Gtzc Functional Description; Gtzc Block Diagram; Figure 4. Gtzc Security Architecture - ST STM32WL5 Series Reference Manual

Global security controller (GTZC)
Application information
The TZSC and TZIC sub-blocks can be used in one of the following ways:
•
programmed during secure boot only, locked and not changed afterwards
•
dynamically re-programmed when using specific application code or secure kernel
(microvisor). When not locked, MPC area size for non-secure memories can be
changed by privileged software executing in privileged mode, and secure memories
can only be changed by privileged software executing in privileged mode in the secure
world. Same remark applies to the SECCFGR1 and PRIVCFGR1 registers inside
TZSC, that define secure and privileged protection level for each peripheral.
The STM32 security architecture with secure, securable and security-aware peripherals is
shown in the figure below.
Non-secure
AHB2AP
B
Sec-gate
AHB-PPC
STUB
AHB-
Crypto PPC
STUB
(AES)
SPI3
RNG
Securable peripherals
3.4

GTZC functional description

3.4.1

GTZC block diagram

Figure 5
its own AHB configuration port. TZSC defines which peripheral is secured and/or privileged.
TZIC centralizes the illegal access events.
When the device is non-secure (ESE = 0), TZIC has no function, memories are non-secure
and unprivileged and illegal interrupts are disabled. Peripherals can still be made privileged.
78/1461

Figure 4. GTZC security architecture

CPU1 CPU2
Secure
Master priv
GTZC
tzsc_periph_ priv
tzsc_periph sec/priv
tzsc_periph sec/priv
tzsc_periph sec/priv
AHB-
PPC tzsc_mpcwm[n] sec
STUB
tzsc_periph[n] sec
PKA
describes the combined feature of TZSC and TZIC. Each sub-block is controlled by
DMA/DMAMUX
Master sec/priv
AHB
tzic_ila_it
TZIC
ila events
Secure
n
tzsc_mpcwm_priv
tzsc_mpcwm_priv
TZSC
tzsc_mpcwm_priv
Security-
tzsc_ila_ event
aware
RM0453 Rev 1
Security-aware
Master sec/priv
MPCWM
MPCWM
Privileged
Unprivileged
Privileged
SRAM2
Unprivileged
SRAM1
Securable memories
RM0453
MPCWM
Privileged
Unprivileged
Flash
MSv60798V2