5 Appendix A: OTP Features for Secure Boot Mode

SAM9X60 MPUs include One-Time Programmable (OTP) memory, which is essential for implementing hardware-based security features. OTP memory provides 11 Kbytes of user area. This non-volatile storage area can be programmed once and then permanently locked, making it ideal for storing immutable data such as cryptographic keys, boot configurations or other customer-specific security parameters.

Unlike in Flash or EEPROM, data written to the OTP user area memory cannot be modified or erased, ensuring tamper resistance and reliability for security-sensitive applications. The SAM9X60 OTP user area is accessible through an OTP controller (OTPC) interface and can be managed to prevent accidental writes or unauthorized access.

The OTP user area is organized into packets, providing greater flexibility in size and security configuration.

Key features of OTPC include:

• Ability to lock individual packets (with checksum verification)
• Individual packet read/write access through the System bus
• Key packets read-only access through the Private Key bus
• Ability to hide individual packets (for packets with System bus access only)
• Individual packet sizes ranging from 32 to 8192 bits in 32-bit increments
• Individual packet invalidation

Typical use cases of OTP user area memory include:

• Standard and Secure Boot configurations storage
• Keying material storage
• Custom data storage