19.8 Security Enforcement

Security enforcement aims at protecting intellectual property, it consists of the following:

• Restricting access to access ports, depending on the debugger access level.
• Restricting access to internal memories from external tools, depending on the debugger access level.

The security at the Debug Access Port x level is enforced by setting the Debugger Access Level x bits in the DAL register (DAL.CPUx) to a value lower than 0x2. The DAL.CPUx setting can be elevated using Boot ROM commands depending on the Boot ROM user configuration. For additional information, refer to the chip-erase and challenge/response features given in the Boot ROM chapter. When DAL.CPU0 is equal to 0, read/write accesses using the MEM-AP0 are limited to the DSU external address range and DSU commands are restricted. When issuing a (Host) Boot ROM Chip-Erase, sensitive Host information is erased from volatile memory and Flash. For additional information about the (Host) Boot ROM features, such as the chip-erase, refer to the Boot ROM chapter.

The DSU implements an internal bus matrix which routes all AHB-AP0 accesses directed to the DSU address space directly to the DSU APB interface. Other access are routed to the CPU0 debug port as shown in the block diagram.

The DSU also implements a Debug Authentication module that controls the AP and CPU debug feature depending on the CPU’s DAL level.

The DSU APB interface address space is divided as follows:

• The first 0x100 bytes form the internal address range
• The next 0x1F00 bytes form the external address range

Transactions initiated by a debug adapter are denoted as external transactions. All transactions directed to the CPU0 bus system go through the DSU Bus Matrix (BMX):

• Allows access to the full address space when DAL > 0
• Restricts accesses to the DSU external space when DAL = 0

Some features not activated by APB transactions are not available when the device is protected: