FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

[s32k3] is it possible to re-flash unsecure software after secure boot enabled?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

[s32k3] is it possible to re-flash unsecure software after secure boot enabled?

Jump to solution
‎05-30-2025 07:34 AM
391 Views
pasa_kevin_y
Contributor III

Once the hardware is in mass production stage, the secure boot is enabled, LC is OEM_PROD.

Say we found some issue in it, and we want to do some diagnostics.

We have the jtag access, we can re-flash another testing software to it, the entire flash memory will be overwritten, will the chip boot up with the unsecure software?  is NXP HSE allow it to happen?

0 Kudos
Reply
1 Solution

Jump to solution
‎06-03-2025 05:39 PM
328 Views
VaneB
NXP TechSupport
NXP TechSupport

Hi @pasa_kevin_y 

When you flash a new application to the device, there is the specific bit in the IVT (Image Vector Table) that controls whether Secure Boot is enabled. If you remove the Secure Boot bit in the IVT, the device will not perform a secure boot.  This means the boot process will skip the security checks that normally verify the integrity and authenticity of the application.

 

BR, VaneB

View solution in original post

Reply
1 Reply

Jump to solution
‎06-03-2025 05:39 PM
329 Views
VaneB
NXP TechSupport
NXP TechSupport

Hi @pasa_kevin_y 

When you flash a new application to the device, there is the specific bit in the IVT (Image Vector Table) that controls whether Secure Boot is enabled. If you remove the Secure Boot bit in the IVT, the device will not perform a secure boot.  This means the boot process will skip the security checks that normally verify the integrity and authenticity of the application.

 

BR, VaneB

Reply