secure MCU

814420552 — Tue, 23 Jun 2020 06:13:02 GMT

hello,

<1>If CEsc is enabled before the device enters the secured mode, you cannot change the device to an unsecured state through the Erase All Blocks command and the Erase All Blocks unsecure command, right?
<2> At this time, can I only use the Verify Backdoor Access Key command to change the device to an unsecured state? And if I did not configure the back door key before entering the secured mode, is this device unable to permanently change to the unsecured mode? Is there any other way to change to unsecured mode? And because this debugger is not available when using this command, how can I use this command?

Re: secure MCU

lukaszadrapa — Fri, 26 Jun 2020 10:15:26 GMT

Hi Kui,

1. That's correct. If CSE is enabled, it's necessary to run DEBUG_CHAL and DEBUG_AUTH commands to erase keys / reset the CSE back to factory state and then mass erase can be executed. If any key is write protected, you can't do that ever.

2. Yes, Verify Backdoor Access Key command is the only way and yes, there's no way to change it to unsecured state. I already commented here:

https://community.nxp.com/thread/535751#comment-1332214

Regards,

Lukas

S32Kのトピックsecure MCU

secure MCU

Re: secure MCU