Request Security User Guide and Developer Software ›
DS28E36
General Description
The DS28E36 is a DeepCover® secure authenticator
that provides a core set of cryptographic tools derived
from integrated asymmetric (ECC-P256) and symmetric
(SHA-256) security functions. In addition to the security
services provided by the hardware implemented crypto
engines, the device integrates a FIPS/NIST true random
number generator (RNG), 8Kb of secured EEPROM, a
decrement-only counter, two pins of configurable GPIO,
and a unique 64-bit ROM identification number (ROM
ID). This unique ROM ID is used as a fundamental input
parameter for cryptographic operations and also serves
as an electronic serial number within the application. The
DS28E36 communicates over the single-contact 1-Wire®
bus at overdrive speed. The communication follows the
1-Wire protocol with the ROM ID acting as node address
in the case of a multidevice 1-Wire network.
The ECC public/private key capabilities operate from
the NIST defined P-256 curve and include FIPS 186
compliant ECDSA signature generation and verification
to support a bidirectional asymmetric key authentication
model. The SHA-256 secret-key capabilities are compliant with FIPS 180 and are flexibly used either in conjunction with ECDSA operations or independently for multiple
HMAC functions.
Two GPIO pins can be independently operated under
command control and include configurability supporting
authenticated and nonauthenticated operation including
an ECDSA-based crypto-robust mode to support secureboot of a host processor.
DeepCover embedded security solutions cloak sensitive
data under multiple layers of advanced security to provide
the most secure key storage possible. To protect against
device-level security attacks, invasive and noninvasive
countermeasures are implemented including active die
shield, encrypted storage of keys, and algorithmic methods.
EVALUATION KIT AVAILABLE
DeepCover Secure Authenticator
Benefits and Features
●● ECC-256 Compute Engine
• FIPS 186 ECDSA P256 Signature and Verification
• ECDH Key Exchange with Authentication Prevents
Man-in-the-Middle Attacks
• ECDSA Authenticated R/W of Configurable
Memory
●● SHA-256 Compute Engine
• FIPS 180 MAC for Secure Download/Boot
Operations
• FIPS 198 HMAC for Bidirectional Authentication
and Optional GPIO Control
●● Two GPIO Pins with Optional Authentication Control
• Open-Drain, 4mA/0.4V
• Optional SHA-256 or ECDSA Authenticated On/Off
and State Read
• Optional Set On/Off after Multiblock Hash for
Secure Boot/Download
●● RNG with NIST SP 800-90B Compliant Entropy
Source with Function to Read Out
●● Optional Chip Generated Pr/Pu Key Pairs for ECC
Operations
●● 17-Bit One-Time Settable, Nonvolatile DecrementOnly Counter with Authenticated Read
●● 8Kbits of EEPROM for User Data, Keys, and
Certificates
●● Unique and Unalterable Factory Programmed 64-Bit
Identification Number (ROM ID)
• Optional Input Data Component to Crypto and Key
Operations
●● Single-Contact 1-Wire Interface Communication with
Host at 11.7kbps and 62.5kbps
●● Operating Range: 3.3V ±10%, -40°C to +85°C
●● 6-Pin TDFN-EP Package (3mm x 3mm)
Applications
●● IoT Node Crypto-Protection
●● Accessory and Peripheral Secure Authentication
●● Secure Storage of Cryptographic Keys for a Host
Controller
●● Secure Boot or Download of Firmware and/or System
Parameters
1-Wire and DeepCover are registered trademarks of Maxim
Integrated Products, Inc.
19-100170; Rev 3; 3/20
Ordering Information and Typical Application Circuit appear
at end of data sheet.
DS28E36
DeepCover Secure Authenticator
Absolute Maximum Ratings
Voltage Range on Any Pin Relative to GND...........-0.5V to 4.0V
Maximum Current into Any Pin...........................................20mA
Operating Temperature Range............................ -40°C to +85°C
Junction Temperature.......................................................+125°C
Storage Temperature Range............................. -55°C to +125°C
Lead temperature (soldering, 10s)................................... +300°C
Soldering Temperature (reflow)....................................... +260°C
Stresses beyond those listed under “Absolute Maximum Ratings” may cause permanent damage to the device. These are stress ratings only, and functional operation of the device at these
or any other conditions beyond those indicated in the operational sections of the specifications is not implied. Exposure to absolute maximum rating conditions for extended periods may affect
device reliability.
Package Information
6 TDFN-EP
PACKAGE CODE
T633+2
Outline Number
21-0137
Land Pattern Number
90-0058
Thermal Resistance, Single-Layer Board:
Junction to Ambient (θJA)
55ºC/W
Junction to Case (θJC)
9ºC/W
Thermal Resistance, Four-Layer Board:
Junction to Ambient (θJA)
42ºC/W
Junction to Case (θJC)
9ºC/W
For the latest package outline information and land patterns (footprints), go to www.maximintegrated.com/packages. Note that a “+”,
“#”, or “-” in the package code indicates RoHS status only. Package drawings may show a different suffix character, but the drawing
pertains to the package regardless of RoHS status.
