SPRUJ86A October   2023  – January 2024 AM263P4

 

  1.   1
  2.   Description
  3.   Features
  4.   4
  5. 1Evaluation Module Overview
    1. 1.1 Introduction
      1.      Preface: Read This First
        1. 1.1.1.1 Sitara MCU+ Academy
        2. 1.1.1.2 Important Usage Notes
    2. 1.2 Kit Contents
    3. 1.3 Device Information
      1. 1.3.1 HSEC 180-pin Control Card Docking Station
      2. 1.3.2 Security
  6. 2Hardware
    1. 2.1  Component Identification
    2. 2.2  Power Requirements
      1. 2.2.1 Power Input Using USB Type-C Connector
      2. 2.2.2 Power Status LEDs
      3. 2.2.3 Power Tree
      4. 2.2.4 Power Sequence
      5. 2.2.5 PMIC
    3. 2.3  Functional Block Diagram
    4. 2.4  Reset
    5. 2.5  Clock
    6. 2.6  Boot Mode Selection
    7. 2.7  JTAG Path Selection
    8. 2.8  Header Information
    9. 2.9  GPIO Mapping
    10. 2.10 Push Buttons
    11. 2.11 Interfaces
      1. 2.11.1  Memory Interface
        1. 2.11.1.1 OSPI/QSPI
        2. 2.11.1.2 Board ID EEPROM
      2. 2.11.2  Ethernet Interface
        1. 2.11.2.1 Control Card Ethernet Routing
        2. 2.11.2.2 On Board Ethernet PHY
        3. 2.11.2.3 LED Indication in RJ45 Connector
      3. 2.11.3  I2C
      4. 2.11.4  Industrial Application LEDs
      5. 2.11.5  SPI
      6. 2.11.6  UART
      7. 2.11.7  MCAN
      8. 2.11.8  FSI
      9. 2.11.9  JTAG
      10. 2.11.10 Test Automation Header
      11. 2.11.11 LIN
      12. 2.11.12 MMC
      13. 2.11.13 ADC and DAC
    12. 2.12 HSEC Pinout and Pinmux Mapping
  7. 3Hardware Design Files
  8. 4Additional Information
    1. 4.1 If You Need Assistance
    2. 4.2 Trademarks
  9. 5Related Documentation
    1. 5.1 Supplemental Content
      1.      5.1.A E1 Board Modifications
      2.      5.1.B E2 Design Changes
  10. 6References
    1. 6.1 Reference Documents
    2. 6.2 Other TI Components Used in This Design
  11. 7Revision History

1.3.2 Security

The AM263Px Control Card features a High Security, Field Securable (HS-FS) device. An HS-FS device has the ability to use a one time programming to convert the device from HS-FS to High Security, Security Enforced (HS-SE).

The AM263Px device leaves the TI factory in an HS-FS state where customer keys are not programmed and has the following attributes:

  • Does not enforce the secure boot process
  • M4 JTAG port is closed
  • R5 JTAG port is open
  • Security Subsystem firewalls are closed
  • SoC Firewalls are open
  • ROM Boot expects a TI signed binary (encryption is optional)
  • TIFS-MCU binary is signed by the TI private key

The One Time Programmable (OTP) keywriter converts the secure device from HS-FS to HS-SE. The OTP keywriter programs customer keys into the device eFuses to enforce secure boot and establish a root of trust. The secure boot requires an image to be encrypted, which is optional, and signed using customer keys, which is verified by the SoC. A secure device in the HS-SE state has the following attributes:

  • M4, R5 JTAG ports are both closed
  • Security subsystems and SoC firewalls are both closed
  • TIFS-MCU and SBL need to be signed with active customer key