<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144 in S32K</title>
    <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2260796#M55330</link>
    <description>&lt;P&gt;&lt;SPAN&gt;Hi Lukas,&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;thanks for the clarification.&lt;/P&gt;&lt;P&gt;I have a follow-up question regarding the A/B firmware partition setup.&lt;/P&gt;&lt;P&gt;I understand that &lt;STRONG&gt;BOOT_MAC&lt;/STRONG&gt; is used for the bootloader authentication in the autonomous secure boot flow. For the application images in the A/B partitions:&lt;/P&gt;&lt;H3&gt;1. Where should the MAC for each application be stored?&lt;/H3&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;Should the MAC be stored inside a CSEc &lt;STRONG&gt;key slot&lt;/STRONG&gt;?&lt;/P&gt;&lt;/LI&gt;&lt;LI&gt;&lt;P&gt;Or is there another recommended location for storing the expected MAC when using CMD_VERIFY_MAC for application verification?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;H3&gt;2. Is there any reference example or application note showing the &lt;STRONG&gt;chain of trust implementation&lt;/STRONG&gt;, where:&lt;/H3&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;Autonomous secure boot verifies the bootloader at 0x0000&lt;/P&gt;&lt;/LI&gt;&lt;LI&gt;&lt;P&gt;The bootloader then verifies the A/B applications using CMD_VERIFY_MAC?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;If you have sample code or a recommended implementation pattern, it would be very helpful for us.&lt;/P&gt;&lt;P&gt;Thank you again for your support.&lt;/P&gt;&lt;P&gt;Regards,&lt;BR /&gt;&lt;SPAN&gt;WT Liao&lt;/SPAN&gt;&lt;/P&gt;</description>
    <pubDate>Fri, 12 Dec 2025 08:29:01 GMT</pubDate>
    <dc:creator>WT_Liao_GARM</dc:creator>
    <dc:date>2025-12-12T08:29:01Z</dc:date>
    <item>
      <title>Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2259709#M55299</link>
      <description>&lt;P&gt;Hi NXP team,&lt;/P&gt;&lt;P&gt;We are working on enabling CSEc secure boot on the S32K144 and have several technical questions regarding the key management flow, IFR behavior, and secure boot configuration. I would appreciate your clarification on the following points:&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;1. Chain of Trust&lt;/STRONG&gt;&lt;BR /&gt;Based on the documentation, secure boot uses the &lt;STRONG&gt;BOOT_MAC_KEY&lt;/STRONG&gt; to generate a MAC for the firmware and compares it at boot time.&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;1.1&amp;nbsp;&lt;/STRONG&gt;When we generate the MAC for the flash region we want to verify,&lt;BR /&gt;&lt;STRONG&gt;where is the expected MAC stored for comparison?&lt;/STRONG&gt;&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;Is it stored inside a key slot?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;&lt;STRONG&gt;1.2&amp;nbsp;&lt;/STRONG&gt;We plan to implement &lt;STRONG&gt;A/B firmware partitions&lt;/STRONG&gt;, so each firmware update will produce a new MAC.&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;Can we configure the flash address range that secure boot will verify?&lt;/P&gt;&lt;/LI&gt;&lt;LI&gt;&lt;P&gt;If the MAC is stored in a CSEc key slot, does this mean each firmware update requires writing a new MAC into that key slot?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;&lt;STRONG&gt;1.3&amp;nbsp;&lt;/STRONG&gt;If the expected MAC must be updated after every firmware upgrade,&lt;BR /&gt;&lt;STRONG&gt;are there any precautions or recommended practices&lt;/STRONG&gt; for repeatedly updating MAC-related key slots?&lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;2.&amp;nbsp;Questions About IFR&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;2.1&amp;nbsp;&lt;/STRONG&gt;What exactly is the &lt;STRONG&gt;IFR&lt;/STRONG&gt;?&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;2.2&lt;/STRONG&gt;&amp;nbsp;The documentation mentions “Erase All Blocks” before using CSEc.&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;Does this operation need to be performed &lt;STRONG&gt;only once&lt;/STRONG&gt; before first-time CSEc use,&lt;BR /&gt;or must it be repeated whenever we update keys?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;&lt;STRONG&gt;2.3&lt;/STRONG&gt;&amp;nbsp;If we already used CSEc previously but now need to update a key,&lt;BR /&gt;&lt;STRONG&gt;do we need to perform Erase All Blocks again?