JAJSGF4F November   2012  – September 2021 TMS320F28050 , TMS320F28051 , TMS320F28052 , TMS320F28052F , TMS320F28052M , TMS320F28053 , TMS320F28054 , TMS320F28054F , TMS320F28054M , TMS320F28055

PRODUCTION DATA  

  1. 特長
  2. アプリケーション
  3. 概要
    1. 3.1 機能ブロック図
  4. Revision History
  5. Device Comparison
    1. 5.1 Related Products
  6. Terminal Configuration and Functions
    1. 6.1 Pin Diagram
    2. 6.2 Signal Descriptions
      1. 6.2.1 Signal Descriptions
  7. Specifications
    1. 7.1  Absolute Maximum Ratings
    2. 7.2  ESD Ratings – Commercial
    3. 7.3  ESD Ratings – Automotive
    4. 7.4  Recommended Operating Conditions
    5. 7.5  Power Consumption Summary
      1. 7.5.1 TMS320F2805x Current Consumption at 60-MHz SYSCLKOUT
      2. 7.5.2 Reducing Current Consumption
      3. 7.5.3 Current Consumption Graphs (VREG Enabled)
    6. 7.6  Electrical Characteristics
    7. 7.7  Thermal Resistance Characteristics for PN Package
    8. 7.8  Thermal Design Considerations
    9. 7.9  JTAG Debug Probe Connection Without Signal Buffering for the MCU
    10. 7.10 Parameter Information
      1. 7.10.1 Timing Parameter Symbology
      2. 7.10.2 General Notes on Timing Parameters
    11. 7.11 Test Load Circuit
    12. 7.12 Power Sequencing
      1. 7.12.1 Reset ( XRS) Timing Requirements
      2. 7.12.2 Reset ( XRS) Switching Characteristics
    13. 7.13 Clock Specifications
      1. 7.13.1 Device Clock Table
        1. 7.13.1.1 2805x Clock Table and Nomenclature (60-MHz Devices)
        2. 7.13.1.2 Device Clocking Requirements/Characteristics
        3. 7.13.1.3 Internal Zero-Pin Oscillator (INTOSC1, INTOSC2) Characteristics
      2. 7.13.2 Clock Requirements and Characteristics
        1. 7.13.2.1 XCLKIN Timing Requirements - PLL Enabled
        2. 7.13.2.2 XCLKIN Timing Requirements - PLL Disabled
        3. 7.13.2.3 XCLKOUT Switching Characteristics (PLL Bypassed or Enabled)
    14. 7.14 Flash Timing
      1. 7.14.1 Flash/OTP Endurance for T Temperature Material
      2. 7.14.2 Flash/OTP Endurance for S Temperature Material
      3. 7.14.3 Flash/OTP Endurance for Q Temperature Material
      4. 7.14.4 Flash Parameters at 60-MHz SYSCLKOUT
      5. 7.14.5 Flash/OTP Access Timing
      6. 7.14.6 Flash Data Retention Duration
  8. Detailed Description
    1. 8.1 Overview
      1. 8.1.1  CPU
      2. 8.1.2  Control Law Accelerator
      3. 8.1.3  Memory Bus (Harvard Bus Architecture)
      4. 8.1.4  Peripheral Bus
      5. 8.1.5  Real-Time JTAG and Analysis
      6. 8.1.6  Flash
      7. 8.1.7  M0, M1 SARAMs
      8. 8.1.8  L0 SARAM, and L1, L2, and L3 DPSARAMs
      9. 8.1.9  Boot ROM
        1. 8.1.9.1 Emulation Boot
        2. 8.1.9.2 GetMode
        3. 8.1.9.3 Peripheral Pins Used by the Bootloader
      10. 8.1.10 Security
      11. 8.1.11 Peripheral Interrupt Expansion Block
      12. 8.1.12 External Interrupts (XINT1 to XINT3)
      13. 8.1.13 Internal Zero-Pin Oscillators, Oscillator, and PLL
      14. 8.1.14 Watchdog
      15. 8.1.15 Peripheral Clocking
      16. 8.1.16 Low-power Modes
