American University of Sharjah – Computer Engineering College
Presented by: Larbi Yazid b00052497 under the supervision of Dr Tarik Ozkul
Academic year: 2013-2014

Technological review about MICROCONTROLLER CONFIGURED FOR EXTERNAL MEMORY DECRYPTION
Abstract
This article will address the publication "MICROCONTROLLER CONFIGURED FOR EXTERNAL MEMORY DECRYPTION" in technological and systematic perspective. First, there will be a brief description of the structure and functioning of the microcontroller. Then, we'll try to answer some questions that can pass through the mind when reading the publication. At the end the Article could also offer suggestions or other perspectives for future research.
Description of the existent system
The microcontroller of the present study is used in an infrastructure called "Advanced Metering Infrastructure" to measure the energy consumption. The infrastructure is represented as a network of several nodes interconnected by RF radio links or power line communication, where one of these nodes called "Root Node" connects the remaining nodes to the central station called Central Office via a network such as the Internet.
Central Office contains a data management system for processing data received from different nodes, it is meant by the processing of these data: analysis, filtering, extraction, projection, simulation and naturally backup and archiving. The Central Office may be in one geographic location or at multiple sites in the case of a distributed context, or completely removed in case of highly decentralized context.
The node is composed of a transceiver, a meter and a processing unit, the latter contains one or more processors with a microcontroller configured for decryption of encrypted data and encrypted applications located in an external memory.
After the overall description of the infrastructure, we will now approach the internal structure of the microcontroller, its operation and its interaction with the external memory.
We begin with the Program Counter which may receive a signal from the operating system or another device, the Program Counter will transmit a signal to the Address Alignment Module which is in charge of two functions: the first is to calculate the Offset Pointer that will point to the selected instruction in the cache containing the decrypted data, this instruction will be loaded into the instruction register; and the second is to forward the address of the block to fetch to the Address Generator.
On its side, Address Generator may put the address in the address bus regardless of its size, and then communicates the reading time to the first cache that will receive the encrypted data.
Once the data is in the cache, they pass throw the Decryption Engine synchronized with a clock faster than the clock that synchronizes the instruction register and the Program Counter.
In the end, the decrypted data is loaded into the second cache, and the instruction pointed by the Pointer Offset is loaded into the instruction register, and the cycle can be restarted.

Detailed study of the system.
During our reading of the article "Microcontroller configured for external memory decryption", some questions had risen to the surface, and we have tried to clarify some points, and to provide further details referring to other papers that have treated the same subject or a topic of the same area of research. 1. How do the nodes communicate between themselves?
Regarding the paper “Peer-to-peer communications in ami with source-tree routing”
(CA 2755331 C), there are two classes of nodes according to the processing and the memory’s size: full functionality nodes and Reduced functionality nodes, as the structure is built in form of tree, rout nodes store only the coordinates of neighboring nodes, and therefore the routing is a peer-to-peer communication. 2. How does the decryption engine function?
We will provide details about the functioning of the decryption engine according to the publication entitled "Encryption and decryption device” U.S. 20120069997 A1.
Decryption uses a secret key, and calculated from data in clear, with the help of the following elements: Memory for saving temporary data and interface that retrieves the encrypted data.
Decryption goes through four levels or layers: * First, calculating the intermediate data using a secret key after a round key and stored in memory. * In the second plane, an encryption of the data i (1 <i <N) is performed, where N is the total number of data. * The third level comprises applying a conversion arithmetic operation to mix the second last intermediate data (Nth) with the following one (N+1th) and stores the result. * The fourth level is the partial encryption of data to have a data in clear, by performing an inverse conversion of the (N +1th) intermediate data operation.

3. How does the system detect errors, control the transmission and ensure the data coherence?
In reference to the publication “Method and system for encrypting and decrypting transaction in power network " U.S. 20120036355 A1, a decryption method creates a serial number of the transaction then receives data, and the last may be encrypted in two ways: * Following a predetermined criterion which is received from a dedicated server. * Checked by analyzing the transaction serial number included in the header of the received data.
The checking can be configured to determine whether the serial number of the transaction included in the header of the received data is identical to a current serial number serial number of the transaction incremented by the receiving node. Then, the serial number of transaction is incremented by a unit value and the method may continue receiving data until transaction complete. 4. What is the adequate type of the external memory with the cache memory in this case study?
In reference to the publication “Address translation between a memory controller and an external memory device WO 2009079269 A1”, the external memory may be managed by a non-volatile memory controller over a dedicated serial bus. The memory controller will use logical memory addresses to perform the mapping operations and the address translation information/data. In Fact, Flash memory technology presents a lot of advantages: high memory densities, high reliability, and low power consumption, which explain the popularity of this type of memory nowadays (personal computers (BIOS), personal digital assistants (PDAs), digital cameras, and cellular telephones).
In other hand, the flash memory represents some difficulties which provoke a need to decrease the amount of integrated circuit real estate required for address translation taking in consideration the system performance.
One of these difficulties is that the memory controllers of flash memory use large blocks of embedded static RAM to store physical to/from translation mapping tables which may be needed repetitively to make a memory access.
In addition, the high density of the flash memory array requires the increase of the size of the embedded SRAM. This increase costs space for the static RAM at the expense of the flash memory array and its support circuitry, and to avoid this situation, parts of the flash memory array are designated to store these tables, which reduce the amount of memory available to the end user for data storage and reduce the performance of the memory device also.
Time is another important fact, because the access to the flash memory needs more time than SRAM, which make the time required for the controller to store and retrieve table data from a flash memory array is significantly longer than with SRAM. 5. How to communicate with the external memory?
In reference to a publication “External memory controller node WO 2004049175 A2”, the memory controller receives memory access service requests from PIN and processes the requests accordingly, there are different services delivered by memory controller: * Peek and poke. * Memory random access (MRA). * Direct memory access (DMA). * Point-to-point (PTP). * Real-time input (RTI). * Message service.

