I'm curious about how the unique ID is programmed into each chip. Presumably all the chips on the wafer come out identical - at which point in the process are they individually selected and given a unique personality? Is it done with direct electrical contact that is then fused off, or using the near field link?
Since they need to probe each die to test it on the wafer, they set the UID at the same time. According to the datasheet, "These bytes are programmed and write protected in the production test."
It's probably done through normal write commands if there is any explicit lock bit at all (it could doesn't just check if any of the UID bits are already non-zero and then reject the write). You can actually make other parts of the memory read-only too by setting bits at a specified address [0] (which then cannot be unset again).
