Chapter 10 Security (S12X9SECV2)
MC9S12XDP512 Data Sheet, Rev. 2.11
504 Freescale Semiconductor
If all four 16-bit words match the Flash contents at 0xFF00–0xFF07 (0x7F_FF00–0x7F_FF07), the
microcontroller will be unsecured and the security bits SEC[1:0] in the Flash Security register FSEC will
be forced to the unsecured state (‘10’). The contents of the Flash options/security byte are not changed by
this procedure, and so the microcontroller will revert to the secure state after the next reset unless further
action is taken as detailed below.
If any of the four 16-bit words does not match the Flash contents at 0xFF00–0xFF07
(0x7F_FF00–0x7F_FF07), the microcontroller will remain secured.
10.1.6 Reprogramming the Security Bits
In normal single chip mode (NS), security can also be disabled by erasing and reprogramming the security
bits within Flash options/security byte to the unsecured value. Because the erase operation will erase the
entire sector from 0xFE00–0xFFFF (0x7F_FE00–0x7F_FFFF), the backdoor key and the interrupt vectors
will also be erased; this method is not recommended for normal single chip mode. The application
software can only erase and program the Flash options/security byte if the Flash sector containing the Flash
options/security byte is not protected (see Flash protection). Thus Flash protection is a useful means of
preventing this method. The microcontroller will enter the unsecured state after the next reset following
the programming of the security bits to the unsecured value.
This method requires that:
The application software previously programmed into the microcontroller has been designed to
have the capability to erase and program the Flash options/security byte, or security is first disabled
using the backdoor key method, allowing BDM to be used to issue commands to erase and program
the Flash options/security byte.
The Flash sector containing the Flash options/security byte is not protected.
10.1.7 Complete Memory Erase (Special Modes)
The microcontroller can be unsecured in special modes by erasing the entire EEPROM and Flash memory
contents.
When a secure microcontroller is reset into special single chip mode (SS), the BDM firmware verifies
whether the EEPROM and Flash memory are erased. If any EEPROM or Flash memory address is not
erased, only BDM hardware commands are enabled. BDM hardware commands can then be used to write
to the EEPROM and Flash registers to mass erase the EEPROM and all Flash memory blocks.
When next reset into special single chip mode, the BDM firmware will again verify whether all EEPROM
and Flash memory are erased, and this being the case, will enable all BDM commands, allowing the Flash
options/security byte to be programmed to the unsecured value. The security bits SEC[1:0] in the Flash
security register will indicate the unsecure state following the next reset.