

A5000

Edge Lock Secure Authenticator

Rev. 1.3 — 18 November 2022 667613 Product data sheet

# 1 Introduction

The A5000 is a ready-to-use secure IoT authenticator. It provides a root of trust at the IC level and it gives an IoT authentication system state-of-the-art security capability right out of the box.

A5000 allows for securely storing and provisioning credentials and performing cryptographic operations for security critical communication and authentication functions. A5000 is versatile in IoT security use cases such as secure connection to public/private clouds, device-to-device authentication or counterfeit protection

A5000 has an independent Common Criteria EAL 6+ security certification up to OS level and supports ECC asymmetric cryptographic and AES/3DES symmetric algorithms. The latest security measures protect the IC even against sophisticated non-invasive and invasive attack scenarios.

The A5000 is a turnkey solution that comes with an authentication application optimized for authentication security use cases pre-installed. This is complemented by an authentication tailored product support package, enabling fast time to market & easy design-in with Plug & Trust middleware for host applications, easy to use development kits, reference designs, and documentation for product evaluation.

To implement inclusive language, the terms "master/slave" has been replaced by "controller/target", following the recommendation of MIPI.

### 1.1 A5000 use cases

- Device-to-device authentication
- Secure data protection and storage
- · Secure connection to public/private clouds, edge computing platforms, infrastructure
- DLMS/COSEM Compliance for Smart Metering
- Secure key storage
- · Secure provisioning of credentials
- Medical sensor and devices
- Qi 1.3 wireless charging authentication
- Matter Ready

### 1.2 A5000 target applications

- Smart Metering
- Smart Home
- Accessories and Smart Appliances
- Anti-Counterfeit





Figure 1. A5000 solution block diagram

**Note:** A5000 is designed to be used as a part of an IoT or Authentication system. It works as an auxiliary security device attached to a host controller. The host controller communicates with A5000 through an I<sup>2</sup>C interface (with the host being the controller and the A5000 being the target).

### 1.3 A5000 naming convention

The following table explains the naming conventions of the commercial product name of the A5000 platform. Every A5000 product gets assigned a commercial name, which includes application specific data.

The A5000 commercial names have the following format.

#### A5000agddd/Zrrff

All letters are explained in  $\underline{\text{Table 1}}$ .

| Table 1. A5 | 5000 commercia | al name format |
|-------------|----------------|----------------|
|-------------|----------------|----------------|

| Variable | Meaning           | Values              | Description                                                     |
|----------|-------------------|---------------------|-----------------------------------------------------------------|
| а        | Product Config    | C,R                 | Configuration options, refer to Configuration paragraph         |
| g        | Temperature range | 2                   | Extended operational ambient temperature<br>2 = -40 °C - 105 °C |
| ddd      | Delivery Type     | HQ1                 | HX2QFN20                                                        |
| Zrrff    |                   | Letters and numbers | NXP internal code to identify individual configurations         |

# 2 Features and benefits

## 2.1 Key benefits

- Plug & Trust for fast and easy design with dedicated product support package for authentication use cases
- Easy integration with different MCU & MPU platforms and OSs (Linux, RTOS, Windows, Android, etc.)
- Turnkey solution ideal for many authentication use cases without the need to write security code
- · Secure credential injection for proof of origin check
- Anti-counterfeit solution
- Secure, zero-touch connectivity to public & private clouds
- Real end-to-end security in authentication system from smart metering to smart home appliances
- Ready-to-use example code for each of the key use cases such as device-to-device authentication and originality check

### 2.2 Key features

The A5000 provides a secure and efficient protection for authentication and anticounterfeit use cases. The efficiency of the security measures is proven by a Common Criteria EAL6+ certification.

The A5000 operates fully autonomously based on an authenticaton software ready to be used. The product comes with a dedicated authentication application. Direct memory access is possible by the fixed functionalities of the NXP Authentication application only. With that, the content from the memory is fully isolated from the host system.

- Built on NXP Integral Security Architecture 3.0 <sup>™</sup>
- CC EAL 6+ certified HW and OS
- Effective protection against advanced attacks, including Power Analysis and Fault Attacks of various kinds
- Multiple logical and physical protection layers, including metal shielding, end-to-end encryption, memory encryption, tamper detection
- Support for ECC NIST asymmetric cryptography algorithms,
- Support for AES and DES symmetric cryptographic algorithms for encryption and decryption
- Support for AES Modes: CBC, ECB,CTR,GCM,CCM
- HMAC, CMAC, GMAC, SHA-256/384 operations
- HKDF key derivation function
- Small and very thin footprint HX2QFN20 package (3 × 3 mm) with max 0.33 mm height
- Extended temperature range (-40 °C to +105 °C)
- Standard physical interface I<sup>2</sup>C Target (Fast mode, up to 1 Mbit/s)
- Secured user flash memory of 8kB for secure data or key storage
- Support for SCP03 protocol (bus encryption and encrypted credential injection) to securely bind the host with the secure authenticator
- TRNG compliant to NIST SP800-90B

- DRBG compliant to NIST SP800-90A
- Support for Automatic detection of the I<sup>2</sup>C T=1 protocol implementation based on the initial message prologue. Supported protocols:
  - NXP SE05x T=1 Over I<sup>2</sup>C Specification. See [1].
  - APDU Transport over SPI/I2C v1.0 | GPC\_SPE\_172. See [6].
- Matter Ready: A5000 provides the necessary cryptographic functions to support the upcoming Matter standard for connecting smart home devices.

### 2.3 Features in detail

Table 2. A5000 configuration

| Categories                           |                                                             | A5000                 |
|--------------------------------------|-------------------------------------------------------------|-----------------------|
| Security certification               | CC EAL6+ (HW+OS)                                            | Х                     |
| JavaCard version                     | 3.0.5                                                       | Х                     |
| GlobalPlatform specification version | GP 2.3.1                                                    | X                     |
| ECC Crypto Schemes                   | ECDSA                                                       | Х                     |
|                                      | ECDH                                                        | Х                     |
|                                      | ECDHE                                                       | Х                     |
| Supported Elliptic Curves            | ECC NIST P256                                               | Х                     |
|                                      | ECC NIST P384                                               | Х                     |
| Symmetric Crypto Algorithm           | 3DES (2K, 3K)                                               | Х                     |
|                                      | AES (128, 192, 256)                                         | Х                     |
| AES Modes                            | CBC, ECB,CTR,GCM,CCM                                        | Х                     |
| Hash Function                        | SHA-256, SHA-384                                            | Х                     |
| MAC                                  | HMAC, CMAC, GMAC                                            | Х                     |
| Key Derivation (KDF)                 | HKDF                                                        | Х                     |
| Secure Channel                       | Secure Channel Host-SA (Platform SCP)                       | Х                     |
| TRNG                                 |                                                             | NIST SP800-90B, AIS31 |
| DRBG                                 |                                                             | NIST SP800-90A, AIS20 |
| Memory reliability                   | up to 100 million write cycles / 25 years                   | Х                     |
| User Memory                          |                                                             | 8kB                   |
| Pre-Provisioned                      |                                                             | Х                     |
| Interfaces                           | I <sup>2</sup> C Target, up to 1 Mbit                       | Х                     |
| Power saving modes                   | Power-Down (with state retention), 460µA (I <sup>2</sup> C) | Х                     |
|                                      | Deep Power-Down (no state retention), <5 μA                 | Х                     |
| Temperature                          | Extended, -40 - +105 °C, see Section 1.3                    | Х                     |
| Packaging                            | Plastic QFN, 3x3 mm (HX2QFN20) with max 0.33 mm height      | Х                     |

# 3 Functional description



# 3.1 Functional diagram

Figure 2. A5000 functional diagram

The A5000 uses  $I^2C$  as communication interface. Section 5 gives more details. The A5000 commands are wrapped using the Smartcard T=1 over  $I^2C$  (T=10  $I^2C$ ) protocol or the APDU Transport over SPI/ $I^2C$  v1.0 | GPC\_SPE\_172. Per default automatic detection of the  $I^2C$  T=1 protocol implementation based on the initial message prologue is activated. The detailed documentation of the A5000 commands (see [3]) and T=1 over  $I^2C$  protocol encapsulation is available on [1]. You may also check the APDU Transport over SPI/ $I^2C$  v1.0 | GPC\_SPE\_172. In [4].

