S32K144 JTAG lock

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
5,282件の閲覧回数
pranavshinde
Contributor II

Hello,

I want to securely store some data in S32K144 microcontroller.
Once the data is stored, only application running in the processor should be able to read the data and no external person should be able to read it back by reading from a memory location.

My idea was to store the data in FlexNVM and enable the JTAG lock once the data is written to FlexNVM.
Is my approach correct?
If not, please let me know if there is another way to achieve this.

 

0 件の賞賛
返信
1 解決策
5,213件の閲覧回数
danielmartynek
NXP TechSupport
NXP TechSupport

Hello Pranav,

Yes, this is correct.

No additional setting is required.

 

BR, Daniel

 

元の投稿で解決策を見る

0 件の賞賛
返信
6 返答(返信)
5,265件の閲覧回数
danielmartynek
NXP TechSupport
NXP TechSupport

Hi,

The MCU is secure when the FSEC[SEC] register != 0b10.
The register is loaded from the Flash Configuration Field during system reset so that the MCU can be secure right out of the reset.

You can load the FlexNVM (DFlash) data along with the application that locks the MCU
Or you can do it later using the Backdoor key which temporarily unlocks the MCU.
The MCU is then locked again on the next system reset.

Example S32K144 Verify Backdoor Access Key S32DS1.3

 

Regards,

Daniel

0 件の賞賛
返信
5,259件の閲覧回数
pranavshinde
Contributor II

Hi Daniel,

I understood how to enable the security by configuring the startup code.
Is there option to do the same using processor expert tool?

0 件の賞賛
返信
5,249件の閲覧回数
danielmartynek
NXP TechSupport
NXP TechSupport

 

Hi,

There is no such option.

 

BR, Daniel

0 件の賞賛
返信
5,224件の閲覧回数
pranavshinde
Contributor II

Thanks Daniel,

 

I just want to confirm the security settings.
Below are the requirements which are intended to be taken care of,

1. JTAG should not be accessible even with the security key.
2. Mass erase should be prevented.
3. JTAG should not be accessible in normal conditions as well.

I am setting this value to FSEC register.
FSEC = 0x64

Please let me know if the setting I am using is correct and if any additional settings are required.

Thanks,
Pranav

5,214件の閲覧回数
danielmartynek
NXP TechSupport
NXP TechSupport

Hello Pranav,

Yes, this is correct.

No additional setting is required.

 

BR, Daniel

 

0 件の賞賛
返信
5,274件の閲覧回数
TomLightning
Contributor III

Hello,

from my point of view you are not able to access the memory (RAM and Flash memory) of the controller if the debug interface is locked. Of course you have to be careful not to implement functions that allow access to data that you don't want to make public (e.g. via CAN or UART).

Tom