S12(X) MCU Security

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

S12(X) MCU Security

No ratings

S12(X) MCU Security

S12(X) MCU Secure:

There’s a security byte in the flash memory at address 0xFF0F that should be programmed appropriately.

Datasheet says: “The contents of the Flash Protection/Options byte at $FF0F in the Flash Protection/Options Field must be changed directly by programming $FF0F when the device is unsecured and the higher address sector is unprotected. If the Flash Protection/Options byte is left in the secure state, any reset will cause the MCU to return to the secure operating mode.”

 

If you use CodeWarrior then you can use the syntax as follows:

const unsigned char secure @0xFF0F = 0xFC;

 

If the security is enabled then:

- internal flash memory cannot be read via BDM device.

- debug features are disabled.

For more information see the description of FSEC register in datasheet.

 

I would like also recommend our application note AN2400 HCS12 NVM Guidelines:

http://www.freescale.com/files/microcontrollers/doc/app_note/AN2400.pdf

AN2880 Using the Backdoor Access Capability to Unsecure HCS12 MCUs:

http://www.freescale.com/files/microcontrollers/doc/app_note/AN2880.pdf

http://www.freescale.com/webapp/sps/download/license.jsp?colCode=AN2880SW

 

 

Security at S12(X) MCUs with 180nm Flash:

This is related to all S12(X) MCUs with 180nm Flash with ECC (S12G, S12HY, S12P, S12XE, S12XF, S12XHY,  S12XS, MM912G634, MM912H634, MM912J637 and S12VR):

 

If we load the flash security byte together with other code,

******************

c code example:

//set backdoor key and secure the flash (set flash security byte to 0xBD):

const unsigned char flash_array[] @0xFF00 = {0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xBD};

******************

then we have to add following command to preload command file (P&E_Multilink_USB_Preload.cmd if you use PE Multilink):

 

FLASH NOUNSECURE

 

This command will ensure that the burner will not change security byte to unsecured state prior to programming. That's normal way: the MCU is erased, flash security byte is programmed to default unsecure state (0xFE) and then the code is loaded. We just have to turn off the programming of security byte.

 

Why:

The cumulative bits within the phrase is not allowed. If the flash security byte at address 0xFF0F is not erased prior to programming of the new value then the ECC checksum of this phrase is corrupted and the MCU will be left in secured state and the flash will be fully protected after next reset.

 

Datasheet says:

"If a double bit fault is detected while reading the P-Flash phrase containing the P-Flash protection byte during the reset sequence, the FPOPEN bit will be cleared and remaining bits in the FPROT register will be set to leave the P-Flash memory fully protected."

 

"If a double bit fault is detected while reading the P-Flash phrase containing the Flash security byte during the reset sequence, all bits in the FSEC register will be set to leave the Flash module in a secured state with backdoor key access disabled."

 

The same for D-Flash...

 

S12(X) unsecure:

Unsecure is possible by three ways:

  1. 1. Backdoor key access(temporary)
  2. 2. Reprogramming the security bits
  3. 3. Complete memory erase (special modes)

Ad1) For secure and backdoor key you set 16bytes on address 0xFF00. The backdoor key access method allows debugging of a secured microcontroller without having to erase the Flash. This is particularly useful for failure analysis.

For unsecure by backdoor key you use special flash command 0C (caption Verify Backdoor Access Key Command in reference manual). No word of the backdoor key is allowed to have the value 0x0000 or 0xFFFF. Unsecure is valid only till reset. If an invalid attempt is made to verify the Backdoor Keys the command will be locked out until a power down occurs. 

Ad2) In normal single chip mode (NS), security can also be disabled by erasing and reprogramming the security bits within Flash options/security byte to the unsecured value. Because the erase operation will erase the entire sector from 0xFE00–0xFFFF, the backdoor key and the interrupt vectors will also be erased; this method is not recommended for normal single chip mode.

Ad3) Complete mass erase by BDM device(in special mode). In Code Warior debugger menu ->MultilinkCyclonePro->Unsecure…

If not work you can use unsecure12 from P&E:

http://www.pemicro.com/downloads/download_file.cfm?download_id=16

Unsecure_12 Help Files:

http://www.pemicro.com/downloads/download_file.cfm?download_id=14

Note: For downloading is necessary registration.


