MC9S08AC60 Datasheet, PDF(56/348 Page) Freescale Semiconductor, Inc – Microcontrollers

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

MC9S08AC60 Datasheet, PDF (56/348 Pages) Freescale Semiconductor, Inc – Microcontrollers

◁

Chapter 4 Memory

4.4.7 Vector Redirection

Whenever any block protection is enabled, the reset and interrupt vectors will be protected. Vector

redirection allows users to modify interrupt vector information without unprotecting bootloader and reset

vector space. Vector redirection is enabled by programming the FNORED bit in the NVOPT register

located at address $FFBF to zero. For redirection to occur, at least some portion but not all of the FLASH

memory must be block protected by programming the NVPROT register located at address $FFBD. All of

the interrupt vectors (memory locations $FFC0â$FFFD) are redirected, while the reset vector

($FFFE:FFFF) is not. When more than 32K is protected, vector redirection must not be enabled.

For example, if 512 bytes of FLASH are protected, the protected address region is from $FE00 through

$FFFF. The interrupt vectors ($FFC0â$FFFD) are redirected to the locations $FDC0â$FDFD. Now, if an

SPI interrupt is taken for instance, the values in the locations $FDE0:FDE1 are used for the vector instead

of the values in the locations $FFE0:FFE1. This allows the user to reprogram the unprotected portion of

the FLASH with new program code including new interrupt vector values while leaving the protected area,

which includes the default vector locations, unchanged.

4.5 Security

The MC9S08AC60 Series includes circuitry to prevent unauthorized access to the contents of FLASH and

RAM memory. When security is engaged, FLASH and RAM are considered secure resources. Direct-page

registers, high-page registers, and the background debug controller are considered unsecured resources.

Programs executing within secure memory have normal access to any MCU memory locations and

resources. Attempts to access a secure memory location with a program executing from an unsecured

memory space or through the background debug interface are blocked (writes are ignored and reads return

all 0s).

Security is engaged or disengaged based on the state of two nonvolatile register bits (SEC01:SEC00) in

the FOPT register. During reset, the contents of the nonvolatile location NVOPT are copied from FLASH

into the working FOPT register in high-page register space. A user engages security by programming the

NVOPT location which can be done at the same time the FLASH memory is programmed. The 1:0 state

disengages security while the other three combinations engage security. Notice the erased state (1:1)

makes the MCU secure. During development, whenever the FLASH is erased, it is good practice to

immediately program the SEC00 bit to 0 in NVOPT so SEC01:SEC00 = 1:0. This would allow the MCU

to remain unsecured after a subsequent reset.

The on-chip debug module cannot be enabled while the MCU is secure. The separate background debug

controller can still be used for background memory access commands, but the MCU cannot enter active

background mode except by holding BKGD/MS low at the rising edge of reset.

A user can choose to allow or disallow a security unlocking mechanism through an 8-byte backdoor

security key. If the nonvolatile KEYEN bit in NVOPT/FOPT is 0, the backdoor key is disabled and there

is no way to disengage security without completely erasing all FLASH locations. If KEYEN is 1, a secure

user program can temporarily disengage security by:

1. Writing 1 to KEYACC in the FCNFG register. This makes the FLASH module interpret writes to

the backdoor comparison key locations (NVBACKKEY through NVBACKKEY+7) as values to

be compared against the key rather than as the ï¬rst step in a FLASH program or erase command.

MC9S08AC60 Series Data Sheet, Rev. 2

56

Freescale Semiconductor

▷