11.3.1.1.3 Flash Access Protections

Inter-Section Write Protection

For security reasons, it is impossible to write to the section of Flash from which the code is currently executing. Code writing to the APPCODE section must execute from the BOOT section, and code writing to the APPDATA section must execute from either the BOOT section or the APPCODE section.

Table 11-3. Write Protection for Self-Programming
Program Execution SectionSection Being AddressedProgramming Allowed?
BOOTBOOTNo
APPCODEYes
APPDATA
EEPROM
USERROW
BOOTROWYes
APPCODEBOOTNo
APPCODE
APPDATAYes
EEPROM
USERROW
BOOTROWNo
APPDATABOOTNo
APPCODE
APPDATA
EEPROM
USERROW
BOOTROWNo

Flash Read/Write Protection

In addition to the inter-section write protection, the NVMCTRL provides a security mechanism to avoid unwanted access to the Flash memory sections. Even if the CPU can never write to the BOOT section, a Boot Section Read Protection (BOOTRP) bit in the Control B (NVMCTRL.CTRLB) register is provided to prevent the read and execution of code from the BOOT section. This bit can be set only from the code executed in the BOOT section and has an effect only when leaving the BOOT section.

The three write protection bits (EEWP, APPDATAWP and APPCODEWP) in the Control B (NVMCTRL.CTRLB) register can be set to prevent writes respectively to the EEPROM or the APPDATA or APPCODE sections.