Not able to secure S32K144 using settings of reference project

emb02 · ‎07-19-2023

Hi,

I'm using below mentioned reference code settings to secure S32K144 flash using S32DSv3.5 but not able to secure S32K144.

https://community.nxp.com/t5/S32K-Knowledge-Base/Example-S32K144-Verify-Backdoor-Access-Key-S32DS1-3...

I've done this settings but whenever I download the code, FSEC register settings changes to 0xFFFF7FBE (i.e Flash Security bits changes to 10b - MCU security status is unsecure).

I verified this by reading back S32K144 using jFlash.

Is there any other settings required to secure MCU? Please help me with this.

emb02 · ‎07-25-2023

Hi @Robin_Shen

Thank you for response.

-> Keep FSEC in secured if you don't want the flash content be readback.

FSEC should be secured only in bootloader project or also in application project?

In both project I've to modify flash config settings?

Robin_Shen · ‎07-20-2023

Hi

Are you programming the S32K144EVB with JFlash or with the onboard OpenSDA? If it is SEGGER JFlash, did you select S32K144 (allow security) when select Target device?

Did you program this project on the S32K144EVB without any modifications?

The state of the SEC bits is indicated by LEDs.
The RED LED indicates the MCU is secure (SEC != 0b10) after reset.
After a delay loop, the Verify Backdoor key command is executed which will unsecure the device and the LED will turn BLUE (SEC = 0b10).

As you can see that the SEC will be 0b10 after a delay loop.

Best Regards,
Robin
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

emb02 · ‎07-20-2023

Hi @Robin_Shen

I'm using JFlash and I was selecting S32K144 (no secuirty) so not able to secure MCU.

Now I'm selecting S32K144 (allow security) so now I'm able to secure and then unsecure MCU using backdoor key.

I want to secure MCU for my application and don't want to give read access so I've some questions.

1. If MCU is secured it can be connected to JFlash is this valid?

2. If MCU is readback using JFlash will it always erase and unsecure the device?

3. If I'm using bootloader then flash (FSEC) settings should be configured in bootloader project only or also in application project?

4. What is use of Backdoor key access? If MCU is unsecured using valid backdoor key, MCU can be readable or not?

Please guide me with this.

Robin_Shen · ‎07-25-2023

1. No. The JFlash will let you select if mass erase MCU in order to connect it.

2. It will mass erase the MCU and readback nothing. If you don't want the chip be mass erase, you can change the value of FTFC_FSEC[MEEN]=10. .long 0xFFFF7FAF /* FDPROT:FEPROT:FOPT:FSEC(0xAF = Backdoor key enabled, mass erase disabled, MCU secured)*/

3. Keep FSEC in secured if you don't want the flash content be readback.

4. Please read the 36.5.12.2.1 Un-securing the MCU using backdoor key access of S32K1xx MCU Family - Reference Manual