9.4.5 Access Control
When secure debug is enabled, external access is controlled by the EAA (IRTCTRL[0]) bit. This bit is only reset on a cold reset (POR or BOR). Only the IRT firmware can write to IRTCTRL unless the DBG (IRTCTRL[1]) bit is set.
- If JTAG is enabled, the boundary scan function is allowed while the device is locked.
- When EAA (IRTCTRL[0]) ==
‘
0’, the device is locked. All external access via debug and programming interfaces is disabled. - When EAA (IRTCTRL[0]) ==
‘
1’, debug and programming access is allowed. Unless the DBG (IRTCTRL[1]) bit == ‘1’, IRT Flash regions remain protected from external and debug access.- Security
considerations:
- A properly
timed reset during IRT firmware execution may leak
information in RAM and registers, which retain their state
through reset. So, when the EAA bit == ‘
1’, IRT firmware should not access symmetric (secret) or private operational keys if these need to be protected from external access when the device is unlocked.
- A properly
timed reset during IRT firmware execution may leak
information in RAM and registers, which retain their state
through reset. So, when the EAA bit == ‘
- Security
considerations: