Hi All, I am attempting to secure the microcontroller and thus prevent it from being accessed via the BDM. I have two reference documents that were recommended by motorolla, being AN2400.pdf and S12FTS256KV2.pdf. I have figured out that I have to change the security state bytes of the micro SEC[1:0] located at what is called the flash security register - FSEC. FSEC is located at 0xFF0F currently the FSEC is equal to 0xFE. I have to make the security state bytes (least significant bits) equal to 00, 01 or 11. If FSEC is readable but not writable. How then are you able to set the security mode to secured? I would greatly appreciate any help on this one. Sincere Regards, John Pititto. |
|
Securing HCS12 with Codewarrior
Started by ●November 25, 2003
Reply by ●November 25, 20032003-11-25
At 08:00 PM 11/24/2003, John Pititto wrote: >Hi All, > >I am attempting to secure the microcontroller and thus prevent it >from being accessed via the BDM. I have two reference documents that >were recommended by motorolla, being AN2400.pdf and S12FTS256KV2.pdf. > >I have figured out that I have to change the security state bytes of >the micro SEC[1:0] located at what is called the flash security >register - FSEC. FSEC is located at 0xFF0F currently the FSEC is >equal to 0xFE. I have to make the security state bytes (least >significant bits) equal to 00, 01 or 11. > >If FSEC is readable but not writable. How then are you able to set >the security mode to secured? FSEC is loaded from the security byte at 0xFF0F in flash on reset. You program the security byte in flash by the usual flash programming method. At the next MCU reset FSEC is loaded from this byte, and BDM will be useful only in Special Single Chip mode unless you have set up a backdoor key and enabled it. In Special Single Chip mode, you can execute the 27-step un-securing process described in AN2400/D and that's about all. (That's what all the un-securing utilities do.) Note that some of the latest documentation says that the backdoor key cannot be all 0 or all 1. See also the sections "Background Debug Mode" and "Flash Security" of the Motorola flash documentation for your part. >I would greatly appreciate any help on this one. > >Sincere Regards, > >John Pititto. ************************************************************************* Steve Russell mailto: Senior Software Design Engineer http://www.nohau.com Nohau Corporation phone: (408)866-1820 ext. 1873 51 East Campbell Avenue fax: (408)378-7869 Campbell, CA 95008 ************************************************************************* |
Reply by ●November 25, 20032003-11-25
Hi John. I will invite you to read through specs and application notes for details about security and backdoor keys. On a practical side, security bytes should be flashed "by your project". 2 possibilities: -in your .c source file: const unsigned char securitybyte @0xFF0F = 0x00; Or define your security byte directly in your .PRM file, like this: VECTOR ADDRESS 0xFF0E 0xFF00 /* set $FF at address $FF0E at and $00 at address $FF0F */ Note that the last solution is not that perfect, as the VECTOR keyword will always define words (as it's an address). Regards, Gilles At 05:00 AM 11/25/2003, you wrote: >Hi All, > >I am attempting to secure the microcontroller and thus prevent it >from being accessed via the BDM. I have two reference documents that >were recommended by motorolla, being AN2400.pdf and S12FTS256KV2.pdf. > >I have figured out that I have to change the security state bytes of >the micro SEC[1:0] located at what is called the flash security >register - FSEC. FSEC is located at 0xFF0F currently the FSEC is >equal to 0xFE. I have to make the security state bytes (least >significant bits) equal to 00, 01 or 11. > >If FSEC is readable but not writable. How then are you able to set >the security mode to secured? > >I would greatly appreciate any help on this one. > >Sincere Regards, > >John Pititto. > >-------------------- > >">http://docs.yahoo.com/info/terms/ |
|
Reply by ●November 25, 20032003-11-25
Thanks Gents, I can secure my micro, however, this has seemed to disable the ability to write to EEPROM? Do i have to use the backdoor key everytime i wish to write to Flash? Kind Regards, John Pititto. --- In , Gilles Blanquin <gblanquin@m...> wrote: > > Hi John. > > I will invite you to read through specs and application notes for details > about security and backdoor keys. > > On a practical side, security bytes should be flashed "by your project". > > 2 possibilities: > > -in your .c source file: > > const unsigned char securitybyte @0xFF0F = 0x00; > Or define your security byte directly in your .PRM file, like this: > > VECTOR ADDRESS 0xFF0E 0xFF00 /* set $FF at address $FF0E at and $00 at > address $FF0F */ > > Note that the last solution is not that perfect, as the VECTOR keyword will > always define words (as it's an address). > > Regards, > Gilles > At 05:00 AM 11/25/2003, you wrote: > >Hi All, > > > >I am attempting to secure the microcontroller and thus prevent it > >from being accessed via the BDM. I have two reference documents that > >were recommended by motorolla, being AN2400.pdf and S12FTS256KV2.pdf. > > > >I have figured out that I have to change the security state bytes of > >the micro SEC[1:0] located at what is called the flash security > >register - FSEC. FSEC is located at 0xFF0F currently the FSEC is > >equal to 0xFE. I have to make the security state bytes (least > >significant bits) equal to 00, 01 or 11. > > > >If FSEC is readable but not writable. How then are you able to set > >the security mode to secured? > > > >I would greatly appreciate any help on this one. > > > >Sincere Regards, > > > >John Pititto. > > > > > > > >-------------------- > > > > > > > >">http://docs.yahoo.com/info/terms/ |