Can you give an example of a real world use case for authentication with NXP secure authentication microcontroller A7101CGTK2 and A7101CGUK?
A)USB Type-C Charger – the new standard enables new USB chargers to deliver up to 100W of power, enough to provide power and fast charging capabilities to a number of devices. However, system vendors and end users might want to make sure that they are working with trusted components before enabling these higher power options in the charger, so as to minimize potential damage that might be caused by low-quality or counterfeit chargers. The system might still allow the charger to work at a lower power level such as 5V/500mA, but might choose to not enable 20V high current charging. The authentication part can be provided by NXP secure authentication microcontroller A7101CGTK2 and A7101CGUK
B)Detection and prevention of “Bad USB” devices – today, systems largely trust a USB device to tell it what it is, and this happens at a level that is invisible to the end user. An unintended consequence of this behavior is that bad acting USB devices can claim to be something they are not, and in some cases may try to harm the connected system, either by extracting data or issuing commands to corrupt the system. By authenticating a device, a system could choose to let trusted devices continue to configure invisibly to the user, but might notify a user when certain types of untrusted devices present themselves. For example, an end user plugging into a USB charger in an airport or rental car could be notified if the charger tried identifying as a keyboard. This can be achieve with our authentication microcontroller A7101CGTK2 and A7101CGUK.
Is it possible for a system (using NXP's secure authentication microcontroller A7101CGTK2 and A7101CGUK ) to recognize and authenticate devices from multiple vendors?
Yes. The vendors would need to use the same protocol for authentication and rely on an agreed certification authority for signing security certificates.
What solutions ( A7101CGTK2 and A7101CGUK ) does NXP have for USB Type-C authentication?
A)NXP’s A710x family ( A7101CGTK2 and A7101CGUK ) is a tamper resistant secure Micro Controller Unit (MCU) family using a dedicated security hardened CPU, cryptographic accelerators for both symmetric and asymmetric (PKI) protocols. Multiple interface and package options provide flexibility for mutual authentication and encryption implementations. A product description is available on our website and detailed documentation, samples, and demo boards are available under NDA.
B)The A1006 is an upcoming product that is sampling to lead customers now. It provides an optimized authentication solution providing secure, tamper resistant ECC-based authentication in the industry’s smallest form factor. We will provide more details publicly at a future date. Documentation, demo boards and samples are available to lead customers under NDA.
What is NXP demonstrating for USB Type-C authentication ( A7101CGTK2 and A7101CGUK ) ?
NXP has created a demonstration of USB Type-C interoperability, including authentication ( A7101CGTK2 and A7101CGUK ). In the demo platform, NXP is able to show how a host system can authenticate attached peripherals and use policy decisions to enable or disable functions depending on the success of the authentication.
If authentication (with authentication microcontroller A7101CGTK2 and A7101CGUK ) fails, will the devices automatically not function?
This is up to the system and device developers. For example, a system could choose to restrict certain types of capabilities to only “trusted” devices. In other cases, a system could offer a user an option to manually “ok” a device that did not authenticate or it could choose to only enable some restricted features of the untrusted device.
When using authentication (secure authentication microcontroller A7101CGTK2 and A7101CGUK ), does a host authenticate the device, or does the device authenticate the host?
It is possible for a host to authenticate a peripheral, a peripheral to authenticate a host, or both to perform mutual authentication. This depends on the goals of the system or device developer. NXP provides secure authentication microcontroller A7101CGTK2 and A7101CGUK which are suitable for such applications.
Is the USB industry committee (USB Implementers Forum) working on adding authentication (for e.g. NXP's authentication microcontrollers A7101CGTK2 and A7101CGUK ) to the USB specification?
NXP cannot comment on any discussions that may or may not be happening with regards to future iterations of the USB standard.
Isn’t authentication (using our secure authentication microcontrollers A7101CGTK2 and A7101CGUK ) simply a way for OEMs to mandate that their own peripherals are used rather than devices from other USB ecosystem vendors?
No – part of the value of the USB ecosystem is that it promotes interoperability among devices from many manufacturers. This has not changed. However, OEMs, enterprises and even end users are looking for ways to improve the safety and security of their overall systems, and authentication is a powerful tool to help enable that goal using our secure authentication microcontrollers A7101CGTK2 and A7101CGUK
Why should a customer choose NXP authentication solutions ( A7101CGTK2 and A7101CGUK ) for USB Type-C?
NXP is the only vendor today that can provide a complete secure USB Type-C solution ( A7101CGTK2 and A7101CGUK ). NXP is well-known in the industry as a leader in security solutions, covering a range of applications from banking and government ID to transportation, mobile transactions, cybersecurity and device authentication. At the same time, NXP offers an extensive portfolio of USB Type-C devices to complement security, providing our customers with a no-compromise one stop shop to ensure they get high quality products to market quickly.
Have any customers implemented authentication for USB Type-C?
NXP is unable to comment on unannounced product plans of our customers. We can say that we are seeing strong interest from customers to find ways to improve the safety and security of the USB ecosystem and that authentication using tamper-resistant secure ICs ( A7101CGTK2 and A7101CGUK ) offers an attractive solution to this challenge.