Package thermal resistances were obtained using the method described in JEDEC specification JESD51-7, using a four-layer board.
For detailed information on package thermal considerations, refer to www.maximintegrated.com/thermal-tutorial
Electrical Characteristics
Limits are 100% production tested at TA = +25°C and TA = +85°C. Typical values are at TA = +25°C. Limits over the operating temperature range and relevant supply voltage range are guaranteed by design and characterization. Specifications marked GBD are
guaranteed by design and not production tested. Specifications to the minimum operating temperature are guaranteed by design and
are not production tested.
PARAMETER
SYMBOL
CONDITIONS
MIN
TYP
MAX
UNITS
3.3
3.63
V
IO PIN: GENERAL DATA
1-Wire Pullup Voltage
VPUP
(Note 1)
2.97
1-Wire Pullup Resistance
RPUP
(Notes 1, 2)
300
Input Capacitance
CIO
(Note 3)
Capacitor External
CX
(Note 1)
Input Load Current
IL
IO pin at VPUP
Computation Current
ISPU
During tRM, tWM, tCMP, tVES, tGKP or tGES
(Note 20)
Computation Voltage
VSPU
Voltage at IO pin during tRM, tWM, tCMP,
tVES, tGKP, or tGES (Note 20)
High-to-Low Switching
Threshold
VTL
(Notes 4, 5, 6)
Input Low Voltage
VIL
(Note 7)
www.maximintegrated.com
1000
0.1 + Cx
399.5
Ω
nF
470
540.5
nF
6
250
µA
7.5
mA
2.2
V
0.65 x
VPUP
V
0.10 x
VPUP
V
Maxim Integrated │ 2
DS28E36
DeepCover Secure Authenticator
Electrical Characteristics (continued)
Limits are 100% production tested at TA = +25°C and TA = +85°C. Typical values are at TA = +25°C. Limits over the operating temperature range and relevant supply voltage range are guaranteed by design and characterization. Specifications marked GBD are
guaranteed by design and not production tested. Specifications to the minimum operating temperature are guaranteed by design and
are not production tested.
PARAMETER
SYMBOL
CONDITIONS
MIN
TYP
MAX
UNITS
Low-to-High Switching
Threshold
VTH
(Notes 4, 5, 8)
0.75 x
VPUP
V
Switching Hysteresis
VHY
(Notes 4, 5, 9)
0.3
V
Output Low Voltage
VOL
IOL = 4mA (Note 10)
Recovery Time
(Notes 1, 11, 12)
tREC
Rising-Edge Hold-off Time
(Notes 4, 13)
tREH
Time Slot Duration (Notes 1, 14)
tSLOT
0.4
Standard speed, RPUP = 1000Ω
25
Overdrive speed, RPUP = 1000Ω
10
Applies to standard speed only
µs
1
Standard speed
85
Overdrive speed
16
V
µs
µs
IO PIN: 1-Wire RESET, PRESENCE-DETECT CYCLE
Reset Low Time
(Note 1)
tRSTL
Reset High Time (Notes 1, 15)
tRSTH
Presence Detect Fall Time
(Notes 4, 16)
tFPD
Presence-Detect Sample Time
(Notes 1, 17)
tMSP
Standard speed
480
640
Overdrive speed
48
80
Standard speed
480
Overdrive speed
48
µs
µs
Standard speed
1.25
Overdrive speed
0.15
µs
Standard speed
65
75
Overdrive speed
7
10
Standard speed
60
120
Overdrive speed
6
16
Standard speed
0.25
15
Overdrive speed
0.25
2
Standard speed
0.25
15 - δ
Overdrive speed
0.25
2-δ
Standard speed
tRL + δ
15
Overdrive speed
tRL + δ
2
µs
IO PIN: 1-Wire WRITE
Write-Zero Low Time
(Notes 1, 18)
tW0L
Write-One Low Time
(Notes 1, 18)
tW1L
µs
µs
IO PIN: 1-Wire READ
Read Low Time
(Notes 1, 19)
Read Sample Time
(Notes 1, 19)
tRL
tMSR
µs
µs
PIOA AND PIOB PINS
Output Low
PIOVOL
Input Low
PIOVIL
Input High
Leakage Current
www.maximintegrated.com
PIOIOL = 4mA (Note 10)
0.4
V
-0.3
0.15 x
VPUP
V
PIOVIH
0.7 x
VPUP
VPUP
+ 0.3
V
PIOIL
-1
+1
µA
Maxim Integrated │ 3
DS28E36
DeepCover Secure Authenticator
Electrical Characteristics (continued)
Limits are 100% production tested at TA = +25°C and TA = +85°C. Typical values are at TA = +25°C. Limits over the operating temperature range and relevant supply voltage range are guaranteed by design and characterization. Specifications marked GBD are
guaranteed by design and not production tested. Specifications to the minimum operating temperature are guaranteed by design and
are not production tested.
