FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

s32k144

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

s32k144

Jump to solution
‎05-12-2025 02:33 AM
2,102 Views
soulyoung
Contributor I

Hello, I would like to ask  questions.

1.Regarding whether the device can be restored to its factory settings and the strict sequential startup mode can be canceled through the CMD_SBG_CAL and CMD_SBG_SUTH commands after enabling strict sequential startup, I see that strict sequential startup is irreversible. And the condition for restoring factory settings is whether there is a write protected key, so I would like to confirm.

2.I am currently disabling mass erase and enabling SEC and enabling the backdoor, and the program has passed the backdoor key verification. How can I simulate the program through Keil now, because I found that the simulation prompts a failure and cannot connect to the chip. If I temporarily unlock SEC, how should I connect to the device through jlink, preferably with Keil simulation program

Tags (1)
0 Kudos
Reply
1 Solution

Jump to solution
‎05-12-2025 10:49 PM
2,081 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @soulyoung 

1. If you configure strict sequential secure boot mode or if there's write protected key, it's not possible get back to factory state.

2. The key point is that you need to attach the debugger without reset because unsecuring via backdoor is temporary only and the device is secured again after next reset. For example, when Pemicro debug probe is used in S32DS, it can be done like this:

https://community.nxp.com/t5/S32-Design-Studio/How-attach-to-running-program/m-p/1030376/highlight/t...

If a debugger from Lauterbach is used, you can use command sys.attach.

Not sure about Keil, please contact their support directly.

Regards,

Lukas

View solution in original post

0 Kudos
Reply
4 Replies

Jump to solution
‎05-12-2025 10:49 PM
2,082 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @soulyoung 

1. If you configure strict sequential secure boot mode or if there's write protected key, it's not possible get back to factory state.

2. The key point is that you need to attach the debugger without reset because unsecuring via backdoor is temporary only and the device is secured again after next reset. For example, when Pemicro debug probe is used in S32DS, it can be done like this:

https://community.nxp.com/t5/S32-Design-Studio/How-attach-to-running-program/m-p/1030376/highlight/t...

If a debugger from Lauterbach is used, you can use command sys.attach.

Not sure about Keil, please contact their support directly.

Regards,

Lukas

0 Kudos
Reply

Jump to solution
‎05-15-2025 02:24 AM
2,045 Views
soulyoung
Contributor I

soulyoung_0-1747300917824.png

It seems that the inability to stop the CPU caused the burn failure, How to burn the program like this,Looking forward to your answer

0 Kudos
Reply

Jump to solution
‎05-16-2025 03:07 AM
2,014 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

The device is still running after "hot attach". It's necessary to stop execution and then you can run flash scripts. But everything depends on used tools...

Another option is to do the "hot attach", then stop the execution and then just write manually to flash registers to erase the first sector and then program the flash configuration field back to unsecured state. Something like this (example only, it programs different addresses), just run the same procedure manually by your debugger:

lukaszadrapa_0-1747389916132.png

 

0 Kudos
Reply

Jump to solution
‎05-15-2025 01:24 AM
2,058 Views
soulyoung
Contributor I
Thank you very much for your answer. I have another question on my end. After temporarily releasing the SEC, can I rewrite the app code (such as placing the app address at 0x4000) and how can I do it
0 Kudos
Reply