PartitionSecretBufferedWR LockableRD LockableECC Fatal AlertDescription
VENDOR_TESTnonoyes (Digest)yes (CSR)noVendor test partition for OTP smoke checks during manufacturing. The OTP wrapper control logic inside prim_otp is allowed to read/write to this region. ECC uncorrectable errors seen on the functional prim_otp interface will not lead to an alert for this partition. Instead, such errors will be reported as correctable ECC errors.
CREATOR_SW_CFGnonoyes (Digest)yes (CSR)yesSoftware configuration partition for device-specific calibration data (Clock, LDO, RNG, device identity).
OWNER_SW_CFGnonoyes (Digest)yes (CSR)yesSoftware configuration partition for data that changes software behavior, specifically in the ROM. E.g., enabling defensive features in ROM or selecting failure modes if verification fails.
HW_CFGnoyesyes (Digest)noyesEN_SRAM_IFETCH: Enable / disable execute from SRAM CSR switch. EN_CSRNG_SW_APP_READ: This input efuse is used to enable access to the NIST internal state per instance. EN_ENTROPY_SRC_FW_READ: This input efuse is used to enable access to the ENTROPY_DATA register directly. EN_ENTROPY_SRC_FW_OVER: This input efuse is used to enable access to the firmware override FIFO and other related functions.
SECRET0yesyesyes (Digest)yes (Digest)yesTest unlock tokens.
SECRET1yesyesyes (Digest)yes (Digest)yesSRAM and FLASH scrambling key roots used for scrambling key derivation.
SECRET2yesyesyes (Digest)yes (Digest)yesRMA unlock token and creator root key.
LIFE_CYCLEnoyesnonoyesLife-cycle related bits. This partition cannot be locked as the life cycle state needs to be able to advance to RMA in-field. Note that while this partition is not marked secret (i.e. it is not scrambled) it is not readable nor writeable via the DAI. Only the LC controller can access this partition, and even via the LC controller it is not possible to read the raw manufacturing life cycle state in encoded form, since that encoding is considered a netlist secret. The LC controller only exposes a decoded version of this state.