&lt;/STRONG&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;3.Counter Value Usage&lt;/STRONG&gt;&lt;BR /&gt;What happens if the counter value wraps or is reused?&lt;BR /&gt;Can we get counter value for specific key?&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;4.&lt;/STRONG&gt;For key provisioning, should the keys be written through a special image that programs the keys automatically, or do we need to implement a task in our application to perform the key-writing procedure?&lt;/P&gt;&lt;P&gt;Thank you very much for your assistance.&lt;BR /&gt;We appreciate any additional documents, examples, or application notes that could help us better understand CSEc usage and secure boot integration.&lt;/P&gt;&lt;P&gt;Best regards,&lt;BR /&gt;WT Liao&lt;/P&gt;</description>
      <pubDate>Thu, 11 Dec 2025 07:11:47 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2259709#M55299</guid>
      <dc:creator>WT_Liao_GARM</dc:creator>
      <dc:date>2025-12-11T07:11:47Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2260730#M55325</link>
      <description>&lt;P&gt;Hi&lt;/P&gt;
&lt;P&gt;See my embedded answers below. The screenshots come from application note AN5401 which answers most of the questions and from S32K1 reference manual:&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;&amp;nbsp;&lt;/STRONG&gt;&lt;/P&gt;
&lt;OL&gt;
&lt;LI&gt;&lt;STRONG&gt; Chain of Trust&lt;/STRONG&gt;&lt;BR /&gt;Based on the documentation, secure boot uses the &lt;STRONG&gt;BOOT_MAC_KEY&lt;/STRONG&gt; to generate a MAC for the firmware and compares it at boot time.&lt;/LI&gt;
&lt;/OL&gt;
&lt;P&gt;&lt;STRONG&gt;1.1&amp;nbsp;&lt;/STRONG&gt;When we generate the MAC for the flash region we want to verify,&lt;BR /&gt;&lt;STRONG&gt;where is the expected MAC stored for comparison?&lt;/STRONG&gt;&lt;/P&gt;
&lt;UL&gt;
&lt;LI&gt;Is it stored inside a key slot?&lt;/LI&gt;
&lt;/UL&gt;
&lt;P&gt;&lt;EM&gt;[NXP] Yes, there’s a slot for BOOT_MAC and it can be updated using standard memory update protocol as any other key. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="lukaszadrapa_0-1765522911135.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/369652iCF5BA961D253FEAF/image-size/medium?v=v2&amp;amp;px=400" role="button" title="lukaszadrapa_0-1765522911135.png" alt="lukaszadrapa_0-1765522911135.png" /&gt;&lt;/span&gt;&lt;/P&gt;
&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="lukaszadrapa_1-1765522922186.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/369653i9EDEF6657C162E1F/image-size/medium?v=v2&amp;amp;px=400" role="button" title="lukaszadrapa_1-1765522922186.png" alt="lukaszadrapa_1-1765522922186.png" /&gt;&lt;/span&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;1.2&amp;nbsp;&lt;/STRONG&gt;We plan to implement &lt;STRONG&gt;A/B firmware partitions&lt;/STRONG&gt;, so each firmware update will produce a new MAC.&lt;/P&gt;
&lt;UL&gt;
&lt;LI&gt;Can we configure the flash address range that secure boot will verify?&lt;/LI&gt;
&lt;/UL&gt;
&lt;P&gt;&lt;EM&gt;[NXP] The start address is hardwired to 0x0, the size is supposed to be defined by CMD_BOOT_DEFINE command. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="lukaszadrapa_2-1765522945805.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/369654iD94929D886152BF8/image-size/medium?v=v2&amp;amp;px=400" role="button" title="lukaszadrapa_2-1765522945805.png" alt="lukaszadrapa_2-1765522945805.png" /&gt;&lt;/span&gt;&lt;/P&gt;
&lt;P&gt;For A/B FW partitions, there's an option to create a chain of trust. That means Autonomous secure boot is used to check the bootloader placed at address 0x0 and the bootloader then can check CMAC of application(s) using CMD_VERIFY_MAC command.&amp;nbsp;&lt;/P&gt;
&lt;UL&gt;
&lt;LI&gt;If the MAC is stored in a CSEc key slot, does this mean each firmware update requires writing a new MAC into that key slot?&lt;/LI&gt;
&lt;/UL&gt;
