if DAVE init fails
if (status == DAVE_STATUS_FAILURE)
{
while (1U)
{;}
}
pal_return_status = test_optiga_communication();
return pal_return_status;
109
}
Datasheet
25
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
OPTIGA™ Trust X Commands
7
OPTIGA™ Trust X Commands
This section provides short description of OPTIGA™ Trust X commands and mapping of these commands w.r.t
Use Cases.
Table 13
OPTIGA™ Trust X command table
Command Name
GetDataObject
SetDataObject
GetRandom
Description
Command to get (read) a data object
Command to set (write) a data object
Command to generate a random stream
Command to set the authentication scheme which gets used
subsequently
SetAuthScheme
GetAuthMsg
Command to get (receive from OPTIGA™ Trust X) an authentication
message
SetAuthMsg
Command to set (send to OPTIGA™ Trust X) an authentication
message
ProcUpLinkMsg
ProcDownLinkMsg
Command to process an up-link message for DTLS(receive from
OPTIGA™ Trust X)
Command to process a down-link message for DTLS (send to
OPTIGA™ Trust X)
CalcHash
Command to calculate a Hash
CalcSign
VerifySign
CalcSSec
DeriveKey
GenKeyPair
OpenApplication
Command to calculate a signature
Command to verify a signature
Command to execute a Diffie-Hellmann key agreement
Command to derive keys
Command to generate public/private key pairs
Command to launch an application
Table 14
Use Case
Mapping of OPTIGA™ Trust X command with Use cases
OPTIGA™ Trust X commands used
Mutual Authentication using DTLS SetAuthScheme, ProcUpLinkMsg & ProcDownLinkMsg
One Way Authentication
GetRandom, GetDataObject, SetAuthScheme, SetAuthMsg &
GetAuthMsg
Crypto Toolbox
GetRandom, SetAuthScheme, SetAuthMsg, GetAuthMsg, CalcHash,
CalcSign, VerifySign, CalcSSec, DeriveKey, GenKeyPair
GetDataObject
Read General Purpose Data
Write General Purpose Data
SetDataObject
Datasheet
26
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Security Monitor
8
Security Monitor
The Security Monitor is a central component which enforces the security policy of the OPTIGA™ Trust X. It
consumes security events sent by security aware parts of the OPTIGA™ Trust X embedded SW and takes actions
accordingly
8.1
Security Events
The following table provides the definition of not permitted security events considered by the OPTIGA™ Trust X
implementation.
Table 15
Event
Security Events
Description
Decryption Failure
This event occurs in case a decryption and/ or integrity check of provided
data lead to an integrity failure.
Private Key Use
This event occurs in case the internal services are going to use an
OPTIGA™ Trust X hosted private key.
Suspect System Behavior
This event occurs in case the embedded software detects
inconsistencies with the expected behavior of the system. Those
inconsistencies might be redundant information which doesn’t fit to
their counterpart.
8.2
Security Policy
Security Monitor judges the notified security events regarding the number of occurrence over time and in case
those violate the permitted usage profile of the system takes actions to throttle down the performance and thus
the possible frequency of attacks.
The permitted usage profile is defined as:
1. One protected operation (refer to Table 15) events per tmax period.
2. A Suspect System Behavior event is never permitted and will cause setting the SEC to its maximum.
3. tmax is set to 5 seconds (± 5%).
With other words it must not allow more than one out of the protected operations per tmax period (worst case, ref
to bullet 1. above). This condition must be stable, at least after 500 uninterrupted executions of protected
operations.
For more information, please refer to Solution Reference Manual document available as part of the package.
Datasheet
27
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
RoHS Compliance
9
RoHS Compliance
On January 27, 2003 the European Parliament and the council adopted the directives:
2002/95/EC on the Restriction of the use of certain Hazardous Substances in electrical and electronic
equipment ("RoHS")
2002/96/EC on Waste Electrical and Electrical and Electronic Equipment ("WEEE")
Some of these restricted (lead) or recycling-relevant (brominated flame retardants) substances are currently
found in the terminations (e.g. lead finish, bumps, balls) and substrate materials or mold compounds.
The European Union has finalized the Directives. It is the member states' task to convert these Directives into
national laws. Most national laws are available, some member states have extended timelines for
implementation. The laws arising from these Directives have come into force in 2006 or 2007.
