Hi,
you can check FCSESTAT register. Bit SB (Secure Boot) says if secure boot is activated or not. Bit BOK (Secure Boot OK) says if the secure boot was successful or not.
If sequential or parallel secure boot mode is successful, you are allowed to use boot protected keys. If it is not successful, you can't use these keys.
If strict sequential secure boot mode is successful, you are also allowed to use proatected. But if it fails, the device will never leave reset and there's no way to recover.
Regards,
Lukas
The secure boot does not protect the flash against modification. You can still erase/program the area covered by secure boot. The purpose is different - if helps to check the content of that area and then, based on result, it allows or denies using of boot protected keys. This is the case of sequential or parallel boot mode.
In case of strict sequential boot mode, the device will be bricked if the secure boot fails.
If you need to update the code protected by secure boot, it is possible but it is necessary to update BOOT_MAC. See section "4.4.4 Updating Code and resulting BOOT_MAC" in AN5401 for more details:
https://www.nxp.com/webapp/Download?colCode=AN5401&location=null
https://www.nxp.com/webapp/Download?colCode=AN5401SW&location=null
Regards,
Lukas