8.3.3 User Configuration B (UCB)

The UCB stores security and boot Configuration bits including the Flash protection region descriptor configurations. UCB data read and CRC access is permitted in all modes. Execution from UCB space is not permitted. Write permission is restricted in all modes by the UCB Write Protect WPUCB bit (UCPROT[1]). The UCB write protection is enabled after Reset if the FWPUCB Configuration Word is programmed with a value of 0x5B9B12E4. Also, the UCB area can be erase-protected by the EPUCB bit (UCPROT[0]).

The UCB erase protection is enabled after Reset if the FEPUCB Configuration Word is programmed with a value of 0x84C1F396. Write protection disables both programming and erase. Erase protection only disables erase. The UCB write and erase protect Configuration Words (FWPUCB and FEPUCB) are 32-bit OTP Flash locations that can only be programmed to their specified values (0x5B9B12E4 and 0x84C1F396). Row programming is not allowed for UCB. UCB is erased on a chip erase unless it is either erase protected when EPUCB (UCPROT[0]) = ‘1’ or write-protected when WPUCB (UCPROT[1]) = ‘1’. If the UCB erase protection Configuration Word is programmed, all programmed UCB Configuration Words are protected from modification. This allows multiple parties to program firmware and data into user program Flash and permanently protect it from modification using IRT or OTP regions.

An aspect of this capability is UCB overwrite protection. UCB overwrite protection ensures Flash Configuration Words in UCB are only programmed once after each UCB page erase. Once any valid Configuration bit in a UCB 128-bit Flash word is programmed to ‘0’, further programming is not allowed for that Flash word without a page erase. UCB overwrite protection is only provided for a word that has been programmed after the next Reset because the overwrite protection is based on the configuration values loaded at Reset.

Once all protection region descriptors and other UCB Configuration Words are programmed, UCB can be permanently write- protected by programming the UCB write-protect FWPUCB Configuration Word. Typically, the UCB write-protect Configuration bit should be programmed before a device is deployed in a system design. The UCB Write-Protect bit must be programmed to enable the Entire Flash OTP by ICSP Write Inhibit feature and/or the Secure Debug. During development or the system production process, the EPUCB (UCPROT[0]) and WPUCB (UCPROT[1]) bits can be set by firmware to provide UCB protection without programming the UCB write or erase-protect Configuration Words.