Master ECU key value change problem

sochoi · ‎03-16-2025

Hello, I'm having trouble with the master ECU key changing.

Master ECU key suddenly changed to 0x00000000_00000000_00000000_00000000 value.

I did not request to change the Key via the CSEc command.

Has anyone had this issue with their S32K146 MCU?

lukaszadrapa · ‎03-17-2025

Hi @sochoi

The key should definitely not change on its own.

How do you know that the key was changed to all zeros? NVM keys can't be read or exported.

Regards,

Lukas

sochoi · ‎03-17-2025

I ran the contents of AN5401 document 4.5 Resetting Flash to the Factory State. At this time,
I successfully reset by setting the master ECU_key to 0x000....0000.

Based on the above, I would guess that it would have been changed to 0x0000...0000, because if you factory reset it to a different value, it will not be initialized.

lukaszadrapa · ‎03-17-2025

If you reset the device to factory state, the CSEc is disabled. It's necessary to partition the device to enable the CSEc again. After partitioning, all the keys are considered as empty. There's nothing like default value, the keys are not just simply cleared to 0x0000... If a key is empty and if you try to use it, you will get ERC_KEY_EMPTY error.

sochoi · ‎03-17-2025

The explanation is that the method to find out that the Master ECU key was changed to 0x0000...0000 was to reset the device to factory state.

The problem is that the master ECU key suddenly changes to 0x0000...0000 during operation, without any device initialization.

sochoi · ‎03-18-2025

I know that the device will initialize only when I use the correct authentication key.

I noticed that when I put 0x0000...0000 as the authentication key, the device successfully initialized, and at that time I noticed that the Master ECU key was changed to 0x0000...0000.

lukaszadrapa · ‎03-18-2025

I'm not really sure what you are doing. I would need more details to be able to provide some help.

sochoi · ‎03-18-2025

I am using S32K146 EVB.

The value of the master ECU key was suddenly changed without any key injection or renewal work in progress.

I did a factory reset to see what value the master ECU key had been changed to.

This is because the changed master ECU key must be used correctly as an authentication key in order for factory initialization to succeed.

When performing factory initialization, I wrote a code to calculate the authentication key to 0x0000...0000 value.

When I operated the MCU like this, the initialization was successful.

Based on the above, I have made the following guesses.

Master ECU key changed to 0x0000...0000.

However, I asked if you were aware of this issue because it is a security issue for the master ECU key to be changed arbitrarily.

lukaszadrapa · ‎03-19-2025

No, this is not known issue and it should not happen. The keys are stored in Emulated EEPROM. I can't see a scenario when the key could be "erased". EEE mechanism is robust enough to recover from brownout events. In worst case, even if key update operation is terminated by reset, the EEE mechanism would still recover the last value of the key.

Did this only happen once or are you able to reproduce this problem multiple times?

Regards,

Lukas

sochoi · ‎03-21-2025

I've tried it again for quite a while, but it doesn't reproduce.
You can check that the master ECU password has been changed arbitrarily because the log remains.
However, it's a pity that this log is a company's asset, so I can't show it to you at will.