FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

LPC55 Debuging Ports Security Solution

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LPC55 Debuging Ports Security Solution

LPC55 Debuging Ports Security Solution

Background:

 IP protection is important for most customers, Kinetis, LPC54 series and i.MX RT have necessary security features that help us to win customers and markets.
LPC55 series is a new generation of IoT MCU which is used for consumer and industrial market. LPC55 non-S parts are adopted by most customers due to its low-cost and easy-to-use features, but its secure features are different with S parts and is significantly simplified.
LPC55 is designed for secured IoT application, so it’s supposed to hide the SWD/ISP ports after development work is finished. If the SWD/ISP ports are secured, they couldn’t be used any more. While for LPC54 & Kinetis MCU, mass erase command can be used to recover the MCU after the MCU is secured.
However, Customers need the feature to secure the debugging/ISP ports, but they also need to recover them in some cases:
- Reprogramming to update firmware
- Investigate and analyze failed parts returned from end market
- Rescue the MCU if it’s locked and stuck
According to customers’ requirements, NXP support team raised the proposal to implement a solution which can be used to secure and recover the SWD/ISP ports with an IAP backdoor
method.

Solution:

By Operating PFR region, LPC55 could switch between secure and recovery mode.

 

  1. lpc5506_debug_isp_test_20220714: demonstrate how to operate this region to lock Debug Port then how to recovery it. The user interaction could be raised by UART or button;
daweiyou_1-1663116501262.png

        2.hmac_test_20220714: demonstrate one full security flow, 

daweiyou_0-1663116450931.png

 

 

This is a complete solution to secure & recovery debugging/ISP ports on LPC55, and it uses
host machine challenge mechanism to implement security features:
Challenge Host machine against unknown host probe;
Generates dynamic seeds, so that the final encrypt information will be dynamically changed;
The image hash value is device related, that avoids same encrypt info for different image/product;


Customer also could clip the solution to simplify application complexity:
Use UUID for device information only, no seed is needed;
Host machine can use fixed keys instead of image hash values to do info encryption;
Host machine can use UUID lookup table to find out verification key; Every device is programmed with dedicated verification key during production. 

Demonstration:

The attached demos could run at LPC55S06 EVK, and could easily migrate to other LPC55 series.

Labels (2)
Attachments
lpc5506_debug_isp_test_20220714.zip
hmac_test_20220714.zip
0 Kudos
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎09-13-2022 05:49 PM
Updated by:
NXP Employee