SLUUDG7 December   2025 MSPM33C321A

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Overview of Security Functionality
    1. 1.1 Terminology
  5. 2Secure Execution Environment
    1. 2.1 TrustZone
      1. 2.1.1 Implementation Defined Attribution Unit
      2. 2.1.2 Security Attribution Unit
      3. 2.1.3 TrustZone software development
    2. 2.2 Memory Protection Unit
      1. 2.2.1 TrustZone and MPU
    3. 2.3 Global Security Controller
      1. 2.3.1 GSC Memory configuration
        1. 2.3.1.1 Security Exceptions through the GSC & SAU
        2. 2.3.1.2 Priviledge exceptions with GSC & MPU
  6. 3Security Modules
    1. 3.1 AES
      1. 3.1.1 AES Overview
      2. 3.1.2 AES Usage
        1. 3.1.2.1 Configuration
        2. 3.1.2.2 Setup
        3. 3.1.2.3 Operation
    2. 3.2 Keystore
      1. 3.2.1 Overview
      2. 3.2.2 Keystore Usage
        1. 3.2.2.1 Configuration
        2. 3.2.2.2 Setup
        3. 3.2.2.3 Operation
    3. 3.3 SHA2
      1. 3.3.1 SHA Introduction
        1. 3.3.1.1 SHA features
      2. 3.3.2 SHA Performance
      3. 3.3.3 SHA Usage
        1. 3.3.3.1 Configuration
        2. 3.3.3.2 Setup
        3. 3.3.3.3 Operation
    4. 3.4 PKA
      1. 3.4.1 PKA Introduction
        1. 3.4.1.1 PKA features
      2. 3.4.2 PKA Usage
        1. 3.4.2.1 Configuration
        2. 3.4.2.2 Setup
        3. 3.4.2.3 Operation
    5. 3.5 PQC
      1. 3.5.1 ML-DSA
        1. 3.5.1.1 ML-DSA Introduction
        2. 3.5.1.2 ML-DSA Usage
          1. 3.5.1.2.1 Configuration
          2. 3.5.1.2.2 Setup
          3. 3.5.1.2.3 Operation
  7. 4Revision History

2.3.1 GSC Memory configuration

The GSC utilizes both the MPU and SAU to configure memory with security and privilege attributes. To configure this the GSC has three separate controllers: Peripheral Protection Controller (PPC), SRAM Protection Controller (SPC), and Flash Protection Controller (FPC). For details on how to configure and use the registers please see the MSPM33C3-Series 160MHz Microcontrollers Technical Reference Manual

The GSC has similar properties to the SAU and MPU. This can lead confusion on which peripheral should be used for protecting memory. The SAU and MPU are limited on how many regions can configured or address granularity. For example the SAU for M33 devices can only attribute 8 regions of memory with the non-secure and secure attribute. Unconfigured regions of memory are left with the secure attribute. The GSC however attributes regions in a 2kB size allowing 255 different regions of security on a 1 MB device. Each one of these 2kB regions can be attributed either secure or privilege access.