In order to simplify the product usage a host library which abstracts for A5000 commands and T=1 over  $I^2C$  protocol encapsulation is provided. The host library supporting various platforms is available for download including complete source code on the A5000 website.

A5000 Authentication application features a generic file system capable of securely storing secure objects and associated privilege management. All objects can either be stored in persistent memory or in RAM with the capability to securely export and import them to be stored in an externally provided storage. All secure objects feature basic file operations such as write, read, delete and update.

# 3.2 Authentication Application Functionality

### 3.2.1 Supported secure object types

A secure object is an entry in the file system of A5000. Each secure object has certain features and capabilities. The following secure object types are available:

- Symmetric Key (AES, 3DES)
- ECC Key

- HMAC Key
- Binary File
- User ID
- Counter
- Hash-Extend register

#### 3.2.2 Access control

Each secure object can be linked to object specific access control policies. An access control policy associates a user identified by an authentication with a set of privileges such as read, write, allowed cryptographic operations and more. For details refer to [3].

To scale the functionality into a broad range of ecosystems, a set of different authentication options is provided:

- User-ID based authentication
- Symmetric key based authentication with secure messaging
- Asymmetric key based authentication with secure messaging At creation of a secure object, an optional set of policies is associated with that secure object. Each policy assigns a set of allowed operations on that object to an authentication object.

### 3.2.3 Locking the Device Configuration

The creation of new secure objects as well as the deletion or modification of existing secure objects can be controlled via a credential.

#### 3.2.4 Sessions and multi-threading

The A5000 Authentication Application is prepared for ecosystems where multi-threading and multi-tenant use cases are needed on APDU level. To enable that, the application supports 2 simultaneous sessions that can span full secure messaging sessions, self-authenticated APDUs for tenants not requiring long-lasting sessions and on top one default session for single tenant use cases .

#### 3.2.5 Application support

For specific ecosystems, A5000 Authentication Application has built-in crypto features to simplify the deployment of specific use cases such as

- ECC-Key based cloud connectivity (TLS)
- Remote attestation and trust provisioning

### 3.2.6 Random numbers

The A5000 IoT Applet provides random numbers using an AIS20 compliant pseudo random number generator (PRNG) with class DRG.4 generator initialized by a TRNG compliant to AIS31 class PTG.2. The PRNG is implemented according to NIST SP800-90Arev1.

DRG.3 functionality is a subset of DRG.4, therefore the TOE is also compliant to DRG.3.

### 3.2.7 Credential Storage & Memory

Within A5000, all credentials and secure objects are stored inside a dynamic file structure. At creation, a user has to associate a file identifier with the object created. This identifier is then used in subsequent operations to access the object. The number of objects that can be allocated is only limited by the available memory in the system. After usage, objects can be deleted and the associated memory is freed up again.

There is also the possibility to create transient objects. Transient objects have an object descriptor stored in non-volatile memory, but the object content is stored in RAM. Together with the import/export functionality of A5000, transient objects can be used securely store secret keys in a remote memory system.

When the creation of secure objects is interrupted by internal errors (e.g. insufficient space) or a tearing event, the memory is not freed up automatically. The memory can be freed up using garbage collection. An example to trigger garbage collection is included in the Plug & Trust Middleware (InvokeGarbageCollection) [5].

### 3.3 Startup behaviour

If a supply voltage is applied to pins  $V_{\text{in}},\,V_{\text{cc}}$  within the specified supply voltage operating range the IC boots up.

# 4 Pre-provisioned ease of use configuration

A5000 variants with pre-provisioned credentials for ease of use are available and can be used during development phase or in the field. With this customers have all keys preinjected in A5000 that are required for the main use cases as, e.g., originality check or cloud onboarding. The identifying information can be read out using the example "get info" from A5000 Plug&Trust MW package. This variant identifier is also known as OEF ID. This will allow to distinguish the delivered configuration.

For more information, see <u>Table 3</u> and <u>Table 4</u>:

#### Table 3. Variant Identifiers

| Variant                 | Variant Identifier (OEF ID) |
|-------------------------|-----------------------------|
| A5000                   | A736                        |
| A5000 Arduino Dev. Kit. | A736                        |

#### Table 4. Variant A5000

| Key name and type                                                                           | Certificate   | Usage policy<br>(keys)          | Erasable by<br>customer<br>(keys) <sup>[1]</sup> | Identifier                            |
|---------------------------------------------------------------------------------------------|---------------|---------------------------------|--------------------------------------------------|---------------------------------------|
| Originality Key 0, ECC256, Die<br>Individual                                                | Certificate 0 | Anybody, Read                   | No                                               | 0xF0000000 (key)<br>0xF0000001 (cert) |
| Originality Key 1, ECC256, Die<br>Individual                                                | Certificate 1 | Anybody, Read                   | No                                               | 0xF0000002 (key)<br>0xF0000003 (cert) |
| Root of Trust signing key,<br>ECC256, Die Individual (used<br>to attest new generated keys) | N/A           | Anybody Read and<br>Attestation | No                                               | 0xF0000012 <b>(key)</b>               |

[1] Certificates are always erasable by customer. Consider that their deletion prevents the device from connecting to the EdgeLock 2GO service over TLS.

# 4.1 A5000 Chain of Trust

### 4.1.1 Chain of Trust for Originality Keys

- Root Certificate
- Intermediate Certificate

### 4.2 Common keys

The keys in Table 5 are present in all configurations.

For the value of the Platform SCP please refer to Table 6.

A second set of Platform SCP keys are inserted with KVN 12. Key set 12 is a recovery key set. It can be used to establish a platform SCP connection in case key set 11 is lost. After authentication with key set 12, key set 11 can be updated again to the new values. Keep in mind that it is required that key set 12 shall be changed to a customer defined and owned value before the A5000 product is deployed in production. For generic products, NXP own the recovery key set. For customized products, the recovery key value can be retrieved from EdgeLock2Go and customers can update

# them if recovery feature is not required. As an example for key update, please refer to "se05x\_RotatePlatformSCP03Keys" in the Plug & Trust MW.

#### Table 5. Common objects

| Key name      | Details and type                                  | Certificate | Erasable by<br>customer | Identifier |
|---------------|---------------------------------------------------|-------------|-------------------------|------------|
| Common files  | UUID                                              | N/A         | No                      | 0x7FFF0206 |
| Platform SCP  | Default Value needed to perform update of the key | N/A         | No                      | N/A        |
| Recovery SCP  | Default Value needed to perform recovery          | N/A         | No                      | N/A        |
| ECKey session | Establish an ECC256 based EC key session          | N/A         | No                      | 0x7FFF0201 |
| ECKey import  | Used for ImportExternalObject                     | N/A         | No                      | 0x7FFF0202 |

#### Table 6. Default Platform SCP keys

| Configuration | ENC                              | MAC                              | DEK                              |
|---------------|----------------------------------|----------------------------------|----------------------------------|
| A5000         | c9118500b5ffa1433a50226f489a0aa5 | 29d2fe28f7feeb153068be381f61bc01 | 6124d38402118060ed910360fc5a4278 |

### 4.3 NXP reserved keys and objects

#### Table 7. NXP reserved keys and objects

| Key name           | Erasable by customer | Identifier |
|--------------------|----------------------|------------|
| NXP reserved key 1 | No                   | 0x7FFF0204 |
| NXP reserved key 2 | No                   | 0xF0000020 |
| NXP reserved key 3 | No                   | 0xF0003394 |

### 4.4 X.509 Certificate storage encoding

This paragraph provides details on the storage of X.509v3 Certificates in Binary Files on the Authentication application.