&lt;P&gt;&lt;EM&gt;[NXP] If flash area covered by secure boot is modified, BOOT_MAC must be update accordingly using memory update protocol. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;&amp;nbsp;&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="lukaszadrapa_3-1765522997570.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/369655i42E5BA5938E36160/image-size/medium?v=v2&amp;amp;px=400" role="button" title="lukaszadrapa_3-1765522997570.png" alt="lukaszadrapa_3-1765522997570.png" /&gt;&lt;/span&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;See AN5401 for further details. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;1.3&amp;nbsp;&lt;/STRONG&gt;If the expected MAC must be updated after every firmware upgrade,&lt;BR /&gt;&lt;STRONG&gt;are there any precautions or recommended practices&lt;/STRONG&gt; for repeatedly updating MAC-related key slots?&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;[NXP] You just need to follow standard memory update protocol to update the BOOT_MAC. There’s an option to let CSEc to calculate the BOOT_MAC first time but next updates must be done directly by user.&lt;/EM&gt; &lt;BR /&gt;&lt;BR /&gt;&lt;STRONG&gt;2.&amp;nbsp;Questions About IFR&lt;/STRONG&gt;&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;2.1&amp;nbsp;&lt;/STRONG&gt;What exactly is the &lt;STRONG&gt;IFR&lt;/STRONG&gt;?&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;[NXP] As the reference manual says, it’s “Nonvolatile information register found in each flash block, separate from the main memory array”. User can’t access IFR directly. There are stored information like – details about flash partition, user data which can be programmed and read by Program Once command and by Read Once command, etc. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;2.2&lt;/STRONG&gt;&amp;nbsp;The documentation mentions “Erase All Blocks” before using CSEc.&lt;/P&gt;
&lt;UL&gt;
&lt;LI&gt;Does this operation need to be performed &lt;STRONG&gt;only once&lt;/STRONG&gt; before first-time CSEc use,&lt;BR /&gt;or must it be repeated whenever we update keys?&lt;/LI&gt;
&lt;/UL&gt;
&lt;P&gt;&lt;EM&gt;[NXP] In production, it’s not necessary to run this command ever. The devices are shipped in fully erased and unsecured state, so you can directly program your application and run the Program Partition command. You are supposed to use this command in development when you want to change the partition, for example. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;2.3&lt;/STRONG&gt;&amp;nbsp;If we already used CSEc previously but now need to update a key,&lt;BR /&gt;&lt;STRONG&gt;do we need to perform Erase All Blocks again?&lt;/STRONG&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;[NXP] If you are going to develop new application on a device which has already CSEc enabled and there are some keys loaded, it makes sense to erase everything and start over. To erase all the keys and partition, it’s necessary to run CMD_DBG_CHAL and CMD_DBG_AUTH commands with knowledge of MASTER_ECU_KEY. See section “4.5 Resetting Flash to the Factory State” in AN5401. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;3.Counter Value Usage&lt;/STRONG&gt;&lt;BR /&gt;What happens if the counter value wraps or is reused?&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;[NXP] It won’t work. The counter must be increased on every update. &lt;/EM&gt;&lt;BR /&gt;Can we get counter value for specific key?&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;[NXP] No, you can’t read the keys (only RAM key imported in plain can be exported) or its attributes and counter. It’s up to user to track the counter values. &lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;STRONG&gt;4.&lt;/STRONG&gt;For key provisioning, should the keys be written through a special image that programs the keys automatically, or do we need to implement a task in our application to perform the key-writing procedure?&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;[NXP] The only way how to import the keys is to run standard memory update protocol defined by SHE specification. See “4.2 Key Management” in AN5401. So, the keys should be imported by your application or by configuration application.&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Documentation and examples:&lt;/P&gt;
&lt;P&gt;S32K1 reference manual, section "36.5.13 Cryptographic Services Engine (CSEc)":&lt;/P&gt;