      17. 8.1.17 Peripheral Frames 0, 1, 2, 3 (PFn)
      18. 8.1.18 General-Purpose Input/Output Multiplexer
      19. 8.1.19 32-Bit CPU-Timers (0, 1, 2)
      20. 8.1.20 Control Peripherals
      21. 8.1.21 Serial Port Peripherals
    2. 8.2 Memory Maps
    3. 8.3 Register Map
    4. 8.4 Device Emulation Registers
    5. 8.5 VREG, BOR, POR
      1. 8.5.1 On-chip VREG
        1. 8.5.1.1 Using the On-chip VREG
        2. 8.5.1.2 Disabling the On-chip VREG
      2. 8.5.2 On-chip Power-On Reset and Brownout Reset Circuit
    6. 8.6 System Control
      1. 8.6.1 Internal Zero-Pin Oscillators
      2. 8.6.2 Crystal Oscillator Option
      3. 8.6.3 PLL-Based Clock Module
      4. 8.6.4 Loss of Input Clock (NMI-watchdog Function)
      5. 8.6.5 CPU-watchdog Module
    7. 8.7 Low-power Modes Block
    8. 8.8 Interrupts
      1. 8.8.1 External Interrupts
        1. 8.8.1.1 External Interrupt Electrical Data/Timing
          1. 8.8.1.1.1 External Interrupt Timing Requirements
          2. 8.8.1.1.2 External Interrupt Switching Characteristics
    9. 8.9 Peripherals
      1. 8.9.1  Control Law Accelerator
        1. 8.9.1.1 CLA Device-Specific Information
        2. 8.9.1.2 CLA Register Descriptions
      2. 8.9.2  Analog Block
        1. 8.9.2.1 Analog-to-Digital Converter
          1. 8.9.2.1.1 ADC Device-Specific Information
          2. 8.9.2.1.2 ADC Electrical Data/Timing
            1. 8.9.2.1.2.1 ADC Electrical Characteristics
            2. 8.9.2.1.2.2 ADC Power Modes
            3. 8.9.2.1.2.3 External ADC Start-of-Conversion Electrical Data/Timing
              1. 8.9.2.1.2.3.1 External ADC Start-of-Conversion Switching Characteristics
            4. 8.9.2.1.2.4 Internal Temperature Sensor
              1. 8.9.2.1.2.4.1 Temperature Sensor Coefficient
            5. 8.9.2.1.2.5 ADC Power-Up Control Bit Timing
              1. 8.9.2.1.2.5.1 ADC Power-Up Delays
            6. 8.9.2.1.2.6 ADC Sequential and Simultaneous Timings
        2. 8.9.2.2 Analog Front End
          1. 8.9.2.2.1 AFE Device-Specific Information
          2. 8.9.2.2.2 AFE Register Descriptions
          3. 8.9.2.2.3 PGA Electrical Data/Timing
          4. 8.9.2.2.4 Comparator Block Electrical Data/Timing
            1. 8.9.2.2.4.1 Electrical Characteristics of the Comparator/DAC
          5. 8.9.2.2.5 VREFOUT Buffered DAC Electrical Data
            1. 8.9.2.2.5.1 Electrical Characteristics of VREFOUT Buffered DAC
      3. 8.9.3  Detailed Descriptions
      4. 8.9.4  Serial Peripheral Interface
        1. 8.9.4.1 SPI Device-Specific Information
        2. 8.9.4.2 SPI Register Descriptions
        3. 8.9.4.3 SPI Master Mode Electrical Data/Timing
          1. 8.9.4.3.1 SPI Master Mode External Timing (Clock Phase = 0)
          2. 8.9.4.3.2 SPI Master Mode External Timing (Clock Phase = 1)
        4. 8.9.4.4 SPI Slave Mode Electrical Data/Timing
          1. 8.9.4.4.1 SPI Slave Mode External Timing (Clock Phase = 0)
          2. 8.9.4.4.2 SPI Slave Mode External Timing (Clock Phase = 1)
      5. 8.9.5  Serial Communications Interface
        1. 8.9.5.1 SCI Device-Specific Information
        2. 8.9.5.2 SCI Register Descriptions
      6. 8.9.6  Enhanced Controller Area Network
        1. 8.9.6.1 eCAN Device-Specific Information
        2. 8.9.6.2 eCAN Register Descriptions
      7. 8.9.7  Inter-Integrated Circuit
        1. 8.9.7.1 I2C Device-Specific Information
        2. 8.9.7.2 I2C Register Descriptions
        3. 8.9.7.3 I2C Electrical Data/Timing
          1. 8.9.7.3.1 I2C Timing Requirements
          2. 8.9.7.3.2 I2C Switching Characteristics
      8. 8.9.8  Enhanced Pulse Width Modulator
        1. 8.9.8.1 ePWM Device-Specific Information
        2. 8.9.8.2 ePWM Register Descriptions
        3. 8.9.8.3 ePWM Electrical Data/Timing
          1. 8.9.8.3.1 ePWM Timing Requirements
          2. 8.9.8.3.2 ePWM Switching Characteristics
          3. 8.9.8.3.3 Trip-Zone Input Timing
            1. 8.9.8.3.3.1 Trip-Zone Input Timing Requirements
      9. 8.9.9  Enhanced Capture Module
        1. 8.9.9.1 eCAP Module Device-Specific Information
        2. 8.9.9.2 eCAP Module Register Descriptions
        3. 8.9.9.3 eCAP Module Electrical Data/Timing
          1. 8.9.9.3.1 eCAP Timing Requirement
          2. 8.9.9.3.2 eCAP Switching Characteristics
      10. 8.9.10 Enhanced Quadrature Encoder Pulse
        1. 8.9.10.1 eQEP Device-Specific Information
        2. 8.9.10.2 eQEP Register Descriptions
        3. 8.9.10.3 eQEP Electrical Data/Timing
          1. 8.9.10.3.1 eQEP Timing Requirements
          2. 8.9.10.3.2 eQEP Switching Characteristics
      11. 8.9.11 JTAG Port
        1. 8.9.11.1 JTAG Port Device-Specific Information
      12. 8.9.12 General-Purpose Input/Output
        1. 8.9.12.1 GPIO Device-Specific Information
        2. 8.9.12.2 GPIO Register Descriptions
        3. 8.9.12.3 GPIO Electrical Data/Timing
          1. 8.9.12.3.1 GPIO - Output Timing
            1. 8.9.12.3.1.1 General-Purpose Output Switching Characteristics
          2. 8.9.12.3.2 GPIO - Input Timing
            1. 8.9.12.3.2.1 General-Purpose Input Timing Requirements
          3. 8.9.12.3.3 Sampling Window Width for Input Signals
          4. 8.9.12.3.4 Low-Power Mode Wakeup Timing
            1. 8.9.12.3.4.1 IDLE Mode Timing Requirements
            2. 8.9.12.3.4.2 IDLE Mode Switching Characteristics
            3. 8.9.12.3.4.3 STANDBY Mode Timing Requirements
            4. 8.9.12.3.4.4 STANDBY Mode Switching Characteristics
            5. 8.9.12.3.4.5 HALT Mode Timing Requirements
            6. 8.9.12.3.4.6 HALT Mode Switching Characteristics
  9. Applications, Implementation, and Layout
    1. 9.1 TI Reference Design
  10. 10Device and Documentation Support
    1. 10.1 Getting Started
    2. 10.2 Device and Development Support Tool Nomenclature
    3. 10.3 Tools and Software
    4. 10.4 Documentation Support
    5. 10.5 サポート・リソース
    6. 10.6 Trademarks
    7. 10.7 Electrostatic Discharge Caution
    8. 10.8 Glossary
  11. 11Mechanical, Packaging, and Orderable Information
    1. 11.1 Packaging Information

