3.2.3.1 Creating an IRT Region

To establish a secure, Immutable Root of Trust (IRT) region on dsPIC33A devices, one of the device’s Flash protection regions must be configured as an IRT region. Up to eight IRT regions can be defined, each controlled by a set of Special Function Registers (SFRs) and their associated configuration bits.

Each Flash protection region is defined by a set of region control registers, which consist of the following SFRs:

  • Control (PRnCTRL):
    • Sets the region’s properties and permissions, such as enabling/disabling the region, specifying the region type (IRT, OTP, FIRMWARE) and controlling allowed operations (read, write and execute).
  • Start Address (PRnST):
    • Specifies the starting address in Flash memory for the protected region.
  • End Address (PRnEND):
    • Specifies the ending address in Flash memory for the protected region.

The Reset values for these registers are set using the associated region descriptors in the device configuration bits:

  • FPRnCTRL
  • FPRnST
  • FPRnEND
Note: ‘n’ is the region number, 0-7.

The configuration bits are typically set in a C source file (commonly named config_bits.c) using the #pragma config directive. This ensures that the region is configured at device programming time and is immutable once the device is locked for production.

The following example creates an IRT region (region 0) starting at address 0x800000 and ending at 0x80CFFF, with execution and read enabled, and write disabled.

Example Region Configuration

// -------------- FPR0CTRL -------------- 
// Region protection disable bit: Protection is enabled
#pragma config FPR0CTRL_RDIS = OFF

// Error Report Address Only: ECC error reporting restricted to address only 
#pragma config FPR0CTRL_ERAO = ON 

// Execute permission: Code execution is enabled
#pragma config FPR0CTRL_EX = ON 

// Read permission: Read operation is enabled
#pragma config FPR0CTRL_RD = ON 

// Write permission: Write and erase operation is disabled
#pragma config FPR0CTRL_WR = OFF 

// CRC enable: NVM controller CRC calculation is enabled
#pragma config FPR0CTRL_CRC = ON 

// Region type: Immutable Root of Trust (IRT) region
#pragma config FPR0CTRL_RTYPE = IRT 

// Partition Select: Both panels 
#pragma config FPR0CTRL_PSEL = BOTH 

// -------------- FPR0ST --------------
// Region start address
#pragma config FPR0ST_START = 0x800000 

// -------------- FPR0END --------------
// Region end address
#pragma config FPR0END_END = 0x80CFFF
Table 3-4. Region Property Configuration Bits

Field

Description

FPRnCTRL_RDIS

Enables or disables region protection. This is a disable bit. Set to OFF to enable protection.

FPRnCTRL_ERAO

Restricts ECC error reporting to address only, enhancing security.

FPRnCTRL_EX

Enables/disables code execution from this region.

FPRnCTRL_RD

Enables/disables read access to this region.

FPRnCTRL_WR

Enables/disables write/erase access. Set to OFF for immutable regions.

FPRnCTRL_CRC

Enables CRC calculation for the region, improving integrity checking.

FPRnCTRL_RTYPE

Sets the region type. For IRT, select IRT.

FPRnCTRL_PSEL

Selects which Flash panels are protected (e.g., lower, upper or both).

FPRnST_START

Sets the start address of the region in Flash memory.

FPRnEND_END

Sets the end address of the region in Flash memory.

Example Region Configuration demonstrates a non-permanent IRT region. This is useful during development and allows users to program and erase the device without permanently locking it into a specific configuration. To make the IRT region truly permanent and immutable, additional steps are required. Refer to User Configuration Block (UCB) Lockdown and Region Security for details.