Information
8.3 Security Interactions with other Modules
The flash security settings are used by the SoC to determine what resources are available.
The following sections describe the interactions between modules and the flash security
settings or the impact that the flash security has on non-flash modules.
8.3.1 Security Interactions with EzPort
When flash security is active the MCU can still boot in EzPort mode. The EzPort holds
the flash logic in NVM special mode and thus limits flash operation when flash security
is active. While in EzPort mode and security is active, flash bulk erase (BE) can still be
executed. The write FCCOB registers (WRFCCOB) command is limited to the mass
erase (Erase All Blocks) and verify all 1s (Read 1s All Blocks) commands. Read accesses
to internal memories via the EzPort are blocked when security is enabled.
The mass erase can be used to disable flash security, but all of the flash contents are lost
in the process. A mass erase via the EzPort is allowed even when some memory locations
are protected.
When mass erase has been disabled, mass erase via the EzPort is blocked and cannot be
defeated.
8.3.2 Security Interactions with Debug
When flash security is active the JTAG port cannot access the memory resources of the
MCU. Boundary scan chain operations work, but debugging capabilities are disabled so
that the debug port cannot read flash contents.
Although most debug functions are disabled, the debugger can write to the Flash Mass
Erase in Progress bit in the MDM-AP Control register to trigger a mass erase (Erase All
Blocks) command. A mass erase via the debugger is allowed even when some memory
locations are protected.
When mass erase is disabled, mass erase via the debugger is blocked.
Security Interactions with other Modules
K20 Sub-Family Reference Manual, Rev. 2, Feb 2012
176 Freescale Semiconductor, Inc.










