11.3.1.1.3 Flash Access Protections

Inter-Section Write Protection

It is impossible to write to the section of Flash the code is currently executing from for security reasons. Code writing to the APPCODE section needs to be executed from the BOOT section, and code writing to the APPDATA section needs to be executed from either the BOOT section or the APPCODE section.

Table 11-3. Write Protection for Self- Programming
Program Execution Section Section Being Addressed Programming Allowed?
BOOT BOOT No
APPCODE Yes
APPDATA
EEPROM
USERROW
APPCODE BOOT No
APPCODE
APPDATA Yes
EEPROM
USERROW
APPDATA BOOT No
APPCODE
APPDATA
EEPROM
USERROW

Flash Read/Write Protection

In addition to the inter-section write protection, the NVMCTRL provides a security mechanism to avoid unwanted access to the Flash memory sections. Even if the CPU can never write to the BOOT section, a Boot Section Read Protection (BOOTRP) bit in the Control B (NVMCTRL.CTRLB) register is provided to prevent the read and execution of code from the BOOT section. This bit can be set only from the code executed in the BOOT section and has effect only when leaving the BOOT section.

The three write protection bits (EEWP, APPDATAWP and APPCODEWP) in the Control B (NVMCTRL.CTRLB) register can be set to prevent writes respectively to the EEPROM or the APPDATA or APPCODE sections.