- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- 产品论坛
- :
- MCX Microcontrollers
- :
- MCXW71 Secure Boot - Fuse Programming Failure
MCXW71 Secure Boot - Fuse Programming Failure
Hi everyone,
I'm working on setting up secure boot on an FRDM-MCXW71 (MCXW716C) board, following the procedure outlined in Application Note AN14374.
I've run into a problem at the fuse-burning stage. After successfully enabling fuse programming (set-property 0x16 1), I encountered errors when trying to read from and program to the fuse map.
Here is the terminal output:
❯ blhost -p /dev/ttyACM0 set-property 0x16 1
Response status = 0 (0x0) Success.
❯ blhost -p /dev/ttyACM0 fuse-read 0x20 8
ERROR:spsdk.mboot.mcuboot:RX: Mboot: Data aborted by sender (223ms since start, mcuboot.py:177)
Response status = 1 (0x1) Fail.
Response word 1 = 0 (0x0)
Read 0 of 8 bytes.
❯ blhost -p /dev/ttyACM0 fuse-read 0x1F 8
65 0d 80 97 07 9f f2 7a
Response status = 0 (0x0) Success.
Response word 1 = 8 (0x8)
Read 8 of 8 bytes.
❯ blhost -p /dev/ttyACM0 fuse-program 0x1F "{{2f1e1f1ccd82c1c0f27903e5090c42e254f8796fec99f9ff2aa9547d11c691040c1994d040759cd7c88b3caa5f5e8221}}"
Response status = 1 (0x1) Fail.
❯ blhost -p /dev/ttyACM0 fuse-program 0x20 "{{f2664ad73a59aa4a7d2e480c13bf4b2da4e7557493806e9ac6c9c482cbda6a72}}"
Response status = 1 (0x1) Fail.As you can see, reading from fuse address 0x20 fails, as does attempting to program fuses 0x1F and 0x20.
Believing it might be a tool-specific issue, I switched to the NXP Secure Provisioning (SEC) tool. However, when I tried to read the keys from the device to begin the provisioning process, I received the error shown in the attached screenshot.
To rule out the possibility of having damaged the initial board, I repeated the process with the SEC tool on a brand new, factory-sealed FRDM-MCXW71 board and encountered the exact same error.
This leads me to my main question:
Is this a known issue or expected behavior for the FRDM-MCXW71 boards? Is there a specific step or prerequisite for the MCXW716C that is not covered in AN14374?
My environment:
Hardware: FRDM-MCXW71 (MCXW716C)
Host OS: Fedora release 42 (Adams), SEC tool on Ubuntu 24.10
blhost Version: 3.1.0
SEC Tool Version: 25.06
Any guidance on this would be greatly appreciated.
Thank you!
已解决! 转到解答。
marek-trmac
Hi again,
I'd recommend to follow the flow described in SEC too user guide for MCXW signed image: Processor-specific workflows — MCUXpresso Secure Provisioning Tool 25.06
Specifically pay attention to step 4 describing which keys must be used for EVK and FRDM boards. There boards are distributed with keys already burnt.
Marek
NOTE: If you find the answer useful, kindly click on [ACCEPT AS SOLUTION] button
marek-trmac
Hi @lober ,
I'd recommend to follow the process described in SEC documentation: Processor-specific workflows — MCUXpresso Secure Provisioning Tool 25.06
On the screenshot, you have shared, it seems you have a conflict between value burnt into the processor and the required value. Try to read value and compare.
Marek
NOTE: If you find the answer useful, kindly click on [ACCEPT AS SOLUTION] button
Thanks for reply @marek-trmac,
When using SEC tool i was following AN14371 application note (MCXW71 Secure Boot using SEC Tool) but i couldn't proceed further since OTP/IFR configuration was giving me error.
When i tried to write image i got:
##########################################################################################################
Write image - operation started at 2025-09-04 14:21:36
##########################################################################################################
The following fuses status was detected:
OTP request: LIFECYCLE |= 0x7 (mask: 0xff); current value=0x7; status=MATCHES
ERROR: OTP request: CUST_PROD_OEMFW_AUTH_PUK |= 0xc66f93dd5d9f93ef9d5ae14cfa1e50ac9c544029c8a7216d2efb1951b54e48fd (mask: 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff); current value=0x650d8097079ff27a3e8a2da14781b922fd8295b6c00bfa067f00e87f1a16b8b3; status=MISMATCH
OTP request: CUST_PROD_OEMFW_ENC_SK |= 0x8bc7f73375a9c893b1c05d1d486d11530942141f729861f1795373cfbb2eb9b7 (mask: 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff); current value=write-only; status=WRITE
ERROR: SUMMARY: Detected status of fuses for write operation: some fuse(s) were already burned and does not match the requested value(s)
Status of the operation: Failure: Fuses were already burned and do not match the requested value
Status of the operation: Failure: Irreversible changes
The exact same value i read from the first board (previous screenshot) appears in same fuse on the second one out-of-box board where no fuse burning was ever attempted. Value was read multiple times and every time it was the same. It looks like the value was prewritten on both boards before i attempted any fuse burning.
marek-trmac
Hi again,
I'd recommend to follow the flow described in SEC too user guide for MCXW signed image: Processor-specific workflows — MCUXpresso Secure Provisioning Tool 25.06
Specifically pay attention to step 4 describing which keys must be used for EVK and FRDM boards. There boards are distributed with keys already burnt.
Marek
NOTE: If you find the answer useful, kindly click on [ACCEPT AS SOLUTION] button
