Securing a project that has a bootloader

robotjosh · ‎04-10-2015

I'm not sure I can use flash lock to secure a project because it needs to be able to write to flash with the bootloader. Is there a way to secure a device that has a bootloader? I need to be able to write to flash with a bootloader and also not be able to download that code with jtag. Is there a way to disable jtag or otherwise make this secure against downloading the firmware while allowing the bootloader to write flash?

mjbcswitzerland · ‎04-10-2015

Jost

If you set the secure mode in the Flash configuration (this has to be set in the boot loader) it is not possible to communicate with EzPort or JTAG without first performing a mass erase.

There is however no restriction to the code (boot loader or application) from writing internal Flash.

This is the typical method or protecting code (with or without a boot loader).

It is also possible to disable the JTAG interface but this is extreme and un-recoverable (also a Flash configuration setting).

Regards

Mark

Kinetis: µTasker Kinetis support

For the complete "out-of-the-box" Kinetis experience and faster time to market

在原帖中查看解决方案

Hui_Ma · ‎04-12-2015

Hi Josh,

There is an application note AN4507 about Kinetis product security and Flash protection feature.

When the Kinetis product be secured, the JTAG debug interface couldn't access the chip internal memory and registers.

While, even the Kinetis chip in secured status, the internal routine also could do Flash erase and program.

Wish it helps.

Have a great day,
best regards,

Ma Hui

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

mjbcswitzerland · ‎04-10-2015