Вы находитесь на странице: 1из 35

Short Databook, V 1 .

0, July 2011

TPM
SLB 9635 TT 1.2

Trusted Platform Module


PUBLIC

Chipcard & Security


Platform Security

N e v e r s t o p t h i n k i n g
SLB 9635 TT 1.2
PUBLIC
All characteristics described in this document might change without further notice.
Revision History: 2011-07-21 V 1.0
Previous Version: none
Version Subjects (major changes since previous version)

Edition 2011-07-21
Published by Infineon Technologies AG,
Am Campeon 1-12,
D-85579 Neubiberg, Germany
© Infineon Technologies AG 2011.
All Rights Reserved.
Attention please!
The information herein is given to describe certain components and shall not be considered as a guarantee of characteristics.
Terms of delivery and rights to technical change reserved.
We hereby disclaim any and all warranties, including but not limited to warranties of non-infringement, regarding circuits,
descriptions and charts stated herein.
Infineon Technologies is an approved CECC manufacturer.
Information
For further information on technology, delivery terms and conditions and prices please contact your nearest Infineon
Technologies Office in Germany or our Infineon Technologies Representatives worldwide (see address list).
Warnings
Due to technical requirements components may contain dangerous substances. For information on the types in question
please contact your nearest Infineon Technologies Office.
Infineon Technologies Components may only be used in life-support devices or systems with the express written approval of
Infineon Technologies, if a failure of such components can reasonably be expected to cause the failure of that life-support
device or system, or to affect the safety or effectiveness of that device or system. Life support devices or systems are
intended to be implanted in the human body, or to support and/or maintain and sustain and/or protect human life. If they fail,
it is reasonable to assume that the health of the user or other persons may be endangered.
Trusted Platform Module
Short Databook
PUBLIC

1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.1 System Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 Logic Symbol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.4 Typical Schematic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4.1 Crystal Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.5 Pin Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
1.6 Pin Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.7 LCLK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.8 LFRAMEn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.9 LRESETn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.10 LAD[3:0] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.11 LPCPDn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.12 CLKRUNn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.13 SERIRQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.14 TESTBI/BADD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.15 GPIO, GPIO2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.16 Test Port (TESTI, TESTBI/BADD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.17 PP Pin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.18 Power Supply Pins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2 LPC Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.1 LPC Signals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.2 Standard IO cycles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.3 Byte Ordering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.4 Special TPM LT IO cycles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.5 SYNC Field Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.6 LFRAMEn Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.7 Usage of LPCPDn Signal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.8 SERIRQ Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3 General Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.1 Block Diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.2 Hardware Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.3 Hash Accelerator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.4 Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
4 TPM Embedded Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.1 Available Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.2 Command Ordinal List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
5 Performance Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.1 Hashing (SHA1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.2 Symmetric Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.3 Asymmetric Keygeneration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.4 Asymmetric Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.5 Transport encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.6 Reset Timing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Short Databook i V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC

6 Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
6.1 Electrical Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
6.2 Functional Operating Range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
6.3 DC Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
7 AC Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
7.1 LPC Signals and SERIRQ Timing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
7.2 LPC Powerdown and LPC Reset Timing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
7.2.1 LPC Powerdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
7.2.2 LPC Reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
8 Package Dimensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
8.1 Packing Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
8.2 Recommended Footprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
8.3 Chip Marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
9 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Short Databook ii V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1 Overview
The Infineon SLB 9635 TT 1.2 Trusted Platform Module (TPM) is an integrated circuit and
software platform that provides computer manufacturers with the core components of a
subsystem used to assure authenticity, integrity and confidentiality in e-commerce
transactions and Internet communications. The SLB 9635 TT 1.2 is a complete solution. For
details about the TCG specification please refer to www.trustedcomputinggroup.org.
The basic principle to realize these issues is to insert a trusted subsystem - called the "root of
trust" - into the PC platform, which is able to extend its trust to other parts of the whole platform
by building a "chain of trust", where each link extends its trust to the next one. As a result, the
TPM extends its trustworthiness, providing a Trusted PC for secure transactions.
To simplify system integration into existing PC mainboards, the SLB 9635 TT 1.2 uses the
LPC interface (Low Pin Count) as defined by Intel (see [1]). This standardized interface is
available on nearly every board and provides sufficient bandwidth. The TPM is basically a
secure controller with added cryptographic functionality:
– Hash algorithm (SHA-1)
– Asymmetric key procedures (RSA, key lengths of up to 2048 bit)
– Secure key storage
– True random number generator
– Unique key that identifies each TPM
With these capabilities, the TPM is able to calculate hash-values of the BIOS at boot time as
an integrity metric. Once this metric is available, it is saved in a secure memory location.
Optionally, it could be compared to some predefined values and the boot process could be
aborted on mismatch.
During the boot process, other integrity metrics are collected from the platform, e.g. of the boot
loader and the operating system itself. Device drivers may be hashed, even hardware like
PCI cards can be detected and identified. Every metric obtained is concatenated to the already
available metrics. This gives a final metric, which describes the operational state of the whole
platform and the state of its system integrity.
A challenger may now ask the platform for these metrics and make informed decisions on
whether to trust it based on the metric values obtained. To support the privacy issue, the user
of the platform may restrict the TPM in answering to any challenge, but the user is never able
to make the TPM report false metrics. Moreover, the user is able to create several identities
for his interactions.
Offering these features to a system, the TPM can be used in a wide field of applications, e.g.
in a remote access network to authenticate platforms to a server and vice versa. Concerning
e-commerce transactions, contracts can be signed with digital signatures using the TPM´s
asymmetric encryption functionality. Regarding a network scenario, the client PCs equipped
with a TPM are able to report their platform status to the server so that the network
administration is aware of their trustworthiness. In conclusion, the TPM acting as a service
provider to a system helps to make transactions more secure and trustworthy.

