SPRUJ12F August   2021  – January 2024 AM2431 , AM2432 , AM2434

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Preface: Read This First
    1. 1.1 If You Need Assistance
    2. 1.2 Important Usage Notes
  5. 2Kit Overview
    1. 2.1 Kit Contents
    2. 2.2 Key Features
    3. 2.3 Component Identification
    4. 2.4 BoosterPacks
    5. 2.5 Compliance
    6. 2.6 Security
  6. 3Board Setup
    1. 3.1 Power Requirements
      1. 3.1.1 Power Input Using USB Type-C Connector
      2. 3.1.2 Power Status LED's
      3. 3.1.3 Power Tree
      4. 3.1.4 Power Sequence
    2. 3.2 Push Buttons
    3. 3.3 Boot Mode Selection
  7. 4Hardware Description
    1. 4.1  Functional Block Diagram
    2. 4.2  BoosterPack Headers
      1. 4.2.1 Pinmux for BoosterPack
    3. 4.3  GPIO Mapping
    4. 4.4  Reset
    5. 4.5  Clock
    6. 4.6  Memory Interface
      1. 4.6.1 QSPI Interface
      2. 4.6.2 Board ID EEPROM
    7. 4.7  Ethernet Interface
      1. 4.7.1 Ethernet PHY Strapping
      2. 4.7.2 Ethernet PHY - Power, Clock, Reset, Interrupt
      3. 4.7.3 LED indication in Ethernet RJ45 Connector
    8. 4.8  USB 2.0 Interface
    9. 4.9  I2C Interface
    10. 4.10 Industrial Application LEDs
    11. 4.11 UART Interface
    12. 4.12 eQEP Interface
    13. 4.13 CAN Interface
    14. 4.14 FSI Interface
    15. 4.15 JTAG Emulation
    16. 4.16 Test Automation Interface
    17. 4.17 SPI Interface
  8. 5References
    1. 5.1 Reference Documents
    2. 5.2 Other TI Components Used in This Design
  9.   A E3 Design Changes
  10.   B Revision A Design Changes
  11.   Revision History

2.6 Security

The AM243x LaunchPad may have a Non-Secure (GP or General Purpose) or a Secure device (HS-FS). To determine if the device is secure, refer to field parameter for device revision: "r" of the Device name. If the Device Revision is "B" or a subsequent alphabetical letter, then the device is a Secure device.

GUID-20230215-SS0I-MGR0-LNWP-MJG2FCQWTG8S-low.png Figure 2-5 Security Field Parameter

A Secure device has the ability to use a one time programming to convert the device from High Security Field Securable (HS-FS) to High Security Security Enforced (HS-SE).

A secure device leaves the TI factory in an HS-FS state where customer keys are not programmed and has the following attributes:

  • Does not enforce the secure boot process
  • M3 JTAG port is closed
  • R5 JTAG port is open
  • Security Subsystem firewalls are closed
  • SoC Firewalls are open
  • ROM Boot expects a TI signed binary (encryption is optional)
  • TIFS-MCU binary is signed by the TI private key

The One Time Programmable (OTP) keywriter converts the secure device from HS-FS to HS-SE. The OTP keywriter programs customer keys into the device eFuses to enforce secure boot and establish a root of trust. The secure boot requires an image to be encrypted (optional) and signed using customer keys, which will be verified by the SoC. A secure device in the HS-SE state has the following attributes:

  • M3, R5 JTAG ports are both closed
  • Security Subsystem and SoC Firewalls are both closed
  • TIFS-MCU and SBL need to be signed with active customer private key

Note: For additional information regarding using HS-FS devices with Code Composer Studio, refer to the HS FS Migration guide section of the AM243x MCU+ SDK. To access this guide, go to the file location for the AM243x MCU+ SDK and open README_FIRST_AM243X.html . When the html page loads, navigate to Migration Guides and then the HS FS Migration guide.