LPC55S69 : limit ISP mode duration

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LPC55S69 : limit ISP mode duration

Jump to solution
2,067 Views
EugeneHiihtaja
Senior Contributor I

Hi !

Does it possible to limit ISP mode duration some how ?

If Secure boot is activated and we consider that MCU is secure, we should be able to control it in any phase. But if it put to ISP mode, looks like no any time limit how long SB2.1 file update can take or any other message activity.

Or it is possible to have active WDT during firmware update some how ?

Regards,

Eugene

 

Labels (1)
0 Kudos
Reply
1 Solution
2,022 Views
Sabina_Bruce
NXP Employee
NXP Employee

Hi Eugene, 

Hope you are well. I apologize for the delayed response. If you are considering the timeout feature this should only be one aspect of your whole security protocol. In addition, once your product is ready it is recommended that the ISP is disabled. This is to be considered when you are finalizing your product and that way nobody will have access to change this type of configuration or any other.

Best Regards,

Sabina

View solution in original post

0 Kudos
Reply
4 Replies
2,054 Views
Sabina_Bruce
NXP Employee
NXP Employee

Hello Eugene,

Hope you are doing well.

I believe you are referring to the timeout value. You can set this timeout value using the blhost. 

nxf51209_0-1600972757939.png

When a timeout error occurs you should get the following error:

nxf51209_1-1600972804813.png

This will be part of the sequence done when communicating through ISP.

nxf51209_2-1600972855619.png

 

Hope this helps!

Best Regards,

Sabina

-----------------------------------------------------------------------------------------------------------------------

Note: If this post answers your question, please click the Correct Answer button. Thank you!

----------------------------------------------------------------------------------------------------------------------- 

0 Kudos
Reply
2,043 Views
EugeneHiihtaja
Senior Contributor I

Hi @sabinabruce !

But in this case anybody can change this timeout.

It should be part of secure configuration what can't be controlled externally if secure boot enabled.

Does it available something like this ?

Regards,

Eugene

 

0 Kudos
Reply
2,023 Views
Sabina_Bruce
NXP Employee
NXP Employee

Hi Eugene, 

Hope you are well. I apologize for the delayed response. If you are considering the timeout feature this should only be one aspect of your whole security protocol. In addition, once your product is ready it is recommended that the ISP is disabled. This is to be considered when you are finalizing your product and that way nobody will have access to change this type of configuration or any other.

Best Regards,

Sabina

0 Kudos
Reply
1,994 Views
EugeneHiihtaja
Senior Contributor I

Hi @Sabina_Bruce  !

So you recommend to use own loader and implement IAP type of firmware update.

But do we have enough information for be able to parse SB2.1 file format in our loader ?

Or some code example what we can take as basis ?

 

Regards,

Eugene

 

0 Kudos
Reply