Part 7 security features, 1 operation with security enabled, 2 flash access blocking mechanisms – Freescale Semiconductor 56F8122 User Manual

Operation with Security Enabled

56F8322 Technical Data, Rev. 10.0

Freescale Semiconductor

93

Preliminary

Part 7 Security Features

The 56F8322/56F8122 offer security features intended to prevent unauthorized users from reading the
contents of the Flash Memory (FM) array. The Flash security consists of several hardware interlocks that
block the means by which an unauthorized user could gain access to the Flash array.

However, part of the security must lie with the user’s code. An extreme example would be user’s code that
dumps the contents of the internal program, as this code would defeat the purpose of security. At the same
time, the user may also wish to put a “backdoor” in his program. As an example, the user downloads a
security key through the SCI, allowing access to a programming routine that updates parameters stored in
another section of the Flash.

7.1 Operation with Security Enabled

Once the user has programmed the Flash with his application code, the device can be secured by
programming the security bytes located in the FM configuration field, which occupies a portion of the FM
array. These non-volatile bytes will keep the part secured through reset and through power-down of the
device. Only two bytes within this field are used to enable or disable security. Refer to the Flash Memory
chapter in the 56F8300 Peripheral User Manual for the state of the security bytes and the resulting state
of security. When Flash security mode is enabled in accordance with the method described in the Flash
Memory module specification, the device will disable the core EOnCE debug capabilities. Normal
program execution is otherwise unaffected.

7.2 Flash Access Blocking Mechanisms

The 56F8322/56F8122 have several operating functional and test modes. Effective Flash security must
address operating mode selection and anticipate modes in which the on-chip Flash can be compromised
and read without explicit user permission. Methods to block these are outlined in the next subsections.

7.2.1

Forced Operating Mode Selection

At boot time, the SIM determines in which functional modes the device will operate. These are:

•

Unsecured Mode

•

Secure Mode (EOnCE disabled)

When Flash security is enabled as described in the Flash Memory module specification, the device will
disable the EOnCE debug interface.

7.2.2

Disabling EOnCE Access

On-chip Flash can be read by issuing commands across the EOnCE port, which is the debug interface for
the 56800E CPU. The TRST, TCLK, TMS, TDO, and TDI pins comprise a JTAG interface onto which
the EOnCE port functionality is mapped. When the device boots, the chip-level JTAG TAP (Test Access
Port) is active and provides the chip’s boundary scan capability and access to the ID register.