https://community.nxp.com/t5/S32G/Understanding-secure-boot-provisioning-on-S32G/m-p/1616076#M2480 <P>Hello there-</P><P>&nbsp; &nbsp; &nbsp;I'm trying to figure out secure boot on the <A href="https://www.nxp.com/design/designs/goldbox-for-vehicle-networking-development-platform:GOLDBOX" target="_blank" rel="noopener">S32G Goldbox Reference Platform</A>.&nbsp; I've read<A href="https://www.nxp.com/docs/en/application-note/AN13495.pdf" target="_blank" rel="noopener"> AN13495</A> which seems to detail how to manage the key catalog using libp11 at run time, which is well and good, but that app note I think presumes that a key is already enrolled in the hardware and the corresponding e-fuses are blown.&nbsp; I'm looking for documentation that describes the process for actually doing that initial provisioning.&nbsp; I'm used to the process on the I.MX8 board in which a u-boot utility can be used to set the OTP memory, but I can't find anything that describes the process on S32G (or even if the process is the same or different).</P><P>&nbsp;</P><P>I understand that S32G is largely under NDA, but if someone can just point me to an application note number of document title that describes what I'm looking for, so I know what to ask for access to, that would be helpful.</P><P>&nbsp;</P><P>Thanks!</P> Wed, 15 Mar 2023 18:57:08 GMT nhorman 2023-03-15T18:57:08Z https://community.nxp.com/t5/S32G/Understanding-secure-boot-provisioning-on-S32G/m-p/1616076#M2480 <P>Hello there-</P><P>&nbsp; &nbsp; &nbsp;I'm trying to figure out secure boot on the <A href="https://www.nxp.com/design/designs/goldbox-for-vehicle-networking-development-platform:GOLDBOX" target="_blank" rel="noopener">S32G Goldbox Reference Platform</A>.&nbsp; I've read<A href="https://www.nxp.com/docs/en/application-note/AN13495.pdf" target="_blank" rel="noopener"> AN13495</A> which seems to detail how to manage the key catalog using libp11 at run time, which is well and good, but that app note I think presumes that a key is already enrolled in the hardware and the corresponding e-fuses are blown.&nbsp; I'm looking for documentation that describes the process for actually doing that initial provisioning.&nbsp; I'm used to the process on the I.MX8 board in which a u-boot utility can be used to set the OTP memory, but I can't find anything that describes the process on S32G (or even if the process is the same or different).</P><P>&nbsp;</P><P>I understand that S32G is largely under NDA, but if someone can just point me to an application note number of document title that describes what I'm looking for, so I know what to ask for access to, that would be helpful.</P><P>&nbsp;</P><P>Thanks!</P> Wed, 15 Mar 2023 18:57:08 GMT https://community.nxp.com/t5/S32G/Understanding-secure-boot-provisioning-on-S32G/m-p/1616076#M2480 nhorman 2023-03-15T18:57:08Z https://community.nxp.com/t5/S32G/Understanding-secure-boot-provisioning-on-S32G/m-p/1616166#M2482 <P>Hi,</P> <P>The secure boot on S32G platform is mainly referring to the HSE subsystem/firmware available under the S32G platform (link: <A href="https://www.nxp.com/docs/en/product-brief/HSEPB.pdf" target="_blank">Hardware Security Engine (HSE) – Product Brief (nxp.com)</A>).</P> <P>The HSE subsystem (and the related information to it) is confidential (given that HSE is confidential and under NDA) for which we cannot provide information about it on a public channel. We recommend you to either opening a ticket under the NXP online services or sending this inquiry to your local NXP representative/FAE.</P> <P>As a note, there is a brief description of the boot flow on the S32G2 Reference Manual [Page 1160, S32G2 Reference Manual, Rev. 6, 11/2022], but everything related to specifics of the HSE subsystem might not be specified. This same information is also summarized on the AN12422 available on the S32G2 product page (link:&nbsp;<A href="https://www.nxp.com/products/processors-and-microcontrollers/s32-automotive-platform/s32g-vehicle-network-processors/s32g2-processors-for-vehicle-networking:S32G2" target="_blank">S32G2 Safe and Secure Vehicle Network Processor | NXP Semiconductors</A>)</P> <P>Please, let us know.</P> Wed, 15 Mar 2023 20:22:01 GMT https://community.nxp.com/t5/S32G/Understanding-secure-boot-provisioning-on-S32G/m-p/1616166#M2482 Daniel-Aguirre 2023-03-15T20:22:01Z