The command  ${\tt ReadSize}$  can be used to read the size of the complete binary file containing a certificate.

 Table 8. Content of certificate binary file

| Name              | Length [bytes]                                                       | Description                                                                                                                                                                                    |
|-------------------|----------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| X.509 Certificate | variable<br>(length encoded in X.509)                                | DER encoded X.509v3 Certificate.<br>The length can be parsed from the first<br>TLV sequence which spans over the<br>complete certificate.                                                      |
| Zero padding      | variable<br>(remaining bytes up to the complete<br>binary file size) | The file size of the binary file is constant<br>over all devices of a type, while the<br>specific device certificate can vary<br>in size per device (due to the ASN.1<br>encoding of numbers). |

# **5** Communication interfaces

The communication with the A5000 authenticator follows a command / response concept. This means that, after sending the full command to the authenticator all data needs to be retrieved fully until the next command can be sent.

# 5.1 I<sup>2</sup>C Interfaces

The A5000 has one  $I^2C$  interface supporting target.

The I<sup>2</sup>C target interface is used by the host controller to send arbitrary APDUs to the device. The I<sup>2</sup>C interface is using the Smartcard T=1 over I<sup>2</sup>C protocol.

The default target address of the A5000 is configured to 0x48.



# 5.1.1 Supported I<sup>2</sup>C frequencies

The A5000  $I^2C$  target interface supports the  $I^2C$  fast-speed mode with a maximum SCL clock of up to 1 MHz.

# 5.1.2 Default I<sup>2</sup>C Communication Parameters

The default I<sup>2</sup>C interface parameters of the A5000 devices are chosen with the highest compatibility in mind:

- The used I<sup>2</sup>C protocol is detected automatically on the first received frame amongst the two possible protocols:
  - NXP SE05x T=1 Over I<sup>2</sup>C Specification. See [1].
  - APDU Transport over SPI/I2C v1.0 | GPC\_SPE\_172. See [4].
- Power down can be explicitly requested by the host via an "End of APDU session request" (according to [1]) respectively "RELEASE request" from GP T=10l2C [4].

### 6 Power-saving modes

The device provides two power-saving operation modes. The Power-down mode (with state retention) and the Deep Power-down mode (no state retention). These modes are activated via pad ENA (Deep Power-down mode) or by the SW (Power-down mode).

### 6.1 Power-down mode

The Power-down mode has the following properties:

- All internal clocks are frozen
- · CPU enters power-saving mode with program execution being stopped
- CPU registers keep their contents
- RAM keeps its contents

The A5000 enters into Power-down mode by receiving "End of APDU session request" (according to [1]) respectively "RELEASE request" (according to GP T=10I2C [4]. In Power-down mode, all internal clocks are frozen. The IOs hold the logical states they had at the time Power-down mode was activated.

To exit from the Power-down mode an external interrupt edge must be triggered by a falling edge on  $I^2C\_SDA$ .

### 6.2 Deep Power-down mode

The A5000 provides a special power-saving mode offering maximum power saving. This mode is activated by pulling enable PIN (ENA) to a logic zero level.

While in Deep Power-down mode the internal power and  $V_{OUT}$  is switched off completely and only the I<sup>2</sup>C pads stay supplied.

To leave the Deep Power-down mode pad ENA has to be pulled up to to a logic "1" level.

For usage of Deep Power-down mode the A5000 must be supplied via pin  $V_{\text{in}}$  and pin  $V_{\text{cc}}$  needs to be supplied by pin  $V_{\text{out}}.$ 

# 7 Ordering information

#### Table 9. Ordering information

| 12NC         | Type number      | A5000 Variant       | Orderable part number |
|--------------|------------------|---------------------|-----------------------|
| 935426225472 | A5000R2HQ1/Z016U | A5000               | A5000R2HQ1/Z016UZ     |
| 935424319598 | OM-A5000ARD      | A5000 Arduino Board | OM-A5000ARD           |

# 8 Pinning information

## 8.1 Pinning

### 8.1.1 Pinning HX2QFN20



**Note:** Terminal 1 index area is marked on the bottom with a notch on the center pad and on the top with a printed dot.

| Symbol               | Pin | Description                                                                                                                                                                                                                                            |  |  |
|----------------------|-----|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--|--|
| r.f.u.               | 1   | Connect to V <sub>SS</sub>                                                                                                                                                                                                                             |  |  |
| n.c.                 | 2   | Not connected                                                                                                                                                                                                                                          |  |  |
| r.f.u.               | 3   | n.c. (recommended) or connect to V <sub>CC</sub>                                                                                                                                                                                                       |  |  |
| n.c.                 | 4   | Not connected                                                                                                                                                                                                                                          |  |  |
| n.c.                 | 5   | Not connected                                                                                                                                                                                                                                          |  |  |
| n.c.                 | 6   | Not connected                                                                                                                                                                                                                                          |  |  |
| n.c.                 | 7   | Not connected                                                                                                                                                                                                                                          |  |  |
| n.c.                 | 8   | Not connected                                                                                                                                                                                                                                          |  |  |
| I <sup>2</sup> C_SDA | 9   | I <sup>2</sup> C target data                                                                                                                                                                                                                           |  |  |
| I <sup>2</sup> C_SCL | 10  | I <sup>2</sup> C target clock                                                                                                                                                                                                                          |  |  |
| ENA                  | 11  | Deep Power-down mode enable. Deep Power-down mode is enabled by pulling ENA PIN to a logic zero level. To leave the Deep Power-down mode pad ENA has to be pulled up to to a logic "1" level. Connect to $V_{CC}$ if Deep Power-down mode is not used. |  |  |
| V <sub>IN</sub>      | 12  | Power supply voltage input for I <sup>2</sup> C pads and logic supply in case Deep Power-down mode is used                                                                                                                                             |  |  |

### Table 10. Pin description HX2QFN20

| Symbol           | Pin | Description                                                                                                                  |  |
|------------------|-----|------------------------------------------------------------------------------------------------------------------------------|--|
| r.f.u.           | 13  | n.c. (recommended) or connect to V <sub>CC</sub>                                                                             |  |
| r.f.u            | 14  | Connect to V <sub>SS</sub>                                                                                                   |  |
| V <sub>OUT</sub> | 15  | Supply voltage output to be connected with pad $V_{CC}$ on PCB level, if Deep Power-down mode is used. N. c. if not used.    |  |
| r.f.u.           | 16  | n.c. (recommended) or connect to V <sub>OUT</sub>                                                                            |  |
| r.f.u.           | 17  | Connect to V <sub>SS</sub>                                                                                                   |  |
| V <sub>CC</sub>  | 18  | Logic power supply voltage input, to be connected with pad $V_{\text{OUT}}$ on PCB level, if Deep Power-down mode to be used |  |
| V <sub>SS</sub>  | 19  | Ground                                                                                                                       |  |
| n.c.             | 20  | Not connected                                                                                                                |  |

#### Table 10. Pin description HX2QFN20...continued

The center pad of the IC is not connected, although it is recommended to connect it to ground for thermal reasons.