&lt;P&gt;&lt;A href="https://www.nxp.com/webapp/Download?colCode=S32K1XXRM" target="_blank"&gt;https://www.nxp.com/webapp/Download?colCode=S32K1XXRM&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;Application note AN5401:&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;A href="https://www.nxp.com/webapp/Download?colCode=AN5401&amp;amp;location=null" target="_blank"&gt;https://www.nxp.com/webapp/Download?colCode=AN5401&amp;amp;location=null&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;&lt;A href="https://www.nxp.com/webapp/Download?colCode=AN5401SW&amp;amp;location=null" target="_blank"&gt;https://www.nxp.com/webapp/Download?colCode=AN5401SW&amp;amp;location=null&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;If you use SDK, you can find SW examples at path like this:&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;c:\NXP\S32DS.3.4\S32DS\software\S32SDK_S32K1XX_RTM_4.0.3\examples\&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;You can find:&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;..\examples\S32K144\demo_apps\csec_boot_protection\&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;..\examples\S32K144\demo_apps\flexcan_encrypted\&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;..\examples\S32K144\driver_examples\system\csec_keyconfig\&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;..\examples\S32K144\driver_examples\system\security_pal\&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;If you use newer RTD drivers for S32K1 devices, you can find some examples in Crypto driver: &lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;A href="https://www.nxp.com/webapp/swlicensing/sso/downloadSoftware.sp?catid=SW32K1-RTD44-D" target="_blank"&gt;https://www.nxp.com/webapp/swlicensing/sso/downloadSoftware.sp?catid=SW32K1-RTD44-D&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;But there are only some simple examples showing how to do AES encryption and decryption in autosar and non-autosar layer. There’s no example for secure boot. &lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;And then I saw this CSEc tool on github:&lt;/P&gt;
&lt;P&gt;&lt;A href="https://github.com/weltry/S32K1xx-CSEc-Tool" target="_blank"&gt;https://github.com/weltry/S32K1xx-CSEc-Tool&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;It's not official tool, it's a draft only and we will not provide support for the tool. But maybe it could be useful for you.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Regards,&lt;/P&gt;
&lt;P&gt;Lukas&lt;/P&gt;</description>
      <pubDate>Fri, 12 Dec 2025 07:10:57 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2260730#M55325</guid>
      <dc:creator>lukaszadrapa</dc:creator>
      <dc:date>2025-12-12T07:10:57Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2260734#M55326</link>
      <description>&lt;P&gt;And I will add one more thing about AB swap updates. Here's what I already wrote here on the community:&lt;BR /&gt;&lt;BR /&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;We have following application note “S32K1xx Firmware updates”:&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;&lt;A href="https://www.nxp.com/docs/en/application-note/AN12323.pdf" target="_blank" rel="nofollow noopener noreferrer"&gt;https://www.nxp.com/docs/en/application-note/AN12323.pdf&lt;/A&gt;&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;&lt;A href="https://www.nxp.com/docs/en/application-note-software/AN12323SW.zip" target="_blank" rel="nofollow noopener noreferrer"&gt;https://www.nxp.com/docs/en/application-note-software/AN12323SW.zip&lt;/A&gt;&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;The best option is to use position independent code, so you can use only one linker file and you do not need to check which version of the image should be uploaded. But not all tools support that. S32 Design Studio and included GCC toolchain does not support this, it was discussed here several times.&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;You can take a look at section “6.3&amp;nbsp; A/B swap using Position Independent Code (PIC)” in the application note. It says that IAR compiler support this feature with some small limitations.&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&lt;EM&gt;If you can’t use PIC code for whatever reason, usage of two linker files is also possible but, as mentioned, the disadvantage is that you always need to select the correct one for update.&lt;/EM&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;In other words, there's no direct support for AB swap. AB swap including automatic remapping and including advanced secure boot is supported by HSE on S32K3 devices, not on S32K1. On S32K1, it must be completely managed by software. The only way to use secure boot also for A/B applications is to use mentioned chain of trust.&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Fri, 12 Dec 2025 07:18:00 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2260734#M55326</guid>
