Software security issue

ltxdl · ‎10-15-2024

Dear team:

we used s12zvm31 mcu to develop products

Could you tell me how to set up software to prevent mass production software from being cracked. thanks.

lama · ‎10-17-2024

Hi,

if you do not change anything in the flash security byte (can be checked in s19 record) then the device is secured after loading by default.

The BDM always mass erase/unsecures it for debugging before programming. If you only program it (debugger does not prepare device for debugging) with no access to the security byte then it will be secured and not debeggable.

The example of security with temporary unsecuring by special 64bit code received by application can be seen here

https://community.nxp.com/t5/S12-MagniV-Microcontrollers/SW-example-of-Security-feature-with-Backdoo...

The code for temporary unsecure (up to next reset) can be received by some peripheral or it can be launched by some specific event/condition with backdoor key stored in application code as presented in the example.

It is up to you whether you want to use backdoor key. If not use the device can not be unsecured only BDM mass errase command is available.

Best regards,

Ladislav

https://community.nxp.com/t5/S12-MagniV-Microcontrollers/S12Z-unsecure/m-p/1303088

ChristopherLenordJ · ‎11-16-2024

Hello Team,
We are using the same example code to unsecure the S12Z device ( we receive the stimulus to unlock via SPI ) and we see that the MCU is not getting unsecured. We could transmit the FSEC register value over the SPI we still read as 01 in boolean meaning secured and not 10 in boolean meaning unsecured, any attach option via CW and Cyclone Pro debugger also show that the MCU is still secured. Please Could you provide your feedback here. Timeline is critical for our project as we have the production Dates coming near, Quick support would be appreicated.