LPC55S69-evk bricked

franciumuk · ‎12-10-2019

I have a LPC55S69-evk. I ran the sdk's FlashIap project and probably accidentally write something wrong in the CFPA.

Now the board cannot connect to debugger and doesn't enter ISP mode.

Is there any method to unlock it?

Ray_V · ‎12-12-2019

didi you try placing jumper J10?

francisy · ‎12-12-2019

Hi Raymundo,

Thanks for your reply. But I have tried this. The chip cannot enter ISP mode.

It gives no response to blhost

ZhangJennie · ‎12-13-2019

Francis Yeung,

We can't program/erase CFPA at random. why? according to UM, CFPA is from 0x9DE00 to 0x9E3FF, there is some command like "debug enable" and "ISP enable",etc. If we disable them by accident, the target can't be accessed by either ISP or debug. this is same for both 0A or 1B LPC55 MCU versions. I will write an article about the version difference, will update here when I have it finished.

if the ISP and debug interface are disabled, there is no way to access the chip.

practically, to avoid changing CFPA area accidently, one tip is to copy a region out then modify the bits that you want to change. then write them back.

Have a nice day,

Jun Zhang

francisy · ‎12-13-2019

Hi Jennie,

Thanks for your reply. I would suggest that you to change the FlashIAP example project's default destination to other address, should not be 0x9DE00. If someone who has not read the detail of CFPA, he would not know that 0x9DE00 is not a place that they can use for trying the FlashIAP project. I think NXP would not expect people to read the entire UM before they try the example project provided in NXP SDK.

I brick my board without knowing what is CFPA. I get to know it after I investigate what the FlashIAP example project did.

ZhangJennie · ‎12-15-2019

I am checking if the the latest B1 version of LPC55 can disable CFPA mass erase . but in case you have these "debug enable" and "ISP enable" disabled. no way to recover MCU.

I fully understand your concern and I will escalate it internally.

Have a nice day,

Jun Zhang

EugeneHiihtaja · ‎12-15-2019

Hi Jennie,

But what it means on practice ?

Mass erase by ISP and SWD shouldn't be executed for non secured MCU never ever ?

Regards,

Eugene

EugeneHiihtaja · ‎12-12-2019

Hello !

Is this A1 or A2 revision of board ?

br,Eugene

EugeneHiihtaja · ‎12-12-2019

Hi !

I have similar effect on A1 revision of board. But what is situation with A2 revision ?

Does it is so easy to overwrite protected flash also ?

I'm afraid to execute flashiap example now.

Regards,

Eugene

francisy · ‎12-11-2019

Hi Xiangjun,

The example project of lpcxpresso55s69 for flash IAP in SDK, lpcxpresso55s69_flashiap1, would it be too dangerous for beginner to use? Because the destination address is 0x9DE00, which is the CFPA. I have not read the secure boot doc before I run this example project, as I don't need to use secure at the moment. My board is bricked because I did not run the last line of code(erase that area) in the example project...

xiangjun_rong · ‎12-11-2019

Hi, Francis,

The LPC55S6x focuses on security application, so there are special considerations for example tamper, so I admit that you have to be careful when you operate the protected flash.

As a workaround, you can apply for sample of LPC55S69 and populate the chip on the LPC55S69-EVK.

Hope it can help you

BR

XiangJun Rong

francisy · ‎12-11-2019

Hi xiangjun,

Thanks for your answer. In fact, I have no idea if I really have written data in the CFPA.

Now my board has no response even I reset it with ISP pin low. And it shows "0 available swd devices detected" when I run debugger.

Is it the behaviour that the CFPA is corrupted?

xiangjun_rong · ‎12-10-2019

Hi, Francis,

If you wrote wrong data to CFPA or just erased the CFPA, it was locked, in the case,the LPC55S69 can not jump out of bpootloader, so there is no way to unlock it.

You have to change another LPC55S69.

Hope it can help you

BR

Xiangjun Rong