PARAMETER
SYMBOL
CONDITIONS
MIN
TYP
MAX
UNITS
STRONG PULLUP OPERATION
Generate ECDSA Signature Time
tGES
(Note 1)
50
ms
Generate ECC Key Pair
tGKP
(Note 1)
100
ms
Verify ECDSA Signature or
Compute ECDH Time
tVES
(Note 1)
150
ms
Computation Time (HMAC or RNG)
tCMP
(Note 1)
3
ms
Read Memory Time
tRM
(Note 1)
1
ms
Write Memory Time
tWM
(Note 1)
15
ms
Write/Erase Cycles (Endurance)
NCY
(Note 21)
Data Retention
tDR
TA = +85°C (Note 22)
EEPROM
100k
—
10
Years
POWER-UP
Power-Up Time
tOSCWUP
(Notes 1, 23)
2
ms
Note 1: System requirement.
Note 2: Maximum allowable pullup resistance is a function of the number of 1-Wire devices in the system and 1-Wire recovery
times. The specified value here applies to systems with only one device and with the minimum 1-Wire recovery times.
Note 3: Value represents the internal parasite capacitance when VPUP is first applied. Once the parasite capacitance is charged, it does
not affect normal communication. Typically, during normal communication, the internal parasite capacitance is effectively ~100pF.
Note 4: Guaranteed by design and/or characterization only. Not production tested.
Note 5: VTL, VTH, and VHY are a function of the internal supply voltage, which is a function of VPUP, RPUP, 1-Wire timing, and
capacitive loading on IO. Lower VPUP, higher RPUP, shorter tREC, and heavier capacitive loading all lead to lower values of
VTL, VTH, and VHY.
Note 6: Voltage below which, during a falling edge on IO, a logic-zero is detected.
Note 7: The voltage on IO must be less than or equal to VILMAX at all times the master is driving IO to a logic-zero level.
Note 8: Voltage above which, during a rising edge on IO, a logic-one is detected.
Note 9: After VTH is crossed during a rising edge on IO, the voltage on IO must drop by at least VHY to be detected as logic-zero.
Note 10: The I-V characteristic is linear for voltages less than 1V.
Note 11: Applies to a single device attached to a 1-Wire line.
Note 12: tREC min covers operation at worst-case temperature VPUP, RPUP, CX, tRSTL, tWOL, and tRL. tRECMIN can be significantly
reduced under less extreme conditions. Contact the factory for more information.
Note 13: The earliest recognition of a negative edge is possible at tREH after VTH has been previously reached.
Note 14: Defines maximum possible bit rate. Equal to 1/(tW0LMIN + tRECMIN).
Note 15: An additional reset of communication sequence sequence cannot begin until the reset high time has expired.
Note 16: Time from V(IO) = 80% of VPUP and V(IO) = 20% of VPUP at the negative edge on IO at the beginning of the Presence
Detect pulse.
Note 17: Interval after tRSTL during which a bus master can read a logic 0 on IO if there is a DS28E36 present.
Note 18: ε in Figure 6 represents the time required for the pullup circuitry to pull the voltage on IO up from VIL to VTH.
Note 19: δ in Figure 6 represents the time required for the pullup circuitry to pull the voltage on IO up from VIL to the input-high
threshold of the bus master.
Note 20: ISPU is the current drawn from IO during a strong pullup (SPU) operation. The pullup circuit on IO during the SPU operation
should be such that the voltage at IO is greater than or equal to VSPUMIN. A low-impedance bypass of RPUP activated
during the SPU operation is the recommended way to meet this requirement.
Note 21: Write-cycle endurance is tested in compliance with JESD47H.
Note 22: Data retention is tested in compliance with JESD47H.
Note 23: 1-Wire communication should not take place for at least tOSCWUP after VPUP reaches VPUP min.
www.maximintegrated.com
Maxim Integrated │ 4
DS28E36
DeepCover Secure Authenticator
Pin Configuration
Pin Description
TOP VIEW
N.C. 1
IO
GND
2
3
6 CEXT
DS28E36
*EP
5 PIOA
4 PIOB
TDFN-EP
(3mm x 3mm)
Detailed Description
The DS28E36 is a secure authenticator that supports
multiple asymmetric (ECC-P256) and symmetric (SHA256) security functions. In addition to the security services
provided by the hardware implemented ECC and SHA256 engines, the device integrates a FIPS/NIST true random number generator (RNG), 8Kb of secured EEPROM,
a decrement-only counter, two pins of configurable GPIO,
and a unique 64-bit serial number. The ECC public/private
key capabilities operate from the NIST defined P-256
curve and include FIPS 186 compliant ECDSA signature
generation and verification for bidirectional asymmetric
key authentication. Additionally, through FIPS/NIST 80056B ECDH-based key agreement, the device supports
secure storage and host communication of sensitive
data, such as application-specific crypto keys that would
be used independently by a host processor. The SHA256 secret-key capabilities are compliant with FIPS 180
and are flexibly used either in conjunction with ECDSA
operations or independently for multiple MAC and HMAC
functions. Through the integrated RNG, the device further
enhances system crypto functionality with the ability to
supply FIPS-grade random numbers to a host processor
along with internal-only functions including nonce values
for ECDSA operation and optional generation of its ECC
private keys. Two pins of GPIO can be independently
www.maximintegrated.com
PIN
NAME
1
N.C.
