S32K144 JTAG lock

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

S32K144 JTAG lock

跳至解决方案
5,283 次查看
pranavshinde
Contributor II

Hello,

I want to securely store some data in S32K144 microcontroller.
Once the data is stored, only application running in the processor should be able to read the data and no external person should be able to read it back by reading from a memory location.

My idea was to store the data in FlexNVM and enable the JTAG lock once the data is written to FlexNVM.
Is my approach correct?
If not, please let me know if there is another way to achieve this.

 

0 项奖励
回复
1 解答
5,214 次查看
danielmartynek
NXP TechSupport
NXP TechSupport

Hello Pranav,

Yes, this is correct.

No additional setting is required.

 

BR, Daniel

 

在原帖中查看解决方案

0 项奖励
回复
6 回复数
5,266 次查看
danielmartynek
NXP TechSupport
NXP TechSupport

Hi,

The MCU is secure when the FSEC[SEC] register != 0b10.
The register is loaded from the Flash Configuration Field during system reset so that the MCU can be secure right out of the reset.

You can load the FlexNVM (DFlash) data along with the application that locks the MCU
Or you can do it later using the Backdoor key which temporarily unlocks the MCU.
The MCU is then locked again on the next system reset.

Example S32K144 Verify Backdoor Access Key S32DS1.3

 

Regards,

Daniel

0 项奖励
回复
5,260 次查看
pranavshinde
Contributor II

Hi Daniel,

I understood how to enable the security by configuring the startup code.
Is there option to do the same using processor expert tool?

0 项奖励
回复
5,250 次查看
danielmartynek
NXP TechSupport
NXP TechSupport

 

Hi,

There is no such option.

 

BR, Daniel

0 项奖励
回复
5,225 次查看
pranavshinde
Contributor II

Thanks Daniel,

 

I just want to confirm the security settings.
Below are the requirements which are intended to be taken care of,

1. JTAG should not be accessible even with the security key.
2. Mass erase should be prevented.
3. JTAG should not be accessible in normal conditions as well.

I am setting this value to FSEC register.
FSEC = 0x64

Please let me know if the setting I am using is correct and if any additional settings are required.

Thanks,
Pranav

5,215 次查看
danielmartynek
NXP TechSupport
NXP TechSupport

Hello Pranav,

Yes, this is correct.

No additional setting is required.

 

BR, Daniel

 

0 项奖励
回复
5,275 次查看
TomLightning
Contributor III

Hello,

from my point of view you are not able to access the memory (RAM and Flash memory) of the controller if the debug interface is locked. Of course you have to be careful not to implement functions that allow access to data that you don't want to make public (e.g. via CAN or UART).

Tom