52.5.3.5 Security and Safety Analysis and Reports
Several types of checks are performed when the TZAESB is enabled.
The peripheral clock of the TZAESB is monitored by specific circuitry to detect abnormal waveforms on the internal clock net that may affect the behavior of the TZAESB. Corruption on the triggering edge of the clock or a pulse with a minimum duration may be identified. If the flag TZAESB_WPSR.CGD is set, an abnormal condition occurred on the peripheral clock. This flag is not set under normal operating conditions.
The internal sequencer of the TZAESB is also monitored and if an abnormal state is detected, the flag TZAESB_WPSR.SEQE is set. This flag is not set under normal operating conditions.
The software accesses to the TZAESB are monitored and if an incorrect access is performed, the flag TZAESB_WPSR.SWE is set. The type of incorrect/abnormal software access is reported in TZAESB_WPSR.SWETYP (see TZAESB_WPSR for details). TZAESB_WPSR.ECLASS is an indicator reporting the criticality of the SWETYP report.
The flags CGD, SEQE, SWE and WPVS are automatically cleared when TZAESB_WPSR is read.
If one of these flags is set, the flag TZAESB_ISR.SECE is set and can trigger an interrupt if TZAESB_IMR.SECE is ‘1’. SECE is cleared by reading TZAESB_ISR.
It is possible to configure an action to be performed by TZAESB as soon as an abnormal event detection occurs. If TZAESB_WPMR.ACTION > 0, either a lock is performed or a lock and immediate clear of the TZAESB_KEYWRx key. If a lock is performed, the current processing is ended normally but no new processing is performed.
A locked state of the TZAESB is unlocked as follows:
- Read TZAESB_WPSR.
- Disable the source of tamper if the tamper is enabled to perform a clear of the key.
- Write a ‘1’ to TZAESB_CR.UNLOCK.
It is possible to select the type of event that will lock the TZAESB in case of abnormal event detection. See TZAESB_WPMR.ACTION for details.
If TZAESB_MR.TMPCLR=1 and the tamper pin is active, the TZAESB is locked.