41.4.7.5 Security and Safety Analysis and Reports

Several types of checks are performed when the AESB is enabled.

The peripheral clock of the AESB is monitored by specific circuitry to detect abnormal waveforms on the internal clock net that may affect the behavior of the AESB. Corruption on the triggering edge of the clock or a pulse with a minimum duration may be identified. If the flag AESB_WPSR.CGD is set, an abnormal condition occurred on the peripheral clock. This flag is not set under normal operating conditions.

The internal sequencer of the AESB is also monitored and if an abnormal state is detected, the flag AESB_WPSR.SEQE is set. This flag is not set under normal operating conditions.

The software accesses to the AESB are monitored and if an incorrect access is performed, the flag AESB_WPSR.SWE is set. The type of incorrect/abnormal software access is reported in AESB_WPSR.SWETYP (see AESB Write Protection Status Register for details). e.g., writing AESB_ODATARx is an error, as well as reading AESB_IDATARx, when the AESB_ISR.DATRDY flag is cleared. AESB_WPSR.ECLASS is an indicator reporting the criticality of the SWETYP report.

The flags CGD, SEQE, SWE and WPVS are automatically cleared when AESB_WPSR is read.

If one of these flags is set, the flag AESB_ISR.SECE is set and can trigger an interrupt if AESB_IMR.SECE is ‘1’. SECE is cleared by reading AESB_ISR.

It is possible to configure an action to be performed by AESB as soon as an abnormal event detection occurs. If AESB_WPMR.ACTION > 0, either a lock is performed or a lock and immediate clear of the AESB_KEYWRx key. If a lock is performed, the current processing is ended normally but any new processing is not performed whatever the start mode of operation (see AESB_MR.SMOD).

A locked state of the AESB is unlocked as follows:

  1. Read AESB_WPSR.
  2. Disable the source of tamper if the tamper is enabled to perform a clear of the key.
  3. Write a ‘1’ to AESB_CR.UNLOCK.

It is possible to select the type of event that will lock the AESB in case of abnormal event detection. See AESB_WPMR.ACTION for details.

If AESB_MR.TMPCLR=1 and the tamper pin is active, the AESB is locked.