On this device, some of the memories
are not secure. To avoid any potential hacking when the device is in the default
state (post reset), accesses (all types) to all memories (secure as well as
non-secure, except BOOT-ROM and OTP ) are disabled until proper security
initialization is done. This means that after reset none of the memory resources
except BOOT_ROM and OTP is accessible to the user.
The following steps are required by
CPU after reset (any type of reset) to initialize the security on device.
Security Initialization
- Dummy Read to address location of
SECDC (0x703F0, TI-reserved register) in TI OTP
- Dummy Read to address location of
Z1OTP_LINKPOINTER1 in Z1 OTP
- Dummy Read to address location of
Z1OTP_LINKPOINTER2 in Z1 OTP
- Dummy Read to address location of
Z1OTP_LINKPOINTER3 in Z1 OTP
- Dummy Read to address location of
Z2OTP_LINKPOINTER1 in Z2 OTP
- Dummy Read to address location of
Z2OTP_LINKPOINTER2 in Z2 OTP
- Dummy Read to address location of
Z2OTP_LINKPOINTER3 in Z2 OTP
- Dummy Read to address location
Z1OTP_JLM_ENABLE in Z1 OTP
- Dummy Read to address location of
Z1OTP_GPREG1, Z1OTP_GPREG2, Z1OTP_GPREG3, Z1OTP_GPREG4 in Z1 OTP
- Dummy Read to address location of
Z1OTP_PSWDLOCK in Z1 OTP
- Dummy Read to address location of
Z1OTP_CRCLOCK in Z1 OTP
- Dummy Read to address location of
Z1OTP_JTAGPSWDH0, Z1OTP_JTAGPSWDH1 in Z1 OTP
- Dummy Read to address location of
Z2OTP_GPREG1, Z2OTP_GPREG2, Z2OTP_GPREG3, Z2OTP_GPREG4 in Z2 OTP
- Dummy Read to address location of
Z2OTP_PSWDLOCK in Z2 OTP
- Dummy Read to address location of
Z2OTP_CRCLOCK in Z2 OTP
- Read to memory map register of
Z1_LINKPOINTER in DCSM module to calculate the address of zone select block for
Z1
- Dummy read to address location of
Z1OTP_GRABSECT1, Z1OTP_GRABSECT2, Z1OTP_GRABSECT3 in Z1 OTP
- Dummy read to address location of
Z1OTP_GRABRAM1
- Dummy read to address location of
Z1OTP_EXEONLYSECT1, Z1OTP_EXEONLYSECT2 in Z1 OTP
- Dummy read to address location of
Z1OTP_EXEONLYRAM1 in Z1 OTP
- Dummy Read to address location of
Z1OTP_JTAGPSWDL0, Z1OTP_JTAGPSWDL1 in Z1 OTP
- Read to memory map register of
Z2_LINKPOINTER in DCSM module to calculate the address of zone select block for
Z2
- Dummy read to address location of
Z2OTP_GRABSECT1, Z2OTP_GRABSECT2, Z2OTP_GRABSECT3 in Z2 OTP
- Dummy read to address location of
Z2OTP_GRABRAM1
- Dummy read to address location of
Z2OTP_EXEONLYSECT1, Z2OTP_EXEONLYSECT2 in Z2 OTP
- Dummy read to address location of
Z2OTP_EXEONLYRAM1 in Z2 OTP
Note: Security Initialization is done by
BOOTROM code on all the resets (as part of device initialization) that assert
SYSRSn. This is not part of user application code.
The order of initialization
matters; hence, if a memory watch window with the USER OTP address is opened in
the debugger (CCS IDE), the security initialization can occur in an incorrect
order locking the device down. To avoid this, do not keep a memory window with
USER OTP address opened in the debugger (CCS IDE) when performing a
reset.