8.8.4.5.5 Security and Safety Analysis and Reports

Several types of checks are performed when the TDES is enabled.

The peripheral clock of the TDES is monitored by specific circuitry to detect abnormal waveforms on the internal clock net that may affect the behavior of the TDES. Corruption on the triggering edge of the clock or a pulse with a minimum duration may be identified. If the flag TDES_WPSR.CGD is set, an abnormal condition occurred on the peripheral clock. This flag is not set under normal operating conditions.

The internal sequencer of the TDES is also monitored and if an abnormal state is detected, the flag TDES_WPSR.SEQE is set. This flag is not set under normal operating conditions.

The software accesses to the TDES are monitored and if an incorrect access is performed, the flag TDES_WPSR.SWE is set. The type of incorrect/abnormal software access is reported in the TDES_WPSR.SWETYP field (see TDES Write Protection Status Register for details). For example, writing the TDES_ODATARx is an error, as well as reading the TDES_IDATARx, when the TDES_ISR.DATRDY flag is cleared. TDES_WPSR.ECLASS is an indicator reporting the criticality of the SWETYP report.

The flags CGD, SEQE, SWE and WPVS are automatically cleared when TDES_WPSR is read.

If one of these flags is set, the flag TDES_ISR.SECE is set and can trigger an interrupt if the TDES_IMR.SECE bit is ‘1’. SECE is cleared by reading TDES_ISR.

It is possible to configure an action to be performed by the TDES as soon as an abnormal event detection occurs. If the field TDES_WPMR.ACTION is greater than 0, either a lock is performed or a lock and immediate clear of TDES_KEYxWRy. If a lock is performed, the current processing is ended normally but any new processing is not performed regardless of the start mode of operation (see TDES_MR.SMOD).

A locked state of the TDES is unlocked as follows:

  1. Read the TDES_WPSR.
  2. Disable the source of tamper if the tamper is enabled to perform a clear of the key.
  3. Write a ‘1’ to TDES_CR.UNLOCK.

It is possible to select the type of event that will lock the TDES in case of abnormal event detection. See TDES_WPMR.ACTION for details.

If the TDES_MR.TMPCLR=1 and the tamper pin is active, the TDES is locked.