- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- i.MX Forums
- :
- i.MX RT Crossover MCUs
- :
- Re: MIMXRT1062xxx5A Secure Bootloader
MIMXRT1062xxx5A Secure Bootloader
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
MIMXRT1062xxx5A Secure Bootloader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all,
We are using the MIMXRT1062xxx5A and NOR flash and we are planning to implement a secure bootloader.
Basically, from POR and after ROM bootloader is executed, the secure bootloader will be executed next, then follow by the application (if there is a valid one).
The secure bootloader will check if there is a valid application and if yes it jumps to application otherwise it just stays in the secure bootloader and wait for the end user to trigger firmware upgrade/flashing request. Similarly, if from application a firmware upgrade request is received, it jumps back to secure bootloader.
But before firmware upgrade request is executed, the secure bootloader should check that the firmware upgrade request is genuine/authentic. And here comes the big HOW? We are still trying to figure out on how to do it. Any idea on how to do it is very much appreciated.
Questions:
1. Is the iMXRT MCU able to support a secure bootloader implementation? I mean, whether there is available hardware register that can generate some form of key and available tool to interpret it.
2. Are there any available documents/examples that we can refer to as a starting point?
Thank you.
Regards,
Rudy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We've been working on a similar bootloader and application firmware for RT1062 for months now. We started with the SBL&SFW projects, added signing and are only now looking at the suggestions of AN12681.
I really wish NXP made it easier than it currently is! Seems like a basic requirement for any embedded system these days so why not just make it simple. There seems to be a forever growing list of host utilities. Some of which perform the same tasks. So it gets very confusing when reading all the different app notes which don't seem to align well.
Does anyone have a good resource that explains the process of implementing encrypted firmware images for the i.MX RT10XX range? Besides the ones mentioned above...
jingpan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Rudy25 ,
Please refer to AN12681 and SBL&SFW user guide.
AN12681 show you how to sign your secure bootloader(could base on SBL). SBL&SFW user guide show you how to make a signed application(SFW) and how SBL verify it. So, it's a combine of two things.
Regards,
Jing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @jingpan ,
Can you please provide the link of the documents that you mentioned?
Thank you.
Regards,
Rudy
jingpan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
