Kinetis controller in secure state

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Kinetis controller in secure state

Jump to solution
5,559 Views
epoc
Contributor I

I'm working with the Kinetis K60 tower system, IAR EWB and built-in OSJTAG debugger. During a 'download and debug' I inadvertently put the controller in the 'secure' state. I believe I had the wrong configuration file selected. I know have all of the original working setting restored and am no longer able to interface with the controller. How do I get the controller out of the secure state?

0 Kudos
Reply
1 Solution
2,267 Views
mjbcswitzerland
Specialist V

Hi

 

Do you know exactly which settings were configured?

 

The Kinetis has a protection mode which blocks a mass erase, which is unrecoverable. The goal of this protection mode is to ensure that it is not possible to program any further software to a protected device - this avoids the possibility of programming a software containing a trojian (or similar) into a device that has shipped (in this state) as part of a product.

 

This is quite an extreme protection mechanism which may be of interest in a few applications but developers have to be very careful not to accidently set it, otherwise it will be necessary to replace the device to be able to continue with development. When developing small pieces of new code it is useful to work from SRAM (since the K60 has enough for quite interesting things). When programming to FLASH one has to be careful what is at the addresses 0x400..0x40f - Rowely Crossworks (for example) doesn't program this area by default and so protects against inadvertently setting a configuration that may be critical.

 

Regards

 

Mark

 

uTasker for Kinetis

View solution in original post

0 Kudos
Reply
4 Replies
2,267 Views
egoodii
Senior Contributor III

One solution that worked for me:

 

The tools J-Link/J-Trace have a special 'commander mode' command 'unlock kinetis' that does the job!

 

Earl

2,267 Views
d_shah
Contributor II

Earl,

 

As per the IAR site (link below) It works only if the device is configured with  "Flash Security enabled", if  "Mass Erase is disabled" device can not be recovered from locked state.

 

http://supp.iar.com/Support/?note=77989

 

If there is any other alternative, please suggest.

 

d2v0

2,268 Views
mjbcswitzerland
Specialist V

Hi

 

Do you know exactly which settings were configured?

 

The Kinetis has a protection mode which blocks a mass erase, which is unrecoverable. The goal of this protection mode is to ensure that it is not possible to program any further software to a protected device - this avoids the possibility of programming a software containing a trojian (or similar) into a device that has shipped (in this state) as part of a product.

 

This is quite an extreme protection mechanism which may be of interest in a few applications but developers have to be very careful not to accidently set it, otherwise it will be necessary to replace the device to be able to continue with development. When developing small pieces of new code it is useful to work from SRAM (since the K60 has enough for quite interesting things). When programming to FLASH one has to be careful what is at the addresses 0x400..0x40f - Rowely Crossworks (for example) doesn't program this area by default and so protects against inadvertently setting a configuration that may be critical.

 

Regards

 

Mark

 

uTasker for Kinetis

0 Kudos
Reply
2,267 Views
epoc
Contributor I

Thank you Mark,

 

It looks like I ended up writing to the register that blocks mass erase. It just so happens that the data written to that location was just right to set it in that mode. I'm currently working toward replacing the controller on the TWR-K60N512 dev. board I'm working with. Thank you for the tip on using RAM during the development cycle. This is my first foray into using Freescale controllers, ARM and highly integrated 32-bit devices. It's been quite the learning curve. Thank you

0 Kudos
Reply