Reference voltage for for  $I^2C$  SDA and SCL is  $V_{IN}$ .

# 9 Package

A5000 is offered in HX2QFN20 package. The dimensions are 3 mm x 3 mm x 0,32 mm with a 0,4 mm pitch.

Please refer to the package data sheet [2], SOT1969-1.

# 10 Marking

| Table 11. Marking codes |                                          |  |  |  |  |  |  |
|-------------------------|------------------------------------------|--|--|--|--|--|--|
| Type number             | Marking code                             |  |  |  |  |  |  |
| A5000 Line A: A50       |                                          |  |  |  |  |  |  |
|                         | Line B: **** (**** = 4-digit Batch code) |  |  |  |  |  |  |
|                         | Line C: nDyww                            |  |  |  |  |  |  |
|                         | D: RHF-2006 indicator                    |  |  |  |  |  |  |
|                         | n: Assembly Center                       |  |  |  |  |  |  |
|                         | Y: Year                                  |  |  |  |  |  |  |
|                         | WW: Week                                 |  |  |  |  |  |  |

# **11** Packing information

# 11.1 Reel packing

The A5000 product is available in tape on reel.

#### Table 12. Reel packing options

| Symbol   | Parameter       | Numbers of units per reel |
|----------|-----------------|---------------------------|
| HX2QFN20 | 7" tape on reel | 3000                      |

# 12 Electrical and timing characteristics

The electrical interface characteristics of static (DC) and dynamic (AC) parameters for pads and functions used for  $I^2C$  are in accordance with the NXP  $I^2C$  specification (see [1]).

# 13 Limiting values

#### Table 13. Limiting values

In accordance with the Absolute Maximum Rating System (IEC 60134). Voltages are referenced to V<sub>SS</sub> (ground = 0 V).

| Symbol                            | Parameter                                                | Conditions                                         |     | Min  | Max       | Unit |
|-----------------------------------|----------------------------------------------------------|----------------------------------------------------|-----|------|-----------|------|
| V <sub>IN</sub> , V <sub>cc</sub> | supply voltage                                           |                                                    |     | -0.3 | +6<br>[1] | V    |
| VI                                | input voltage                                            | any signal pad                                     |     | -0.3 | +6        | V    |
| I <sub>I</sub>                    | input current                                            | pad I <sup>2</sup> C_SDA, I <sup>2</sup> C_SCL     |     | -    | 10        | mA   |
| I <sub>O</sub>                    | output current                                           | pad I <sup>2</sup> C_SDA, I <sup>2</sup> C_SCL     |     | -    | 10        | mA   |
| l <sub>lu</sub>                   | latch-up current                                         | $V_{I}$ < 0 V or $V_{I}$ > $V_{IN}$ , $V_{cc}$     |     | -    | 100       | mA   |
| V <sub>esd_hbm</sub>              | electrostatic discharge voltage<br>(Human Body Model)    | pads $V_{CC}$ , $V_{SS}$ , $I^2C_SDA$ , $I^2C_SCL$ | [2] |      | ± 2.0     | kV   |
| V <sub>esd_cdm</sub>              | electrostatic discharge voltage<br>(Charge Device Model) | pads $V_{CC}$ , $V_{SS}$ , $I^2C_SDA$ , $I^2C_SCL$ | [3] |      | ± 500     | V    |
| P <sub>tot</sub>                  | Total power dissipation                                  |                                                    | [4] | -    | 600       | mW   |
| T <sub>stg</sub>                  | Storage temperature                                      |                                                    |     | -55  | +125      | °C   |

Maximum supported supply voltage is 6 V. The A5000 is characterized for the specified operating supply voltage range of 1.62 V to 3.6 V. In case of supply voltages above 3.6 V, Deep Power-down mode current <5  $\mu$ A is not guaranteed. MIL Standard 883-D method 3015; human body model; C = 100 pF, R = 1.5 kΩ; T<sub>amb</sub> = -40 °C to +105 °C. JESD22-C101, JEDEC Standard Field induced charge device model test method. Depending on appropriate thermal resistance of the package. [1]

[2] [3] [4]

# 14 Recommended operating conditions

The A5000 is characterized by its specified operating supply voltage range of 1.62 V to 3.6 V.

Table 14. Recommended operating conditions

| Symbol                            | Parameter                                               | Conditions             | Min  | Тур | Max                                      | Unit |
|-----------------------------------|---------------------------------------------------------|------------------------|------|-----|------------------------------------------|------|
| V <sub>IN</sub> , V <sub>CC</sub> | Supply voltage                                          | Nominal supply voltage | 1.62 | 1.8 | 3.6<br>[1]                               | V    |
| VI                                | DC input voltage on digital inputs and digital I/O pads | -                      | -0.3 |     | V <sub>CC</sub> /V <sub>IN</sub><br>+0.3 | V    |
| T <sub>amb</sub>                  | Operating ambient temperature <sup>[2]</sup>            |                        | -40  |     | +105                                     | °C   |

Maximum supported supply voltage is 6 V. In case of supply voltages above 3.6 V, Deep Power-down mode current <5 μA is not guaranteed.</li>
 All product properties and values specified within this data sheet are only valid within the operating ambient temperature range.



Maximum supported supply voltage is 6 V. In case of supply voltages above 3.6 V, Deep Powerdown mode current <5  $\mu$ A is not guaranteed.

Figure 5. Characteristic supply voltage operating range

# **15 Characteristics**

## **15.1 Thermal Characteristics**

Table 15. Thermal characteristics

| Rating                                                   | Board Type <sup>[1]</sup> | Symbol           | Value | Unit |
|----------------------------------------------------------|---------------------------|------------------|-------|------|
| Junction to Ambient<br>Thermal Resistance <sup>[2]</sup> | JESD51-9, 2s2p            | R <sub>θJA</sub> | 70.2  | °C/W |
| Junction to Package<br>Top Thermal <sup>[2]</sup>        | JESD51-9, 2s2p            | $\Psi_{JT}$      | 8.3   | °C/W |
| Junction to Case<br>Thermal Resistance <sup>[3]</sup>    | JESD51-9, 1s              | R <sub>θJC</sub> | 32.9  | °C/W |

[1] Thermal test board meets JEDEC specification for this package (JESD51-9)

[2] Determined in accordance to JEDEC JESD51-2A natural convection environment. Thermal resistance data in this report is solely for a thermal performance comparison of one package to another in a standardized specified environment. It is not meant to predict the performance of a package in an application-specific environment

[3] Junction-to-Case thermal resistance determined using an isothermal cold plate. Case is defined as the bottom of the packages (exposed pad)

### **15.2 DC characteristics**

#### Measurement conventions

Testing measurements are performed at the contact pads of the device under test. All voltages are defined with respect to the ground contact pad VSS. All currents flowing into the device are considered positive.

