Step 1: Arm® Cortex®-M Memory Organization
Memory Organization of PIC32CM LS00 Curiosity Nano+ Touch Evaluation Kit
The PIC32CM LS00 Curiosity Nano+ Touch Evaluation Kit microcontroller is built around the Arm® Cortex®-M23 core with Arm® TrustZone® technology security support, and its memory system is designed to support both performance and hardware-level isolation between secure and non-secure firmware.
The PIC32CM LS00 Curiosity Nano+ Touch Evaluation Kit contains the following internal memory regions:
- Flash memory (program memory)
- DataFlash (write-while-read section)
- SRAM
- TrustRAM
- Boot ROM
Flash Memory (Program Memory)
Flash memory stores:
- Application firmware
- Secure bootloader
- Interrupt vector tables
- Constant data
Key Features:
- Organized in configurable regions
- Can be divided into secure and non-secure areas using Arm® TrustZone® technology
- Supports hardware secure boot (SHA/HMAC-based)
- Integrated cache for performance
Data Flash (Non-Volatile Data Storage)
The device includes a separate DataFlash Write-While-Read (WWR) section.
Purpose:
- Store calibration constants
- Configuration data
- Secure parameters
- Runtime non-volatile data
Features:
- Can be independently secured
- Supports address and data scrambling
- Allows writing while main Flash is being executed
SRAM (Static RAM)
SRAM is used for
- Stack and heap
- Global variables (stored in .bss and .data section)
- .bss - stores uninitialized data
- .data - stored initialized data
- Buffers
- Runtime data
With Arm® TrustZone® technology enabled, SRAM can be divided into:
- Secure SRAM
- Non-secure SRAM
TrustRAM
PIC32CM LS00 includes a small dedicated secure memory called TrustRAM.
Purpose:
- Store cryptographic keys
- Store sensitive runtime data
- Protect security-critical variables
Security features:
- Physical protection mechanisms
- Address and data scrambling
- Tamper detection support
- Secure erase capability
TrustRAM is accessible only from Secure mode.
Boot ROM
The device includes a fixed boot ROM.
Functions:
- Contains factory boot routines
- Secure boot support
- Device initialization routines
- Manufacturing test code
Boot ROM is read-only and cannot be modified by user firmware.
Secure and Non-Secure Memory Partitioning
The LS00 uses Arm® TrustZone® for Armv8-M to partition memory.
Each memory region (Flash, SRAM, DataFlash, peripherals) can be marked as:
- Secure
- Non-secure
- Secure callable (gateway region)
The partitioning is configured during system initialization by secure firmware. After configuration:
- Secure code can access all regions
- Non-secure code can access only non-secure regions
- Access violations generate security faults
This hardware-based separation improves system security by isolating sensitive code and data from the main application.
Memory Protection Mechanisms
In addition to Arm® TrustZone® technology, the LS00 includes:
- Memory Protection Unit (MPU)
- Peripheral Access Controller (PAC)
- Debug access level control
- Brown-out detection and reset protection
These mechanisms help prevent unauthorized access and improve system robustness.
The following table summarizes the key LS00 memory regions and their corresponding address ranges:
| Memory Type | Address Range |
|---|---|
| SRAM | 0x2000xxxx |
| Peripherals | 0x4000xxxx |
| System Control Block | 0xE000xxxx |