- NXP Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- Vigiles
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Home
- :
- i.MX Forums
- :
- i.MX RT
- :
- OTFAD and using flash as FEE
OTFAD and using flash as FEE
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are developing an application to iMXRT1010 and want to use the last 1MB of the XIP flash chip as non-volatile data storage (FEE). How can we set up the encrypted boot and the OTFAD so that only the code section of the flash is encrypted and decrypted during execution, while the data section is not affected by it?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
The range of memory decrypted is defined by the OTFAD registers
OTFAD_CTX0_RGD_W0 (start address - 1k aligned)
and
OTFAD_CTX0_RGD_W1 (end address - 1k aligned)
and these registers can be changed during operation.
Therefore once your application starts you can adjust the end address value (as needed) and use the excluded flash area for other purposes without decryption.
Regards
Mark
[uTasker project developer for Kinetis and i.MX RT]
Contact me by personal message or on the uTasker web site to discuss professional training, solutions to problems or rapid product development requirements
For professionals searching for faster, problem-free Kinetis and i.MX RT 10xx developments the uTasker project holds the key: https://www.utasker.com/iMX/RT1011.html
See the uTasker project for accurate BEE and OTFAD emulation and a turn-key secure solution (OTA, clone-/IP protection and in-field updating) using a unified method that gives compatibility between i.MX RT devices with BEE and OTFAD and flexibility in changing AES256 keys rather than one-shot eFUSE programming).
It allows securing any application within 5 minutes without the usual steep learning cure and numerous tools needing to be set up.
- Boot loader concept including XiP on-the-fly decryption, clone protection or AES256 protected RAM execution.
-- Boot Loader concept flow chart: https://www.utasker.com/docs/iMX/Loader.pdf and usage reference https://www.utasker.com/docs/iMX/uTaskerLoader_TestDrive.pdf
-- Serial Loader features: https://www.utasker.com/docs/uTasker/uTaskerSerialLoader.pdf
-- Building the loader with MCUXpresso: https://www.utasker.com/docs/iMX/MCUXpresso.pdf (and video guide https://youtu.be/p_eUGo6GypY ) - the guide document explains how to use with any application (eg. SDK) and to enabling its operation with On-The-Fly decryption in 5 minutes
-- Building the loader with IAR: https://www.utasker.com/docs/iMX/IAR.pdf (and video guide https://youtu.be/XPCwVndP99s )
-- Building the loader with VisualStudio and GCC: https://www.utasker.com/docs/iMX/GCC.pdf (and video guide https://youtu.be/0UzLLSXABK8 )
Video Guide to encrypting NXP SDK examples to run from XiP memory using on-the-fly decryption and uploading with the µTasker loader: https://www.youtube.com/watch?v=5iT7KP691ls&list=PLWKlVb_MqDQEOCnsNOJO8gd3jDCwiyKKe&index=10
Video Guide to encrypting NXP SDK examples to run at optimal speed in internal RAM and uploading with the µTasker loader:
https://www.youtube.com/watch?v=fnfLQ-nbscI&list=PLWKlVb_MqDQEOCnsNOJO8gd3jDCwiyKKe&index=11
Video Guide for Embedded Artist OEM Module for i.MX RT 1062 showing precise secured application operation analysis: https://youtu.be/o7hQbOqhJoc
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
The range of memory decrypted is defined by the OTFAD registers
OTFAD_CTX0_RGD_W0 (start address - 1k aligned)
and
OTFAD_CTX0_RGD_W1 (end address - 1k aligned)
and these registers can be changed during operation.
Therefore once your application starts you can adjust the end address value (as needed) and use the excluded flash area for other purposes without decryption.
Regards
Mark
[uTasker project developer for Kinetis and i.MX RT]
Contact me by personal message or on the uTasker web site to discuss professional training, solutions to problems or rapid product development requirements
For professionals searching for faster, problem-free Kinetis and i.MX RT 10xx developments the uTasker project holds the key: https://www.utasker.com/iMX/RT1011.html
See the uTasker project for accurate BEE and OTFAD emulation and a turn-key secure solution (OTA, clone-/IP protection and in-field updating) using a unified method that gives compatibility between i.MX RT devices with BEE and OTFAD and flexibility in changing AES256 keys rather than one-shot eFUSE programming).
It allows securing any application within 5 minutes without the usual steep learning cure and numerous tools needing to be set up.
- Boot loader concept including XiP on-the-fly decryption, clone protection or AES256 protected RAM execution.
-- Boot Loader concept flow chart: https://www.utasker.com/docs/iMX/Loader.pdf and usage reference https://www.utasker.com/docs/iMX/uTaskerLoader_TestDrive.pdf
-- Serial Loader features: https://www.utasker.com/docs/uTasker/uTaskerSerialLoader.pdf
-- Building the loader with MCUXpresso: https://www.utasker.com/docs/iMX/MCUXpresso.pdf (and video guide https://youtu.be/p_eUGo6GypY ) - the guide document explains how to use with any application (eg. SDK) and to enabling its operation with On-The-Fly decryption in 5 minutes
-- Building the loader with IAR: https://www.utasker.com/docs/iMX/IAR.pdf (and video guide https://youtu.be/XPCwVndP99s )
-- Building the loader with VisualStudio and GCC: https://www.utasker.com/docs/iMX/GCC.pdf (and video guide https://youtu.be/0UzLLSXABK8 )
Video Guide to encrypting NXP SDK examples to run from XiP memory using on-the-fly decryption and uploading with the µTasker loader: https://www.youtube.com/watch?v=5iT7KP691ls&list=PLWKlVb_MqDQEOCnsNOJO8gd3jDCwiyKKe&index=10
Video Guide to encrypting NXP SDK examples to run at optimal speed in internal RAM and uploading with the µTasker loader:
https://www.youtube.com/watch?v=fnfLQ-nbscI&list=PLWKlVb_MqDQEOCnsNOJO8gd3jDCwiyKKe&index=11
Video Guide for Embedded Artist OEM Module for i.MX RT 1062 showing precise secured application operation analysis: https://youtu.be/o7hQbOqhJoc