# 15.2.1 I<sup>2</sup>C Interface

Table 16. Electrical DC characteristics of I<sup>2</sup>C pads SDA, SCL. Conditions:  $V_{cc}$ ,  $V_{IN}$  = 1.62 V to 3.6 V;  $V_{SS}$  = 0 V;  $T_{amb}$  = -40 °C to + 105 °C, unless otherwise specified\*

Maximum supported supply voltage is 6 V. In case of supply voltages above 3.6 V, Deep Power-down mode current <5  $\mu$ A is not guaranteed.

| Symbol              | Parameter                                  | Conditions                                         | Min                 | Тур  | Max                   | Unit |
|---------------------|--------------------------------------------|----------------------------------------------------|---------------------|------|-----------------------|------|
| V <sub>IH</sub>     | HIGH level input voltage                   |                                                    | 0.7 V <sub>IN</sub> |      | V <sub>IN</sub> + 0.3 | V    |
| V <sub>IL</sub>     | LOW level input voltage                    |                                                    | -0.3                |      | 0.25 V <sub>IN</sub>  | V    |
| V <sub>HYS</sub>    | Input hysteresis voltage                   | -                                                  | 0.081 V             |      |                       | V    |
| V <sub>OL(OD)</sub> | Low level output voltage (open-drain mode) | I <sub>OL</sub> = 3.0 mA                           | 0                   |      | 0.4                   | V    |
| I <sub>OL(OD)</sub> | Low level output current (open-drain mode) | V <sub>OL</sub> = 0.6 V                            | 0.6                 |      |                       | mA   |
| I <sub>WPU</sub>    | weak pull-up current                       | V <sub>IO</sub> = 0 V                              | -265                | -180 | -70                   | μA   |
| I <sub>ILIH</sub>   | Leakage input current high level           | V <sub>SDA</sub> = 3.6 V, V <sub>SCL</sub> = 3.6 V |                     | 0.27 | 15                    | μΑ   |

#### 15.2.2 Power consumption

#### Table 17. Electrical characteristics of IC supply voltage V<sub>CC</sub>; V<sub>SS</sub> = 0 V; T<sub>amb</sub> = -40 °C to +105 C

| Symbol                   | Parameter                                                                            | Conditions                                                                                                                                                                                                                                | Min  | Тур  | Max  | Unit |
|--------------------------|--------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------|------|------|------|
| Supply                   |                                                                                      | 1                                                                                                                                                                                                                                         |      |      |      |      |
| V <sub>CC</sub>          | supply voltage range                                                                 | V <sub>CC</sub> = 1.62 - 3.6 V                                                                                                                                                                                                            | 1.62 | 1.80 | 3.6  | V    |
|                          | operating mode: Idle mode                                                            |                                                                                                                                                                                                                                           |      |      |      |      |
| I <sub>DD</sub>          | operating mode: typical CPU                                                          |                                                                                                                                                                                                                                           |      |      |      |      |
|                          |                                                                                      | during Communication                                                                                                                                                                                                                      | -    | 3.0  | 3.7  | mA   |
|                          |                                                                                      | during non asymmetric crypto operation                                                                                                                                                                                                    | -    | 6.5  | 7.5  | mA   |
|                          |                                                                                      | during asymmetric crypto operation                                                                                                                                                                                                        | -    | 14.4 | 16.5 | mA   |
| I <sub>DDD (DPD)</sub>   | supply current Deep Power-down mode                                                  | V <sub>CCmin</sub> ≤ V <sub>IN</sub> ≤ V <sub>CCmax;</sub> T <sub>amb</sub> =<br>25 °C                                                                                                                                                    | 3    |      | 5    | μA   |
| I <sub>DD (PD-I2C)</sub> | supply current I <sup>2</sup> C Power-down mode<br>(I <sup>2</sup> C wake-up source) | $\label{eq:V_CCmin} \begin{array}{l} \leq V_{CC} \leq V_{CCmax}; \mbox{ Clock} \\ \mbox{to input SCL stopped, Tamb=} \\ 25 \ ^{\circ}\mbox{C SDA, SCL pads in pull-up} \\ \mbox{Typical value with } V_{CC} \mbox{=} 1.8 \ V \end{array}$ |      | 450  | 500  | μA   |

### 15.3 AC characteristics

#### Table 18. Non-volatile memory timing characteristics

Conditions:  $V_{CC}$  = 1.62 V to 3.6 V;  $V_{SS}$  = 0 V;  $T_{amb}$  = -40 °C to +105 °C, unless otherwise specified.

| Symbol           | Parameter                                                                                                                                                           | Conditions                |     | Min                  | Typ <sup>[1]</sup>       | Max | Unit   |
|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------|-----|----------------------|--------------------------|-----|--------|
| t <sub>EEP</sub> | FLASH erase + program time                                                                                                                                          |                           | [2] |                      | 2.3                      |     | ms     |
| t <sub>EEE</sub> | FLASH erase time                                                                                                                                                    |                           |     |                      | 0.9                      |     | ms     |
| t <sub>EEW</sub> | FLASH program time                                                                                                                                                  |                           |     |                      | 1.4                      |     | ms     |
| t <sub>EER</sub> | FLASH data retention time                                                                                                                                           | T <sub>amb</sub> = +55 °C |     | 25                   |                          |     | years  |
| N <sub>EEC</sub> | FLASH endurance (maximum<br>number of programming cycles<br>applied to the whole memory<br>block performed by NXP static<br>and dynamic wear leveling<br>algorithm) |                           |     | 20 × 10 <sup>6</sup> | 100 ×<br>10 <sup>6</sup> |     | cycles |

Typical values are only referenced for information. They are subject to change without notice. Given value specifies physical access times of FLASH memory only. [1]

[2]

Table 19. Electrical AC characteristics of I<sup>2</sup>C\_SDA, I<sup>2</sup>C\_SCL<sup>[1]</sup>;  $V_{CC}$  = 1.8 V ± 10 % or 3 V ± 10 % V;  $V_{SS}$  = 0 V;  $T_{amb}$  = -40 °C to +105 °C°C

SCL, SDA pads in open-drain mode.

| Symbol           | Parameter                                                                                                     | Conditions           |     | Min | Тур | Мах | Unit |  |  |  |
|------------------|---------------------------------------------------------------------------------------------------------------|----------------------|-----|-----|-----|-----|------|--|--|--|
| Input/Ou         | Input/Output: I <sup>2</sup> C_SDA, I <sup>2</sup> C_SCL in open-drain mode                                   |                      |     |     |     |     |      |  |  |  |
| tr <sub>IO</sub> | I/O Input rise time                                                                                           | Input/reception mode | [2] |     |     | 1   | μs   |  |  |  |
| A5000            | 00 All information provided in this document is subject to legal disclaimers. © 2022 NXP B.V. All rights rese |                      |     |     |     |     |      |  |  |  |

Table 19. Electrical AC characteristics of  $I^2C\_SDA$ ,  $I^2C\_SCL^{[1]}$ ;  $V_{CC} = 1.8 V \pm 10 \%$  or  $3 V \pm 10 \% V$ ;  $V_{SS} = 0 V$ ;  $T_{amb} = -40 \degree C$  to  $+105 \degree C^{\circ}C$ ...continued SCL, SDA pads in open-drain mode.

