Enable Password Protection to Lock Down Flash Memory - KBA227884

Version: **

 

Question:

We are using Cypress S25FS512S flash. We need to set password to protect memory array to prevent user erasing/programing the memory array. Administrator can enter password to un-protect the memory to update software when necessary. How can I enable the Password Protection function?

 

Answer:
Password Protection is part of the Cypress Advanced Sector Protection (ASP) feature. The ASP feature offers comprehensive solutions for protecting flash memory arrays. See AN98551 -  Advanced Sector Protection (ASP) in Cypress Quad SPI, Octal SPI, and HyperFlash Device Families for more information about ASP.

This document provides tips on hands-on implementation of enabling ASP Password Protection mode, taking FS-S as an example. For other Cypress flash families, the steps are similar; commands and registers may not be the same. Refer to respective flash family datasheet for commands and registers details.

 

Enabling Password Protection function sets OTP registers; once set, it is not reversible. Do the following (if applicable to your application) before enabling the Password Protection function:

 

  1. Program OTP configuration bits in CR1NV[5, 3:2], CR2NV, CR3NV, and CR4NV as required.
  2. Program Secure Silicon Region (OTP area) as required.
  3. Program PPB bits as required via the PPBP command.
  4. Program NVDLR if it will be used in DDR read commands.

 

Do the following to enable the Password Protection function:

  1. Program a 64-bit password into Password Register (PASS) by using the Password Program command (PASSP E8h).
    1. WREN command is required prior to PASSP command.
    2. Polling completion (WIP) is required (same as other non-volatile register programming).

See the “Password Register” section in the FS512S datasheet .

    2. After Password Program is complete, read the password (PASSRD E7h) to verify the correctness of the password programmed in Step 1.

    1. This needs to be done before enabling Password Protection mode. Once Password Protection mode is enabled, the password will not be readable any more.
    2. Ensure that the application ‘remembers’ the 64-bit password. If the password is lost, you cannot retrieve it from the Password Register.

    3. Use the ASPP command (2Fh) or WRAR command (71h) to program the ASP Register (ASPR) to FFFBh (ASPR[2:1]=01b)

 

 

Example A: Sequence of commands to protect sectors and enable password protection to lock down a memory array:

  1. WREN command.
  2. PPBP command (FDh), or 4PPBP command (E3h). Depends on the address mode used in the application. The address for this command is the address of the sector going to be protected.
  3. Read Status Register to check the WIP bit for PPBP operation completion (same as for normal Page Program operation)
  4. Repeat steps 1 to 3 to protect all the sectors that you want to protect.
  5. WREN command.
  6. PLBWR command (A6h) to clear PPB Lock bit to 0 (lock).
  7. Read Status Register to check WIP bit for PLBWR operation completion.
  8. Step 5 – 7 can be skipped because once Password Protection is enabled, the PPB Lock bit will be cleared to ‘0’ by default on every power on or hardware reset.
  9. WREN command.
  10. PASSP command (E8h) to program the 64-bit password.
  11. Read Status Register to check the WIP bit for PASSP operation completion.
  12. PASSRD command (E7h) to read and verify that the programmed 64-bit password is correct.
  13. WREN command.
  14. ASPP command (2Fh) or WRAR command (71h) to program the ASP Register (ASPR) to FFFBh (ASPR[2:1]=01b).
  15. Read Status Register to check the WIP bit for ASPP operation completion.
  16. Do a power cycle or hardware reset. The PPB Lock bit will be cleared to ‘0’ and locks PPB bits, and the protected sectors are locked down. If this step is executed immediately after Password Protection is enabled, and PPB bits are modified before power cycle or hardware reset, the steps 5-7 are not required.

 

Example B: Sequence of commands to unlock the protected sectors to update memory array:

  1. PPBRD command (FCh) or 4PPBRD command (E2h) to read the PPB value. The address used in this command is the sector address the PPB associated with. For example, if the address is 0x00000000, the read PPB is for Sector 0 (0x00 – protect; 0xFF – unprotect)
  2. Repeat Step 1 for all sectors and record all the sectors protection status in RAM.
  3. PASSU command (E9h).
  4. Read Status Register 1 to check the WIP bit for PASSU operation completion.
  5. PPB Lock bit will be changed to ‘1’ automatically upon on PASSU operation successful completion.
  6. WREN command.
  7. PPBE command (E4h) to erase the entire PPB array (all PPBs) to 0xFF (unlock all sectors protection). (Because PPB array is a non-volatile array, there is no way to change individual PPB from 0x00 to 0xFF.)
  8. Update data (erase/program) in target sectors.
  9. According to the PPB values recorded in RAM at step 2, write the PPBs back to 0x00. (Steps 1-3 in example A).
  10. Clear PPB Lock bit to ‘0’ (steps 5-7 in example A), or simply do a power cycle or hardware reset.