Sometimes a device may unexpectedly be locked. This FAQ addresses some common reasons.
Introduction to the Code Security Module (CSM)
The CSM is documented in the system control and interrupts guide for the specific device. This page refers to the Code Security Module available on the following C2000 device families:
Reasons CSM Appears Secure
There are 5 different situations in which the CSM would either be secured or appear to be secure:
The solutions to above conditions are as follows:
In any of these cases, if the CSM is secure and the password is unknown, it cannot be unlocked to be reprogrammed.
Halting Erase Operation
If the erase operation is interrupted and not allowed to complete, the flash may become depleted. When this happens, the device may then begin to fail to erase. The erase algorithm should not be stopped, as this can also affect the CSM passwords. If the passwords are in an unknown state, the device cannot be recovered. This can also leave all zeroes in the CSM resulting in a permanent lock. This is discussed further in the Flash Programming Solutions for the TMS320F28xxx DSCs (SPRAAL3) Application Note.
Frequently Asked Questions CSM
Q: What are the scenarios that CSM gets locked automatically? Is it deterministic or not?
Q: Why is all 0xFFFF's unsecure?
When the device leaves the factory the flash is in an erased state. In this state all locations, including the password, is all ones (i.e. 0xFFFF's).
Q: How many passwords are there?
There is one 128-bit password. It occupies 8 contiguous words in flash.
Q: How do you unlock the the CSM after all zeros have been written to the password locations?
When all zeroes are written to the password locations, this is a permanent lock and there is not a method to erase this password. This is documented in the CSM section of the System Control and Interrupts Reference Guide for the specific device being used. This section provides the following statement:
Do not use 128 bits of all zeros as the password. This automatically secures the device, regardless of the contents of the KEY register. The device is not debuggable nor re-programmable.
Q: Is there any way to erase the password?
If you know the password then you can unlock the flash and erase the password by erasing sector A.
Q: Is there any way to erase the password without erasing all of sector A?
No. The smallest amount of memory that can be erased is a sector.
Q: Code that is running in unsecure memory cannot read/write to memory that is secure or from Flash - why?
If the CSM is locked, then code running outside of the secure area will not be able to read or write to any secured location. The CSM must either be unlocked or the code must be relocated to one of the secure areas.
Q: Will the CSM block the boot loader running in the boot ROM?
The boot ROM itself is unsecure and the boot ROM performs a dummy read of the CSM password locations.
Q: Code is running outside of the CSM protected area, and the CSM is locked. Can it branch to code within the CSM protected memory?
Yes, you can branch into the secured memory and begin execution without any additional setup.
Note: this is different then trying to read values out of the flash through data or program space - this will be blocked. For example, code running in M0 SRAM (unsecure) can branch to code within the Flash even if the CSM is locked. Code running out of M0 SRAM will not be able to read any value out of Flash if the CSM is locked.
Q: How can I tell which memories are protected by the CSM?
Refer to the Data Manual for the particular device. Memories that are protected by the CSM will be indicated in the memory map section. For example if L0 shows "Secure Zone" then it is protected by the CSM.
Q: The CSM locks every time I reset the device via Code Composer. Is this the intended behavior? Is there a work around?
Yes this is the intended behavior. It is easy to get around this during development. You can do one of two things.
Q: To unlock the CSM, does the dummy read come first or the load of the KEY registers first?
Either order will work. The ref guide says to do dummy reads of the PWL first, then write the passwords to the KEY locations. Some other examples may do it in the opposite order (i.e. loads the KEY registers and then does a dummy read of the PWL).
Q: Is it possible to program a device over the serial port with SDFlash if it is password protected?
Yes. The SDFlash algorithm will need to be built such that it knows the password of the device and can unlock it. This is easy to do and is described in the readme file for the serial algorithm: http://emulators.spectrumdigital.com/utilities/sdflash/c2000/SDFlash_Serial_RefGuide_v3_3.pdf
Frequently Asked Questions ECSL
Q: Why does Code Composer Studio give me an emulator error when I try to connect to my locked device?
On devices with ECSL protection which do not support hardware wait-in-reset mode (such as the Piccolo devices), if the device is locked:
When the device is powered up, the CPU will start running and may execute an instruction that performs an access to an ECSL protected area. If this happens, the ECSL will trip and cause the emulator connection to be cut. To resolve this:
At this point you should be able to proceed and unlock your device.
We are glad that we were able to resolve this issue, and will now proceed to close this thread.
If you have further questions related to this thread, you may click "Ask a related question" below. The newly created question will be automatically linked to this question.
All content and materials on this site are provided "as is". TI and its respective suppliers and providers of content make no representations about the suitability of these materials for any purpose and disclaim all warranties and conditions with regard to these materials, including but not limited to all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement of any third party intellectual property right. No license, either express or implied, by estoppel or otherwise, is granted by TI. Use of the information on this site may require a license from a third party, or a license from TI.
TI is a global semiconductor design and manufacturing company. Innovate with 100,000+ analog ICs andembedded processors, along with software, tools and the industry’s largest sales/support staff.