23.4.11.2 Changing the Security State
The security state out of reset can be permanently changed by programming the security
byte of the flash configuration field. This assumes that you are starting from a mode
where the necessary program flash erase and program commands are available and that
the region of the program flash containing the flash configuration field is unprotected. If
the flash security byte is successfully programmed, its new value takes affect after the
next chip reset.
23.4.11.2.1 Unsecuring the Chip Using Backdoor Key Access
The chip can be unsecured by using the backdoor key access feature, which requires
knowledge of the contents of the 8-byte backdoor key value stored in the Flash
Configuration Field (see
Flash Configuration Field Description
bits are in the enabled state, the Verify Backdoor Access Key command (see
) can be run; it allows the user to present prospective
keys for comparison to the stored keys. If the keys match, the FSEC[SEC] bits are
changed to unsecure the chip. The entire 8-byte key cannot be all 0s or all 1s; that is,
0000_0000_0000_0000h and FFFF_FFFF_FFFF_FFFFh are not accepted by the Verify
Backdoor Access Key command as valid comparison values. While the Verify Backdoor
Access Key command is active, program flash memory is not available for read access
and returns invalid data.
The user code stored in the program flash memory must have a method of receiving the
backdoor keys from an external stimulus. This external stimulus would typically be
through one of the on-chip serial ports.
If the KEYEN bits are in the enabled state, the chip can be unsecured by the following
backdoor key access sequence:
1. Follow the command sequence for the Verify Backdoor Access Key command as
Verify Backdoor Access Key Command
2. If the Verify Backdoor Access Key command is successful, the chip is unsecured and
the FSEC[SEC] bits are forced to the unsecure state
An illegal key provided to the Verify Backdoor Access Key command prohibits further
use of the Verify Backdoor Access Key command. A reset of the chip is the only method
to re-enable the Verify Backdoor Access Key command when a comparison fails.
After the backdoor keys have been correctly matched, the chip is unsecured by changing
the FSEC[SEC] bits. A successful execution of the Verify Backdoor Access Key
command changes the security in the FSEC register only. It does not alter the security
byte or the keys stored in the Flash Configuration Field (
). After the next reset of the chip, the security state of the flash memory
Chapter 23 Flash Memory Module (FTFA)
MKW01Z128 MCU Reference Manual, Rev. 3, 04/2016
Freescale Semiconductor, Inc.
425
Summary of Contents for MKW01Z128
Page 7: ...MKW01xxRM Reference Manual Rev 3 04 2016 viii Freescale Semiconductor Inc...
Page 11: ...MKW01xxRM Reference Manual Rev 3 04 2016 xii Freescale Semiconductor Inc...
Page 133: ...MKW01Z128 MCU Reference Manual Rev 3 04 2016 2 Freescale Semiconductor Inc...
Page 233: ...Module clocks MKW01Z128 MCU Reference Manual Rev 3 04 2016 102 Freescale Semiconductor Inc...
Page 513: ...Interrupts MKW01Z128 MCU Reference Manual Rev 3 04 2016 382 Freescale Semiconductor Inc...
Page 633: ...CMP Trigger Mode MKW01Z128 MCU Reference Manual Rev 3 04 2016 502 Freescale Semiconductor Inc...