MC9S08GT16A Datasheet, PDF(55/300 Page) Freescale Semiconductor, Inc – Microcontrollers

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

MC9S08GT16A Datasheet, PDF (55/300 Pages) Freescale Semiconductor, Inc – Microcontrollers

◁

Memory

makes the MCU secure. During development, whenever the FLASH is erased, it is good practice to

immediately program the SEC00 bit to 0 in NVOPT so SEC01:SEC00 = 1:0. This would allow the MCU

to remain unsecured after a subsequent reset.

The on-chip debug module cannot be enabled while the MCU is secure. The separate background debug

controller can still be used for background memory access commands, but the MCU cannot enter active

background mode except by holding BKGD/MS low at the rising edge of reset.

A user can choose to allow or disallow a security unlocking mechanism through an 8-byte backdoor

security key. If the nonvolatile KEYEN bit in NVOPT/FOPT is 0, the backdoor key is disabled and there

is no way to disengage security without completely erasing all FLASH locations. If KEYEN is 1, a secure

user program can temporarily disengage security by:

1. Writing 1 to KEYACC in the FCNFG register. This makes the FLASH module interpret writes to

the backdoor comparison key locations (NVBACKKEY through NVBACKKEY+7) as values to

be compared against the key rather than as the ï¬rst step in a FLASH program or erase command.

2. Writing the user-entered key values to the NVBACKKEY through NVBACKKEY+7 locations.

These writes must be done in order, starting with the value for NVBACKKEY and ending with

NVBACKKEY+7. STHX should not be used for these writes because these writes cannot be done

on adjacent bus cycles. User software normally would get the key codes from outside the MCU

system through a communication interface such as a serial I/O.

3. Writing 0 to KEYACC in the FCNFG register. If the 8-byte key that was just written matches the

key stored in the FLASH locations, SEC01:SEC00 are automatically changed to 1:0 and security

will be disengaged until the next reset.

The security key can be written only from RAM, so it cannot be entered through background commands

without the cooperation of a secure user program.

The backdoor comparison key (NVBACKKEY through NVBACKKEY+7) is located in FLASH memory

locations in the nonvolatile register space so users can program these locations exactly as they would

program any other FLASH memory location. The nonvolatile registers are in the same 512-byte block of

FLASH as the reset and interrupt vectors, so block protecting that space also block protects the backdoor

comparison key. Block protects cannot be changed from user application programs, so if the vector space

is block protected, the backdoor security key mechanism cannot permanently change the block protect,

security settings, or the backdoor key.

Security can always be disengaged through the background debug interface by performing these steps:

1. Disable any block protections by writing FPROT. FPROT can be written only with background

debug commands, not from application software.

2. Mass erase FLASH, if necessary.

3. Blank check FLASH. Provided FLASH is completely erased, security is disengaged until the next

reset.

To avoid returning to secure mode after the next reset, program NVOPT so SEC01:SEC00 = 1:0.

MC9S08GT16A/GT8A Data Sheet, Rev. 1

Freescale Semiconductor

55

▷