Other Parts Discussed in Thread: UNIFLASH
Hi,
I'm in the process of protecting a TMS320F280025C from unauthorized access to FLASH and RAM.
My bootloader is in the flash sections 0-2 and the app in the flash sections 3-15. I want the bootloader to be protected for
execute only and the bootloader should be able to erase the application and reprogram it.
Now there is this application note about DCSM: https://www.ti.com/lit/an/spracp8a/spracp8a.pdf?ts=1656879106556
When I then use the example project, I can configure the settings, but it looks like, that when I will flash a program containing
the settings, I will never be able to change the DCSM header again on the same microcontroller, right? So how can I debug this?
My settings:
Edit:
Ok, I could make it work now by only using the option ZONE1 Per LINKPOINTER and make everything Secured by this Zone. I can then only flash via UNILINK, since I need to unlock.
There came up several questions about DCSM and security, hopefully you can answer me these questions:
- Can I somehow make the JTAG on the Eval Boards unlock the board before flashing, such that I can still debug and flash it in CCS when I use DCSM
- When I have a bootloader and I configured the DCSM as above, do I also need to add this in the application or is it enough to have this in the bootloader application alone, since anyway the whole FLASH and RAM is protected?
- How safe is my application with just the above settings? Do I need to remove the boot configuration over SCI?
- When I protect everything as above with zone1 only and I want to write to the flash, to I need to call DCSM_unlockZone1CSM()? On the app it looks like DCSM_unlockZone1CSM() will always return unlocked (also with a wrong password), but I can only access the controller over UNIFLASH with the correct password.
