11.3.1.1.3 Flash Access Protections
Inter-Section Write Protection
For security reasons, it is impossible to write to the section of Flash from which the code is currently executing. Code writing to the APPCODE section must execute from the BOOT section, and code writing to the APPDATA section must execute from either the BOOT section or the APPCODE section.
| Program Execution Section | Section Being Addressed | Programming Allowed? |
|---|---|---|
| BOOT | BOOT | No |
| APPCODE | Yes | |
| APPDATA | ||
| EEPROM | ||
| USERROW | ||
| BOOTROW | Yes | |
| APPCODE | BOOT | No |
| APPCODE | ||
| APPDATA | Yes | |
| EEPROM | ||
| USERROW | ||
| BOOTROW | No | |
| APPDATA | BOOT | No |
| APPCODE | ||
| APPDATA | ||
| EEPROM | ||
| USERROW | ||
| BOOTROW | No |
Flash Read/Write Protection
In addition to the inter-section write protection, the NVMCTRL provides a security mechanism to avoid unwanted access to the Flash memory sections. Even if the CPU can never write to the BOOT section, a Boot Section Read Protection (BOOTRP) bit in the Control B (NVMCTRL.CTRLB) register is provided to prevent the read and execution of code from the BOOT section. This bit can be set only from the code executed in the BOOT section and has an effect only when leaving the BOOT section.
The three write protection bits (EEWP, APPDATAWP and APPCODEWP) in the Control B (NVMCTRL.CTRLB) register can be set to prevent writes respectively to the EEPROM or the APPDATA or APPCODE sections.