| Symbol             | Parameter                                                                               | Conditions                                                                     |     | Min | Тур | Max  | Unit |
|--------------------|-----------------------------------------------------------------------------------------|--------------------------------------------------------------------------------|-----|-----|-----|------|------|
| tf <sub>IO</sub>   | I/O Input fall time                                                                     | Input/reception mode                                                           | [2] |     |     | 1    | μs   |
| tf <sub>OIO</sub>  | I/O Output fall time                                                                    | Output/transmission mode; C <sub>L</sub><br>= 30 pF                            | [2] |     |     | 0.3  | μs   |
| f <sub>CLK</sub>   | External clock frequency in I <sup>2</sup> C applications                               | $t_{\text{CLKW}},T_{\text{amb}}$ and $V_{\text{CC}}$ in their specified limits |     | -   |     | 3.4  | MHz  |
| t <sub>PD</sub>    | Power down duration time (I <sup>2</sup> C wake-up)                                     | CPU clock = 48 MHz                                                             | [3] |     | 67  |      | μs   |
| t <sub>WKPD</sub>  | Wake-up from power down<br>duration time (I <sup>2</sup> C wake-up)                     | CPU clock = 48 MHz                                                             | [4] |     | 97  |      | μs   |
| C <sub>PIN</sub>   | Pin capacitances I <sup>2</sup> C_SDA, /<br>I <sup>2</sup> C_SCL                        | Test frequency = 1 MHz; Tamb<br>= 25 °C                                        |     | -   |     | 10.5 | pF   |
| t <sub>ENalt</sub> | ENA low time and Vout, V <sub>cc</sub><br>low time for entering deep<br>power down mode |                                                                                | [5] |     | 2   |      | μs   |
| R <sub>on</sub>    | Resistance of power switch                                                              | $T_{amb}$ =105 °C, I <sub>load</sub> =25 mA, $V_{in}$ =1.62 V                  |     |     |     | 1.1  | Ohm  |
| l <sub>out</sub>   | maximum current driving capability of pin V <sub>out</sub>                              | T <sub>amb</sub> =105 °C                                                       |     |     |     | 25   | mA   |
| t <sub>WKPIO</sub> | Pad LOW time for wake-up                                                                | level triggered ext.int.                                                       |     | -   | 8   | 10   | μs   |
|                    | from Power-down mode                                                                    | edge triggered ext.int.                                                        |     | -   | 8   | 10   | μs   |
| C <sub>PIN</sub>   | Pin capacitances I <sup>2</sup> C_SDA, /<br>I <sup>2</sup> C_SCL                        | Test frequency = 1 MHz; T <sub>amb</sub><br>= 25 °C                            |     | -   |     | 10.5 | pF   |

[1] All appropriately marked values are typical values and only referenced for information. They are subject to change without notice.

[2] t<sub>r</sub> is defined as rise time between 30 % and 70 % of the signal amplitude.

t<sub>f</sub> is defined as fall time between 70 % and 30 % of the signal amplitude.

[3] Wakeup from power down: I<sup>2</sup>C\_SCL=400 kHz; the wakeup time will not be sufficient under the rare condition where host sends the first command during the time where SA is just entering power down; in this case the SA will send an R block to request retransmission from the host

[4] Wakeup from power down: I<sup>2</sup>C\_SCL=1 MHz; the wakeup time will not be sufficient to receive the first host command; the SA will send an R block to request retransmission from the host

[5] Low glitches below 0.4 V on pin ENA and Vin, V<sub>out</sub>, V<sub>cc</sub> larger than 30 ns cause Power-On-Reset, respectively entering deep power-down mode.



Figure 6. External clock drive and AC test timing reference points of I<sup>2</sup>C\_SDA, I<sup>2</sup>C\_SCL (see <sup>1)</sup> and <sup>2)</sup>) in open-drain mode

# 15.4 I<sup>2</sup>C Bus Timings

Parameters defined in this chapter replace the parameter definitions of  $I^2C$  bus, for specification see [4].



Figure 7. I<sup>2</sup>C Bus Timings

### Table 20. I<sup>2</sup>C Bus Timing Specification

| Symbol                                | Parameter                                 | Condition | Min | Max | Unit |
|---------------------------------------|-------------------------------------------|-----------|-----|-----|------|
| t <sub>HDf;DAT50</sub> <sup>[1]</sup> | data hold time<br>50% SCL - 50% SDA level | Fast mode | 8   |     | ns   |
| t <sub>HDr;DAT50</sub> <sup>[2]</sup> | data hold time<br>50% SCL - 50% SDA level | Fast mode | 24  |     | ns   |

t<sub>HDf;DAT50</sub>, as defined in <u>Figure 7</u>, replaces parameter t<sub>HD;DAT</sub> defined in [4]
 t<sub>HDr;DAT50</sub>, as defined in <u>Figure 7</u>, replaces parameter t<sub>HD;DAT</sub> defined in [4]

# 15.5 EMC/EMI

EMC and EMI resistance according to IEC 61967-4.

# **16 Product operation**

Within this section guidelines for the operation of A5000 are described.

### **16.1 T1ol2C command and response pairs**

T1oI2C protocol rely on alternating command-APDU response-APDU data pairs. Before the secure authenticator receives a new Command-APDU the previous response-APDU needs to be fetched entirely.

Ensure the response is fully read from the secure authenticator before sending the next command-APDU. This is especially important when the host is reset independently of the secure authenticator or used in multi-threaded/multi-processing applications. Independently of the secure authenticator, ensure the host/SA command response sequence is synchronized.

The Plug & Trust MW access Manager supports concurrent access from multiple linux processes to the A5000 Authenticaton application.

### 16.2 T1ol2C communication interface specifications

The Plug & Trust MW provides an example for the T1ol2C protocol implementation on the host. This reference implementation details also additions specific to the following available T1ol2C interfaces:

- NXP SE05x T=1 Over I<sup>2</sup>C Specification. See [1].
- APDU Transport over SPI/I2C v1.0 | GPC\_SPE\_172. See [4].

The host implementation is required to fully comply to the specification to guarantee a seamless operation.

# **17 Abbreviations**

| Table 21. Abbre  | viations                                              |
|------------------|-------------------------------------------------------|
| Acronym          | Description                                           |
| AES              | Advanced Encryption Standard                          |
| APDU             | Application Protocol Data Unit                        |
| CC               | Common Criteria                                       |
| CMAC             | Cipher-based MAC                                      |
| CRC              | Cyclic Redundancy Check                               |
| CRI              | Cryptography Research Incorporated                    |
| DES              | Digital Encryption Standard                           |
| DPA              | Differential Power Analysis                           |
| DSS              | Digital Signature Standard                            |
| EAL              | Evaluation Assurance Level                            |
| ECC              | Elliptic Curve Cryptography                           |
| EMC              | Electromagnetic compatibility                         |
| EMI              | Electro Magnetic Immunity                             |
| FM               | Fast-Mode                                             |
| GP               | Global Platform                                       |
| GPIO             | General-purpose input/output                          |
| HS               | High-Speed-Mode                                       |
| HKDF             | HMAC-based Extract-and-Expand Key Derivation Function |
| HMAC             | Keyed-Hash Message Authentication Code                |
| HW               | Hardware                                              |
| IC               | Integrated Circuit                                    |
| I <sup>2</sup> C | Inter-Integrated Circuit                              |
| I/O              | Input/Output                                          |
| IoT              | Internet of Things                                    |
| MAC              | Message Authentication Code                           |
| МСИ              | Microcontroller unit                                  |
| MPU              | Microprocessor                                        |
| MW               | Middleware                                            |
| OS               | Operating System                                      |
| NIST             | National Institute for Standards and Technology       |
| РСВ              | Printed Circuit Board                                 |
| PKI              | Public Key Infrastructure                             |
| PRF              | Pseudo Random Function                                |
| RAM              | Random Access Memory                                  |

| Acronym | Viationscontinued Description |
|---------|-------------------------------|
| RST     | Reset                         |
| SA      | Secure Authenticator          |
| SAM     | Secure Access Module          |
| SCL     | Serial clock                  |
| SDA     | Serial data                   |
| SPA     | Simple Power Analysis         |
| SFI     | Single Fault Injection        |
| SHA     | Secure Hash Algorithm         |
| SW      | Software                      |
| TLS     | Transport Layer Security      |
| VCC     | Supply Voltage Input          |
| VIN     | Voltage Input                 |
| VOUT    | Voltage Output                |
| VSS     | Ground                        |

Table 21. Abbreviations...continued

# **18 References**

- [1] NXP SE05x T=1 Over I<sup>2</sup>C Specification User Manual, Document Number 11225. Available on <u>NXP website</u>
- [2] SOT1969-1; HX2QFN20; Reel packing and package data sheet. Available on <u>NXP</u> website.
- [3] A5000 Authentication Application APDU Specification, document number AN13157.
- [4] APDU Transport over SPI/I2C v1.0 | GPC\_SPE\_172. Available <u>here</u>.
- [5] Plug & Trust MW Documentation, AN 13030. Available on <u>NXP website</u>.

