2.4 Prevention of Non-Secure Region against Software Attacks

During device startup, the secure application calculates a unique identifier (digest) for the Non-Secure firmware and stores it in secure memory (Secure Data Flash). A periodic verification is necessary to ensure the integrity of the Non-Secure firmware. A timer will check the firmware authenticity at specific time intervals.

If malware or unauthorized code is injected into the Non-Secure application, the calculated digest of the updated firmware will not match the expected digest of the genuine Non-Secure application. As a result, the secure application will restore the original copy from the secured memory to the Non-Secure Flash region, preventing system downtime.