I want to securely store some data in S32K144 microcontroller.
Once the data is stored, only application running in the processor should be able to read the data and no external person should be able to read it back by reading from a memory location.
My idea was to store the data in FlexNVM and enable the JTAG lock once the data is written to FlexNVM.
Is my approach correct?
If not, please let me know if there is another way to achieve this.
Solved! Go to Solution.
The MCU is secure when the FSEC[SEC] register != 0b10.
The register is loaded from the Flash Configuration Field during system reset so that the MCU can be secure right out of the reset.
You can load the FlexNVM (DFlash) data along with the application that locks the MCU
Or you can do it later using the Backdoor key which temporarily unlocks the MCU.
The MCU is then locked again on the next system reset.
I just want to confirm the security settings.
Below are the requirements which are intended to be taken care of,
1. JTAG should not be accessible even with the security key.
2. Mass erase should be prevented.
3. JTAG should not be accessible in normal conditions as well.
I am setting this value to FSEC register.
FSEC = 0x64
Please let me know if the setting I am using is correct and if any additional settings are required.
from my point of view you are not able to access the memory (RAM and Flash memory) of the controller if the debug interface is locked. Of course you have to be careful not to implement functions that allow access to data that you don't want to make public (e.g. via CAN or UART).