帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Disable Communication/Serial/JTAG ports

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决
跳至解决方案

Disable Communication/Serial/JTAG ports

跳至解决方案
‎06-24-2022 04:35 AM
2,883 次查看
Nikhil_Dhameliya
Contributor II

Hi Team,

I am using NXP MIMXRT1064xx controller and I need to use protect/disable JTAG/Serial/Communication ports for security purpose.

So can you please guide me or suggest any way/s to do the same?

Regards,

Nikhil Dhameliya

0 项奖励
回复
1 解答

跳至解决方案
‎06-27-2022 09:20 PM
2,864 次查看
kerryzhou
NXP TechSupport
NXP TechSupport

Hi @Nikhil_Dhameliya ,

  Thank you for your updated information.

  You may misunderstand the fuse function, fuse, just can modify from 0 to 1, if you burn it, it can't be back any more to this chip.

  Answer your questions:

  • SJC_DISABLE Fuse : 0 - JTAG is enabled, 1 - JTAG is disabled
    • Can we DISABLE JTAG by burning this eFuse using NXP MCU Boot Utility and again ENABLE?

=>Answer: After it is 1, no longer modify it back to 0 anymore. It is the fuse bit feature.

  • What is the purpose of JTAG_HEO eFuse? Can it re-enable JTAG after disabled previously?

=>Answer:  If you don't use the secure, don't need to care about it when you just want to use the JTAG enable or not. as it is used for the HAB.

kerryzhou_0-1656389857075.png

 

  • I am using NXP MIMXRT1064xxxxA processor so same document and script is valid for this processor as well?

=>Answer: yes, RT1064 is the same, you can use it. But please make sure you need to use the secure JTAG or not, if just the JTAG/SWD switch or disable, you don't need to totally follow the AN with secure.

 

Wish it helps you!

Best Regards,

Kerry

在原帖中查看解决方案

0 项奖励
回复
12 回复数

跳至解决方案
‎07-08-2022 05:56 AM
2,777 次查看
Nikhil_Dhameliya
Contributor II

Hi @kerryzhou ,

Is it possible to disable debug access from application code and then it can be enable when flash is fully erased from programming device(PEMICRO's external utility) as client don't want to opt for Secure JTAG/Permanently disable JTAG access?

Please suggest a way if any.

Thanks and Regards,

Nikhil Dhameliya

0 项奖励
回复

跳至解决方案
‎07-10-2022 07:24 PM
2,730 次查看
kerryzhou
NXP TechSupport
NXP TechSupport

Hi @Nikhil_Dhameliya ,

   Debug interface disable need to use the fuse to disable it, but as you know, the fuse just can modify from 0 to 1, and can't back.

  So, if you use the fuse to disable the debug interface, then you can't open it.

 

Best Regards,

Kerry

0 项奖励
回复

跳至解决方案
‎06-26-2022 05:49 PM
2,872 次查看
kerryzhou
NXP TechSupport
NXP TechSupport

Hi @Nikhil_Dhameliya ,

   Please check the following application note, it will help you understand the JTAG interface:

    https://www.nxp.com/docs/en/application-note/AN12419.pdf

https://www.nxp.com/docs/en/application-note-software/AN12419SW.zip

  You need to modify the fuse bit, the application note already list, please note, when you operate it, do it carefully, as the fuse bit just can be modified from 0 to 1, can't be back.

Wish it helps you!

Best Regards,

Kerry

0 项奖励
回复

跳至解决方案
‎06-27-2022 04:11 AM
2,868 次查看
Nikhil_Dhameliya
Contributor II

Hi @kerryzhou ,

Thanks for a quick response and providing AN and Scripts.

I have below queries still so can you please answer those as my purpose is to ENABLE and DISABLE JTAG as per need(Not permanently enable or disable).

  1. SJC_DISABLE Fuse : 0 - JTAG is enabled, 1 - JTAG is disabled
    • Can we DISABLE JTAG by burning this eFuse using NXP MCU Boot Utility and again ENABLE?
  2. What is the purpose of JTAG_HEO eFuse? Can it re-enable JTAG after disabled previously?
  3. I am using NXP MIMXRT1064xxxxA processor so same document and script is valid for this processor as well?

Regards,

Nikhil Dhameliya

0 项奖励
回复

跳至解决方案
‎06-27-2022 09:20 PM
2,865 次查看
kerryzhou
NXP TechSupport
NXP TechSupport

Hi @Nikhil_Dhameliya ,

  Thank you for your updated information.