2
IO
FUNCTION
No Connection
1-Wire IO
3
GND
Ground
4
PIOB
General-Purpose IO
5
PIOA
General-Purpose IO
6
CEXT
Input for External Capacitor
—
EP
Exposed Pad (TDFN Only). Solder
evenly to the board’s ground plane for
proper operation. Refer to Application
Note 3273: Exposed Pads: A Brief
Introduction for additional information.
operated under command control and include configurability supporting authenticated and nonauthenticated
operation including an ECDSA-based crypto-robust mode
to support secure-boot of a host processor.
The DS28E36 integrates an 8Kb secured EEPROM array
to store keys, certificates, general-purpose data and
control registers. Multiple user-programmable protection modes exist for the general-purpose memory space
including open, ECDSA R/W authentication protection,
SHA-256 HMAC R/W authentication protected, and SHA256 one-time-pad (OTP) R/W encryption in conjunction
with an ECDH established key. With these options, general-purpose memory can be flexibly configured to store
end application data ranging from nonsensitive calibration
constants to critically sensitive host-system crypto keys.
The DS28E36 also provides a dedicated 17-bit counter
that operates in a decrement-only mode to support applications where limited use requirements exist and must be
tracked. Once set and upon command, the device decrements the counter value by 1. After the counter reaches a
value of 0, no additional changes are possible. To prevent
reply attacks, a read of the counter is performed with userselectable ECDSA or SHA-256 HMAC authentication.
The block diagram in Figure 1 shows the relationships
between the circuit elements of the DS28E36.
Maxim Integrated │ 5
DS28E36
DeepCover Secure Authenticator
PARASITE
POWER
CX
Cext
DS28E36
64-BIT ROM ID
IO
1-Wire FUNCTION
CONTROL
And
COMMAND
BUFFER
ECC (256)
SHA-256
RNG
USER MEMORY
KEYS
DECREMENT COUNTER
COMPUTE
CONTROL
PIOA
PIOB
AUTHENTICATED
GPIO
Figure 1. Simplified Block Diagram
Design Resource Overview
Operation of the DS28E36 involves use of device
EEPROM and execution of device function commands.
The following provides an overview including the decrement counter and GPIO pins. Refer to the DS28E36
Security Guide for full details.
Memory
A secured 8kbit EEPROM array is divided into two 4kbit
regions. One 4kbit space for user-programmable and
configurable memory, the other 4kbit space for registers
including ECC and SHA-256 keys, the decrement-only
counter, and programmable device control functions.
Depending on the register function, there are either
default or user-programmable protection modes.
Function Commands
After a 1-Wire Reset/Presence cycle and ROM function
command sequence is successful, a device function command can be accepted. These commands, in general,
www.maximintegrated.com
follow the state flow diagrams of Figure 2 and Figure 3.
Within these flow diagrams, the data transfer is verified
when writing and reading by a CRC of 16-bit type (CRC16). The CRC-16 is computed as described in Maxim’s
Application Note 27.
Decrement Counter
The 17-bit decrement only counter can be written/initialized one time. If unwritten, it reads as random data and
cannot be authenticated with a read. A dedicated device
function command is used to decrement the count value
by one with each call. Once the count value reaches a
value of 0, no additional decrements are possible.
GPIO Control
State setting and/or reads of the two open-drain GPIO
pins is controlled in accordance with user-programmable
protection settings. Multiple protection options exist based
on ECDSA, ECDH key establishment, or SHA256-HMAC.
Maxim Integrated │ 6
DS28E36
DeepCover Secure Authenticator
MASTER Tx MEMORY
FUNCTION COMMAND
EX CMD
DATA WRITE
N
Y
FROM ROM FUNCTIONS
FLOW CHART (FIGURE 7)
READ MEMORY
COMMAND
MASTER Tx MEMORY
FUNCTION COMMAND
N
Y
FROM ROM FUNCTIONS
FLOW CHART (FIGURE 7)
MASTER Tx
PARAMETER(S)
MASTER Tx
PARAMETER(S)
MASTER Rx CRC-16 OF CMD
AND PARAMETER(S)
MASTER Rx CRC-16 OF CMD
AND PARAMETER(S)
N
MASTER Tx
DATA BYTE(S)
MASTER Tx
RELEASE?
Y
N
MASTER Rx
RELEASE?
DELAY WITH STRONG PULLUP
Y
DELAY WITH STRONG PULLUP
MASTER Rx MEMORY
DATA BYTES
MASTER Tx RESULT BYTE
(AAh FOR SUCCESS)
MASTER Rx CRC-16 OF
DATA BYTE
MASTER Rx CRC-16 OF RESULT
BYTE
MASTER
Rx 1s
N
MASTER Tx
RESET?
Y
FROM ROM FUNCTIONS
FLOW CHART (FIGURE 7)
Figure 2. 1-Wire Device Execute Command or Data Write
Flow Chart
www.maximintegrated.com
MASTER
Rx 1s
N
MASTER Tx
RESET?
