Spansion Advsectprot AN

Spansion Advsectprot AN
Spansion Advanced Sector Protection
Application Note
Introduction
This document describes the implementation of the Advanced Sector Protection in Spansion flash memory devices. Advanced Sector Protection offers designers multiple levels of sector protection to satisfy a variety of
security and design needs. It protects the memory from erroneous codes, accidentally corrupting vital code and
data. It also prevents hackers from corrupting the network by programming malicious viruses into the memory.
Advanced Sector Protection
Persistent
Sector
Protection
WP # Pin
Password Sector
Protection
SecSi Sector
Increasing Security
Advanced Sector Protection features several levels of sector protection. The scheme is divided into two parts. The
Persistent Sector Protection method replaces the 12 V, or VID, applied on the RESET# pin to initiate sector protect
and unprotect. The Password Sector Protection method is a one-time programmable scheme where a 64-bit Password has to be entered for any subsequent programming of a sector. Spansion flash memory devices also have
other types of sector protection such as SecSi sector, WP# pin and Standard Security.
Standard Security
Figure 1.
Spansion Sector Protection
Selecting a Sector Protection Mode
All Spansion devices with Advanced Sector Protection default to the Persistent Sector Protection mode. The customer has to make a selection between Persistent and Password Protection. If the customer decides to continue
using the Persistent Sector Protection method, they must set the Persistent Sector Protection Mode Locking Bit.
This will permanently set the part to operate only in Persistent Sector Protection. If they want to use the Password
Protection mode, they have to set the Password Mode Locking Bit. This will set the part permanently only in Password Sector Protection. It is not possible to switch between the two methods once a locking bit has been set. It
is important that one mode is clearly selected when the device is first programmed.
The device is shipped with all sectors unprotected. It is possible to determine whether a sector is protected or
unprotected by reading sector lock status through Autoselect Command Sequence.
Publication Number Spansion_Advsectprot_AN
Revision A
Amendment 0
Issue Date September 16, 2005
This document contains information on one or more products under development at Spansion LLC. The information is intended to help you evaluate this product. Do not
design in this product without contacting the factory. Spansion LLC reserves the right to change or discontinue work on this proposed product without notice.
Persistent Sector Protection
The Persistent Sector Protection method is implemented on a flash memories internal state machine. It replaces
the 12 V controlled protection method while at the same time enhancing flexibility by providing three different
sector protection states: Persistently Locked, Dynamically Locked, and Unlocked.
The security bits to be manipulated to achieve these states include the Persistent Protection Bit (PPB), Persistent
Protection Lock Bit (PPB Lock Bit), and Dynamic Protection Bit (DYB). PPB bits are non-volatile bits that are assigned to each sector or each sector group. The PPB Lock Bit globally locks all PPB bits when it is set with only
one PPB Lock Bit per device. The DYB bits are volatile bits with one assigned to each sector or each sector group.
Table 1. Sector Protection Scheme
Protection States
Sector State
DYB Bit
PPB Bit
PPB Lock Bit
Unprotect
Unprotect
Unfreeze
Unprotected – PPB and DYB are changeable
Unprotect
Unprotect
Freeze
Unprotected – PPB not changeable, DYB is changeable
Unprotect
Protect
Unfreeze
Protected – PPB and DYB are changeable
Unprotect
Protect
Freeze
Protected – PPB not changeable, DYB is changeable
Protect
Unprotect
Unfreeze
Protected – PPB and DYB are changeable
Protect
Unprotect
Freeze
Protected – PPB not changeable, DYB is changeable
Protect
Protect
Unfreeze
Protected – PPB and DYB are changeable
Protect
Protect
Freeze
Protected – PPB not changeable, DYB is changeable
Table 1 contains all possible combinations of the DYB, PPB, and PPB Lock relating to the status of the sector. If
the PPB is set, and the PPB Lock is set, the sector is protected and the protection can not be removed until the
next power cycle clears the PPB Lock. If the PPB is cleared, the sector can be dynamically locked or unlocked. The
DYB bit can be set through the DYB Write Command.
DYB bits are cleared upon power up or hardware reset. Therefore sectors are not protected during power up. PPB
Lock bit is cleared upon power up or hardware reset when the device is permanently set to persistent mode.
By default, the Persistent Sector Protection method is always used. To set the device to Persistent Sector Protection permanently, the Persistent Sector Protection Mode Locking Bit must be set. It is not possible to switch to the
Password Sector Protection method once the Persistent Sector Protection Locking Bit is set.
2
Spansion Advanced Sector Protection
Spansion_Advsectprot_AN_A0 September 16, 2005
Set Permanent
Persistent Mode
Read PPB Bits
Pre-PGM PPB Bits
Issue Hardware
Reset to Modify
the PPB Bit
All PPB Erase
PGM PPB Bit
Finished/Modified PPB
PPB Lock Set
Figure 2.