パッケージ・オプション

メカニカル・データ(パッケージ|ピン)
サーマルパッド・メカニカル・データ
発注情報

8.1.10 Security

The TMS320F2805x device supports high levels of security with a dual-zone (Z1/Z2) feature to protect user's firmware from being reverse-engineered. The dual-zone feature enables the user to co-develop application software with a third-party or subcontractor by preventing visibility into each other's software IP. The security features a 128-bit password (hardcoded for 16 wait states) for each zone, which the user programs into the USER-OTP. Each zone has its own dedicated USER-OTP, which must be programmed by the user with the required security settings, including the 128-bit password. Because OTP cannot be erased, to provide the user with the flexibility of changing security-related settings and passwords multiple times, a 32-bit link pointer is stored at the beginning of each USER-OTP. Because the user can only flip a 1 in USER-OTP to 0, the most significant bit position in the link pointer, programmed as 0, defines the USER-OTP region (zone-select) for each zone in which security-related settings and passwords are stored. Table 8-3 provides the location of the zone-select block based on the link pointer. Table 8-4 shows the zone-select block organization in USER-OTP.

Table 8-3 Location of Zone-Select Block Based on Link Pointer
Zx LINK POINTER VALUE ADDRESS OFFSET FOR ZONE-SELECT
32’bxx111111111111111111111111111111 0x10
32’bxx111111111111111111111111111110 0x20
32’bxx11111111111111111111111111110x 0x30
32’bxx1111111111111111111111111110xx 0x40
32’bxx111111111111111111111111110xxx 0x50
32’bxx11111111111111111111111110xxxx 0x60
32’bxx1111111111111111111111110xxxxx 0x70
32’bxx111111111111111111111110xxxxxx 0x80
32’bxx11111111111111111111110xxxxxxx 0x90
32’bxx1111111111111111111110xxxxxxxx 0xa0
32’bxx111111111111111111110xxxxxxxxx 0xb0
32’bxx11111111111111111110xxxxxxxxxx 0xc0
32’bxx1111111111111111110xxxxxxxxxxx 0xd0
32’bxx111111111111111110xxxxxxxxxxxx 0xe0
32’bxx11111111111111110xxxxxxxxxxxxx 0xf0
32’bxx1111111111111110xxxxxxxxxxxxxx 0x100
32’bxx111111111111110xxxxxxxxxxxxxxx 0x110
32’bxx11111111111110xxxxxxxxxxxxxxxx 0x120
32’bxx1111111111110xxxxxxxxxxxxxxxxx 0x130
32’bxx111111111110xxxxxxxxxxxxxxxxxx 0x140
32’bxx11111111110xxxxxxxxxxxxxxxxxxx 0x150
32’bxx1111111110xxxxxxxxxxxxxxxxxxxx 0x160
32’bxx111111110xxxxxxxxxxxxxxxxxxxxx 0x170
32’bxx11111110xxxxxxxxxxxxxxxxxxxxxx 0x180
32’bxx1111110xxxxxxxxxxxxxxxxxxxxxxx 0x190
32’bxx111110xxxxxxxxxxxxxxxxxxxxxxxx 0x1a0
32’bxx11110xxxxxxxxxxxxxxxxxxxxxxxxx 0x1b0
32’bxx1110xxxxxxxxxxxxxxxxxxxxxxxxxx 0x1c0
32’bxx110xxxxxxxxxxxxxxxxxxxxxxxxxxx 0x1d0
32’bxx10xxxxxxxxxxxxxxxxxxxxxxxxxxxx 0x1e0
32’bxx0xxxxxxxxxxxxxxxxxxxxxxxxxxxxx 0x1f0
Table 8-4 Zone-Select Block Organization in USER-OTP
16-BIT ADDRESS OFFSET
(WITH RESPECT TO OFFSET OF ZONE-SELECT)		 CONTENT
0x0 Zx-EXEONLYRAM
0x1
0x2 Zx-EXEONLYSECT
0x3
0x4 Zx-GRABRAM
0x5
0x6 Zx-GRABSECT
0x7
0x8 Zx-CSMPSWD0
0x9
0xa Zx-CSMPSWD1
0xb
0xc Zx-CSMPSWD2
0xd
0xe Zx-CSMPSWD3
0xf

The Dual Code Security Module (DCSM) is used to protect the flash/OTP/Lx SARAM blocks/CLA/Secure ROM content. Individual flash sectors and SARAM blocks can be attached to any of the secure zone at start-up time. Secure ROM and the CLA are always attached to Z1. Resources attached to (owned by) one zone do not have any access to code running in the other zone when it is secured. Individual flash sectors, as well as SARAM blocks, can be further protected by enabling the EXEONLY protection. EXEONLY flash sectors or SARAM blocks do not have READ/WRITE access. Only code execution is allowed from such memory blocks.

The security feature prevents unauthorized users from examining memory contents through the JTAG port, executing code from external memory, or trying to boot load an undesirable software that would export the secure memory contents. To enable access to the secure blocks of a particular zone, the user must write a 128-bit value in the CSMKEY registers of the zone; this value must match the values stored in the password locations in USER-OTP. If the 128 bits of the password locations in USER-OTP of a particular zone are all 1s (unprogrammed), then the security for that zone gets UNLOCKED as soon as a dummy read is done to the password locations in USER-OTP (the value in the CSMKEY register becomes "Don’t care" in this case).