Short Databook 1 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1.1 System Integration


Integration of the TPM into the system is simplified through the use of the LPC interface. See
below for a general block diagram of a PC with a TPM. For a more detailed description, refer
to chapter 1.4.

PCI Express

USB
CPU North Bridge South Bridge
(Pentium) (Intel, VIA) (Intel, VIA) SATA

IDE

SLB 9635 TT
1.2
Main Memory
SuperIO TPM
(SDRAM)

FD PS/2

Par Ser
PC platform

System integration.vsd

Figure 1-1 Integration of Infineon TPM into Standard PC Mainboard

Short Databook 2 V 1.0, 2011-07-21


PUBLIC

Trusted Platform Module SLB 9635 TT 1.2


TPM

CMOS

1.2 Features
• TCG-compliant Trusted Platform Module
• Security architecture based on Infineon security controller family
• ROM for TCG firmware
• EEPROM for TCG firmware and data
• Hardware hash accelerator for SHA-1 algorithm PG-TSSOP-28-2

• Advanced Crypto Engine (ACE) for asymmetric key operations


(up to 2048-bit key length)
• Power saving sleep mode
• 3.3V power supply
• LPC interface
– Different addresses possible by pin-strapping
– Support of Intel LT architecture LPC extensions
• Tick counter
• Security features
– Over-/Undervoltage detection
– Low/High frequency sensor
– Reset filter
– Memory encryption
– Shield

Type Package
SLB 9635 TT 1.2 PG-TSSOP-28-2

Short Databook 3 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1.3 Logic Symbol


The logic symbol gives an overview of the TPM interfaces.

LAD[3:0] TESTI
LPC-Interface

LCLK TESTBI/BADD
LFRAMEn
LRESETn GPIO
LPCPDn GPIO2
SERIRQ
PP
CLKRUNn
VDD/VSB +3.3V
GND 0V

XTALI/32KHZ
XTALO

TPM Logic Symbol.vsd

Figure 1-2 Logic Symbol of the TPM

Short Databook 4 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1.4 Typical Schematic


The following figure shows the typical schematic for the TPM. The LPC interface pins connect
directly to the LPC bus signals on the mainboard (or daughter-card). LCLK and LRESETn are
usually the PCICLK and PCIRST# signals of the PCI bus (refer to the mainboard chipset
description). The TESTBI/BADD pin is strapped to logical ’1’ giving a base address for the
TPM of 4EH/4FH since addresses 2EH/2FH are usually used by the SuperIO chip.
The PP pin is connected to a jumper which allows the pin to be at either low or high level. This
is needed since there has to be a way to signal physical access to the TPM. The default
position for this jumpers is a connection to GND. If the user needs to show that he can
physically access the platform, the jumper is changed to connect the pin to 3.3V. The TPM
firmware reads this pin and reacts accordingly. If this feature is not used, the pin can be left
open (it has an internal pull-down).
If the CLKRUN# signal is not available on the platform, the CLKRUNn pin must be connected
to GND.
The XTALI pin is driven by a single-ended 32.768 kHz clock which always must be running
while VSB is available (otherwise, this would be seen as an attack). Pin XTALO must be left
unconnected in this case. Alternatively, a crystal can be connected between XTALI and
XTALO.
The TESTI pin must be connected to GND.
The four decoupling capacitors should be placed as short as possible to the respective VDD
and VSB pins of the chip. If necessary, a block decoupling capacitor of approx. 1µF should be
added.

3.3V 3.3V (STBY)

17,20,23,26 4x 100nF
LAD[3:0] LAD[3:0] VDD 19,24
21
LCLK LCLK
22
LFRAME# LFRAMEn
16
LRESET# LRESETn GND 4,11,18,25
28
LPCPD# LPCPDn
27
SERIRQ SERIRQ
3.3V VSB 5
9
TESTBI/BADD J1
15 3.3V (STBY)
CLKRUN# CLKRUNn
7
PP
6
GPIO GPIO XTALO 14
2 13
GPIO2 GPIO2 XTALI 32.768 kHz
1,3,10,12 8
NC TESTI

Schematic .vsd

Figure 1-3 Typical Schematic


Note: Pin 10 is not connected for current device, but it reserved for VDD connection by TCG.

Short Databook 5 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1.4.1 Crystal Connection


If a crystal is used for the tick counter frequency supply, the schematic shown in figure 1-4
should be used. The crystal is a fundamental wave 32.768 kHz clock crystal. The parameters
and the values of the capacitors are given in table 1-1.

