3.3 Memory Layout
The PIC32CM LS60 MCU family is divided into up to nine memory regions, as shown in the figure below. The size of each region is configurable using specific NVM Configuration bit fields, such as BNSC, BOOTPROT, AS, ANSC, DS, and RS.
- BOOTPROT = BS.
- All the NVM Configuration bit field acronyms, shown in the figure above, are defined in the Glossary.
Each memory region is preconfigured in the hardware with one of the following attributes:
- Secure (S): Used for memory and peripherals that are accessible only by secure software.
- Non-Secure Callable (NSC): A special type of secure memory location. It enables software transition from a Non-Secure to a Secure state.
- Non-Secure (NS): Used for memory and peripherals that are accessible by all software running on the device.
The security attribute of each region will define the security state of the code stored in this region.
The goal of this Secure Firmware Upgrade application is to transfer the client firmware from the host to the target device securely. To enhance firmware security, both the host and the client firmware utilize the Secure Flash Region exclusively.
The following figures display the memory layout for the Secure Firmware Upgrade Application of the PIC32CM LS60 MCU.
The Host firmware utilizes the entire Flash and SRAM as a Secure Region. Since the Client firmware is embedded in the Host firmware, it is kept in a secure location.
The client's Flash memory is divided into two parts: the Bootloader region, which contains the secure firmware bootloader code, and the application region, where the received firmware is stored. The bootloader trigger pattern is stored at 0x20001000 of the SRAM, and the rest of the memory will be used for the bootloader. All memory regions are configured as secure areas to protect against external threats.