mc9s12hz256v2 Freescale Semiconductor, Inc, mc9s12hz256v2 Datasheet - Page 665

mc9s12hz256v2

Manufacturer Part Number

mc9s12hz256v2

Description

Hcs12 Microcontrollers

Manufacturer

Freescale Semiconductor, Inc

Datasheet

1.MC9S12HZ256V2.pdf (692 pages)

Current page: 665 of 692
Download datasheet (4Mb)

E.2

The ROM module provides the necessary security information to the rest of the chip. After each reset, the

ROM module determines the security state of the microcontroller as deﬁned in section

“ROM Options Register

If the NVM Options byte at 0xFF0F in the NVM Options Field is in secure state, any reset will cause the

microcontroller to return to the secure operating mode

E.2.1

Security is engaged or disengaged based on the state of two non-volatile register bits (SEC1:SEC0) in the

ROPT register. During reset, the contents of the non-volatile location NVOPT are copied from ROM into

the working ROPT register in high-page register space.

A user engages security by deﬁning the security bits in the NVOPT location to select security enabled. This

data is included along with the ROM program and data ﬁle which is delivered when ordering a ROM

device. The SEC1=1:SEC0=0 state disengages security while the other three combinations engage

security.

In a similar manner the user can choose to allow or disallow a security unlocking mechanism through an

8-byte backdoor security key. There is no way to disable security unless the non-volatile

KEYEN1:KEYEN0 bits in NVOPT/ROPT are set to 1:0.

E.2.2

Provided that the key access is permitted, security can be disabled by the backdoor access sequence

described below:

The security key can be written only from a secure memory, so it cannot be entered through background

commands without the cooperation of a secure user program.

Freescale Semiconductor

1. Writing 1 to KEYACC in the RCNFG register. This causes the ROM control logic to interpret

2. Writing the correct four 16-bit key values to addresses NVBACKKEY through NVBACKKEY+7

3. Writing 0 to KEYACC in the RCNFG register. If the 8-byte key that was just written matches the

writes to the backdoor comparison key locations (NVBACKKEY through NVBACKKEY+7) as

values to be compared against the key rather than as writes to ROM locations.

locations. These writes must be done in order starting with the value for NVBACKKEY and ending

with NVBACKKEY+7. User software normally would get the key codes from outside the MCU

system through a communication interface such as a serial I/O.

key stored in the backdoor comparison key locations, SEC1:SEC0 in the ROPT register are

automatically changed to 10 and security will be disengaged until the next POR.

ROM Security

Security and Backdoor Key Access deﬁnition

Unsecuring the MCU using the Backdoor Key Access

The backdoor key is also used to protect access to internal product analysis

features. No product analysis will be possible on a secured ROM if

backdoor key access is disabled or keywords are invalid.

(ROPT)”.

MC9S12HZ256 Data Sheet, Rev. 2.05

NOTE

Appendix E ROM Description

Section E.1.1,

665

mc9s12hz256v2 Freescale Semiconductor, Inc, mc9s12hz256v2 Datasheet - Page 665

mc9s12hz256v2

Related parts for mc9s12hz256v2