14 Cx
XTALO
X1
13 Cx
XTALI

Connection_Crystal_TPM12.vsd

Figure 1-4 Connection of Crystal

Table 1-1 Crystal Ocillator Parameters


Parameter Min Nom Max Comment
fX1 32.768 kHz Crystal frequency
Cshunt 1.5 pF crystal shunt capacitance
Cmotional 2 fF crystal motional capacitance
Cx 12.5 pF external load capacitance
RX1 50 kΩ crystal series resistance
PX1 1 µW power dissipation in crystal

Short Databook 6 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1.5 Pin Configuration

CLKRUN#
LFRAME#

LRESET#
LPCPD#
SERIRQ
LAD0

LAD1

LCLK
LAD2

LAD3
GND

GND
VDD

VDD
28 25 22 18 15

TPM
SLB 9635 TT 1.2

PG-TSSOP-28-2

1 4 8 11 14
NC
GPIO2
NC
GN D
VSB
GPIO
PP
TESTI
TESTBI/ BADD
NC
GN D
NC
XTALI/ 32k IN
XTALO
Pinning_TSSOP-28_TPM12.vsd

Figure 1-5 Pin Configuration of the TPM in PG-TSSOP-28-2 Package

Short Databook 7 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1.6 Pin Description


Table 1-2 Pin Description
Pin Pin Name Description Type1) Electrical Reset
number Char. State
21 LCLK LPC/PCI clock, nominal 33 MHz I PCI 3.3 V -
22 LFRAMEn LPC framing signal I PCI 3.3 V -
17 LAD3 LPC command/address/data Bi PCI 3.3 V Ts
bus
20 LAD2
23 LAD1
26 LAD0
16 LRESETn LPC/PCI reset I PCI 3.3 V -
28 LPCPDn LPC power down I PCI 3.3 V -
27 SERIRQ Serial interrupt request Bi PCI 3.3 V Ts
15 CLKRUNn CLKRUN# signal Bi PCI 3.3 V Ts
9 TESTBI/ Test port/Base address select Bi ISO
BADD
8 TESTI Test port I ISO -
7 PP Physical presence I ISO -
6 GPIO General Purpose I/O Bi ISO
2 GPIO2 General Purpose I/O Bi ISO
13 XTALI/ Input of internal crystal oscillator I - -
32kIN or input for single-ended external
clock (32.768 kHz)
14 XTALO Output of internal crystal O - -
oscillator.
19,24 VDD 3.3 V power supply (supply) - -
5 VSB 3.3 V power supply (standby) (supply) - -
4,11,18, GND Ground (supply) - -
25
1,3,10,12 NC Not connected internally - - -
1)
I - input only, O - output only, Bi - bidirectional, Ts - tristate

1.7 LCLK
This pin provides the external clock for the chip. The clock frequency is 33 MHz nominal. This
pin is typically connected to the PCI clock of the host.

Short Databook 8 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

Note: The PCI specification allows a clock range from DC to 33 MHz. However, the
minimum frequency for the chip is 8 MHz since some low-frequency security
sensors will trigger if the clock falls below this value. However, when the chip is in
sleep mode, the clock may stop.

1.8 LFRAMEn
LPC framing signal. This pin is connected to the LPC LFRAME# signal and indicates the start
of a new cycle on the LPC bus or the termination of a broken cycle. The signal is active low.

1.9 LRESETn
External reset signal. Asserting this pin unconditionally resets the LPC interface and - based
on the state of the TPM - the controller core. The signal is active low and is typically connected
to the PCIRST# signal of the host.

1.10 LAD[3:0]
Multiplexed LPC command, address and data bus. Connect these pins to the LAD[3:0] pins of
the LPC host.

1.11 LPCPDn
If this pin is asserted, the chip will go into sleep mode. This signal is active low. Connect this
pin to the LPCPD# signal of the LPC bus. It is mandatory to assert this signal before entering
power state S3 of the platform (or stopping the LCLK for other reasons). If this is not done, the
TPM will not enter sleep mode with low power consumption but will initiate an internal security
reset.
The signals LAD[3:0], SERIRQ and CLKRUNn will be tristated after this pin is asserted.

1.12 CLKRUNn
This pin adds support for the CLKRUN# protocol used in mobile devices. Connect to the
CLKRUN# signal of the mobile chipset. If this feature is not used, the pin must be connected
to GND.

1.13 SERIRQ
Interrupt pin. Connect this pin to the SERIRQ signal of the LPC bus. The interrupt number
used is programmed by software.

1.14 TESTBI/BADD
Base address select pin. The chip uses two addresses in the I/O space (similar to a SuperIO).
If this pin is connected to GND, addresses 2EH/2FH are used. If it is strapped to VSB,
addresses 4EH/4FH are used. Since normally 2EH/2FH are used by the SuperIO, it is
recommended to connect this pin to VSB.

Short Databook 9 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Overview

1.15 GPIO, GPIO2


These pins are general purpose I/O pins. Pin GPIO is defined as GPIO-Express-00, please
refer to [4] and the PCI-SIG ECN “Trusted Configuration Space for PCI Express”.
The behaviour of GPIO2 is like GPIO.

1.16 Test Port (TESTI, TESTBI/BADD)


These pins are designated for testing during production and are disabled afterwards. To
prevent static disturbances on open pins, TESTI has to be connected to GND.

1.17 PP Pin
This pin should be connected to a jumper. The standard position of the jumper should connect
the pin to GND. If the pin is connected to VSB, some special commands are enabled (for
instance, the command TPM_ForceClear, also refer to [5]).
If the hardware physical presence feature is not used on the platform, the pin can be left
unconnected (it has an internal pull-down).
[5] includes commands which require physical presence at the platform. Physical presence
can be proven either by the use of a software command during the POST or by the use of a
"Physical Presence Switch" connected to PP. Before any use of hardware physical presence,
usage of this pin must be explicitely enabled with the command TSC_PhysicalPresence
(TPM_PHYSICAL_PRESENCE_HW_ENABLE). This should be done by the platform
manufacturer before shipment of the system. Please see [5] for further details.

