The STM32 reference manual RM0090 describes in chapter 3.8. the One-time programmable bytes (512). This is great to store, say, a public key.
The Annotiation Notes document AN5156 describes - for all processors of the family - among others the feature "Execute-only firmware (PCROP)".
Is this suitable to protect a certain memory area such as the bootloader area against overwriting?
If yes, are there guidelines around (or example code) on how this should be done?
Second: how can - during production - the debug interface be locked against access (security measure)?