      <dc:creator>lukaszadrapa</dc:creator>
      <dc:date>2025-12-12T07:18:00Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2260796#M55330</link>
      <description>&lt;P&gt;&lt;SPAN&gt;Hi Lukas,&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;thanks for the clarification.&lt;/P&gt;&lt;P&gt;I have a follow-up question regarding the A/B firmware partition setup.&lt;/P&gt;&lt;P&gt;I understand that &lt;STRONG&gt;BOOT_MAC&lt;/STRONG&gt; is used for the bootloader authentication in the autonomous secure boot flow. For the application images in the A/B partitions:&lt;/P&gt;&lt;H3&gt;1. Where should the MAC for each application be stored?&lt;/H3&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;Should the MAC be stored inside a CSEc &lt;STRONG&gt;key slot&lt;/STRONG&gt;?&lt;/P&gt;&lt;/LI&gt;&lt;LI&gt;&lt;P&gt;Or is there another recommended location for storing the expected MAC when using CMD_VERIFY_MAC for application verification?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;H3&gt;2. Is there any reference example or application note showing the &lt;STRONG&gt;chain of trust implementation&lt;/STRONG&gt;, where:&lt;/H3&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;Autonomous secure boot verifies the bootloader at 0x0000&lt;/P&gt;&lt;/LI&gt;&lt;LI&gt;&lt;P&gt;The bootloader then verifies the A/B applications using CMD_VERIFY_MAC?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;If you have sample code or a recommended implementation pattern, it would be very helpful for us.&lt;/P&gt;&lt;P&gt;Thank you again for your support.&lt;/P&gt;&lt;P&gt;Regards,&lt;BR /&gt;&lt;SPAN&gt;WT Liao&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Fri, 12 Dec 2025 08:29:01 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2260796#M55330</guid>
      <dc:creator>WT_Liao_GARM</dc:creator>
      <dc:date>2025-12-12T08:29:01Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2261155#M55339</link>
      <description>&lt;P&gt;1. Only BOOT_MAC has dedicated key slot assigned. You are not allowed to store other MACs or data to CSEc key slots. &lt;BR /&gt;The only option is to store the MAC to normal code flash or data flash.&lt;/P&gt;
&lt;P&gt;2. There’s an application note for MPC5646C device. That was the first device with CSE module. It’s not the same module like CSEc on S32K1 but it has the same functionality, it still follows the same SHE specification:&lt;BR /&gt;&lt;A href="https://www.nxp.com/docs/en/application-note/AN4235.pdf" target="_blank"&gt;https://www.nxp.com/docs/en/application-note/AN4235.pdf&lt;/A&gt;&lt;BR /&gt;&lt;A href="https://www.nxp.com/docs/en/application-note-software/AN4235SW.zip" target="_blank"&gt;https://www.nxp.com/docs/en/application-note-software/AN4235SW.zip&lt;/A&gt;&lt;BR /&gt;&lt;A href="https://www.nxp.com/docs/en/application-note-software/AN4235video.zip" target="_blank"&gt;https://www.nxp.com/docs/en/application-note-software/AN4235video.zip&lt;/A&gt;&lt;BR /&gt;We don’t have example directly for S32K1.&lt;/P&gt;
&lt;P&gt;And also take a look at this post where I explained how to use CMD_BOOT_OK and CMD_BOOT_FAILURE commands:&lt;BR /&gt;&lt;A href="https://community.nxp.com/t5/S32K/about-secure-boot-of-CSEc-model/m-p/1579770/highlight/true#M19927" target="_blank"&gt;https://community.nxp.com/t5/S32K/about-secure-boot-of-CSEc-model/m-p/1579770/highlight/true#M19927&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;Regards,&lt;/P&gt;
&lt;P&gt;Lukas&lt;/P&gt;</description>
      <pubDate>Fri, 12 Dec 2025 11:19:41 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2261155#M55339</guid>
      <dc:creator>lukaszadrapa</dc:creator>
      <dc:date>2025-12-12T11:19:41Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2263943#M55480</link>
