ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

HIS-SHE Functional Specification, v1.1

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

HIS-SHE Functional Specification, v1.1

ソリューションへジャンプ
‎12-21-2022 05:33 AM
8,511件の閲覧回数
tz9
Contributor II

Dear NXP-Support Team,

I am currently testing the CSec-Module on the S32K146 on the S32K146EVB using the S32 Design Studio ARM V2.2.

I am trying to store/add several Keys in the CSec-RAM. As a manual, i am using AN5401_S32K_146_M (CSEC) to understand how it works. In Chapter 4.2.1 „Adding keys to secure memory slots“ the process is referred to the PDF-Document „HIS-SHE Functional Specification, v1.1, Section 9.1 Description of memory update protocol“. I can’t seem to find this HIS-SHE Functional Specification. Where can i find it or did its name change over the years ? Thanks.

Sincerely

0 件の賞賛
返信
1 解決策

ソリューションへジャンプ
‎12-22-2022 04:17 AM
8,481件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

Execution of CMD_LOAD_KEY command defined by SHE and implemented by CSEc is the only option how to load a key (either first time or next time to update a key).

During development, it's quite simple. You can use a project like 1_Configure_part_and_Load_keys from AN5401 to configure the part and to load the keys.

During production, it depends on your requirements, on capabilities of programming tool and on security measures you want to keep. One option is to use configuration project like from AN5401 loaded to RAM (if supported by programming tool) or to flash and then it can be re-programmed by final application. Or you can load your application and then use some communication interface to send the keys (or rather M1-M5 values) and the application can load them. Or use programming tool which support loading of keys directly (well, this is idea only, I'm not aware of such tool).

Regards,

Lukas

元の投稿で解決策を見る

返信
5 返答(返信)

ソリューションへジャンプ
‎12-21-2022 09:45 AM
8,497件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @tz9 ,

The document is not freely available:

lukaszadrapa_0-1671641062657.png

 

Customers should request the specification at their OEM if needed.

 

If you are interested in memory update protocol, you can take a look at application notes for MPC5646C (the first MCU with CSE module). CSE on MPC5646C is different from CSEc on S32K1 but still follows the SHE spec, the functionality is the same, so these details are valid.

 

https://www.nxp.com/docs/en/application-note/AN4234.pdf

https://www.nxp.com/docs/en/application-note-software/AN4234SW.zip

https://www.nxp.com/docs/en/application-note-software/AN4234video.zip

 

https://www.nxp.com/docs/en/application-note/AN4235.pdf

https://www.nxp.com/docs/en/application-note-software/AN4235SW.zip

https://www.nxp.com/docs/en/application-note-software/AN4235video.zip

 

AN4234.pdf explains how the M1-M5 are calculated and AN4234SW.zip also contains some tools for offline generation. Notice that the tools are examples only, it’s not production code.

 

Regards,

Lukas

返信

ソリューションへジャンプ
‎12-22-2022 03:35 AM
8,487件の閲覧回数
tz9
Contributor II

Hi,

Thanks for answering, that helps a lot. I already understood a few around updating the keys, erasing the keys and resetting to factory state. But as a first step. If you have e.g. 5 keys (you can store 3-20) and want to save them  for the first time on the s32K146 CSec-Module/SHE, how do you do it? Because in the examples, they are just defined in the header files. Or Do you use LOAD_KEYS() to save the Keys for the first time ? Thanks.

Sincerely

0 件の賞賛
返信

ソリューションへジャンプ
‎12-22-2022 04:17 AM
8,482件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

Execution of CMD_LOAD_KEY command defined by SHE and implemented by CSEc is the only option how to load a key (either first time or next time to update a key).

During development, it's quite simple. You can use a project like 1_Configure_part_and_Load_keys from AN5401 to configure the part and to load the keys.

During production, it depends on your requirements, on capabilities of programming tool and on security measures you want to keep. One option is to use configuration project like from AN5401 loaded to RAM (if supported by programming tool) or to flash and then it can be re-programmed by final application. Or you can load your application and then use some communication interface to send the keys (or rather M1-M5 values) and the application can load them. Or use programming tool which support loading of keys directly (well, this is idea only, I'm not aware of such tool).

Regards,

Lukas

返信

ソリューションへジャンプ
‎03-28-2023 07:53 PM
7,894件の閲覧回数
ZEROOO
Contributor IV

Hi

    Do you need to set flash driver initialization and Csec initialization when using the 1_Configure_part_and_Load_keys from AN5401 example.I am not working properly with 1_Configure_part_and_Load_keys. I don't know what is wrong, please give me some advice.

0 件の賞賛
返信

ソリューションへジャンプ
‎12-22-2022 05:06 AM
8,472件の閲覧回数
tz9
Contributor II

Thanks, that information was very helpful. I appreciate it !

タグ(1)
0 件の賞賛
返信