- NXP Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- Vigiles
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Home
- :
- Product Forums
- :
- S32K
- :
- S32K144 Setting FSEC bits to Secure
S32K144 Setting FSEC bits to Secure
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello.
I am developing on a S32K144 , usually in debug mode with the device unsecured.
This way the application works well.
In order to secure the device I set the SEC bits of FSEC reg. from "10" to "11" in the starup.S file as below
/* Flash Configuration */
.section .FlashConfig, "a"
.long 0x81A15632 /* 8 bytes backdoor comparison key */
.long 0x5F6F7F3F /* */
.long 0xFFFFFFFF /* 4 bytes program flash protection bytes */
.long 0xFFFF7BBF /* FDPROT:FEPROT:FOPT:FSEC
Only the LSBit of the last long word has changed (before changing it was .long 0xFFFF7BBE)
This way the device does not work , no sign of activity (also after repowering OFF/ON, disconnected from the programmer)
I use the Multilink Universal (PEMicro) to program the device with "freescale_s32k144f512m15_pflash_dflash_eeprom.arp" programming algorithm.
I use S32 Design Studio for S32 Platform Version: 3.4 for developing.
If I change back to "10" the SEC bits of FSEC register everything turns to works.
Does anybody know what is wrong or has an idea about this problem. I have made many attempts to solve but with no success.
Thank you very much.
Nicola
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello VaneB.
The problem was not in the firmware .
To solve the issue first I program the target with FSEC bits set in mode "unsecure" in "Startup... .S" file.
.long 0xFFFF7BBE // FDPROT:FEPRO:FOTP:FSEC
Then I change the bits above in mode "Secure"
.long 0xFFFF7BBF // FDPROT:FEPRO:FOTP:FSEC
Rebuild all.
Then I start a new programming/debugging session preserving two memory ranges:
0x00000 -> 0x0040B and 0x00410 -> 0x7FFFF
so that I program only the four bytes FDPROT:FEPRO:FOTP:FSEC
After programming, the debugger tries to connect to target but now the target is secured.
So it asks me if I want to erase the target.
I answer "No" for two times , then the debugger stops and disconnects from target.
Now the target is locked.
At this time, if I unplug the usb cable of the debugger from the PC, the target becomes active and executes the application firmware correctly.
Now the target is working well and is secured.
Thank you.
Best regards
Nicola
VaneB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just to clarify, when you say, "device is not working, no signs of activity" do you mean that no code loaded into the MCU is executed?
When security is enabled (FSEC[SEC] != 10), the debug port capabilities are limited to prevent exploitation of secure data. In the secure state, the debugger still has access to the MDM-AP Status Register and can determine the current security state of the device. In the case of a secure device, the debugger also has the capability of performing a mass erase operation via writes to the MDM-AP Control Register.
B.R.
VaneB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello VaneB.
Thank you for your reply and question.
I say "device is not working, no signs of activity" because in the main cycle of the firmware I produce some pulses on leds and "debug pins " which I can monitor with an oscilloscope . Normally I have a periodic pulse on these pins but when I secure the device the output of these pins stay low.
I know I cannot use the debugger when the device is secured. Also the debugger correctly recognize the device is secured and ask me to mass erase if I want to reprogram. I can perform mass erase with no problem.
I think the problem is in the use of the programmer/debugger.
I use GDB PEMicro Interface Debugging to program and debug the target.
I'd like to have only the programmer part without debugging section: I think that the software of PEMicro tries to connect to the target after programming but the device is secured and something wrong is done after programming. It also ask me to Erase the device because he tries to connect but it cannot. But even if I answer "NO" the target doesn't work after powering OFF/ON .
Attached the reports of the programming/debugging console:
it asks me two times if I want to MassErase after programming and I say NO for two times.
But the target doesn'work.
Thank you for your cooperation
Nicola
VaneB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check out the following community post discusses that when securing S32K144 and S32K146, they have no CAN response.
CAN unresponsive after securing S32K14x
It may help you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello VaneB.
The problem was not in the firmware .
To solve the issue first I program the target with FSEC bits set in mode "unsecure" in "Startup... .S" file.
.long 0xFFFF7BBE // FDPROT:FEPRO:FOTP:FSEC
Then I change the bits above in mode "Secure"
.long 0xFFFF7BBF // FDPROT:FEPRO:FOTP:FSEC
Rebuild all.
Then I start a new programming/debugging session preserving two memory ranges:
0x00000 -> 0x0040B and 0x00410 -> 0x7FFFF
so that I program only the four bytes FDPROT:FEPRO:FOTP:FSEC
After programming, the debugger tries to connect to target but now the target is secured.
So it asks me if I want to erase the target.
I answer "No" for two times , then the debugger stops and disconnects from target.
Now the target is locked.
At this time, if I unplug the usb cable of the debugger from the PC, the target becomes active and executes the application firmware correctly.
Now the target is working well and is secured.
Thank you.
Best regards
Nicola