1.18 Power Supply Pins


All VDD pins should be connected together and routed to a 3.3 V power supply. The VSB pin
should be connected to a 3.3V power supply which is active in standby mode. Likewise, all
GND pins should be connected and routed to GND. Bypass capacitors should be placed as
close as possible to the chip (100 nF). If necessary, a block decoupling capacitor of 1 µF or
higher should be placed near the chip.
Table 1-3 TPM Power Supply
Platform power state TPM VDD TPM VSB TPM LCLK TPM LPCPDn
S0, S1, S2 active active active deasserted
S3 inactive active inactive asserted before entering S3
S4, S5 inactive active 1)
inactive asserted
1) optional, but strongly recommended

In table 1-3, an overview is given on which supply rails should be active when the platform is
in different power states.

Short Databook 10 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC LPC Interface

2 LPC Interface
The LPC interface consists of signals which are electrically compliant to the 3.3 V PCI bus.
The TPM module supports only a subset of the cycles defined in the LPC specification. Only
simple IO cycles are implemented.

2.1 LPC Signals


The TPM device uses the following LPC signals: LCLK, LFRAME#, LRESET#, LAD[3:0],
LPCPD#, and SERIRQ. Additionally, CLKRUN# is supported. The LPC clock is assumed to
be 33 MHz.

2.2 Standard IO cycles


The standard IO cycles use 16-bit addressing. For a detailed description, refer to the LPC
specification [1].

2.3 Byte Ordering


The TCG specification [4] defines all multi-byte fields as big endian. To meet the big-endian
requirement for the these fields, the TPM receives the MSB (most significant byte) first on the
LPC bus.

2.4 Special TPM LT IO cycles


The new TPM-Read and TPM-Write special cycle are similar to the existing LPC IO-Read and
IO-Write cycle formats. The only difference is a changed START field. Otherwise, they are
equivalent to standard cycles. For a detailed description, refer to the LPC specification [1] and
the TPM Interface Specification [4].
As for standard cycles, word or double word accesses are broken into single byte accesses
to consecutive addresses by the chipset. For example, a 32-bit read from address 1000H will
be translated into four consecutive 8-bit reads from addresses 1000H, 1001H, 1002H and
1003H.

2.5 SYNC Field Usage


The SYNC field can be used to indicate access errors to the chipset (for instance, reading data
from an empty FIFO). For normal accesses without errors, the SYNC field is driven to
SYNC OK by the state machine of the TPM module.
The SYNC field can also be used to enlarge cycles (i.e. to insert wait states on the bus). This
feature is used to prevent data loss on the LT interface from and to the FIFO. The implemented
wait mechanism always signals "Long Wait" values because the time needed to free or fill the
FIFO is not predictable.
Note: Legacy IO Cycles will stay unchanged, that means no wait generation on the legacy
ports.

Short Databook 11 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC LPC Interface

2.6 LFRAMEn Usage


The signal LFRAMEn is used by the host to indicate the start of cycles and the termination of
cycles due to an abort or time-out condition. This signal is to be used by the device to know
when to monitor the bus for a cycle.
This signal is used as a general notification that the LAD[3:0] lines contain information relative
to the start or stop of a cycle, and that the device monitors the bus to determine whether the
cycle is intended for it. The use of LFRAMEn allows the device to enter a low-power state
internally. When no activity is present on the bus, the device can decouple its statemachine
from the bus and internally gate its clock.
When the device samples LFRAMEn active, it must immediately stop driving the LAD[3:0]
lines on the next clock and monitor the bus for new cycle information.
The LFRAMEn signal functions as described in [1].

2.7 Usage of LPCPDn Signal


The LPCPDn signal is asserted before power on the LPC bus is turned off. Turning off power
also means that the clock disappears. To enable the devices to cope with this, the LPCPDn
signal is asserted at least 30 µs before the power down.
The LCLK signal always stops in a low state. Upon receiving the LPCPDn signal, the device
drives the LAD[3:0] lines to tristate (to prevent driving high into a powered-down host).
After LPCPDn goes back inactive, the LPC interface must always be reset using the LRESETn
signal. The LPCPDn signal may occur asynchronously to LCLK. LCLK must be running at
least 30 µs after LPCPDn is asserted and at least 100 µs again before LPCPDn is deasserted.
Refer also to [1], section 8.2 for further information about the LPCPDn protocol.
Note: The mentioned minimum timing for LPCPD# to clock off of 30 µs might not be
sufficient for the TPM. If the device is busy doing internal calculations and the clock is
stopped before these calculations can be aborted, a security reset might occur inside
the TPM. This does not really impair functionality since the device is reset anyway;
however, the current drawn in that state might be up to 5 mA instead of the expected
quiescent current of 500 µA. It is recommended that the time between the assertion
of LPDPC# and the stopping of the clock should be at least 200 µs. If it can be
assumed that the system is powered down while key generations are active, this time
should be at least 3.5 ms; this allows programming of newly generated keys into the
NVM of the device before power is lost. However, this behaviour is application-profile
dependent and is expected to happen with a very low probability only. For a timing
diagram, please refer to section 7.2.1 as well.

