1 of 1 people found this helpful
You will need to create a secure system to prevent access. Please refer to this application note for the theory behind how this works in PSoC6: https://www.cypress.com/file/447981/download .
The simplest way would be to use the PPCOM Command line interface. You can find the guide at this path: "C:\Program Files (x86)\Cypress\Programmer\Documents"
Make use of the PSoC6_WriteProtection API to transition to secure stage. More about this here: Re: PSoC6 Programmer COM API PSoC6_WriteProtection()
You can specify the secure access restrictions based on the level of security you need and then switch the device from Normal to Secure lifecycle stage for the changes to take effect. You can look at the EFuse registers EFUSE_DATA_SECURE_ACCESS_RESTRICT1 where you can specify how much of the flash is accessible through the debug access port.
Have a look at Page#653 in the Register TRM: https://www.cypress.com/file/421406/download
To understand more about EFuse please refer to page#112 in the Architecture TRM: https://www.cypress.com/file/385621/download
thanks for response.
I have been trying to change the lifecycle to secure with debug but I am having some issues which I addressed in the following discussion
I just want to make sure that we are on the same page
Is it safe to ignore all the steps in the step by step summery in page#29 in the Creating a Secure System document
except for changing the lifecycle
in other words
will only changing the lifecycle work without all the remaining steps
No you cannot ignore the steps because the root of trust involves a boot sequence that requires a secure image and a user application to be programmed with a valid TOC2 and public key.
TOC2 is used to point to the location of the first and second executable applications. If at all you haven't followed the steps and directly changed the lifecycle stage, you might fail validation and end up in a dead state.
Hence, it is always recommended to see if your application is properly functioning in NORMAL or SECURE w/ DEBUG modes before making the transition to SECURE mode.