Setting Protection Bit in Persistent Mode
Sectors are protected by
Dynamic "OR" Persistent Bit
Persistent
Lock
Sectors (Size in Kbytes)
DYB Bits
N
N+1
N+2
N+3
N+4
N+5
N+6
N+7
U
U
U
U
U
U
U
U
PPB Bits
U
PYB Bits
U
U
U
U
U
U
U
U
U=Unlock
L=Lock
WP# Pin
Protects Two
Outermost
Boot Sectors
Figure 3.
September 16, 2005 Spansion_Advsectprot_AN_A0
Persistent Sector Protection Mode
Spansion Advanced Sector Protection
3
Password Sector Protection
The Password Sector Protection is also implemented on a state machine. The Password Sector Protection method
allows an even higher level of security than the Persistent Sector Protection method. The Password Sector Protection method is similar to Persistent Protection except a 64-bit password is added in this method. The Password
Sector Protection has four security bits. They are Persistent Protection Bit, Persistent Protection Bit Lock, Dynamic
Protection Bit and Password Protection Mode Lock Bit.
The password is stored in a one-time programmable (OTP) region outside of the flash memory. To set the device
to Password Protection Mode permanently, the Password Protection Mode Lock Bit must be set. Once set, the password is permanently set with no means to read, program, or erase it. Also, it is not possible to switch to the
Persistent Sector Protection method once the Password Protection Mode Lock Bit is set.
The 64-bit password is located in its own memory space and is accessible through the use of the Password Program and Password Read commands. The password function works in conjunction with the Password Protection
Mode Lock Bit, which when programmed, prevents the Password Read command from reading the contents of the
password.
The password is used to clear and unfreeze the PPB Lock Bit. The Password Unlock command must be written to
the flash, along with a password. The flash device internally compares the given password with the pre-programmed password. If they match, the PPB Lock Bit is cleared to the “unfrozen state”, and the PPB bits can be
altered. If they do not match, the flash device does nothing. There is a built-in 1 µs delay for each “password
check” in password sector protection mode. This delay is intended to thwart any efforts to run a program that
tries all possible combinations in order to crack the password.
4
Spansion Advanced Sector Protection
Spansion_Advsectprot_AN_A0 September 16, 2005
Table 2.
Password Protection Command Set Definition (x16)
C
y
c
First
l
e
s Addr Data
Password
Command
Bus Cycles
Second
Third
Addr
Data
Addr
Data
555
60
Fourth
Addr
Data
Password Protection Command Set Entry
3
555
AA
2AA
55
Password Program
2
XXX
A0
PWA
X
PWD
X
Password Read
4
XXX
PWD
0
01
PWD
1
02
PWD
2
03
PWD
3
00
25
00
03
00
7
PWD
0
01
Password Unlock
PWD
1
00
29
XXX
90
XXX
00
Password Protection Command Set Exit
2
Fifth
Sixth
Addr
Data
Addr
Data
02
PWD
2
03
PWD
3
PPB
Non-Volatile Sector Protection Command Set Definitions
Non-Volatile Sector Protection Command
Set Entry
3
555
AA
2AA
55
PPB Program
2
XXX
A0
SA
00
All PPB Erase
2
XXX
80
00
30
PPB Status Read
1
SA
RD
(0)
Non-Volatile Sector Protection Command
Set Exit
2
XXX
90
XXX
00
555
C0
PPB Lock Bit
Global Volatile Sector Protection Freeze Command Set Definitions
Global Volatile Sector Protection Freeze
Command Set Entry
3
555
AA
2AA
55
PPB Lock Bit Set
2
XXX
A0
XXX
00
PPB Lock Status Read
1
XXX
RD
(0)
Global Volatile Sector Protection Freeze
Command Set Exit
2
XXX
90
XXX
00
555
50
DYB
Volatile Sector Protection Command Set Definitions
Volatile Sector Protection Command Set
Entry
3
555
AA
2AA
55
DYB Set
2
XXX
A0
SA
00
DYB Clear
2
XXX
A0
SA
01
DYB Status Read
1
SA
RD
(0)
Volatile Sector Protection Command Set
Exit
2
XXX
90
XXX
00
September 16, 2005 Spansion_Advsectprot_AN_A0
555
E0
Spansion Advanced Sector Protection
5
Sectors are protected by
Dynamic bit “ OR ” Persist. bit
Persist. Lock
Password
L
Sectors (Size in Kbytes) DYB Bits
N
L
N+1
L
N+2
L
N+3
L
N+4
U
N+5
L
U
N+6
L
N+7
PP B Bits
L
L
L
U
U
L
U
U
±
1
U=Unlock
L=Lock
Password Level Protection
Requires 64 -bit valid Password to unlock
Figure 4.
Password Sector Protection
Persistent Sector
Protection in
Password Mode
Password Unlock
Read PPB Bit
Hardware Reset
to Modify PPB Bits
Pre-PGM PPB Bit
All PPB Erase
PGM PPB Bit
Finished/Modified
PPB
PPB Lock Set
Figure 5.
