 Hello, and welcome to this presentation of the STM32 tamper and backup registers. It covers the main features of this peripheral, which is used to provide security against tamper events. The tamper referral features of 32 32-bit backup registers used to preserve data when the main supply is off. These backup registers can be used to store sensitive data as they are erased when a tamper event is detected on the tamper pins, or due to some internal events. The SRAM-2, the PKA SRAM, and the instruction cache are also erased when a tamper event is detected. The tamper detection is functional in low-power modes when the VBAT domain is supplied by a backup battery. The anti-tamper circuitry includes ultra-low-power digital filtering, avoiding false tamper detections. The key features of the TAMP are 128 bytes of backup registers split into 32 32-bit backup registers. These registers are preserved in all low-power modes and in VBAT mode and are erased when a tamper detection event occurs. Three of the eight external tamper pins are available in VBAT mode. External tampers can be configured in either passive or active mode. The passive external tamper events can be detected on a programmable edge or on level with a configurable filter and using an internal pull-up in an ultra-low-power mode. A timestamp function is used to save calendar contents in timestamp registers, depending on any tamper event. Any tamper detection erases the backup registers SRAM-2, instruction cache, PKA SRAM, and cryptographic peripherals. The TAMP unit also includes a monotonic counter, generally used in protection against replay attacks. Here is the TAMP block diagram. Several internal features can generate a tamper event, VDD Upper Voltage Threshold Monitoring, Temperature Monitoring, LSE Monitoring, RTC Calendar Overflow, and Monotonic Counter Overflow. Each internal and external tamper has an enable control bit. By default, internal and external tampers are enabled. By default, all tamper detection events will erase the backup registers, the SRAM-2, the ICASH, the PKA SRAM, and the cryptographic peripherals. Note that the backup registers are not reset by a system reset or when the device wakes up from standby mode. backup registers can be reset when a tamper detection event occurs or when the readout protection of the flash is changed from level 1 to level 0. The TAMP EVT is used to generate an RTC timestamp event. TAMP Erase Output is asserted following either tamper event detection, internal or external, or the software erase request done by writing BK Erase to 1. The TAMP TZEN input is used to activate the trust zone in the device. The TAMP module has two clock sources, the TAMP clock and the APB clock. The TAMP clock can either use the High Speed External Oscillator or HSE divided by 32, the Low Speed External Oscillator or LSE, or the Low Speed Internal Oscillator LSI. Only LSE or LSI are functional in stop and standby modes. Only LSE is functional in shutdown and VBAT modes. Passive Tamper Detection just checks a static level. It is typically used to connect a sensor and to detect a change of the sensor output. Either a level or edge trigger detection. So if the attack succeeds in shorting the tamper input to the inactive state, no tamper detection event will occur. Active tamper detection detects the physical open short attack. A TAMP OUT OUTPUT PIN provides a pseudo random value. After outputting this value, the TAMP OUT PIN outputs its opposite value. A TAMP OUT PIN must be externally shorted to a TAMP IN PIN. Tamper active mode is based on the continuous comparison between a TAMP OUT PIN and a TAMP IN PIN. The same output can be used for several tamper inputs. The pseudo random generator must be initially and periodically fed with a new seed. The TAMP embeds ultra low power tamper detection circuitry. The purpose is to detect physical tampering in a secure application and to automatically erase sensitive data in case of intrusion. Eight tamper pins and events are supported. Three of them are functional in all low power modes and in VBAT mode. The detection can be edge or level triggered and the active edge or level is selectable for each event when configured in passive mode. A pre-charged time is determined by the TAMP PREACH BITS in order to support large capacitances on the TAMP IN X INPUTS. A tamper event can generate a timestamp event which can be used to record the date of the intrusion attempt. A tamper event can also be used as a trigger for LP timers. The capacitors shown in the figure perform filtering. If no external capacitors are explicitly connected to a tamper input, they provide a model of the trace capacity. Note that an external pull-up is required in edge detection mode. In level