Guide To Understanding JTAG fuses and Security.pdf
(
253 KB
)
Pobierz
Microsoft Word - Guide To Understanding JTAG fuses and Security.doc
GUIDE TO UNDERSTANDING JTAG
FUSES AND SECURITY
A N I N T E R M E D I A T E L O O K A T T H E A V R J T A G I N T E R F A C E
AV RF REAK S. N ET
SEP 2002
TABLE OF CONTENTS
Understanding JTAG fuses and Security .............................................................................................2
JTAG Nomenclature...............................................................................................................................2
JTAG Fuses and Security......................................................................................................................2
On-Chip Debugging ...............................................................................................................................3
Boundary-Scan.......................................................................................................................................4
JTAG Programming ...............................................................................................................................5
JTAG Security Roundup ........................................................................................................................5
JTAG Programming ...............................................................................................................................6
AN INTERMEDIATE LOOK AT THE AVR JTAG INTERFACE, AVRFREAKS.NET
1
Understanding JTAG fuses and Security
We will in this article take a closer look at the JTAG interface and how Fuses and
Lockbits affect operation. If you are using, or planning to use the JTAG interface,
you should definitely spend a couple of minutes reading this article!
Note:
This article is not intended for newbies. Readers should read and get an
understanding of the JTAG section in the datasheet before reading this document.
Introduction
New megaAVR devices with more than 8KB of Flash, include a JTAG interface for
Programming, Boundary Scan and On-chip Debugging.
This article will take a peek at some of the features that are somewhat hidden, or
difficult to find, in the datasheets.
JTAG Nomenclature
JTAG Programming, OCD, IEEE 1149.1 compliant, Boundary-Scan. It is easy to
get confused and start mixing the terminology. To summarize the AVR JTAG
interface is compliant with the IEEE 1149.1 Standard. Through this interface you
have access to the following "services":
•
Memory Programming
•
Boundary Scan
•
On-Chip Debug
When using the term "JTAG" we refer to the interface as such. When talking
about a specific "service" we usually use the "service name". (e.g. JTAG
Programming)
JTAG Fuses and Security
JTAG
Fuses
The first source of confusion when looking at the JTAG interface is understanding
the fuses, and how they affect the behavior of the device and/or JTAG interface.
In addition; An IO control bit "JTD" is a available. Unlike the fuses this bit can be
set at run-time allowing you to disable the JTAG / OCD functionality in software
during program execution.
So what is the difference between the JTAGEN and OCDEN fuse? What do they
do, and what is the consequence of only programming one of them?
To save you some time fine-reading the Datasheet, we here at AVRfreaks have
compiled the following table and functional block diagram that should explain the
relationship between these fuses and functionality.
The block diagram below the table shows the relationship between the Fuses and
JTD control bit. Note that setting either of the Lock bits LB1or LB2 will disable
OCD.
NOTE: In the following table we use "
P
" for programmed, and "
U
" for un-
programmed fuse.
AN INTERMEDIATE LOOK AT THE AVR JTAG INTERFACE, AVRFREAKS.NET
2
JTD
JTAGEN
OCDEN
DESCRIPTION
U
U
U
No JTAG programming, OCD or Boundary-Scan is
possible
U
U
P
No JTAG programming, OCD or Boundary-Scan is
possible
U
P
U
JTAG Programming and Boundary Scan is possible,
OCD disabled
U
P
P
OCD, JTAG Programming and Boundary-Scan is
Enabled (Note 1)
P
U
U
No JTAG programming, OCD or Boundary-Scan is
possible
P
U
P
No JTAG programming, OCD or Boundary-Scan is
possible
P
P
U
No JTAG programming, OCD or Boundary-Scan is
possible
P
P
P
No JTAG programming, OCD or Boundary-Scan is
possible
Note 1:
Do not ship the device in this state, as it will consume more power, and
is open for hacking :-)
JTAG
Security
As shown in the figure and table, setting the correct fuses and keeping the device
unlocked is essential to be able to access the on-chip OCD system. As shown,
setting lock bits will disable the OCD system completely, while the JTAG
Programming interface will continue to work the same way as the two other
programming interfaces (HVPP and ISP).
To disable JTAG Programming, either set appropriate Lock bits, or use the JTD bit
or the JTAGEN fuse.
On-Chip Debugging
The OCD is a feature for in-system debugging. Although this "emulation" interface
lack some of the functionality offered by high end emulators (features like
trace/triggers unlimited breakpoints, cycle counters...) it actually has some
AN INTERMEDIATE LOOK AT THE AVR JTAG INTERFACE, AVRFREAKS.NET
3
unique features not found in any other emulator: The most obvious advantage is
that you actually are running the code on the device itself, so all electrical and
timing characteristics are FOR REAL. No emulated behavior!
The main thing to remember is that the JTAG OCD is not an EMULATOR, it is the
real thing. Which leads us to the JTAG ICE which actually is no ICE at all. It is a
protocol converter/interface allowing AVR Studio to talk to the OCD interface
inside the AVR. :-)
One thing that you should be aware of is that when the AVR OCDEN fuse is
programmed (OCD Enabled) some of the clock system is left running even though
you put the AVR in sleep mode. So, if you experience high power consumption
during SLEEP mode, make sure you are not running the device with the OCDEN
programmed!
Boundary-Scan
Boundary-Scan is very efficient way of verifying that your device is soldered in
correctly, and that inter connectivity to other devices is correct. There are a
number of tools available today that will read your layout files and generate a
complete test vector set to verify your design.
When JTAGEN fuse is programmed and JTD is
not
set, the Boundary Scan Chain
is available. This chain include all (almost) physical pins on the device. This chain
do not include the internal scan chain. The internal Scan Chain is part of the OCD
system, and is not accessible unless OCD is enabled, and LB1 and LB2 is
unprogrammed.
AN INTERMEDIATE LOOK AT THE AVR JTAG INTERFACE, AVRFREAKS.NET
4
Plik z chomika:
sliwak
Inne pliki z tego folderu:
Warsztaty AVR - Programowanie uC.pdf
(265 KB)
Warsztaty AVR - ATmega8.pdf
(327 KB)
Warsztaty AVR - Instalacja oprogramowania.pdf
(293 KB)
Programowanie mikrokontrolerów w języku C.pdf
(671 KB)
Podstawy programowania mikrokontrolerów AVR8 w środowisku AVR Studio 4.pdf
(676 KB)
Inne foldery tego chomika:
! 2015
! 2016
! 2016 automatyka
! 2018
! MATURA FIZYKA
Zgłoś jeśli
naruszono regulamin