Hello,
Using the RFA1SS is the right way to do. This configuration byte will set a protection for the memory area 1.
If you want to protect all the memory with the same password, then you need to set the size of the area 1 to the full memory. This is done by using the configuration byte ENDA1. You should set ENDA1 to the max value, which is 0x0F for a ST25DV04KC (this is the default value, so it may already be like this). Be careful, ENDA2 and ENDA3 must also be set to 0x0F, in case they are not yet to this value.
Once ENDA1=0x0F, area 1 is the full size of the memory.
You can now protect it against write by setting RFA1SS. Several options there:
- you can protect against write, with no possibility to unprotect using a password: in this case set the bit field PWD_CTRL_A1=00b. In this case, the memory write can only be unprotected by changing RFA1SS again in the configuration (which is protected by password 0). In that case, bit field RW_PROTECTION_A1 can be either 01b, 10b or 11b, effect will be the same with all 3 values.
- you can protect against write with possibility to unprotect by presenting a password: in this case, set bit field PWD_CTRL_A1 to 01b, 10b or 11b depending on the password you want to use to unprotect, and set bit field RW_PROTECTION_A1 to 01b or 10b. Then you can only write into memory after presenting the correct password.
If you plan to use passwords, do not forget to change their default value to something more secret. This must be done from the RF interface: first you must present the correct password using the Present Password command and then use the Write Password command.
Do not forget to change also the password 0 value (the one used to access the configuration), otherwise anyone can change the RFA1SS config back to "no protection" using the default password 0 value (which is all 00).
Best regards.