  You may misunderstand the fuse function, fuse, just can modify from 0 to 1, if you burn it, it can't be back any more to this chip.

  Answer your questions:

  • SJC_DISABLE Fuse : 0 - JTAG is enabled, 1 - JTAG is disabled
    • Can we DISABLE JTAG by burning this eFuse using NXP MCU Boot Utility and again ENABLE?

=>Answer: After it is 1, no longer modify it back to 0 anymore. It is the fuse bit feature.

  • What is the purpose of JTAG_HEO eFuse? Can it re-enable JTAG after disabled previously?

=>Answer:  If you don't use the secure, don't need to care about it when you just want to use the JTAG enable or not. as it is used for the HAB.

kerryzhou_0-1656389857075.png

 

  • I am using NXP MIMXRT1064xxxxA processor so same document and script is valid for this processor as well?

=>Answer: yes, RT1064 is the same, you can use it. But please make sure you need to use the secure JTAG or not, if just the JTAG/SWD switch or disable, you don't need to totally follow the AN with secure.

 

Wish it helps you!

Best Regards,

Kerry

0 项奖励
回复

跳至解决方案
‎06-28-2022 05:11 AM
2,860 次查看
Nikhil_Dhameliya
Contributor II

Hi @kerryzhou ,

Thanks a lot for answering all my queries.

From this I got to know that once JTAG is disabled, can't be enabled again (Fuse configuration Value can be modified from 0 to 1 only and 1 to 0 transition is not possible)

One more question:

  • Is there any way in NXP MIMXRT1064xxxxA MCU to secure the debug port, so that "any unwanted third party can not read the data from flash before they erase the whole flash"?

 

Best Regards,

Nikhil Dhameliya

0 项奖励
回复

跳至解决方案
‎06-28-2022 06:46 PM
2,850 次查看
kerryzhou
NXP TechSupport
NXP TechSupport

Hi @Nikhil_Dhameliya ,

   Yes, you can use the secure JTAG(AN12419), as you know, it needs the key to access the JTAG, if you don't share it with others, then others can't access the chip through the JTAG.

  Wish it helps you!
Best Regards,

Kerry

0 项奖励
回复

跳至解决方案
‎06-29-2022 05:26 AM
2,846 次查看
Nikhil_Dhameliya
Contributor II

Hi @kerryzhou ,

Thanks a lot for suggesting way to use SECURE JTAG feature.

I am using "PE micro cyclone " external Debugger device for debugging purpose.

So can you please share any reference note on how to use SECURE JTAG feature between NXP MIMXRT1064 MCU and "PE micro cyclone debugger "  as AN12419 only specifies the functionality for "JLINK Debugger"?

Regards,

Nikhil Dhameliya

0 项奖励
回复

跳至解决方案
‎06-29-2022 06:58 PM
2,841 次查看
kerryzhou
NXP TechSupport
NXP TechSupport

Hi @Nikhil_Dhameliya ,

   Sorry, NXP still don't have the PE micro secure JTAG examples.

   It should modify the related debugger script, maybe you can contact with P&E micro side, they will be more familiar with their debugger script files.

   Thanks a lot for your understanding.

Best Regards,

kerry

0 项奖励
回复

跳至解决方案
‎06-30-2022 02:58 AM
2,839 次查看
Nikhil_Dhameliya
Contributor II

Hi @kerryzhou ,

I have checked on PE site and found below link:

Production Programming NXP i.MX RT10xx devices with Secure Boot (pemicro.com)

Can you please check and let me know that Secure JTAG feature is supported in NXP MCU using PE debugger or not?

Regards,

Nikhil Dhameliya

0 项奖励
回复

跳至解决方案
‎06-30-2022 07:02 PM
2,832 次查看
kerryzhou
NXP TechSupport
NXP TechSupport

Hi @Nikhil_Dhameliya ,

  From your link, chapter 3 Restricting JTAG Access with a Password is the secure JTAG.

  I think, for the details, eg, normal PEmicro debug Multilink, please check with the PE side:

  https://www.pemicro.com/support/index.cfm

  They will be more familiar with their tools and the script.

 

Best Regards,

Kerry

0 项奖励
回复

跳至解决方案
‎07-01-2022 03:38 AM
2,827 次查看
Nikhil_Dhameliya
Contributor II

Hi @kerryzhou ,

Thanks for a such great help.

I had got all information required for Securing JTAG of NXP MCU.

Regards,

Nikhil Dhameliya

回复