Security Features

Flash OTP by ICSP Write Inhibit
On-Chip Secure Boot Flash Configurable as an Immutable Root-of-Trust
- Parts of the Flash memory can be configured as OTP
Capable of
- Secure boot support: Validation of host code image and host code signature validation
- Secure update support for host code: Secure encryption key storage and image decryption
- X.509 certification storage, parsing, validation and revocation, supporting both ECC and RSA
128-bit Unique Device Serial Number for Identification (UUID)
Support for Secure Use Cases:
- Secure boot
- Key Storage in IRT/Immutable secure boot region for realizing:
  - Secure boot
  - Secure firmware update
  - Secure debug
- Secure debugging
Flash Protection
- Configuration of up to eight Flash protection regions across ranges of Flash addresses
- Regions can be configured as
  - Immutable Root-of-Trust (IRT)
  - OTP region
  - A combination of R/W/X protections.
- Regions can be
  - Made permanent
  - Locked until device Reset
  - Enabled/disabled during code execution
- Flash protection regions can apply to
  - The active partition
  - The inactive partition
  - Both