2022-11-07 03:51 AM
I try to disable the SWIM interface in a STM8AL3168 derivative, by setting the SWD bit of the global configuration register (CFG_GCR) = 1 in main().
typedef struct CFG_struct
{
__IO uint8_t GCR; /*!< Global Configuration register */
}
CFG_TypeDef;
#define CFG ((CFG_TypeDef *) CFG_BASE)
#define CFG_BASE (uint16_t)0x7F60
CFG->GCR = 0x01;
But this does not seem to work, because afterwards I can still read out the programm memory using the ST Visual Programmer.
What am I doing or thinking wrong?
2022-11-07 05:06 AM
Welcome, @KGirs.1, to the community!
The CFG_GCR register is located in the RAM area and is therefore volatile. The RM0031 writes about SWIM disable:
By default, after an MCU reset, the SWIM pin is configured to allow communication with an external tool for debugging or Flash/EEPROM programming. This pin can be configured by the application for use as a general purpose I/O. This is done by setting the SWD bit in the CFG_GCR register.
and in the bit description:
When SWIM mode is enabled, the SWIM pin cannot be used as general purpose I/O.
This means that SWIM is not permanently deactivated, but that the SWIM pin is (can be) available as an additional GPIO when the programme is started.
Does it answer your question?
Regards
/Peter
2022-11-07 09:34 PM
Hi Peter,
thanks for your quick answer, but unfortunately it does not fully answer my question.
My intention was to prohibit the communication with an external tool for debugging or Flash/EEPROM programming (e.g. with the ST Visual Programmer), by disabling the SWIM Mode (CFG->GCR = 0x01;),
and use this as a kind of security feature.
I am aware, that the SWIM Mode is enabled again after a RESET, because of the default value (value after RESET) of the CFG_GCR register = 0.
But I tought that if I:
1. set the (CFG->GCR = 0x01;) at the beginning of the main() function,
2. programm this binary using the ST Visual Programmer,
3. disconnect the programmer from the target (hardware; debug connector),
4. reconnect the programmer to the target without initiating a RESET,
I would no longer be able to read out the flash, because of the still deactivated SWIM Mode (active I/O Mode).
So what I need is a mechanism or a setting, to lock (prohibit) the debug and programming access in case of production releases (releases that are delivered to the customer).
On the other hand, the developer releases should be accessible without any restrictions, or I should be able to “unlock�? the production releases, to reprogram potential bug fixes.
I tought, that I could use the SWIM Mode for this.
Is this possible?
If not, is there another mechanism, I could use for this purpose?
Maybe a mechanism, that could be undone, in the best case, to make the device accessible to the developers again?
Regards Kurt
[edit by moderator: contact details have been removed due to public visibility]
2022-11-07 11:32 PM
You cannot block access to SWIM permanently, but only until the next reset/POR. Some security mechanisms have already been built into the STM8 (ROP, PCODE, etc, see also PM0054), but the time of origin of the STM8 is simply too long ago to be classified as highly secure. Your ideas are therefore not feasible with STM8A, but possible with newer MCUs.
If the problem is solved/answered, please mark this thread as answered by selecting Select as best, as also explained here. This will help other users find that answer faster.
Regards
/Peter