SPRUJ10E May   2022  – May 2025

 

  1.   1
  2.   Description
  3.   Features
  4.   4
  5. 1Preface: Read This First
    1. 2.1 Sitara MCU+ Academy
    2. 2.2 If You Need Assistance
    3. 2.3 Important Usage Notes
  6. 2Kit Overview
    1. 3.1 Introduction
    2. 3.2 Kit Contents
    3. 3.3 Specification
      1. 3.3.1 Key Features
      2. 3.3.2 Component Identification
      3. 3.3.3 Functional Block Diagram
    4. 3.4 Device Information
    5. 3.5 BoosterPacks
    6. 3.6 Compliance
    7. 3.7 Security
  7. 3Board Setup
    1. 4.1 Power Requirements
      1. 4.1.1 Power Input Using USB Type-C Connector
      2. 4.1.2 Power Status LEDs
      3. 4.1.3 Power Tree
    2. 4.2 Push Buttons
    3. 4.3 Boot Mode Selection
  8. 4Hardware Description
    1. 5.1  Functional Block Diagram
    2. 5.2  GPIO Mapping
    3. 5.3  Reset
    4. 5.4  Clock
    5. 5.5  Memory Interface
      1. 5.5.1 QSPI
      2. 5.5.2 Board ID EEPROM
    6. 5.6  Ethernet Interface
      1. 5.6.1 Ethernet PHY #1 - CPSW RGMII/ICSSM
      2. 5.6.2 Ethernet PHY #2: CPSW RGMII/ICSSM
      3. 5.6.3 LED Indication in RJ45 Connector
    7. 5.7  I2C
    8. 5.8  Industrial Application LEDs
    9. 5.9  SPI
    10. 5.10 UART
    11. 5.11 MCAN
    12. 5.12 FSI
    13. 5.13 JTAG
    14. 5.14 Test Automation Header
    15. 5.15 LIN
    16. 5.16 MMC
    17. 5.17 ADC and DAC
    18. 5.18 EQEP and SDFM
    19. 5.19 EPWM
    20. 5.20 BoosterPack Headers
    21. 5.21 Pinmux Mapping
  9. 5EVM Revision Design Changes
    1. 6.1 Rev A Design Changes
  10. 6Hardware Design Files
  11. 7References
    1. 8.1 Reference Documents
    2. 8.2 Other TI Components Used in This Design
  12.   Trademarks
  13. 8Revision History

2.7 Security

The AM263x LaunchPad features a High Security, Field Securable (HS-FS) device. An HS-FS device has the ability to use a one time programming to convert the device from HS-FS to High Security, Security Enforced (HS-SE).

The AM263x device leaves the TI factory in an HS-FS state where customer keys are not programmed and has the following attributes:

  • Does not enforce the secure boot process
  • M4 JTAG port is closed
  • R5 JTAG port is open
  • Security Subsystem firewalls are closed
  • SoC Firewalls are open
  • ROM Boot expects a TI signed binary (encryption is optional)
  • TIFS-MCU binary is signed by the TI private key

The One Time Programmable (OTP) keywriter converts the secure device from HS-FS to HS-SE. The OTP keywriter programs customer keys into the device eFuses to enforce secure boot and establish a root of trust. The secure boot requires an image to be encrypted (optional) and signed using customer keys, which are verified by the SoC. A secure device in the HS-SE state has the following attributes:

  • M4, R5 JTAG ports are both closed
  • Security Subsystems and SoC Firewalls are both closed
  • TIFS-MCU and SBL need to be signed with active customer key