- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- Product Forums
- :
- MPC5xxx
- :
- MPC5775E several questions on CSE/BOOT
MPC5775E several questions on CSE/BOOT
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
MPC5775E several questions on CSE/BOOT
05-23-2024
10:40 PM
552 Views
vyacheslavguzhv
NXP Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi colleagues,
please help to answer following questions for MPC5775E
- Both Parallel and Sequential boot modes do not block execution of the invalidly verified software, in other words they do not provide secure boot sanctions on HW level. Those only block access to keys defined with attribute BOOT_PROT and provide information about the result of Secure Boot to application. AN5418 mentions a functionality called Strict sequential boot mode (Chapter 1.4.3) which seem to perform the desired functionality, but no configuration information can be found in both AN5418 and RM. How should this be configured?
- Current HW samples in our possession do not have the UTEST Secure Boot Configuration written. According to to RM, the record is only writable by NXP. Is this true or the information is misleading, and it is actually write once hence we should be able to able to write it in case it is not already present in DCF table?
- Can DCF records Secure Boot Code Address and Secure Boot Code Length be overwritten? Overwrite is meant here as adding additional DCF records with different content. If yes, this would mean that by only gaining access to JTAG interface, it is possible to change the configuration of root of trust in regard to Secure Boot. Another possibility is that the Secure Boot is performed for all images defined in all DCF records. What is the actual behavior? This is somehow connected to the next question 4.
- BOOT_MAC is the CMAC generated using AES-128 over the firmware image defined in DCF records Secure Boot Code Address and Secure Boot Code Length. In AN5418 BOOT_MAC is defined as being update able. We wanted to ask whether the update procedure of BOOT_MAC needs to be performed manually, in other words we need to calculate the BOOT_MAC value for the the new software and write the new BOOT_MAC using LOAD_KEY cmd in case of update of the memory space defined in DCF.
- Is CSE in anyway update-able? Is it something we should consider in the design process?
- Are there any additional documents that we should be aware of that describe the security features of the platform other than MCU Reference Manual and AN5418?
1 Reply
05-24-2024
07:51 AM
530 Views
lukaszadrapa
NXP TechSupport
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. It's configured to Parallel mode in factory and it cannot be changed.
2. This DCF record is not visible for user.
3. Yes, it can be overwritten (i.e. adding new record) and only the latest value will be considered.
4. Yes, the BOOT_MAC can be updated using standard SHE update protocol - it's updated in the same way as keys. You can calculate the CMAC offline (for example using binary/srecord file and OpenSSL) or you can let the hardware to calculate the CMAC (during development). But the BOOT_MAC must be updated manually via SHE update protocol.
The BOOT_MAC can be calculated and stored automatically only first time as required by SHE specification. Next time it needs to be updated manually.
5. No, CSE can't be updated.
6. SHE specification is sometimes helpful. Please check NXP sharepoint.
Regards,
Lukas
