Hi, thanks for the reply. Sorry if I'm thick, but I'm still a little confused. Here is what I want to do:
1) Protect our code from competitors doing a read-back of the device
2) Protect the bootloader from getting overwritten (by firmware)
3) Allow the firmware to be written by the bootloader
4) Allow the firmware to read its own flash area, as parameters and user data are stored there
5) Allow the device to be "reset" such that the device can be wiped / re-programmed via JTAG or SWD
I don't mind disabling JTAG / SWD for another layer of protection, so long as we can revive it somehow if needed (ie: devices coming back from the field, etc).
What is the recommended method for protecting a device, yet allowing external firmware updates (via bootloader)?
Section 5.2.4.1 of the latest datasheet states:
Performing the sequence below causes the nonvolatile registers discussed in “Nonvolatile Register Programming” on page 158 to be restored to their factory default values. The mass erase of the flash memory caused by the below sequence occurs prior to the nonvolatile registers being restored.
So it seems to contradict the blurb in section 8.3.2