LPC Bootloader

lpcware · ‎06-15-2016

Content originally posted in LPCWare by akshaya.k55 on Wed Nov 04 06:19:59 MST 2015
Hi,
I am using LPC1833JBD144E part. Currently we are using FlashMagic tool for flashing the application image.
There is a requirement to validate the image by adding a custom magic number.
By this i mean, we will be adding a header in the image file which needs to be checked before flashing.
Is there a provision to modify contents of boot ROM, to make it validate the image and notify Flash Magic tool in case of discrepancy?
Or is there any available ISP command in the boot ROM to validate the application image by checking image header(magic number added by us)?
Or is there any option in FlashMagic tool to perform custom validation?

lpcware · ‎06-15-2016

Content originally posted in LPCWare by dmitryf on Thu Nov 05 21:32:20 MST 2015
I think you should:
1. use CRP3 read protection, so nobody can access chip's memory using JTAG/Flash magic tool or erase flash or run boot loader by pulled P2_7 pin low.
2. make custom boot loader.
3. make custom flashing tool.
4. encrypt your image file.
5. make checking image compatibility procedure in boot loader

or use LPC18S

If you concern about clone your code, bad guys with good budget can crack this MCU and copy your program anyway.

lpcware · ‎06-15-2016

Content originally posted in LPCWare by MikeSimmonds on Thu Nov 05 08:02:48 MST 2015
The way I handled production serialization in our projects
was to write my own PC tool to write a boot loader on to the units.

I also use an in house written post build tool to convert the axf (elf)
to a download image that includes a CRC32 checksum to avoid
'the wrong' download.

This (PC host) appliction also links to a database (sqlite3) to
(a) keep audit history and (b) get the next serial number
which is patched into the download image 'on the fly' during
programming.

It uses the documented ISP interface over UART same as FlashMagic.
Note that FlashMagic requies a paid license if used for production.

Note this is NOT secure as the bad guys can use any tool (and code image)
that they want.

As with your case, I just need to avoid 'normal' operator error.

Cheers, Mike.

lpcware · ‎06-15-2016

Content originally posted in LPCWare by akshaya.k55 on Thu Nov 05 01:28:38 MST 2015
Hi,
Thank you,

Security Level: It is simply an easy check. To prevent a wrong image from being loaded to the board accidentally or by mistake.But this should be done irrespective of the flashing tool in ISP programming mode.

Flash Magic: The idea here is to prevent flash magic from flashing if someone tries to load a wrong image.Perhaps the ROM bootloader should do that. That is the reason I thought of modifying the ROM bootloader.

Any pointers on this?

lpcware · ‎06-15-2016

Content originally posted in LPCWare by mysepp on Wed Nov 04 08:48:31 MST 2015
Tell us in more detail what you want to achieve. How secure must it be?
Just an easy check or to prevent a hacker from modifying your device?

In my opinion there is no way to change/extend bootloader in ROM.
But you can use a second bootloader, which perhaps behaves almost identical as ROM bootloader, if this is really needed.
And the proprietary check is added in second bootloader, e.g. write a certain magic number before the download is possible.
Otherwise denied.

According to FlashMagic:
Ok, you can check the image, before calling FlashMagic at all. But what happens, when a user downloads FlashMagic and
performs the download without executing your checks? Then all your checks are useless.

Also have a look at LPC18S.. series (same as your, but with 'S') which,
I think, allows much more security related to application images.
Perhaps a way is to encrypt it? Read the data sheet and/or user manual if this fits your need.

LPC Bootloader

LPC Bootloader

lpc18xx