4.1 Programming and Debugging Interface Disable (PDID)
PDID is enabled using the ICSPDIS Configuration bit, which allows the user to permanently disable the ICSP interface. This results in the microcontroller being permanently locked down from ICSP access, and it also inhibits the Bulk Erase operations on the microcontroller.
Once the PDID feature is activated, i.e., ICSPDIS has been
programmed to 0:
- The data stored in the microcontroller’s memory sections cannot be accessed using a programmer and debug tool through the ICSP interface.
- The microcontroller cannot be reprogrammed or erased again using a programmer and debug tool through the ICSP interface.
- A programmer and debug tool cannot switch the microcontroller from operating in Debug mode to Production mode through the ICSP interface.
Once the ICSPDIS bit is enabled, it cannot be disabled even through a Bulk Erase operation, and the ICSP interface is permanently disabled.
To offer the highest level of security while using the PDID feature, it is important to configure the code protection settings of the respective memory sections through the respective Configuration bits (see Table 3-2). This will ensure that external read commands through the ICSP interface cannot occur, regardless of the ICSPEN register configuration.
The PDID feature is intended to make the microcontroller One-Time Programmable (OTP) through the ICSP interface. This feature protects the microcontroller from external threats, thereby minimizing the risk of unauthorized access to the microcontroller’s memory and the user’s proprietary application firmware and data in security-related applications. The PDID feature also provides an additional level of security for MCU devices that are part of a larger subsystem, allowing users to lock down the ICSP interface and ensure that malicious attempts on a larger system are not possible through the 8-bit PIC microcontroller in that design.