Y
FROM ROM FUNCTIONS
FLOW CHART (FIGURE 7)
Figure 3. 1-Wire Device Data Read Flow Chart
Maxim Integrated │ 7
DS28E36
DeepCover Secure Authenticator
1-Wire Bus System
The 1-Wire bus is a system that has a single bus master
and one or more slaves. In all instances, the DS28E36 is
a slave device. The bus master is typically a microcontroller. The discussion of this bus system is broken down
into three topics: hardware configuration, transaction
sequence, and 1-Wire signaling (signal types and timing).
The 1-Wire protocol defines bus transactions in terms of
the bus state during specific time slots, which are initiated
on the falling edge of sync pulses from the bus master.
Hardware Configuration
The 1-Wire bus has only a single line by definition; it is
important that each device on the bus be able to drive
it at the appropriate time. To facilitate this, each device
attached to the 1-Wire bus must have open-drain or threestate outputs. The 1-Wire port of the DS28E36 is open
drain with an internal circuit equivalent to that shown in
Figure 4.
A multidrop bus consists of a 1-Wire bus with multiple
slaves attached. The DS28E36 supports both a standard
and overdrive communication speed of 11.7kbps (max)
and 62.5kbps (max), respectively. The value of the pullup
resistor primarily depends on the network size and load
conditions. The DS28E36 requires a pullup resistor of
1kΩ (max) at any speed.
The idle state for the 1-Wire bus is high. If for any reason
a transaction needs to be suspended, the bus must be
left in the idle state if the transaction is to resume. If this
does not occur and the bus is left low for more than 16μs
(overdrive speed) or more than 120μs (standard speed),
one or more devices on the bus could be reset.
Transaction Sequence
The protocol for accessing the DS28E36 through the
1-Wire port is as follows:
●● Initialization
●● ROM function command
●● Memory function command
●● Transaction/data
Initialization
All transactions on the 1-Wire bus begin with an initialization sequence. The initialization sequence consists of a
reset pulse transmitted by the bus master followed by
presence pulse(s) transmitted by the slave(s). The presence pulse lets the bus master know that the DS28E36 is
on the bus and is ready to operate. For more details, see
the 1-Wire Signaling and Timing section.
VPUP
*SEE NOTE
1-WIRE SLAVE PORT
BUS MASTER
Tx
PIOX
Rx
PIOY
Tx
BIDIRECTIONAL
OPEN-DRAIN PORT
CTL
RPUP
DATA
Rx = RECEIVE
Tx = TRANSMIT
CX
Rx
IL
Tx
100Ω
MOSFET
*NOTE: USE A LOW-IMPEDANCE BYPASS OR EQUALLY DRIVE LOGIC ‘1’ WITH PIOY
Figure 4. Hardware Configuration
www.maximintegrated.com
Maxim Integrated │ 8
DS28E36
DeepCover Secure Authenticator
1-Wire Signaling and Timing
remains in overdrive mode. If the device is in overdrive
mode and tRSTL is between 80μs and 480μs, the device
resets, but the communication speed is undetermined.
The DS28E36 requires strict protocols to ensure data
integrity. The protocol consists of four types of signaling
on one line: reset sequence with reset pulse and presence
pulse, write-zero, write-one, and read-data. Except for the
presence pulse, the bus master initiates all falling edges.
The DS28E36 can communicate at two speeds: standard
and overdrive. If not explicitly set into the overdrive mode,
the DS28E36 communicates at standard speed. While in
overdrive mode, the fast timing applies to all waveforms.
After the bus master has released the line, it goes into
receive mode. Now, the 1-Wire bus is pulled to VPUP
through the pullup resistor or, in the case of a special
driver chip, through the active circuitry. Now, the 1-Wire
bus is pulled to VPUP through the pullup resistor. When
the threshold VTH is crossed, the DS28E36 waits and
then transmits a presence pulse by pulling the line low. To
detect a presence pulse, the master must test the logical
state of the 1-Wire line at tMSP.
To get from idle to active, the voltage on the 1-Wire line
needs to fall from VPUP below the threshold VTL. To get
from active to idle, the voltage needs to rise from VILMAX
past the threshold VTH. The time it takes for the voltage
to make this rise is seen in Figure 6 as ε, and its duration depends on the pullup resistor (RPUP) used and the
capacitance of the 1-Wire network attached. The voltage
VILMAX is relevant for the DS28E36 when determining a
logical level, not triggering any events.
Immediately after tRSTH has expired, the DS28E36 is
ready for data communication. In a mixed population network, tRSTH should be extended to a minimum 480μs at
standard speed and a 48μs at overdrive speed to accommodate other 1-Wire devices.
Read/Write Time Slots
Data communication with the DS28E36 takes place in
time slots that carry a single bit each. Write time slots
transport data from bus master to slave. Read time slots
transfer data from slave to master. Figure 6 illustrates the
definitions of the write and read time slots.
Figure 5 shows the initialization sequence required to
begin any communication with the DS28E36. A reset pulse
followed by a presence pulse indicates that the DS28E36
is ready to receive data, given the correct ROM and
memory function command. If the bus master uses slewrate control on the falling edge, it must pull down the line
for tRSTL + tF to compensate for the edge. A tRSTL duration of 480μs or longer exits the overdrive mode, returning
the device to standard speed. If the DS28E36 is in overdrive mode and tRSTL is no longer than 80μs, the device
All communication begins with the master pulling the data
line low. As the voltage on the 1-Wire line falls below
the threshold VTL, the DS28E36 starts its internal timing
generator that determines when the data line is sampled
during a write time slot and how long data is valid during
a read time slot.
