MC9S08DZ60MLF Datasheet, PDF(60/416 Page) Freescale Semiconductor, Inc – MC9S08DZ60 Series Features

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

MC9S08DZ60MLF Datasheet, PDF (60/416 Pages) Freescale Semiconductor, Inc – MC9S08DZ60 Series Features

◁

Chapter 4 Memory

which can be performed at the same time the Flash memory is programmed. The 1:0 state disengages

security; the other three combinations engage security. Notice the erased state (1:1) makes the MCU

secure. During development, whenever the Flash is erased, it is good practice to immediately program the

SEC0 bit to 0 in NVOPT so SEC = 1:0. This would allow the MCU to remain unsecured after a subsequent

reset.

The on-chip debug module cannot be enabled while the MCU is secure. The separate background debug

controller can be used for background memory access commands, but the MCU cannot enter active

background mode except by holding BKGD low at the rising edge of reset.

A user can choose to allow or disallow a security unlocking mechanism through an 8-byte backdoor

security key. If the nonvolatile KEYEN bit in NVOPT/FOPT is 0, the backdoor key is disabled and there

is no way to disengage security without completely erasing all Flash locations. If KEYEN is 1, a secure

user program can temporarily disengage security by:

1. Writing 1 to KEYACC in the FCNFG register. This makes the Flash module interpret writes to the

backdoor comparison key locations (NVBACKKEY through NVBACKKEY+7) as values to be

compared against the key rather than as the ï¬rst step in a Flash program or erase command.

2. Writing the user-entered key values to the NVBACKKEY through NVBACKKEY+7 locations.

These writes must be performed in order starting with the value for NVBACKKEY and ending

with NVBACKKEY+7. STHX must not be used for these writes because these writes cannot be

performed on adjacent bus cycles. User software normally would get the key codes from outside

the MCU system through a communication interface such as a serial I/O.

3. Writing 0 to KEYACC in the FCNFG register. If the 8-byte key that was written matches the key

stored in the Flash locations, SEC bits are automatically changed to 1:0 and security will be

disengaged until the next reset.

The security key can be written only from secure memory (either RAM, EEPROM, or Flash), so it cannot

be entered through background commands without the cooperation of a secure user program.

The backdoor comparison key (NVBACKKEY through NVBACKKEY+7) is located in Flash memory

locations in the nonvolatile register space so users can program these locations exactly as they would

program any other Flash memory location. The nonvolatile registers are in the same 768-byte block of

Flash as the reset and interrupt vectors, so block protecting that space also block protects the backdoor

comparison key. Block protects cannot be changed from user application programs, so if the vector space

is block protected, the backdoor security key mechanism cannot permanently change the block protect,

security settings, or the backdoor key.

Security can always be disengaged through the background debug interface by taking these steps:

1. Disable any block protections by writing FPROT. FPROT can be written only with background

debug commands, not from application software.

2. Mass erase Flash if necessary.

3. Blank check Flash. Provided Flash is completely erased, security is disengaged until the next reset.

To avoid returning to secure mode after the next reset, program NVOPT so SEC = 1:0.

MC9S08DZ60 Series Data Sheet, Rev. 4

60

Freescale Semiconductor

▷