19.12.1.2 Examples

The following table shows an example of Security Type settings.

Table 19-8. Security Type Setting Example
Client Host0 Host1 Host2
Client0

Internal Memory

Never Secure Internal Securable

1 region

Internal Securable

1 region

Client1

EBI

External Securable

2 regions

Always Secure External Securable

2 regions

This example is constructed with the following characteristics:

  • Client0 is an Internal Memory containing one region:
    • The Access from Host0 to Client0 is Never Secure
    • The access from Host1 and Host2 to Client0 is Internal Securable with one region and with the same software configuration (Choice of SASPLIT0 and the security configuration bits LANSECH, RDNSECH, WRNSECH).
  • Client1 is an EBI containing two regions:
    • The Access from Host1 to Client1 is Always Secure
    • The access from Host0 and Host2 to Client1 is External Securable with two regions and with the same software configuration (Choice of SRTOP0, SRTOP1, SASPLIT0, SASPLIT1 and the security configuration bits LANSECH, RDNSECH, WRNSECH).

The figure below shows an Internal Securable client example. This example is constructed with the following hypothesis:

  • The client is an Internal Memory containing one region. The Client region max size is 4 Mbytes.
  • The client region 0 base address equals 0x10000000. Its top size is 512 Kbytes (hardware configuration).
  • The client software configuration is:
    • SASPLIT0 is set to 256 Kbytes
    • LANSECH0 is set to 0, the low area of region 0 is the securable one
    • RDNSECH0 is set to 0, region 0 Securable area is secured for reads
    • WRNSECH0 is set to 0, region 0 Securable area is secured for writes
      Figure 19-2. Partitioning Example of an Internal Securable Client Featuring 1 Security Region of 512 Kbytes Split into 1 or 2 Security Areas of 4 Kbytes to 512 Kbytes
      Note: The client security areas split inside the security region are configured by writing into the Security Areas Split Client Registers.

The figure below shows an External Securable client example. This example is constructed with the following hypothesis:

  • The client is an interface with the external bus (EBI) containing two regions. The client size is 2 × 256 Mbytes. Each client region max size is 256 Mbytes.
  • The client region 0 base address equals 0x10000000. It is connected to a 32 Mbyte memory, for example an external DDR. The client region 0 top size must be set to 32 Mbytes.
  • The client region 1 base address equals 0x20000000. It is connected to a 2 Mbyte memory, for example an external NAND Flash. The client region 1 top size must be set to 2 Mbytes.
  • The client software configuration is:
    • SRTOP0 is set to 32 Mbytes
    • SRTOP1 is set to 2 Mbytes
    • SASPLIT0 is set to 4 Mbytes
    • SASPLIT1 is set to 1 Mbyte
    • LANSECH0 is set to 1, the low area of region 0 is the non-securable one
    • RDNSECH0 is set to 0, region 0 Securable area is secured for reads
    • WRNSECH0 is set to 0, region 0 Securable area is secured for writes
    • LANSECH1 is set to 0, the low area of region 1 is the Securable one
    • RDNSECH1 is set to 1, region 1 Securable area is non-secured for reads
    • WRNSECH1 is set to 0, region 1 Securable area is secured for writes
      Figure 19-3. Partitioning Example of an External Securable Client Featuring 2 Security Regions of 4 Kbytes to 128 Mbytes each and up to 4 Security Areas of 4 Kbytes to 128 Mbytes
      Note: The client region sizes are configured by writing into the Security Region Top Client Registers.
The client security area split inside each region is configured by writing into the Security Areas Split Client Registers.

The figure below shows a Scalable Securable client example. This example is constructed with the following hypothesis:

  • The client is an external memory with dedicated client containing four regions, for example an external DDR.
  • The client size is 512 Mbytes.
  • The client base address equals 0x40000000. It is connected to a 256-Mbyte external memory.
  • As the connected memory size is 256 Mbytes and there are four regions, the size of each region is 64 Mbytes. This gives the value of the client region max size and top size. The client region 0 top size must be configured to 64 Mbytes.
  • The client software configuration is:
    • SRTOP0 is set to 64 Mbytes
    • SASPLIT0 is set to 4 Kbytes
    • SASPLIT1 is set to 64 Mbytes, so its low area occupies the whole region 1
    • SASPLIT2 is set to 4 Kbytes
    • SASPLIT3 is set to 32 Mbytes
    • LANSECH0 is set to 0, the low area of region 0 is the Securable one
    • RDNSECH0 is set to 1, region 0 Securable area is non-secured for reads
    • WRNSECH0 is set to 0, region 0 Securable area is secured for writes
    • LANSECH1 is set to 1, the low area of region 1 is the non-securable one
    • RDNSECH1 is ‘don’t care’ since the low area occupies the whole region 1
    • WRNSECH1 is ‘don’t care’ since the low area occupies the whole region 1
    • LANSECH2 is set to 1, the low area of region 2 is the non-securable one
    • RDNSECH2 is set to 0, region 2 Securable area is secured for reads
    • WRNSECH2 is set to 0, region 2 Securable area is secured for writes
    • LANSECH3 is set to 0, the low area of region 3 is the Securable one
    • RDNSECH3 is set to 0, region 3 Securable area is secured for reads
    • WRNSECH3 is set to 0, region 3 Securable area is secured for writes
      Figure 19-4. Partitioning Example of a Scalable Securable Client Featuring 4 Equally-sized Security Regions of 1 Mbytes to 128 Mbytes each and up to 8 Security Areas of 4 Kbytes to 128 Mbytes
      Note: The clients’ generic security regions sizes are configured by writing into field SRTOP0 of the Security Region Top Client Registers and the custom client security areas splits inside each region is configured by writing into the Security Areas Split Client Registers.