6.4 Security Fuses
CryptoMemory® uses four fuses. The status of these fuses is given in a ‘fuse byte.’ A value of zero indicates that the fuse has been blown. Bits 4 to 7 of this byte are not used as security fuses and are reserved for Microchip use.
F7 |
F6 |
F5 |
F4 |
F3 |
F2 |
F1 |
F0 |
---|---|---|---|---|---|---|---|
resv |
resv |
resv |
resv |
SEC |
PER |
CMA |
FAB |
SEC, PER, CMA, and FAB are nonvolatile fuses blown at the end of various steps in the manufacturing and personalization process. Once blown, these fuses can never be reset. Microchip blows the SEC fuse to lock the lot history code before the device leaves the factory. Blowing the remaining fuses must follow this sequence:
- FAB: To lock the ATR and the FAB code portions of the configuration memory
- CMA: To lock the card manufacturer code of the configuration memory
- PER: To lock the remainder of the configuration memory
Any attempt to blow a fuse out of sequence will be unsuccessful.
Table 6-10 provides a summary of access rights for all portions of the memory for each fuse condition.
Zone |
Operation |
Fuse | |||
---|---|---|---|---|---|
SEC = 0 |
FAB = 0 |
CMA = 0 |
PER = 0 | ||
Identification (Except MTZ and CMC) |
Read |
Free |
Free |
Free |
Free |
Write |
Secure Code |
Forbidden |
Forbidden |
Forbidden | |
Memory Test Zone (MTZ) |
Read |
Free |
Free |
Free |
Free |
Write | |||||
Card Manufacturer Code (CMC) |
Read |
Free |
Free |
Free |
Free |
Write |
Secure Code |
Secure Code |
Forbidden |
Forbidden | |
Read Only (Lot History Code) |
Read |
Free |
Free |
Free |
Free |
Write |
Forbidden |
Forbidden |
Forbidden |
Forbidden | |
Access Control |
Read |
Free |
Free |
Free |
Free |
Write |
Secure Code |
Secure Code |
Secure Code |
Forbidden | |
Cryptography (Except Encryption Keys S) |
Read |
Free |
Free |
Free |
Free |
Write |
Secure Code |
Secure Code |
Secure Code |
Forbidden | |
Encryption Keys (S) |
Read |
Secure Code |
Secure Code |
Secure Code |
Forbidden |
Write | |||||
Secret |
Read |
Secure Code |
Secure Code |
Secure Code |
Forbidden |
Write | |||||
Passwords |
Read |
Secure Code |
Secure Code |
Secure Code |
Write PW |
Write | |||||
Password Attempts Counters (PAC) |
Read |
Free |
Free |
Free |
Free |
Write |
Secure Code |
Secure Code |
Secure Code |
Write PW | |
Forbidden |
Read |
Forbidden |
Forbidden |
Forbidden |
Forbidden |
Write |