2.8 SERIRQ Protocol


The LPC interface module supports the SERIRQ protocol as defined in [3].

Short Databook 12 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC General Overview

3 General Overview

3.1 Block Diagram

Active Shield RNG Timer0 Timer1 DES ACE Interr .

Sleep Mode Memory


CPU MED
Logic
A ddress/ Data B us XRAM
Security IRAM MMU ROM
Sensors EEPROM

CRC TC UART LPC HACO

MUX

XTAL LPC
Overview LT -TPM_mini.vsd VSB Serial VDD/VSB GND

Figure 3-1 Block Diagram of the TPM


The core contains a variety of modules like CPU core, internal RAM, ROM, EEPROM,
cryptographic accelerators etc. Additionally, a hardware hash accelerator and a specialized
interface have been added (Low Pin Count interface, LPC, see [1]). This LPC interface is the
main interface of the chip.
The clock for the controller is derived from the LPC clock which runs at nominally 33 MHz. This
clock is scaled down by a factor of 8 and then fed to the PLL of the secure controller core.

3.2 Hardware Interface


The TPM uses the Low Pin Count (LPC) Interface as defined by Intel to connect to the
surrounding system (for details on this bus, please refer to [1]). An 8-byte FIFO decouples the
LPC bus from the internal controller bus. The LPC interface of the TPM only supports slave I/
O functionality, i.e. only cycle types I/O read and I/O write (and the LT specific versions of
these two cycles). All other cycles are ignored by the chip.
The configuration of the (legacy) host side of the LPC is done via the standard plug-and-play
mechanism. For this purpose, a standard register set is available.
The interface supports the LPCPDn line which is used to detect a power-off condition on the
LPC bus. For signalling interrupts, the SERIRQ protocol is used.

3.3 Hash Accelerator


The hash accelerator supports the SHA-1 hash algorithm. It is used by the internal firmware
to speed up hash calculations which greatly enhances the performance compared to a
software solution.

Short Databook 13 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC General Overview

3.4 Firmware
The firmware of the chip includes a basic operating system and provides the TCG
functionality. It also provides the secure code download capability1) for field upgrades. For a
description of the command set which is available at the logical interface, please refer to [4]
and [5].
For further description of the embedded software (firmware) and the device drivers, please
refer to chapter 4.

1)
It should be noted that firmware can only be downloaded to the chip if it has been crypted and signed by
Infineon. This prevents unauthorized changes of the firmware.

Short Databook 14 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC TPM Embedded Software

4 TPM Embedded Software


The embedded software of the Infineon TPM SLB9635TT1.2 has been developed to be fully
compliant to [4] and [5]. Nevertheless, in some cases the implementation deviates from the
referenced specifications or vendor specific extensions are necessary.
Furthermore the actual parameters of the implementation need to be documented as the
specified values are only minimum requirements.

4.1 Available Resources


Table 4-1 Available Resources
Number of PCRs 24
Amount of free NV Memory 3 kBytes
Maximum number of concurrent sessions up to 20 depending on the number of loaded keys
Maximum number of volatile Keys Up to 10 2048-bit keys can be loaded into the
volatile storage depending on the number of open
sessions
Nonvolatile Keyslots 4 slots for keys up to 2048-bit
smaller keys will still use a complete keyslot
Delegation Rows 2
Family Table Rows 8
Maximum number of concurrent saved 32
context other than key
Maximum number of monotonic counters 8
I/O-Buffer size1) 1280 Byte
1) To calculate the correct amount of data which can be exchanged with the TPM (for instance using
TPM_NV_WriteValue), care shall be taken to consider 10 Bytes for communication layer overhead and also
to consider the overhead required for the TCG command layout.

4.2 Command Ordinal List


The following ordinals are implemented. All other ordinals will return TPM_BAD_ORDINAL.
Table 4-2 Command Ordinal List
TPM_ORD_ActivateIdentity TPM_ORD_LoadKey
TPM_ORD_AuthorizeMigrationKey TPM_ORD_LoadKey2
TPM_ORD_CertifyKey TPM_ORD_MakeIdentity
TPM_ORD_CertifyKey2 TPM_ORD_MigrateKey
TPM_ORD_ChangeAuth TPM_ORD_NV_DefineSpace
TPM_ORD_ChangeAuthAsymFinish TPM_ORD_NV_ReadValue
TPM_ORD_ChangeAuthAsymStart TPM_ORD_NV_ReadValueAuth
TPM_ORD_ChangeAuthOwner TPM_ORD_NV_WriteValue
TPM_ORD_CMK_ApproveMA TPM_ORD_NV_WriteValueAuth
TPM_ORD_CMK_ConvertMigration TPM_ORD_OIAP
TPM_ORD_CMK_CreateBlob TPM_ORD_OSAP
TPM_ORD_CMK_CreateKey TPM_ORD_OwnerClear

Short Databook 15 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC TPM Embedded Software

Table 4-2 Command Ordinal List (cont’d)


