Technological review about MICROCONTROLLER CONFIGURED FOR EXTERNAL MEMORY DECRYPTION

Abstract
This article will address the publication "MICROCONTROLLER CONFIGURED FOR EXTERNAL MEMORY
DECRYPTION" in technological and systematic perspective. First, there will be a brief description of the
structure and functioning of the microcontroller. Then, we'll try to answer some questions that can pass
through the mind when reading the publication. At the end the Article could also offer suggestions or
other perspectives for future research.
Description of the existent system
The microcontroller of the present study is used in an infrastructure called "Advanced Metering
Infrastructure" to measure the energy consumption. The infrastructure is represented as a network of
several nodes interconnected by RF radio links or power line communication, where one of these nodes
called "Root Node" connects the remaining nodes to the central station called Central Office via a
network such as the Internet.
Central Office contains a data management system for processing data received from different nodes, it
is meant by the processing of these data: analysis, filtering, extraction, projection, simulation and
naturally backup and archiving. The Central Office may be in one geographic location or at multiple sites
in the case of a distributed context, or completely removed in case of highly decentralized context.
The node is composed of a transceiver, a meter and a processing unit, the latter contains one or more
processors with a microcontroller configured for decryption of encrypted data and encrypted
applications located in an external memory.
After the overall description of the infrastructure, we will now approach the internal structure of the
microcontroller, its operation and its interaction with the external memory.
We begin with the Program Counter which may receive a signal from the operating system or another
device, the Program Counter will transmit a signal to the Address Alignment Module which is in charge
of two functions: the first is to calculate the Offset Pointer that will point to the selected instruction in
the cache containing the decrypted data, this instruction will be loaded into the instruction register; and
the second is to forward the address of the block to fetch to the Address Generator.

On its side, Address Generator may put the address in the address bus regardless of its size, and then
communicates the reading time to the first cache that will receive the encrypted data.
Once the data is in the cache, they pass throw the Decryption Engine synchronized with a clock faster
than the clock that synchronizes the instruction register and the Program Counter.
In the end, the decrypted data is loaded into the second cache, and the instruction pointed by the
Pointer Offset is loaded into the instruction register, and the cycle can be restarted.

Analysis and critique of the system.

During our reading of the article "Microcontroller configured for external memory decryption", some
questions had risen to the surface, and we have tried to clarify some points, and to provide further
details referring to other papers that have treated the same subject or a topic of the same area of
research.
1. How do the nodes communicate between themselves?
Answer: Regarding the paper Peer-to-peer communications in ami with source-tree routing
(CA 2755331 C), there are two classes of nodes according to the processing and the memorys size:
full functionality nodes and Reduced functionality nodes, as the structure is built in form of tree,
rout nodes store only the coordinates of neighboring nodes, and therefore the routing is a peer-topeer communication.
2. How does the decryption engine function?
Answer: We will provide details about the functioning of the decryption engine according to the
publication entitled "Encryption and decryption device U.S. 20120069997 A1.
Decryption uses a secret key, and calculated from data in clear, with the help of the following
elements: Memory for saving temporary data and interface that retrieves the encrypted data.
Decryption goes through four levels or layers:

First, calculating the intermediate data using a secret key after a round key and stored in
memory.

In the second plane, an encryption of the data i (1 <i <N) is performed, where N is the total
number of data.

The third level comprises applying a conversion arithmetic operation to mix the second last
intermediate data (Nth) with the following one (N+1th) and stores the result.

The fourth level is the partial encryption of data to have a data in clear, by performing an
inverse conversion of the (N +1th) intermediate data operation.

3. How does the system detect errors, control the transmission and ensure the data coherence?
Answer: In reference to the publication Method and system for encrypting and decrypting
transaction in power network " U.S. 20120036355 A1, a decryption method creates a serial number
of the transaction then receives data, and the last may be encrypted in two ways:

Following a predetermined criterion which is received from a dedicated server.

Checked by analyzing the transaction serial number included in the header of the received
data.

The checking can be configured to determine whether the serial number of the transaction included
in the header of the received data is identical to a current serial number serial number of the
transaction incremented by the receiving node. Then, the serial number of transaction is
incremented by a unit value and the method may continue receiving data until transaction
complete.
4. What is the adequate type of the external memory with the cache memory in this case study?
Answer: In reference to the publication Address translation between a memory controller and an
external memory device WO 2009079269 A1, the external memory may be managed by a nonvolatile memory controller over a dedicated serial bus. The memory controller will use logical
memory addresses to perform the mapping operations and the address translation
information/data. In Fact, Flash memory technology presents a lot of advantages: high memory
densities, high reliability, and low power consumption, which explain the popularity of this type of
memory nowadays (personal computers (BIOS), personal digital assistants (PDAs), digital cameras,
and cellular telephones).

