Security in clusters
Each core in a cluster system has the same security features. Any number of the cores in the cluster can be executing in the Secure world at any point in time, and cores are able to transition between the worlds independently of each other.
Registers control whether Normal world code can modify Snoop Control Unit (SCU) settings. Similarly, the GIC that distributes prioritized interrupts across the cluster must be configured to be aware of security concerns.
The security system also controls availability of debug provision. You can configure separate hardware over full JTAG debug and trace control for Normal and Secure software worlds, so that no information about the trusted system leaks. You can control hardware configuration options through a Secure peripheral or you can hardwire them and control them using the following signals:
- Secure Privileged Invasive Debug Enable (SPIDEN): JTAG debug.
- Secure Privileged Non-Invasive Debug Enable (SPNIDEN): Trace and Performance Monitor.