NXP Semiconductors QorIQ LS1012A Reference Manual

• Detects (receives from detectors external to Security Monitor) the followingsecurity violations:• Software violations• Hardware security violation inputs• Run time integrity checker failure• Security fuse processor• Secure debug controller activation• External tamper detect• Direct connections to SEC and COP to lock out access to the OTPMK/ZMK, andforce zeroization of sensitive information• Configurably triggers a device hard reset• Reports to software (interrupts) security violations29.9.2 Operational statesThe Security Monitor incorporates a security state machine (SSM), which is responsiblefor monitoring system security violations and controlling security state of the system.The SSM states are defined as follows:• Init-initial state after system power-on reset• Check-system performs security checks• Non-secure (functional)-system operates in non-secure state• Trusted (functional)-system operates in trusted state• Secure (functional)-system operates in secure state• Soft fail-security violation/tamper was detected. The system state may beunpredictable. Access to persistent and ephemeral secrets locked out, zeroization ofsecrets within the SEC.• Hard fail-system hard reset is requested. All behaviors of Soft fail, plus zeroizationof some SoC caches and main memory, SoC reset initiated.Three of the SSM states, trusted, secure, and non-secure, are considered functional states.Chapter 29 Secure Boot and Trust Architecture 2.1QorIQ LS1012A Reference Manual, Rev. 1, 01/2018NXP Semiconductors 1775