S32K144 unlock Secure debug

Hi,

Thank you for the references provided.

We have reviewed:
- S32DS1.3 Backdoor Access Key example
- winIDEA S32K1xx JTAG Lock blog

The winIDEA blog shows how to lock S32K1xx devices using Flash Security byte (0x40C),
but we need the procedure to UNLOCK an already secured S32K1xx device via winIDEA.

The iSYSTEM unlock documentation only covers S32K3xx and S32G2xx devices with
password parameters, which are not available for S32K1xx in winIDEA.

Could you please provide:
1. The specific winIDEA procedure to unlock a secured S32K1xx device?
2. How to configure the backdoor access key method in winIDEA for S32K1xx?

Hi @Kishore_14,

I am not sure what is the specific procedure to unlock the S32K device through winIDEA. Since this SW is not from NXP, rather from a third-party, could you try contacting them instead? Online Help - iSYSTEM.

In order to unlock the S32K1xx, you either need to enable and enter the backdoor key or mass erase must be enabled.

The backdoor key can be used to unlock the MCU by the FTFC command only. (Unlock flash on S32K144W from firmware - NXP Community)

If you want to unlock the MCU from outside, you need to mass erase the whole chip. 

I've found this post explaining the same thing, using winIDEA: Arm Cortex-M: Locked/secured device - TASKING Knowledge Base.

Best regards,
Julián

We have an additional question regarding S32K1xx secure debug unlock:

Hardware Debugger Support:
1. S32 Debugger- Shows "Secure debugging" option in S32DS:
- "Enable secure debugging" checkbox available
- "Debugging type: Password" dropdown available
-  We don't have S32 debugger hardware

2. PEMicro Debugger - No secure debugging option visible:
-  We have PEMicro hardware
-  No secure debugging options in S32DS interface
-  We don't have PEMicro license

1. Does PEMicro debugger support S32K1xx secure debug unlock?
2. Is the secure debugging feature only available with S32 debugger hardware?
3. If PEMicro supports it, how do we enable secure debugging options for S32K1xx with PEMicro?

Hi @Kishore_14,

1. Does PEMicro debugger support S32K1xx secure debug unlock?

Not as far as I'm aware. 

2. Is the secure debugging feature only available with S32 debugger hardware?

Secure debugging is only available for S32G/R/Z devices. You can see that selecting the S32K144 device disables the "Secure debugging" option:

3. If PEMicro supports it, how do we enable secure debugging options for S32K1xx with PEMicro?

Hi Julian,

Following up on your previous response about "backdoor key by FTFC command" for S32K1xx:

1. When you mention "backdoor key by FTFC command," do you mean using the example project Example_S32K144_Verify_Backdoor_Access_Key_S32DS1.3_v2 approach with FTFC command 0x45?

2. If I'm using a different project (like a bootloader), do I need to hardcode the backdoor key unlock code into every project?

Thanks.

Hi @Kishore_14,

1. Yes. 

2. I'm not sure if I understood the question correctly. The FSEC register is a read-only register and is loaded with the content of the flash security byte in the Flash Configuration Field located in program flash memory during the reset sequence. The configuration field holds the Backdoor comparison key as well and is configurable in startup_S32K1XX.S file.

If you are referring to loading the key through FTFC, you can create a routine which receives the key through UART, CAN, SPI, etc. (except JTAG/SWD) and loads the key, thus un-securing the device and unlocking JTAG/SWD interface as well until the next reset.

Best regards,
Julián