AM64x High Security Silicon Field Securable vs Security Enforced TI Information Disclosure

AM64x High Security Silicon FS (Field Securable) vs SE (Security Enforced) TI Information Selective Disclosure

AM64x: Field Securable Security AM6421BSDFHAALV Security Option H = Field Securable Option #1: Security not enable (HS-FS) Customer uses device as is. Security features are not enabled but the on-chip security subsystem is locked down and requires signed firmware which TI provides in the SDK. Non-secure system Field securable (HS-FS silicon) Program on-chip security keys Option #2: Security enforced (HS-SE) Customer programs the device with their security key enabling security features such as secure boot. Security enabled system Customer will need to request access to the MySecure Security folder for documentation and key programming tools TI Information Selective Disclosure

Why did AM64X move to HS-FS silicon only? Customers can now use a common development flow for both secure and non-secure applications, simplifying the design process. GP to HS migration not easy and always had issues like firewall blocked, crypto not available, customers having to sign board diagnostics, etc. More efficient use of TI resources Only need to support one SDK vs two (no need for dedicated GP and HS SDKs) Reduced IC device options & inventory Only need to stock and support a single EVM Security becoming more and more important for all connected applications; Market & competition rapidly moving in this direction TI Information Selective Disclosure

GP vs HS-FS Differences Pre-Production Silicon (1P0) AM64x GP silicon was sampled prior to RTM. GP silicon did not support any security features. If customer has written code on GP silicon, they will most likely need to make changes to their code in order to port to the HS-FS production silicon. Please see below resource links to support GP to HS-FS migration. Production Silicon (2P0) AM64x production silicon is HS-FS. The primary difference between HS-FS and GP silicon is that the HS-FS on-chip security subsystem is locked down, requiring signed firmware. Locked down means the on-chip security subsystem is isolated from the rest of the device; it s a security island with no access via external ports or on-chip resources. In order to guarantee a field deployable secure device option (i.e. HS-SE), the security subsystem has to be locked down prior to leaving TI. Migration Resources: 1P0 to 2P0 errata / board changes: GP to HS FAQ & migration guides: SDK Transition FAQ and Migration Guides AM64x Silicon Errata Silicon Rev Security Support Security subsystem locked down Security subsystem signed firmware Linux / MCU-PLUS SDK 1P0 (pre-prod Si) GP No No Up to 8.4 2P0 (prod Si) HS-FS Yes Yes 8.4 and greater TI Information Selective Disclosure

AM64X Orderable PN Scheme 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 X AM 6 4 2 1 B S D GH A ALV Production Status Automotive Designator Q = Auto Qualified (Q100) (blank) = Standard Carrier (blank) = Tray X = Pre-production (blank) = Released to market Prefix AM = Sitara Package Generation ALV = 17mm x 17mm 0.8 BGA 6 = K3 / 64-bit architecture Family 1 = lowest cost MPU 2 = MPU w/2K Display/Camera + derivatives 3 = Reserved 4 = MPU w/Control/Networking 5 = MPU w/Control/Networking 6 = Reserved 7 = MPU w/Advanced Analytics Temp (Junction) A = -40 C to 105 C (Extended Industrial) I = -40 C to 125 C (Automotive) Security G = Non-security (Only pre-production devices) H-Z = Production key HS devices Relative Performance 2 = 2x R5F 4 = 4x R5F Functional Safety G = Non-functional safety device F = Functional safety device Features MPU Cores 1 = 1x A53 2 = 2x A53 C = No ICSS Industrial Networking support D = Option C + ICSS industrial networking support E = Option D + EtherCAT and CAN-FD support F = Option F + pre-integrated communications stack Speed S = 1GHz A53, 400MHz M4F, 800MHz R5F, 333MHz PRU Silicon PG Revision A = Rev 1.0 B = Rev 2.0 K = 800MHz A53, 400MHz M4F, 400MHz R5F, 250MHz PRU TI Information Selective Disclosure