mcs1000 MosChip, mcs1000 Datasheet - Page 13

mcs1000

Manufacturer Part Number

mcs1000

Description

Security Processor

Manufacturer

MosChip

Datasheet

1.MCS1000.pdf (30 pages)

Current page: 13 of 30
Download datasheet (818Kb)

Rev. 1.1

Theory of Operation

The MCS1000 has two modes of operation:

Stand-Alone Mode

In Stand-Alone mode the MCS1000 operates

autonomously and does not require a host to supervise

its operation. The internal ARM processor fetches

instructions from the external Flash. In this mode

the PCI bus is inactive. This configuration is ideal for

devices like low-cost VPN/Firewall appliances.

Peripheral Mode

In Peripheral mode the MCS1000 functions as a

secure Fast Ethernet controller. The MCS1000 acts

as a device on a PCI bus. The control log is stored at

the host level, but the Security Policy Database (SPD)

and the Security Association Database (SAD) is stored

in the MCS1000’s local memory. The control log and

Internet Key Exchange are left to the host processor.

Internal Architecture

The MCS1000 consists of a CPU Subsystem,

Hardware IPSec Module and General Interface

Blocks.

The CPU subsystem consists of the ARM926EJ-S

core and two (2) AHB to VCI bridges.

The MCS1000 contains specific hardware for

accelerating the IPSec protocol. The Hardware

IPSec Module consists of an IPSec Unit that contains

the DES, 3DES, and AES cryptography blocks, plus

the MD5, SHA1 and SHA256 authentication blocks;

a 16K Packet Cache; Look-Up Accelerator (LUP);

Random Number Generator; Ethernet DMA Block;

Configuration Block and specialized code in an

internal ROM.

The rest of the chip’s logic is made up from General

Interface Blocks. The General Interface Blocks

consist of three (3) Ethernet Controllers, PCI

Interface, Memory Controller (SDRAM, Flash and

Local-Bus), Serial Port, General Purpose Input and

Output (GPIO) Interface, and PLL Clocking Circuit.

Description of Blocks:

CPU Subsystem

Hardware IPSec Module

General Interface Blocks

•

ARM926EJ-S - ARM9 32-bit RISC CPU

AHB2VCI64 - AHB 32-bit Bus to VCI 64-bit

Bus (2)

Configuration Block - configuration

registers and miscellaneous system

interfaces

Ethernet DMA Block - DMA channels and

access arbiter for MAC, PCI and Cipher

Module

LUP - Table lookup engine for search

acceleration

Random Number Generator - Random

number generator for key generation based

on the physical events inside the IC

Packet Cache - Ethernet packet cache

(write-back, write-allocate) with large line size

(16 double words)

IPSec Unit - Contains the DES, 3DES, and

AES cryptographic blocks; MD5 and SHA

authentication blocks; and I/O blocks

Internal ROM - Contains BIST and

initialization code

PCI Controller - 32-bit 33MHz PCI 2.2

interface (device only)

UART - Standard serial port with LVCMOS

logic level input/output

PLL - Phase Locked Loop used to generate

internal clocks

MAC/PHY - Ethernet interface to external

magnetics

Memory Controller - Memory controller

back-end for Flash and SDRAM, arbiter/mux

between CPU, LUP and packet cache

Bootstrap Register - The bootstraps control

four main aspects of the MCS1000: Debug

Mode, Processor Speed, Internal ROM

Disable and User Defined functions

MCS1000

Security Processor

Page 13

mcs1000 MosChip, mcs1000 Datasheet - Page 13

mcs1000

Related parts for mcs1000