2.7 Code Protection and Secured Device
There are two protection mechanisms in the PIC32CX-BZ6 devices. One is code protection and the other is secured device and are described as follows:
- When the code protection is enabled, the device is locked from programming and debugging. Only chip erase can retrieve the device to normal programming and debugging condition.
- DEBUG_LCK bits in the SECCFG register in the root
of trust determines if the device is locked for
debug. If the DEBUG_LCK bits are non-zero, the
device is a secured device. Securing of the device
implies:
- If the secure boot key is non-zero, DFU code authentication is mandatory. Otherwise, authentication is not required.
- The debug features of the device are not available.
- Device programming through SWD is available. The debugger can be plugged in only through the cold-plugging procedure. The hot plugging feature is not available. (Refer to the DSU section of device data sheet for cold and hot plugging.)
- The DEBUG_LCK bits are in eFuse (one time programmable memory); therefore, once locked, the device is permanently locked for debug, unlike the code protection mechanism, which can be cleared on a chip erase.