      <description>&lt;P&gt;&lt;SPAN&gt;Hi Lukas,&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;I am trying to run the &lt;STRONG&gt;csec_boot_protection&lt;/STRONG&gt; example on S32K144 and encountered an issue during D-Flash partitioning.&lt;/P&gt;&lt;P&gt;After executing this function&amp;nbsp;FLASH_DRV_DEFlashPartition();&lt;/P&gt;&lt;P&gt;an &lt;STRONG&gt;ACCERR&lt;/STRONG&gt; error is reported, and the D-Flash partitioning fails.&lt;/P&gt;&lt;DIV class=""&gt;&amp;nbsp;&lt;/DIV&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="WT_Liao_GARM_1-1765889097024.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/370230iFB6874D86AAAEEE6/image-size/medium?v=v2&amp;amp;px=400" role="button" title="WT_Liao_GARM_1-1765889097024.png" alt="WT_Liao_GARM_1-1765889097024.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Initially, I suspected that the failure might be caused by the device already being partitioned. However, I checked the &lt;STRONG&gt;DEPART register&lt;/STRONG&gt; and confirmed that it is still at its default value, which indicates that D-Flash has not been partitioned yet and should be allowed to perform partitioning.&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="WT_Liao_GARM_2-1765889133840.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/370231i1C75665D4D2A1185/image-size/medium?v=v2&amp;amp;px=400" role="button" title="WT_Liao_GARM_2-1765889133840.png" alt="WT_Liao_GARM_2-1765889133840.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;&lt;BR /&gt;Could you please advise what might cause this ACCERR error in this scenario?&lt;BR /&gt;Is there any prerequisite condition, configuration, or flash state that must be met before calling FLASH_DRV_DEFlashPartition()?&lt;BR /&gt;&lt;BR /&gt;&lt;/P&gt;&lt;P&gt;Any guidance on how to properly resolve this issue would be greatly appreciated.&lt;/P&gt;&lt;P&gt;Thank you for your support.&lt;/P&gt;&lt;P&gt;Regards,&lt;BR /&gt;WT Liao&lt;/P&gt;</description>
      <pubDate>Tue, 16 Dec 2025 12:46:19 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2263943#M55480</guid>
      <dc:creator>WT_Liao_GARM</dc:creator>
      <dc:date>2025-12-16T12:46:19Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2264422#M55512</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/257836"&gt;@WT_Liao_GARM&lt;/a&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Yes, it looks like the device is not partitioned yet.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Do you use original example or are there any modifications?&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Do you have CSEs enabled device? What is the exact part number and what is the content of SDID register in SIM module?&lt;/P&gt;
&lt;P&gt;Regards,&lt;/P&gt;
&lt;P&gt;Lukas&lt;/P&gt;</description>
      <pubDate>Wed, 17 Dec 2025 06:13:58 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2264422#M55512</guid>
      <dc:creator>lukaszadrapa</dc:creator>
      <dc:date>2025-12-17T06:13:58Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2264454#M55513</link>
      <description>&lt;P&gt;Hi Lukas,&lt;/P&gt;&lt;P&gt;I used the original example.&lt;/P&gt;&lt;P&gt;The&amp;nbsp;&lt;SPAN&gt;SDID&amp;nbsp;is shown below.&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="WT_Liao_GARM_0-1765953311323.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/370359i8D94B3E17402907F/image-size/medium?v=v2&amp;amp;px=400" role="button" title="WT_Liao_GARM_0-1765953311323.png" alt="WT_Liao_GARM_0-1765953311323.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;The part number is &lt;SPAN&gt;FS32K144HRT0VLLR.&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;Regards,&lt;/P&gt;&lt;P&gt;WT_Liao_GARM&lt;/P&gt;</description>
      <pubDate>Wed, 17 Dec 2025 06:43:43 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2264454#M55513</guid>
      <dc:creator>WT_Liao_GARM</dc:creator>
      <dc:date>2025-12-17T06:43:43Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2264719#M55532</link>
      <description>&lt;P&gt;This is older version of the chip which is no longer offered. 'R' letter in the part number means that it has basic feature set without Security. SDID register confirms this. You need to order a device with Security feature. See "3.2 Ordering information" in the datasheet for details:&lt;/P&gt;
&lt;P&gt;&lt;A href="https://www.nxp.com/docs/en/data-sheet/S32K1xx.pdf" target="_blank"&gt;https://www.nxp.com/docs/en/data-sheet/S32K1xx.pdf&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="lukaszadrapa_0-1765964160969.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/370403iFBA61E39F5F2C0B6/image-size/medium?v=v2&amp;amp;px=400" role="button" title="lukaszadrapa_0-1765964160969.png" alt="lukaszadrapa_0-1765964160969.png" /&gt;&lt;/span&gt;&lt;/P&gt;