In addition to the DCSM, the Emulation Code Security Logic (ECSL) has been implemented for each zone to prevent unauthorized users from stepping through secure code. A halt inside secure code will trip the ECSL and break the emulation connection. To allow emulation of secure code while maintaining DCSM protection against secure memory reads, the user must write the lower 64 bits of the USER-OTP password into the CSMKEY register of the zone to disable the ECSL. Dummy reads of all 128 bits of the password for that particular zone in USER-OTP must still be performed. If the lower 64 bits of the password locations of a particular zone are all zeros, then the ECSL for that zone gets disabled as soon as a dummy read is done to the password locations in USER-OTP (the value in the CSMKEY register becomes "Don’t care" in this case).

When power is applied to a secure device that is connected to a JTAG debug probe, the CPU will start executing and may execute an instruction that performs an access to a protected area. If this happens, the ECSL will trip and cause the JTAG circuitry to be deactivated. Under this condition, a host (such as a computer running CCS or flash programming software) would not be able to establish connection with the device. The solution is to use the Wait boot option. In this mode, the device loops around a software breakpoint to allow a JTAG debug probe to be connected without tripping security. The user can then exit this mode once the JTAG debug probe is connected by using one of the emulation boot options as described in the Boot ROM chapter of the TMS320x2805x Real-Time Microcontrollers Technical Reference Manual. The 2805x devices do not support hardware wait-in-reset mode.

Note:

If reprogramming of a secure device via JTAG may be needed in future, it is important to design the board in such a way that the device could be put in Wait boot mode upon power-up (when reprogramming is warranted). Otherwise, ECSL may deactivate the JTAG circuitry and prevent connection to the device, as mentioned earlier. If reconfiguring the device for Wait boot mode in the field is not practical, some mechanism must be implemented in the firmware to detect when a firmware update is warranted. Code could then branch to the desired bootloader in the boot ROM. It could also branch to the Wait boot mode, at which point the JTAG debug probe could be connected, device unsecured and programming accomplished through JTAG itself.

To prevent reverse-engineering of the code in secure zone, unauthorized users are prevented from looking at the CPU registers in the CCS Expressions Window. The values in the Expressions Window for all of these registers, except for PC and some status bits, display false values when code is running from a secure zone. This feature gets disabled if the zone is unlocked.

Note:
  • The USER-OTP contains security-related settings for their respective zone. Execution is not allowed from the USER-OTP; therefore, the user should not keep any code/data in this region.
  • The 128-bit password must not be programmed to zeros. Doing so would permanently lock the device.
  • The user must try not to write into the CPU registers through the debugger watch window when code is running/halted from/inside secure zone. This may corrupt the execution of the actual program.
Dual Code Security Module Disclaimer:

THE DUAL CODE SECURITY MODULE (DCSM) INCLUDED ON THIS DEVICE WAS DESIGNED TO PASSWORD PROTECT THE DATA STORED IN THE ASSOCIATED MEMORY (EITHER ROM OR FLASH) AND IS WARRANTED BY TEXAS INSTRUMENTS (TI), IN ACCORDANCE WITH ITS STANDARD TERMS AND CONDITIONS, TO CONFORM TO TI'S PUBLISHED SPECIFICATIONS FOR THE WARRANTY PERIOD APPLICABLE FOR THIS DEVICE.

TI DOES NOT, HOWEVER, WARRANT OR REPRESENT THAT THE DCSM CANNOT BE COMPROMISED OR BREACHED OR THAT THE DATA STORED IN THE ASSOCIATED MEMORY CANNOT BE ACCESSED THROUGH OTHER MEANS. MOREOVER, EXCEPT AS SET FORTH ABOVE, TI MAKES NO WARRANTIES OR REPRESENTATIONS CONCERNING THE DCSM OR OPERATION OF THIS DEVICE, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

IN NO EVENT SHALL TI BE LIABLE FOR ANY CONSEQUENTIAL, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE DAMAGES, HOWEVER CAUSED, ARISING IN ANY WAY OUT OF YOUR USE OF THE DCSM OR THIS DEVICE, WHETHER OR NOT TI HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. EXCLUDED DAMAGES INCLUDE, BUT ARE NOT LIMITED TO LOSS OF DATA, LOSS OF GOODWILL, LOSS OF USE OR INTERRUPTION OF BUSINESS OR OTHER ECONOMIC LOSS.