FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

S32K344 HSE Secure NVM and main system application NVM conflict

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

S32K344 HSE Secure NVM and main system application NVM conflict

‎05-09-2025 01:38 AM
777 Views
zhupeiwen
Contributor I

zhupeiwen_0-1746779824496.png

 

Background:

As we can see from the reference above, the HSE subsystem has its own Dflash which is the so called"Secure NVM" and outside of HSE Subsystem is another Dflash called"Application NVM".

The HSE Secure NVM is used to stored  some most critical important data like keys and counters, and this is becoming a mainstream requirement from most OEMs from cyber-security perspective. 

 

Problem Description:

In some certain case that the whole system access the "Application NVM" and "Secure NVM" at the same time, maybe in a short time, it will cause a Bus Conflict, which result in a failure case of the Micro controller. The case could happen during the vehicle manufacture production line which will use some of the UDS client to write the calibration value together with the keys.

Actually this is due to that the "Application NVM" and "Secure NVM" are originally designed as a same dflash with its programmer. When you have a HSE Firmwire configured, this orginal dflash will be seperated into 2 part D-flash,one is for HSE to use, the secure NVM, one is the Application NVM for the non-HSE subsystem to use. 

 

Questions:

1. What is the complete description of this failure case? For example, within what time frame would sharing a programmer lead to conflicts, such as 10ms? What are the specific manifestations, causes, and outcomes of the conflict? Is there any related testing to prove this?

2. Under the design of K344, are there any non-chip-related solutions?
A. Through software configuration: Are there any configurations in the chip that can resolve the issue through bus isolation or timing methods? For instance, when using D flash to store information for the main core (non-network security related), could I intentionally control the HSE storage task to be pending, waiting until it ends before proceeding with operations? Or, when using the main core's non-network security bus, could I disallow the use of network security bus resources, waiting until they are free before using them?
B. By adjusting the timing of the data injection from the host computer: Could I intentionally adjust the timing of the data that needs to be stored from the host computer (such as UDS command timing), first storing non-network security related information, then deliberately delaying for 1 second before storing security information (such as keys)?

3. Are there other chips that can solve this problem? Could you briefly introduce them?

0 Kudos
Reply
2 Replies

‎05-12-2025 01:31 AM
746 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @zhupeiwen 

This is thoroughly explained in HSE-B Firmware Reference Manual v2.4 in section "14.6.5 Synchronizing flash read/write access between HSE and application core".

It's up to user to maintain the synchronization. There's SW example in that section and there's description of possible scenarios in tables 147, 148 and 149. This is valid for all S32K3 devices.

Regards,

Lukas

0 Kudos
Reply

‎05-12-2025 03:57 AM
726 Views
zhupeiwen
Contributor I
Ty, Lucas, i have the 2.3 version currently but i will try to search the 2.4 version and check.
Appreciated for your reply!
0 Kudos
Reply