FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Using Secure Provisioning Manufacturing Package without SEC installation dependency

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using Secure Provisioning Manufacturing Package without SEC installation dependency

2 weeks ago
824 Views
fabiorossi
Contributor I

Hello,

I am working with the NXP Secure Provisioning Tool (SEC) version 26.03 and I am trying to understand how to properly use the generated Manufacturing Package in a standalone environment.

My intended workflow is the following:

  1. Put the device (i.MX RT1052) into Serial Downloader Mode;
  2. Run a firmware update script from a Windows host machine;
  3. Perform full flashing using the generated Manufacturing Package content (scripts + tools).

When I use SEC directly, or when I run the generated Manufacturing Package while SEC is installed on the host PC, everything works correctly without any issues.

However, my goal is to remove the dependency on the SEC installation and use only the exported Manufacturing Package (scripts, tools, and firmware images) in a standalone deployment environment.

What I am currently observing is that:

  • The generated scripts rely on SEC-related installation paths (e.g., C:\nxp\SEC_Provi_...);
  • Some wrapper scripts and tool calls assume the presence of the SEC installation structure;
  • As a result, execution fails or requires manual adaptation when SEC is not installed.

My question is:

What is the recommended way to use the SEC Manufacturing Package in a fully standalone mode (without requiring SEC installation on the host PC)?

More specifically:

  • Is there an officially supported “portable” mode for the Manufacturing Package?
  • Should the scripts be manually adapted to point only to SPSDK tools (blhost/sdphost)?
  • Or is SEC installation strictly required for execution, meaning the Manufacturing Package is not intended to be fully standalone?

Any guidance or best practices on how to decouple the Manufacturing Package from SEC installation would be very helpful.

Thank you in advance.

Best regards,

Fabio Rossi

Labels (1)
Labels
0 Kudos
Reply
1 Reply

2 weeks ago
817 Views
marek-trmac
NXP Employee
NXP Employee

Hi Fabio,

thank you for your question. Manufacturing package was designed to be used with SEC tool only. However, manufacturing package is a ZIP file and is customer needs to modify its content, it should not be a technical problem to do it. There is no guidance or recommendations available, it is completely up to the customer. 

For simplicity, I'd recommend to keep SEC tool installed on host PC, even the GUI Manufacturing Tool is not used.

Kindly mind: in SEC tool manufacturing tool, for USB connection, there are implemented several changes compare to normal "write" flow: 

  • the USB is identified using USB-path instead if VID/PID, so several processors can be provisioned in parallel
  • on some operating systems (Mac, Linux), the USB-path is changed after each reset of the processor. Detailed description of this issue can be found in user guide documentation.
Regards,
Marek


NOTE: If you find the answer useful, kindly click on [ACCEPT AS SOLUTION] button
0 Kudos
Reply