SLAAE29A January   2023  – December 2025 MSPM0C1105 , MSPM0C1106 , MSPM0G1105 , MSPM0G1106 , MSPM0G1107 , MSPM0G1505 , MSPM0G1506 , MSPM0G1507 , MSPM0G1518 , MSPM0G1519 , MSPM0G3105 , MSPM0G3106 , MSPM0G3106-Q1 , MSPM0G3107 , MSPM0G3107-Q1 , MSPM0G3505 , MSPM0G3506 , MSPM0G3506-Q1 , MSPM0G3507 , MSPM0G3507-Q1 , MSPM0G3518 , MSPM0G3518-Q1 , MSPM0G3519 , MSPM0G3519-Q1 , MSPM0L1105 , MSPM0L1106 , MSPM0L1227 , MSPM0L1227-Q1 , MSPM0L1228 , MSPM0L1228-Q1 , MSPM0L1303 , MSPM0L1304 , MSPM0L1304-Q1 , MSPM0L1305 , MSPM0L1305-Q1 , MSPM0L1306 , MSPM0L1306-Q1 , MSPM0L1343 , MSPM0L1344 , MSPM0L1345 , MSPM0L1346 , MSPM0L2227 , MSPM0L2227-Q1 , MSPM0L2228 , MSPM0L2228-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Introduction
    1. 1.1 Key Concepts
    2. 1.2 Goals of Cybersecurity
    3. 1.3 Platform Security Enablers
  5. 2Device Security Model
    1. 2.1 Device Identity
    2. 2.2 Initial Conditions at Boot
    3. 2.3 Boot Configuration Routine (BCR)
    4. 2.4 Bootstrap Loader (BSL)
    5. 2.5 Boot Flow
    6. 2.6 User-Specified Security Policies
      1. 2.6.1 Boot Configuration Routine (BCR) Policies
        1. 2.6.1.1 Serial Wire Debug Related Policies
          1. 2.6.1.1.1 SWD Security Level 0
          2. 2.6.1.1.2 SWD Security Level 1
          3. 2.6.1.1.3 SWD Security Level 2
        2. 2.6.1.2 Bootstrap Loader (BSL) Enable/Disable Policy
        3. 2.6.1.3 Flash Memory Protection and Integrity Related Policies
          1. 2.6.1.3.1 Locking the Application (MAIN) Flash Memory
          2. 2.6.1.3.2 Locking the Configuration (NONMAIN) Flash Memory
          3. 2.6.1.3.3 Verifying Integrity of Application (MAIN) Flash Memory
        4. 2.6.1.4 Bootstrap Loader (BSL) Security Policies
          1. 2.6.1.4.1 BSL Access Password
          2. 2.6.1.4.2 BSL Read-out Policy
          3. 2.6.1.4.3 BSL Security Alert Policy
      2. 2.6.2 Customer Secure Code (CSC) Security Policies
        1. 2.6.2.1 CSC Enforced Bankswap
        2. 2.6.2.2 CSC Enforced Firewalls
        3. 2.6.2.3 CSC Key Write to KEYSTORE
      3. 2.6.3 Configuration Data Error Resistance
        1. 2.6.3.1 CRC-Backed Configuration Data
        2. 2.6.3.2 16-bit Pattern Match for Critical Fields
  6. 3Secure Boot
    1. 3.1 Secure Processing Environment Isolation
    2. 3.2 Customer Secure Code (CSC)
      1. 3.2.1 Secure Boot Flow
      2. 3.2.2 Flash Memory Map
      3. 3.2.3 Features
        1. 3.2.3.1 CMAC Acceleration
        2. 3.2.3.2 Asymmetric Verification
        3. 3.2.3.3 KEYSTORE and Firewall
        4. 3.2.3.4 CSC Performance
      4. 3.2.4 Quick Start Guide
        1. 3.2.4.1 Environment Setup
        2. 3.2.4.2 Step by Step Guidance
        3. 3.2.4.3 CSC NONMAIN Configuration
        4. 3.2.4.4 Customize Changes on CSC Example
    3. 3.3 Boot Image Manager (BIM)
      1. 3.3.1 Secure Boot Flow
      2. 3.3.2 Flash Memory Map
      3. 3.3.3 Quick Start Guide
  7. 4Secure Storage
    1. 4.1 Flash Write Protection
    2. 4.2 Flash Read-Execute Protection
    3. 4.3 Flash IP Protection
    4. 4.4 Data Bank Protection
    5. 4.5 Secure Key Storage
    6. 4.6 SRAM Protection
    7. 4.7 Hardware Monotonic Counter
  8. 5Cryptographic Acceleration
    1. 5.1 Hardware AES Acceleration
      1. 5.1.1 AES
      2. 5.1.2 AESADV
    2. 5.2 Hardware True Random Number Generator (TRNG)
  9. 6FAQ
  10. 7Summary
  11. 8References
  12. 9Revision History

3.2.4.2 Step by Step Guidance

If the python environment has been set well, follow below steps to practice on MSPM0 SDK CSC example (take MSPM0G351x device as an example):

  1. Import both customer_secure_code example and customer_secure_sample_image example from SDK path <mspm0_sdk_path>\examples\nortos\<mspm0_device>\boot_manager\ into your CCS workspace.
  2. Build both customer_secure_code example and customer_secure_sample_image example. For the sample image example, build for both EITHER_SLOT_BLUE and EITHER_SLOT_GREEN configuration, you can see corresponding debug folder generated in the project.

    CSC Secure Sample Image Build Configurations

    Figure 3-5 CSC Secure Sample Image Build Configurations
  3. Open UNIFLASH Software programming tool | TI.com tool, connect PC with the MSPM0 launchpad, and take a factory reset.

    Factory Reset by Uniflash

    Figure 3-6 Factory Reset by Uniflash
  4. Configure the Flash setting as Erase MAIN and NONMAIN necessary sectors only, this option only erases the flash region that is used in image output file.

    CSC Flash Setting in Uniflash

    Figure 3-7 CSC Flash Setting in Uniflash
  5. Load below files into MSPM0 devices, and then power cycles the device (or press NRST button in launchpad), you can see Red LED on for 2s (CSC execution for image verification), and then Blue LED flashing (program executed in Physical Bank1).

    Loading CSC Images by Uniflash

    Figure 3-8 Loading CSC Images by Uniflash
    • \customer_secure_code_LP_MSPM0G3519_nortos_ticlang\Debug\customer_secure_code_LP_MSPM0G3519_nortos_ticlang.out: It includes CSC firmware for Physical Bank0 and necessary NONMAIN configuration.
    • \customer_secure_code_LP_MSPM0G3519_nortos_ticlang\Debug\customer_secure_code_LP_MSPM0G3519_nortos_ticlang-bank1-0x40000.bin: It is a copy of CSC firmware for Physical Bank1, and should be located at the start address of Physical Bank1 (0x40000 for MSPM0G3519 device).
    • \customer_secure_sample_image_LP_MSPM0G3519_nortos_ticlang\EITHER_SLOT_BLUE\sample_image_signed_0x4800_v1_0_0_blue.txt: It is the application image which starts from Physical Bank1 0x44800 address.
  6. Use Uniflash to update a higher version of GREED application image to the device and press NRST button. You can see after Red LED on for 2s, then the Green LED flashing. CSC does not care how the image is loaded to flash, and this step just shows a way to directly load firmware to MCU Logic Bank1 by Uniflash.

    Update Firmware by Uniflash

    Figure 3-9 Update Firmware by Uniflash