The electro and electronic industry has to eliminate lead and other hazardous materials from their products. In
addition, discussions are on-going with regard to the separate recycling of ceratin materials, e.g. plastic
containing brominated flame retardants.
Infineon Technologies is fully committed to giving its customers maximum support in their efforts to convert to
lead-free and halogen-free1 products. For this reason, Infineon Technologies’ "Green Products" are
ROHS-compliant.
Since all hazardous substances have been removed, Infineon Technologies calls its lead-free and halogen-free
semiconductor packages "green." Details on Infineon Technologies’ definition and upper limits for the restricted
materials can be found here.
The assembly process of our high-technology semiconductor chips is an integral part of our quality strategy.
Accordingly, we will accurately evaluate and test alternative materials in order to replace lead and halogen so
that we end up with the same or higher quality standards for our products.
The use of lead-free solders for board assembly results in higher process temperatures and increased
requirements for the heat resistivity of semiconductor packages. This issue is addressed by Infineon
Technologies by a new classification of the Moisture Sensitivity Level (MSL). In a first step the existing products
have been classified according to the new requirements.
1Any material used by Infineon Technologies is PBB and PBDE-free. Plastic containing brominated flame retardants, as mentioned in the
WEEE directive, will be replaced if technically/economically beneficial.
Datasheet
28
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Appendix A – Infineon I2C Protocol Registry Map
10
Appendix A – Infineon I2C Protocol Registry Map
OPTIGA™ Trust X supports IFX I2C v1.65 and is implemented as I2C slave, which uses different address locations
for status, control and data communication registers. These registers with description are outlined below in the
following table.
Table 16
IFX I2C Registry Map Table
Name Size in Bytes
Register
Address
Description
Master
Access
0x80
DATA
DATA_REG_LE This is the location where data shall be read from or
Read /
Write
N
written to the I2C slave
0x81
DATA_REG_LEN
2
This register holds the maximum data register (Addr Read /
0x80) length. The allowed values are 0x0010 up to
0xFFFF. After writing the new data register length it
becomes effective with the next I2C master access.
However, in case the slave could not accept the new
length it indicates its maximum possible length
within this register. Therefore it is recommended to
read the value back after writing it to be sure the I2C
slave did accept the new value.
Write
Note: the value of MAX_PACKET_SIZE is derived
from this value or vice versa (MAX_PACKET_SIZE=
DATA_REG_LEN-5)
0x82
0x83
0x84
I2C_STATE
4
2
4
Bits 31:24 of this register provides the I2C state in
regards to the supported features (e.g. clock
stretching …) and whether the device is busy
executing a command and/or ready to return a
response etc.
Read only
Write only
Read
Bits 15:0 defining the length of the response data
block at the physical layer.
BASE_ADDR
This register holds the I2C base address as specified
by Table 17. If not differently defined by a particular
project the default value at reset is 0x20. After
writing a different address the new address become
effective with the next I2C master access. In case the
bit 15 is set in addition to the new address (bit 6:0) it
becomes the new default address at reset (persistent
storage).
MAX_SCL_FREQU
This register holds the maximum clock frequency in
KHz supported by the I2C slave. The value gets
adjusted to the register I2C_Mode setting.
Fast Mode (Fm): The allowed values are 50 up to
400.
Fast Mode (Fm+): The allowed values are 50 up to
1000.
GUARD_TIME1
TRANS_TIMEOUT1
0x85
0x86
4
4
For details refer to Table 20
For details refer to Table 20
Read only
Read only
1 In case the register returns 0xFFFFFFFF the register is not supported and the default values specified in Table ‘List of protocol variations’
shall be applied.
Datasheet
29
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Appendix A – Infineon I2C Protocol Registry Map
Register
Address
Name
Size in Bytes
Description
Master
Access
0x88
SOFT_RESET
I2C_MODE
2
2
Writing to this register will cause a device reset. This
feature is optional
Write only
0x89
This register holds the current I2C Mode as defined
by Table 18. The default mode is SM & FM (011B).
Read /
Write
Table 17
Definition of BASE_ADDR
Fields
Bits
Value
Description
DEF_ADDR
15
0
1
Volatile address setting by bit 6:0, lost after reset.
Persistent address setting by bit 6:0, becoming default after reset.
BASE_ADDR
6:0
0x00-0x7F I²C base address specified by Table 16
15
DEF_ADDR
7
14
6
13
5
12
4
11
10
2
9
1
8
0
RFU
3
RFU
BASE_ADDR
15
14
6
13
12
4
11
RFU
3
10
2
9
8
0
DEF_MODE
7
5
1
RFU
Mode
Table 18
Definition of I2C_MODE
Fields
Bits
Value
Description
DEF_MODE
15
0
1
Volatile mode setting by bit 2:0, lost after reset.
Persistent mode setting by bit 2:0, becoming
default after reset. This bit is always read as 0.
MODE2
2:0
001
010
Sm
Fm
011
100
SM & Fm (fab out default)
Fm+
other values
not valid; writing will be ignored
1 In case the register returns 0xFFFFFFFF the register and its functionality is not supported
2 This mode defines the adherence of the bus signals to the electrical characteristics according standard I2C bus specification
Datasheet
30
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Appendix A – Infineon I2C Protocol Registry Map
31
BUSY
23
30
RESP_RDY
22
29
21
28
27
SOFT_RESET CONT_READ REP_START CLK_STRETCHING
19 18 17 16
RFU
15-0
Length of data block to be read
26
25
24
RFU
20
Table 19
Definition of I2C_STATE
Field
Bit(s)
Value
Description
BUSY
31
0
1
Device is not busy
Device is busy executing a command
RESP_RDY
30
27
26
25
0
1
Device is not ready to return a response
Device is ready to return a response
SOFT_RESET
CONT_READ
REP_START
0
1
SOFT_RESET not supported
SOFT_RESET supported
0
1
Continue Read not supported
Continue Read supported
0
1
Repeated start not supported
Repeated start supported
CLK_STRETCHING
24
0
1
Clock stretching not supported
Clock stretching supported
10.1
IFX I2C Protocol Variations
To fit best to application specific requirements the protocol might be tailored by specifying a couple of
parameters which is described in the following table.
Table 20
List of Protocol Variations
Default Value Description
Parameter
MAX_PACKET_SIZE
0x110
Maximum packet size accepted by the receiver. The protocol
limits this value to 0xFFFF, but there might be project specific
requirements to reduce the transport buffers size for the sake of
less RAM footprint in the communication stack. If shortened, it
could be statically defined or negotiated at the physical layer.
Window size of the sliding windows algorithm. The value could
be 1 up to 2.
WIN_SIZE
1
1
MAX_NET_CHAN
Maximum number of network channels. The value could be 1 up
to 16.
One indicates the OSI Layer 3 is not used and the CHAN field of
the PCTR must be set to 0000.
CHAINING
TRUE
10 ms
Chaining on the transport layer is supported (TRUE) or not
(FALSE)
(Re) transmission timeout specifies the number of milliseconds
to be elapsed until the transmitter considers a frame
transmission is lost and retransmits the non-acknowledged
frame. The Timer gets started as soon as the complete frame is
TRANS_TIMEOUT
Datasheet
31
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Appendix A – Infineon I2C Protocol Registry Map
Parameter
Default Value Description
transmitted. The value could be 1 up to 1000. However, as higher
the number as longer does it take to recover from a frame
transmission error.
Note: The acknowledge timeout on the receiver side must be
shorter than the retransmission timeout to avoid unnecessary
frame repetitions.
TRANS_REPEAT
BASE_ADDR
3
Number of transmissions to be repeated until the transmitter
considers the connection is lost and starts a re-synchronization
with the receiver. The value could be 1 up to 4.
I2C (base) address. This address could be statically defined or
dynamically negotiated by the physical layer. If not different
specified the default value is 0x30.
0x30
MAX_SCL_FREQU
GUARD_TIME
1000 kHz
50 µs
Maximum SCL clock frequency in kHz.
Minimum time to be elapsed at the I2C master measured from
read data (STOP condition) until the next write data (Start
condition) is allowed to happen.
Note 1: For two consecutive accesses on the same device
GUARD_TIME re-specifies the value of tBUF as specified by [I2Cbus].
Note 2: Even if another I2C address is accessed in between
GUARD_TIME has to be respected for two consecutive accesses on
the same device.
