Emulation Key Disable

What is the Emulation Key Disable feature in the 2156x family of processors?



tagged content
[edited by: JValeriani at 7:33 PM (GMT 0) on 3 Sep 2019]
Parents
  • +1
    •  Analog Employees 
    on Aug 21, 2019 7:31 AM

    In the SC58x/SC57x/ADSP2156x processors, before locking the part, a 128 bit emulation key must be programmed into the OTP secure_emu_key field using the OTP Program API. Once the part is locked, the debugger will only have access when the user key passed from the debugger matches the emulation key programmed in the OTP. If the part is locked, the boot ROM loads the "emulation key" from OTP into the TAPC registers. The access to debugger is enabled only if there is a match between the keys loaded in to TAPC registers and the keys passed from the debugger.

    The ADSP2156x family supports an enhanced security feature over the emulation key described above. The boot ROM provides an option to disable the emulation key itself, so that debugger cannot have access even when it provides the correct user key. An "emulation key disable" field is provided the OTP. If this field is programmed, the boot ROM does not load the emulation keys to the TAPC registers from the "emulation key" field in OTP. Hence debug is disabled even on entering the key through emulator.

     The only way to gain debug access in the above case is via the following steps.

    1. Boot an authenticated application.
    2. The application booted should load the correct key (emulation key) into the TAPC registers.
    3. Once the correct keys are loaded into the TAPC registers, debugger can gain access by providing the matching keys.

     The associated zip file provides sample codes to program the OTP to lock the part, to disable emulation key and to program emulation key to the OTP. A sample code is also provided to load the key to TAPC registers.

    EmulationKeyDisable - Copy.zip

Reply
  • +1
    •  Analog Employees 
    on Aug 21, 2019 7:31 AM

    In the SC58x/SC57x/ADSP2156x processors, before locking the part, a 128 bit emulation key must be programmed into the OTP secure_emu_key field using the OTP Program API. Once the part is locked, the debugger will only have access when the user key passed from the debugger matches the emulation key programmed in the OTP. If the part is locked, the boot ROM loads the "emulation key" from OTP into the TAPC registers. The access to debugger is enabled only if there is a match between the keys loaded in to TAPC registers and the keys passed from the debugger.

    The ADSP2156x family supports an enhanced security feature over the emulation key described above. The boot ROM provides an option to disable the emulation key itself, so that debugger cannot have access even when it provides the correct user key. An "emulation key disable" field is provided the OTP. If this field is programmed, the boot ROM does not load the emulation keys to the TAPC registers from the "emulation key" field in OTP. Hence debug is disabled even on entering the key through emulator.

     The only way to gain debug access in the above case is via the following steps.

    1. Boot an authenticated application.
    2. The application booted should load the correct key (emulation key) into the TAPC registers.
    3. Once the correct keys are loaded into the TAPC registers, debugger can gain access by providing the matching keys.

     The associated zip file provides sample codes to program the OTP to lock the part, to disable emulation key and to program emulation key to the OTP. A sample code is also provided to load the key to TAPC registers.

    EmulationKeyDisable - Copy.zip

Children
No Data