Before I brick any of my devices, does anyone have thoughts on self writing of flash with security enabled? I don't want anyone to hack my device, but my device must be able to re-write it's own flash, whether in bootloader mode or in the user application. I understand the certain security bits remove the ability to debug/program using SWD, but do they remove the ability to self write? From the TRM (which isn't specific enough in this case):
- PROTECTED mode: The user may change the mode from OPEN to PROTECTED. This disables all debug access to user code or memory. Only access to user registers is still available; this prevents debug access to reprogram flash. The mode can be set back to OPEN but only after completely erasing the flash.
- KILL mode: The user may change the mode from OPEN to KILL. This removes all debug access to user code or memory, and the flash cannot be erased. Only access to user registers is still available; this prevents debug access to reprogram flash. The part cannot be taken out of KILL mode; devices in KILL mode may not be returned for failure analysis.
Flash cannot be erased because debug hardware is disabled or Flash cannot ever physically be erased because of something at the flash controller level?
