RM0453 Rev 2 77/1454
RM0453 Global security controller (GTZC)
96
3 Global security controller (GTZC)
3.1 GTZC introduction
This section includes the description of the two following sub-blocks:
• TZSC: security controller
This sub-block defines the secure/privileged state of slave peripherals. It also controls
the unprivileged area size for the watermark memory peripheral controller (MPCWM).
• TZIC: security illegal access controller
This sub-block gathers all illegal access events in the system and generates a secure
interrupt towards the secure CPU2 NVIC.
These sub-blocks are used to configure system security and privilege such as:
• on-chip Flash memory and RAM with programmable secure or privilege or both areas
• AHB and APB peripherals with programmable security and/or privileged access
3.2 GTZC main features
• TZIC accessible only with secure privileged transactions
When the system is non-secure (ESE = 0), TZIC is not accessible.
• Secure and non-secure access supported for privileged and unprivileged part of TZSC
• Set of registers to define product security settings:
– Privileged watermark for internal memories
– Secure and privileged access mode for securable peripherals
Note: Security and privileged are only available when the system is secure (ESE = 1).
3.3 GTZC security system architecture
The STM32WL5x supports security model with isolation between the two following worlds:
• a secure world, where usually security sensitive applications are run and critical
resources are located
• a non-secure or public world (such as usual non secure and user space) where non-
secure transactions are used
AHB and APB peripherals can be categorized as:
• Secure: peripherals always protected by an AHB/APB firewall stub. These peripherals
are always secure (example TZIC).
• Securable: peripherals protected by a programmable AHB/APB firewall stub that is
controlled from TZSC to define security and privileged properties (example AES)
• Non-secure and unprivileged: peripherals connected directly to AHB/APB
interconnect without any secure gate
• Security-aware: peripherals connected directly to AHB/APB interconnect and
implementing a specific security behavior (such as a subset of registers being secure,
example DMA)
To Next Page
Loading...
Need help?
General
