The new MCU "family" with two members L10 and L11 differs from other MCU families, whose individual derivatives often only differ more or less in memory size and/or peripherals, in that there is a considerable difference between L10 and L11: While the arm Cortex-M23 CPU of the L11 supports arms TrustZone technology, this is missing in the L10, which makes a significant difference in the security features promoted by Microchip.
To avoid too many redundancies in this article, we refer to our contribution from ARM's TechCon developer conference, where it was unveiled at the end of 2016, for a detailed technical description of the CPU. Regarding the architecture ARMv8-M and its TrustZone technology we refer to another technical article from TechCon 2015.
|Faeture||Cortex-M23options||Implementation SAML10||Implementation SAML11|
|Memory Protection Unit (MPU)||No, 4, 8, 12 or 16 regions||One MPU, 4 regions||Two MPUs, 4 regions each (one for non secure memory, one for secure memory protected by TrustZone)|
|Security Attribute Einheit (SAU)||No, 4 or 8 regions||No||No|
|Implementation Defined Attribution Unit (DAU)||No or implemented||No||Implemented (TrustZone available)|
|SysTick-Timer||No, 1 or 2||One||Two (one for non secure region, one for secure region protected by TrustZone)|
|Vector Table Offset Register||No, 1 or 2||One||Two (one for non secure region, one for secure region protected by TrustZone)|
|Register Reset||Yes or No||No||No|
|HW Multiplier||Fast (1 clock cycle) or slow (32 clock cycles)||Fast||Fast|
|HW Divider||Fast (17 clock cycles) or slow (34 clock cycles)||Fast||Fast|
|Number of external interrupts||0-240||43||45|
|Instruction Fetch||16-bit or 32-bit||32-bit||32-bit|
|I/O-Port access time 1 clock cycle||Yes or No||Yes||Yes|
|Clock Gating||Yes or No||Yes||Yes|
|Endianess||Little Endian or Big Endian||Little-Endian||Little-Endian|
|Support of Halt Debug||Yes or No||No||No|
|Wake Up Interrupt-Controller (WIC)||No or implemented||No||No|
|Number of Breakpoints||0,1, 2, 3 or 4||4||4|
|Number of Watchpoints||0, 1, 2, 3 or 4||2||2|
|Cross Trigger Interface (CTI)||Yes or No||No||No|
|Micro Trace Buffer (MTB)||Yes or No||No||No|
|Embedded Trace Macrocell (ETM)||Yes or No||No||No|
|JTAG SW debug protocol||Selects between JTAG or Serial-Wire interfaces for the DAP||Serial-Wire||Serial-Wire|
|Multi-Drop for Serial Wire||Yes or No||No||No|
The implementation of the Cortex-M23 in the new Microchips MCUs is shown in Table 1. The decisive difference is the so-called "Defined Attribution Unit (DAU)", which decides whether the TrustZone technology is activated or not. Except for the missing wake-up controller (WIC, is not relevant due to Microchip's PicoPower technology, more about this later) and the missing Security Attribute Unit (SAU) Microchip has almost implemented the maximum configuration – except for debugging options like ETM for real-time on-chip tracing or MTB for recording trace information in a RAM buffer -, whereby due to the separation into a secure and an unsecure area, the L11 has to keep various properties like MPU or SysTick timer twice.
Positive is the fact that an instruction fetch of 32 bit has been implemented. With the M23, two 16-bit values can be loaded together from the flash memory every two clock cycles via the 32-bit bus, which is of course particularly advantageous for sequential code, since the power-consuming flash memory has to be accessed less frequently. Furthermore, the "access option to I/O" has been implemented, where I/Os can be accessed in one instead of two clock cycles, because an additional port is installed parallel to the AHB-5 bus. GPIOs and registers can then be accessed twice as fast (a LOAD/STORE instruction normally costs 2 clock cycles), but the access port is not suitable for memory access.
Especially important for real-time applications is the also by Microchip implemented possibility to move the interrupt vector table from flash memory to RAM. Since, for example, the erasure of a flash block can take several ms and the controller is "blind" to interrupts during this time because the interrupt vectors are located in the flash memory blocked for this period, it is unusable for various real-time applications. With the M23, as implemented in the L10/L11, the vector table can be moved to RAM so that interrupts can also be processed during a flash write or erase process.
SAM L11 - everything for security
Figure 1 shows the block diagram of the SAM L11, all yellow marked blocks, which are important for extended on-chip security, are missing on the L10. There is 16, 32 or 64 KB flash memory, which is connected to the AHB switching matrix via a single-stage cache, and 4, 8 or 16 KB SRAM available on the chip in addition to the 32 MHz clocked CPU. In the case of the L11, there is also 8 KB boot ROM for a secure boot loader, which is important for firmware upgrades, 2 KB data flash for non-volatile data storage and 256 bytes of TrustRAM as secure memory for customer keys.
Not further from Microchip detailed chip-level anti-tamper measures and a hardware accelerator for encryption complete the security package. To prevent an attacker from illegally retrieving or altering information, the chips are designed so that the information is not accessible via external means and can only be retrieved from the embedded software that contains the appropriate security measures.
If you look at the list of possible attacks - physical attacks of various forms (microprobes, drills, files, solvents, etc.), freezing the device, applying unspecified voltages or overvoltages, applying unusual clock signals, induction of software errors by radiation (e.g. microwaves or ionizing radiation), measuring the exact time and energy requirements of certain processes - it is of course generally difficult to achieve 100% safety.
Tamper-proof chips can be designed to reset their sensitive data (especially cryptographic keys) to zero if they detect the intrusion of their security encapsulation or environmental parameters that do not comply with specifications. A chip can even be classified as "cold zeroisation", i.e. the ability to zero itself, even if its power supply is disturbed. Whether this is the case with the SAM L11, we do not know, but we assume it.
We also do not know which hardware encryption has been implemented on SAM L11, but assume that it is the engine implemented in the PIC, which provides 128/192/256 AES encryption (also in GCM mode), hash-based encryption (SHA-1, SHA-256, MD-5, HMAC) and a random number generator. The encryption engine is not implemented on the L10.
Microchip's patented PicoPower technology with SleepWalking has also been implemented. Specifically, methods such as SRAM back-biasing to reduce leakage currents in sleep mode or sleep modes that not only switch off the clock signal (clock gating) to stop the switching losses, but also remove the current from the subdomains to completely eliminate leakage currents.
Sleep Walking is a technology that allows peripherals to request a clock signal when needed to wake up from sleep mode and perform tasks without switching on CPU, flash memory and other peripherals. In addition, Microchip's proprietary event system allows peripherals to work together to solve complex tasks with a minimum number of gates and as little energy as possible. The capacitive touch-sensing periphery can also be operated in all operating modes and supports waking up on contact.
The 12-bit A/D converter has a sampling rate of 1 MSPS, the 10-bit D/A converter has 350 KSPS.