MASTER TX “RESET PULSE”
MASTER RX “PRESENCE PULSE”
ε
VPUP
tMSP
VIHMASTER
VTH
VTL
VILMAX
0V
tF
tRSTL
tREC
tRSTH
RESISTOR (RPUP)
MASTER
1-WIRE SLAVE
Figure 5. Initialization Procedure: Reset and Presence Pulse
www.maximintegrated.com
Maxim Integrated │ 9
DS28E36
DeepCover Secure Authenticator
WRITE-ONE TIME SLOT
tW1L
VPUP
VIHMASTER
VTH
VTL
VILMAX
0V
tF
ε
tSLOT
RESISTOR (RPUP)
MASTER
WRITE-ZERO TIME SLOT
tW0L
VPUP
VIHMASTER
VTH
VTL
VILMAX
0V
tF
ε
tREC
tSLOT
RESISTOR (RPUP)
MASTER
READ-DATA TIME SLOT
tMSR
tRL
VPUP
VIHMASTER
VTH
VTL
VILMAX
0V
MASTER SAMPLING
WINDOW
tF
δ
tREC
tSLOT
RESISTOR (RPUP)
MASTER
1-WIRE SLAVE
Figure 6. Read/Write Timing Diagrams
www.maximintegrated.com
Maxim Integrated │ 10
DS28E36
Master-to-Slave
For a write-one time slot, the voltage on the data line
must have crossed the VTH threshold before the writeone low time tW1LMAX is expired. For a write-zero time
slot, the voltage on the data line must stay below the VTH
threshold until the write-zero low time tW0LMIN is expired.
For the most reliable communication, the voltage on the
data line should not exceed VILMAX during the entire
tW0L or tW1L window. After the VTH threshold has been
crossed, the DS28E36 needs a recovery time tREC before
it is ready for the next time slot.
Slave-to-Master
A read-data time slot begins like a write-one time slot.
The voltage on the data line must remain below VTL until
the read low time tRL is expired. During the tRL window,
when responding with a 0, the DS28E36 starts pulling
the data line low; its internal timing generator determines
when this pulldown ends and the voltage starts rising
again. When responding with a 1, the DS28E36 does not
hold the data line low at all, and the voltage starts rising
as soon as tRL is over.
The sum of tRL + δ (rise time) on one side and the internal
timing generator of the DS28E36 on the other side define
the master sampling window (tMSRMIN to tMSRMAX), in
which the master must perform a read from the data line.
For the most reliable communication, tRL should be as
short as permissible, and the master should read close
to but no later than tMSRMAX. After reading from the data
line, the master must wait until tSLOT is expired. This
guarantees sufficient recovery time tREC for the DS28E36
to get ready for the next time slot. Note that tREC specified herein applies only to a single DS28E36 attached to a
1-Wire line. For multidevice configurations, tREC must be
extended to accommodate the additional 1-Wire device
input capacitance. Alternatively, an interface that performs
active pullup during the 1-Wire recovery time such as the
special 1-Wire line drivers can be used.
1-Wire ROM Function Commands
Once the bus master has detected a presence, it can
issue one of the seven ROM function commands that the
DS28E36 supports. All ROM function commands are 8
bits long. A list of these commands follows (see the flowchart in Figure 7-1 and Figure 7-2).
www.maximintegrated.com
DeepCover Secure Authenticator
Read ROM [33h]
The Read ROM command allows the bus master to read
the DS28E36’s 8-bit family code, unique 48-bit serial
number, and 8-bit CRC. This command can only be used
if there is a single slave on the bus. If more than one
slave is present on the bus, a data collision occurs when
all slaves try to transmit at the same time (open drain
produces a wired-AND result). The resultant family code
and 48-bit serial number result in a mismatch of the CRC.
Match ROM [55h]
The Match ROM command, followed by a 64-bit ROM
sequence, allows the bus master to address a specific
DS28E36 on a multidrop bus. Only the DS28E36 that
exactly matches the 64-bit ROM sequence responds to
the subsequent memory function command. All other
slaves wait for a reset pulse. This command can be used
with a single device or multiple devices on the bus.
Search ROM [F0h]
When a system is initially brought up, the bus master
might not know the number of devices on the 1-Wire bus
or their ROM ID numbers. By taking advantage of the
wired-AND property of the bus, the master can use a process of elimination to identify the ID of all slave devices.
For each bit in the ID number, starting with the least significant bit, the bus master issues a triplet of time slots.
On the first slot, each slave device participating in the
search outputs the true value of its ID number bit. On the
second slot, each slave device participating in the search
outputs the complemented value of its ID number bit. On
the third slot, the master writes the true value of the bit
to be selected. All slave devices that do not match the
bit written by the master stop participating in the search.
