lpc55s69 secure boot

Showing results for 
Search instead for 
Did you mean: 

lpc55s69 secure boot

Contributor II


I'm trying to understand LPC55S69 secure boot.

I'm reading UM11126 user manual and AN12283.

What are the options to update a firmware on LPC after secure boot is enabled?

I understand that 2 main commands are available for programming the flash

1) blhost write-memory

2) blhost receive-sb-file

are both of them available after secure boot is enabled? 

is only receive-sb file enabled?


the only info I have found is:

field determines whether
secure boot flow is
enabled or not.
• If secure boot is enabled
or debug authentication
fields (CC_SOCU_xxx) are
not in the default state,
then limited ISP
commands are allowed.
Allowed command set can
be retrieved by “blhost -p
COMx/-u <VID,PID> --
get-property 7”.


thank you

0 Kudos
3 Replies

NXP TechSupport
NXP TechSupport

Both of these commands are available for programming the flash after secure boot is enabled.

As you can see in AN12283, “write-memory” is used to write a signed image into flash (p. 15) and “receive-sb-file” is used to load a SB2.0 file into the device (p. 19). In both instances the secure boot is already enabled.  

You can also find some more information about each command on the “blhost User's Guide” document, here’s the link: https://www.nxp.com/docs/en/user-guide/MCUBLHOSTUG.pdf


Best regards,


0 Kudos

Contributor II

In UM11126 chapter 7.2.2 Secure firmware update it's written:

If firmware updates are to be performed in the field when secure boot is enabled, then a
secure firmware update mechanism is preferred. Otherwise inauthentic firmware may be
written to the device, causing it to not boot.


Is there a way to allow secure update and permanently disable write-memory? otherwise I don't understand how it's possible to prevent writing of inauthentic firmware?


Tags (1)
0 Kudos

NXP TechSupport
NXP TechSupport

Secure Boot provides the tools to ensure that unauthorized code can’t be executed, not to disable flash programming. This is instead done with the Lifecycle state. Take a look into Section 10.3 of the User Manual, specifically “OEM Closed” on Table 273. I believe this will prove to be useful for your inquiry.

0 Kudos