6
Persistent Sector Protection in Password Mode
Spansion Advanced Sector Protection
Spansion_Advsectprot_AN_A0 September 16, 2005
It is recommended that if the user wanted to modify the states of the PPB bits they must read all the PPB bits and
shadow the content into RAM. Now the user can Pre-PGM all unprotected PPB bit to the protected state. Once the
Pre-PGM of the PPB bits are completed then the user can issue the All PPB erase command to erase all the PPB
bits into the unprotected state. The user the can copy back the content from RAM to program the necessary PPB
bits the user choose to protect.
Steps to Set into Password Sector Protection
To choose the Password Sector Protection method, the customer must first program the password. It is recommended that the password be somehow correlated to the unique Electronic Serial Number (ESN) of the particular
flash device. Each ESN is different for every flash device; therefore each password should be different for every
flash device. While programming in the password region, the customer may perform Password Read operations.
The flash device compares the password. If they match, the device is set to Password Mode permanently by programming the Password Protection Mode Lock Bit in the Lock Register.
Enter Password Protection
Command Set
Password Program
Password Verify
Fail
Pass
Exit Password Protection
Command Set
Enter Lock Register
Command Set
Program Password Protection
Mode Lock Bit
Permanently
Exit Lock Register
Command Set
Figure 6. Set Password Sector Protection
September 16, 2005 Spansion_Advsectprot_AN_A0
Spansion Advanced Sector Protection
7
Other Security Features
Secured Silicon Sector
Spansion's Sector Protection also includes the Secured Silicon sector which can be programmed permanently with
an Electronic Serial Number (ESN) to defend against cloning and signal theft. The Secured Silicon Sector is 256
bytes in length, and uses a Secured Silicon Sector Indicator Bit (DQ7) to indicate whether or not the Secured
Silicon Sector is locked when shipped from the factory.
Write Protect (WP#)
The Write Protect pin provides a hardware method of protecting the first or last sector group without using high
voltage (VID). It adds a final level of hardware protection that could override the choices made while setting up
sector protection during system initialization. When this pin is low it is not possible to change the contents of the
WP# protected sectors. These sectors generally hold system boot code. So, the WP# pin can prevent any changes
to the boot code.
Standard Security
The Standard Security is the basic protection against system noise, voltage glitches, inadvertent writes, and erroneous code.
Conclusion
Spansion's Advanced Sector Protection is the best defense against security threats. It gives customers total control over system security. In addition, it operates at VCC level, thereby lowering power consumption and reducing
the design time.
8
Spansion Advanced Sector Protection
Spansion_Advsectprot_AN_A0 September 16, 2005
Revision History
Revision A0 (September 16, 2005)
Initial Release.
Colophon
The products described in this document are designed, developed and manufactured as contemplated for general use, including without limitation, ordinary
industrial use, general office use, personal use, and household use, but are not designed, developed and manufactured as contemplated (1) for any use that
includes fatal risks or dangers that, unless extremely high safety is secured, could have a serious effect to the public, and could lead directly to death, personal
injury, severe physical damage or other loss (i.e., nuclear reaction control in nuclear facility, aircraft flight control, air traffic control, mass transport control,
medical life support system, missile launch control in weapon system), or (2) for any use where chance of failure is intolerable (i.e., submersible repeater and
artificial satellite). Please note that Spansion will not be liable to you and/or any third party for any claims or damages arising in connection with above-mentioned uses of the products. Any semiconductor devices have an inherent chance of failure. You must protect against injury, damage or loss from such failures
by incorporating safety design measures into your facility and equipment such as redundancy, fire protection, and prevention of over-current levels and other
abnormal operating conditions. If any products described in this document represent goods or technologies subject to certain restrictions on export under
the Foreign Exchange and Foreign Trade Law of Japan, the US Export Administration Regulations or the applicable laws of any other country, the prior authorization by the respective government entity will be required for export of those products.
Trademarks and Notice
The contents of this document are subject to change without notice. This document may contain information on a Spansion product under development by
Spansion LLC. Spansion LLC reserves the right to change or discontinue work on any product without notice. The information in this document is provided
as is without warranty or guarantee of any kind as to its accuracy, completeness, operability, fitness for particular purpose, merchantability, non-infringement
of third-party rights, or any other warranty, express, implied, or statutory. Spansion LLC assumes no liability for any damages of any kind arising out of the
use of the information in this document.
Copyright © 2004 Spansion LLC.
All rights reserved. Spansion, the Spansion logo, MirrorBit, combinations thereof, and ExpressFlash are trademarks of Spansion LLC. Other company and
product names used in this publication are for identification purposes only and may be trademarks of their respective companies.
September 16, 2005 Spansion_Advsectprot_AN_A0
Spansion Advanced Sector Protection
9
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement