 
					
				
		
Hi !
Does it possible to limit ISP mode duration some how ?
If Secure boot is activated and we consider that MCU is secure, we should be able to control it in any phase. But if it put to ISP mode, looks like no any time limit how long SB2.1 file update can take or any other message activity.
Or it is possible to have active WDT during firmware update some how ?
Regards,
Eugene
解決済! 解決策の投稿を見る。
 
					
				
		
 Sabina_Bruce
		
			Sabina_Bruce
		
		
		
		
		
		
		
		
	
			
		
		
			
					
		Hi Eugene,
Hope you are well. I apologize for the delayed response. If you are considering the timeout feature this should only be one aspect of your whole security protocol. In addition, once your product is ready it is recommended that the ISP is disabled. This is to be considered when you are finalizing your product and that way nobody will have access to change this type of configuration or any other.
Best Regards,
Sabina
 
					
				
		
 Sabina_Bruce
		
			Sabina_Bruce
		
		
		
		
		
		
		
		
	
			
		
		
			
					
		Hello Eugene,
Hope you are doing well.
I believe you are referring to the timeout value. You can set this timeout value using the blhost.
When a timeout error occurs you should get the following error:
This will be part of the sequence done when communicating through ISP.
Hope this helps!
Best Regards,
Sabina
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------
 
					
				
		
Hi @sabinabruce !
But in this case anybody can change this timeout.
It should be part of secure configuration what can't be controlled externally if secure boot enabled.
Does it available something like this ?
Regards,
Eugene
 
					
				
		
 Sabina_Bruce
		
			Sabina_Bruce
		
		
		
		
		
		
		
		
	
			
		
		
			
					
		Hi Eugene,
Hope you are well. I apologize for the delayed response. If you are considering the timeout feature this should only be one aspect of your whole security protocol. In addition, once your product is ready it is recommended that the ISP is disabled. This is to be considered when you are finalizing your product and that way nobody will have access to change this type of configuration or any other.
Best Regards,
Sabina
 
					
				
		
Hi @Sabina_Bruce !
So you recommend to use own loader and implement IAP type of firmware update.
But do we have enough information for be able to parse SB2.1 file format in our loader ?
Or some code example what we can take as basis ?
Regards,
Eugene