TPM_ORD_CMK_CreateTicket TPM_ORD_OwnerReadInternalPub
TPM_ORD_CMK_SetRestrictions TPM_ORD_OwnerReadPubek
TPM_ORD_ContinueSelfTest TPM_ORD_OwnerSetDisable
TPM_ORD_ConvertMigrationBlob TPM_ORD_PCR_Reset
TPM_ORD_CreateCounter TPM_ORD_PcrRead
TPM_ORD_CreateEndorsementKeyPair TPM_ORD_PhysicalDisable
TPM_ORD_CreateMigrationBlob TPM_ORD_PhysicalEnable
TPM_ORD_CreateWrapKey TPM_ORD_PhysicalSetDeactivated
TPM_ORD_DAA_JOIN TPM_ORD_Quote
TPM_ORD_DAA_SIGN TPM_ORD_Quote2
TPM_ORD_Delegate_CreateKeyDelegation TPM_ORD_ReadCounter
TPM_ORD_Delegate_CreateOwnerDelegation TPM_ORD_ReadPubek
TPM_ORD_Delegate_LoadOwnerDelegation TPM_ORD_ReleaseCounter
TPM_ORD_Delegate_Manage TPM_ORD_ReleaseCounterOwner
TPM_ORD_Delegate_ReadTable TPM_ORD_ReleaseTransportSigned
TPM_ORD_Delegate_UpdateVerification TPM_ORD_Reset
TPM_ORD_Delegate_VerifyDelegation TPM_ORD_ResetLockValue
TPM_ORD_DisableForceClear TPM_ORD_SaveContext
TPM_ORD_DisableOwnerClear TPM_ORD_SaveState
TPM_ORD_DisablePubekRead TPM_ORD_Seal
TPM_ORD_DirRead TPM_ORD_SelfTestFull
TPM_ORD_DirWriteAuth TPM_ORD_SetCapability
TPM_ORD_DSAP TPM_ORD_SetOperatorAuth
TPM_ORD_EstablishTransport TPM_ORD_SetOwnerInstall
TPM_ORD_EvictKey TPM_ORD_SetOwnerPointer
TPM_ORD_ExecuteTransport TPM_ORD_SetTempDeactivated
TPM_ORD_Extend TPM_ORD_SHA1Complete
TPM_ORD_FieldUpgrade TPM_ORD_SHA1CompleteExtend
TPM_ORD_FlushSpecific TPM_ORD_SHA1Start
TPM_ORD_ForceClear TPM_ORD_SHA1Update
TPM_ORD_GetCapability TPM_ORD_Sign
TPM_ORD_GetCapabilityOwner TPM_ORD_Startup
TPM_ORD_GetPubKey TPM_ORD_StirRandom
TPM_ORD_GetRandom TPM_ORD_TakeOwnership
TPM_ORD_GetTestResult TPM_ORD_Terminate_Handle
TPM_ORD_GetTick TPM_ORD_TickStampBlob
TPM_ORD_IncrementCounter TPM_ORD_UnBind
TPM_ORD_Init TPM_ORD_Unseal
TPM_ORD_KeyControlOwner TSC_ORD_PhysicalPresence
TPM_ORD_LoadContext TSC_ORD_ResetEstablishmentBit

Short Databook 16 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Performance Values

5 Performance Values

5.1 Hashing (SHA1)


TPM_SHA1Start: ≤ 7.0 ms
TPM_SHA1Update (1024 Bytes): ≤ 7.3 ms
TPM_SHA1CompleteExtend (0 Bytes): ≤ 9.4 ms

5.2 Symmetric Cryptography


TPM_SaveContext: ≤ 50 ms
TPM_LoadContext: ≤ 40 ms

5.3 Asymmetric Keygeneration


TPM_CreateWrapKey (1024 Bit): typical 3.5 s
TPM_CreateWrapKey (2048 Bit): typical 20.2 s

5.4 Asymmetric Cryptography


TPM_Sign (1024 Bit RSA Key): ≤ 325 ms
TPM_Sign (2048 Bit RSA Key): ≤ 600 ms
TPM_Seal (2048 Bit RSA Key): 206 ms
TPM_Unseal (2048 Bit RSA Key): 367 ms

5.5 Transport encryption


The overhead caused by transport encryption is 30 ms – 60 ms depending on the amount of
data.

5.6 Reset Timing


The TPM_ACCESS_x.tpmEstablishment bit has the correct value and the
TPM_ACCESS_x.tpmRegValidSts bit is set within 500 µs after LRST# is deasserted.

Short Databook 17 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Performance Values

This page has been left blank intentionally.

Short Databook 18 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Characteristics

6 Characteristics

6.1 Electrical Characteristics

Table 6-1 Absolute Maximum Ratings


Parameter Symbol Values Unit Note/Test
min. typ. max. Condition
Operating temperature TA 0 – 70 °C –
Supply voltage VDD, -0.3 – 3.6 V –
VSB
Voltage on any pin (pins Vmax -0.3 – VSB + 0.3 V –
1..14)
Voltage on any pin (pins Vmax -0.3 – VDD + 0.3 V –
15..28)
ESD robustness VESD,HBM 2000 V According to EIA/
HBM: 1.5 kΩ, 100 pF JESD22-A114-B
ESD robustness VESD,SDM 500 V According to ESD
Association
Standard
DS5.3.1 - 1999
Latchup immunity ILATCH 100 mA According to EIA/
JESD78

Note: Stresses above those listed here may cause permanent damage to the device.
Exposure to absolute maximum rating conditions for extended periods may
affect device reliability.
Maximum ratings are absolute ratings; exceeding only one of these values may
cause irreversible damage to the integrated circuit.

