 OTF deck, on-the-fly decryption. PURPOSE is to encrypt and decrypt with low latency code data stored within external flash. It's an external OctoSpeak memory used in memory map mode. The encryption scheme we use will be the HOS in control mode with a 128-bit key. You can define up to four regions with a granularity of 4096 bytes. And for each region, you've got one secret key, a firmware version, and an application-defined nonce. We recommend to change one of those parameters for each encryption. This IP is secure-only programming if the trust zone securities enable on your device. Regarding the encryption key, the registers are right only, and there is a software-locking mechanism associated to them. There is also the availability of a 8-bit CRC of this key. Then on the decryption, we've got four operation modes, instruction fetch only, data read access only, code or data access, and an instruction fetch only with NN's encryption. The NN's encryption is a proprietary layer of protection on top of the iOS stream cipher. This is a block diagram of the OTF deck. Here, we've got the master of the bus and our OctoSpy. On this side, everything will be encrypted. On this side, you can see everything in clear. The different iOS operation mode you can encrypt and decrypt. We've got the mechanism of key lock and config lock to ensure it's not modified until the next reset of the IP for the config and the key. And for the decryption mode, we've got the code, code with enhancement of the iOS algorithm, data or code plus data. I will say quite simple. Then we've got here three error events that is possible. We've got the security error. So this one result from an illegal read or write access to the key registers or an illegal write access to a region configuration where the config is locked. Now we've got also the execute only and execute wide encryption error. This is due to a read access to an execute only region. Or if you try to execute a region while encryption is enabled. On the last one is the key error. And when you try to encrypt or decrypt while the key register are not properly set. Then we've got some flag for this event and it will generate an interrupt. Regarding the availability across STM32 family, it's only available on the STM32 L5.