Last edited 6 months ago

BSEC internal peripheral

1. Article purpose[edit | edit source]

The purpose of this article is to

  • briefly introduce the BSEC peripheral and its main features
  • indicate the level of security supported by this hardware block
  • explain how each instance can be allocated to the three runtime contexts and linked to the corresponding software components
  • explain, when necessary, how to configure the BSEC peripheral.

2. Peripheral overview[edit | edit source]

The BSEC peripheral is used to control an OTP (one time programmable) fuse box, used for on-chip non-volatile storage for device configuration and security parameters.

2.1. Features[edit | edit source]

Refer to STM32MP15 reference manuals for the complete list of features, and to the software components, introduced below, to see which features are implemented.

2.2. Security support[edit | edit source]

The BSEC is a secure peripheral.

3. Peripheral usage and associated software[edit | edit source]

3.1. Boot time[edit | edit source]

The BSEC is configured at boot time to set up platform security.

3.2. Runtime[edit | edit source]

3.2.1. Overview[edit | edit source]

The BSEC instance is a system peripheral and is controlled by the Arm® Cortex®-A7 secure:

Info white.png Information
  • BSEC lower OTP access can be made available to the Arm® Cortex®-A7 non-secure.
  • Upper OTP access can be managed as exceptions (in Trusted Boot Chain only, using TF-A), via "secure monitor calls", managed by TF-A or by OP-TEE. Please refer to BSEC device tree configuration for more details.

3.2.2. Software frameworks[edit | edit source]

Internal peripherals software table template 

| Security
| BSEC
| OP-TEE BSEC driver
| Linux NVMEM framework
|
|
|-
|}

3.2.3. Peripheral configuration[edit | edit source]

The configuration is based on Device tree, please refer to BSEC device tree configuration article.
It can be applied by the firmware running in a secure context, done in TF-A or in OP-TEE.
It can also be configured by Linux® kernel, please refer to NVMEM overview article.

3.2.4. Peripheral assignment[edit | edit source]

Internal peripherals assignment table template 

| rowspan="1" | Security
| rowspan="1" | BSEC
| BSEC
| 
| 
|
|
|-

|}

4. How to go further[edit | edit source]

5. References[edit | edit source]



Boot and Security and OTP control

One time programmed

Arm® is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere. Arm logo.png

Cortex®

Linux® is a registered trademark of Linus Torvalds.

Boot and Security and OTP control

One time programmed

Arm® is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere. Arm logo.png

Cortex®

Linux® is a registered trademark of Linus Torvalds.

Retrieved from "https://wiki.st.com/stm32mpu/index.php?title=BSEC_internal_peripheral&oldid=61027"