The Economist Intelligence Unit’s (EIU) 2020 IoT Index recently highlighted that 2020 will be the year when the Internet of Things (IoT) officially moves from “proof of concept” to “mass deployment”, with over half of all companies surveyed now undergoing early or extensive deployment of internal or external IoT networks. Read more >> NXP and Arm Pelion Device Management Secure Deployment of IoT Devices from Chip to Cloud | Pelion IoT Blog 

LPC55xx系列的MCUXpresso SDK使用FLASH API来实现FLASH驱动。 一些用户在执行如下FLASH写操作时可能会遇到如下的问题： status = FLASH_Program(&flashInstance, destAdrss, (uint8_t *)s_bufferFF, 8);       执行完上述代码后，对应的地址区间数据没有变化，写入失败，返回错误代码101，如下图所示, 错误代码101看上去有点陌生，这在之前的LPC产品中并不常见，我们在用户手册中搜索FLASH driver status code，可以查找到错误代码101为FLASH 对齐操作错误（Alignment Error）。   对齐操作错误是什么？我们先来看程序是如何对FLASH_Program函数进行定义的。 FLASH写函数定义如下： status_t FLASH_Program(flash_config_t *config, uint32_t start, uint32_t *src, uint32_t lengthInBytes); 新用户经常会忽略掉用户手册中对于这个API的介绍“the required start and the lengthInBytes must be page size aligned”，这句话的意思是在执行FLASH_Program函数时，写入的起始地址和数据长度必须512字节对齐，所以如果我们把代码 status = FLASH_Program(&flashInstance, destAdrss, (uint8_t *)s_bufferFF, 8); 更正为 status = FLASH_Program(&flashInstance, destAdrss, (uint8_t *)s_bufferFF, 512); FLASH_Program函数就可以运行成功。   请注意：在2.6.x版本的SDK中，FLASH_Program函数的注释将参数的起始地址和数据长度错误的表述为字对齐，2.7.0版本的SDK已经对注释进行了修正。即使你想要操作一个字节，lengthInBytes也是512字节对齐。   最后：建议用户在遇到关于FLASH API操作失败的相关问题，一定要查看用户手册中的FLASH驱动状态码，我们可以从UM11126中的第九章节FLASH API部分找到它，如下图所示。  

View Webinar Recording

View Webinar Recording

When we use LPC55Sxx PRINCE feature, we need enable PRINCE sub-region “crypto” by setting SR_ENABLE register. If we “crypto” enable discontinuous sub-regions and erase part of them, we may find we can’t erase/read/write other “crypto” sub-regions any more. This article will discuss how to resolve this phenomenon.           Figure 1         Testing Steps According to LPC55Sxx UM, each PRINCE region has its SR_ENABLEx register. This register enables PRINCE encryption and decryption of data for each sub-region of crypto region 0. Each bit in this field enables a sub-region of crypto region 0 at offset 8kB*n, where n is the bit number.  For example, when we set SR_ENABLE0=0X00000005, PRINCE region 0 sub-region 1 and sub-region 3 are set as encryption region. When read data out from these sub-regions, PRINCE will decrypt the data automatically.   Now we will test discontinuous sub-region erase/read/write. Board: LPC55S16-EVK IDE: Keil MDK v5.29 Step 1: PRINCE initialization: Enable PRINCE region 0 and two discontinuous sub-regions; generate key, IV code; enable crypto. //set SR_ENABLE，SR_ENABLE=0X28000000,enable sub-regions(0x30000-0x32000,0x34000-0x36000) crypto。 status=PRINCE_SetRegionSREnable(PRINCE(prince_region_t)region0,0X28000000); //select PRINCE crypto for region0 PRINCE_SetRegionBaseAddress(PRINCE_Type*base,prince_region_tregion0,uint32_t0X0) //generate PRINCE region0 crypto key Status=FFR_KeystoreGetKC(&flashInstance,&keyCode[0],kFFR_KeyTypePrinceRegion0); status=PUF_GetHwKey(PUF,keyCode,sizeof(keyCode),kPUF_KeySlot2, rand()); //generate PRINCE region0 crypto IV_code status=PRINCE_GenNewIV(kPRINCE_Region0,&prince_iv_code[0],true,&flashInstance) //load IV code to PRINCE status=PRINCE_LoadIV(kPRINCE_Region0,&prince_iv_code[0]) //enable PRINCE encryption PRINCE_EncryptEnable(PRINCE)   Step 2: Select two discontinuous sub-regions ( 0x30000-0x32000,0x34000-0x36000). Erase one of them (0x30000-0x32000), then write data to this sub-region. Output: Erasing and Writing are all successful. See Figure 2. //Erase 0x30000-0x32000 sub-region status=PRINCE_FlashEraseWithChecker(&flashInstance,0x30000,0x2000,kFLASH_ApiEraseKey); //Write 0x30000-0x32000 sub-region status=PRINCE_FlashProgramWithChecker(&flashInstance,0x30000,(uint8_t *)prince_iv_code,0x2000);   Step 3: Erase and Write the other sub-region ( 0x34000-0x36000 ) Output: Erasing and Writing are failed. See Figure 2. //Erasing 0x34000-0x36000 sub-region status=PRINCE_FlashEraseWithChecker(&flashInstance,0x34000, 0x2000,kFLASH_ApiEraseKey); //Write 0x34000-0x36000 sub-region status=PRINCE_FlashProgramWithChecker(&flashInstance,0x34000, (uint8_t *)prince_iv_code,0x2000); Error Analysis According to UM11126（49.16.1 Functional details）, each crypto region has its own SKEY and IV code. SKEY and IV are used together by the PRINCE when encrypting or decrypting the data in the sub-regions of crypto region. For Instance, For PRINCE region1, each time after we execute erasing operation, new Skey1 and IV1 are generated, thus when executing erase/read/write operation to another sub-region, the old IV1 and new IV1 don’t match, which causes PRINCE can’t decrypt correctly.   Suggestion We suggest user using SR_ENABLE to set continuous crypto sub-regions. When erasing operation is needed, erasing all the crypto sub-regions together, avoid erasing part of the sub-regions. One sub-region size is 8K, make sure the erasing/writing address 8K aligned.   Thanks for the suggestion from johnwu‌

