The certified configuration is the following:
• RDP level 2 with password capability
• Two firmware images
• Two slots per firmware image
• Image upgrade in overwrite mode
• Hardware‑accelerated cryptography enabled
• RSA 2048 asymmetric crypto scheme
• Image encryption in AES-CTR 128 mode enabled
• Internal Anti-tamper
• Standalone external loader capability
• Application RoT partition disabled
The option bytes configuration for the certified configuration is the following:
• RDP level 2
• SECBOOTADD0 = 0x180080 (0x0c004000 address)
• NSBOOTADD0 = SECBOOTADD0
• NSBOOTADD1 = SECBOOTADD0
• BOOT_LOCK set
• SECWM1 enabled, with SECWM1_PSTRT = 0 (0x08000000 address) and SECWM1_PEND = 0x28
(0x08050000 address)
• HDP1 enabled, with HDP1_PEND = 0xa (0x0c015fff address)
• WRP1A enabled, with WRP1A_PSTRT = 0x1 (0x08002000 address) and WRP1A_END = 0xb
(0x08016000 address), and WRP1A locked (UNLOCK_1A unchecked)
• SECWM2 disabled
• HDP2 disabled
• WRP2A enabled with WRP2A_PSTRT = 0x1 (0x08002000 address) and WRP1A_END = 0xb
(0x08016000 address)
The Flash memory layout for the certified configuration is shown in Figure 1.
Figure 1. Flash memory layout for certified configuration
UM2852
Secure installation
UM2852 - Rev 1
page 8/27
To Next Page
Loading...
Need help?
General
