Structure function and attack technology of MCU solution

Easy core technology has been established for 7 years, we have mature experience and technology in the field of MCU development. For many intelligent electronic products, we have our own cases and experience. We believe that we do not understand the structure, function and attack technology of single-chip microcomputer scheme. Next, we will share it.

The structure and function of 51 single chip microcomputer

1. Bit data bus, 16 bit address bus CPU.

2. It has Boolean processing ability and bit processing ability.

3. Using Harvard structure, the address space of program memory and data memory are independent, which is convenient for program design.

4. 64KB program memory and 64KB data memory with the same address.

5. 0-8kb on chip program memory (8031 none, 8051 4KB, 8052 8KB, 89c55 20KB).

128 byte on chip data memory (8051 has 256 bytes).

7.32 bidirectional and bit addressable I / O lines.

8. Two 16 bit timers / counters (3 out of 8052).

9. A full duplex serial I / O interface.

10. The interrupt structure of multiple interrupt sources has two interrupt priorities.

characteristic:

1. Taking the microprocessor (CPU) as the core.

2. CPU and other components are connected by three buses.

3. Bus: refers to the information transmission line that can serve multiple components.

Attack technology:

There are four kinds of techniques to attack single chip microcomputer

1、 Software attack

This technology usually uses the processor communication interface and uses the protocol, encryption algorithm or the security vulnerability in these algorithms to attack.
A typical example of successful software attack is the attack on the early ATMEL AT89C Series MCU. The attacker takes advantage of the loopholes in the design of erasing operation sequence of the series of single-chip microcomputers. After erasing the encryption lock, the attacker stops the next operation of erasing the data in the on-chip program memory, so that the over encrypted single-chip microcomputer becomes the unencrypted single-chip microcomputer, and then reads out the on-chip program by the programmer.
2、 Electronic detection attack

This technology usually uses high time resolution to monitor the analog characteristics of all power supply and interface connections during normal operation of the processor, and attacks by monitoring its electromagnetic radiation characteristics. Because MCU is an active electronic device, when it executes different instructions, the corresponding power consumption also changes. In this way, through the use of special electronic measuring instruments and mathematical statistical methods to analyze and detect these changes, specific key information in the MCU can be obtained.
3、 Fault generation technology

The technology uses abnormal working conditions to make the processor error, and then provides additional access to attack. The most widely used fault generation attack means include voltage impulse and clock impulse. Low voltage and high voltage attacks can be used to prohibit the protection circuit from working or to force the processor to perform wrong operation. Clock transient jumps may reset the protection circuit without destroying the protected information. Power and clock transient jumps can affect the decoding and execution of a single instruction in some processors.
4、 Probe technology

The technology is to directly expose the internal wiring of the chip, and then observe, manipulate and interfere with the MCU to achieve the purpose of attack. For the sake of convenience, the above four attack technologies are divided into two categories. One is the intrusive attack (physical attack). This kind of attack needs to destroy the package, and then with the help of semiconductor test equipment, microscope and micro locator, it can take hours or even weeks to complete in a special laboratory.
All microprobe techniques are intrusive attacks. The other three methods belong to non-invasive attack, the attacked MCU will not be physically damaged. In some cases, non-invasive attacks are particularly dangerous, but because the equipment required for non-invasive attacks is usually self-made and upgraded, it is very cheap.
Most non-invasive attacks require the attacker to have good knowledge of processor and software. In contrast, intrusive probe attacks don't require much initial knowledge, and a set of similar techniques can be used to deal with a wide range of products.