Labels (1)
Comments

Hi

I've problem. FSEC register is not correctly loaded from configuration field after reset in my application.

I use this code:

const unsigned char flash_array[] @0xFF08 = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC};

but immediately after reset FSEC is still 0xFE.

I tried use command FLASH NOUNUNSECURE (I added it to preload file) but it did not working.

I need secure my device but device is still unsecured.

microcontroller: S12G128

CW: 5.9.0

programmer: P&E Multilink

Any ideas please?

Thanks!

Hi Mirek,

please look at your map file into section UNUSED-OBJECTS SECTION.

In some cases, linker (depends on settings) could optimize out unused objects.

When you find there “flash_array”, you could add some code for reading this data (array will be used) or rather place name of this constant into prm file to section ENTRIES.

For example:

ENTRIES /* keep the following unreferenced variables */

flash_array

END

Note: in case of variables, we typically use “volatile” keyword in variable definition. This disables optimization techniques for this variable. For example: volatile unsigned char err = 0;

I hope it helps you.

RadekS

Hi Radek

Thanks for the article. I have a question regarding unsecuring the MCU. You mentioned 

Unsecure is possible by three ways:

  1.  Backdoor key access(temporary)
  2.  Reprogramming the security bits
  3. Complete memory erase (special modes)

After securing the chip, how can I reprogram the security bits using Codewarrior?  (option 2 above).

How to do a complete memory erase using Codewarrior (option 3 above)? Is it through the unsecure option from HCS12MultilinkcyclonePro >> unsecure?

Thanks

Rakhi

Hi Rakhi,

The option 2 means reprogramming the last flash sector by MCU code. When MCU is secured, the available BDM and Flash commands are restricted and we cannot access flash by BDM commands.

 

Yes, the simplest way is through debugger menu >> HCS12MultilinkcyclonePro >> unsecure …

It will execute P&E_Multilink_USB_Erase_unsecure_hcs12xe.cmd command file.

Note: “HCS12MultilinkcyclonePro” menu option and command file above is available only when you use PEmicro BDM interface. In fact, this menu, their offers command file is interface dependent.

 

If it will not work, you may use Unsecure12 utility from PEmicro

http://www.pemicro.com/downloads/download_file.cfm?download_id=16

But this work only when you use PEmicro BDM interface.

 

I hope it helps you.

Radek

Hi, All,

How to prevent S12 flash from erasing and reprograming even using PEmicro BDM interface?

Sincerely,

Nelson

Hi Nelson,

I am not aware of any internal option for full lock BDM access at S12(X/Z) devices. If BDM interface is accessible, the MCU unsecure may be executed anytime by flash mass erase.

Some older S12(X) families were also offered with one time programmable ROM memory (the part number starting with S3 instead of S9).


I hope it helps you

Have a great day,
Radek

Hi Radek,

Thanks for your suggestion about MC3S12.

If the part cannot be changed, is there any hardware modification to limit S12 BDM interface accessible?

Have a good day.

Sincerely,

Nelson

Nelson, couldn't you just secure your microcontroller by programming security bits? This will prevent BDM access.

Regards

Rakhi

Rakhi, Any method to prevent unsecure12 from P&E to erase/reprogramming the P-flash even MCU set security bits?

My goal is to prevent BDM access or any unsecuring mechanism for erase/reprogramming the P-flash in my product.

PEmicro | Experts in Embedded tools for Flash Programming and Development 

PEmicro has a free application, UNSECURE12, which is designed to communicate and unsecure a secure device. 

Regards,

Nelson

Rakhi, Any method to prevent unsecure12 from P&E to erase/reprogramming the P-flash even MCU set security bits?

My goal is to prevent BDM access or any unsecuring mechanism for erase/reprogramming the P-flash in my product.

 

PEmicro | Experts in Embedded tools for Flash Programming and Development 

PEmicro has a free application, UNSECURE12, which is designed to communicate and unsecure a secure device. 

 

Regards,

Nelson

OK. Now I understand your requirement.

I don't think the chip supports this feature. At least I am not aware of any method to not erase the flash.

Version history
Last update:
‎11-15-2012 12:26 PM
Updated by: