3756 - iCE40: What is the effect of setting the security bit in iCE40 devices? How to verify if the security bit is set? If the security bit is not set, how to read the Non-Volatile Configuration Memory (NVCM) data?

3756 - iCE40: What is the effect of setting the security bit in iCE40 devices? How to verify if the security bit is set? If the security bit is not set, how to read the Non-Volatile Configuration Memory (NVCM) data?

It is not possible to obtain the data if Non-Volatile Configuration Memory (NVCM) is programmed with the security feature for iCE40. The security feature of the iCE40 device permanently disables any reading of NVCM data from the device.

To verify if the security bit is set:
- When the NVCM Read Device Properties operation is performed in Lattice Diamond Programmer, it shows the Device Secured option in the output log. This option should be set to ON if the security is set. Or
- If the #OT field is set to 01 in the NVCM file, it means that the security bit is set.

The NVCM data can be read if the security option is not set. There is no "Read NVCM data" feature in Programmer as the NVCM data in the device is not the same as in the file. For example, not all addresses are included in the NVCM file. This is because if the design does not use one row of fuses completely, then this row and its address are excluded from the NVCM file. As the NVCM file sizes vary depending on the design, and programming address is not fixed, for comparison the verify process needs to read back fuses in the address, which are included in the NVCM file.