Tamper Detection Flags

Tamper-detection flags (FLAGS[31:0]) inform the user about tampering activity. Each tamper event is signaled over a dedicated wire to the fabric. On receiving the tamper detection flags, the user can choose to use the appropriate tamper response (see Tamper Response) or ignore/clear the flags. Tamper events can only be cleared by asserting the associated fabric clear signal or a system reset.

In the event of a fatal tamper event, the user design is powered down and an automatic POR is executed. The shutdown sequence guarantees a minimum of 10 µs after the tamper alarm fires before the shutdown begins, allowing the user design to perform internal clean up tasks. The system services may not be used during this time.

The following table lists and describes the tamper detection flags.

Note: The tamper flags FLAGS[31:13] are generated by system controller and these flags are not available when the System Controller is put into suspend mode.
Table 1. Tamper Detection Flags
Flags[31:0] Flag Description
0 JTAG_ACTIVE This flag is asserted whenever the JTAG port is active, that is, the JTAG TAP controller enters the Run-Test-Idle state.
1 MESH_ERROR This flag is asserted whenever the active security mesh observes a mismatch between the actual metal mesh output and the expected output. This allows protection against invasive attacks, such as cutting and probing of traces using focused ion beam (FIB) technology with an active metal mesh on one of the higher metal layers.
2 CLOCK_MONITOR_GLITCH This flag is asserted whenever the clock glitch monitor detects a pulse width violation.
3 CLOCK_MONITOR_FREQUENCY This flag is asserted whenever the clock frequency monitor observes a frequency mismatch between the 160 MHz and 2 MHz RC oscillators.
4 LOW_1P05 This flag is asserted when the 1.05 V supply (VDD) is below the low threshold of the System Controller 1.05 V detector. The tamper event is continuously generated until the supply returns to a level above the low threshold. This condition is also used during device programming to initiate shutdown procedures to protect the device programming circuits and integrity of the device NVM.
5 HIGH_1P8 This flag is asserted when the 1.8 V supply (VDD18) is above the high threshold of the System Controller 1.8 V detector. The tamper event is continuously generated until the supply returns to a level below the high threshold.
6 HIGH_2P5 This flag is asserted when the 2.5 V supply (VDD25) is above the high threshold of the System Controller 2.5 V detector.

The tamper event is continuously generated until the supply returns to a level below the high threshold.

7 Reserved Reserved
8 SECDED This flag is asserted when a 2-bit error occurs in the System Controller's internal memory. This is a fatal condition which results in a POR.
9 SCB_BUS_ERROR This flag is asserted when an error has been detected on System Controller bus.
10 WATCHDOG This flag is asserted when the System Controller's watchdog reset is about to fire. This is a fatal condition that results in a POR.
11 LOCK_ERROR This flag is asserted when a single- or double-bit error is detected in the continuously-monitored security lock segments.
12 Reserved Reserved
13 DIGEST This flag is asserted when a requested digest check is failed.
14 INST_BUFFER_ACCESS The flag is asserted when read/write access is performed to system controller’s shared buffer using JTAG/SPI interface. The shared buffer holds the data requested by JTAG/SPI instructions.
15 INST_DEBUG This flag is asserted when debug instruction executed.
16 INST_CHECK_DIGESTS This flag is asserted when an external digest check has been requested.
17 INST_EC_SETUP This flag is asserted when elliptic curve slave instructions have been used.
18 INST_FACTORY_PRIVATE This flag is asserted when factory JTAG/SPI instruction is executed.
19 INST_KEY_VALIDATION This flag is asserted when key validation protocol is requested.
20 INST_MISC This flag is asserted when uncategorized SPI slave instruction executed.
21 INST_PASSCODE_MATCH This flag is asserted when an attempt has made to match a passcode.
22 INST_PASSCODE_SETUP This flag is asserted when the one-time-passcode protocol is initiated.
23 INST_PROGRAMMING This flag is asserted when an external programming instruction has been used.
24 INST_PUBLIC_INFO This flag is asserted when a request for device public information is issued.
25 Reserved Reserved
26 INST_PASSCODE_FAIL This flag is asserted when the passcode match fails.
27 INST_KEY_VALIDATION_FAIL This flag is asserted when the key validation fails.
28 INST_UNUSED This flag is asserted when the unused instruction opcode is executed.
29 BITSTREAM_AUTHENTICATION_FAIL This flag is asserted when the bitstream authentication fails.
30 IAP_AUTO_UPDATE This flag is set if an IAP update occurs (either by IAP system service or auto-update at device boot).
31 IAP_AUTO_RECOVERY This flag is set if the IAP recovery procedure occurs.