Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

Irreversible security-related features and settings in TRAVEO™ T2G MCU

Irreversible security-related features and settings in TRAVEO™ T2G MCU

KOTS
Employee
Employee
First like given 5 questions asked First question asked

Japanese Translation: TRAVEO™ T2G MCUの不可逆なセキュリティ機能や設定

There are some security-related features and settings that, once set, cannot be restored using the debugger in TRAVEO™ T2G MCU.

The following is a main list of irreversible security functions and settings.

It is recommended that you prepare spare chips or socket board since the chip may become inaccessible during security evaluation.

・eFuse

  Once written, this memory cannot be changed anymore.

Supervisory Flash (SFlash)

  If Lifecycle stage is changed to SECURE or SECURE_W_DEBUG, modification is restricted by SECURE_HASH.

・Lifecycle stage setting

  Lifecycle stage settings such as NORMAL_PROVISIONED, SECURE and RMA are written to eFuse and cannot be reverted.

・Normal Access Restriction (NAR)/Normal Dead Access Restriction (NDAR) of SFlash

  When the device is in NORMAL_PROVISIONED, the SFlash NAR/NDAR settings can be changed, but the restrictions cannot be relaxed. For example, the disable DAP setting cannot be changed to the enable DAP setting.

・Protection Unit (MPU, SMPU, PPU) Settings

  If the Protection Unit setting is set to prohibit external debugger access and no mechanism is in place to allow access, the debugger will not be able to connect.

Flash Write Protection Unit (FWPU) setting of SFlash

  When FWPU is set for SFlash by SWPU, the SWPU settings are stored in SFlash and cannot be rewritten.

More information

More like this (optional)

  • None

Note:

 This KBA applies to the following series of TRAVEO™ T2G MCUs:

  • TRAVEO™ T2G CYT2xx series
  • TRAVEO™ T2G CYT3xx series
  • TRAVEO™ T2G CYT4xx series
0 Likes
150 Views