hello,
<1> If my device enters safe mode, is the debugger unable to connect?
<2>There are several ways to release security
1、The first method is to erase all block commands to remove read protection, but if CESc is enabled or write protection is present, the command cannot be executed. If CSEc and write protection are not enabled, the device can be set to unsecured state. Am I understanding right?
2、The second method is to use the back door command, provided that the back door key has been configured. If the back door key has never been configured, the command cannot be executed. If the back door key has been configured, calling this command to pass in the correct key can make the device enter an unsecure state. I wonder if I understand this method correctly? I have a question: If the debug cannot be connected when it is in a secured state, how can this back door key be passed to the key stored in the device kernel for comparison?
3、Another question is whether it is temporary to appeal two methods to change the device from a safe state to an unsafe state? If reset, does the device return to the original secured mode?
4、If you want to keep the unsafe state after resetting the device, you need to call the erase all blocks unsecure command?
wish your help
Hi Kui,
I expect that "safe" means secure.
<1>. Debugger can be connected but the operation is limited:
<2>.
1. Yes, that's correct.
2. You can find SW sample here:
Example S32K144 Verify Backdoor Access Key S32DS1.3
For example, you can use UART to pass the key to application and the application is then responsible to run Verify Backdoor Access Key command. In other words - this must be solved on application level.
3. Yes, if you use Backdoor key, it's unsecured temporarily only.
4. You need to change flash configuration field (FSEC) to unsecured state.
Regards,
Lukas
hello,
if MEEN is disabled(it means debugger can not erase all block) and The user has not programmed to receive the back door key before enter secure, then s32k146 device enter to secure, how to chang device to unsecure? it seems has no way. Erase All Blocks command and Erase All Blocks Unsecure command also can not execute!
I have a uart bootloader, it run is good. but
about S32K144 FSEC
now my setup in startup_S32K144.s
1. SEC bit is secured
2. MEEN Mass erase is disabled
I don't know th KEYEN bit is enabled or not , and FSLACC factory access granted or not.
Now the SWD is disabled, application update only by bootloader.
the Example S32K144 Verify Backdoor Access Key S32DS1.3 is usefull ?
Thanks!
hello,
when used verify backdoor access keys command to release the security of the MCU, whether can i use debugger to access the memory such as flash data or EEPROM data? i think the memory should be accessed in debug mode. but when debug again it will tips the mcu is security after i used verify backdoor access keys command to release the security of the MCU, so this made me confused What is the application scenario for the backdoor key.