a. The peek and poke service
This service gives the possibility to the requesting node to retrieve the data, we call this part of the Peek service, and it also allows the writing of data found in memory controller, this part of the service is called Poke. b. Memory random access (MRA) service
As its name says, this service provides random access memory to the memory in reading and writing mode.

c. Direct memory access (DMA) service
This service is used to facilitate the requests of large blocks of data from the memory d. Point-to-point (PTP) service
This service is called in the situation of real-time streaming data because it helps to read and write data and it may make modifications to the parameters of the ports by following the point-to-point protocol. e. The real-time input (RTI) service
This service performs the same tasks as the PTP, except that it uses a different protocol called Reduced Acknowledgement Protocol. f. Message service
This service ensures communication between the memory controller and the ACE (Adaptive Computing Engine), like sending messages as acknowledgment of reception for reasons of control, synchronization and validation.
Remark: Memory interface receives memory service requests from memory interface and provides them to SDRAM memory and/or flash memory, a person skilled in the art will appreciate other memories that may be used, in our study case we are using two cache memories.
In reference to a publication “Microprocessor with pipelined access request to external memory
WO 1996037830”, memory requests may be pipelined to the external memory, which consists to issue more than one memory address during one clock cycle in parallel with the execution of the instruction, and during the same clock cycle, direct information received from the external memory to a register file.
In the case of the same information is requested in the next cycle, the information may be directed to the arithmetic logic unit (ALU) in the same clock cycle which reduce significantly the retrieve time of the information stored in the external memory.
Conclusion and perspectives

The study of this invention has allowed us to better understand the functioning of Advanced Metering Infrastructure, and in particular the functioning of the microcontroller and its interaction with the external memory using different methods and techniques of communication, decryption, storage and execution.
We have used to other publications to cover the detailed study of this article, but still there are some issues we have not had time to process and we want to let them carefully between the hands of researchers as questioning for other future research.

* Is it possible to eliminate the interface Microcontroller/ External Memory and what measures to take to replace it? * Can we have two parallel lines (cache-decryption engine-cache), one for encrypted data and one for encrypted applications? * Should we place data and applications in different external memory? * How does the address generator calculate the read time (214)? How accurate is it? What to do if the read time is incorrect, too short or too long? * What if the cache memory (212 or 222) is saturated? * Should the two clocks be synchronized with each other? How fast must be the second clock (240) relative to the first one (220)? * What is the role of the element (242)? * In Figure 3, can we put some operations in parallel? * In Figure 3, what will be the effect of changing the order of two 312 and 314 operations? * In Figure 3, Why not make the diagram as a cycle?

Resources and references www.google.com/patents * Microcontroller Configured for External Memory Decryption - US 20130275766 A1 * Peer-to-peer communications in ami with source-tree routing - CA 2755331 A1 * Encryption device and decryption device - US 20120069997 A1 * Method and system for encrypting and decrypting transaction in power network - US 20120036355 A1 * External memory controller node - WO 2004049175 A2 * Microprocessor with pipelined access request to external memory - WO 1996037830 A1 * Address translation between a memory controller and an external memory device - WO 2009079269 A1 * Data collection from utility meters over advanced metering infrastructure - CA 2757799 A1 * Method and apparatus for securely booting from an external storage device - WO 2007095465 A2 * Encryption/decryption engine with secure modes for key decryption and key derivation - US 8347112 B2 * Performing AES Encryption Or Decryption In Multiple Modes With A Single Instruction - US 20130202106 A1 * System and method for securing using decryption keys during FPGA configuration using a microcontroller - US 7653820 B1 * Encryption-decryption circuit and method of operation - US 7860251 B1 * System and method for accessing data from an external memory using dual read timing protocols - WO 2000026793 A1 * Apparatus and method for controlling access to an external memory - EP 1764721 A2