• State Not Answered
  • Replies 8 replies
  • Subscribers 76 subscribers
  • Views 3708 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 263062
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

NRF52840 SOC Jtag Port disabling

Srinivas V

Hi Team,

We are using the nRF52840 for our development purpose. For sake Cyber security purpose we need to disable the Jtag debug port. 

For this we have used the below code snippet,

   NRF_UICR->APPROTECT = 0x00;

With this we are not able to disable the Jtag Debug Port, is there any other way to disable the port.

Could any one share the Jtag disabling part of code for nRF52840, without impacting the our rest of the Peripherals means Flash, BLE  and other peripherals.

Regards,

Srinivas.V

  • 0

    Hi Srinivas,

    You need to enable writing to flash in NVMC before you write to an UICR register. Here is an example of how you can do it:

    APPROTECT_ENABLE 1

void approtect(void) 

{

#if APPROTECT_ENABLE

    if ((NRF_UICR->APPROTECT & UICR_APPROTECT_PALL_Msk) != 
        (UICR_APPROTECT_PALL_Enabled << UICR_APPROTECT_PALL_Pos))
    {
        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Wen << NVMC_CONFIG_WEN_Pos;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy) {}
        NRF_UICR->APPROTECT = (UICR_APPROTECT_PALL_Enabled << UICR_APPROTECT_PALL_Pos);
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy) {}
        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Ren << NVMC_CONFIG_WEN_Pos;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy) {}
        NVIC_SystemReset();
    }  

#endif //APPROTECT_ENABLE

}/**

    Regards,

    Vidar

  • 0 in reply to Vidar Berg

    Hi Vidar,

    Thanks for your reply.

    Is this code works for nRF52840? 

    Which is the correct place to call this function "approtect()", means at start of the main or initialization of any other peripherals like times , flash etc..

    And how to test the above functionality is working or not or is there any specific instructions to debug this code without using the debugger.

    Regards,

    Srinivas.V

  • 0 in reply to Srinivas V

    Hi Srinivas,

    It has to be called before enabling the Softdevice because you are not allowed to access the NVMC while it is enabled.

    It's difficult to debug with readback protection, but you can try to connect the debugger to verify if approtect is enabled or not.

    Regards,

    Vidar

  • 0 in reply to Vidar Berg

    Hi Vidar,

    Once again thanks for your support.

    void approtect(void) 

{

#if APPROTECT_ENABLE

    if ((NRF_UICR->APPROTECT & UICR_APPROTECT_PALL_Msk) != 
        (UICR_APPROTECT_PALL_Enabled << UICR_APPROTECT_PALL_Pos))
    {
        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Wen << NVMC_CONFIG_WEN_Pos;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy) {}
        NRF_UICR->APPROTECT = (UICR_APPROTECT_PALL_Enabled << UICR_APPROTECT_PALL_Pos);
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy) {}
        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Ren << NVMC_CONFIG_WEN_Pos;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy) {}
        NVIC_SystemReset();
    }  

#endif //APPROTECT_ENABLE

}/**

    With the above code changes I am able to disable the debug port and not able to connect the debugger and not able to erase the flash and load the new .hex as well with Jtag port with the connected debugger(i-Jet).

    1. How to enable Jtag port again and how load the new hex file debugger.

    2. Is there any HW changes required to enable the Jtag port again for the particular nRF52840 Board.

    If I am able to enable the Jtag port again it would be helpful to team to debug again.

    Is there any flexible way to enable and disable the Jtag port SW changes itself.

    Regards,

    Srinivas.V

  • 0 in reply to Srinivas V

    Hi Vidar,

    Regarding this Jtag Disable, in forums saying that by using the 

    The CTRL-AP - Control Access Port is a custom access port that enables control of the device even if the other access ports in the DAP are being disabled by access port protection.

    How to execute the above flow, for this any tools or HW changes are required to enable the Jtag port again.

    Regards,

    Srinivas.V

Related
Terms of service