# **19 Revision history**

| Document ID   | Release date          | Data sheet status           | Change notice | Supersedes |
|---------------|-----------------------|-----------------------------|---------------|------------|
| 667613        | 20221118              | Product data sheet          |               | 667612     |
| Modifications | Update <u>Section</u> | Update <u>Section 8.1.1</u> |               |            |
| 667612        | 20221027              | Product data sheet          |               | 667611     |
| Modifications | Update <u>Section</u> | Update <u>Section 3.2.6</u> |               |            |
| 667611        | 20220421              | Product data sheet          |               | 667610     |
| Modifications | Added <u>Section</u>  | 4.4                         | · ·           | - ·        |
| 667610        | 20220328              | Product data sheet          |               | -          |
| Modifications | Initial version       | 1                           | 1             | 1          |

# 20 Legal information

### 20.1 Data sheet status

| Document status <sup>[1][2]</sup> | Product status <sup>[3]</sup> | Definition                                                                            |
|-----------------------------------|-------------------------------|---------------------------------------------------------------------------------------|
| Objective [short] data sheet      | Development                   | This document contains data from the objective specification for product development. |
| Preliminary [short] data sheet    | Qualification                 | This document contains data from the preliminary specification.                       |
| Product [short] data sheet        | Production                    | This document contains the product specification.                                     |

[1] Please consult the most recently issued document before initiating or completing a design.

[2] The term 'short data sheet' is explained in section "Definitions".

[3] The product status of device(s) described in this document may have changed since this document was published and may differ in case of multiple devices. The latest product status information is available on the Internet at URL <u>http://www.nxp.com</u>.

### 20.2 Definitions

**Draft** — A draft status on a document indicates that the content is still under internal review and subject to formal approval, which may result in modifications or additions. NXP Semiconductors does not give any representations or warranties as to the accuracy or completeness of information included in a draft version of a document and shall have no liability for the consequences of use of such information.

Short data sheet — A short data sheet is an extract from a full data sheet with the same product type number(s) and title. A short data sheet is intended for quick reference only and should not be relied upon to contain detailed and full information. For detailed and full information see the relevant full data sheet, which is available on request via the local NXP Semiconductors sales office. In case of any inconsistency or conflict with the short data sheet, the full data sheet shall prevail.

**Product specification** — The information and data provided in a Product data sheet shall define the specification of the product as agreed between NXP Semiconductors and its customer, unless NXP Semiconductors and customer have explicitly agreed otherwise in writing. In no event however, shall an agreement be valid in which the NXP Semiconductors product is deemed to offer functions and qualities beyond those described in the Product data sheet.

# 20.3 Disclaimers

Limited warranty and liability — Information in this document is believed to be accurate and reliable. However, NXP Semiconductors does not give any representations or warranties, expressed or implied, as to the accuracy or completeness of such information and shall have no liability for the consequences of use of such information. NXP Semiconductors takes no responsibility for the content in this document if provided by an information source outside of NXP Semiconductors.

In no event shall NXP Semiconductors be liable for any indirect, incidental, punitive, special or consequential damages (including - without limitation - lost profits, lost savings, business interruption, costs related to the removal or replacement of any products or rework charges) whether or not such damages are based on tort (including negligence), warranty, breach of contract or any other legal theory.

Notwithstanding any damages that customer might incur for any reason whatsoever, NXP Semiconductors' aggregate and cumulative liability towards customer for the products described herein shall be limited in accordance with the Terms and conditions of commercial sale of NXP Semiconductors.

**Right to make changes** — NXP Semiconductors reserves the right to make changes to information published in this document, including without limitation specifications and product descriptions, at any time and without notice. This document supersedes and replaces all information supplied prior to the publication hereof.

Suitability for use — NXP Semiconductors products are not designed, authorized or warranted to be suitable for use in life support, life-critical or safety-critical systems or equipment, nor in applications where failure or malfunction of an NXP Semiconductors product can reasonably be expected to result in personal injury, death or severe property or environmental damage. NXP Semiconductors and its suppliers accept no liability for inclusion and/or use of NXP Semiconductors products in such equipment or applications and therefore such inclusion and/or use is at the customer's own risk.

**Applications** — Applications that are described herein for any of these products are for illustrative purposes only. NXP Semiconductors makes no representation or warranty that such applications will be suitable for the specified use without further testing or modification.

Customers are responsible for the design and operation of their applications and products using NXP Semiconductors products, and NXP Semiconductors accepts no liability for any assistance with applications or customer product design. It is customer's sole responsibility to determine whether the NXP Semiconductors product is suitable and fit for the customer's applications and products planned, as well as for the planned application and use of customer's third party customer(s). Customers should provide appropriate design and operating safeguards to minimize the risks associated with their applications and products.

NXP Semiconductors does not accept any liability related to any default, damage, costs or problem which is based on any weakness or default in the customer's applications or products, or the application or use by customer's third party customer(s). Customer is responsible for doing all necessary testing for the customer's applications and products using NXP Semiconductors products in order to avoid a default of the applications and the products or of the application or use by customer's third party customer(s). NXP does not accept any liability in this respect.

Limiting values — Stress above one or more limiting values (as defined in the Absolute Maximum Ratings System of IEC 60134) will cause permanent damage to the device. Limiting values are stress ratings only and (proper) operation of the device at these or any other conditions above those given in the Recommended operating conditions section (if present) or the Characteristics sections of this document is not warranted. Constant or repeated exposure to limiting values will permanently and irreversibly affect the quality and reliability of the device.

Terms and conditions of commercial sale — NXP Semiconductors products are sold subject to the general terms and conditions of commercial sale, as published at http://www.nxp.com/profile/terms, unless otherwise agreed in a valid written individual agreement. In case an individual agreement is concluded only the terms and conditions of the respective agreement shall apply. NXP Semiconductors hereby expressly objects to applying the customer's general terms and conditions with regard to the purchase of NXP Semiconductors products by customer.

**No offer to sell or license** — Nothing in this document may be interpreted or construed as an offer to sell products that is open for acceptance or the grant, conveyance or implication of any license under any copyrights, patents or other industrial or intellectual property rights.

All information provided in this document is subject to legal disclaimers.

# A5000

#### Edge Lock Secure Authenticator

**Quick reference data** — The Quick reference data is an extract of the product data given in the Limiting values and Characteristics sections of this document, and as such is not complete, exhaustive or legally binding.

**Export control** — This document as well as the item(s) described herein may be subject to export control regulations. Export might require a prior authorization from competent authorities.

Suitability for use in non-automotive qualified products — Unless this data sheet expressly states that this specific NXP Semiconductors product is automotive qualified, the product is not suitable for automotive use. It is neither qualified nor tested in accordance with automotive testing or application requirements. NXP Semiconductors accepts no liability for inclusion and/or use of non-automotive qualified products in automotive equipment or applications.

In the event that customer uses the product for design-in and use in automotive applications to automotive specifications and standards, customer (a) shall use the product without NXP Semiconductors' warranty of the product for such automotive applications, use and specifications, and (b) whenever customer uses the product for automotive applications beyond NXP Semiconductors' specifications such use shall be solely at customer's own risk, and (c) customer fully indemnifies NXP Semiconductors for any liability, damages or failed product claims resulting from customer design and use of the product for automotive applications beyond NXP Semiconductors' standard warranty and NXP Semiconductors' product specifications.

