Secure and Non-Secure Peripherals Overview

Peripheral Access Controller (PAC) Features for SAM L11

The SAM L11 extends the concept of Arm® TrustZone® to its integrated peripherals and offers the possibility of allocating specific peripherals to both Secure and Non-Secure worlds. The management of each peripheral security attribution is done through the PAC. As shown in the figure below, the PAC embeds a set of registers that defines the security attribution of each integrated peripheral of the system.

saml11-secure-andnseriph-periph_1.png

Regardless of its bit value, the PAC is always Secure. The peripheral's security attribution cannot be changed by accessing the PAC.NONSECx registers during the application run-time. Any change must be made using the User Row (UROW) fuses and requires a reset of the SAM L11 device. The application can read the PAC.NONSECx register to get the current attribution setting of the integrated peripherals.

These registers are configured at device startup by the ROM code which sets the PAC.NONSECx registers according to the user configuration stored in the UROW fuses.

saml11-secure-andnseriph-periph_3.png


Peripherals can be categorized into two groups depending on their PAC security attribution and their internal secure partitioning capabilities (standard/mix-secure):

  • Non-Secure peripheral - A standard peripheral configured as Non-Secure in the PAC. The security attribution of the whole peripheral is defined by the associated NONSECx fuse set to one. Secure and Non-Secure accesses to the peripheral are granted.
  • Secure peripheral - A standard peripheral configured as Secure in the PAC. The security attribution of the whole peripheral is defined by the associated NONSECx fuse set to zero. Secure accesses to the peripheral are granted whereas Non-Secure accesses are discarded (writes are ignored, reads return 0x0), and a PAC error is triggered.


When a peripheral is allocated to the Secure world, only Secure accesses to its registers are granted. Note that the interrupt handling should be managed in the Secure world only.

For more details, refer to the SAM L11 UROW from the product datasheet.

© 2019 Microchip Technology, Inc.
Notice: ARM and Cortex are the registered trademarks of ARM Limited in the EU and other countries.
Information contained on this site regarding device applications and the like is provided only for your convenience and may be superseded by updates. It is your responsibility to ensure that your application meets with your specifications. MICROCHIP MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHETHER EXPRESS OR IMPLIED, WRITTEN OR ORAL, STATUTORY OR OTHERWISE, RELATED TO THE INFORMATION, INCLUDING BUT NOT LIMITED TO ITS CONDITION, QUALITY, PERFORMANCE, MERCHANTABILITY OR FITNESS FOR PURPOSE. Microchip disclaims all liability arising from this information and its use. Use of Microchip devices in life support and/or safety applications is entirely at the buyer's risk, and the buyer agrees to defend, indemnify and hold harmless Microchip from any and all damages, claims, suits, or expenses resulting from such use. No licenses are conveyed, implicitly or otherwise, under any Microchip intellectual property rights.