In other hand, the flash memory represents some difficulties which provoke a need to decrease the
amount of integrated circuit real estate required for address translation taking in consideration the
system performance.
One of these difficulties is that the memory controllers of flash memory use large blocks of
embedded static RAM to store physical to/from translation mapping tables which may be needed
repetitively to make a memory access.
In addition, the high density of the flash memory array requires the increase of the size of the
embedded SRAM. This increase costs space for the static RAM at the expense of the flash memory
array and its support circuitry, and to avoid this situation, parts of the flash memory array are
designated to store these tables, which reduce the amount of memory available to the end user for
data storage and reduce the performance of the memory device also.
Time is another important fact, because the access to the flash memory needs more time than
SRAM, which make the time required for the controller to store and retrieve table data from a flash
memory array is significantly longer than with SRAM.
5. How to communicate with the external memory?
Answer: In reference to a publication External memory controller node WO 2004049175 A2, the
memory controller receives memory access service requests from PIN and processes the requests
accordingly, there are different services delivered by memory controller:

Peek and poke.

Memory random access (MRA).

Direct memory access (DMA).

Point-to-point (PTP).

Real-time input (RTI).

Message service.

a. The peek and poke service

This service gives the possibility to the requesting node to retrieve the data, we call this part of the
Peek service, and it also allows the writing of data found in memory controller, this part of the
service is called Poke.
b. Memory random access (MRA) service
As its name says, this service provides random access memory to the memory in reading and writing
mode.
c. Direct memory access (DMA) service
This service is used to facilitate the requests of large blocks of data from the memory
d. Point-to-point (PTP) service
This service is called in the situation of real-time streaming data because it helps to read and write
data and it may make modifications to the parameters of the ports by following the point-to-point
protocol.
e. The real-time input (RTI) service
This service performs the same tasks as the PTP, except that it uses a different protocol called
Reduced Acknowledgement Protocol.
f.

Message service

This service ensures communication between the memory controller and the ACE (Adaptive
Computing Engine), like sending messages as acknowledgment of reception for reasons of control,
synchronization and validation.
Remark: Memory interface receives memory service requests from memory interface and provides
them to SDRAM memory and/or flash memory, a person skilled in the art will appreciate other
memories that may be used, in our study case we are using two cache memories.
In reference to a publication Microprocessor with pipelined access request to external memory

WO 1996037830, memory requests may be pipelined to the external memory, which consists to
issue more than one memory address during one clock cycle in parallel with the execution of the
instruction, and during the same clock cycle, direct information received from the external memory
to a register file.
In the case of the same information is requested in the next cycle, the information may be directed
to the arithmetic logic unit (ALU) in the same clock cycle which reduce significantly the retrieve time
of the information stored in the external memory.
Suggestions and perspectives.
(FIG1) Why not let each node transmits its data directly to the plant?
(FIG2) Is it can eliminate the interface?
Can you have two parallel lines (cache-decryption engine-cache), one for data and one for applications
two caches?
Should we place data and applications in different external memory?
Is there a backup system in case of failure?
How does the interface (202) work?
How does the address generator calculate the read time (214)? How accurate is it? What to do if the
read time is incorrect, too short or too long?
What if the cache memory (212 or 222) is saturated?
Should the two clocks be synchronized with each other? How fast must be the second clock (240)
relative to the first one (220)?
What are these two modules electronically: Address Alignment Module (232) and Address Generator
(238)?
Which unit forms encryption?
What is the role of the element (242)?
(Fig. 3) Can we put some operations in parallel?

1. What will be the effect of changing the order of two 312 and 314 operations?
2. Why not make the diagram as a cycle?

Resources and references

www.google.com/patents

Microcontroller Configured for External Memory Decryption - US 20130275766 A1

Peer-to-peer communications in ami with source-tree routing - CA 2755331 A1

Encryption device and decryption device - US 20120069997 A1

Method and system for encrypting and decrypting transaction in power network - US
20120036355 A1

External memory controller node - WO 2004049175 A2

Microprocessor with pipelined access request to external memory - WO 1996037830 A1

Address translation between a memory controller and an external memory device - WO

2009079269 A1

Data collection from utility meters over advanced metering infrastructure - CA 2757799 A1

Method and apparatus for securely booting from an external storage device - WO 2007095465
A2

Encryption/decryption engine with secure modes for key decryption and key derivation - US
8347112 B2

Performing AES Encryption Or Decryption In Multiple Modes With A Single Instruction - US

20130202106 A1

System and method for securing using decryption keys during FPGA configuration using a
microcontroller - US 7653820 B1

Encryption-decryption circuit and method of operation - US 7860251 B1

System and method for accessing data from an external memory using dual read timing
protocols - WO 2000026793 A1

Apparatus and method for controlling access to an external memory - EP 1764721 A2