If both of the read bits are zero, the master knows that
slave devices exist with both states of the bit. By choosing which state to write, the bus master branches in the
search tree. After one complete pass, the bus master
knows the ROM ID number of a single device. Additional
passes identify the ID numbers of the remaining devices.
Refer to Application Note 187: 1-Wire Search Algorithm
for a detailed discussion, including an example.
Maxim Integrated │ 11
DS28E36
Skip ROM [CCh]
This command can save time in a single-drop bus system by allowing the bus master to access the memory
functions without providing the 64-bit ROM ID. If more
than one slave is present on the bus and, for example,
a read command is issued following the Skip ROM command, data collision occurs on the bus as multiple slaves
transmit simultaneously (open-drain pulldowns produce a
wired-AND result).
Resume [A5h]
To maximize the data throughput in a multidrop environment, the Resume command is available. This command
checks the status of the RC bit and, if it is set, directly
transfers control to the memory function commands, similar to a Skip ROM command. The only way to set the RC
bit is by successfully executing the Match ROM, Search
ROM, or Overdrive-Match ROM command. Once the RC
bit is set, the device can repeatedly be accessed through
the Resume command. Accessing another device on the
bus clears the RC bit, preventing two or more devices from
simultaneously responding to the Resume command.
Overdrive-Skip ROM [3Ch]
On a single-drop bus this command can save time by
allowing the bus master to access the memory functions
without providing the 64-bit ROM ID. Unlike the normal
Skip ROM command, the Overdrive-Skip ROM command
sets the DS28E36 into the overdrive mode (OD = 1). All
communication following this command must occur at
www.maximintegrated.com
DeepCover Secure Authenticator
overdrive speed until a reset pulse of minimum 480μs
duration resets all devices on the bus to standard speed
(OD = 0).
When issued on a multidrop bus, this command sets all
overdrive-supporting devices into overdrive mode. To
subsequently address a specific overdrive-supporting
device, a reset pulse at overdrive speed must be issued
followed by a Match ROM or Search ROM command
sequence. This speeds up the time for the search process. If more than one slave supporting overdrive is present on the bus and the Overdrive-Skip ROM command
is followed by a read command, data collision occurs on
the bus as multiple slaves transmit simultaneously (opendrain pulldowns produce a wired-AND result).
Overdrive-Match ROM [69h]
The Overdrive-Match ROM command followed by a 64-bit
ROM sequence transmitted at overdrive speed allows the
bus master to address a specific DS28E36 on a multidrop bus and to simultaneously set it in overdrive mode.
Only the DS28E36 that exactly matches the 64-bit ROM
sequence responds to the subsequent memory function
command. Slaves already in overdrive mode from a previous Overdrive-Skip ROM or successful Overdrive-Match
ROM command remain in overdrive mode. All overdrivecapable slaves return to standard speed at the next reset
pulse of minimum 480μs duration. The Overdrive-Match
ROM command can be used with a single device or multiple devices on the bus.
Maxim Integrated │ 12
DS28E36
DeepCover Secure Authenticator
BUS MASTER Tx
RESET PULSE
FROM DEVICE FUNCTIONS
FLOW CHART
OD
RESET PULSE?
FROM ROM FUNCTION FLOW PART 2
N
OD = 0
Y
BUS MASTER Tx
ROM FUNCTION COMMAND
33h
READ ROM
COMMAND?
SLAVE Tx
PRESENCE PULSE
N
55h
MATCH ROM
COMMAND?
F0h
SEARCH ROM
COMMAND?
N
N
CCh
SKIP ROM
COMMAND?
Y
Y
Y
Y
RC = 0
RC = 0
RC = 0
RC = 0
SLAVE Tx
FAMILY CODE
(1 BYTE)
SLAVE Tx BIT 0
MASTER Tx BIT 0
N
N
BIT 0 MATCH?
Y
Y
SLAVE Tx BIT 1
SLAVE Tx BIT 1
MASTER Tx BIT 1
MASTER Tx BIT 0
Y
BIT 1 MATCH?
N
N
Y
SLAVE Tx
CRC BYTE
TO ROM FUNCTION
FLOW PART 2
SLAVE Tx BIT 0
MASTER Tx BIT 0
BIT 0 MATCH?
SLAVE Tx
SERIAL NUMBER
(6 BYTES)
N
BIT 1 MATCH?
Y
SLAVE Tx BIT 63
SLAVE Tx BIT 63
MASTER Tx BIT 63
MASTER Tx BIT 63
BIT 63 MATCH?
RC = 1
N
N
BIT 63 MATCH?
RC = 1
TO ROM FUNCTION
FLOW PART 2
FROM ROM FUNCTION FLOW PART 2
Figure 7-1. ROM Functions Flow Chart
www.maximintegrated.com
Maxim Integrated │ 13
DS28E36
DeepCover Secure Authenticator
TO ROM FUNCTION FLOW PART 1
FROM ROM
FUNCTION
FLOW PART 1
A5h
RESUME
COMMAND?
3Ch
OVERDRIVESKIP ROM?
N
Y
RC = 1?
N
Y
N
Y
RC = 0; OD = 1
RC = 0; OD = 1
N
69h
OVERDRIVEMATCH ROM?