SOFT_RESET
Any write attempt to the SOFT_RESET register will trigger a
warm reset (reset w/o power cycle). This register is optional and
its presence is indicated by the I2C_STATE register’s
“SOFT_RESET” flag.
Datasheet
32
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Appendix B – Power Management
11
Appendix B – Power Management
When operating, the power consumption of OPTIGA™ Trust X is limited to meet the requirements regarding the
power limitation set by the Host. The power limitation is implemented by utilizing the current limitation feature
of the underlying hardware device in steps of 1mA from 6mA to 15 mA with a precision of ±5%.
11.1
Low Power Sleep Mode
The OPTIGA™ Trust X automatically enters a low-power mode after a configurable delay. Once it has entered
Sleep mode, the OPTIGA™ Trust X resumes normal operation as soon as its address is detected on the I2C bus.
In case no command is sent to the OPTIGA™ Trust X it behaves as shown in Figure 14.
1. As soon as the OPTIGA™ Trust X is idle it starts to count down the “delay to sleep” time (tSDY).
2. In case this time elapses the device enters the “go to sleep” procedure.
3. The “go to sleep” procedure waits until all idle tasks are finished (e.g. counting down the SEC). In case all idle
tasks are finished and no command is pending, the OPTIGA™ Trust X enters sleep mode.
tSDY
VCC
1
IO
2
3
operational
idle
Power State
undefined
sleep
Figure 14
Go-to-Sleep Diagram
Datasheet
33
Revision 2.6
2019.02.08
OPTIGA™ Trust X
Datasheet
Revision history
Revision history
Document version
Date of release Description of changes
08.02.2019 Updated PG-USON10-2 foot print
2.6
2.5
2.4
2.3
2.2
2.1
2.0
1.4
1.3
1.2
1.1
1.0
31.01.2018
11.01.2018
01.01.2018
12.12.2017
23.06.2017
08.06.2017
22.02.2017
Feedback incorporation from all internal regions
Feedback incorporation from all internal regions
Feedback incorporation from all internal regions
Feedback from all internal regions
Updated Key features and Enhanced Security
Updated Key features and Enhanced Security
First version release
Internal review
Internal review
Internal review
Internal review
Datasheet
34
Revision 2.6
2019.02.08
Trademarks
All referenced product or service names and trademarks are the property of their respective owners.
IMPORTANT NOTICE
Edition 2019.02.08
The information given in this document shall in no For further information on the product, technology,
event be regarded as a guarantee of conditions or delivery terms and conditions and prices please
Published by
characteristics (“Beschaffenheitsgarantie”) .
contact your nearest Infineon Technologies office
(www.infineon.com).
Infineon Technologies AG
81726 Munich, Germany
With respect to any examples, hints or any typical
values stated herein and/or any information
regarding the application of the product, Infineon
Technologies hereby disclaims any and all
warranties and liabilities of any kind, including
without limitation warranties of non-infringement of
intellectual property rights of any third party.
WARNINGS
Due to technical requirements products may contain
dangerous substances. For information on the types
in question please contact your nearest Infineon
Technologies office.
© 2019 Infineon Technologies AG.
All Rights Reserved.
Do you have a question about this
document?
In addition, any information given in this document
is subject to customer’s compliance with its
obligations stated in this document and any
applicable legal requirements, norms and standards
concerning customer’s products and any use of the
product of Infineon Technologies in customer’s
applications.
Except as otherwise explicitly approved by Infineon
Technologies in
authorized
a written document signed by
representatives
of
Infineon
Email:
Technologies, Infineon Technologies’ products may
not be used in any applications where a failure of the
product or any consequences of the use thereof can
reasonably be expected to result in personal injury.
security.chipcard.ics@infineon.com
Document reference
The data contained in this document is exclusively
intended for technically trained staff. It is the
responsibility of customer’s technical departments
to evaluate the suitability of the product for the
intended application and the completeness of the
product information given in this document with
respect to such application.
相关型号:
OPTIGA? TPM SLM 9670
The OPTIGA™ TPM SLM 9670 is a member of the OPTIGA™ TPM family. It addresses the requirements of industrial and other demanding applications where an extended temperature range, an extended lifetime and industrial-grade quality are key.
INFINEON
©2020 ICPDF网 联系我们和版权申明