Hello @mromani
The purpose of PcROP feature is a mean to prevent code/data dumping from internal malicious firmware. Direct read or write on the PcROP area, from internal firmware or debugger is not allowed, while only execution of this code is allowed.
Including all necessary functions within the PCROP area prevents any code access outside the protected area, ensuring that your firmware operates correctly and securely. However, this approach might not be practical due to size limitations and the complexity of managing all dependencies within the PCROP area.
As best practices:
- It is recommended to place only the critical parts of your firmware that need protection in the PCROP area. This typically includes sensitive code that you want to protect from being read or modified by third parties.
- Standard library functions and HAL functions, which are generally not sensitive, can remain outside the PCROP area.
For more details refer to this AN4758 on pcrop : and to x-cube-pcrop page.
Let me know if you have any questions on tampering risk ?
Best regards
