54.4.11.5 Security and Safety Analysis and Reports

Several types of checks are performed when the AES is enabled.

The peripheral clock of the AES is monitored by specific circuitry to detect abnormal waveforms on the internal clock net that may affect the behavior of the AES. Corruption on the triggering edge of the clock or a pulse with a minimum duration may be identified. If the flag AES_WPSR.CGD is set, an abnormal condition occurred on the peripheral clock. This flag is not set under normal operating conditions.

The internal sequencer of the AES is also monitored and if an abnormal state is detected, the flag AES_WPSR.SEQE is set. This flag is not set under normal operating conditions.

The software accesses to the AES are monitored and if an incorrect access is performed, the flag AES_WPSR.SWE is set. The type of incorrect/abnormal software access is reported in AES_WPSR.SWETYP (see AES_WPSR for details). For example, writing the AES_ODATARx is an error, as well as reading the AES_IDATARx, when the AES_ISR.DATRDY flag is cleared. AES_WPSR.ECLASS is an indicator reporting the criticality of the SWETYP report.

The flags CGD, SEQE, SWE and WPVS are automatically cleared when AES_WPSR is read.

If one of these flags is set, the flag AES_ISR.SECE is set and can trigger an interrupt if the AES_IMR.SECE bit is ‘1’. SECE is cleared by reading AES_ISR.

It is possible to configure an action to be performed by AES as soon as an abnormal event detection occurs. If AES_WPMR.ACTION > 0, either a lock is performed or a lock and immediate clear of the AES_KEYWRx key. If a lock is performed, the current processing is ended normally but any new processing is not performed whatever the start mode of operation (see AES_MR.SMOD).

A locked state of the AES is unlocked as follows:

  1. Read AES_WPSR.
  2. Disable the source of tamper if the tamper is enabled to perform a clear of the key.
  3. Write a ‘1’ to AES_CR.UNLOCK.

It is possible to select the type of event that will lock the AES in case of abnormal event detection. See AES_WPMR.ACTION for details.

If the AES_MR.TMPCLR=1 and the tamper pin is active, the AES is locked.