Short Databook 19 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Characteristics

6.2 Functional Operating Range


Table 6-2 Functional Operating Range
Parameter Symbol Limit Values Unit
Min Typ Max
Supply Voltage (LPC pads) VDD 3.0 3.3 3.6 V
Supply Voltage (core) VSB 3.0 3.3 3.6 V
Operating Temperature TA 0 70 °C
Useful lifetime1) 5 y
Operating lifetime1) 5 y
Average TA over lifetime 55 °C
1)
The useful lifetime of the device is 5 (five) years with a duty cycle (that means, a power-on time) of 100%. An
useful lifetime of 7 (seven) years can be guaranteed for a duty cycle of 70%. For both scenarios, it is assumed
that the device will be used for calculations for approximately 5% of the maximum useful lifetime.

6.3 DC Characteristics

Table 6-3 Current Characteristics


TA = 0°C to 70°C, VDD = VSB = 3.3V +- 0.3V unless otherwise noted
Parameter Symbol Limit Values Unit
Min Typ Max
Power consumption1) IVDD 1.42) 5 mA
Power consumption3) IVDD 0.5 mA
Power consumption1) IVSB 3.42) 25 mA
Power consumption3) IVSB 0.5 mA
1) Assuming operating state S0, that means active. Note that since the device is mostly in an internal sleep state
in a “typical” application, the typical average current consumption is far less than the maximum value.
2) It is assumed that in a normal environment, the device is in an internal sleep state for approximately 90% of
the operating time of the platform.
3) Assuming operating state S3, i.e. powerdown and clock stopped. If the clock remains active, the current
consumption is 1 mA (maximum value, valid for both IVDD and IVSB). Obviously, this value is zero if the TPM
is not powered in S3 state (this is platform dependent).

Note: Current consumption does not include any currents flowing through resistive loads on
output pins! For the definition of power/operating states, please refer to the ICH
chipset specifications of Intel and to section 1.18.

Short Databook 20 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Characteristics

Table 6-4 DC Characteristics for non-LPC Pins


Pins GPIO, GPIO2, PP, TESTBI/BADD, TESTI, XTALI, XTALO
TA = 0°C to 70°C, VDD = VSB = 3.3V +- 0.3V unless otherwise noted
Symbol Parameter Condition Min Max Units Notes
VIH Input high voltage 0.7VSB VSB V
VIL Input low voltage 0 0.2VSB V
IIH Input high leakage VIN = VSB 4 200 µA Pins TESTI and
current PP
IIL Input low leakage VIN = 0V -10 10 µA Pins TESTI and
current PP
IIH Input high leakage VIN = VSB -10 10 µA Pin TESTBI/
current BADD and all
GPIO pins
IIL Input low leakage VIN = 0V -200 -2 µA Pin TESTBI/
current BADD and all
GPIO pins
1)
VOH Output high voltage IOH = -2µA 0.7VSB V Pin TESTBI/
BADD and all
GPIO input pins
VOH Output high voltage IOH = 0.5mA 0.7VSB V All GPIO output
pins
VOL Output low voltage IOL = 1mA 0.4 V Pin TESTBI/
BADD and all
GPIO pins
VPP Peak-to-peak VIL ≥ 0V 1.4 V Pin XTALI
voltage VIH ≤ VSB (external clock
square wave supply)
ILEAK Leakage current -10 10 µA Pin XTALI, pin
XTALO when in
test mode
f Clock frequency2) 32,441 33095 kHz Pin XTALI
2) CXTALO ≤ 2pF
D Duty cycle 45 55 % Pin XTALI
1)
Note that the device has only weak internal pullups. It is recommended that external pullups are used.
2)
Valid if an external single ended clock is used (also refer to section 1.4). Note that it is mandatory that the
capacitance on pin XTALO is less than 2pF in that case!

Short Databook 21 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Characteristics

Table 6-5 DC Characteristics for LPC Pins


Pins LCLK, LFRAMEn, LAD[3:0], LRESETn, LPCPDn, SERIRQ, CLKRUN#
TA = 0°C to 70°C, VDD = VSB = 3.3V +- 0.3V unless otherwise noted
DC characteristics according to 3.3V PCI signaling environment
Symbol Parameter Condition Min Max Units
VIH Input high voltage1) 0.5VDD VDD+0.5 V
VIL Input low voltage1) -0.5 0.3VDD V
1)2)
IIH Input high leakage current VIN = VDD -10 10 µA
1)2)
IIL Input low leakage current VIN = 0V -10 10 µA
VOH Output high voltage 3) IOH = -0.5mA 0.9VDD V
3)
VOL Output low voltage IOL = 1.5mA 0.1VDD V
CIN Input capacitance4) 10 pF
1)
VDD = VSB
2)
Input leakage currents include Hi-Z output leakage for all bidirectional buffers with tristate outputs
3)
valid for pins LAD[3:0] and SERIRQ
4)
guaranteed by design

Short Databook 22 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC AC Characteristics

7 AC Characteristics

7.1 LPC Signals and SERIRQ Timing

Table 7-1 LPC and SERIRQ Timing


Symbol Parameter min typ max unit
LPC clock frequency (pin LCLK) 32 33 34 MHz
t1 Float to active delay 2 11 ns
t2 Output valid delay 2 11 ns
t3 Active to float delay 28 ns
t4 Input setup time 7 ns
t5 Input hold time 0 ns

LCLK

t2
t3
t1

LPC Signals/SERIRQ
(Output)

LPC Signals/SERIRQ
(Input)

t4 t5

Short Databook 23 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC AC Characteristics

7.2 LPC Powerdown and LPC Reset Timing

7.2.1 LPC Powerdown


LCLK must be stopped in low state and LRST# must be asserted (active low) together with
LPCPD#. VDD must be switched off. The VDD powered signals LFRAME#, LAD[3:0],
SERIRQ and CLKRUN# must be tri-stated (or also driven low) when VDD is off.
The LPC module is reset directly by LRST# and the whole chip except the tick counter is reset
at the end of the LPC power down cycle.

