HSE Application Update - How to update the application in Full Memory Mode

ekmas-19 · ‎07-14-2025

I am reading through an745220-S32K3 HSE Traning - Oct2022(2.0), section on HSE FW Update Procedure for Full Memory.

I am a little confused, it seems the purpose of this is to update the HSE FW itself and not to update the Application code.

I would have expected the HSE FW to be fixed at the factory and used to authenticate an OTA of an application download.

How do you update the application Code and how do you authenticate it? Can the download be encrypted and use the HSE to decrypt it?

S32K344-WB

Robin_Shen · ‎07-16-2025

A1.
Please read the Table 37. Key catalogs of RM758225-RM00286 HSE-B Firmware Reference Manual - V2.5(2.5).pdf.

The HSE firmware stored in secure HSE memory area(HSE Code Flash).
Please read the chapter 3.2.4 Flash Memory Layout (FULL_MEM) during Firmware Installation and 3.5.5 Flash Memory Layout for S32K344, S32K314 and S32K324 devices of RM758225-RM00286 HSE-B Firmware Reference Manual - V2.5(2.5).pdf.

A2. The HSE can be updated in the field but not uninstalled. You don't need to update HSE FW on each download of the application.
Please read the chapter 11 HSE Firmware Update of RM758225-RM00286 HSE-B Firmware Reference Manual - V2.5(2.5).pdf.

Sorry, I am not familiar with this. HSE related issues are not suitable for discussion in the public community. It is recommended to submit Support Tickets at https://www.nxp.com/support/support:SUPPORTHOME?tid=sbmenu. My colleagues will help you.

View solution in original post

Robin_Shen · ‎07-14-2025

Hi

Yes. This is to update the HSE FW itself and not to update the Application code.

Regarding OTA, it is recommended to refer to the previous discussion: Dual-application bootloader with A/B swap OTA update - S32K3XX

Best Regards,
Robin
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "ACCEPT AS SOLUTION" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

ekmas-19 · ‎07-15-2025

Thanks for that response. That clears up one issue.

In my project I have a bootloader and an application. The bootloader is loaded once and never updated in the field. Typically, I would use the bootloader to download and write to flash a new application image. I typically use a basic means of CRC check to validate the new image.

Reading about the HSE it seems it can be used to do a more secure update of the application. From your email and the documentation, I now understand the HSE FW must first be loaded.

This is my understanding of the process at a high level, assuming I am using the full memory approach, not A/B Swap.

I install the HSE FW, I assume there is related HSE Hardware. Does the HSE have its own protected memory area or does it use the NVM of the product board to store keys.? Is the HSE firmware stored in product flash or in a secure HSE memory area?
The HSE can be updated in the field but not uninstalled. Does it need to be updated on each download of the application?
when I download new application over a communication bus like ARINC 429. the HSE FW authenticates this. As I understand. the sender uses a symmetric key to create a GMAC code that is sent over the bus with the new application image. The HSE re-creates the GMAC form its own copy of the key. Then compares these two to authenticate the application image.
Can the key being used be changed? how is that done?
Overall, this does not seem very secure. What am I missing? if a hacker get that key, they can download an software they want.
In addition, is it possible to encrypt the image before download and have the HSE use a different asymmetric key to decrypt it? How does that work.
since I will be using full memory mode, I don't think I will need to create the NVM key catalog. Is that correct. BSB uses an ADKP one-time generated key. where is that stored?
Does the HSE automatically authenticate the download, or do I have to request that? what part would my bootloader play in validation if the HSE is now doing this task? Does the HSE replace this aspect of my bootloader? the bootloader will still need to facilitate the download of the new image.

Thanks for the help. Please correct anything I said that is not correct. and if you can provide a better explanation of the process that would be great.

Robin_Shen · ‎07-16-2025

A1.
Please read the Table 37. Key catalogs of RM758225-RM00286 HSE-B Firmware Reference Manual - V2.5(2.5).pdf.

The HSE firmware stored in secure HSE memory area(HSE Code Flash).
Please read the chapter 3.2.4 Flash Memory Layout (FULL_MEM) during Firmware Installation and 3.5.5 Flash Memory Layout for S32K344, S32K314 and S32K324 devices of RM758225-RM00286 HSE-B Firmware Reference Manual - V2.5(2.5).pdf.

A2. The HSE can be updated in the field but not uninstalled. You don't need to update HSE FW on each download of the application.
Please read the chapter 11 HSE Firmware Update of RM758225-RM00286 HSE-B Firmware Reference Manual - V2.5(2.5).pdf.

Sorry, I am not familiar with this. HSE related issues are not suitable for discussion in the public community. It is recommended to submit Support Tickets at https://www.nxp.com/support/support:SUPPORTHOME?tid=sbmenu. My colleagues will help you.

ekmas-19 · ‎07-17-2025

RM758225-RM00286 HSE-B Firmware Reference Manual - V2.5(2.5).pdf. is what I needed. Thank you.