Hi
I'm browsing the following document https://docs.nxp.com/bundle/LLDPUG_L6.1.36_2.1.0/page/topics/fuse_programming_scenarios.html and have some questions regarding fuse programming on LS1028A platform.
Suppose that all fuse programming will happen in remote contractor.
Looking at the programming scenarions:
- in the stage 1 I build a fip that fuses SRKH and some other non sensitive fuses, so that the next image will be validated against secure boot procedure.
- in the stage 2 I build another fip that fuses sensitive values like OTPMK, WP and so on
My questions are the following:
- what's Minimal OTPMK and what's its purpose on LS1028A? I thought that on this platform there is only one OTPMK that should be considered sensitive
- if I create "secure fip" for the stage 2, how can I prevent my contract manufacturer from extracting sensitive values from fip binary? Correct me if I'm wrong but if the contract manufacturer knows the structure of fuse programming fip, they can easily extract values like OTPMK