LCLK
toff_lclk ton_lclk

LPCPD#
toff_vdd ton_vdd

}
LFRAME#
LAD[3:0]
SERIRQ
CLKRUN# toff_lreset ton_lreset

LRST#

VSB

toff_vdd

VDD
toff_sleep

Internal sleep
state

LPCPD VDDoff Timing.vsd

Figure 7-1 LPC Powerdown Timing

Table 7-2 LPCPD Timing Parameters


Parameter Symbol min typ max Unit
LPCPD# active to LCLK off (= low) toff_lclk 301) µs
LCLK on to LPCPD# inactive ton_lclk 100 µs
LPCPD# active to LRST# active toff_lreset 30 µs
LPCPD# inactive to LRST# inactive ton_lreset 32 µs
LRST# active or LCLK off to VDD off toff_vdd 0 µs
VDD on to LCLK on ton_vdd 0 µs
LPCPD# active to internal sleep state toff_sleep 0 40 35002) µs

Short Databook 24 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC AC Characteristics

1)
Must be 3500µs if minimum power consumption on VSB must be reached in any case. See parameter
toff_sleep and section 2.7!
2) Maximum value is needed only for certain cases when the TPM firmware currently updates keys in non-
volatile memory (this is application-profile dependent and expected to happen with a very low probability). In
most cases, the TPM is already in sleep. The TPM stops key generation/update and goes into security reset
state if the clock is switched off before sleep state was reached. The current consumption is higher than
specified for sleep state then! Normal operation is resumed at LPCPD# going inactive by resetting the whole
chip (except tick counter; LRESET# clears LPC interface module).

7.2.2 LPC Reset


A reset request is assumed if LPCPD# and LRST# go active at about the same time. The clock
should not be stopped and power should stay on in that case!

LCLK

LPCPD#

LFRAME#
LAD[3:0]
<= 1.8µs

LRST#

VSB

VDD

LPCPD Reset Timing.vsd

Figure 7-2 LPC Reset Timing

Table 7-3 LPC Reset Timing Parameters


Parameter Symbol min typ max Unit
LRST# pulse width — 1 µs

Short Databook 25 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC AC Characteristics

This page has been left blank intentionally.

Short Databook 26 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Package Dimensions

8 Package Dimensions
All dimensions are given in millimeters (mm) unless otherwise noted. The package is “green”
and RoHS compliant.

4.4 ±0.1 1)
B

0.125 +0.075
1.2 MAX.

-0.035
0.1 ±0.05
1 +0.05
-0.2

0˚...8˚
0.65
2)
C 0.1
0.22 +0.08
-0.03
0.1 M A C 28x 0.6 +0.15
-0.1

6.4
28 15
0.2 B 28x

1 14
1)
9.7 ±0.1
A

Index Marking
1)
Does not include plastic or metal protrusion of 0.15 max. per side
2)
Does not include dambar protrusion

Figure 8-1 Package Dimensions PG-TSSOP-28-2

8.1 Packing Type


8 0.3
16 ±0.3
10.2

6.8 1.2
1.6

Figure 8-2 Tape & Reel Dimensions PG-TSSOP-28-2


Tape & Reel (reel diameter 330 mm), 3000 pcs.

Short Databook 27 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC Package Dimensions

8.2 Recommended Footprint


L

e
B

Figure 8-3 Recommended Footprint PG-TSSOP-28-2

e 0.65 mm 25.6 mil


A 6.10 mm 240 mil
L 1.30 mm 51 mil
B 0.40 mm 16 mil
Controlling dimension is mm

8.3 Chip Marking

Figure 8-4 Chip Marking


Line 1: SLB9635TT12
Line 2: G <datecode> KMC => K indicates assembly site code, MC indicates mold compound
code
Line 3: 00 <Lot number>
The 00 is a internal FW indication (only at the time of manufacturing due to field upgrade
option)

Short Databook 28 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC References

9 References
[1] —, “Low Pin Count (LPC) Interface Specification”, Version 1.1, Intel
[2] —, “Plug and Play ISA Specification”, Revision 1.0a, Microsoft
[3] —, “Serial IRQ Specification for PCI Systems”, Version 6.0, Intel
[4] —, “TCG PC Client TPM Interface Specification”, Version 1.2, 2005-05-19, TCG
[5] —, “TPM Main Specification”, Version 1.2, Rev. 103, 2007-07-09, TCG
[6] —, “PC Client Implementation Specification”, Version 1.2, 2005-05-31, TCG
[7] —, “TPM Dictionary Defense Logic”, Version 1.2, 2009-06, IFX
[8] —, “TCG Software Stack Specification (TSS)”, Version 1.2, 2005-11-02, TCG

Short Databook 29 V 1.0, 2011-07-21


Trusted Platform Module
Short Databook
PUBLIC References

This page has been left blank intentionally.

Short Databook 30 V 1.0, 2011-07-21


http://www.infineon.com

Published by Infineon Technologies AG