- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- Product Forums
- :
- S32K
- :
- Issues with Enabling Both Flash Security (FSEC=0xBF) and CSEc Simultaneously
Issues with Enabling Both Flash Security (FSEC=0xBF) and CSEc Simultaneously
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Issues with Enabling Both Flash Security (FSEC=0xBF) and CSEc Simultaneously
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Regarding the use of FS32K146HAT0MLLR, I encountered the following issues:
During usage, I need to simultaneously enable CSEc and Flash Security (FSEC=0xBF). However, even after enabling mass erase, I am unable to perform operations.
1.If I want to re-enable the debug port, how should I proceed?
2.If I need to recover the partition, what steps should I follow?
Could you provide detailed instructions to achieve these operations?
I would greatly appreciate your prompt reply.
lukaszadrapa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @xyzhang
This was discussed here many times. For example here:
If CSEc is enabled, mass erase is blocked.
To make the debugging/development/tests easier, my recommendation is to implement following functionality to your application: when some push button is pressed or when certain command is received via UART/CAN, either reprogram FSEC to unsecure state 0xFE or run CMD_DBG_CHAL+CMD_DBG_AUTH commands. Or do both operations. So, you will be able to recover and start over.
Or implement backdoor access, so you will be able to connect the debugger, at least:
But if nothing like this is implemented and the device is secured and CSEc is enabled - there's no way to recover.
Regards,
Lukas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Besides, I encountered another problem during the usage process and need your help. The problem is as follows: I have implemented the functions of CSEc by writing program code, including loading keys, encryption, decryption, etc. And online debugging was carried out through the compiler, and no problems were found. However, when burning the generated.hex document to the target board, the burning is carried out in the following two ways. The first one is to use a compiler to connect to the target board via Cyclone lc for online burning of the.hex document. The second method is to store the generated.hex document in Cyclone lc through Cyclone software, then disconnect from the computer and directly connect to the target board through Cyclone lc to burn the previously stored burning file in the burner offline. The current issue is that the burning can be successful through the first method, and the board can operate normally after being powered on again. However, when using the second method, Cyclone lc shows that the burning was successful, but the board cannot operate normally after being powered on again. Could you please tell me where the problem lies? Could you offer some solutions or ideas to solve this problem? I would be very grateful for your prompt reply!
lukaszadrapa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. If you read whole flash memory to a file by the Cyclone in both cases, is the flash content exactly the same?
2. Is content of FCFG1 register in SIM module the same in both cases?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1.In both cases, the flash contents are completely identical.
2.In the SIM module, the DEPART field of the FCFG1 register is 0x3, and the EEERAMSIZE content is 0x2. These are the expected values.
Additionally, I have set the FSEC value in the startup file's Flash configuration to 0xBF. Could this be causing the aforementioned issue?
lukaszadrapa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, configuring of FSEC could make a difference. The questions is how Pemicro implemented this in their firmware. My colleague told me that he met something similar on S12 devices – it worked with debugger but not with Cyclone in standalone mode. And it was caused by different approach to security byte in flash. But notice that this is Pemicro’s proprietary firmware, so I recommend to check this with them directly:
https://www.pemicro.com/support/index.cfm
Have you implemented Backdoor Key Access to your software? Are you able to connect your debugger to this device? If yes, can you check the content of flash configuration field at 0x400?
