Intel E3815 FH8065301567411 Data Sheet

Intel

®

 Atom™ Processor E3800 Product Family

3150

Datasheet

This section describes the security components and capabilities of the Intel

®

 Trusted 

Execution Engine (TXE) security co-processor.

TXE firmware is required on the Bay Trail Platform as part of the PCU SPI flash image. 
PCU SPI must be setup in descriptor mode. For security reasons, primarily to lock PCU 
SPI flash access permission and OTP fue programming, TXE Manufacturing Mode must 
be Disabled before shipping to customers. See your Intel

®

 representative for details.

The Intel

®

 TXE

is a security co-processor responsible for supporting and handling 

security. Features include:

•

32-bit RISC processor

•

256KB Data/Code RAM accessible only to the Intel

®

 TXE

•

128KB On Chip Mask ROM for storage of Intel

®

 TXE code

•

Common Timer 1-100 µS granularity, configurable interrupt (under FW control)

•

Inter-Processor Communication for message passing between the Host CPU and 
Intel

®

 TXE

•

64 byte input and output command buffers

•

256 byte shared payload (enables 2048-bit keys to be exchanged as part of the 
command)

•

No Host CPU address domain access to the Intel

®

 TXE address domain by any Host 

CPU address domain units

•

Security controller has direct access to Host CPU address domain (Some 
Restrictions Apply). Multiple context DMA engine to transfer data between Host 
CPU address domain (System memory) and the Intel

®

 TXE; programmable by the 

Intel

®

 TXE CPU only.

•

One multi-tiered FW Key Ladder and one Intel Key ladder.

•

Paging DMA operations includes encryption/decryption and integrity check value 
(ICV) calculation.  Auxiliary GPIOs to support input alert and two GP Outputs.

•

DES/3DES (ECB, CBC) – 128b ABA key for 3DES Key Ladder Operations

•

Three AES engines - Two fast -128 and one slow- 128/256