&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="lukaszadrapa_1-1765964168099.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/370404iF864E479805AD345/image-size/medium?v=v2&amp;amp;px=400" role="button" title="lukaszadrapa_1-1765964168099.png" alt="lukaszadrapa_1-1765964168099.png" /&gt;&lt;/span&gt;&lt;/P&gt;
&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="lukaszadrapa_2-1765964330197.png" style="width: 400px;"&gt;&lt;img src="https://community.nxp.com/t5/image/serverpage/image-id/370405i0DBFA4309968E30A/image-size/medium?v=v2&amp;amp;px=400" role="button" title="lukaszadrapa_2-1765964330197.png" alt="lukaszadrapa_2-1765964330197.png" /&gt;&lt;/span&gt;&lt;/P&gt;
&lt;P&gt;Regards,&lt;/P&gt;
&lt;P&gt;Lukas&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 17 Dec 2025 09:39:07 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2264719#M55532</guid>
      <dc:creator>lukaszadrapa</dc:creator>
      <dc:date>2025-12-17T09:39:07Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2265620#M55564</link>
      <description>&lt;P&gt;Hi Lukas,&lt;/P&gt;&lt;P&gt;Thanks for the clarification.&lt;/P&gt;&lt;P&gt;I have two questions regarding the secure boot configuration and recovery behavior on the S32K series:&lt;/P&gt;&lt;OL&gt;&lt;LI&gt;&lt;P&gt;If the device is initially configured to &lt;STRONG&gt;Parallel Boot Mode&lt;/STRONG&gt;, is it possible to switch the boot mode to &lt;STRONG&gt;Strict Sequential Mode&lt;/STRONG&gt; later from the application?&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;If yes, are there any prerequisites or restrictions for this transition?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;/LI&gt;&lt;LI&gt;&lt;P&gt;When the MCU is operating in &lt;STRONG&gt;Strict Sequential Mode&lt;/STRONG&gt;, if an incorrect or corrupted bootloader is programmed and causes the device to continuously reset,&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;P&gt;is it still possible to reprogram a correct bootloader via &lt;STRONG&gt;JTAG / debugger&lt;/STRONG&gt; to recover the device?&lt;/P&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;/LI&gt;&lt;/OL&gt;&lt;P&gt;Regards,&lt;BR /&gt;WT_Liao_GARM&lt;/P&gt;</description>
      <pubDate>Thu, 18 Dec 2025 02:39:39 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2265620#M55564</guid>
      <dc:creator>WT_Liao_GARM</dc:creator>
      <dc:date>2025-12-18T02:39:39Z</dc:date>
    </item>
    <item>
      <title>Re: Questions about CSEc Secure Boot, Key Management, IFR, and Counters on S32K144</title>
      <link>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2266134#M55589</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/257836"&gt;@WT_Liao_GARM&lt;/a&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;It is possible to update boot mode and boot size by execution of CMD_BOOT_DEFINE command.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;The only restriction is - once strict boot mode is configured, it's not possible to do any further updates. It's not possible to change it back to normal sequential or parallel mode and it is not possible to change the boot size. Notice that S32K1 reference manual explicitly says that it is possible to change the boot size in strict sequential mode but that's not correct. I already reported it some time ago and it should be updated in the manual.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;If you are in strict sequential boot mode, you can only update the BOOT_MAC. So, the firmware update is still allowed.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;If strict sequential boot mode fails, there's no way to recover. The device will stay in reset forever. The only option is to replace the device.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Regards,&lt;/P&gt;
&lt;P&gt;Lukas&lt;/P&gt;</description>
      <pubDate>Thu, 18 Dec 2025 12:00:48 GMT</pubDate>
      <guid>https://community.nxp.com/t5/S32K/Questions-about-CSEc-Secure-Boot-Key-Management-IFR-and-Counters/m-p/2266134#M55589</guid>
      <dc:creator>lukaszadrapa</dc:creator>
      <dc:date>2025-12-18T12:00:48Z</dc:date>
    </item>
  </channel>
</rss>

