 Hello, and welcome to this presentation of the STM32MP1 Boot and Security Controller. The Boot and Security Controller is intended to read, program, and control the accesses to the On-Chip One-Time Programmable, or OTP, bits. The 3KB effective OTP area is organized in two regions with different properties. Lower OTP area, 1KB, 2-1 redundancy, incremental bit programming. Upper OTP area, 2KB, ECC protection, word programming only. The OTP area is used to store non-volatile information, manufacturing data, memory repair, analog trim, chip ID, etc. Device life-cycle information to control debug access and device provisioning. Boot configuration, and keys and security-sensitive information. ST secret keys and OEM secrets. This is a simplified block diagram of the Boot and Security Controller. SafeMem is a fuse box divided in two regions. Lower and upper OTP areas, with respectively 1KB bit programmable and 2KB word programmable. The control logic supports reading and programming of the OTP bits. OTP bits are read into shadow registers on reset. Several enabling signals are exported out to the SOC. The shadow registers, access, and value of the enabling signals are conditioned to the device life-cycle state determined by the first words. The BSEC main features are 32-bit APB4 interface, 4096 raw OTP bits, which equals 3072 effective bits because of the 2-1 redundancy for lower OTPs. Global programming locking by sticky bits. Permanent OTP program locking per word. OTP word programming locked by sticky bits during the boot phase. Shadow OTP registers can be individually right-locked by sticky bits during the boot phase. Shadow OTP registers can be individually read-locked by sticky bits during the boot phase to prevent reloading. The other key features are the BSEC scratch register for communication with external agent to store boot parameters. A JTAG SOC interface with BSEC JTAG IN and BSEC JTAG OUT registers as communication channel to the JTAG TAP controller. There is a disturbed check feature to qualify OTP word value to improve the resistance to hardware attacks by clock and power glitches during OTP read. The OTP map is describing the full list of OTP words and bit fields, information about who is allowed to program the OTP words, ST microelectronics, or the user. If words are permanently locked as factory programmed, for example, analog trim and memory repair. And sticky lock bits controlled by boot ROM and set according to the device lifecycle. There are three sticky bits per OTP word. Shadow right lock, shadow reload lock, and shadow program lock. For more details see product reference manual section OTP mapping. The low OTP area is 32 words, which are bit programmable only and with 2 to 1 redundancy. It is used as words 0 to 2, CFG 0 to CFG 2 are reserved by ST microelectronics to control the lifecycle and SOC features enabled in the product. Only one bit from CFG 0 is accessible by the user to close the device after secret provisioning. Words 3 to 7 can be used to define the boot device selection. Words 16 to 24 are used for hardware configuration. Words 16 includes product specific settings for the user. Words 24 to 31 are used for public key hash. The upper OTP area is 64 words, programmable only with ECC protection and used for ST ECDSA private and ST public ECDSA certificate for SSP ST. MAC address, user, RMA password, user, board information, user. 36 remaining words can be used to store non-volatile keys and secrets from the user. BSEC is trust zone aware with conditional access according to three regions. BSEC control registers, lower OTP shadow registers, and upper OTP shadow registers. For each region read and write permissions are determined according to the OTP mode. The table is showing a simplified view of the device lifecycle. Once the secret is provisioned into the OTP words during manufacturing, the device state is set to OTP secured. The transition from open device to closed device state is later controlled by programming the OTP word 0 bit 6 to 1. In case the OTP fuse or word 0 is compromised, the device is set into OTP invalid state, which is an end of life state protecting OTP secrets. On a system reset, BSEC automatically updates all shadow registers. OTP mode is determined during this phase. BSEC OTP status, BSEC OTP disturbed, and BSEC OTP error registers are also updated. The fuse OK signal is asserted at the end of this phase. This signal is used to release the reset to the SOC. To trigger a read operation, the software must set the BSEC OTP control register with the word number given in the ADDR field and with the PROG bit set to 0. The software can check the busy bit from the BSEC OTP status register. Once cleared, this busy bit indicates that the read operation is complete. When the read operation is finished, the BSEC state machine updates the disturbed and error status registers. BSEC parameters depending on OTP content are also updated when the corresponding OTP words are read. The OTP mode is updated when a read operation of the word 0 is performed. An OTP word can be written in multiple steps. The word value can be updated by setting additional bits to 1 only. A bit already set to 1 cannot be reset to 0. To trigger a programming operation, the following two steps are required. Write the word value to the BSEC OTP WR data register. Write the BSEC OTP control register with the word number in the ADDR field, the PROG bit set to 1 and the LOC bit set to 0. The software checks the busy bit from the BSEC OP status register. Once cleared, this busy bit indicates that the write operation is complete. In the same register, the PRG fail bit is set if the write operation has failed. The boot and security controller is controlling the debug access according to the device lifecycle state. The BSEC de-enable register is driving several hardware signals to SOC, including core site authentication interface and specific control signals. For more details, see the product reference manual in section BSEC debug control.