tillitis-key/doc/release_notes.md

# Release Notes

Descriptions of the tagged TKey releases.


## Tag XYZ

XYZ is a general release of the development kit first presented
as a limited engineering-release. The main changes are polishing,
completion and bug fixing since the engineering-releases.

## engineering-release-2

### New and improved functionality

- (HW) The rosc TRNG has now been completed and tested. The TRNG
  can now be used to generate seeds by applicaitons.

- (HW) The main clock frequency has been increased to 18 MHz.

- (HW) The FW now has a separate RAM used during loading and
  measurement of applications.

- (HW) The UART Rx FIFO is now able to handle 512 bytes.

- (HW) The UART default bitrate has been increased to 62500 bps.

- (HW) Support for division instruction (div) was removed from
  PicoRV32. Please compile your programs with the Zmmul extension,
  `-march=rv32iczmmul` for `clang`.

- (HW) The UDI is locked down and can now only be accessed by
  firmware, not applications.

- (HW) The timer MMIO API now takes separate start and stop bits for
  triggering the respective action, mitigating a time-of-check to
  time-of-use (TOCTOU) issue.

- (FW) The firmware has been restructured to be a Finite State
  Machine (FSM) with defined states for booting, loading
  applications, measure applications, calculate the CDI and
  start the loaded application.

  This change also changes the firmware protocol which now accepts a
  request to load a binary with an optional USS and automatically
  returns its digest and start the program when the last data chunk is
  received.

- (FW) A BLAKE2s hash function present in firmware is now exposed for use
  by TKey apps (through a function pointer located in MMIO `BLAKE2S`).
  See [software.md](system_description/software.md) for more
  information.

- (FW) To make warm boot attacks harder, the firmware sleeps for a
  random number of cycles before reading out the sensitive UDS into
  FW RAM.

## engineering-release-1

### Hardware

#### Limitations

- The entropy generated by the TRNG has not yet been thoroughly tested,
  and the generator has not been adjusted to generate good, unbiased
  randomness. Any application that wants to use the entropy source
  SHOULD NOT use the output directly, but only as seed to a Digital
  Random Bit Generator (DRBG), such as Hash_DRBG.

- The UART is currently running at 38400 bps. Future releases will
  increase the bitrate when communication at higher bitrates has
  been verified as stable and error free.

- The internal clock frequency is currently limited to 12 MHz.
  Future releases will increase the clock frequency to provide
  improved performance.

- The functionality in the firmware is currently not exposed to the
  applications via a stable name space, API. Future releases will
  provide access to FW functions such as the BLAKE2s hash function.

- The timer currently does not include a timeout interrupt. Applications
  using the timer must check the status in order to detect a timeout event.

- The timer currently does not provide a set of typical settings.
  Applications using the timer must set timer and prescaler as
  needed to get the desired time given the current clock speed.


---