[中文翻译版] 见附件 原文链接： https://community.nxp.com/docs/DOC-343506

View Webinar Recording

When you are the first time to debug LPC55S69, please read below document and double check your IDE, SDK and EVK version is correct. Usually, we prefer use the latest IDE, SDK and EVK boards. Important updates when using LPCXpresso55S69 Revision A2 boards and 1B silicon  [Problem Description] When you use IAR 8.32 to debug LPC55S69 '1B' silicon, the IDE will remind you "The debugging session could not be started", like below picture show: The reason of this failure is that IAR 8.32's LPC55S69 chip configuration files only support revision '0A' silicon, not '1B'. We strongly recommend customer download and use IAR 8.40.2 or latest version. The IAR IDE start support LPC55S68 '1B' silicon from 8.40.2. [Solution] If you have some reasons that must use IAR 8.32, you can download attached zip file. This zip file like a patch, include the IAR LPC55S69 '1B' support files. Un-zip this file and merge the same files under IAR installed path :IAR\arm\config\flashloader\NXP Then the IAR can support '1B' silicons. [How to identify LPC55(S)6x chip silicon versions] On the top-side marking code, there is '1B'  charactors at the end of mark strings. See below two pictures, the left one is '1B' version chips.                      LPC55(S)6x ver '1B'                                                               LPC55(S)6x ver '0A'                   

View Webinar Recording

For LPC55(S)1x/2x/6x users, please update your fsl_power_lib to SDK2.8.2. The previous SDK(2.6.x and 2.7.x)'s power library have two known function bugs,  1. FRO trim value can not be recovery correctly after wakeup from deep-sleep / power-down / deep power-down.    -- this means the 12MHz FRO frequency is different for after boot-process(11.99 MHz for example) and wakeup from low-power modes(11.89MHz for example).     -- The reason is the FRO trim value not recovery after wakeup.  2. Cap-bank value can not be set correctly by use power lib capbank trim API.    -- This is a software bug which fixed in SDK2.8.2 already. Just replacement the power_lib library file should be workable for most of customers. the API should be compatible. Thank you! Magicoe

This is an example of how to use the CTimer to trigger the LPADC conversion in the LPC55s28. I attached the example in MCUXpresso.    

Abstract This paper discusses our approach to crypto acceleration and asset protection using novel techniques that help bring high levels of security to low-cost microcontrollers with minimal power and area penalty. CASPER, our asymmetric cryptography acceleration engine, aims to optimize crypto algorithm execution (e.g., RSA, ECC). It is built on a hardware-software partitioning scheme where software functions map asymmetric crypto functions to the hardware modules of the accelerator, delivering sufficient flexibility to software routines to enable mapping of new algorithms. Further efficiency is achieved by making use of the co-processor interface on the Arm® Cortex®-M33 core. Important assets such as keys, proprietary and/or licensed application software are protected against side-channel analysis or cloning using SRAM PUF and PRINCE. SRAM PUF technology enables secure storage of root-of-trust keys and user keys by exploiting the deep sub-micron process technology variations. PRINCE is a low-latency lightweight cryptography algorithm implementation in hardware that allows encrypted non-volatile storage and real-time, latency-free decryption of the execution code. Read More >

[中文翻译版] 见附件   原文链接： https://community.nxp.com/community/mcuxpresso/mcuxpresso-ide/blog/2019/02/26/lpc55xx-multicore-applications-with-mcuxpresso-ide

https://community.nxp.com/community/general-purpose-mcus/lpc/blog/2020/06/15/lpc55s69-powerquad-part-1-a-great-solution-for-the-industrial-iot-and-smart-metering