Hi !
Does it possible to limit ISP mode duration some how ?
If Secure boot is activated and we consider that MCU is secure, we should be able to control it in any phase. But if it put to ISP mode, looks like no any time limit how long SB2.1 file update can take or any other message activity.
Or it is possible to have active WDT during firmware update some how ?
Regards,
Eugene
Solved! Go to Solution.
Hi Eugene,
Hope you are well. I apologize for the delayed response. If you are considering the timeout feature this should only be one aspect of your whole security protocol. In addition, once your product is ready it is recommended that the ISP is disabled. This is to be considered when you are finalizing your product and that way nobody will have access to change this type of configuration or any other.
Best Regards,
Sabina
Hello Eugene,
Hope you are doing well.
I believe you are referring to the timeout value. You can set this timeout value using the blhost.
When a timeout error occurs you should get the following error:
This will be part of the sequence done when communicating through ISP.
Hope this helps!
Best Regards,
Sabina
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
Hi @sabinabruce !
But in this case anybody can change this timeout.
It should be part of secure configuration what can't be controlled externally if secure boot enabled.
Does it available something like this ?
Regards,
Eugene
Hi Eugene,
Hope you are well. I apologize for the delayed response. If you are considering the timeout feature this should only be one aspect of your whole security protocol. In addition, once your product is ready it is recommended that the ISP is disabled. This is to be considered when you are finalizing your product and that way nobody will have access to change this type of configuration or any other.
Best Regards,
Sabina
Hi @Sabina_Bruce !
So you recommend to use own loader and implement IAP type of firmware update.
But do we have enough information for be able to parse SB2.1 file format in our loader ?
Or some code example what we can take as basis ?
Regards,
Eugene