**Translations** — A non-English (translated) version of a document, including the legal information in that document, is for reference only. The English version shall prevail in case of any discrepancy between the translated and English versions.

Security — Customer understands that all NXP products may be subject to unidentified vulnerabilities or may support established security standards or specifications with known limitations. Customer is responsible for the design and operation of its applications and products throughout their lifecycles to reduce the effect of these vulnerabilities on customer's applications and products. Customer's responsibility also extends to other open and/or proprietary technologies supported by NXP products for use in customer's applications. NXP accepts no liability for any vulnerability. Customer should regularly check security updates from NXP and follow up appropriately. Customer shall select products with security features that best meet rules, regulations, and standards of the intended application and make the ultimate design decisions regarding its products and is solely responsible for compliance with all legal, regulatory, and security related requirements concerning its products, regardless of any information or support that may be provided by NXP.

NXP has a Product Security Incident Response Team (PSIRT) (reachable at <u>PSIRT@nxp.com</u>) that manages the investigation, reporting, and solution release to security vulnerabilities of NXP products.

### 20.4 Licenses

ICs with DPA Countermeasures functionality



NXP ICs containing functionality implementing countermeasures to Differential Power Analysis and Simple Power Analysis are produced and sold under applicable license from Cryptography Research, Inc.

### 20.5 Trademarks

Notice: All referenced brands, product names, service names, and trademarks are the property of their respective owners.

NXP — wordmark and logo are trademarks of NXP B.V.

EdgeLock — is a trademark of NXP B.V.

**I2C-bus** — logo is a trademark of NXP B.V. **JCOP** — is a trademark of NXP B.V.

# **Tables**

| Tab. 1.  | A5000 commercial name format       | 2  |
|----------|------------------------------------|----|
| Tab. 2.  | A5000 configuration                | 4  |
| Tab. 3.  | Variant Identifiers                | 8  |
| Tab. 4.  | Variant A5000                      | 8  |
| Tab. 5.  | Common objects                     | 9  |
| Tab. 6.  | Default Platform SCP keys          | 9  |
| Tab. 7.  | NXP reserved keys and objects      | 9  |
| Tab. 8.  | Content of certificate binary file |    |
| Tab. 9.  | Ordering information               | 12 |
| Tab. 10. | Pin description HX2QFN20           |    |
| Tab. 11. | Marking codes                      |    |
| Tab. 12. | Reel packing options               | 17 |
| Tab. 13. | Limiting values                    | 19 |
| Tab. 14. | Recommended operating conditions   |    |
| Tab. 15. | Thermal characteristics            | 21 |

| Tab. 16. | Electrical DC characteristics of I2C pads                |    |
|----------|----------------------------------------------------------|----|
|          | SDA, SCL. Conditions: Vcc, VIN = 1.62 V                  |    |
|          | to 3.6 V; VSS = 0 V; Tamb = -40 °C to +                  |    |
|          | 105 °C, unless otherwise specified*                      | 21 |
| Tab. 17. | Electrical characteristics of IC supply                  |    |
|          | voltage VCC; VSS = 0 V; Tamb = -40 °C to                 |    |
|          | +105 C                                                   | 22 |
| Tab. 18. | Non-volatile memory timing characteristics               | 22 |
| Tab. 19. | Electrical AC characteristics of I2C_SDA,                |    |
|          | I2C_SCL; VCC = 1.8 V ± 10 % or 3 V ±                     |    |
|          | $10 \ \overline{\%}$ V; VSS = 0 V; Tamb = -40 °C to +105 |    |
|          | °C°C                                                     | 22 |
| Tab. 20. | I2C Bus Timing Specification                             | 24 |
| Tab. 21. | Abbreviations                                            | 26 |
| Tab. 22. | Revision history                                         | 29 |

667613

# Figures

| Fig. 1. | A5000 solution block diagram   | 2 |
|---------|--------------------------------|---|
| Fig. 2. | A5000 functional diagram       | 5 |
| Fig. 3. | Target address 1               | 0 |
| Fig. 4. | Pin configuration for HX2QFN20 |   |
|         | (SOT1969-1)1                   | 3 |

| Fig. 5. | Characteristic supply voltage operating |    |
|---------|-----------------------------------------|----|
|         | range                                   | 20 |
| Fig. 6. | External clock drive and AC test timing |    |
|         | reference points of I2C_SDA, I2C_SCL,   |    |
|         | (see 1) and 2)) in open-drain mode      | 23 |
| Fig. 7. | I2C Bus Timings                         | 24 |

# Contents

| 1            | Introduction1                              |
|--------------|--------------------------------------------|
| 1.1          | A5000 use cases1                           |
| 1.2          | A5000 target applications1                 |
| 1.3          | A5000 naming convention2                   |
| 2            | Features and benefits                      |
| 2.1          | Key benefits                               |
| 2.2          | Key features                               |
| 2.2          | Features in detail                         |
| 2.5<br>3     | Functional description                     |
| <b>3</b> .1  |                                            |
|              | Functional diagram                         |
| 3.2          | Authentication Application Functionality   |
| 3.2.1        | Supported secure object types5             |
| 3.2.2        | Access control                             |
| 3.2.3        | Locking the Device Configuration6          |
| 3.2.4        | Sessions and multi-threading6              |
| 3.2.5        | Application support6                       |
| 3.2.6        | Random numbers6                            |
| 3.2.7        | Credential Storage & Memory7               |
| 3.3          | Startup behaviour7                         |
| 4            | Pre-provisioned ease of use configuration8 |
| 4.1          | A5000 Chain of Trust8                      |
| 4.1.1        | Chain of Trust for Originality Keys8       |
| 4.2          | Common keys8                               |
| 4.3          | NXP reserved keys and objects              |
| 4.4          | X.509 Certificate storage encoding         |
| 5            | Communication interfaces                   |
| 5.1          | I2C Interfaces                             |
| 5.1.1        | Supported I2C frequencies10                |
| 5.1.2        | Default I2C Communication Parameters 10    |
|              | Power-saving modes                         |
| 6            | •                                          |
| 6.1          | Power-down mode                            |
| 6.2          | Deep Power-down mode11                     |
| 7            | Ordering information12                     |
| 8            | Pinning information                        |
| 8.1          | Pinning                                    |
| 8.1.1        | Pinning HX2QFN2013                         |
| 9            | Package15                                  |
| 10           | Marking16                                  |
| 11           | Packing information17                      |
| 11.1         | Reel packing17                             |
| 12           | Electrical and timing characteristics      |
| 13           | Limiting values                            |
| 14           | Recommended operating conditions           |
| 15           | Characteristics                            |
| 15.1         | Thermal Characteristics                    |
| 15.2         | DC characteristics                         |
| 15.2.1       | I2C Interface                              |
| 15.2.2       | Power consumption                          |
| 15.3         | AC characteristics                         |
| 15.4         | I2C Bus Timings                            |
| 15.4<br>15.5 | 8                                          |
|              | EMC/EMI                                    |
| <b>16</b>    | Tiolog command and records raise           |
| 16.1         | T1ol2C command and response pairs25        |

| 16.2 | T1oI2C communication interface |    |
|------|--------------------------------|----|
|      | specifications                 |    |
| 17   | Abbreviations                  |    |
| 18   | References                     | 28 |
| 19   | Revision history               |    |
| 20   | Legal information              |    |

Please be aware that important notices concerning this document and the product(s) described herein, have been included in section 'Legal information'.

#### © 2022 NXP B.V.

#### All rights reserved.

For more information, please visit: http://www.nxp.com