SPRACS4 June 2020 TMS320F2800132 , TMS320F2800133 , TMS320F2800135 , TMS320F2800137 , TMS320F2800152-Q1 , TMS320F2800153-Q1 , TMS320F2800154-Q1 , TMS320F2800155 , TMS320F2800155-Q1 , TMS320F2800156-Q1 , TMS320F2800157 , TMS320F2800157-Q1 , TMS320F28384D , TMS320F28384D-Q1 , TMS320F28384S , TMS320F28384S-Q1 , TMS320F28386D , TMS320F28386D-Q1 , TMS320F28386S , TMS320F28386S-Q1 , TMS320F28388D , TMS320F28388S , TMS320F28P650DH , TMS320F28P650DK , TMS320F28P650SH , TMS320F28P650SK , TMS320F28P659DH-Q1 , TMS320F28P659DK-Q1 , TMS320F28P659SH-Q1
The JTAGLOCK feature provides a means for the C2000 device to disable JTAG access to the device via debug tools like Code Composer Studio™ (CCS) IDE. This feature has been implemented in the C2000™ Microcontroller (MCU) devices starting with the TMS320F2838x product family. This application report provides details on how to leverage this feature.
Code Composer Studio, C2000 are registered trademarks of Texas Instruments.
All other trademarks are the property of their respective owners.
The Dual Code Security Module (DCSM) baseline architecture provides a barrier to someone trying to gain unauthorized access to important intellectual property in the form of firmware (FW). A resource like memory can be left unsecured or allocated to either of the two secure zones. Additionally, it can be marked as execute-only (EXEONLY) to raise the barrier even higher. Through special hardware features, firmware stored in EXEONLY flash can even be copied to and run from EXEONLY RAM. Each of the secure zone is protected by a 128-bit CSM password and security configurations are programmed into the one-time programmable (OTP) area of the Flash. The configuration governs, among other items, which flash sectors and RAM blocks (memory) are allocated to which zone. Security logic protects un-authorized access to each zone's secure resources. For detailed information about device security features, please refer to Dual Code Security Module (DCSM) section in the device-specific Technical Reference Manual (TRM).
All C2000 devices have a JTAG interface, which is used for debugging the device via debug tools like Code Composer Studio (CCS). The Dual Code Security Module (DCSM) on C2000 device provides a clean method to debug one secure zone while maintaining the security barrier around the other zone, as well as allowing a slight lowering of the barrier to debug the two zones together. However, there are times where the flexibility of debugging is not as important as strengthening the barrier around firmware. Hence user may want to disable any debug access to the device. In the security world, strengthening comes in the form of layering. The JTAGLOCK feature provides this additional layer by blocking JTAG (debugger) access to the device entirely. User can enable the JTAGLOCK feature by programming the USER OTP appropriately. In addition to 128-bit CSM password, another 128-bit JTAG password has been added to security configuration to enable/disable the JTAGLOCK feature. Thus, JTAGLOCK essentially puts another hedge around the device firmware, overlaying on top of the base DCSM architecture.
| JTAGLOCK Mode | Description |
|---|---|
| JTAGLOCK Enable | JTAG access to all the CPU is blocked. Debug tool like CCS cannot connect to device. |
| JTAGLOCK Disable | JTAG access to all the CPU is allowed. Debug tool like CCS can connect to any CPU based on other security configuration. |
NOTE
Although JTAGLOCK is available without using the base DCSM security, for highest security it is recommended that both be enabled. To enable the base DCSM security and lock the zones, you must program a 128-bit CSM password along with other security configuration into the USER OTP as per the device-specific Technical Reference Manual.
This is a 32-bit value in Zone1 USER OTP of CPU1 at address location 0x78006. The default value of this location is 0xffff000f. 4 bits (LSB) of this 32-bit value maps to JLM (JTAG LOCK Module) enable. To enable the JTAGLOCK feature, you must change this 4-bit value from 0xF (default value) to any other value.
| Z1OTP_JLM_ENABLE | JTAGLOCK Feature |
|---|---|
| 0xffff000f (default) | JTAGLOCK Disable |
| 0xffff000e | JTAGLOCK Enable |
| 0xffff000d | JTAGLOCK Enable |
| - - - - - - - | JTAGLOCK Enable |
| 0xffff0000 | JTAGLOCK Enable |
| 0x00000000 | JTAGLOCK Enable |
The JTAGLOCK feature is protected by a 128-bit JTAG password. This 128-bit JTAG password is split into two 64-bit passwords: JTAGPSWDHx and JTAGPSWDLx. Like all other security configuration, these are also part of Zone1 USER OTP of CPU1.
JTAGPSWDHx (JTAGPSWDH0 and JTAGPSWDH1) is the upper half of 128-bit JTAG password located in the header section of Zone1 USER OTP of CPU1. Since this is a part of the header, once these values are programmed, it can never be changed again.
| JTAGPSWDHx | USER OTP Address |
|---|---|
| JTAGPSWDH0 | 0x78014 |
| JTAGPSWDH1 | 0x78016 |