 English |
|
|
|
|
|
|
|
| PXS20RM Datasheet, PDF (137/1368 Pages) Freescale Semiconductor, Inc – PXS20 Microcontroller | |||
| |||
| ◁ |
Device Security
NOTE
The scheme used here does not prohibit a malicious listener from capturing
the password of a valid serial download, since the key is not in encrypted
form. The user must take appropriate measures to protect against access by
third parties during a valid download.
If the password is correct, the device is temporarily unsecured. In this state the a new flash memory
password can be programmed into the NVPWD registers or new application data can be programmed into
the main flash memory array. (In order to modify an already programmed password the shadow block
needs to be erased first, and all other configuration bits re-programmed as well.)
It is also possible to unlock the device via JTAG. For this the device needs to be held in reset by pulling
the external reset input, once the flash memory has completed its internal sequence, the JTAG register
CENSOR_CTRL can be written with the password in bits 63:0 and with bit 64 set to 1. The password
comparator will compare the password and unsecure the device if it is correct, if serial access with the flash
memory password is allowed, and if the device hasnât swallowed the key. (Only one transition on bit 64
from 0 to 1 is allowed.) The debugger needs to wait until the device is unlocked, after that a breakpoint
can be set if desired, and the debugger can release the reset. The device will remain unsecured until the
next reset event occurs.
6.1.2.1 Software unsecure
Since the security state of the device is determined solely by a user programmable location in the Shadow
Block, any application may choose to implement a software unsecure method, through any interface.
6.2 Serial access
The device can be accessed via a serial interface, if it is booted in SBL mode (see Section 5.2, Hardware
configuration). It is possible to either use the public password or the flash memory password â this is
decided by programming the Serial Boot Control word in the NVSCI register (see Figure 6-1). If it
contains the value 0x55AA, the flash memory password must be used, if it contains any other value the
public password must be used.
Access to the flash memory depends both on the Serial Boot Control field and the Censorship Control Field
in the NVSCI. An unsecured device always allows access to the flash memory regardless of the Serial Boot
Control field. For a secured device if the public password access is used, the flash memory will not be
visible, if flash memory password access is used then device security is disabled and the flash memory is
visible.
The application may wish to prohibit access via serial line - this can be accomplished by programming
NVSCI to 0x55AA which mandates the use of the flash memory password, and programming NVPWD to
0x0000_0000_0000_0000 which makes the flash memory password invalid.
However it should be carefully evaluated whether this scenario is desirable. If programmed like this there
is no longer the possibility to allow the manufacturer to run diagnostic on a returned device. Similarly it
wonât be possible anymore to update the application. This does not apply if the user decides to implement
an alternative backdoor scheme in software (see Section 6.1.2.1, Software unsecure).
PXS20 Microcontroller Reference Manual, Rev. 1
Freescale Semiconductor
6-3
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese