CSEc Secure boot:Why is it not always in the reset state after a security boot failure

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

CSEc Secure boot:Why is it not always in the reset state after a security boot failure

Jump to solution
731 Views
ZEROOO
Contributor IV

Hi 

    In S32k118, CSEc safe boot introduces three safe boot methods, why sequential boot mode and parallel boot mode can still execute ROM code after failure, what are the considerations of this setting, if you can still enter the App to run, then what is the meaning of safe boot?

ZEROOO_0-1695280780059.png

 

Labels (1)
0 Kudos
Reply
1 Solution
696 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @ZEROOO 
the sentence about execution of ROM code is little bit confusing. It comes from SHE specification and it has different meaning here.
Regardless of that, let me explain how it works:
If sequential or parallel boot mode fails, the only effect is that boot protected keys cannot be used (boot protected keys - when BOOT_PROT attribute is set when loading a key). The application will run but the application cannot use boot protected keys.
The only difference between sequential and parallel boot mode: in sequential mode, boot protected keys are available immediately when the application starts execution (of course, if the secure boot is successful). In parallel boot mode, the application needs to wait until the secure boot is finished and then the boot protected keys will be available.
Next level of protection is strict sequential boot mode. If this boot mode fails, the application won't run, the device will stay in reset forever and there's no way to recover. The only option is to replace the device.
Regards,
Lukas

View solution in original post

1 Reply
697 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @ZEROOO 
the sentence about execution of ROM code is little bit confusing. It comes from SHE specification and it has different meaning here.
Regardless of that, let me explain how it works:
If sequential or parallel boot mode fails, the only effect is that boot protected keys cannot be used (boot protected keys - when BOOT_PROT attribute is set when loading a key). The application will run but the application cannot use boot protected keys.
The only difference between sequential and parallel boot mode: in sequential mode, boot protected keys are available immediately when the application starts execution (of course, if the secure boot is successful). In parallel boot mode, the application needs to wait until the secure boot is finished and then the boot protected keys will be available.
Next level of protection is strict sequential boot mode. If this boot mode fails, the application won't run, the device will stay in reset forever and there's no way to recover. The only option is to replace the device.
Regards,
Lukas