detection mode, the internal pull-up is used as explained in the next slides. The tamper detection circuit includes an ultra-low power digital filter. The internal IO pull-up can be used to detect the anti-tamper switch state. The IO pull-up is applied only during the pre-charging pulse in order to avoid any consumption if the tamper pin is at a low level. The pre-charging pulse duration is configurable to support different capacitance values and can be one, two, four or eight TAMP clock cycles. The pin level is sampled at the end of the pre-charging pulse. A filter can be applied to the tamper pins. It consists of detecting a given number of consecutive identical events before issuing an interrupt to wake up the device. This number is configurable and can be one, two, four or eight events at a programmable sampling rate from 1 to 128 Hertz. This figure illustrates tamper detection using the internal pull-up. The internal pull-up can be applied for one, two, four or eight cycles. If the switch is opened, the level is pulled up by the resistor. If the switch is closed, the level remains low. The input voltage is sampled at the end of the pre-charge pulse. The tamper detection circuitry can also be used to generate interrupts or trigger events. Each tamper interrupt can be individually enabled or disabled. Each external tamper event can be individually configured to erase the sensitive data or not. Each external tamper event can be individually configured to generate a hardware trigger to low power timer. This takes advantage of a digital filtering present on these IOs for interrupt or trigger generation. By default, after a backup domain power on reset, all TAMP registers can be read or written in both secure and non-secure modes, except for the TAMP Secure Mode Control Register named TAMP SMCR, which can be written to secure mode only when trust zone is enabled. The TAMP protection configuration is not affected by a system reset. When the TAMP D-Prot bit is cleared in the TAMP SMCR register, writing the TAMP registers is possible only in secure mode, except for the backup registers, which have their own protection setting. The 32 backup registers, representing 128 bytes, can be split into three protection zones. Protection zone 1 starts at backup register 0 and ends at backup register X minus 1. Access permissions are secure reads and writes. Protection zone 2 starts at backup register X and ends at backup register Y minus 1. Access permissions are non-secure reads and secure writes. Protection zone 3 starts at backup register Y and ends at backup register 31. Access permissions are non-secure reads and writes. X and Y are set in the BKPRWD PROT and BKPWD PROT fields of the TAMP SMCR register. By default, after a backup domain power on reset, all TAMP registers can be read or written in both privileged and non-privileged modes, except for the TAMP Privilege Mode Control Register named TAMP-PrivCR, which can be written in Privilege Mode only. The TAMP Protection Configuration is not affected by a system reset. When the TAMP PrivBit is set in the TAMP-PrivCR register, writing the TAMP registers is possible only in Privilege Mode, except for the backup registers which have their own protection setting. The BKPWPrivBit in TAMP-PrivCR register sets the Privilege Attribute of Protection Zone 2. The BKPRWPrivBit in TAMP-PrivCR register sets the Privilege Attribute of Protection Zone 1. All interrupts can wake the processor up from all low power modes. The detection on all tamper pins and internal tamper sources can generate an interrupt. Any tamper detection circuit can be enabled or disabled by programming the TAMP CR1 register. If it is enabled and a tamper event is detected, the corresponding flag is set in the TAMP SR register. The TAMP IER register masks or enables the tamper event interrupt. The interrupt service routine can easily determine which tamper event has occurred by reading the TAMP MISR or TAMP SMISR register which contains flags identifying the source of the tamper event interrupt. MISR is relevant when the interrupt is non-secure. SMISR when it is secure. The TAMP DPROTBIT in the TAMP SMCR register determines whether the TAMP module asserts the non-secure or the secure interrupt request to the NVIC. The TAMP peripheral is active in all low power modes and the TAMP interrupts cause the device to exit the low power mode. In stop zero, stop one, stop two and standby modes, only the LSE or LSI clocks can be used to clock the TAMP. Only the LSE is functional in shutdown mode. This is a list of peripherals related to the TAMP. Please refer to these peripheral trainings for more information if needed. Realtime clock, reset and clock control, nested vectored interrupt controller.