MASTER Tx BIT 0
MASTER Tx
RESET?
Y
N
OD = 0
Y
N
MASTER Tx
RESET?
BIT 0 MATCH?
MASTER Tx BIT 1
Y
N
BIT 1 MATCH?
N
OD = 0
Y
SLAVE Tx BIT 63
BIT 63 MATCH?
FROM ROM FUNCTION
FLOW PART 1
N
OD = 0
RC = 1
TO ROM FUNCTION FLOW PART 1
TO DEVICE FUNCTIONS
FLOW CHART
Figure 7-2. ROM Functions Flow Chart (continued)
www.maximintegrated.com
Maxim Integrated │ 14
DS28E36
DeepCover Secure Authenticator
Improved Network Behavior
(Switchpoint Hysteresis)
The DS28E36’s 1-Wire front-end has the following features:
In a 1-Wire environment, line termination is possible only
during transients controlled by the bus master (1-Wire
driver). 1-Wire networks, therefore, are susceptible to
noise of various origins. Depending on the physical size
and topology of the network, reflections from end points
and branch points can add up or cancel each other to
some extent. Such reflections are visible as glitches or
ringing on the 1-Wire communication line. Noise coupled
onto the 1-Wire line from external sources can also result
in signal glitching. A glitch during the rising edge of a time
slot can cause a slave device to lose synchronization with
the master and, consequently, result in a Search ROM
command coming to a dead end or cause a device-specific function command to abort. For better performance
in network applications, the DS28E36 uses a 1-Wire frontend that is less sensitive to noise.
●● The falling edge of the presence pulse has a controlled slew rate to reduce ringing. The slew rate control is specified by tFPD.
●● There is a hysteresis at the low-to-high switching
threshold VTH. If a negative glitch crosses VTH, but
does not go below VTH - VHY, it is not recognized
(Figure 8, Case A). The hysteresis is effective at any
1-Wire speed.
●● There is a time window specified by the rising edge
hold-off time tREH during which glitches are ignored,
even if they extend below the VTH - VHY threshold
(Figure 8, Case B, tGL < tREH). Deep voltage drops
or glitches that appear late after crossing the VTH
threshold and extend beyond the tREH window cannot be filtered out and are taken as the beginning of
a new time slot (Figure 8, Case C, tGL ≥ tREH).
tREH
tREH
VPUP
VTH
VHY
CASE A
0V
CASE B
tGL
CASE C
tGL
Figure 8. Noise Suppression Scheme
www.maximintegrated.com
Maxim Integrated │ 15
DS28E36
DeepCover Secure Authenticator
Typical Application Circuit
VCC
100kΩ
VCC
PIOX
1kΩ
Q1
PIOA
PIOB
*PMV65XP
µC
PIOY
GND
BIDIRECTIONAL
OPEN-DRAIN PORT
RP
RPUP
IO
DS28E36
IO
CEXT
GND
IO
CX
*NOTE: USE A Q1 LOW-IMPEDANCE BYPASS
OR EQUALLY DRIVE LOGIC 1 WITH PIOY
Package Information
Ordering Information
PART
TEMP RANGE
PIN-PACKAGE
DS28E36Q+T†
-40°C to +85°C
6 TDFN-EP*
(2.5k pcs)
DS28E36BQ+T
-40°C to +85°C
6 TDFN-EP*
(2.5k pcs)
+Denotes a lead(Pb)-free/RoHS-compliant package.
T= Tape and reel.
*EP = Exposed pad.
†Not recommended for new designs.
www.maximintegrated.com
For the latest package outline information and land patterns (footprints), go to www.maximintegrated.com/
packages. Note that a “+”, “#”, or “-” in the package code
indicates RoHS statusonly. Package drawings may show
a different suffix character, but the drawing pertains to the
package regardless of RoHS status.
PACKAGE
TYPE
PACKAGE
CODE
OUTLINE
NO.
LAND
PATTERN NO.
6 TDFN-EP*
T633+2
21-0137
90-0058
Maxim Integrated │ 16
DS28E36
DeepCover Secure Authenticator
Revision History
REVISION
NUMBER
REVISION
DATE
0
10/17
Initial release
1
10/17
Updated Package Information section
2
2
11/18
Updated Ordering Information section
16
3
3/20
Updated Typical Application Circuit
16
DESCRIPTION
PAGES
CHANGED
—
For pricing, delivery, and ordering information, please contact Maxim Direct at 1-888-629-4642, or visit Maxim Integrated’s website at www.maximintegrated.com.
Maxim Integrated cannot assume responsibility for use of any circuitry other than circuitry entirely embodied in a Maxim Integrated product. No circuit patent licenses
are implied. Maxim Integrated reserves the right to change the circuitry and specifications without notice at any time. The parametric values (min and max limits)
shown in the Electrical Characteristics table are guaranteed. Other parametric values quoted in this data sheet are provided for guidance.
Maxim Integrated and the Maxim Integrated logo are trademarks of Maxim Integrated Products, Inc.
© 2018 Maxim Integrated Products, Inc. │ 17