Can I disable S32K3's JTAG permanently by LifeCycle configuration bit without ADKP?

snaku_lee · ‎08-11-2022

Hi,

Can I disable S32K3's JTAG permanently (no secure debugging) by LifeCycle configuration bit without writing a ADKP?

In the S32K3 RM Table 704 “Debug access based on LifeCycle and bit configurations”.

Does it mean I can change the LifeCycle setting to IN_FIELD in the application code and tell HSE to burn the fuse to disable the JTAG permanently without ADKP (i.e. no secure debugging)?

Regards,

Snaku

danielmartynek · ‎08-18-2022

Hi @snaku_lee,

Unfortunetely, it is not possible to disable it permanently.

it will be always possible to disable the secure debug by the password.

BR, Daniel

View solution in original post

danielmartynek · ‎08-16-2022

Hi @snaku_lee,

It is possible to restrict the debug access via the password protection when HSE is not used.

You need to program the CUST_DB_PSWD_A field in UTEST with the desired password and then advance the lifecycle.

In order to advance the lifecycle:

1) Set the address of LC configuration word in the IVT/bootheader. LC word can be at any flash address selected.

2) Write in such address the value for LC word corresponding to target lifecycle:

BR, Daniel

WXM · ‎04-11-2023

How to Set advance the lifecycle?

snaku_lee · ‎08-16-2022

Hi Daniel,

Thanks for your reply.

Our customer request us to disable JTAG permanently without password, nor ADKP.

They don't want a backdoor on JTAG.

Is that possible to disable S32K3 JTAG by the LifeCycle fuse?

Regards,

Snaku

danielmartynek · ‎08-18-2022

Hi @snaku_lee,

Unfortunetely, it is not possible to disable it permanently.

it will be always possible to disable the secure debug by the password.

BR, Daniel