Is authentication ( using secure authentication microcontroller A7101CGTK2 and A7101CGUK ) part of the USB Type-C standard?
No – it is not part of the standard, but it is not precluded by the standard either. Authentication ( using secure authentication microcontroller A7101CGTK2 and A7101CGUK ) can be added to a Type-C compliant device and the device can still be fully compliant with the standard.
Which switch CBTL08GP053 or CBTL04GP043 is the right solutions for my system?
- If you are designing a host system with full alternate mode solution (4 lane DP or 2 Lane DP + USB3), sing 1 piece of CBTL08GP053 can cover all switching scenarios. Or you may use 3 pieces of CBTL04GP043, or 2 pieces of CBTL04GP043 with 1 piece of CBTL02032A together, to achieve the same result.
- If you are designing a host system with 2 Lane DP + USB3 only, sing 1 piece of CBTL08GP053 can cover all switching scenarios. Or you may use 2 pieces of CBTL04GP043 to achieve the same result.
- If you are designing a dongle with full alternate mode support, 1 piece of CBTL02043A and 1 piece of NX3L2G66 (for SBU/AUX) are needed.
- If you are designing a dongle with display only, 1 piece of NX3L2G66 is required for SBU/AUX signaling.
How is the USB Type-C switch CBTL08GP053 or CBTL04GP043 controlled?
CBTL08GP053 or CBTL04GP043 Switch settings can be configured by the system application processor or the PD policy controller. Typical interfaces are I2C or GPIO control.
When is a USB Type-C high speed switch CBTL08GP053 or CBTL04GP043 needed?
High speed switches CBTL08GP053 or CBTL04GP043 are needed to support the flipping feature of USB Type-C connector. These switches are available in small packages. They support multiple differential high speed lanes in both Tx and Rx direction and in both pass-thru or crossbar configurations. Additional low-speed sideband signaling is also supported as required by USB Type-C Alternate Modes.
Why should I use the redriver PTN36241BBS or PTN36242LBS or PTN36221AHX ?
As USB3.0 data rate goes up, signal quality deteriorates significantly over long PCB trace or cables. In order to recover from signal loss, NXP redrivers PTN36241BBS or PTN36242LBS or PTN36221AHX offers programmable TX de-emphasis and RX equalization to compensate high frequency channel loss and to reduce intersymbol interference which is major contributor of poor signal quality.
Which USB3.0 redriver PTN36241BBS or PTN36242LBS or PTN36221AHX, do I select for USB Type-C solution?
All redrivers in PTN36xxx family can be used for USB Type-C application. Each device is customized to offer the greatest flexibility and benefit.A) Single chip solution PTN36043, which integrates both redriver and USB3.0 data switch. This solution occupies the least PCB area, with fully adjustable channel conditions to adapt to various trace/cable lengths.
B)Two chip solution, PTN36241G + CBTL02043A. PTN36241G is a USB 3.0 redriver. CBTL02043A is high speed switch.
C)Simplified two chip solution, PTN36221A + CBTL02043. PTN36221A will be placed usually on the TX channel of the controller (for example, on the application processor’s TX). This is assuming the controller has very good equalizer to recover signals coming in from USB Type-C connector. PTN36221A also consumes half of the power comparing to a dual channel redriver.
Does NXP offer a simple plug and play solution for USB Type-C implementation?
PTN5100ABS, PTN5100BS, PTN5100DABS, PTN5100DBS, NXP PD policy controller, and NXP PD firmware is available as a complete USB Type-C solution that can be deployed into many platforms. Please contact NXP for reference designs and implementations.
Why is USB PD PHY needed?
USB Power Delivery specification defines protocol to communicate capabilities between a Host and Device. The PTN5100ABS, PTN5100BS, PTN5100DABS, PTN5100DBS is an interface device sitting between a USB Type-C connector and system application processor or PD policy controller; it handles the USB PD physical layer and protocol. In addition, PTN5100ABS/BS/DABS/BS integrates various power management features, dead battery initiation capability and control IOs to support many USB Type-C application scenarios.
How do I select a load switch for my new design including USB Type-C related applications?
If you are concerned with saving power or power sequencing, look for a slew rate controlled load switch with low and flat on-resistance for the intended range of operation.
If you need voltage protection or current protection, choose a load switches based on current rating and surge rating of the device and whether the device should open or regulate during a surge event. You’ll also want to consider package, quiescent current and features like over temperature protection, reverse current protection, and ESD protection.
Can the internal structure of the load switch prevent the backflow of current from the load to the power source in USB Type-C design?
Load switches integrating RCP (reverse current protection) will block the backflow of current from the output to the input. If output voltage exceeds input by a predetermined value, the power FET will open and disconnect the input to output connection. This also eliminates the need for external diodes.
What is the benefit of using an integrated load switch over an LDO for distributing power in USB Type-C design?
The advantages are threefold. First, the load switch reduces power dissipation by presenting a much lower voltage drop across the channel. Secondly, load switches provide in-rush current protection by limiting the slew rate under heavy loading. Finally, it brings a higher level of integration and thus saves PCB space.
Where I can find PTN3460 User manual UM10492?
You can find PTN3460 user manual UM10492 here: